program:
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x1)
memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da00090589"], 0x0)

[   73.124644][ T5332] Bluetooth: hci0: command tx timeout
[   73.458225][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   73.609126][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[   73.612910][   T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[   73.618039][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 46701, setting to 64
[   73.623534][   T10] usb 5-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[   73.627083][   T10] usb 5-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[   73.630852][   T10] usb 5-1: Manufacturer: syz
[   73.634846][   T10] usb 5-1: config 0 descriptor??
[   73.643143][   T10] smsusb:smsusb_probe: board id=9, interface number 0
[   73.648386][   T10] smsusb:siano_media_device_register: media controller created
[   73.654613][   T10] smsusb:smsusb_start_streaming: smsusb_submit_urb(...) failed
[   73.658715][   T10] smsusb:smsusb_init_device: smsusb_start_streaming(...) failed
[   73.662792][   T10] ------------[ cut here ]------------
[   73.665090][   T10] WARNING: CPU: 0 PID: 10 at mm/slub.c:4790 free_large_kmalloc+0x15c/0x1f0
[   73.669552][   T10] Modules linked in:
[   73.671340][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) 
[   73.675267][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.680185][   T10] Workqueue: usb_hub_wq hub_event
[   73.682389][   T10] RIP: 0010:free_large_kmalloc+0x15c/0x1f0
[   73.685295][   T10] Code: 44 89 f6 e8 b6 19 fd ff 65 48 8b 05 fe 22 87 10 48 3b 44 24 08 75 57 48 83 c4 10 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc 90 <0f> 0b 90 65 48 8b 05 d9 22 87 10 48 3b 44 24 08 75 32 48 89 df 48
[   73.693834][   T10] RSP: 0018:ffffc900001c6b00 EFLAGS: 00010206
[   73.696455][   T10] RAX: 00000000ff000000 RBX: ffffea00014cb880 RCX: 0000000000000000
[   73.699941][   T10] RDX: 0000000000000000 RSI: ffff8880532e2000 RDI: ffffea00014cb880
[   73.703304][   T10] RBP: 0000000000000100 R08: ffff888036bbb403 R09: 1ffff11006d77680
[   73.706809][   T10] R10: dffffc0000000000 R11: ffffed1006d77681 R12: 1ffff11007e08a82
[   73.710383][   T10] R13: 0000000000000000 R14: ffff888036bbb460 R15: dffffc0000000000
[   73.713822][   T10] FS:  0000000000000000(0000) GS:ffff88808d210000(0000) knlGS:0000000000000000
[   73.717996][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.721189][   T10] CR2: 0000561fa0fc2da8 CR3: 0000000000763000 CR4: 0000000000352ef0
[   73.724825][   T10] Call Trace:
[   73.726369][   T10]  <TASK>
[   73.727887][   T10]  usb_free_urb+0xd0/0x120
[   73.730354][   T10]  smsusb_term_device+0x1d6/0x3b0
[   73.732627][   T10]  smsusb_probe+0x1a04/0x2060
[   73.734890][   T10]  ? __pfx_smsusb_probe+0x10/0x10
[   73.737240][   T10]  ? __pfx_smsusb_sendrequest+0x10/0x10
[   73.739937][   T10]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   73.742654][   T10]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   73.745467][   T10]  ? __pm_runtime_set_status+0x785/0xa50
[   73.747881][   T10]  usb_probe_interface+0x668/0xc30
[   73.750015][   T10]  ? __pfx_usb_probe_interface+0x10/0x10
[   73.752176][   T10]  really_probe+0x26a/0x9e0
[   73.753902][   T10]  __driver_probe_device+0x18c/0x2f0
[   73.756129][   T10]  driver_probe_device+0x4f/0x430
[   73.758374][   T10]  __device_attach_driver+0x2ce/0x530
[   73.760625][   T10]  bus_for_each_drv+0x251/0x2e0
[   73.762869][   T10]  ? __pfx___device_attach_driver+0x10/0x10
[   73.765732][   T10]  ? __pfx_bus_for_each_drv+0x10/0x10
[   73.768461][   T10]  __device_attach+0x2b8/0x400
[   73.770704][   T10]  ? __pfx___device_attach+0x10/0x10
[   73.773194][   T10]  ? do_raw_spin_unlock+0x4d/0x240
[   73.775643][   T10]  bus_probe_device+0x185/0x260
[   73.777995][   T10]  device_add+0x7b6/0xb50
[   73.779997][   T10]  usb_set_configuration+0x1a87/0x20e0
