BUG: unable to handle kernel NULL pointer dereference in usb_start_wait

BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 1b036c067 P4D 1b036c067 PUD 1b036d067 PMD 0 
Oops: 0000 [#1] SMP KASAN
CPU: 0 PID: 3116 Comm: kworker/0:4 Not tainted 5.7.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
RIP: 0010:__read_once_size include/linux/compiler.h:199 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x43/0x60 kernel/kcov.c:202
Code: 24 74 0f 80 e6 01 74 35 8b 90 2c 13 00 00 85 d2 74 2b 8b 90 08 13 00 00 83 fa 02 75 20 48 8b 88 10 13 00 00 8b 80 0c 13 00 00 <48> 8b 11 48 83 c2 01 48 39 d0 76 07 48 89 34 d1 48 89 11 c3 66 0f
RSP: 0018:ffff8881ac2ef5c8 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000002 RSI: ffffffff836d1544 RDI: ffff8881d48a6b7c
RBP: ffff8881c57d0200 R08: 0000000000000001 R09: fffffbfff126c8c6
R10: ffffffff8936462f R11: fffffbfff126c8c5 R12: 0000000000000004
R13: ffff8881d4ac5000 R14: 0000000000000000 R15: ffff8881d3bb54c0
FS:  0000000000000000(0000) GS:ffff8881db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000001b036b000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 usb_hcd_submit_urb+0x2c4/0x2120 drivers/usb/core/hcd.c:1563
 usb_submit_urb+0x6e5/0x1460 drivers/usb/core/urb.c:570
 usb_start_wait_urb+0x101/0x4c0 drivers/usb/core/message.c:58
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:153
 get_port_status drivers/usb/core/hub.c:573 [inline]
 hub_ext_port_status+0x125/0x460 drivers/usb/core/hub.c:590
 hub_port_status drivers/usb/core/hub.c:612 [inline]
 hub_port_debounce+0x18c/0x350 drivers/usb/core/hub.c:4409
 hub_port_debounce_be_stable drivers/usb/core/hub.h:164 [inline]
 hub_port_connect drivers/usb/core/hub.c:5071 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]
 port_event drivers/usb/core/hub.c:5494 [inline]
 hub_event+0x2c63/0x43c0 drivers/usb/core/hub.c:5576
 process_one_work+0x965/0x1630 kernel/workqueue.c:2268
 process_scheduled_works kernel/workqueue.c:2330 [inline]
 worker_thread+0x7ab/0xe20 kernel/workqueue.c:2416
 kthread+0x326/0x430 kernel/kthread.c:268
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:351
Modules linked in:
CR2: 0000000000000000
---[ end trace 263abb92dde2f479 ]---
RIP: 0010:__read_once_size include/linux/compiler.h:199 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x43/0x60 kernel/kcov.c:202
Code: 24 74 0f 80 e6 01 74 35 8b 90 2c 13 00 00 85 d2 74 2b 8b 90 08 13 00 00 83 fa 02 75 20 48 8b 88 10 13 00 00 8b 80 0c 13 00 00 <48> 8b 11 48 83 c2 01 48 39 d0 76 07 48 89 34 d1 48 89 11 c3 66 0f
RSP: 0018:ffff8881ac2ef5c8 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000002 RSI: ffffffff836d1544 RDI: ffff8881d48a6b7c
RBP: ffff8881c57d0200 R08: 0000000000000001 R09: fffffbfff126c8c6
R10: ffffffff8936462f R11: fffffbfff126c8c5 R12: 0000000000000004
R13: ffff8881d4ac5000 R14: 0000000000000000 R15: ffff8881d3bb54c0
FS:  0000000000000000(0000) GS:ffff8881db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000001b036b000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400