Warning: Permanently added '10.128.0.21' (ED25519) to the list of known hosts.
[   92.100748][   T10] cfg80211: failed to load regulatory.db
2026/04/16 07:22:08 parsed 1 programs
[   97.710793][ T5824] cgroup: Unknown subsys name 'net'
[   97.954584][ T5824] cgroup: Unknown subsys name 'cpuset'
[   98.007120][ T5824] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  100.000166][ T5824] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  103.548691][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.548719][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.613162][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.613183][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.443864][   T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.470546][   T60] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  104.471376][   T60] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  104.472703][   T60] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  104.473704][   T60] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.699994][ T5880] chnl_net:caif_netlink_parms(): no params data found
[  108.143128][ T5880] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.144385][ T5880] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.145066][ T5880] bridge_slave_0: entered allmulticast mode
[  108.169244][ T5880] bridge_slave_0: entered promiscuous mode
[  108.224531][ T5880] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.224657][ T5880] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.224806][ T5880] bridge_slave_1: entered allmulticast mode
[  108.234378][ T5880] bridge_slave_1: entered promiscuous mode
[  108.306184][ T5880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.325566][ T5880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.375920][ T5880] team0: Port device team_slave_0 added
[  108.384438][ T5880] team0: Port device team_slave_1 added
[  108.429307][ T5880] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.429341][ T5880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  108.429361][ T5880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.432242][ T5880] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.432254][ T5880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  108.432274][ T5880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.576120][ T5880] hsr_slave_0: entered promiscuous mode
[  108.583739][ T5880] hsr_slave_1: entered promiscuous mode
[  109.206109][ T5880] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  109.253996][ T5880] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  109.254804][ T5880] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  109.289478][ T5880] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  109.290300][ T5880] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  109.333601][ T5880] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  109.334812][ T5880] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  109.370683][ T5880] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  109.494912][ T5880] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.537678][ T5880] 8021q: adding VLAN 0 to HW filter on device team0
[  109.559888][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.560660][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.601054][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.601521][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.864269][ T5880] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.961778][ T5880] veth0_vlan: entered promiscuous mode
[  109.975665][ T5880] veth1_vlan: entered promiscuous mode
[  110.031504][ T5880] veth0_macvtap: entered promiscuous mode
[  110.043639][ T5880] veth1_macvtap: entered promiscuous mode
