graphic: 0.924
device: 0.922
instruction: 0.854
network: 0.803
vnc: 0.793
socket: 0.771
boot: 0.704
other: 0.552
semantic: 0.435
mistranslation: 0.420
assembly: 0.139
KVM: 0.100

aarch64: usb_mtp_get_data: Assertion `(s->dataset.size == 0xFFFFFFFF) || (s->dataset.size == d->offset)' failed
Description of problem:
When attempting to write to an MTP device in QEMU 8.0.0 on arm64, QEMU will crash at runtime with the following error:
`qemu-system-aarch64: ../hw/usb/dev-mtp.c:1819: usb_mtp_get_data: Assertion '(s->dataset.size == 0xFFFFFFFF) || (s->dataset.size == d->offset)' failed.`

This was observed in Nixpkgs where we use QEMU to provide automated testing of MTP devices for GVFS and jmtpfs, the full log for that test run that crashes due to this QEMU regression on arm64 is available here https://hydra.nixos.org/build/218858556/nixlog/1
Steps to reproduce:
1. Launch a QEMU virtual machine with `-usb -device usb-mtp,rootdir=/tmp,readonly=false` using any QEMU version above 6.0.0
2. Mount the MTP device using something like:
   ```
   mkdir mtpDevice && jmtpfs mtpDevice
   ```
3. Try to write to the mtp device:
   ```
   dd if=/dev/urandom of=./mtpDevice/file
   ```
4. Observe that QEMU will crash when trying to write to the device, like this:
   ```
   client # 10+0 records in
   client # 10+0 records out
   client # 10485760 bytes (10 MB, 10 MiB) copied, 0.0318363 s, 329 MB/s
   client # qemu-system-aarch64: ../hw/usb/dev-mtp.c:1819: usb_mtp_get_data: Assertion '(s->dataset.size == 0xFFFFFFFF) || (s->dataset.size == d->offset)' failed.error
   ```
Additional information: