./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4189024194

<...>
DUID 00:04:23:68:77:f1:65:66:05:56:fc:6e:24:65:03:30:d5:25
forked to background, child pid 4666
[   20.671556][ T4667] 8021q: adding VLAN 0 to HW filter on device bond0
[   20.681244][ T4667] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts.
execve("./syz-executor4189024194", ["./syz-executor4189024194"], 0x7fff44f588b0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555560e0000
brk(0x5555560e0c40)                     = 0x5555560e0c40
arch_prctl(ARCH_SET_FS, 0x5555560e0300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor4189024194", 4096) = 28
brk(0x555556101c40)                     = 0x555556101c40
brk(0x555556102000)                     = 0x555556102000
mprotect(0x7fe971da1000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid()                                = 4997
openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3
write(3, "10000000000", 11)             = 11
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3
write(3, "20", 2)                       = 2
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
write(3, "100", 3)                      = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3
write(3, "7 4 1 3", 7)                  = 7
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3
write(3, "4997", 4)                     = 4
close(3)                                = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=784, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=4997}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x2e\x00\x00\x00\x98\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 784
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4997}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4997}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4997}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4997}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4997}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5)                                = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=4997}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
close(3)                                = 0
close(4)                                = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5000 attached
, child_tidptr=0x5555560e05d0) = 5000
[pid  5000] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5000] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5000] setsid()                    = 1
[pid  5000] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5000] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5000] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5000] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5000] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5000] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5000] unshare(CLONE_NEWNS)        = 0
[pid  5000] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5000] unshare(CLONE_NEWIPC)       = 0
[pid  5000] unshare(CLONE_NEWCGROUP)    = 0
[pid  5000] unshare(CLONE_NEWUTS)       = 0
[pid  5000] unshare(CLONE_SYSVSEM)      = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "16777216", 8)     = 8
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "536870912", 9)    = 9
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "1024", 4)         = 4
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "8192", 4)         = 4
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "1024", 4)         = 4
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "1024", 4)         = 4
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5000] close(3)                    = 0
[pid  5000] getpid()                    = 1
[pid  5000] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5000] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5000] unshare(CLONE_NEWNET)       = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "0 65535", 7)      = 7
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  5000] dup2(3, 200)                = 200
[pid  5000] close(3)                    = 0
[pid  5000] ioctl(200, TUNSETIFF, 0x7ffde1618cc0) = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "0", 1)            = 1
[pid  5000] close(3)                    = 0
[pid  5000] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  5000] write(3, "0", 1)            = 1
[pid  5000] close(3)                    = 0
[pid  5000] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  5000] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5000] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5000] close(4)                    = 0
[pid  5000] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5000] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5000] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5000] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5000] close(4)                    = 0
[pid  5000] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5000] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5000] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5000] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5000] close(4)                    = 0
[pid  5000] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  5000] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5000] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5000] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5000] close(4)                    = 0
[pid  5000] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  5000] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5000] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5000] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5000] close(4)                    = 0
[pid  5000] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  5000] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5000] close(3)                    = 0
[pid  5000] mkdir("/dev/binderfs", 0777) = 0
[pid  5000] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5000] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5000] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid  5000] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 18
syzkaller login: [   41.129140][  T896] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[   41.379111][  T896] usb 1-1: Using ep0 maxpacket: 8
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 18
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 9
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 18
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 4
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 8
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 8
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffde1616c20) = 8
[pid  5000] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffde1617c30) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid  5000] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffde1616c20) = 0
[   41.659170][  T896] usb 1-1: New USB device found, idVendor=2040, idProduct=f5a0, bcdDevice=62.4d
[   41.668606][  T896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   41.676632][  T896] usb 1-1: Product: syz
[   41.680837][  T896] usb 1-1: Manufacturer: syz
[   41.685426][  T896] usb 1-1: SerialNumber: syz
[   41.692134][  T896] usb 1-1: config 0 descriptor??
[pid  5000] close(3)                    = 0
[pid  5000] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5000] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5000] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5000] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5000] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5000] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5000] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5000] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5000] exit_group(1)               = ?