[  110.084892][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.103747][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.129308][   T58] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.132489][   T58] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.133430][   T58] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.136366][   T58] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.045464][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.343355][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.592786][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.935678][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.498234][   T58] bridge_slave_1: left allmulticast mode
[  113.498724][   T58] bridge_slave_1: left promiscuous mode
[  113.511456][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.671272][   T58] bridge_slave_0: left allmulticast mode
[  113.671304][   T58] bridge_slave_0: left promiscuous mode
[  113.671557][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.477573][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  114.537351][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  114.559191][   T58] bond0 (unregistering): Released all slaves
[  114.598791][ T5485] 8021q: adding VLAN 0 to HW filter on device eth1
[  114.938508][   T58] hsr_slave_0: left promiscuous mode
[  114.979248][   T58] hsr_slave_1: left promiscuous mode
[  114.980625][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.011475][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.055961][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.055990][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.175129][   T58] veth1_macvtap: left promiscuous mode
[  115.175384][   T58] veth0_macvtap: left promiscuous mode
[  115.211372][   T58] veth1_vlan: left promiscuous mode
[  115.252820][   T58] veth0_vlan: left promiscuous mode
[  116.049759][   T58] team0 (unregistering): Port device team_slave_1 removed
[  116.107299][   T58] team0 (unregistering): Port device team_slave_0 removed
[  116.312063][ T5485] 8021q: adding VLAN 0 to HW filter on device eth2
2026/04/16 07:22:32 executed programs: 0
[  117.191082][ T5485] 8021q: adding VLAN 0 to HW filter on device eth3
[  117.419117][   T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  117.458608][   T60] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  117.462399][   T60] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  117.467960][   T60] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  117.470523][   T60] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  117.904812][ T5981] chnl_net:caif_netlink_parms(): no params data found
[  118.375617][ T5485] 8021q: adding VLAN 0 to HW filter on device eth4
[  118.603297][ T5981] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.603519][ T5981] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.603687][ T5981] bridge_slave_0: entered allmulticast mode
[  118.607023][ T5981] bridge_slave_0: entered promiscuous mode
[  118.636242][ T5981] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.637981][ T5981] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.638528][ T5981] bridge_slave_1: entered allmulticast mode
[  118.668760][ T5981] bridge_slave_1: entered promiscuous mode
[  118.726291][ T5981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.734900][ T5981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.823224][ T5981] team0: Port device team_slave_0 added
[  118.828625][ T5981] team0: Port device team_slave_1 added
[  119.059331][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.059350][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  119.059379][ T5981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.062427][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.062440][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  119.062460][ T5981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.205336][ T5981] hsr_slave_0: entered promiscuous mode
[  119.206292][ T5981] hsr_slave_1: entered promiscuous mode
[  119.518390][ T5139] Bluetooth: hci0: command tx timeout
