program:
socket$inet_smc(0x2b, 0x1, 0x0) (async)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
mknod(&(0x7f0000000540)='./file1\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4000)
write$P9_RVERSION(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="1300000007ffff"], 0x13)
write$binfmt_aout(r3, &(0x7f0000000500)=ANY=[@ANYRES16=r3, @ANYBLOB='.Zx|'], 0x20) (async)
write$binfmt_aout(r3, &(0x7f0000000500)=ANY=[@ANYRES16=r3, @ANYBLOB='.Zx|'], 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9) (async)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r4, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}}, 0x1c)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
getgroups(0x2, &(0x7f0000001080)=[0xee01, 0xffffffffffffffff]) (async)
getgroups(0x2, &(0x7f0000001080)=[0xee01, <r7=>0xffffffffffffffff])
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x200002, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x200002, 0x0)
setgroups(0x3, &(0x7f00000000c0)=[0x0, 0x0, 0x0])
keyctl$chown(0x4, r6, 0xee01, r7)
keyctl$setperm(0x5, r6, 0x21081c22)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="48000000020601040000000000000000000000000500010006000000050005000a00000005000400000000000900020073797a31000000000d000300686173683a6e657400000000129d9daf3930e6e983f1585ce2ad4a93983744e10a42182d3f1361bf3c9dfbd30263f936506345"], 0x48}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xffffffffffffff15, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[], 0x8c}, 0x1, 0x0, 0x0, 0x10000092}, 0x4000080)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0) (async)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r10 = syz_open_dev$I2C(&(0x7f0000000180), 0x200, 0x0)
ioctl$I2C_RDWR(r10, 0x707, &(0x7f00000000c0)={&(0x7f0000000a80)=[{0x50, 0xcf5, 0x0, 0x0}], 0x1})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_PLIMIT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) (async)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)

[   78.041826][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[   78.044795][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[   78.048548][ T5297] Bluetooth: hci0: command tx timeout
[   78.223598][ T5312] Zero length message leads to an empty skb
[   78.277998][ T5312] sysfs: cannot create duplicate filename '/module/raw_gadget'
[   78.286468][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[   78.286488][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.286494][ T5312] Call Trace:
[   78.286499][ T5312]  <TASK>
[   78.286506][ T5312]  dump_stack_lvl+0x189/0x250
[   78.286628][ T5312]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.286643][ T5312]  ? __pfx__printk+0x10/0x10
[   78.286654][ T5312]  ? kernfs_path_from_node+0x2b/0x260
[   78.286696][ T5312]  ? kernfs_path_from_node+0x2b/0x260
[   78.286709][ T5312]  ? kernfs_path_from_node+0x2b/0x260
[   78.286725][ T5312]  ? kernfs_path_from_node+0x216/0x260
[   78.286748][ T5312]  sysfs_create_dir_ns+0x259/0x280
[   78.286764][ T5312]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   78.286779][ T5312]  ? do_raw_spin_unlock+0x4d/0x240
[   78.286793][ T5312]  kobject_add_internal+0x59f/0xb40
[   78.286842][ T5312]  kobject_init_and_add+0x125/0x190
[   78.286860][ T5312]  ? __pfx_kobject_init_and_add+0x10/0x10
[   78.286874][ T5312]  ? __kasan_kmalloc+0x93/0xb0
[   78.286889][ T5312]  ? __kmalloc_cache_noprof+0x230/0x3d0
[   78.286904][ T5312]  ? lookup_or_create_module_kobject+0x75/0x170
[   78.286917][ T5312]  lookup_or_create_module_kobject+0xe3/0x170
[   78.286930][ T5312]  module_add_driver+0xb9/0x310
[   78.286947][ T5312]  bus_add_driver+0x391/0x640