[   41.990909][  T896] smsusb:smsusb_probe: board id=8, interface number 0
[   41.997807][  T896] ------------[ cut here ]------------
[   42.003305][  T896] WARNING: CPU: 0 PID: 896 at kernel/workqueue.c:3182 __flush_work+0x946/0xb60
[   42.012309][  T896] Modules linked in:
[   42.016184][  T896] CPU: 0 PID: 896 Comm: kworker/0:2 Not tainted 6.4.0-rc3-syzkaller-00004-g421ca22e3138 #0
[   42.026184][  T896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   42.036329][  T896] Workqueue: usb_hub_wq hub_event
[   42.041419][  T896] RIP: 0010:__flush_work+0x946/0xb60
[   42.046734][  T896] Code: 00 48 c7 c6 9b f7 53 81 48 c7 c7 40 90 79 8c e8 d0 ec 11 00 e9 6f fc ff ff e8 06 4b 30 00 0f 0b e9 63 fc ff ff e8 fa 4a 30 00 <0f> 0b 45 31 ed e9 54 fc ff ff e8 db 14 83 00 e9 3e fb ff ff e8 e1
[   42.067210][  T896] RSP: 0018:ffffc9000514ec08 EFLAGS: 00010293
[   42.073305][  T896] RAX: 0000000000000000 RBX: ffff88807d10e0e8 RCX: 0000000000000000
[   42.081353][  T896] RDX: ffff88801f565940 RSI: ffffffff8153f7d6 RDI: 0000000000000001
[   42.089361][  T896] RBP: ffffc9000514eda0 R08: 0000000000000001 R09: 0000000000000000
[   42.097316][  T896] R10: 0000000000000001 R11: ffffffff81d6e472 R12: ffff88807d10e0e8
[   42.105318][  T896] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88807d10e100
[   42.113361][  T896] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   42.122332][  T896] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   42.128918][  T896] CR2: 000055e15f54ff40 CR3: 0000000073326000 CR4: 0000000000350ef0
[   42.136955][  T896] Call Trace:
[   42.140248][  T896]  <TASK>
[   42.143181][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.148385][  T896]  ? print_usage_bug.part.0+0x660/0x660
[   42.153971][  T896]  ? mod_delayed_work_on+0x220/0x220
[   42.159289][  T896]  ? kasan_save_stack+0x32/0x40
[   42.164127][  T896]  ? kasan_save_stack+0x22/0x40
[   42.168964][  T896]  ? kasan_set_track+0x25/0x30
[   42.173788][  T896]  ? __kasan_kmalloc+0xa2/0xb0
[   42.178572][  T896]  ? smsusb_init_device+0xa7/0xd20
[   42.183752][  T896]  ? smsusb_probe+0x5b9/0x10b0
[   42.188564][  T896]  ? usb_probe_interface+0x30f/0x960
[   42.193891][  T896]  ? really_probe+0x240/0xca0
[   42.198583][  T896]  ? __driver_probe_device+0x1df/0x4b0
[   42.204067][  T896]  ? driver_probe_device+0x4c/0x1a0
[   42.209291][  T896]  ? __device_attach_driver+0x1d4/0x2e0
[   42.214831][  T896]  ? bus_for_each_drv+0x149/0x1d0
[   42.219884][  T896]  ? __device_attach+0x1e4/0x4b0
[   42.224837][  T896]  ? mark_held_locks+0x9f/0xe0
[   42.229653][  T896]  __cancel_work_timer+0x3f9/0x570
[   42.234778][  T896]  ? work_on_cpu_safe+0xa0/0xa0
[   42.239675][  T896]  smsusb_term_device+0xef/0x300
[   42.244642][  T896]  smsusb_init_device+0xb70/0xd20
[   42.249732][  T896]  ? smsusb_disconnect+0x20/0x20
[   42.254695][  T896]  smsusb_probe+0x5b9/0x10b0
[   42.259323][  T896]  ? smsusb_init_device+0xd20/0xd20
[   42.264535][  T896]  ? mark_held_locks+0x9f/0xe0
[   42.269330][  T896]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   42.276308][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.281638][  T896]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   42.287460][  T896]  ? __pm_runtime_set_status+0x442/0xd90
[   42.293141][  T896]  usb_probe_interface+0x30f/0x960
[   42.298279][  T896]  ? usb_match_dynamic_id+0x1a0/0x1a0
[   42.303712][  T896]  really_probe+0x240/0xca0
