[   87.872773][  T842] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:36205' (ED25519) to the list of known hosts.
2025/09/11 03:01:10 parsed 1 programs
[   96.304665][   T40] audit: type=1400 audit(1757559672.300:116): avc:  denied  { unlink } for  pid=6223 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   97.307534][ T6223] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   98.912734][ T6071] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   98.916073][ T6071] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.918887][ T6071] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.922828][ T6071] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.925963][ T6071] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   99.230658][ T6241] chnl_net:caif_netlink_parms(): no params data found
[   99.317918][ T6241] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.320329][ T6241] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.322651][ T6241] bridge_slave_0: entered allmulticast mode
[   99.325318][ T6241] bridge_slave_0: entered promiscuous mode
[   99.328829][ T6241] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.332077][ T6241] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.335095][ T6241] bridge_slave_1: entered allmulticast mode
[   99.338031][ T6241] bridge_slave_1: entered promiscuous mode
[   99.370629][ T6241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.376399][ T6241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.410899][ T6241] team0: Port device team_slave_0 added
[   99.416779][ T6241] team0: Port device team_slave_1 added
[   99.468482][ T6241] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.470642][ T6241] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.480163][ T6241] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.484658][ T6241] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.486897][ T6241] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.495382][ T6241] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.541242][ T6241] hsr_slave_0: entered promiscuous mode
[   99.543644][ T6241] hsr_slave_1: entered promiscuous mode
[  100.000194][ T6241] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.009236][ T6241] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.014190][ T6241] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.019120][ T6241] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.043674][ T6241] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.046798][ T6241] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.049999][ T6241] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.053059][ T6241] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.085033][ T6241] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.093666][ T1240] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.097722][ T1240] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.113913][ T6241] 8021q: adding VLAN 0 to HW filter on device team0
[  100.124725][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.127100][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.133855][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.136926][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.248706][ T6241] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.281647][ T6241] veth0_vlan: entered promiscuous mode
[  100.288524][ T6241] veth1_vlan: entered promiscuous mode
[  100.305051][ T6241] veth0_macvtap: entered promiscuous mode
[  100.309117][ T6241] veth1_macvtap: entered promiscuous mode
[  100.321249][ T6241] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.328698][ T6241] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.336870][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.339580][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.343097][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.345896][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.436504][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.468987][   T40] audit: type=1401 audit(1757559676.460:117): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[  100.503695][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.552937][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.641058][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.994385][ T1240] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.996895][ T1240] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.016363][ T1240] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.019147][ T1240] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/09/11 03:01:18 executed programs: 0
[  102.313908][ T5332] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  102.316937][ T5332] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  102.320177][ T5332] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  102.325144][ T5332] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  102.328569][ T5332] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.446893][ T6386] chnl_net:caif_netlink_parms(): no params data found
[  102.525119][ T6386] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.527353][ T6386] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.529634][ T6386] bridge_slave_0: entered allmulticast mode
[  102.532333][ T6386] bridge_slave_0: entered promiscuous mode
[  102.535739][ T6386] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.537987][ T6386] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.540163][ T6386] bridge_slave_1: entered allmulticast mode
[  102.543399][ T6386] bridge_slave_1: entered promiscuous mode
[  102.575414][ T6386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.579902][ T6386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.618529][ T6386] team0: Port device team_slave_0 added
