program:
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da000905890eca"], 0x0)
[ 76.124856][ T4671] Bluetooth: hci0: command tx timeout
[ 76.449934][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 76.503112][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.505921][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.602443][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 76.606512][ T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 76.611249][ T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 202
[ 76.617247][ T10] usb 5-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[ 76.621417][ T10] usb 5-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[ 76.624923][ T10] usb 5-1: Manufacturer: syz
[ 76.636287][ T10] usb 5-1: config 0 descriptor??
[ 76.650691][ T5323] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 76.656870][ T10] smsusb:smsusb_probe: board id=9, interface number 0
[ 76.670839][ T10] smsusb:siano_media_device_register: media controller created
[ 76.682106][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.685360][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.688381][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.691339][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.694177][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.697055][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.700212][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.704774][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.707828][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.710898][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.713826][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.717036][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.719978][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.730563][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.733153][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.735509][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.738070][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.740962][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.744084][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.750461][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.753667][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.756708][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.759874][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.763002][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.766163][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.769760][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.773080][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.776678][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.780272][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.783827][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.787362][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.803601][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.806889][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.809954][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.812986][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.815991][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.818571][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.821390][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.823960][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.830194][ T10] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22
[ 76.833826][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.833891][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.833945][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.856919][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.860219][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.863010][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.865989][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.868795][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.871899][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.874975][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.878094][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.881753][ T10] smsmdtv:smscore_set_device_mode: mode detect failed -22
[ 76.884811][ T10] smsmdtv:smscore_start_device: set device mode failed , rc -22
[ 76.887847][ T10] smsusb:smsusb_init_device: smscore_start_device(...) failed
[ 76.898131][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.917159][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.920814][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.924414][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.928478][ C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 76.932403][ T10] ------------[ cut here ]------------
[ 76.934767][ T10] workqueue: work disable count underflowed
[ 76.937286][ T10] WARNING: CPU: 0 PID: 10 at kernel/workqueue.c:4355 enable_work+0x2b1/0x2c0
[ 76.941135][ T10] Modules linked in:
[ 76.943061][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full)
[ 76.946847][ T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 76.951337][ T10] Workqueue: usb_hub_wq hub_event
[ 76.953506][ T10] RIP: 0010:enable_work+0x2b1/0x2c0
[ 76.955665][ T10] Code: 41 5e 41 5f 5d c3 cc cc cc cc cc e8 e9 2d be 09 e8 64 c0 35 00 c6 05 04 c6 dc 0d 01 90 48 c7 c7 c0 ef 69 8b e8 a0 cc f8 ff 90 <0f> 0b 90 90 e9 69 ff ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90
[ 76.964103][ T10] RSP: 0018:ffffc900001c6a60 EFLAGS: 00010046
[ 76.966651][ T10] RAX: beacb79721956b00 RBX: ffff888035e583b8 RCX: ffff88801ab18000
[ 76.969750][ T10] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 76.972792][ T10] RBP: ffffc900001c6b10 R08: ffff88801fe24293 R09: 1ffff11003fc4852
[ 76.975937][ T10] R10: dffffc0000000000 R11: ffffed1003fc4853 R12: 1ffff92000038d50
[ 76.979126][ T10] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000800001
[ 76.982239][ T10] FS: 0000000000000000(0000) GS:ffff88808d730000(0000) knlGS:0000000000000000
[ 76.986005][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 76.988731][ T10] CR2: 000055851fa5fec8 CR3: 000000001154d000 CR4: 0000000000352ef0
[ 76.992170][ T10] Call Trace:
[ 76.993665][ T10]
[ 76.994942][ T10] ? __pfx_enable_work+0x10/0x10
[ 76.997021][ T10] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 76.999560][ T10] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.002955][ T10] __cancel_work_sync+0xf7/0x110
[ 77.005492][ T10] smsusb_term_device+0xe2/0x3b0
[ 77.008380][ T10] smsusb_probe+0x1a04/0x2060
[ 77.010677][ T10] ? __pfx_smsusb_probe+0x10/0x10
[ 77.013217][ T10] ? __pfx_smsusb_sendrequest+0x10/0x10
[ 77.015364][ T10] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 77.017584][ T10] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.020542][ T10] ? __pm_runtime_set_status+0x785/0xa50
[ 77.023203][ T10] usb_probe_interface+0x668/0xc30
[ 77.025525][ T10] ? __pfx_usb_probe_interface+0x10/0x10
[ 77.028028][ T10] really_probe+0x26d/0x9e0
[ 77.030074][ T10] __driver_probe_device+0x18c/0x2f0
[ 77.032517][ T10] driver_probe_device+0x4f/0x430
[ 77.034722][ T10] __device_attach_driver+0x2ce/0x530
[ 77.036966][ T10] bus_for_each_drv+0x251/0x2e0
[ 77.039086][ T10] ? __pfx___device_attach_driver+0x10/0x10
[ 77.041465][ T10] ? __pfx_bus_for_each_drv+0x10/0x10
[ 77.043660][ T10] __device_attach+0x2b8/0x400
[ 77.045621][ T10] ? __pfx___device_attach+0x10/0x10
[ 77.047765][ T10] ? do_raw_spin_unlock+0x4d/0x240
[ 77.049941][ T10] bus_probe_device+0x185/0x260
