program:
syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000c13a8908b40402100d62010203010902164bf11c000000090400"], 0x0) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000c13a8908b40402100d62010203010902164bf11c000000090400"], 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
ioctl$SG_IO(r1, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000240)="5c8d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) (async)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})

[   68.015338][ T5295] Bluetooth: hci0: command tx timeout
[   68.091784][ T5311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.095832][ T5311] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.115480][ T5310] sysfs: cannot create duplicate filename '/module/raw_gadget'
[   68.119990][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[   68.120004][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.120010][ T5310] Call Trace:
[   68.120016][ T5310]  <TASK>
[   68.120020][ T5310]  dump_stack_lvl+0x189/0x250
[   68.120144][ T5310]  ? __pfx_dump_stack_lvl+0x10/0x10
[   68.120158][ T5310]  ? __pfx__printk+0x10/0x10
[   68.120169][ T5310]  ? kernfs_path_from_node+0x2b/0x260
[   68.120213][ T5310]  ? kernfs_path_from_node+0x2b/0x260
[   68.120224][ T5310]  ? kernfs_path_from_node+0x2b/0x260
[   68.120237][ T5310]  ? kernfs_path_from_node+0x216/0x260
[   68.120252][ T5310]  sysfs_create_dir_ns+0x259/0x280
[   68.120267][ T5310]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   68.120281][ T5310]  ? do_raw_spin_unlock+0x4d/0x240
[   68.120294][ T5310]  kobject_add_internal+0x59f/0xb40
[   68.120340][ T5310]  kobject_init_and_add+0x125/0x190
[   68.120361][ T5310]  ? __pfx_kobject_init_and_add+0x10/0x10
[   68.120373][ T5310]  ? __kasan_kmalloc+0x93/0xb0
[   68.120387][ T5310]  ? __kmalloc_cache_noprof+0x230/0x3d0
[   68.120398][ T5310]  ? lookup_or_create_module_kobject+0x75/0x170
[   68.120410][ T5310]  lookup_or_create_module_kobject+0xe3/0x170
[   68.120421][ T5310]  module_add_driver+0xb9/0x310
[   68.120436][ T5310]  bus_add_driver+0x391/0x640
[   68.120451][ T5310]  driver_register+0x23a/0x320
[   68.120466][ T5310]  usb_gadget_register_driver_owner+0xf9/0x270
[   68.120481][ T5310]  raw_ioctl+0x149a/0x3c90
[   68.120492][ T5310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   68.120503][ T5310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   68.120513][ T5310]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[   68.120522][ T5310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   68.120533][ T5310]  ? __pfx_raw_ioctl+0x10/0x10
[   68.120547][ T5310]  ? count_memcg_event_mm+0x92/0x3b0
[   68.120562][ T5310]  ? __lock_acquire+0xaac/0xd20
[   68.120587][ T5310]  ? __fget_files+0x2a/0x420
[   68.120602][ T5310]  ? __fget_files+0x3a0/0x420
[   68.120613][ T5310]  ? __fget_files+0x2a/0x420
[   68.120625][ T5310]  ? bpf_lsm_file_ioctl+0x9/0x20
[   68.120634][ T5310]  ? __pfx_raw_ioctl+0x10/0x10
[   68.120642][ T5310]  __se_sys_ioctl+0xf9/0x170
[   68.120649][ T5310]  do_syscall_64+0xf6/0x210
[   68.120658][ T5310]  ? clear_bhb_loop+0x45/0xa0
[   68.120666][ T5310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.120672][ T5310] RIP: 0033:0x7f4c0158e56b
[   68.120680][ T5310] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   68.120685][ T5310] RSP: 002b:00007f4c0233af10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.120695][ T5310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4c0158e56b
[   68.120701][ T5310] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[   68.120706][ T5310] RBP: 00007f4c0233bfe0 R08: 0000000000000000 R09: 00302e6364755f79
[   68.120712][ T5310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.120717][ T5310] R13: 00007f4c0233afb0 R14: 0000200000000440 R15: 00007f4c018e0320
[   68.120734][ T5310]  </TASK>
[   68.120752][ T5310] kobject: kobject_add_internal failed for raw_gadget with -EEXIST, don't try to register things with the same name in the same directory.
