program:
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000a438f420890b070064ef000000010902"], 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000000))
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
ioctl$SNDCTL_MIDI_PRETIME(r2, 0xc0046d00, &(0x7f0000000000)=0x81)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000100)={0x9, @raw_data="4d4e91bf86d3084f944053fec9af39491557bdeea5f2697a580485955ecb081d00be78233cf1d2d51ec5ad6bd1d0e55f6bdd0a3b789f68765a4b7a49bbc39ce3cc771ab9094cf8cba02e800eb4b44fa3377c108ddf9602e7c2baaf8bea566d9c6243f2bec5c159d2b198ee9b5c02c8150fc0f55f5b3635192e727b84b87c6a70d110e94b142391f82adc64c40fbd8b584fefc973c7ac95e0b5555128e89f8385d97d86a1cad49f8cb5c61470ff874c1e2af096e6733bc028ce0514134202fe858585fd4675958ce8"})
ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f00000000c0)=0x1)
r3 = socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES64=0x0], 0x1, 0x1a5, &(0x7f0000000140)="$eJzsVU2P0kAYfqadtuBBPRsTDxqFg1CKGm56MvwAz0aCFYnFD9pEISTWE//DC3/E/+BB4wUPxmQP7H0zm5l5W4ZN9kDC7rKbeRJ4nnnfeT+mTd95m35KAwBHq1kfz6Dg4jp+MQYO4A7TtueB5v++5gat/3HNdbJ/J/5NnE6m73pJEo9PCna6a1uxs0TbCw/nV+vl2ZeQL/PiHuYVFoBhoU8G+9DY/gghxNddZ14vn35zcKBm2c/VrC/FKwBCCAEU7wPM3OMC+FHuAW5x9WMuRLmHI+9I/QBAMxt9bKaT6cPhqDeIB/H7KGo/CR+F4eOo+WaYxKH+Z0YJh+pKrgOQM7Vq+D0Af6p6zzVsghmtkZ+Zsb4xnGt3N2MdxsvYgivkk7E02yEfwQvcV77POVtbxQ3S6khdMLjgatHiRn/6bBXlaPQ/JK/nYJD3igiAcAEOpwhbwoPDVEIZ6pWedicv2p4T3yPuEi+Il8TFnVXcRVxl+EurWg74+NLLsnFLmrQqbYKQjaObZWWHqh76m4e7HcDCwsLCwsLC4pLhOAAA//9fLWDJ")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000005a40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98}}, {{&(0x7f0000005840)=@file={0x1, './file2\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4004000}}], 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400500142603600e1208000b0000000401a8001600a400014004000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$EVIOCGID(r5, 0x80084502, &(0x7f0000000600)=""/4096)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000500)={0x5, @sliced={0x39, [0x7ff, 0x8, 0x8, 0x3, 0x81, 0x0, 0x8, 0x8, 0xd, 0x9, 0xa26, 0xb, 0x2d, 0x1, 0xb, 0x8, 0x5, 0x342f, 0x4, 0x7fff, 0x0, 0x9, 0x1, 0x2, 0x3, 0x5bdd, 0xfff8, 0x6, 0x4, 0x0, 0x5, 0x9, 0x400, 0x7, 0x5, 0x9d44, 0x57, 0x0, 0x6, 0xb, 0x0, 0xa, 0x1, 0x3, 0xc, 0x8001, 0xffff, 0x9], 0x2}})

[   75.101960][ T5309] Bluetooth: hci0: command tx timeout
[   75.402052][   T54] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   75.551379][   T54] usb 5-1: Using ep0 maxpacket: 32
[   75.557658][   T54] usb 5-1: config 0 has no interfaces?
[   75.560680][   T54] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[   75.566103][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.577829][   T54] usb 5-1: config 0 descriptor??
[   75.791826][ T5330] loop0: detected capacity change from 0 to 8
[   75.815682][ T5330] SQUASHFS error: Failed to read block 0x63a: -5
[   75.832411][ T5330] SQUASHFS error: Unable to read metadata cache entry [638]
[   75.835551][ T5330] SQUASHFS error: Unable to read directory block [26067d:0]
[   75.839528][ T5330] netlink: 'syz.0.0': attribute type 21 has an invalid length.
[   75.847307][ T5330] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   75.851430][ T5330] #PF: supervisor instruction fetch in kernel mode
[   75.854261][ T5330] #PF: error_code(0x0010) - not-present page
[   75.856915][ T5330] PGD 0 P4D 0 
[   75.858465][ T5330] Oops: Oops: 0010 [#1] SMP KASAN NOPTI
[   75.860893][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(full) 
[   75.865731][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.869656][ T5330] RIP: 0010:0x0
[   75.871206][ T5330] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   75.874554][ T5330] RSP: 0018:ffffc9000d6e7998 EFLAGS: 00010283
[   75.877084][ T5330] RAX: ffffffff81f853f4 RBX: 1ffffd40002661f8 RCX: 0000000000100000
[   75.880469][ T5330] RDX: ffffc9000e3ca000 RSI: ffffea0001330fc0 RDI: ffff888042a01380
[   75.883758][ T5330] RBP: ffffc9000d6e7a50 R08: ffffea0001330fc7 R09: 1ffffd40002661f8
[   75.887227][ T5330] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   75.890523][ T5330] R13: ffffea0001330fc8 R14: ffffea0001330fc0 R15: 1ffffd40002661f9
[   75.893922][ T5330] FS:  00007f4eaec486c0(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000
[   75.897425][ T5330] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.899979][ T5330] CR2: ffffffffffffffd6 CR3: 0000000012213000 CR4: 0000000000352ef0
[   75.903123][ T5330] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   75.906346][ T5330] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   75.909614][ T5330] Call Trace:
[   75.911087][ T5330]  <TASK>
[   75.912272][ T5330]  filemap_read_folio+0x117/0x380
[   75.914549][ T5330]  ? __pfx_filemap_read_folio+0x10/0x10
[   75.916960][ T5330]  ? filemap_add_folio+0x1af/0x270
[   75.919172][ T5330]  do_read_cache_folio+0x350/0x590
[   75.921393][ T5330]  freader_get_folio+0x3c4/0x830
[   75.923700][ T5330]  freader_fetch+0xa3/0x5d0
[   75.925668][ T5330]  __build_id_parse+0x133/0x7d0
[   75.927843][ T5330]  ? __pfx___build_id_parse+0x10/0x10
[   75.930293][ T5330]  ? find_vma+0xe7/0x160
[   75.932194][ T5330]  ? __pfx_find_vma+0x10/0x10
[   75.934278][ T5330]  ? query_matching_vma+0x1b2/0x1d0
[   75.936350][ T5330]  procfs_procmap_ioctl+0x7f0/0xce0
[   75.938578][ T5330]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   75.940924][ T5330]  ? __fget_files+0x2a/0x420
[   75.942879][ T5330]  ? __fget_files+0x2a/0x420
[   75.944798][ T5330]  ? __fget_files+0x3a0/0x420
[   75.946722][ T5330]  ? __fget_files+0x2a/0x420
[   75.948862][ T5330]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.950905][ T5330]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   75.953255][ T5330]  __se_sys_ioctl+0xfc/0x170
[   75.955422][ T5330]  do_syscall_64+0xfa/0x3b0
[   75.957478][ T5330]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.959652][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.962244][ T5330]  ? clear_bhb_loop+0x60/0xb0
[   75.964450][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.967022][ T5330] RIP: 0033:0x7f4eadd8e929
[   75.968784][ T5330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.976921][ T5330] RSP: 002b:00007f4eaec48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.980876][ T5330] RAX: ffffffffffffffda RBX: 00007f4eadfb5fa0 RCX: 00007f4eadd8e929
[   75.985121][ T5330] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 000000000000000b
[   75.987996][ T5330] RBP: 00007f4eade10b39 R08: 0000000000000000 R09: 0000000000000000
[   75.990965][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.993859][ T5330] R13: 0000000000000000 R14: 00007f4eadfb5fa0 R15: 00007ffdb5a52c98
[   75.996817][ T5330]  </TASK>
[   75.998122][ T5330] Modules linked in:
[   75.999639][ T5330] CR2: 0000000000000000
[   76.002477][ T5330] ---[ end trace 0000000000000000 ]---
[   76.004610][ T5330] RIP: 0010:0x0
[   76.006388][ T5330] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   76.009603][ T5330] RSP: 0018:ffffc9000d6e7998 EFLAGS: 00010283
[   76.012209][ T5330] RAX: ffffffff81f853f4 RBX: 1ffffd40002661f8 RCX: 0000000000100000
[   76.015778][ T5330] RDX: ffffc9000e3ca000 RSI: ffffea0001330fc0 RDI: ffff888042a01380
[   76.019215][ T5330] RBP: ffffc9000d6e7a50 R08: ffffea0001330fc7 R09: 1ffffd40002661f8
[   76.022631][ T5330] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.026165][ T5330] R13: ffffea0001330fc8 R14: ffffea0001330fc0 R15: 1ffffd40002661f9
[   76.029560][ T5330] FS:  00007f4eaec486c0(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000
[   76.033428][ T5330] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.036293][ T5330] CR2: ffffffffffffffd6 CR3: 0000000012213000 CR4: 0000000000352ef0
[   76.039831][ T5330] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   76.043173][ T5330] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   76.046588][ T5330] Kernel panic - not syncing: Fatal exception
[   76.049618][ T5330] Kernel Offset: disabled
[   76.051503][ T5330] Rebooting in 86400 seconds..