[  102.623516][ T6386] team0: Port device team_slave_1 added
[  102.654864][ T6386] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.657394][ T6386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.665394][ T6386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.669654][ T6386] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.671835][ T6386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.680097][ T6386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.719449][ T6386] hsr_slave_0: entered promiscuous mode
[  102.721777][ T6386] hsr_slave_1: entered promiscuous mode
[  102.724313][ T6386] debugfs: 'hsr0' already exists in 'hsr'
[  102.726359][ T6386] Cannot create hsr debugfs directory
[  103.670779][   T12] bridge_slave_1: left allmulticast mode
[  103.672758][   T12] bridge_slave_1: left promiscuous mode
[  103.674612][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.680571][   T12] bridge_slave_0: left allmulticast mode
[  103.682879][   T12] bridge_slave_0: left promiscuous mode
[  103.684717][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.876458][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.880639][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.884412][   T12] bond0 (unregistering): Released all slaves
[  104.007983][   T12] hsr_slave_0: left promiscuous mode
[  104.010894][   T12] hsr_slave_1: left promiscuous mode
[  104.014071][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.017117][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.020778][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.024016][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.041074][   T12] veth1_macvtap: left promiscuous mode
[  104.043383][   T12] veth0_macvtap: left promiscuous mode
[  104.045266][   T12] veth1_vlan: left promiscuous mode
[  104.046928][   T12] veth0_vlan: left promiscuous mode
[  104.363634][ T5332] Bluetooth: hci0: command tx timeout
[  104.523043][   T12] team0 (unregistering): Port device team_slave_1 removed
[  104.561358][   T12] team0 (unregistering): Port device team_slave_0 removed
[  105.295785][ T6386] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.301031][ T6386] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.311592][ T6386] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.317699][ T6386] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.368956][ T6386] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.382580][ T6386] 8021q: adding VLAN 0 to HW filter on device team0
[  105.389741][   T71] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.392795][   T71] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.400120][ T1240] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.402487][ T1240] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.758498][ T6386] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.785627][ T6386] veth0_vlan: entered promiscuous mode
[  105.792229][ T6386] veth1_vlan: entered promiscuous mode
[  105.817004][ T6386] veth0_macvtap: entered promiscuous mode
[  105.820832][ T6386] veth1_macvtap: entered promiscuous mode
[  105.842732][ T6386] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.850755][ T6386] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.858732][   T98] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.862486][   T98] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.866296][   T98] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.869354][   T98] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.936181][  T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.939334][  T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.956380][   T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.959511][   T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.985420][   T40] audit: type=1400 audit(1757559681.980:118): avc:  denied  { map_create } for  pid=6431 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  105.993135][   T40] audit: type=1400 audit(1757559681.980:119): avc:  denied  { perfmon } for  pid=6431 comm="syz.0.16" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  106.000839][   T40] audit: type=1400 audit(1757559681.980:120): avc:  denied  { map_read map_write } for  pid=6431 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  106.008447][   T40] audit: type=1400 audit(1757559681.980:121): avc:  denied  { read write } for  pid=6431 comm="syz.0.16" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.017388][   T40] audit: type=1400 audit(1757559681.980:122): avc:  denied  { open } for  pid=6431 comm="syz.0.16" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.026530][   T40] audit: type=1400 audit(1757559681.980:123): avc:  denied  { ioctl } for  pid=6431 comm="syz.0.16" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.242746][   T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  106.412274][   T24] usb 5-1: Using ep0 maxpacket: 8
[  106.416107][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  106.419179][   T24] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  106.422333][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  106.425972][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 255, changing to 11
[  106.429513][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 59391, setting to 1024
[  106.433228][ T5332] Bluetooth: hci0: command tx timeout
[  106.437008][   T24] usb 5-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad
[  106.439931][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.442489][   T24] usb 5-1: Product: syz
[  106.443823][   T24] usb 5-1: Manufacturer: syz
[  106.445393][   T24] usb 5-1: SerialNumber: syz
[  106.449444][   T24] usb 5-1: config 0 descriptor??
