program:
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'comedi_bond\x00', [0x30, 0xe, 0x8, 0xfffffffb, 0x1000, 0x101, 0x6623, 0x6, 0xb, 0x0, 0xfffffffa, 0x2, 0xfffffffe, 0x8, 0x6, 0x7, 0x1, 0x7, 0x4, 0xa261, 0x10, 0x5, 0x9, 0x9, 0x5, 0x4, 0x1, 0xc005, 0x59, 0x7, 0x4]})
setresuid(0x0, 0x0, 0xee00)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x57, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05400000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a300000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a01040000000000000000010000002400048020000180080001006f736600140002800500020000000000080001400000001408000b40000000000900010073797a300000000014000000110001"], 0xd4}}, 0x4040)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev}, {{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "0bc0f7", 0x0, "de9560"}}}}}}, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
ioctl$COMEDI_CMDTEST(r0, 0x8050640a, &(0x7f0000000380)={0xb, 0x1, 0x4, 0x6, 0x100, 0x6, 0x100, 0x5e0, 0xfffffe7b, 0xed, 0x2, 0x8000, &(0x7f0000000040)=[0x9, 0x7fffffff, 0x1, 0x3, 0xfffffffb, 0x8], 0x6, &(0x7f0000000240)="bb019676da46a2263a6b35d7c6e8d1f082c17c33b7d9526c7f52ee15251bdeb1c750351852ab14fb8a73e0d4f71a15221515e3277a8be45325aefd75f42d6055b2c3f5caf8a2d26cd5d70ae6cc58b6f88144a7aa5af2bed12333e68163cb558e249c14", 0x63})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x38}}, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000140)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r4, &(0x7f0000000300)={{0x6, @rose}, [@null, @default, @default, @default, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
listen(r3, 0x1ad72f7)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {0x10, 0xffff}}}, 0x24}}, 0x4000000)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="4400000018001b0000000000000000000a0000000000ff000000000018001600140001000100000000000000000010000000000008000400", @ANYRES32=r7, @ANYBLOB="0600150007"], 0x44}}, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
accept4(r3, &(0x7f0000000e00)=@l2tp6={0xa, 0x0, 0x0, @private1}, &(0x7f0000000e80)=0x80, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x600, 0x1a0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

[   76.416499][ T4707] Bluetooth: hci0: command tx timeout
[   76.420534][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[   76.424042][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[   76.456940][ T5359] comedi comedi0: Minor 48 is invalid!
[   76.481829][ T5359] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   76.484872][ T5359] #PF: supervisor instruction fetch in kernel mode
[   76.487500][ T5359] #PF: error_code(0x0010) - not-present page
[   76.489838][ T5359] PGD 0 P4D 0 
[   76.491262][ T5359] Oops: Oops: 0010 [#1] SMP KASAN NOPTI
[   76.493285][ T5359] CPU: 0 UID: 0 PID: 5359 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.496804][ T5359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.500996][ T5359] RIP: 0010:0x0
[   76.502387][ T5359] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   76.505411][ T5359] RSP: 0018:ffffc9000d507998 EFLAGS: 00010287
[   76.508178][ T5359] RAX: ffffffff81f8e814 RBX: 1ffffd40002655b0 RCX: 0000000000100000
[   76.511811][ T5359] RDX: ffffc9000e4e2000 RSI: ffffea000132ad80 RDI: ffff88803375c540
[   76.515509][ T5359] RBP: ffffc9000d507a50 R08: ffffea000132ad87 R09: 1ffffd40002655b0
[   76.519009][ T5359] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.522548][ T5359] R13: ffffea000132ad88 R14: ffffea000132ad80 R15: 1ffffd40002655b1