[   42.308264][  T896]  __driver_probe_device+0x1df/0x4b0
[   42.313580][  T896]  ? usb_match_id.part.0+0x163/0x1b0
[   42.318888][  T896]  driver_probe_device+0x4c/0x1a0
[   42.323942][  T896]  __device_attach_driver+0x1d4/0x2e0
[   42.329373][  T896]  bus_for_each_drv+0x149/0x1d0
[   42.334230][  T896]  ? driver_probe_device+0x1a0/0x1a0
[   42.339538][  T896]  ? bus_for_each_dev+0x1c0/0x1c0
[   42.344571][  T896]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   42.350442][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.355655][  T896]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   42.361526][  T896]  __device_attach+0x1e4/0x4b0
[   42.366303][  T896]  ? device_driver_attach+0x210/0x210
[   42.371736][  T896]  ? do_raw_spin_unlock+0x175/0x230
[   42.376975][  T896]  bus_probe_device+0x17c/0x1c0
[   42.381861][  T896]  device_add+0x112d/0x1a40
[   42.386386][  T896]  ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[   42.393271][  T896]  usb_set_configuration+0x1196/0x1bc0
[   42.398750][  T896]  usb_generic_driver_probe+0xcf/0x130
[   42.404302][  T896]  usb_probe_device+0xd8/0x2c0
[   42.409171][  T896]  ? usb_driver_release_interface+0x190/0x190
[   42.415257][  T896]  really_probe+0x240/0xca0
[   42.419809][  T896]  __driver_probe_device+0x1df/0x4b0
[   42.425184][  T896]  driver_probe_device+0x4c/0x1a0
[   42.430286][  T896]  __device_attach_driver+0x1d4/0x2e0
[   42.435700][  T896]  bus_for_each_drv+0x149/0x1d0
[   42.440589][  T896]  ? driver_probe_device+0x1a0/0x1a0
[   42.445913][  T896]  ? bus_for_each_dev+0x1c0/0x1c0
[   42.450976][  T896]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   42.456800][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.462029][  T896]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   42.467849][  T896]  __device_attach+0x1e4/0x4b0
[   42.472658][  T896]  ? device_driver_attach+0x210/0x210
[   42.478047][  T896]  ? do_raw_spin_unlock+0x175/0x230
[   42.483306][  T896]  bus_probe_device+0x17c/0x1c0
[   42.488188][  T896]  device_add+0x112d/0x1a40
[   42.492718][  T896]  ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[   42.499594][  T896]  ? add_device_randomness+0xb8/0xe0
[   42.504895][  T896]  usb_new_device+0xcb2/0x19d0
[   42.509756][  T896]  ? hub_disconnect+0x520/0x520
[   42.514618][  T896]  ? _raw_spin_unlock_irq+0x23/0x50
[   42.519852][  T896]  hub_event+0x2d9e/0x4e40
[   42.524314][  T896]  ? hub_port_debounce+0x3b0/0x3b0
[   42.529508][  T896]  ? lock_sync+0x190/0x190
[   42.533961][  T896]  ? lock_downgrade+0x690/0x690
[   42.538837][  T896]  ? do_raw_spin_lock+0x124/0x2b0
[   42.543927][  T896]  ? _raw_spin_unlock_irq+0x23/0x50
[   42.549188][  T896]  process_one_work+0x99a/0x15e0
[   42.554138][  T896]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   42.559594][  T896]  ? spin_bug+0x1c0/0x1c0
[   42.563942][  T896]  ? _raw_spin_lock_irq+0x45/0x50
[   42.568962][  T896]  worker_thread+0x67d/0x10c0
[   42.573683][  T896]  ? process_one_work+0x15e0/0x15e0
[   42.578897][  T896]  kthread+0x344/0x440
[   42.582995][  T896]  ? kthread_complete_and_exit+0x40/0x40
[   42.588639][  T896]  ret_from_fork+0x1f/0x30
[   42.593095][  T896]  </TASK>
[   42.596131][  T896] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   42.603392][  T896] CPU: 0 PID: 896 Comm: kworker/0:2 Not tainted 6.4.0-rc3-syzkaller-00004-g421ca22e3138 #0
