Warning: Permanently added '10.128.0.167' (ED25519) to the list of known hosts.
executing program
executing program
executing program
[ 41.033544][ T29] audit: type=1400 audit(1741289368.001:80): avc: denied { execmem } for pid=2943 comm="syz-executor318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
executing program
executing program
[ 41.081144][ T29] audit: type=1400 audit(1741289368.031:81): avc: denied { read write } for pid=2949 comm="syz-executor318" name="raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 41.117139][ T29] audit: type=1400 audit(1741289368.031:82): avc: denied { open } for pid=2949 comm="syz-executor318" path="/dev/raw-gadget" dev="devtmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 41.153005][ T29] audit: type=1400 audit(1741289368.031:83): avc: denied { ioctl } for pid=2949 comm="syz-executor318" path="/dev/raw-gadget" dev="devtmpfs" ino=236 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 41.327998][ T9] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[ 41.337758][ T1117] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[ 41.351291][ T41] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[ 41.417906][ T8] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[ 41.457842][ T24] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[ 41.490535][ T9] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 41.504705][ T9] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 41.515824][ T9] usb 5-1: config 0 interface 0 has no altsetting 0
[ 41.523981][ T1117] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 41.524825][ T9] usb 5-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 41.540886][ T1117] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 41.552042][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.566092][ T1117] usb 1-1: config 0 interface 0 has no altsetting 0
[ 41.584183][ T1117] usb 1-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 41.590363][ T9] usb 5-1: config 0 descriptor??
[ 41.593999][ T1117] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.611432][ T41] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 41.623493][ T41] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 41.635267][ T41] usb 2-1: config 0 interface 0 has no altsetting 0
[ 41.642633][ T41] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 41.649540][ T8] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 41.652104][ T41] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.656050][ T1117] usb 1-1: config 0 descriptor??
[ 41.664453][ T8] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 41.664486][ T8] usb 3-1: config 0 interface 0 has no altsetting 0
[ 41.664530][ T8] usb 3-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 41.675191][ T41] usb 2-1: config 0 descriptor??
[ 41.679506][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.728934][ T24] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 41.741072][ T24] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 41.741876][ T8] usb 3-1: config 0 descriptor??
[ 41.752158][ T24] usb 4-1: config 0 interface 0 has no altsetting 0
[ 41.752212][ T24] usb 4-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 41.773560][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 41.795080][ T24] usb 4-1: config 0 descriptor??
[ 42.014760][ T9] hid-steam 0003:28DE:1102.0001: unknown main item tag 0x0
[ 42.025018][ T9] hid-steam 0003:28DE:1102.0001: unknown main item tag 0x0
[ 42.038986][ T9] hid-steam 0003:28DE:1102.0001: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0
[ 42.108188][ T9] hid-steam 0003:28DE:1102.0001: Steam Controller 'XXXXXXXXXX' connected
[ 42.108886][ T1117] hid-steam 0003:28DE:1102.0002: unknown main item tag 0x0
[ 42.121616][ T9] input: Steam Controller as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28DE:1102.0001/input/input6