[   76.526035][ T5359] FS:  00007f56c5e326c0(0000) GS:ffff88808d007000(0000) knlGS:0000000000000000
[   76.529641][ T5359] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.531948][ T5359] CR2: ffffffffffffffd6 CR3: 00000000426ab000 CR4: 0000000000352ef0
[   76.535209][ T5359] Call Trace:
[   76.536731][ T5359]  <TASK>
[   76.538274][ T5359]  filemap_read_folio+0x114/0x380
[   76.541412][ T5359]  ? __pfx_filemap_read_folio+0x10/0x10
[   76.544721][ T5359]  ? filemap_add_folio+0x1af/0x270
[   76.547927][ T5359]  do_read_cache_folio+0x350/0x590
[   76.551002][ T5359]  freader_get_folio+0x3c4/0x830
[   76.554008][ T5359]  freader_fetch+0xa3/0x5d0
[   76.556648][ T5359]  __build_id_parse+0x133/0x7d0
[   76.559429][ T5359]  ? __pfx___build_id_parse+0x10/0x10
[   76.562505][ T5359]  ? find_vma+0xe7/0x160
[   76.565098][ T5359]  ? __pfx_find_vma+0x10/0x10
[   76.567791][ T5359]  ? query_matching_vma+0x1b2/0x1d0
[   76.570775][ T5359]  procfs_procmap_ioctl+0x7f0/0xce0
[   76.573579][ T5359]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   76.576410][ T5359]  ? __fget_files+0x2a/0x420
[   76.578492][ T5359]  ? __fget_files+0x2a/0x420
[   76.580586][ T5359]  ? __fget_files+0x3a0/0x420
[   76.582744][ T5359]  ? __fget_files+0x2a/0x420
[   76.584786][ T5359]  ? bpf_lsm_file_ioctl+0x9/0x20
[   76.586887][ T5359]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[   76.589461][ T5359]  __se_sys_ioctl+0xf9/0x170
[   76.591560][ T5359]  do_syscall_64+0xfa/0x3b0
[   76.593641][ T5359]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.596015][ T5359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.598638][ T5359]  ? clear_bhb_loop+0x60/0xb0
[   76.600817][ T5359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.603571][ T5359] RIP: 0033:0x7f56c4f8eec9
[   76.605409][ T5359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.613734][ T5359] RSP: 002b:00007f56c5e32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.617410][ T5359] RAX: ffffffffffffffda RBX: 00007f56c51e5fa0 RCX: 00007f56c4f8eec9
[   76.620867][ T5359] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000007
[   76.624147][ T5359] RBP: 00007f56c5011f91 R08: 0000000000000000 R09: 0000000000000000
[   76.627322][ T5359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.630718][ T5359] R13: 00007f56c51e6038 R14: 00007f56c51e5fa0 R15: 00007ffc0914db38
[   76.634155][ T5359]  </TASK>
[   76.635798][ T5359] Modules linked in:
[   76.638070][ T5359] CR2: 0000000000000000
[   76.640512][ T5359] ---[ end trace 0000000000000000 ]---
[   76.643608][ T5359] RIP: 0010:0x0
[   76.645739][ T5359] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   76.649950][ T5359] RSP: 0018:ffffc9000d507998 EFLAGS: 00010287
[   76.653141][ T5359] RAX: ffffffff81f8e814 RBX: 1ffffd40002655b0 RCX: 0000000000100000
[   76.656452][ T5359] RDX: ffffc9000e4e2000 RSI: ffffea000132ad80 RDI: ffff88803375c540
[   76.660120][ T5359] RBP: ffffc9000d507a50 R08: ffffea000132ad87 R09: 1ffffd40002655b0
[   76.663664][ T5359] R10: dffffc0000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.666875][ T5359] R13: ffffea000132ad88 R14: ffffea000132ad80 R15: 1ffffd40002655b1
[   76.670432][ T5359] FS:  00007f56c5e326c0(0000) GS:ffff88808d007000(0000) knlGS:0000000000000000
[   76.675169][ T5359] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.678078][ T5359] CR2: ffffffffffffffd6 CR3: 00000000426ab000 CR4: 0000000000352ef0
[   76.681566][ T5359] Kernel panic - not syncing: Fatal exception
[   76.684428][ T5359] Kernel Offset: disabled
[   76.686285][ T5359] Rebooting in 86400 seconds..