[   42.613373][  T896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   42.623414][  T896] Workqueue: usb_hub_wq hub_event
[   42.628460][  T896] Call Trace:
[   42.631752][  T896]  <TASK>
[   42.634686][  T896]  dump_stack_lvl+0xd9/0x150
[   42.639278][  T896]  panic+0x686/0x730
[   42.643186][  T896]  ? panic_smp_self_stop+0xa0/0xa0
[   42.648315][  T896]  ? show_trace_log_lvl+0x285/0x390
[   42.653533][  T896]  ? __flush_work+0x946/0xb60
[   42.658207][  T896]  check_panic_on_warn+0xb1/0xc0
[   42.663148][  T896]  __warn+0xf2/0x390
[   42.667039][  T896]  ? __flush_work+0x946/0xb60
[   42.671712][  T896]  report_bug+0x2da/0x500
[   42.676080][  T896]  handle_bug+0x3c/0x70
[   42.680225][  T896]  exc_invalid_op+0x18/0x50
[   42.684719][  T896]  asm_exc_invalid_op+0x1a/0x20
[   42.689565][  T896] RIP: 0010:__flush_work+0x946/0xb60
[   42.694856][  T896] Code: 00 48 c7 c6 9b f7 53 81 48 c7 c7 40 90 79 8c e8 d0 ec 11 00 e9 6f fc ff ff e8 06 4b 30 00 0f 0b e9 63 fc ff ff e8 fa 4a 30 00 <0f> 0b 45 31 ed e9 54 fc ff ff e8 db 14 83 00 e9 3e fb ff ff e8 e1
[   42.714647][  T896] RSP: 0018:ffffc9000514ec08 EFLAGS: 00010293
[   42.720718][  T896] RAX: 0000000000000000 RBX: ffff88807d10e0e8 RCX: 0000000000000000
[   42.728687][  T896] RDX: ffff88801f565940 RSI: ffffffff8153f7d6 RDI: 0000000000000001
[   42.736652][  T896] RBP: ffffc9000514eda0 R08: 0000000000000001 R09: 0000000000000000
[   42.744617][  T896] R10: 0000000000000001 R11: ffffffff81d6e472 R12: ffff88807d10e0e8
[   42.752585][  T896] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88807d10e100
[   42.760552][  T896]  ? __kasan_kmalloc+0xa2/0xb0
[   42.765337][  T896]  ? __flush_work+0x946/0xb60
[   42.770022][  T896]  ? __flush_work+0x946/0xb60
[   42.774694][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.779928][  T896]  ? print_usage_bug.part.0+0x660/0x660
[   42.785468][  T896]  ? mod_delayed_work_on+0x220/0x220
[   42.790760][  T896]  ? kasan_save_stack+0x32/0x40
[   42.795606][  T896]  ? kasan_save_stack+0x22/0x40
[   42.800452][  T896]  ? kasan_set_track+0x25/0x30
[   42.806790][  T896]  ? __kasan_kmalloc+0xa2/0xb0
[   42.811549][  T896]  ? smsusb_init_device+0xa7/0xd20
[   42.816661][  T896]  ? smsusb_probe+0x5b9/0x10b0
[   42.821454][  T896]  ? usb_probe_interface+0x30f/0x960
[   42.826733][  T896]  ? really_probe+0x240/0xca0
[   42.831413][  T896]  ? __driver_probe_device+0x1df/0x4b0
[   42.836868][  T896]  ? driver_probe_device+0x4c/0x1a0
[   42.842060][  T896]  ? __device_attach_driver+0x1d4/0x2e0
[   42.847604][  T896]  ? bus_for_each_drv+0x149/0x1d0
[   42.852625][  T896]  ? __device_attach+0x1e4/0x4b0
[   42.857562][  T896]  ? mark_held_locks+0x9f/0xe0
[   42.862333][  T896]  __cancel_work_timer+0x3f9/0x570
[   42.867446][  T896]  ? work_on_cpu_safe+0xa0/0xa0
[   42.872305][  T896]  smsusb_term_device+0xef/0x300
[   42.877250][  T896]  smsusb_init_device+0xb70/0xd20
[   42.882280][  T896]  ? smsusb_disconnect+0x20/0x20
[   42.887233][  T896]  smsusb_probe+0x5b9/0x10b0
[   42.891856][  T896]  ? smsusb_init_device+0xd20/0xd20
[   42.897051][  T896]  ? mark_held_locks+0x9f/0xe0
[   42.901814][  T896]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   42.907618][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.912811][  T896]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   42.918700][  T896]  ? __pm_runtime_set_status+0x442/0xd90
[   42.924339][  T896]  usb_probe_interface+0x30f/0x960
