Warning: Permanently added '[localhost]:49626' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   93.861373][ T1231] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   94.043780][ T1231] usb 5-1: config 9 has an invalid interface number: 50 but max is 1
[   94.046422][ T1231] usb 5-1: config 9 contains an unexpected descriptor of type 0x2, skipping
[   94.049767][ T1231] usb 5-1: config 9 has an invalid interface number: 50 but max is 1
[   94.053219][ T1231] usb 5-1: config 9 has 1 interface, different from the descriptor's value: 2
[   94.056421][ T1231] usb 5-1: config 9 has no interface number 0
[   94.058638][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[   94.062739][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0x9 has invalid wMaxPacketSize 0
[   94.065961][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0xA has invalid maxpacket 1023, setting to 64
[   94.069767][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has an endpoint descriptor with address 0x9B, changing to 0x8B
[   94.074661][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0x8B has an invalid bInterval 182, changing to 11
[   94.079310][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0x8B has invalid maxpacket 24995, setting to 1024
[   94.083605][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0x6 has invalid maxpacket 512, setting to 64
[   94.087600][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[   94.091954][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[   94.096045][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has a duplicate endpoint with address 0x5, skipping
[   94.100141][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[   94.105313][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[   94.109263][ T1231] usb 5-1: config 9 interface 50 altsetting 7 endpoint 0xD has invalid wMaxPacketSize 0
[   94.113309][ T1231] usb 5-1: config 9 interface 50 altsetting 7 bulk endpoint 0xD has invalid maxpacket 0
[   94.116985][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[   94.121652][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[   94.125645][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has a duplicate endpoint with address 0x3, skipping
[   94.129501][ T1231] usb 5-1: config 9 interface 50 altsetting 7 has 16 endpoint descriptors, different from the interface descriptor's value: 15
[   94.134987][ T1231] usb 5-1: config 9 interface 50 has no altsetting 0
[   94.137522][ T1231] usb 5-1: config 9 interface 50 has no altsetting 1
[   94.143420][ T1231] usb 5-1: New USB device found, idVendor=01c0, idProduct=b26f, bcdDevice=e0.84
[   94.146926][ T1231] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.150243][ T1231] usb 5-1: Product: syz
[   94.152116][ T1231] usb 5-1: Manufacturer: syz
[   94.153801][ T1231] usb 5-1: SerialNumber: syz
[   94.382019][ T1231] ------------[ cut here ]------------
[   94.384263][ T1231] UBSAN: array-index-out-of-bounds in drivers/hid/usbhid/hid-core.c:1025:7
[   94.387473][ T1231] index 1 is out of range for type 'struct hid_class_descriptor[1]'
executing program
[   94.411448][ T1231] CPU: 0 UID: 0 PID: 1231 Comm: kworker/0:3 Not tainted 6.11.0-syzkaller #0
[   94.415097][ T1231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.419428][ T1231] Workqueue: usb_hub_wq hub_event
[   94.421395][ T1231] Call Trace:
[   94.422461][ T1231]  <TASK>
[   94.423412][ T1231]  dump_stack_lvl+0x241/0x360
[   94.425131][ T1231]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.426947][ T1231]  ? __pfx__printk+0x10/0x10
[   94.428929][ T1231]  ? trace_contention_end+0x3c/0x120
[   94.431498][ T1231]  __ubsan_handle_out_of_bounds+0x121/0x150
[   94.434321][ T1231]  usbhid_parse+0x5a7/0xc80
[   94.436207][ T1231]  ? __pfx_usbhid_parse+0x10/0x10
[   94.438093][ T1231]  ? hid_ignore+0x5dc/0x7a0
[   94.439764][ T1231]  hid_add_device+0x132/0x520
[   94.441452][ T1231]  usbhid_probe+0xb52/0xec0
[   94.443199][ T1231]  usb_probe_interface+0x645/0xbb0
[   94.445139][ T1231]  ? __pfx_usb_probe_interface+0x10/0x10
[   94.447153][ T1231]  really_probe+0x2b8/0xad0
[   94.448851][ T1231]  __driver_probe_device+0x1a2/0x390