[  121.210913][ T5981] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  121.243342][ T5981] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  121.245362][ T5981] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  121.283580][ T5981] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  121.284529][ T5981] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  121.332101][ T5981] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  121.333406][ T5981] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  121.371632][ T5981] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  121.542253][ T5981] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.589731][ T5981] 8021q: adding VLAN 0 to HW filter on device team0
[  121.596570][ T5139] Bluetooth: hci0: command tx timeout
[  121.612488][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.612655][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.647044][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.647373][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.070771][ T5981] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.179868][ T5981] veth0_vlan: entered promiscuous mode
[  122.202254][ T5981] veth1_vlan: entered promiscuous mode
[  122.281028][ T5981] veth0_macvtap: entered promiscuous mode
[  122.297006][ T5981] veth1_macvtap: entered promiscuous mode
[  122.333811][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.356193][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.389491][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.414369][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.416036][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.438408][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.871376][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.871399][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.043010][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.043034][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/04/16 07:22:38 executed programs: 2
[  123.654553][ T5897] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  123.677436][ T5139] Bluetooth: hci0: command tx timeout
[  123.870639][ T5897] usb 1-1: Using ep0 maxpacket: 32
[  123.891261][ T5897] usb 1-1: config 7 has an invalid interface number: 124 but max is 2
[  123.891301][ T5897] usb 1-1: config 7 has an invalid interface number: 52 but max is 2
[  123.891323][ T5897] usb 1-1: config 7 has no interface number 1
[  123.891340][ T5897] usb 1-1: config 7 has no interface number 2
[  123.891413][ T5897] usb 1-1: config 7 interface 0 altsetting 163 bulk endpoint 0x85 has invalid maxpacket 8
[  123.891440][ T5897] usb 1-1: config 7 interface 0 altsetting 163 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  123.891468][ T5897] usb 1-1: config 7 interface 124 has no altsetting 0
[  123.891487][ T5897] usb 1-1: config 7 interface 0 has no altsetting 0
[  123.891505][ T5897] usb 1-1: config 7 interface 52 has no altsetting 0
[  123.971288][ T5897] usb 1-1: New USB device found, idVendor=2040, idProduct=b900, bcdDevice=c1.59
[  123.971318][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.971339][ T5897] usb 1-1: Product: syz
[  123.971354][ T5897] usb 1-1: Manufacturer: syz
[  123.971369][ T5897] usb 1-1: SerialNumber: syz
[  124.367626][ T5897] smsusb:smsusb_probe: board id=8, interface number 124
[  124.383690][ T5897] smsusb:smsusb_probe: board id=8, interface number 0
[  124.425431][ T5897] smsusb:siano_media_device_register: media controller created
[  124.440205][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.440625][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.440680][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.440728][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.483599][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.498812][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.498889][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.499184][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.504294][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.504355][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.504402][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.504450][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.505237][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.505308][ T5897] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22