[   42.929454][  T896]  ? usb_match_dynamic_id+0x1a0/0x1a0
[   42.934831][  T896]  really_probe+0x240/0xca0
[   42.939339][  T896]  __driver_probe_device+0x1df/0x4b0
[   42.944624][  T896]  ? usb_match_id.part.0+0x163/0x1b0
[   42.949906][  T896]  driver_probe_device+0x4c/0x1a0
[   42.954959][  T896]  __device_attach_driver+0x1d4/0x2e0
[   42.960330][  T896]  bus_for_each_drv+0x149/0x1d0
[   42.965177][  T896]  ? driver_probe_device+0x1a0/0x1a0
[   42.970461][  T896]  ? bus_for_each_dev+0x1c0/0x1c0
[   42.975486][  T896]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   42.981313][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   42.986530][  T896]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   42.992334][  T896]  __device_attach+0x1e4/0x4b0
[   42.997100][  T896]  ? device_driver_attach+0x210/0x210
[   43.002473][  T896]  ? do_raw_spin_unlock+0x175/0x230
[   43.007678][  T896]  bus_probe_device+0x17c/0x1c0
[   43.012534][  T896]  device_add+0x112d/0x1a40
[   43.017039][  T896]  ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[   43.023890][  T896]  usb_set_configuration+0x1196/0x1bc0
[   43.029355][  T896]  usb_generic_driver_probe+0xcf/0x130
[   43.034809][  T896]  usb_probe_device+0xd8/0x2c0
[   43.039572][  T896]  ? usb_driver_release_interface+0x190/0x190
[   43.045636][  T896]  really_probe+0x240/0xca0
[   43.050229][  T896]  __driver_probe_device+0x1df/0x4b0
[   43.055603][  T896]  driver_probe_device+0x4c/0x1a0
[   43.060637][  T896]  __device_attach_driver+0x1d4/0x2e0
[   43.066025][  T896]  bus_for_each_drv+0x149/0x1d0
[   43.070883][  T896]  ? driver_probe_device+0x1a0/0x1a0
[   43.076165][  T896]  ? bus_for_each_dev+0x1c0/0x1c0
[   43.081293][  T896]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   43.087252][  T896]  ? lockdep_hardirqs_on+0x7d/0x100
[   43.092461][  T896]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   43.098265][  T896]  __device_attach+0x1e4/0x4b0
[   43.103055][  T896]  ? device_driver_attach+0x210/0x210
[   43.108518][  T896]  ? do_raw_spin_unlock+0x175/0x230
[   43.113721][  T896]  bus_probe_device+0x17c/0x1c0
[   43.118571][  T896]  device_add+0x112d/0x1a40
[   43.123368][  T896]  ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[   43.130300][  T896]  ? add_device_randomness+0xb8/0xe0
[   43.135759][  T896]  usb_new_device+0xcb2/0x19d0
[   43.140608][  T896]  ? hub_disconnect+0x520/0x520
[   43.145647][  T896]  ? _raw_spin_unlock_irq+0x23/0x50
[   43.150965][  T896]  hub_event+0x2d9e/0x4e40
[   43.155410][  T896]  ? hub_port_debounce+0x3b0/0x3b0
[   43.160540][  T896]  ? lock_sync+0x190/0x190
[   43.164971][  T896]  ? lock_downgrade+0x690/0x690
[   43.169825][  T896]  ? do_raw_spin_lock+0x124/0x2b0
[   43.174851][  T896]  ? _raw_spin_unlock_irq+0x23/0x50
[   43.180221][  T896]  process_one_work+0x99a/0x15e0
[   43.185159][  T896]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[   43.190601][  T896]  ? spin_bug+0x1c0/0x1c0
[   43.195036][  T896]  ? _raw_spin_lock_irq+0x45/0x50
[   43.200239][  T896]  worker_thread+0x67d/0x10c0
[   43.205024][  T896]  ? process_one_work+0x15e0/0x15e0
[   43.210239][  T896]  kthread+0x344/0x440
[   43.214300][  T896]  ? kthread_complete_and_exit+0x40/0x40
[   43.219927][  T896]  ret_from_fork+0x1f/0x30
[   43.224369][  T896]  </TASK>
[   43.228183][  T896] Kernel Offset: disabled
[   43.232580][  T896] Rebooting in 86400 seconds..