program:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x15, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x0)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000dc0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x40, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x0, 0xb}}}}}]}}]}}, 0x0) (async)
r2 = syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000dc0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x40, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r2, &(0x7f0000001100)={0x14, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0000000000000000226484f1908b8c5e483ff52f381ad978ea408ce86bab1b971e1687b88c49a40821874f000000000000"]}, 0x0)
syz_usb_control_io(r2, &(0x7f00000015c0)={0x2c, 0x0, &(0x7f0000001480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40b}}, 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io(r2, &(0x7f00000015c0)={0x2c, 0x0, &(0x7f0000001480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40b}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_ep_read(r2, 0x1, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000001680)="f3", 0x1) (async)
write$char_usb(0xffffffffffffffff, &(0x7f0000001680)="f3", 0x1)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_disconnect(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

[   80.914785][ T4657] Bluetooth: hci0: command tx timeout
[   80.918757][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[   80.921661][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[   81.035180][ T5312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.038918][ T5312] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.056017][ T5311] sysfs: cannot create duplicate filename '/module/raw_gadget'
[   81.059287][ T5311] CPU: 0 UID: 0 PID: 5311 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[   81.059301][ T5311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.059307][ T5311] Call Trace:
[   81.059314][ T5311]  <TASK>
[   81.059318][ T5311]  dump_stack_lvl+0x189/0x250
[   81.059437][ T5311]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.059451][ T5311]  ? __pfx__printk+0x10/0x10
[   81.059461][ T5311]  ? kernfs_path_from_node+0x2b/0x260
[   81.059512][ T5311]  ? kernfs_path_from_node+0x2b/0x260
[   81.059524][ T5311]  ? kernfs_path_from_node+0x2b/0x260
[   81.059537][ T5311]  ? kernfs_path_from_node+0x216/0x260
[   81.059551][ T5311]  sysfs_create_dir_ns+0x259/0x280
[   81.059567][ T5311]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   81.059582][ T5311]  ? do_raw_spin_unlock+0x4d/0x240
[   81.059596][ T5311]  kobject_add_internal+0x59f/0xb40
[   81.059647][ T5311]  kobject_init_and_add+0x125/0x190
[   81.059664][ T5311]  ? __pfx_kobject_init_and_add+0x10/0x10
[   81.059677][ T5311]  ? __kasan_kmalloc+0x93/0xb0
[   81.059691][ T5311]  ? __kmalloc_cache_noprof+0x230/0x3d0
[   81.059704][ T5311]  ? lookup_or_create_module_kobject+0x75/0x170
[   81.059716][ T5311]  lookup_or_create_module_kobject+0xe3/0x170
[   81.059728][ T5311]  module_add_driver+0xb9/0x310
[   81.059744][ T5311]  bus_add_driver+0x391/0x640
[   81.059757][ T5311]  driver_register+0x23a/0x320
[   81.059773][ T5311]  usb_gadget_register_driver_owner+0xf9/0x270
[   81.059791][ T5311]  raw_ioctl+0x149a/0x3c90
[   81.059807][ T5311]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   81.059823][ T5311]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   81.059838][ T5311]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[   81.059852][ T5311]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   81.059866][ T5311]  ? __pfx_raw_ioctl+0x10/0x10
[   81.059883][ T5311]  ? count_memcg_event_mm+0x92/0x3b0
[   81.059897][ T5311]  ? __lock_acquire+0xaac/0xd20
[   81.059920][ T5311]  ? __fget_files+0x2a/0x420
[   81.059934][ T5311]  ? __fget_files+0x3a0/0x420
[   81.059945][ T5311]  ? __fget_files+0x2a/0x420
[   81.059958][ T5311]  ? bpf_lsm_file_ioctl+0x9/0x20
[   81.059971][ T5311]  ? __pfx_raw_ioctl+0x10/0x10
[   81.059983][ T5311]  __se_sys_ioctl+0xf9/0x170
[   81.059996][ T5311]  do_syscall_64+0xf6/0x210
[   81.060009][ T5311]  ? clear_bhb_loop+0x45/0xa0
[   81.060022][ T5311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.060032][ T5311] RIP: 0033:0x7f7b1f58e56b
[   81.060042][ T5311] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   81.060050][ T5311] RSP: 002b:00007f7b2047ff10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   81.060063][ T5311] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f7b1f58e56b
[   81.060069][ T5311] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[   81.060075][ T5311] RBP: 00007f7b20480fe0 R08: 0000000000000000 R09: 00302e6364755f79
[   81.060082][ T5311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   81.060088][ T5311] R13: 00007f7b2047ffb0 R14: 0000200000000dc0 R15: 00007f7b1f8e0320
[   81.060103][ T5311]  </TASK>
[   81.060128][ T5311] kobject: kobject_add_internal failed for raw_gadget with -EEXIST, don't try to register things with the same name in the same directory.