[  124.505358][ T5897] smsmdtv:smscore_set_device_mode: mode detect failed -22
[  124.505372][ T5897] smsmdtv:smscore_start_device: set device mode failed , rc -22
[  124.505386][ T5897] smsusb:smsusb_init_device: smscore_start_device(...) failed
[  124.609748][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.609824][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.609883][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.609941][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.609997][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.610054][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  124.667810][ T5897] ------------[ cut here ]------------
[  124.667824][ T5897] !PageLargeKmalloc(page)
[  124.667841][ T5897] WARNING: mm/slub.c:6471 at free_large_kmalloc+0x9b/0x110, CPU#1: kworker/1:3/5897
[  124.667900][ T5897] Modules linked in:
[  124.667951][ T5897] CPU: 1 UID: 0 PID: 5897 Comm: kworker/1:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  124.668006][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  124.668023][ T5897] Workqueue: usb_hub_wq hub_event
[  124.668051][ T5897] RIP: 0010:free_large_kmalloc+0x9b/0x110
[  124.668085][ T5897] Code: 8b 43 30 83 f8 ff 74 13 25 00 00 00 ff 3d 00 00 00 f8 75 74 c7 43 30 ff ff ff ff 48 89 df 89 ee 5b 41 5e 5d e9 96 c8 fc ff 90 <0f> 0b 90 48 89 df 48 c7 c6 13 fb 9a 8d 5b 41 5e 5d e9 df a9 04 ff
[  124.668104][ T5897] RSP: 0018:ffffc90003f5eb20 EFLAGS: 00010206
[  124.668123][ T5897] RAX: 00000000ff000000 RBX: ffffea0001751880 RCX: 0000000000000001
[  124.668139][ T5897] RDX: 0000000000000000 RSI: ffff88805d462000 RDI: ffffea0001751880
[  124.668154][ T5897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  124.668167][ T5897] R10: dffffc0000000000 R11: ffffed1006dd2b41 R12: 1ffff110080e2e82
[  124.668183][ T5897] R13: ffff88802c1f4380 R14: ffff888036e95a60 R15: dffffc0000000000
[  124.668201][ T5897] FS:  0000000000000000(0000) GS:ffff888125b68000(0000) knlGS:0000000000000000
[  124.668219][ T5897] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  124.668235][ T5897] CR2: 0000565060955030 CR3: 000000002a826000 CR4: 00000000003526f0
[  124.668259][ T5897] Call Trace:
[  124.668268][ T5897]  <TASK>
[  124.668279][ T5897]  usb_free_urb+0xd0/0x120
[  124.668317][ T5897]  smsusb_term_device+0x1d7/0x3e0
[  124.668360][ T5897]  smsusb_probe+0x1aba/0x2280
[  124.668406][ T5897]  ? __pfx_smsusb_probe+0x10/0x10
[  124.668431][ T5897]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  124.668464][ T5897]  ? __pfx_smsusb_sendrequest+0x10/0x10
[  124.668501][ T5897]  ? rt_spin_unlock+0x14f/0x200
[  124.668529][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.668556][ T5897]  ? __pm_runtime_set_status+0x99c/0xc70
[  124.668604][ T5897]  usb_probe_interface+0x659/0xc70
[  124.668647][ T5897]  ? __pfx_usb_probe_interface+0x10/0x10
[  124.668675][ T5897]  really_probe+0x267/0xaf0
[  124.668714][ T5897]  __driver_probe_device+0x1ef/0x380
[  124.668747][ T5897]  driver_probe_device+0x4f/0x240
[  124.668782][ T5897]  __device_attach_driver+0x279/0x430
[  124.668817][ T5897]  bus_for_each_drv+0x25b/0x2f0
[  124.668841][ T5897]  ? __pfx___device_attach_driver+0x10/0x10
[  124.668872][ T5897]  ? __pfx_bus_for_each_drv+0x10/0x10
[  124.668894][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.668925][ T5897]  __device_attach+0x2c8/0x450
[  124.668955][ T5897]  ? __pfx___device_attach+0x10/0x10
[  124.668985][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.669017][ T5897]  device_initial_probe+0xa1/0xd0
[  124.669048][ T5897]  bus_probe_device+0x12d/0x220
[  124.669074][ T5897]  device_add+0x7e9/0xbb0
[  124.669106][ T5897]  usb_set_configuration+0x1a87/0x2110
[  124.669163][ T5897]  usb_generic_driver_probe+0x8d/0x150
[  124.669191][ T5897]  usb_probe_device+0x1c4/0x3b0
[  124.669225][ T5897]  ? __pfx_usb_probe_device+0x10/0x10