[  106.452588][ T6432] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  106.456855][   T24] smsusb:smsusb_probe: board id=2, interface number 0
[  106.462455][   T24] smsusb:siano_media_device_register: media controller created
[  106.465826][   T24] usb 5-1: BOGUS urb xfer, pipe 3 != type 1
[  106.467713][   T24] smsusb:smsusb_start_streaming: smsusb_submit_urb(...) failed
[  106.470097][   T24] smsusb:smsusb_init_device: smsusb_start_streaming(...) failed
[  106.473515][   T24] ------------[ cut here ]------------
[  106.475217][   T24] WARNING: CPU: 2 PID: 24 at mm/slub.c:4805 free_large_kmalloc+0x114/0x180
[  106.477888][   T24] Modules linked in:
[  106.479330][   T24] CPU: 2 UID: 0 PID: 24 Comm: kworker/2:0 Not tainted syzkaller #0 PREEMPT(full) 
[  106.484138][   T24] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.487457][   T24] Workqueue: usb_hub_wq hub_event
[  106.489038][   T24] RIP: 0010:free_large_kmalloc+0x114/0x180
[  106.490870][   T24] Code: 00 00 00 48 89 df e8 ab cc 13 00 e8 36 d6 ac ff 9c 58 f6 c4 02 75 6f fb eb 83 48 c7 c6 90 c0 c9 8d e8 f0 9f ed ff 90 0f 0b 90 <0f> 0b 90 48 c7 c6 14 e6 e3 8d 48 89 df 5b 5d 41 5c 41 5d e9 d4 9f
[  106.496928][   T24] RSP: 0018:ffffc9000062edb0 EFLAGS: 00010202
[  106.498818][   T24] RAX: 00fff00000000000 RBX: ffffea0001425880 RCX: ffffffff816cb6ee
[  106.501196][   T24] RDX: 00000000000000ff RSI: ffff888050962000 RDI: ffffea0001425880
[  106.503740][   T24] RBP: ffff888050962000 R08: 0000000000000007 R09: 0000000000000000
[  106.506357][   T24] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88803c53f000
[  106.509158][   T24] R13: ffff888050e10000 R14: dffffc0000000000 R15: ffff88803c53f0f0
[  106.511584][   T24] FS:  0000000000000000(0000) GS:ffff8880d68b5000(0000) knlGS:0000000000000000
[  106.514496][   T24] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  106.516533][   T24] CR2: 000055c1446bf280 CR3: 0000000051baf000 CR4: 0000000000352ef0
[  106.519027][   T24] Call Trace:
[  106.520122][   T24]  <TASK>
[  106.521065][   T24]  usb_free_urb.part.0+0xe5/0x100
[  106.522692][   T24]  usb_free_urb+0x1f/0x30
[  106.524106][   T24]  smsusb_term_device+0x108/0x1e0
[  106.525738][   T24]  smsusb_init_device+0xaa0/0xe00
[  106.527340][   T24]  ? __pfx_smsusb_init_device+0x10/0x10
[  106.529113][   T24]  ? __pfx_smsusb_sendrequest+0x10/0x10
[  106.530863][   T24]  ? usb_clear_halt+0x61/0x160
[  106.532466][   T24]  smsusb_probe+0x5d3/0x1090
[  106.533937][   T24]  ? __pfx_smsusb_probe+0x10/0x10
[  106.535517][   T24]  ? mark_held_locks+0x49/0x80
[  106.537042][   T24]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  106.538888][   T24]  ? __pm_runtime_set_status+0x13c/0xa80
[  106.540643][   T24]  usb_probe_interface+0x303/0xa40
[  106.542342][   T24]  ? __pfx_usb_probe_interface+0x10/0x10
[  106.544103][   T24]  really_probe+0x241/0xa90
[  106.545548][   T24]  __driver_probe_device+0x1de/0x440
[  106.547226][   T24]  driver_probe_device+0x4c/0x1b0
[  106.548898][   T24]  __device_attach_driver+0x1df/0x310
[  106.550560][   T24]  ? __pfx___device_attach_driver+0x10/0x10