[   81.205962][ T5311] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] SMP KASAN NOPTI
[   81.211184][ T5311] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]
[   81.214523][ T5311] CPU: 0 UID: 0 PID: 5311 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[   81.219343][ T5311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.223689][ T5311] RIP: 0010:kasan_byte_accessible+0x12/0x30
[   81.225945][ T5311] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[   81.233626][ T5311] RSP: 0018:ffffc9000d3e7840 EFLAGS: 00010002
[   81.236062][ T5311] RAX: dffffc0000000000 RBX: ffffffff8b58a807 RCX: b7c31220af51fd00
[   81.239441][ T5311] RDX: 0000000000000000 RSI: ffffffff8b58a807 RDI: 0000000000000004
[   81.242726][ T5311] RBP: ffffffff819b49d8 R08: 0000000000000001 R09: 0000000000000000
[   81.245972][ T5311] R10: dffffc0000000000 R11: fffffbfff1efdb2f R12: 0000000000000000
[   81.249217][ T5311] R13: 0000000000000020 R14: 0000000000000020 R15: 0000000000000001
[   81.252470][ T5311] FS:  00007f7b204826c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000
[   81.256228][ T5311] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   81.258744][ T5311] CR2: 00007f7b1f8e24c0 CR3: 000000004022f000 CR4: 0000000000352ef0
[   81.261881][ T5311] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   81.265071][ T5311] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   81.268391][ T5311] Call Trace:
[   81.269828][ T5311]  <TASK>
[   81.271124][ T5311]  __kasan_check_byte+0x12/0x40
[   81.273121][ T5311]  lock_acquire+0x8d/0x360
[   81.274976][ T5311]  ? kobj_kset_leave+0x163/0x190
[   81.277047][ T5311]  _raw_spin_lock_irqsave+0xa7/0xf0
[   81.279133][ T5311]  ? complete+0x28/0x1b0
[   81.280754][ T5311]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[   81.282951][ T5311]  ? kobject_init_and_add+0x125/0x190
[   81.285186][ T5311]  complete+0x28/0x1b0
[   81.286919][ T5311]  kobject_put+0x228/0x480
[   81.288942][ T5311]  lookup_or_create_module_kobject+0x150/0x170
[   81.292126][ T5311]  module_add_driver+0xb9/0x310
[   81.294605][ T5311]  bus_add_driver+0x391/0x640
[   81.296956][ T5311]  driver_register+0x23a/0x320
[   81.299054][ T5311]  usb_gadget_register_driver_owner+0xf9/0x270
[   81.301609][ T5311]  raw_ioctl+0x149a/0x3c90
[   81.303677][ T5311]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   81.306072][ T5311]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   81.308488][ T5311]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[   81.310945][ T5311]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   81.313162][ T5311]  ? __pfx_raw_ioctl+0x10/0x10
[   81.315361][ T5311]  ? count_memcg_event_mm+0x92/0x3b0
[   81.317942][ T5311]  ? __lock_acquire+0xaac/0xd20
[   81.320102][ T5311]  ? __fget_files+0x2a/0x420
[   81.321910][ T5311]  ? __fget_files+0x3a0/0x420
[   81.323904][ T5311]  ? __fget_files+0x2a/0x420
[   81.325809][ T5311]  ? bpf_lsm_file_ioctl+0x9/0x20
[   81.328173][ T5311]  ? __pfx_raw_ioctl+0x10/0x10
[   81.330524][ T5311]  __se_sys_ioctl+0xf9/0x170
[   81.332475][ T5311]  do_syscall_64+0xf6/0x210
[   81.334316][ T5311]  ? clear_bhb_loop+0x45/0xa0
[   81.336139][ T5311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.338710][ T5311] RIP: 0033:0x7f7b1f58e56b
[   81.340565][ T5311] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   81.348393][ T5311] RSP: 002b:00007f7b2047ff10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   81.351770][ T5311] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f7b1f58e56b
[   81.355086][ T5311] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[   81.358490][ T5311] RBP: 00007f7b20480fe0 R08: 0000000000000000 R09: 00302e6364755f79
[   81.361878][ T5311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   81.365218][ T5311] R13: 00007f7b2047ffb0 R14: 0000200000000dc0 R15: 00007f7b1f8e0320
[   81.368741][ T5311]  </TASK>
[   81.370031][ T5311] Modules linked in:
[   81.371639][ T5311] ---[ end trace 0000000000000000 ]---
[   81.373959][ T5311] RIP: 0010:kasan_byte_accessible+0x12/0x30
[   81.376442][ T5311] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[   81.384440][ T5311] RSP: 0018:ffffc9000d3e7840 EFLAGS: 00010002
[   81.386998][ T5311] RAX: dffffc0000000000 RBX: ffffffff8b58a807 RCX: b7c31220af51fd00
[   81.390246][ T5311] RDX: 0000000000000000 RSI: ffffffff8b58a807 RDI: 0000000000000004
[   81.393510][ T5311] RBP: ffffffff819b49d8 R08: 0000000000000001 R09: 0000000000000000
[   81.396856][ T5311] R10: dffffc0000000000 R11: fffffbfff1efdb2f R12: 0000000000000000
[   81.400170][ T5311] R13: 0000000000000020 R14: 0000000000000020 R15: 0000000000000001
[   81.403413][ T5311] FS:  00007f7b204826c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000
[   81.407068][ T5311] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   81.409809][ T5311] CR2: 00007f7b1f8e24c0 CR3: 000000004022f000 CR4: 0000000000352ef0
[   81.413216][ T5311] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   81.416495][ T5311] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   81.419657][ T5311] Kernel panic - not syncing: Fatal exception
[   81.422374][ T5311] Kernel Offset: disabled
[   81.424116][ T5311] Rebooting in 86400 seconds..