[   73.782509][   T10]  usb_generic_driver_probe+0x8d/0x150
[   73.785022][   T10]  usb_probe_device+0x1c1/0x390
[   73.787587][   T10]  ? __pfx_usb_probe_device+0x10/0x10
[   73.789844][   T10]  really_probe+0x26a/0x9e0
[   73.792768][   T10]  __driver_probe_device+0x18c/0x2f0
[   73.795120][   T10]  driver_probe_device+0x4f/0x430
[   73.797672][   T10]  __device_attach_driver+0x2ce/0x530
[   73.800094][   T10]  bus_for_each_drv+0x251/0x2e0
[   73.802286][   T10]  ? __pfx___device_attach_driver+0x10/0x10
[   73.804900][   T10]  ? __pfx_bus_for_each_drv+0x10/0x10
[   73.807073][   T10]  __device_attach+0x2b8/0x400
[   73.809116][   T10]  ? __pfx___device_attach+0x10/0x10
[   73.811306][   T10]  ? do_raw_spin_unlock+0x4d/0x240
[   73.813387][   T10]  bus_probe_device+0x185/0x260
[   73.815388][   T10]  device_add+0x7b6/0xb50
[   73.817178][   T10]  usb_new_device+0xa39/0x16f0
[   73.819405][   T10]  ? __pfx_usb_new_device+0x10/0x10
[   73.821742][   T10]  ? rcu_is_watching+0x15/0xb0
[   73.823878][   T10]  hub_event+0x2958/0x4a20
[   73.825881][   T10]  ? __pfx_hub_event+0x10/0x10
[   73.828115][   T10]  ? rcu_is_watching+0x15/0xb0
[   73.830292][   T10]  ? lock_acquire+0x5f/0x360
[   73.832376][   T10]  ? rcu_is_watching+0x15/0xb0
[   73.834513][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   73.836914][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   73.839307][   T10]  process_scheduled_works+0xae1/0x17b0
[   73.841573][   T10]  ? __pfx_process_scheduled_works+0x10/0x10
[   73.844244][   T10]  worker_thread+0x8a0/0xda0
[   73.846309][   T10]  kthread+0x70e/0x8a0
[   73.848144][   T10]  ? __pfx_worker_thread+0x10/0x10
[   73.850265][   T10]  ? __pfx_kthread+0x10/0x10
[   73.852373][   T10]  ? _raw_spin_unlock_irq+0x23/0x50
[   73.854996][   T10]  ? lockdep_hardirqs_on+0x9c/0x150
[   73.857589][   T10]  ? __pfx_kthread+0x10/0x10
[   73.859832][   T10]  ret_from_fork+0x3f9/0x770
[   73.861835][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[   73.864076][   T10]  ? __pfx_kthread+0x10/0x10
[   73.866193][   T10]  ret_from_fork_asm+0x1a/0x30
[   73.868458][   T10]  </TASK>
[   73.869940][   T10] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   73.873062][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) 
[   73.876924][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.881503][   T10] Workqueue: usb_hub_wq hub_event
[   73.883639][   T10] Call Trace:
[   73.885314][   T10]  <TASK>
[   73.886802][   T10]  dump_stack_lvl+0x99/0x250
[   73.889407][   T10]  ? __asan_memcpy+0x40/0x70
[   73.891929][   T10]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.894684][   T10]  ? __pfx__printk+0x10/0x10
[   73.896766][   T10]  vpanic+0x281/0x750
[   73.898545][   T10]  ? __pfx__printk+0x10/0x10
[   73.900620][   T10]  ? __pfx_vpanic+0x10/0x10
[   73.902674][   T10]  ? is_bpf_text_address+0x26/0x2b0
[   73.904981][   T10]  panic+0xb9/0xc0
[   73.906629][   T10]  ? __pfx_panic+0x10/0x10
[   73.908668][   T10]  __warn+0x31b/0x4b0
[   73.910500][   T10]  ? free_large_kmalloc+0x15c/0x1f0
[   73.912763][   T10]  ? free_large_kmalloc+0x15c/0x1f0
[   73.915321][   T10]  report_bug+0x2be/0x4f0
[   73.917320][   T10]  ? free_large_kmalloc+0x15c/0x1f0
[   73.919748][   T10]  ? free_large_kmalloc+0x15c/0x1f0
[   73.922147][   T10]  ? free_large_kmalloc+0x15e/0x1f0
[   73.924557][   T10]  handle_bug+0x84/0x160
[   73.926488][   T10]  exc_invalid_op+0x1a/0x50
[   73.928404][   T10]  asm_exc_invalid_op+0x1a/0x20
[   73.930445][   T10] RIP: 0010:free_large_kmalloc+0x15c/0x1f0
[   73.932964][   T10] Code: 44 89 f6 e8 b6 19 fd ff 65 48 8b 05 fe 22 87 10 48 3b 44 24 08 75 57 48 83 c4 10 5b 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc 90 <0f> 0b 90 65 48 8b 05 d9 22 87 10 48 3b 44 24 08 75 32 48 89 df 48
[   73.941208][   T10] RSP: 0018:ffffc900001c6b00 EFLAGS: 00010206
[   73.944025][   T10] RAX: 00000000ff000000 RBX: ffffea00014cb880 RCX: 0000000000000000