[   94.450879][ T1231]  driver_probe_device+0x50/0x430
[   94.452791][ T1231]  __device_attach_driver+0x2d6/0x530
[   94.454843][ T1231]  bus_for_each_drv+0x24e/0x2e0
[   94.456645][ T1231]  ? __pfx___device_attach_driver+0x10/0x10
[   94.459012][ T1231]  ? __pfx_bus_for_each_drv+0x10/0x10
[   94.461496][ T1231]  __device_attach+0x333/0x520
[   94.463472][ T1231]  ? __pfx_lock_release+0x10/0x10
[   94.465278][ T1231]  ? __pfx___device_attach+0x10/0x10
[   94.467544][ T1231]  ? do_raw_spin_unlock+0x58/0x8b0
[   94.469289][ T1231]  bus_probe_device+0x189/0x260
[   94.470954][ T1231]  device_add+0x856/0xbf0
[   94.472556][ T1231]  usb_set_configuration+0x1976/0x1fb0
[   94.474582][ T1231]  usb_generic_driver_probe+0x88/0x140
[   94.476565][ T1231]  usb_probe_device+0x1b8/0x380
[   94.478411][ T1231]  ? __pfx_usb_probe_device+0x10/0x10
[   94.480436][ T1231]  really_probe+0x2b8/0xad0
[   94.482115][ T1231]  __driver_probe_device+0x1a2/0x390
[   94.484081][ T1231]  driver_probe_device+0x50/0x430
[   94.485965][ T1231]  __device_attach_driver+0x2d6/0x530
[   94.487930][ T1231]  bus_for_each_drv+0x24e/0x2e0
[   94.489808][ T1231]  ? __pfx___device_attach_driver+0x10/0x10
[   94.492010][ T1231]  ? __pfx_bus_for_each_drv+0x10/0x10
[   94.493946][ T1231]  __device_attach+0x333/0x520
[   94.495781][ T1231]  ? __pfx___device_attach+0x10/0x10
[   94.497761][ T1231]  bus_probe_device+0x189/0x260
[   94.499742][ T1231]  device_add+0x856/0xbf0
[   94.501457][ T1231]  usb_new_device+0x104a/0x19a0
[   94.503330][ T1231]  ? __pfx_usb_new_device+0x10/0x10
[   94.505376][ T1231]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.507369][ T1231]  ? lockdep_hardirqs_on+0x99/0x150
[   94.509412][ T1231]  hub_event+0x2d6d/0x5150
[   94.511140][ T1231]  ? __pfx_hub_event+0x10/0x10
[   94.512946][ T1231]  ? __pfx_lock_acquire+0x10/0x10
[   94.514795][ T1231]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   94.516954][ T1231]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.519344][ T1231]  ? process_scheduled_works+0x945/0x1830
[   94.521632][ T1231]  process_scheduled_works+0xa2c/0x1830
[   94.523954][ T1231]  ? __pfx_process_scheduled_works+0x10/0x10
[   94.526274][ T1231]  ? assign_work+0x364/0x3d0
[   94.528069][ T1231]  worker_thread+0x870/0xd30
[   94.529921][ T1231]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   94.532218][ T1231]  ? __kthread_parkme+0x169/0x1d0
[   94.534277][ T1231]  ? __pfx_worker_thread+0x10/0x10
[   94.536324][ T1231]  kthread+0x2f0/0x390
[   94.537964][ T1231]  ? __pfx_worker_thread+0x10/0x10
[   94.539891][ T1231]  ? __pfx_kthread+0x10/0x10
[   94.541646][ T1231]  ret_from_fork+0x4b/0x80
[   94.543397][ T1231]  ? __pfx_kthread+0x10/0x10
[   94.545230][ T1231]  ret_from_fork_asm+0x1a/0x30
[   94.547039][ T1231]  </TASK>
[   94.558130][ T1231] ---[ end trace ]---
[   94.559682][ T1231] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[   94.562489][ T1231] CPU: 0 UID: 0 PID: 1231 Comm: kworker/0:3 Not tainted 6.11.0-syzkaller #0
[   94.565798][ T1231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.569951][ T1231] Workqueue: usb_hub_wq hub_event
[   94.571583][ T1231] Call Trace:
[   94.572733][ T1231]  <TASK>
[   94.573740][ T1231]  dump_stack_lvl+0x241/0x360
[   94.575123][ T1231]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.576567][ T1231]  ? __pfx__printk+0x10/0x10
[   94.577969][ T1231]  ? vprintk_emit+0x667/0x7c0
[   94.579455][ T1231]  ? vscnprintf+0x5d/0x90
[   94.580853][ T1231]  panic+0x349/0x860
[   94.582031][ T1231]  ? check_panic_on_warn+0x21/0xb0
[   94.583737][ T1231]  ? __pfx_panic+0x10/0x10
[   94.585251][ T1231]  ? _printk+0xd5/0x120
[   94.586445][ T1231]  ? __pfx__printk+0x10/0x10
[   94.587906][ T1231]  check_panic_on_warn+0x86/0xb0
[   94.589593][ T1231]  __ubsan_handle_out_of_bounds+0x141/0x150
[   94.591607][ T1231]  usbhid_parse+0x5a7/0xc80
[   94.593267][ T1231]  ? __pfx_usbhid_parse+0x10/0x10
[   94.595010][ T1231]  ? hid_ignore+0x5dc/0x7a0
[   94.596676][ T1231]  hid_add_device+0x132/0x520
[   94.598445][ T1231]  usbhid_probe+0xb52/0xec0
[   94.600089][ T1231]  usb_probe_interface+0x645/0xbb0