[  106.552480][   T24]  bus_for_each_drv+0x159/0x1e0
[  106.554082][   T24]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.555697][   T24]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.557315][   T24]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.559054][   T24]  __device_attach+0x1e4/0x4b0
[  106.560563][   T24]  ? __pfx___device_attach+0x10/0x10
[  106.562286][   T24]  ? do_raw_spin_unlock+0x172/0x230
[  106.563943][   T24]  bus_probe_device+0x17f/0x1c0
[  106.565496][   T24]  device_add+0x1148/0x1aa0
[  106.566936][   T24]  ? __pfx_device_add+0x10/0x10
[  106.568496][   T24]  ? preempt_schedule_thunk+0x16/0x30
[  106.570183][   T24]  usb_set_configuration+0x1187/0x1e20
[  106.571862][   T24]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  106.573841][   T24]  usb_generic_driver_probe+0xb1/0x110
[  106.575543][   T24]  usb_probe_device+0xec/0x3e0
[  106.577067][   T24]  ? __pfx_usb_probe_device+0x10/0x10
[  106.578718][   T24]  really_probe+0x241/0xa90
[  106.580145][   T24]  __driver_probe_device+0x1de/0x440
[  106.581729][   T24]  ? usb_driver_applicable+0x1c7/0x220
[  106.583488][   T24]  driver_probe_device+0x4c/0x1b0
[  106.585265][   T24]  __device_attach_driver+0x1df/0x310
[  106.587042][   T24]  ? __pfx___device_attach_driver+0x10/0x10
[  106.589029][   T24]  bus_for_each_drv+0x159/0x1e0
[  106.590742][   T24]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.592770][   T24]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.594784][   T24]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.596619][   T24]  __device_attach+0x1e4/0x4b0
[  106.598111][   T24]  ? __pfx___device_attach+0x10/0x10
[  106.599729][   T24]  ? do_raw_spin_unlock+0x172/0x230
[  106.601361][   T24]  bus_probe_device+0x17f/0x1c0
[  106.602957][   T24]  device_add+0x1148/0x1aa0
[  106.604571][   T24]  ? __pfx_device_add+0x10/0x10
[  106.606404][   T24]  ? add_device_randomness+0xb7/0xf0
[  106.608376][   T24]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  106.610642][   T24]  usb_new_device+0xd07/0x1a60
[  106.612856][   T24]  ? do_raw_spin_lock+0x12c/0x2b0
[  106.614822][   T24]  ? __pfx_usb_new_device+0x10/0x10
[  106.616805][   T24]  ? mark_held_locks+0x49/0x80
[  106.618475][   T24]  hub_event+0x2f34/0x4fe0
[  106.620136][   T24]  ? __pfx_hub_event+0x10/0x10
[  106.621999][   T24]  ? assoc_array_gc+0x1440/0x15b0
[  106.623988][   T24]  ? rcu_is_watching+0x12/0xc0
[  106.625912][   T24]  process_one_work+0x9cc/0x1b70
[  106.627759][   T24]  ? __pfx_hcd_resume_work+0x10/0x10
[  106.629874][   T24]  ? __pfx_process_one_work+0x10/0x10
[  106.632002][   T24]  ? assign_work+0x1a0/0x250
[  106.633632][   T24]  worker_thread+0x6c8/0xf10
[  106.635420][   T24]  ? __pfx_worker_thread+0x10/0x10
[  106.637364][   T24]  kthread+0x3c2/0x780
[  106.638687][   T24]  ? __pfx_kthread+0x10/0x10
[  106.640182][   T24]  ? rcu_is_watching+0x12/0xc0
[  106.641682][   T24]  ? __pfx_kthread+0x10/0x10
[  106.643212][   T24]  ret_from_fork+0x5d4/0x6f0
[  106.644643][   T24]  ? __pfx_kthread+0x10/0x10
[  106.646040][   T24]  ret_from_fork_asm+0x1a/0x30
[  106.647502][   T24]  </TASK>