[   78.286962][ T5312]  driver_register+0x23a/0x320
[   78.286978][ T5312]  usb_gadget_register_driver_owner+0xf9/0x270
[   78.286998][ T5312]  raw_ioctl+0x149a/0x3c90
[   78.287016][ T5312]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   78.287035][ T5312]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   78.287050][ T5312]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[   78.287065][ T5312]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   78.287107][ T5312]  ? __pfx_raw_ioctl+0x10/0x10
[   78.287125][ T5312]  ? count_memcg_event_mm+0x92/0x3b0
[   78.287142][ T5312]  ? __lock_acquire+0xaac/0xd20
[   78.287168][ T5312]  ? __fget_files+0x2a/0x420
[   78.287184][ T5312]  ? __fget_files+0x3a0/0x420
[   78.287196][ T5312]  ? __fget_files+0x2a/0x420
[   78.287211][ T5312]  ? bpf_lsm_file_ioctl+0x9/0x20
[   78.287225][ T5312]  ? __pfx_raw_ioctl+0x10/0x10
[   78.287239][ T5312]  __se_sys_ioctl+0xf9/0x170
[   78.287252][ T5312]  do_syscall_64+0xf6/0x210
[   78.287265][ T5312]  ? clear_bhb_loop+0x45/0xa0
[   78.287279][ T5312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.287289][ T5312] RIP: 0033:0x7f059ff8e56b
[   78.287300][ T5312] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   78.287308][ T5312] RSP: 002b:00007f05a0e59f10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   78.287321][ T5312] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f059ff8e56b
[   78.287329][ T5312] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 000000000000000f
[   78.287336][ T5312] RBP: 00007f05a0e5afe0 R08: 0000000000000000 R09: 00302e6364755f79
[   78.287343][ T5312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.287349][ T5312] R13: 00007f05a0e59fb0 R14: 0000200000000280 R15: 00007f05a02e0b88
[   78.287366][ T5312]  </TASK>
[   78.287385][ T5312] kobject: kobject_add_internal failed for raw_gadget with -EEXIST, don't try to register things with the same name in the same directory.
[   78.436524][ T5312] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] SMP KASAN NOPTI
[   78.441592][ T5312] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]
[   78.445088][ T5312] CPU: 0 UID: 0 PID: 5312 Comm: syz.0.0 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) 
[   78.449850][ T5312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.454317][ T5312] RIP: 0010:kasan_byte_accessible+0x12/0x30
[   78.456844][ T5312] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[   78.464421][ T5312] RSP: 0018:ffffc9000fd87840 EFLAGS: 00010002
[   78.467119][ T5312] RAX: dffffc0000000000 RBX: ffffffff8b58a807 RCX: 9a5cc493548f6400
[   78.470467][ T5312] RDX: 0000000000000000 RSI: ffffffff8b58a807 RDI: 0000000000000004
[   78.473633][ T5312] RBP: ffffffff819b49d8 R08: 0000000000000001 R09: 0000000000000000
[   78.476949][ T5312] R10: dffffc0000000000 R11: fffffbfff1efdb2f R12: 0000000000000000
[   78.480425][ T5312] R13: 0000000000000020 R14: 0000000000000020 R15: 0000000000000001
[   78.483890][ T5312] FS:  00007f05a0e5c6c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000
[   78.487694][ T5312] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   78.490502][ T5312] CR2: 00005599807bd718 CR3: 000000003ffe8000 CR4: 0000000000352ef0
[   78.493875][ T5312] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   78.497310][ T5312] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   78.500679][ T5312] Call Trace:
[   78.502031][ T5312]  <TASK>
[   78.503370][ T5312]  __kasan_check_byte+0x12/0x40
[   78.505492][ T5312]  lock_acquire+0x8d/0x360
[   78.507493][ T5312]  ? kobj_kset_leave+0x163/0x190
