==================================================================
BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]
BUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
BUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]
BUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395
Read of size 8 at addr 0000000000000028 by task udevd/5457

CPU: 0 UID: 0 PID: 5457 Comm: udevd Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 kasan_report+0xd9/0x110 mm/kasan/report.c:602
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
 instrument_atomic_read include/linux/instrumented.h:68 [inline]
 _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
 is_event_supported drivers/input/input.c:67 [inline]
 input_event+0x42/0xa0 drivers/input/input.c:395
 input_report_key include/linux/input.h:439 [inline]
 key_down drivers/hid/hid-appleir.c:159 [inline]
 appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232
 __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111
 hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484
 __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650
 usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734
 dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993
 __run_hrtimer kernel/time/hrtimer.c:1739 [inline]
 __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803
 hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820
 handle_softirqs+0x206/0x8d0 kernel/softirq.c:561
 __do_softirq kernel/softirq.c:595 [inline]
 invoke_softirq kernel/softirq.c:435 [inline]
 __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:try_to_wake_up+0x179/0x1150 kernel/sched/core.c:4328
Code: 4d 55 fe ff 65 8b 05 4e 3e d5 7e 85 c0 0f 84 32 07 00 00 48 b8 00 00 00 00 00 fc ff df 48 c7 04 03 00 00 00 00 48 8b 44 24 78 <65> 48 2b 04 25 28 00 00 00 0f 85 69 0d 00 00 48 83 ec 80 89 e8 5b
RSP: 0018:ffffc90005427758 EFLAGS: 00000282
RAX: 61368c19856b6100 RBX: 1ffff92000a84eef RCX: 0000000000000000
RDX: 0000000000000002 RSI: ffffffff8727fee0 RDI: 0000000000000001
RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000001
R10: ffffffff8a560c97 R11: 0000000000000001 R12: ffff88811d636178
R13: ffff88811d6357c0 R14: ffff8881f593d300 R15: 0000000000000000
 wake_up_process kernel/sched/core.c:4454 [inline]
 wake_up_q+0x91/0x140 kernel/sched/core.c:1066
 rwsem_wake.isra.0+0xc6/0x120 kernel/locking/rwsem.c:1212
 __up_read+0x3c7/0x760 kernel/locking/rwsem.c:1350
 kernfs_dop_revalidate+0x352/0x5a0 fs/kernfs/dir.c:1178
 d_revalidate fs/namei.c:927 [inline]
 d_revalidate fs/namei.c:924 [inline]
 lookup_fast+0x239/0x540 fs/namei.c:1752
 walk_component+0x5b/0x5b0 fs/namei.c:2108
 link_path_walk.part.0.constprop.0+0x669/0xd40 fs/namei.c:2477
 link_path_walk fs/namei.c:2409 [inline]
 path_openat+0x228/0x2d60 fs/namei.c:3983
 do_filp_open+0x20c/0x470 fs/namei.c:4014
 do_sys_openat2+0x17a/0x1e0 fs/open.c:1402
 do_sys_open fs/open.c:1417 [inline]
 __do_sys_openat fs/open.c:1433 [inline]
 __se_sys_openat fs/open.c:1428 [inline]
 __x64_sys_openat+0x175/0x210 fs/open.c:1428
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fded14a99a4
Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
RSP: 002b:00007ffef7046870 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fded14a99a4
RDX: 0000000000080000 RSI: 00007ffef70469a8 RDI: 00000000ffffff9c
RBP: 00007ffef70469a8 R08: 0000000000000008 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080000
R13: 00005648ab4b3b42 R14: 0000000000000001 R15: 00005648ab4cf160
 </TASK>
==================================================================
----------------
Code disassembly (best guess), 3 bytes skipped:
   0:	ff 65 8b             	jmp    *-0x75(%rbp)
   3:	05 4e 3e d5 7e       	add    $0x7ed53e4e,%eax
   8:	85 c0                	test   %eax,%eax
   a:	0f 84 32 07 00 00    	je     0x742
  10:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  17:	fc ff df
  1a:	48 c7 04 03 00 00 00 	movq   $0x0,(%rbx,%rax,1)
  21:	00
  22:	48 8b 44 24 78       	mov    0x78(%rsp),%rax
* 27:	65 48 2b 04 25 28 00 	sub    %gs:0x28,%rax <-- trapping instruction
  2e:	00 00
  30:	0f 85 69 0d 00 00    	jne    0xd9f
  36:	48 83 ec 80          	sub    $0xffffffffffffff80,%rsp
  3a:	89 e8                	mov    %ebp,%eax
  3c:	5b                   	pop    %rbx