[  106.648469][   T24] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  106.650614][   T24] CPU: 2 UID: 0 PID: 24 Comm: kworker/2:0 Not tainted syzkaller #0 PREEMPT(full) 
[  106.653431][   T24] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.656666][   T24] Workqueue: usb_hub_wq hub_event
[  106.658228][   T24] Call Trace:
[  106.659393][   T24]  <TASK>
[  106.660350][   T24]  dump_stack_lvl+0x3d/0x1f0
[  106.661805][   T24]  vpanic+0x6e8/0x7a0
[  106.663061][   T24]  ? __pfx_vpanic+0x10/0x10
[  106.664521][   T24]  ? free_large_kmalloc+0x114/0x180
[  106.666240][   T24]  panic+0xca/0xd0
[  106.667433][   T24]  ? __pfx_panic+0x10/0x10
[  106.668859][   T24]  ? check_panic_on_warn+0x1f/0xb0
[  106.670419][   T24]  check_panic_on_warn+0xab/0xb0
[  106.671968][   T24]  __warn+0xf6/0x3c0
[  106.673228][   T24]  ? free_large_kmalloc+0x114/0x180
[  106.674839][   T24]  report_bug+0x3c3/0x580
[  106.676224][   T24]  ? free_large_kmalloc+0x114/0x180
[  106.677844][   T24]  handle_bug+0x184/0x210
[  106.679194][   T24]  exc_invalid_op+0x17/0x50
[  106.680623][   T24]  asm_exc_invalid_op+0x1a/0x20
[  106.682139][   T24] RIP: 0010:free_large_kmalloc+0x114/0x180
[  106.683977][   T24] Code: 00 00 00 48 89 df e8 ab cc 13 00 e8 36 d6 ac ff 9c 58 f6 c4 02 75 6f fb eb 83 48 c7 c6 90 c0 c9 8d e8 f0 9f ed ff 90 0f 0b 90 <0f> 0b 90 48 c7 c6 14 e6 e3 8d 48 89 df 5b 5d 41 5c 41 5d e9 d4 9f
[  106.689743][   T24] RSP: 0018:ffffc9000062edb0 EFLAGS: 00010202
[  106.691610][   T24] RAX: 00fff00000000000 RBX: ffffea0001425880 RCX: ffffffff816cb6ee
[  106.694092][   T24] RDX: 00000000000000ff RSI: ffff888050962000 RDI: ffffea0001425880
[  106.696555][   T24] RBP: ffff888050962000 R08: 0000000000000007 R09: 0000000000000000
[  106.698993][   T24] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88803c53f000
[  106.701420][   T24] R13: ffff888050e10000 R14: dffffc0000000000 R15: ffff88803c53f0f0
[  106.703889][   T24]  ? __phys_addr+0xde/0x180
[  106.705300][   T24]  usb_free_urb.part.0+0xe5/0x100
[  106.707328][   T24]  usb_free_urb+0x1f/0x30
[  106.708821][   T24]  smsusb_term_device+0x108/0x1e0
[  106.710438][   T24]  smsusb_init_device+0xaa0/0xe00
[  106.712129][   T24]  ? __pfx_smsusb_init_device+0x10/0x10
[  106.713969][   T24]  ? __pfx_smsusb_sendrequest+0x10/0x10
[  106.715661][   T24]  ? usb_clear_halt+0x61/0x160
[  106.717152][   T24]  smsusb_probe+0x5d3/0x1090
[  106.718591][   T24]  ? __pfx_smsusb_probe+0x10/0x10
[  106.720175][   T24]  ? mark_held_locks+0x49/0x80
[  106.721679][   T24]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  106.723523][   T24]  ? __pm_runtime_set_status+0x13c/0xa80
[  106.725293][   T24]  usb_probe_interface+0x303/0xa40
[  106.726874][   T24]  ? __pfx_usb_probe_interface+0x10/0x10
[  106.728623][   T24]  really_probe+0x241/0xa90
[  106.730215][   T24]  __driver_probe_device+0x1de/0x440
[  106.732170][   T24]  driver_probe_device+0x4c/0x1b0
[  106.733776][   T24]  __device_attach_driver+0x1df/0x310
[  106.735430][   T24]  ? __pfx___device_attach_driver+0x10/0x10
[  106.737267][   T24]  bus_for_each_drv+0x159/0x1e0