[   68.264296][ T5310] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] SMP KASAN NOPTI
[   68.269392][ T5310] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]
[   68.272919][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[   68.277762][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.282312][ T5310] RIP: 0010:kasan_byte_accessible+0x12/0x30
[   68.284786][ T5310] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[   68.292786][ T5310] RSP: 0018:ffffc9000d67f840 EFLAGS: 00010002
[   68.295302][ T5310] RAX: dffffc0000000000 RBX: ffffffff8b58a807 RCX: 9496c176c482c200
[   68.298729][ T5310] RDX: 0000000000000000 RSI: ffffffff8b58a807 RDI: 0000000000000004
[   68.302095][ T5310] RBP: ffffffff819b49d8 R08: 0000000000000001 R09: 0000000000000000
[   68.305488][ T5310] R10: dffffc0000000000 R11: fffffbfff1efdb2f R12: 0000000000000000
[   68.308880][ T5310] R13: 0000000000000020 R14: 0000000000000020 R15: 0000000000000001
[   68.312277][ T5310] FS:  00007f4c0233d6c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000
[   68.316048][ T5310] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.318755][ T5310] CR2: 0000563d987c36d8 CR3: 0000000042d85000 CR4: 0000000000352ef0
[   68.322046][ T5310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.325283][ T5310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.328701][ T5310] Call Trace:
[   68.330198][ T5310]  <TASK>
[   68.331499][ T5310]  __kasan_check_byte+0x12/0x40
[   68.333629][ T5310]  lock_acquire+0x8d/0x360
[   68.335576][ T5310]  ? kobj_kset_leave+0x163/0x190
[   68.337736][ T5310]  _raw_spin_lock_irqsave+0xa7/0xf0
[   68.339656][ T5310]  ? complete+0x28/0x1b0
[   68.341467][ T5310]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[   68.344024][ T5310]  ? kobject_init_and_add+0x125/0x190
[   68.346242][ T5310]  complete+0x28/0x1b0
[   68.347926][ T5310]  kobject_put+0x228/0x480
[   68.349759][ T5310]  lookup_or_create_module_kobject+0x150/0x170
[   68.352292][ T5310]  module_add_driver+0xb9/0x310
[   68.354454][ T5310]  bus_add_driver+0x391/0x640
[   68.356466][ T5310]  driver_register+0x23a/0x320
[   68.358578][ T5310]  usb_gadget_register_driver_owner+0xf9/0x270
[   68.361207][ T5310]  raw_ioctl+0x149a/0x3c90
[   68.363164][ T5310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   68.365521][ T5310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   68.367907][ T5310]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[   68.370328][ T5310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   68.372737][ T5310]  ? __pfx_raw_ioctl+0x10/0x10
[   68.374841][ T5310]  ? count_memcg_event_mm+0x92/0x3b0
[   68.377114][ T5310]  ? __lock_acquire+0xaac/0xd20
[   68.379334][ T5310]  ? __fget_files+0x2a/0x420
[   68.381446][ T5310]  ? __fget_files+0x3a0/0x420
[   68.383534][ T5310]  ? __fget_files+0x2a/0x420
[   68.385482][ T5310]  ? bpf_lsm_file_ioctl+0x9/0x20
[   68.387531][ T5310]  ? __pfx_raw_ioctl+0x10/0x10
[   68.389506][ T5310]  __se_sys_ioctl+0xf9/0x170
[   68.391464][ T5310]  do_syscall_64+0xf6/0x210
[   68.393378][ T5310]  ? clear_bhb_loop+0x45/0xa0
[   68.395479][ T5310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.398125][ T5310] RIP: 0033:0x7f4c0158e56b
[   68.400128][ T5310] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   68.408527][ T5310] RSP: 002b:00007f4c0233af10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.411926][ T5310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4c0158e56b
[   68.415229][ T5310] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[   68.418687][ T5310] RBP: 00007f4c0233bfe0 R08: 0000000000000000 R09: 00302e6364755f79
[   68.422176][ T5310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.425589][ T5310] R13: 00007f4c0233afb0 R14: 0000200000000440 R15: 00007f4c018e0320
[   68.429062][ T5310]  </TASK>
[   68.430470][ T5310] Modules linked in:
[   68.432090][ T5310] ---[ end trace 0000000000000000 ]---
[   68.434224][ T5310] RIP: 0010:kasan_byte_accessible+0x12/0x30
[   68.436514][ T5310] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[   68.444352][ T5310] RSP: 0018:ffffc9000d67f840 EFLAGS: 00010002
[   68.447057][ T5310] RAX: dffffc0000000000 RBX: ffffffff8b58a807 RCX: 9496c176c482c200
[   68.450460][ T5310] RDX: 0000000000000000 RSI: ffffffff8b58a807 RDI: 0000000000000004
[   68.453995][ T5310] RBP: ffffffff819b49d8 R08: 0000000000000001 R09: 0000000000000000
[   68.457482][ T5310] R10: dffffc0000000000 R11: fffffbfff1efdb2f R12: 0000000000000000
[   68.461012][ T5310] R13: 0000000000000020 R14: 0000000000000020 R15: 0000000000000001
[   68.464426][ T5310] FS:  00007f4c0233d6c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000
[   68.468140][ T5310] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.470940][ T5310] CR2: 0000563d987c36d8 CR3: 0000000042d85000 CR4: 0000000000352ef0
[   68.474455][ T5310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.477970][ T5310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.481453][ T5310] Kernel panic - not syncing: Fatal exception
[   68.484521][ T5310] Kernel Offset: disabled
[   68.486467][ T5310] Rebooting in 86400 seconds..