[  124.669251][ T5897]  really_probe+0x267/0xaf0
[  124.669288][ T5897]  __driver_probe_device+0x1ef/0x380
[  124.669321][ T5897]  driver_probe_device+0x4f/0x240
[  124.669355][ T5897]  __device_attach_driver+0x279/0x430
[  124.669391][ T5897]  bus_for_each_drv+0x25b/0x2f0
[  124.669415][ T5897]  ? __pfx___device_attach_driver+0x10/0x10
[  124.669447][ T5897]  ? __pfx_bus_for_each_drv+0x10/0x10
[  124.669469][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.669502][ T5897]  __device_attach+0x2c8/0x450
[  124.669533][ T5897]  ? __pfx___device_attach+0x10/0x10
[  124.669569][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.669601][ T5897]  device_initial_probe+0xa1/0xd0
[  124.669631][ T5897]  bus_probe_device+0x12d/0x220
[  124.669658][ T5897]  device_add+0x7e9/0xbb0
[  124.669689][ T5897]  usb_new_device+0x9f8/0x16e0
[  124.669739][ T5897]  ? __pfx_usb_new_device+0x10/0x10
[  124.669787][ T5897]  hub_event+0x2a49/0x4f60
[  124.669811][ T5897]  ? __kasan_slab_free+0x5c/0x80
[  124.669842][ T5897]  ? kfree+0x1c5/0x6c0
[  124.669925][ T5897]  ? __pfx_hub_event+0x10/0x10
[  124.669951][ T5897]  ? process_scheduled_works+0xa69/0x1910
[  124.669984][ T5897]  ? process_scheduled_works+0xa69/0x1910
[  124.670007][ T5897]  ? process_scheduled_works+0xa69/0x1910
[  124.670032][ T5897]  process_scheduled_works+0xb68/0x1910
[  124.670091][ T5897]  ? __pfx_process_scheduled_works+0x10/0x10
[  124.670122][ T5897]  ? assign_work+0x3d5/0x5e0
[  124.670151][ T5897]  worker_thread+0xa90/0x1040
[  124.670206][ T5897]  kthread+0x388/0x470
[  124.670237][ T5897]  ? __pfx_worker_thread+0x10/0x10
[  124.670260][ T5897]  ? __pfx_kthread+0x10/0x10
[  124.670291][ T5897]  ret_from_fork+0x514/0xb70
[  124.670319][ T5897]  ? __pfx_ret_from_fork+0x10/0x10
[  124.670345][ T5897]  ? __switch_to+0xc79/0x1410
[  124.670382][ T5897]  ? __pfx_kthread+0x10/0x10
[  124.670413][ T5897]  ret_from_fork_asm+0x1a/0x30
[  124.670460][ T5897]  </TASK>
[  124.670480][ T5897] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  124.670497][ T5897] CPU: 1 UID: 0 PID: 5897 Comm: kworker/1:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  124.670521][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  124.670535][ T5897] Workqueue: usb_hub_wq hub_event
[  124.670560][ T5897] Call Trace:
[  124.670575][ T5897]  <TASK>
[  124.670585][ T5897]  vpanic+0x56c/0xa60
[  124.670614][ T5897]  ? __pfx__printk+0x10/0x10
[  124.670648][ T5897]  ? __pfx_vpanic+0x10/0x10
[  124.670673][ T5897]  ? is_bpf_text_address+0x292/0x2b0
[  124.670703][ T5897]  ? is_bpf_text_address+0x26/0x2b0
[  124.670742][ T5897]  panic+0xc5/0xd0
[  124.670769][ T5897]  ? __pfx_panic+0x10/0x10
[  124.670809][ T5897]  ? ret_from_fork_asm+0x1a/0x30
[  124.670844][ T5897]  __warn+0x315/0x4c0
[  124.670869][ T5897]  ? free_large_kmalloc+0x9b/0x110
[  124.670904][ T5897]  ? free_large_kmalloc+0x9b/0x110
[  124.670939][ T5897]  __report_bug+0x29a/0x540
[  124.670967][ T5897]  ? device_initial_probe+0xa1/0xd0
[  124.670993][ T5897]  ? bus_probe_device+0x12d/0x220
[  124.671013][ T5897]  ? device_add+0x7e9/0xbb0
[  124.671042][ T5897]  ? free_large_kmalloc+0x9b/0x110
[  124.671075][ T5897]  ? __pfx___report_bug+0x10/0x10
[  124.671102][ T5897]  ? usb_new_device+0x9f8/0x16e0
[  124.671142][ T5897]  ? do_raw_spin_lock+0x12b/0x2f0
[  124.671180][ T5897]  ? free_large_kmalloc+0x9b/0x110
[  124.671212][ T5897]  report_bug+0x16a/0x220
[  124.671242][ T5897]  ? free_large_kmalloc+0x9b/0x110
[  124.671273][ T5897]  ? free_large_kmalloc+0x9d/0x110
[  124.671306][ T5897]  handle_bug+0x9c/0x200
[  124.671342][ T5897]  exc_invalid_op+0x1a/0x50
[  124.671376][ T5897]  asm_exc_invalid_op+0x1a/0x20
[  124.671398][ T5897] RIP: 0010:free_large_kmalloc+0x9b/0x110
[  124.671431][ T5897] Code: 8b 43 30 83 f8 ff 74 13 25 00 00 00 ff 3d 00 00 00 f8 75 74 c7 43 30 ff ff ff ff 48 89 df 89 ee 5b 41 5e 5d e9 96 c8 fc ff 90 <0f> 0b 90 48 89 df 48 c7 c6 13 fb 9a 8d 5b 41 5e 5d e9 df a9 04 ff
[  124.671450][ T5897] RSP: 0018:ffffc90003f5eb20 EFLAGS: 00010206