[ 77.052118][ T10] device_add+0x7b6/0xb50
[ 77.054018][ T10] usb_set_configuration+0x1a87/0x20e0
[ 77.056374][ T10] usb_generic_driver_probe+0x8d/0x150
[ 77.058610][ T10] usb_probe_device+0x1c4/0x390
[ 77.060679][ T10] ? __pfx_usb_probe_device+0x10/0x10
[ 77.062984][ T10] really_probe+0x26d/0x9e0
[ 77.064983][ T10] __driver_probe_device+0x18c/0x2f0
[ 77.067342][ T10] driver_probe_device+0x4f/0x430
[ 77.069496][ T10] __device_attach_driver+0x2ce/0x530
[ 77.071801][ T10] bus_for_each_drv+0x251/0x2e0
[ 77.073844][ T10] ? __pfx___device_attach_driver+0x10/0x10
[ 77.076377][ T10] ? __pfx_bus_for_each_drv+0x10/0x10
[ 77.078696][ T10] __device_attach+0x2b8/0x400
[ 77.080777][ T10] ? __pfx___device_attach+0x10/0x10
[ 77.082998][ T10] ? do_raw_spin_unlock+0x4d/0x240
[ 77.085100][ T10] bus_probe_device+0x185/0x260
[ 77.087140][ T10] device_add+0x7b6/0xb50
[ 77.088843][ T10] usb_new_device+0xa39/0x16f0
[ 77.090690][ T10] ? __pfx_usb_new_device+0x10/0x10
[ 77.092896][ T10] ? _raw_spin_unlock_irq+0x23/0x50
[ 77.095022][ T10] ? lockdep_hardirqs_on+0x9c/0x150
[ 77.097267][ T10] hub_event+0x2958/0x4a20
[ 77.099372][ T10] ? __pfx_hub_event+0x10/0x10
[ 77.101428][ T10] ? process_scheduled_works+0x9ef/0x17b0
[ 77.103764][ T10] ? _raw_spin_unlock_irq+0x23/0x50
[ 77.105979][ T10] ? process_scheduled_works+0x9ef/0x17b0
[ 77.108407][ T10] ? process_scheduled_works+0x9ef/0x17b0
[ 77.110905][ T10] process_scheduled_works+0xae1/0x17b0
[ 77.113298][ T10] ? __pfx_process_scheduled_works+0x10/0x10
[ 77.115839][ T10] worker_thread+0x8a0/0xda0
[ 77.117822][ T10] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.120571][ T10] ? __kthread_parkme+0x7b/0x200
[ 77.122740][ T10] kthread+0x711/0x8a0
[ 77.124502][ T10] ? __pfx_worker_thread+0x10/0x10
[ 77.126734][ T10] ? __pfx_kthread+0x10/0x10
[ 77.128793][ T10] ? _raw_spin_unlock_irq+0x23/0x50
[ 77.131124][ T10] ? lockdep_hardirqs_on+0x9c/0x150
[ 77.133373][ T10] ? __pfx_kthread+0x10/0x10
[ 77.135439][ T10] ret_from_fork+0x4bc/0x870
[ 77.137495][ T10] ? __pfx_ret_from_fork+0x10/0x10
[ 77.139773][ T10] ? __pfx_kthread+0x10/0x10
[ 77.141788][ T10] ret_from_fork_asm+0x1a/0x30
[ 77.144233][ T10]
[ 77.145672][ T10] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 77.148837][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full)
[ 77.152645][ T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.157475][ T10] Workqueue: usb_hub_wq hub_event
[ 77.159993][ T10] Call Trace:
[ 77.161831][ T10]
[ 77.163187][ T10] dump_stack_lvl+0x99/0x250
[ 77.165193][ T10] ? __asan_memcpy+0x40/0x70
[ 77.167187][ T10] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.169534][ T10] ? __pfx__printk+0x10/0x10
[ 77.171596][ T10] vpanic+0x237/0x6d0
[ 77.173391][ T10] ? __pfx_vpanic+0x10/0x10
[ 77.175469][ T10] panic+0xb9/0xc0
[ 77.177184][ T10] ? __pfx_panic+0x10/0x10
[ 77.179240][ T10] __warn+0x31b/0x4b0
[ 77.181047][ T10] ? enable_work+0x2b1/0x2c0
[ 77.183118][ T10] ? enable_work+0x2b1/0x2c0
[ 77.185125][ T10] report_bug+0x2be/0x4f0
[ 77.186950][ T10] ? enable_work+0x2b1/0x2c0
[ 77.189026][ T10] ? enable_work+0x2b1/0x2c0
[ 77.191119][ T10] ? enable_work+0x2b3/0x2c0
[ 77.193254][ T10] handle_bug+0x84/0x160
[ 77.195101][ T10] exc_invalid_op+0x1a/0x50
[ 77.196964][ T10] asm_exc_invalid_op+0x1a/0x20
[ 77.199040][ T10] RIP: 0010:enable_work+0x2b1/0x2c0
[ 77.201370][ T10] Code: 41 5e 41 5f 5d c3 cc cc cc cc cc e8 e9 2d be 09 e8 64 c0 35 00 c6 05 04 c6 dc 0d 01 90 48 c7 c7 c0 ef 69 8b e8 a0 cc f8 ff 90 <0f> 0b 90 90 e9 69 ff ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90
[ 77.209702][ T10] RSP: 0018:ffffc900001c6a60 EFLAGS: 00010046
[ 77.212480][ T10] RAX: beacb79721956b00 RBX: ffff888035e583b8 RCX: ffff88801ab18000
[ 77.215989][ T10] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 77.219444][ T10] RBP: ffffc900001c6b10 R08: ffff88801fe24293 R09: 1ffff11003fc4852