[   94.602013][ T1231]  ? __pfx_usb_probe_interface+0x10/0x10
[   94.604190][ T1231]  really_probe+0x2b8/0xad0
[   94.605870][ T1231]  __driver_probe_device+0x1a2/0x390
[   94.607845][ T1231]  driver_probe_device+0x50/0x430
[   94.609748][ T1231]  __device_attach_driver+0x2d6/0x530
[   94.611744][ T1231]  bus_for_each_drv+0x24e/0x2e0
[   94.613479][ T1231]  ? __pfx___device_attach_driver+0x10/0x10
[   94.615660][ T1231]  ? __pfx_bus_for_each_drv+0x10/0x10
[   94.617719][ T1231]  __device_attach+0x333/0x520
[   94.619501][ T1231]  ? __pfx_lock_release+0x10/0x10
[   94.621317][ T1231]  ? __pfx___device_attach+0x10/0x10
[   94.623259][ T1231]  ? do_raw_spin_unlock+0x58/0x8b0
[   94.625116][ T1231]  bus_probe_device+0x189/0x260
[   94.626730][ T1231]  device_add+0x856/0xbf0
[   94.628038][ T1231]  usb_set_configuration+0x1976/0x1fb0
[   94.629874][ T1231]  usb_generic_driver_probe+0x88/0x140
[   94.631611][ T1231]  usb_probe_device+0x1b8/0x380
[   94.633270][ T1231]  ? __pfx_usb_probe_device+0x10/0x10
[   94.635082][ T1231]  really_probe+0x2b8/0xad0
[   94.636456][ T1231]  __driver_probe_device+0x1a2/0x390
[   94.638220][ T1231]  driver_probe_device+0x50/0x430
[   94.639876][ T1231]  __device_attach_driver+0x2d6/0x530
[   94.641697][ T1231]  bus_for_each_drv+0x24e/0x2e0
[   94.643338][ T1231]  ? __pfx___device_attach_driver+0x10/0x10
[   94.645395][ T1231]  ? __pfx_bus_for_each_drv+0x10/0x10
[   94.647182][ T1231]  __device_attach+0x333/0x520
[   94.648891][ T1231]  ? __pfx___device_attach+0x10/0x10
[   94.650809][ T1231]  bus_probe_device+0x189/0x260
[   94.652674][ T1231]  device_add+0x856/0xbf0
[   94.654485][ T1231]  usb_new_device+0x104a/0x19a0
[   94.656623][ T1231]  ? __pfx_usb_new_device+0x10/0x10
[   94.658953][ T1231]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.661264][ T1231]  ? lockdep_hardirqs_on+0x99/0x150
[   94.663326][ T1231]  hub_event+0x2d6d/0x5150
[   94.664730][ T1231]  ? __pfx_hub_event+0x10/0x10
[   94.666171][ T1231]  ? __pfx_lock_acquire+0x10/0x10
[   94.667776][ T1231]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   94.669975][ T1231]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.672318][ T1231]  ? process_scheduled_works+0x945/0x1830
[   94.674309][ T1231]  process_scheduled_works+0xa2c/0x1830
[   94.676332][ T1231]  ? __pfx_process_scheduled_works+0x10/0x10
[   94.678428][ T1231]  ? assign_work+0x364/0x3d0
[   94.680029][ T1231]  worker_thread+0x870/0xd30
[   94.681598][ T1231]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   94.683580][ T1231]  ? __kthread_parkme+0x169/0x1d0
[   94.685317][ T1231]  ? __pfx_worker_thread+0x10/0x10
[   94.687140][ T1231]  kthread+0x2f0/0x390
[   94.688628][ T1231]  ? __pfx_worker_thread+0x10/0x10
[   94.690351][ T1231]  ? __pfx_kthread+0x10/0x10
[   94.692011][ T1231]  ret_from_fork+0x4b/0x80
[   94.693713][ T1231]  ? __pfx_kthread+0x10/0x10
[   94.695310][ T1231]  ret_from_fork_asm+0x1a/0x30
[   94.697096][ T1231]  </TASK>
[   94.698459][ T1231] Kernel Offset: disabled
[   94.700088][ T1231] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:58:23  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000069 RBX=ffffffff9a668f40 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc90002d7e4b0
R8 =ffffffff8540aeeb R9 =1ffff11003dba046 R10=dffffc0000000000 R11=ffffffff8540aea0
R12=dffffc0000000000 R13=0000000000000069 R14=0000000000000069 R15=00000000000003f8
RIP=ffffffff8540af1e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88801fe00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f33035dd01d CR3=0000000011804000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffffff0 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcb7d166e0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33036165c0 00007f33036075d8
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33035f9284 00007f330360c240
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 642f006a64615f65 726f63735f6d6f6f 2f666c65732f636f 72702f0030303031
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 410a004f41445f40 574a46565f484a4a 0a434940560a464a 57550a0015151514
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000