usb 1-1: SerialNumber: syz usb 1-1: Interface #212 referenced by multiple IADs smsusb:smsusb_probe: board id=12, interface number 0 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Not tainted 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f96981d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c100 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c0e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2593688 hardirqs last enabled at (2593687): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2593688): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2590734): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2590734): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2590195): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f969841 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c220 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c208 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2594100 hardirqs last enabled at (2594099): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2594100): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2594092): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2594092): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2593691): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f969865 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c340 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c328 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2594786 hardirqs last enabled at (2594785): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2594786): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2594782): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2594782): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2594103): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f969889 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c460 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c448 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2594842 hardirqs last enabled at (2594841): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2594842): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2594834): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2594834): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2594789): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f9698ad x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c580 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c568 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2595232 hardirqs last enabled at (2595231): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2595232): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2595224): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2595224): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2594845): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f9698d1 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c6a0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c688 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2595684 hardirqs last enabled at (2595683): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2595684): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2595676): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2595676): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2595235): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f9698f5 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c7c0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c7a8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2595712 hardirqs last enabled at (2595711): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2595712): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2595708): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2595708): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2595687): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f969919 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4c8e0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c8c8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2596134 hardirqs last enabled at (2596133): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2596134): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2596126): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2596126): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2595715): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f96993d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4ca00 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4c9e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2596784 hardirqs last enabled at (2596783): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2596784): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2596780): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2596780): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2596137): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001f969961 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000fcb4cb20 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000fcb4cb08 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 worker_thread+0x8e0/0xfe8 kernel/workqueue.c:2552 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2597196 hardirqs last enabled at (2597195): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2597196): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2597188): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2597188): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2596787): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- smsusb:smsusb_probe: Device initialized with return code -19 smsusb:smsusb_probe: board id=12, interface number 93 smsusb:smsusb_probe: board id=12, interface number 212 usb 1-1: USB disconnect, device number 87 usb 1-1: new high-speed USB device number 88 using dummy_hcd usb 1-1: Using ep0 maxpacket: 16 usb 1-1: config 5 has an invalid interface number: 93 but max is 2 usb 1-1: config 5 has an invalid interface number: 212 but max is 2 usb 1-1: config 5 has no interface number 1 usb 1-1: config 5 has no interface number 2 usb 1-1: config 5 interface 0 altsetting 5 endpoint 0xC has invalid maxpacket 1023, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x7 has invalid maxpacket 512, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x1 has invalid maxpacket 1024, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 has an invalid endpoint with address 0x80, skipping usb 1-1: config 5 interface 93 altsetting 7 endpoint 0xA has invalid maxpacket 511, setting to 64 usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x1, skipping usb 1-1: config 5 interface 212 altsetting 1 has an invalid endpoint with address 0x0, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x9, skipping usb 1-1: config 5 interface 0 has no altsetting 0 usb 1-1: config 5 interface 93 has no altsetting 0 usb 1-1: config 5 interface 212 has no altsetting 0 usb 1-1: Dual-Role OTG device on HNP port usb 1-1: New USB device found, idVendor=187f, idProduct=0302, bcdDevice= 8.17 usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 1-1: Product: syz usb 1-1: Manufacturer: syz usb 1-1: SerialNumber: syz usb 1-1: Interface #212 referenced by multiple IADs smsusb:smsusb_probe: board id=12, interface number 0 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90c1d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86100 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc860e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2612734 hardirqs last enabled at (2612733): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2612734): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2610842): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2610842): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2610819): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90c41 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86220 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc86208 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2612790 hardirqs last enabled at (2612789): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2612790): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2612786): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2612786): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2612737): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90c65 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86340 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc86328 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2613414 hardirqs last enabled at (2613413): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2613414): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2613410): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2613410): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2612793): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90c89 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86460 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc86448 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2613858 hardirqs last enabled at (2613857): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2613858): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2613850): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2613850): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2613417): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90cad x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86580 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc86568 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2614526 hardirqs last enabled at (2614525): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2614526): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2614522): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2614522): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2613861): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90cd1 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc866a0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc86688 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2614582 hardirqs last enabled at (2614581): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2614582): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2614574): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2614574): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2614529): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90cf5 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc867c0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc867a8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2615248 hardirqs last enabled at (2615247): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2615248): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2615244): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2615244): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2614585): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90d19 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc868e0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc868c8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2615676 hardirqs last enabled at (2615675): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2615676): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2615652): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2615652): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2615251): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90d3d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86a00 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc869e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2616214 hardirqs last enabled at (2616213): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2616214): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2616192): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2616192): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2615679): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe00019f90d61 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000cfc86b20 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000cfc86b08 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff80008434df88 x14: ffff800084358b64 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2616704 hardirqs last enabled at (2616703): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2616704): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2616696): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2616696): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2616217): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- smsusb:smsusb_probe: Device initialized with return code -19 smsusb:smsusb_probe: board id=12, interface number 93 smsusb:smsusb_probe: board id=12, interface number 212 usb 1-1: USB disconnect, device number 88 usb 1-1: new high-speed USB device number 89 using dummy_hcd usb 1-1: Using ep0 maxpacket: 16 usb 1-1: config 5 has an invalid interface number: 93 but max is 2 usb 1-1: config 5 has an invalid interface number: 212 but max is 2 usb 1-1: config 5 has no interface number 1 usb 1-1: config 5 has no interface number 2 usb 1-1: config 5 interface 0 altsetting 5 endpoint 0xC has invalid maxpacket 1023, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x7 has invalid maxpacket 512, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x1 has invalid maxpacket 1024, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 has an invalid endpoint with address 0x80, skipping usb 1-1: config 5 interface 93 altsetting 7 endpoint 0xA has invalid maxpacket 511, setting to 64 usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x1, skipping usb 1-1: config 5 interface 212 altsetting 1 has an invalid endpoint with address 0x0, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x9, skipping usb 1-1: config 5 interface 0 has no altsetting 0 usb 1-1: config 5 interface 93 has no altsetting 0 usb 1-1: config 5 interface 212 has no altsetting 0 usb 1-1: Dual-Role OTG device on HNP port usb 1-1: New USB device found, idVendor=187f, idProduct=0302, bcdDevice= 8.17 usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 1-1: Product: syz usb 1-1: Manufacturer: syz usb 1-1: SerialNumber: syz usb 1-1: Interface #212 referenced by multiple IADs smsusb:smsusb_probe: board id=12, interface number 0 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d501d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8100 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea80e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2629796 hardirqs last enabled at (2629795): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2629796): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2625632): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2625632): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2625613): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d5041 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8220 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea8208 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2629838 hardirqs last enabled at (2629837): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2629838): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2629830): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2629830): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2629799): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d5065 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8340 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea8328 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2630236 hardirqs last enabled at (2630235): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2630236): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2630230): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2630230): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2630225): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d5089 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8460 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea8448 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2630288 hardirqs last enabled at (2630287): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2630288): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2630280): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2630280): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2630239): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d50ad x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8580 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea8568 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2630704 hardirqs last enabled at (2630703): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2630704): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2630696): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2630696): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2630293): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d50d1 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea86a0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea8688 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2630772 hardirqs last enabled at (2630771): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2630772): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2630764): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2630764): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2630707): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d50f5 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea87c0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea87a8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2631188 hardirqs last enabled at (2631187): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2631188): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2631172): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2631172): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2630775): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d5119 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea88e0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea88c8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2631670 hardirqs last enabled at (2631669): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2631670): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2631660): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2631660): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2631261): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d513d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8a00 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea89e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2632196 hardirqs last enabled at (2632195): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2632196): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2632188): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2632188): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2631673): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b9d5161 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dcea8b20 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dcea8b08 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2632772 hardirqs last enabled at (2632771): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2632772): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2632764): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2632764): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2632199): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- smsusb:smsusb_probe: Device initialized with return code -19 smsusb:smsusb_probe: board id=12, interface number 93 smsusb:smsusb_probe: board id=12, interface number 212 usb 1-1: USB disconnect, device number 89 usb 1-1: new high-speed USB device number 90 using dummy_hcd usb 1-1: Using ep0 maxpacket: 16 usb 1-1: config 5 has an invalid interface number: 93 but max is 2 usb 1-1: config 5 has an invalid interface number: 212 but max is 2 usb 1-1: config 5 has no interface number 1 usb 1-1: config 5 has no interface number 2 usb 1-1: config 5 interface 0 altsetting 5 endpoint 0xC has invalid maxpacket 1023, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x7 has invalid maxpacket 512, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x1 has invalid maxpacket 1024, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 has an invalid endpoint with address 0x80, skipping usb 1-1: config 5 interface 93 altsetting 7 endpoint 0xA has invalid maxpacket 511, setting to 64 usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x1, skipping usb 1-1: config 5 interface 212 altsetting 1 has an invalid endpoint with address 0x0, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x9, skipping usb 1-1: config 5 interface 0 has no altsetting 0 usb 1-1: config 5 interface 93 has no altsetting 0 usb 1-1: config 5 interface 212 has no altsetting 0 usb 1-1: Dual-Role OTG device on HNP port usb 1-1: New USB device found, idVendor=187f, idProduct=0302, bcdDevice= 8.17 usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 1-1: Product: syz usb 1-1: Manufacturer: syz usb 1-1: SerialNumber: syz usb 1-1: Interface #212 referenced by multiple IADs smsusb:smsusb_probe: board id=12, interface number 0 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d81d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec100 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec0e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2645690 hardirqs last enabled at (2645689): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2645690): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2643838): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2643838): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2643721): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d841 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec220 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec208 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2645768 hardirqs last enabled at (2645767): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2645768): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2645760): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2645760): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2645693): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d865 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec340 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec328 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2646152 hardirqs last enabled at (2646151): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2646152): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2646144): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2646144): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2645773): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d889 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec460 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec448 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2646560 hardirqs last enabled at (2646559): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2646560): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2646552): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2646552): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2646155): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d8ad x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec580 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec568 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2646980 hardirqs last enabled at (2646979): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2646980): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2646972): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2646972): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2646563): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d8d1 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec6a0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec688 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2647028 hardirqs last enabled at (2647027): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2647028): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2647024): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2647024): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2646983): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d8f5 