[ 77.222916][ T10] R10: dffffc0000000000 R11: ffffed1003fc4853 R12: 1ffff92000038d50
[ 77.226472][ T10] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000800001
[ 77.230067][ T10] ? __pfx_enable_work+0x10/0x10
[ 77.232582][ T10] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 77.235482][ T10] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.238178][ T10] __cancel_work_sync+0xf7/0x110
[ 77.240285][ T10] smsusb_term_device+0xe2/0x3b0
[ 77.242432][ T10] smsusb_probe+0x1a04/0x2060
[ 77.244455][ T10] ? __pfx_smsusb_probe+0x10/0x10
[ 77.246588][ T10] ? __pfx_smsusb_sendrequest+0x10/0x10
[ 77.248973][ T10] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 77.252116][ T10] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.255277][ T10] ? __pm_runtime_set_status+0x785/0xa50
[ 77.257629][ T10] usb_probe_interface+0x668/0xc30
[ 77.259838][ T10] ? __pfx_usb_probe_interface+0x10/0x10
[ 77.262161][ T10] really_probe+0x26d/0x9e0
[ 77.264196][ T10] __driver_probe_device+0x18c/0x2f0
[ 77.266508][ T10] driver_probe_device+0x4f/0x430
[ 77.268709][ T10] __device_attach_driver+0x2ce/0x530
[ 77.271124][ T10] bus_for_each_drv+0x251/0x2e0
[ 77.273317][ T10] ? __pfx___device_attach_driver+0x10/0x10
[ 77.275717][ T10] ? __pfx_bus_for_each_drv+0x10/0x10
[ 77.278097][ T10] __device_attach+0x2b8/0x400
[ 77.280187][ T10] ? __pfx___device_attach+0x10/0x10
[ 77.282453][ T10] ? do_raw_spin_unlock+0x4d/0x240
[ 77.284867][ T10] bus_probe_device+0x185/0x260
[ 77.287073][ T10] device_add+0x7b6/0xb50
[ 77.288851][ T10] usb_set_configuration+0x1a87/0x20e0
[ 77.291207][ T10] usb_generic_driver_probe+0x8d/0x150
[ 77.293600][ T10] usb_probe_device+0x1c4/0x390
[ 77.295728][ T10] ? __pfx_usb_probe_device+0x10/0x10
[ 77.298102][ T10] really_probe+0x26d/0x9e0
[ 77.300134][ T10] __driver_probe_device+0x18c/0x2f0
[ 77.302344][ T10] driver_probe_device+0x4f/0x430
[ 77.304596][ T10] __device_attach_driver+0x2ce/0x530
[ 77.307009][ T10] bus_for_each_drv+0x251/0x2e0
[ 77.309077][ T10] ? __pfx___device_attach_driver+0x10/0x10
[ 77.311647][ T10] ? __pfx_bus_for_each_drv+0x10/0x10
[ 77.313849][ T10] __device_attach+0x2b8/0x400
[ 77.315942][ T10] ? __pfx___device_attach+0x10/0x10
[ 77.318149][ T10] ? do_raw_spin_unlock+0x4d/0x240
[ 77.320419][ T10] bus_probe_device+0x185/0x260
[ 77.322817][ T10] device_add+0x7b6/0xb50
[ 77.324881][ T10] usb_new_device+0xa39/0x16f0
[ 77.326945][ T10] ? __pfx_usb_new_device+0x10/0x10
[ 77.329103][ T10] ? _raw_spin_unlock_irq+0x23/0x50
[ 77.331173][ T10] ? lockdep_hardirqs_on+0x9c/0x150
[ 77.333435][ T10] hub_event+0x2958/0x4a20
[ 77.335481][ T10] ? __pfx_hub_event+0x10/0x10
[ 77.337817][ T10] ? process_scheduled_works+0x9ef/0x17b0
[ 77.340860][ T10] ? _raw_spin_unlock_irq+0x23/0x50
[ 77.343176][ T10] ? process_scheduled_works+0x9ef/0x17b0
[ 77.345706][ T10] ? process_scheduled_works+0x9ef/0x17b0
[ 77.347962][ T10] process_scheduled_works+0xae1/0x17b0
[ 77.350191][ T10] ? __pfx_process_scheduled_works+0x10/0x10
[ 77.352589][ T10] worker_thread+0x8a0/0xda0
[ 77.354586][ T10] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.357273][ T10] ? __kthread_parkme+0x7b/0x200
[ 77.359387][ T10] kthread+0x711/0x8a0
[ 77.361107][ T10] ? __pfx_worker_thread+0x10/0x10
[ 77.363341][ T10] ? __pfx_kthread+0x10/0x10
[ 77.365320][ T10] ? _raw_spin_unlock_irq+0x23/0x50
[ 77.367606][ T10] ? lockdep_hardirqs_on+0x9c/0x150
[ 77.369831][ T10] ? __pfx_kthread+0x10/0x10
[ 77.371871][ T10] ret_from_fork+0x4bc/0x870
[ 77.374010][ T10] ? __pfx_ret_from_fork+0x10/0x10
[ 77.376475][ T10] ? __pfx_kthread+0x10/0x10
[ 77.378581][ T10] ret_from_fork_asm+0x1a/0x30
[ 77.380810][ T10]
[ 77.382532][ T10] Kernel Offset: disabled
[ 77.384729][ T10] Rebooting in 86400 seconds..