[   78.509585][ T5312]  _raw_spin_lock_irqsave+0xa7/0xf0
[   78.511728][ T5312]  ? complete+0x28/0x1b0
[   78.513545][ T5312]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[   78.516085][ T5312]  ? kobject_init_and_add+0x125/0x190
[   78.518369][ T5312]  complete+0x28/0x1b0
[   78.520130][ T5312]  kobject_put+0x228/0x480
[   78.522020][ T5312]  lookup_or_create_module_kobject+0x150/0x170
[   78.524523][ T5312]  module_add_driver+0xb9/0x310
[   78.526565][ T5312]  bus_add_driver+0x391/0x640
[   78.528567][ T5312]  driver_register+0x23a/0x320
[   78.530591][ T5312]  usb_gadget_register_driver_owner+0xf9/0x270
[   78.533156][ T5312]  raw_ioctl+0x149a/0x3c90
[   78.535109][ T5312]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   78.537482][ T5312]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   78.539847][ T5312]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[   78.542219][ T5312]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   78.544627][ T5312]  ? __pfx_raw_ioctl+0x10/0x10
[   78.546681][ T5312]  ? count_memcg_event_mm+0x92/0x3b0
[   78.548966][ T5312]  ? __lock_acquire+0xaac/0xd20
[   78.551101][ T5312]  ? __fget_files+0x2a/0x420
[   78.552949][ T5312]  ? __fget_files+0x3a0/0x420
[   78.555020][ T5312]  ? __fget_files+0x2a/0x420
[   78.557113][ T5312]  ? bpf_lsm_file_ioctl+0x9/0x20
[   78.559341][ T5312]  ? __pfx_raw_ioctl+0x10/0x10
[   78.561403][ T5312]  __se_sys_ioctl+0xf9/0x170
[   78.563464][ T5312]  do_syscall_64+0xf6/0x210
[   78.565413][ T5312]  ? clear_bhb_loop+0x45/0xa0
[   78.567425][ T5312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.569946][ T5312] RIP: 0033:0x7f059ff8e56b
[   78.571911][ T5312] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[   78.580220][ T5312] RSP: 002b:00007f05a0e59f10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   78.583688][ T5312] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f059ff8e56b
[   78.587142][ T5312] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 000000000000000f
[   78.590621][ T5312] RBP: 00007f05a0e5afe0 R08: 0000000000000000 R09: 00302e6364755f79
[   78.594050][ T5312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.597422][ T5312] R13: 00007f05a0e59fb0 R14: 0000200000000280 R15: 00007f05a02e0b88
[   78.600636][ T5312]  </TASK>
[   78.602023][ T5312] Modules linked in:
[   78.603800][ T5312] ---[ end trace 0000000000000000 ]---
[   78.606183][ T5312] RIP: 0010:kasan_byte_accessible+0x12/0x30
[   78.608815][ T5312] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cc cc cc cc 66 66 66 66 66 66 2e
[   78.616842][ T5312] RSP: 0018:ffffc9000fd87840 EFLAGS: 00010002
[   78.619471][ T5312] RAX: dffffc0000000000 RBX: ffffffff8b58a807 RCX: 9a5cc493548f6400
[   78.622772][ T5312] RDX: 0000000000000000 RSI: ffffffff8b58a807 RDI: 0000000000000004
[   78.626189][ T5312] RBP: ffffffff819b49d8 R08: 0000000000000001 R09: 0000000000000000
[   78.629643][ T5312] R10: dffffc0000000000 R11: fffffbfff1efdb2f R12: 0000000000000000
[   78.633002][ T5312] R13: 0000000000000020 R14: 0000000000000020 R15: 0000000000000001
[   78.636491][ T5312] FS:  00007f05a0e5c6c0(0000) GS:ffff88808d6cb000(0000) knlGS:0000000000000000
[   78.640333][ T5312] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   78.643141][ T5312] CR2: 00005599807bd718 CR3: 000000003ffe8000 CR4: 0000000000352ef0
[   78.646507][ T5312] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   78.649622][ T5312] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   78.653072][ T5312] Kernel panic - not syncing: Fatal exception
[   78.656170][ T5312] Kernel Offset: disabled
[   78.658199][ T5312] Rebooting in 86400 seconds..