[   73.947338][   T10] RDX: 0000000000000000 RSI: ffff8880532e2000 RDI: ffffea00014cb880
[   73.950705][   T10] RBP: 0000000000000100 R08: ffff888036bbb403 R09: 1ffff11006d77680
[   73.954114][   T10] R10: dffffc0000000000 R11: ffffed1006d77681 R12: 1ffff11007e08a82
[   73.957718][   T10] R13: 0000000000000000 R14: ffff888036bbb460 R15: dffffc0000000000
[   73.961223][   T10]  usb_free_urb+0xd0/0x120
[   73.963309][   T10]  smsusb_term_device+0x1d6/0x3b0
[   73.965607][   T10]  smsusb_probe+0x1a04/0x2060
[   73.967555][   T10]  ? __pfx_smsusb_probe+0x10/0x10
[   73.969578][   T10]  ? __pfx_smsusb_sendrequest+0x10/0x10
[   73.971852][   T10]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   73.974276][   T10]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   73.976794][   T10]  ? __pm_runtime_set_status+0x785/0xa50
[   73.979034][   T10]  usb_probe_interface+0x668/0xc30
[   73.981385][   T10]  ? __pfx_usb_probe_interface+0x10/0x10
[   73.983948][   T10]  really_probe+0x26a/0x9e0
[   73.985919][   T10]  __driver_probe_device+0x18c/0x2f0
[   73.988198][   T10]  driver_probe_device+0x4f/0x430
[   73.990506][   T10]  __device_attach_driver+0x2ce/0x530
[   73.992869][   T10]  bus_for_each_drv+0x251/0x2e0
[   73.995121][   T10]  ? __pfx___device_attach_driver+0x10/0x10
[   73.998091][   T10]  ? __pfx_bus_for_each_drv+0x10/0x10
[   74.000511][   T10]  __device_attach+0x2b8/0x400
[   74.002755][   T10]  ? __pfx___device_attach+0x10/0x10
[   74.005211][   T10]  ? do_raw_spin_unlock+0x4d/0x240
[   74.007306][   T10]  bus_probe_device+0x185/0x260
[   74.009445][   T10]  device_add+0x7b6/0xb50
[   74.011300][   T10]  usb_set_configuration+0x1a87/0x20e0
[   74.013952][   T10]  usb_generic_driver_probe+0x8d/0x150
[   74.016671][   T10]  usb_probe_device+0x1c1/0x390
[   74.018703][   T10]  ? __pfx_usb_probe_device+0x10/0x10
[   74.021030][   T10]  really_probe+0x26a/0x9e0
[   74.023025][   T10]  __driver_probe_device+0x18c/0x2f0
[   74.025340][   T10]  driver_probe_device+0x4f/0x430
[   74.027481][   T10]  __device_attach_driver+0x2ce/0x530
[   74.029948][   T10]  bus_for_each_drv+0x251/0x2e0
[   74.032024][   T10]  ? __pfx___device_attach_driver+0x10/0x10
[   74.034657][   T10]  ? __pfx_bus_for_each_drv+0x10/0x10
[   74.037121][   T10]  __device_attach+0x2b8/0x400
[   74.039299][   T10]  ? __pfx___device_attach+0x10/0x10
[   74.041814][   T10]  ? do_raw_spin_unlock+0x4d/0x240
[   74.043987][   T10]  bus_probe_device+0x185/0x260
[   74.046088][   T10]  device_add+0x7b6/0xb50
[   74.047963][   T10]  usb_new_device+0xa39/0x16f0
[   74.050135][   T10]  ? __pfx_usb_new_device+0x10/0x10
[   74.052269][   T10]  ? rcu_is_watching+0x15/0xb0
[   74.054187][   T10]  hub_event+0x2958/0x4a20
[   74.056002][   T10]  ? __pfx_hub_event+0x10/0x10
[   74.058227][   T10]  ? rcu_is_watching+0x15/0xb0
[   74.060378][   T10]  ? lock_acquire+0x5f/0x360
[   74.062336][   T10]  ? rcu_is_watching+0x15/0xb0
[   74.064519][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   74.067361][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   74.070161][   T10]  process_scheduled_works+0xae1/0x17b0
[   74.072859][   T10]  ? __pfx_process_scheduled_works+0x10/0x10
[   74.075544][   T10]  worker_thread+0x8a0/0xda0
[   74.077550][   T10]  kthread+0x70e/0x8a0
[   74.079289][   T10]  ? __pfx_worker_thread+0x10/0x10
[   74.081501][   T10]  ? __pfx_kthread+0x10/0x10
[   74.083566][   T10]  ? _raw_spin_unlock_irq+0x23/0x50
[   74.085833][   T10]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.088075][   T10]  ? __pfx_kthread+0x10/0x10
[   74.090446][   T10]  ret_from_fork+0x3f9/0x770
[   74.092879][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[   74.095441][   T10]  ? __pfx_kthread+0x10/0x10
[   74.097707][   T10]  ret_from_fork_asm+0x1a/0x30
[   74.099799][   T10]  </TASK>
[   74.101488][   T10] Kernel Offset: disabled
[   74.103349][   T10] Rebooting in 86400 seconds..