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec7c0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec7a8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2647596 hardirqs last enabled at (2647595): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2647596): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2647592): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2647592): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2647031): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d919 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ec8e0 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec8c8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2647988 hardirqs last enabled at (2647987): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2647988): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2647980): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2647980): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2647599): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d93d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0eca00 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ec9e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2648432 hardirqs last enabled at (2648431): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2648432): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2648424): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2648424): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2647993): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001b81d961 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000dc0ecb20 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000dc0ecb08 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: ffff0001b4215e3c x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2648872 hardirqs last enabled at (2648871): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2648872): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2648864): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2648864): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2648435): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- smsusb:smsusb_probe: Device initialized with return code -19 smsusb:smsusb_probe: board id=12, interface number 93 smsusb:smsusb_probe: board id=12, interface number 212 usb 1-1: USB disconnect, device number 90 usb 1-1: new high-speed USB device number 91 using dummy_hcd usb 1-1: Using ep0 maxpacket: 16 usb 1-1: config 5 has an invalid interface number: 93 but max is 2 usb 1-1: config 5 has an invalid interface number: 212 but max is 2 usb 1-1: config 5 has no interface number 1 usb 1-1: config 5 has no interface number 2 usb 1-1: config 5 interface 0 altsetting 5 endpoint 0xC has invalid maxpacket 1023, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x7 has invalid maxpacket 512, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 0 altsetting 5 endpoint 0x1 has invalid maxpacket 1024, setting to 64 usb 1-1: config 5 interface 0 altsetting 5 has a duplicate endpoint with address 0x2, skipping usb 1-1: config 5 interface 0 altsetting 5 has an invalid endpoint with address 0x80, skipping usb 1-1: config 5 interface 93 altsetting 7 endpoint 0xA has invalid maxpacket 511, setting to 64 usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0xB, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x1, skipping usb 1-1: config 5 interface 212 altsetting 1 has an invalid endpoint with address 0x0, skipping usb 1-1: config 5 interface 212 altsetting 1 has a duplicate endpoint with address 0x9, skipping usb 1-1: config 5 interface 0 has no altsetting 0 usb 1-1: config 5 interface 93 has no altsetting 0 usb 1-1: config 5 interface 212 has no altsetting 0 usb 1-1: Dual-Role OTG device on HNP port usb 1-1: New USB device found, idVendor=187f, idProduct=0302, bcdDevice= 8.17 usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 1-1: Product: syz usb 1-1: Manufacturer: syz usb 1-1: SerialNumber: syz usb 1-1: Interface #212 referenced by multiple IADs smsusb:smsusb_probe: board id=12, interface number 0 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001927b01d x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000c93d8100 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000c93d80e8 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2661710 hardirqs last enabled at (2661709): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2661710): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2659418): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2659418): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2659383): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001927b041 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000c93d8220 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000c93d8208 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2662128 hardirqs last enabled at (2662127): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2662128): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2662120): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2662120): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2661713): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580 x29: ffff8000973566b0 x28: 0000000000000000 x27: ffff8000973567e8 x26: 0000000000000001 x25: 1fffe0001927b065 x24: dfff800000000000 x23: ffff700012e6acb0 x22: ffff0000c93d8340 x21: ffff8000973565a0 x20: 0000000000000001 x19: ffff0000c93d8328 x18: 1fffe00036842bc6 x17: ffff80008deed000 x16: ffff80008a3953c0 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000040000 x10: 000000000003ffff x9 : ffff8000a3cfb000 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __flush_work+0x1b4/0x1c0 __cancel_work_timer+0x3e4/0x540 kernel/workqueue.c:3276 cancel_work_sync+0x24/0x38 kernel/workqueue.c:3312 smsusb_stop_streaming drivers/media/usb/siano/smsusb.c:182 [inline] smsusb_term_device+0x98/0x1cc drivers/media/usb/siano/smsusb.c:344 smsusb_init_device drivers/media/usb/siano/smsusb.c:419 [inline] smsusb_probe+0xcb8/0x1a0c drivers/media/usb/siano/smsusb.c:567 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_set_configuration+0x15cc/0x1b38 drivers/usb/core/message.c:2211 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293 really_probe+0x394/0xa7c drivers/base/dd.c:658 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:800 driver_probe_device+0x78/0x330 drivers/base/dd.c:830 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:958 bus_for_each_drv+0x228/0x2bc drivers/base/bus.c:457 __device_attach+0x2b4/0x434 drivers/base/dd.c:1030 device_initial_probe+0x24/0x34 drivers/base/dd.c:1079 bus_probe_device+0x178/0x240 drivers/base/bus.c:532 device_add+0xa44/0xdf0 drivers/base/core.c:3625 usb_new_device+0x904/0x142c drivers/usb/core/hub.c:2575 hub_port_connect drivers/usb/core/hub.c:5407 [inline] hub_port_connect_change drivers/usb/core/hub.c:5551 [inline] port_event drivers/usb/core/hub.c:5711 [inline] hub_event+0x25e4/0x474c drivers/usb/core/hub.c:5793 process_one_work+0x788/0x12d4 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0xb68/0xfe8 kernel/workqueue.c:2554 kthread+0x288/0x310 kernel/kthread.c:379 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:853 irq event stamp: 2662560 hardirqs last enabled at (2662559): [] __cancel_work_timer+0x3a4/0x540 kernel/workqueue.c:3269 hardirqs last disabled at (2662560): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:407 softirqs last enabled at (2662552): [] softirq_handle_end kernel/softirq.c:414 [inline] softirqs last enabled at (2662552): [] __do_softirq+0xac0/0xd54 kernel/softirq.c:600 softirqs last disabled at (2662131): [] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 6056 at kernel/workqueue.c:3182 __flush_work+0x1b4/0x1c0 Modules linked in: CPU: 0 PID: 6056 Comm: kworker/0:3 Tainted: G W 6.4.0-rc7-syzkaller-ge40939bbfc68 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Workqueue: usb_hub_wq hub_event pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_work+0x1b4/0x1c0 lr : __flush_work+0x1b0/0x1c0 kernel/workqueue.c:3182 sp : ffff800097356580