[  106.738799][   T24]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.740479][   T24]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.742087][   T24]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.743921][   T24]  __device_attach+0x1e4/0x4b0
[  106.745416][   T24]  ? __pfx___device_attach+0x10/0x10
[  106.747060][   T24]  ? do_raw_spin_unlock+0x172/0x230
[  106.748707][   T24]  bus_probe_device+0x17f/0x1c0
[  106.750224][   T24]  device_add+0x1148/0x1aa0
[  106.751624][   T24]  ? __pfx_device_add+0x10/0x10
[  106.753197][   T24]  ? preempt_schedule_thunk+0x16/0x30
[  106.754906][   T24]  usb_set_configuration+0x1187/0x1e20
[  106.756621][   T24]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  106.758493][   T24]  usb_generic_driver_probe+0xb1/0x110
[  106.760175][   T24]  usb_probe_device+0xec/0x3e0
[  106.761674][   T24]  ? __pfx_usb_probe_device+0x10/0x10
[  106.763305][   T24]  really_probe+0x241/0xa90
[  106.764758][   T24]  __driver_probe_device+0x1de/0x440
[  106.766404][   T24]  ? usb_driver_applicable+0x1c7/0x220
[  106.768316][   T24]  driver_probe_device+0x4c/0x1b0
[  106.770336][   T24]  __device_attach_driver+0x1df/0x310
[  106.772349][   T24]  ? __pfx___device_attach_driver+0x10/0x10
[  106.774191][   T24]  bus_for_each_drv+0x159/0x1e0
[  106.775724][   T24]  ? __pfx_bus_for_each_drv+0x10/0x10
[  106.777409][   T24]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.779314][   T24]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.781594][   T24]  __device_attach+0x1e4/0x4b0
[  106.783306][   T24]  ? __pfx___device_attach+0x10/0x10
[  106.785004][   T24]  ? do_raw_spin_unlock+0x172/0x230
[  106.786687][   T24]  bus_probe_device+0x17f/0x1c0
[  106.788484][   T24]  device_add+0x1148/0x1aa0
[  106.789991][   T24]  ? __pfx_device_add+0x10/0x10
[  106.791940][   T24]  ? add_device_randomness+0xb7/0xf0
[  106.794026][   T24]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  106.796348][   T24]  usb_new_device+0xd07/0x1a60
[  106.798249][   T24]  ? do_raw_spin_lock+0x12c/0x2b0
[  106.799960][   T24]  ? __pfx_usb_new_device+0x10/0x10
[  106.801579][   T24]  ? mark_held_locks+0x49/0x80
[  106.803076][   T24]  hub_event+0x2f34/0x4fe0
[  106.804523][   T24]  ? __pfx_hub_event+0x10/0x10
[  106.805985][   T24]  ? assoc_array_gc+0x1440/0x15b0
[  106.807576][   T24]  ? rcu_is_watching+0x12/0xc0
[  106.809080][   T24]  process_one_work+0x9cc/0x1b70
[  106.810595][   T24]  ? __pfx_hcd_resume_work+0x10/0x10
[  106.812269][   T24]  ? __pfx_process_one_work+0x10/0x10
[  106.813959][   T24]  ? assign_work+0x1a0/0x250
[  106.815394][   T24]  worker_thread+0x6c8/0xf10
[  106.816869][   T24]  ? __pfx_worker_thread+0x10/0x10
[  106.818479][   T24]  kthread+0x3c2/0x780
[  106.819759][   T24]  ? __pfx_kthread+0x10/0x10
[  106.821489][   T24]  ? rcu_is_watching+0x12/0xc0
[  106.823017][   T24]  ? __pfx_kthread+0x10/0x10
[  106.824856][   T24]  ret_from_fork+0x5d4/0x6f0
[  106.826722][   T24]  ? __pfx_kthread+0x10/0x10
[  106.828604][   T24]  ret_from_fork_asm+0x1a/0x30
[  106.830389][   T24]  </TASK>
[  106.831908][   T24] Kernel Offset: disabled
[  106.833310][   T24] Rebooting in 86400 seconds..