[  124.671468][ T5897] RAX: 00000000ff000000 RBX: ffffea0001751880 RCX: 0000000000000001
[  124.671484][ T5897] RDX: 0000000000000000 RSI: ffff88805d462000 RDI: ffffea0001751880
[  124.671500][ T5897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  124.671513][ T5897] R10: dffffc0000000000 R11: ffffed1006dd2b41 R12: 1ffff110080e2e82
[  124.671530][ T5897] R13: ffff88802c1f4380 R14: ffff888036e95a60 R15: dffffc0000000000
[  124.671576][ T5897]  usb_free_urb+0xd0/0x120
[  124.671613][ T5897]  smsusb_term_device+0x1d7/0x3e0
[  124.671655][ T5897]  smsusb_probe+0x1aba/0x2280
[  124.671704][ T5897]  ? __pfx_smsusb_probe+0x10/0x10
[  124.671731][ T5897]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  124.671764][ T5897]  ? __pfx_smsusb_sendrequest+0x10/0x10
[  124.671800][ T5897]  ? rt_spin_unlock+0x14f/0x200
[  124.671831][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.671858][ T5897]  ? __pm_runtime_set_status+0x99c/0xc70
[  124.671897][ T5897]  usb_probe_interface+0x659/0xc70
[  124.671940][ T5897]  ? __pfx_usb_probe_interface+0x10/0x10
[  124.671968][ T5897]  really_probe+0x267/0xaf0
[  124.672006][ T5897]  __driver_probe_device+0x1ef/0x380
[  124.672039][ T5897]  driver_probe_device+0x4f/0x240
[  124.672073][ T5897]  __device_attach_driver+0x279/0x430
[  124.672110][ T5897]  bus_for_each_drv+0x25b/0x2f0
[  124.672133][ T5897]  ? __pfx___device_attach_driver+0x10/0x10
[  124.672163][ T5897]  ? __pfx_bus_for_each_drv+0x10/0x10
[  124.672186][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.672219][ T5897]  __device_attach+0x2c8/0x450
[  124.672251][ T5897]  ? __pfx___device_attach+0x10/0x10
[  124.672281][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.672314][ T5897]  device_initial_probe+0xa1/0xd0
[  124.672346][ T5897]  bus_probe_device+0x12d/0x220
[  124.672372][ T5897]  device_add+0x7e9/0xbb0
[  124.672404][ T5897]  usb_set_configuration+0x1a87/0x2110
[  124.672463][ T5897]  usb_generic_driver_probe+0x8d/0x150
[  124.672492][ T5897]  usb_probe_device+0x1c4/0x3b0
[  124.672524][ T5897]  ? __pfx_usb_probe_device+0x10/0x10
[  124.672550][ T5897]  really_probe+0x267/0xaf0
[  124.672619][ T5897]  __driver_probe_device+0x1ef/0x380
[  124.672651][ T5897]  driver_probe_device+0x4f/0x240
[  124.672687][ T5897]  __device_attach_driver+0x279/0x430
[  124.672722][ T5897]  bus_for_each_drv+0x25b/0x2f0
[  124.672745][ T5897]  ? __pfx___device_attach_driver+0x10/0x10
[  124.672775][ T5897]  ? __pfx_bus_for_each_drv+0x10/0x10
[  124.672798][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.672831][ T5897]  __device_attach+0x2c8/0x450
[  124.672864][ T5897]  ? __pfx___device_attach+0x10/0x10
[  124.672893][ T5897]  ? rt_spin_unlock+0x160/0x200
[  124.672925][ T5897]  device_initial_probe+0xa1/0xd0
[  124.672956][ T5897]  bus_probe_device+0x12d/0x220
[  124.672981][ T5897]  device_add+0x7e9/0xbb0
[  124.673011][ T5897]  usb_new_device+0x9f8/0x16e0
[  124.673060][ T5897]  ? __pfx_usb_new_device+0x10/0x10
[  124.673107][ T5897]  hub_event+0x2a49/0x4f60
[  124.673131][ T5897]  ? __kasan_slab_free+0x5c/0x80
[  124.673159][ T5897]  ? kfree+0x1c5/0x6c0
[  124.673245][ T5897]  ? __pfx_hub_event+0x10/0x10
[  124.673270][ T5897]  ? process_scheduled_works+0xa69/0x1910
[  124.673301][ T5897]  ? process_scheduled_works+0xa69/0x1910
[  124.673324][ T5897]  ? process_scheduled_works+0xa69/0x1910
[  124.673349][ T5897]  process_scheduled_works+0xb68/0x1910
[  124.673407][ T5897]  ? __pfx_process_scheduled_works+0x10/0x10
[  124.673439][ T5897]  ? assign_work+0x3d5/0x5e0
[  124.673469][ T5897]  worker_thread+0xa90/0x1040
[  124.673526][ T5897]  kthread+0x388/0x470
[  124.673556][ T5897]  ? __pfx_worker_thread+0x10/0x10
[  124.673587][ T5897]  ? __pfx_kthread+0x10/0x10
[  124.673620][ T5897]  ret_from_fork+0x514/0xb70
[  124.673647][ T5897]  ? __pfx_ret_from_fork+0x10/0x10
[  124.673672][ T5897]  ? __switch_to+0xc79/0x1410
[  124.673708][ T5897]  ? __pfx_kthread+0x10/0x10
[  124.673740][ T5897]  ret_from_fork_asm+0x1a/0x30
[  124.673785][ T5897]  </TASK>
[  124.674774][ T5897] Kernel Offset: disabled