[ 42.125063][ T1117] hid-steam 0003:28DE:1102.0002: unknown main item tag 0x0
[ 42.147570][ T9] hid-steam 0003:28DE:1102.0004: unknown main item tag 0x0
[ 42.151052][ T41] hid-steam 0003:28DE:1102.0003: unknown main item tag 0x0
[ 42.156779][ T9] hid-steam 0003:28DE:1102.0004: unknown main item tag 0x0
[ 42.164265][ T41] hid-steam 0003:28DE:1102.0003: unknown main item tag 0x0
[ 42.178409][ T9] hid-steam 0003:28DE:1102.0004: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0
[ 42.181055][ T1117] hid-steam 0003:28DE:1102.0002: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[ 42.197386][ T8] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[ 42.209396][ T41] hid-steam 0003:28DE:1102.0003: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0
[ 42.216064][ T8] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[ 42.244793][ T24] hid-steam 0003:28DE:1102.0006: unknown main item tag 0x0
[ 42.254286][ T24] hid-steam 0003:28DE:1102.0006: unknown main item tag 0x0
[ 42.280503][ T2964] input: Steam Controller as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28DE:1102.0001/input/input7
executing program
[ 42.286943][ T9] usb 5-1: USB disconnect, device number 2
[ 42.301740][ T24] hid-steam 0003:28DE:1102.0006: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[ 42.337883][ T41] hid-steam 0003:28DE:1102.0003: Steam Controller 'XXXXXXXXXX' connected
executing program
[ 42.339818][ T8] hid-steam 0003:28DE:1102.0005: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0
[ 42.361102][ T1117] hid-steam 0003:28DE:1102.0002: Steam Controller 'XXXXXXXXXX' connected
[ 42.362569][ T1117] input: Steam Controller as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1102.0002/input/input8
[ 42.396498][ T41] input: Steam Controller as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28DE:1102.0003/input/input9
executing program
executing program
[ 42.399214][ T9] hid-steam 0003:28DE:1102.0001: Steam Controller 'XXXXXXXXXX' disconnected
[ 42.412887][ T2964] input: Steam Controller as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28DE:1102.0001/input/input10
[ 42.435564][ T24] hid-steam 0003:28DE:1102.0006: Steam Controller 'XXXXXXXXXX' connected
[ 42.452782][ T24] input: Steam Controller as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1102.0006/input/input11
[ 42.472583][ T41] hid-steam 0003:28DE:1102.0007: unknown main item tag 0x0
[ 42.476343][ T8] hid-steam 0003:28DE:1102.0005: Steam Controller 'XXXXXXXXXX' connected
[ 42.481012][ T41] hid-steam 0003:28DE:1102.0007: unknown main item tag 0x0
[ 42.495089][ T1117] hid-steam 0003:28DE:1102.0008: unknown main item tag 0x0
executing program
[ 42.505454][ T1117] hid-steam 0003:28DE:1102.0008: unknown main item tag 0x0
[ 42.519346][ T2964] kobject: kobject_add_internal failed for event6 (error: -2 parent: input10)
[ 42.533166][ T41] hid-steam 0003:28DE:1102.0007: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0
[ 42.550848][ T1117] hid-steam 0003:28DE:1102.0008: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[ 42.564643][ T8] input: Steam Controller as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28DE:1102.0005/input/input12
[ 42.568252][ T2964] input: failed to attach handler evdev to device input10, error: -2
[ 42.591387][ T2964] ==================================================================
[ 42.599760][ T2964] BUG: KASAN: slab-use-after-free in steam_input_register+0x131f/0x14a0
[ 42.605073][ T8] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0
[ 42.608159][ T2964] Write of size 8 at addr ffff888117ead920 by task kworker/1:4/2964
[ 42.608180][ T2964]
[ 42.608208][ T2964] CPU: 1 UID: 0 PID: 2964 Comm: kworker/1:4 Not tainted 6.14.0-rc3-syzkaller-00071-gb331a3d8097f #0
[ 42.608233][ T2964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 42.608250][ T2964] Workqueue: events steam_work_unregister_cb
[ 42.608291][ T2964] Call Trace:
[ 42.608300][ T2964]
[ 42.608314][ T2964] dump_stack_lvl+0x116/0x1f0
[ 42.608353][ T2964] print_report+0xc3/0x620
[ 42.608386][ T2964] ? __virt_addr_valid+0x5e/0x590
[ 42.608409][ T2964] ? __phys_addr+0xc6/0x150
[ 42.608432][ T2964] kasan_report+0xd9/0x110
[ 42.608454][ T2964] ? steam_input_register+0x131f/0x14a0
[ 42.608485][ T2964] ? steam_input_register+0x131f/0x14a0
[ 42.608517][ T2964] steam_input_register+0x131f/0x14a0
[ 42.608548][ T2964] steam_work_unregister_cb+0x127/0x190
[ 42.608579][ T2964] process_one_work+0x9c5/0x1ba0
[ 42.608617][ T2964] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 42.608639][ T2964] ? __pfx_process_one_work+0x10/0x10
[ 42.608674][ T2964] ? assign_work+0x1a0/0x250
[ 42.608705][ T2964] worker_thread+0x6c8/0xf00
[ 42.608741][ T2964] ? __kthread_parkme+0x148/0x220
[ 42.608766][ T2964] ? __pfx_worker_thread+0x10/0x10
[ 42.608798][ T2964] kthread+0x3af/0x750
[ 42.608828][ T2964] ? __pfx_kthread+0x10/0x10
[ 42.608856][ T2964] ? lock_acquire+0x2f/0xb0
[ 42.608877][ T2964] ? __pfx_kthread+0x10/0x10
[ 42.608907][ T2964] ret_from_fork+0x45/0x80
[ 42.608937][ T2964] ? __pfx_kthread+0x10/0x10
[ 42.608966][ T2964] ret_from_fork_asm+0x1a/0x30
[ 42.609000][ T2964]
[ 42.609007][ T2964]
[ 42.616233][ T8] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0
[ 42.624860][ T2964] Allocated by task 9:
[ 42.624880][ T2964] kasan_save_stack+0x33/0x60
[ 42.624913][ T2964] kasan_save_track+0x14/0x30
[ 42.624939][ T2964] __kasan_kmalloc+0x8f/0xa0
[ 42.624965][ T2964] __kmalloc_node_track_caller_noprof+0x20b/0x4c0
[ 42.630275][ T8] hid-steam 0003:28DE:1102.0009: hidraw2: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0
[ 42.639033][ T2964] devm_kmalloc+0xa5/0x260
[ 42.639068][ T2964] steam_probe+0x132/0x1060
[ 42.639093][ T2964] hid_device_probe+0x349/0x700
[ 42.639119][ T2964] really_probe+0x23e/0xa90
[ 42.639147][ T2964] __driver_probe_device+0x1de/0x440
[ 42.639175][ T2964] driver_probe_device+0x4c/0x1b0
[ 42.639200][ T2964] __device_attach_driver+0x1df/0x310
[ 42.639227][ T2964] bus_for_each_drv+0x157/0x1e0
[ 42.639250][ T2964] __device_attach+0x1e8/0x4b0
[ 42.682799][ T8] usb 3-1: USB disconnect, device number 2
[ 42.684956][ T2964] bus_probe_device+0x17f/0x1c0
[ 42.684993][ T2964] device_add+0x114b/0x1a70
[ 42.685014][ T2964] hid_add_device+0x374/0xa60
[ 42.685041][ T2964] usbhid_probe+0xd32/0x1400
[ 42.837881][ T9] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[ 42.841159][ T2964] usb_probe_interface+0x300/0x9c0
[ 42.918513][ T2964] really_probe+0x23e/0xa90
[ 42.923465][ T2964] __driver_probe_device+0x1de/0x440
[ 42.930263][ T2964] driver_probe_device+0x4c/0x1b0
[ 42.936153][ T2964] __device_attach_driver+0x1df/0x310
[ 42.943159][ T2964] bus_for_each_drv+0x157/0x1e0
[ 42.949064][ T2964] __device_attach+0x1e8/0x4b0
[ 42.955527][ T2964] bus_probe_device+0x17f/0x1c0
[ 42.964151][ T2964] device_add+0x114b/0x1a70
[ 42.970280][ T2964] usb_set_configuration+0x10cb/0x1c50
[ 42.976625][ T2964] usb_generic_driver_probe+0xb1/0x110
[ 42.982435][ T2964] usb_probe_device+0xec/0x3e0
[ 42.987325][ T2964] really_probe+0x23e/0xa90
[ 42.990476][ T9] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 42.992544][ T2964] __driver_probe_device+0x1de/0x440
[ 43.006573][ T9] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 43.013070][ T2964] driver_probe_device+0x4c/0x1b0
[ 43.013110][ T2964] __device_attach_driver+0x1df/0x310
[ 43.013136][ T2964] bus_for_each_drv+0x157/0x1e0
[ 43.013158][ T2964] __device_attach+0x1e8/0x4b0
[ 43.013184][ T2964] bus_probe_device+0x17f/0x1c0
[ 43.013208][ T2964] device_add+0x114b/0x1a70
[ 43.025842][ T9] usb 5-1: config 0 interface 0 has no altsetting 0
[ 43.031276][ T2964] usb_new_device+0xd09/0x1a20
[ 43.031306][ T2964] hub_event+0x2e58/0x4f40
[ 43.031326][ T2964] process_one_work+0x9c5/0x1ba0
[ 43.031355][ T2964] worker_thread+0x6c8/0xf00
[ 43.038838][ T9] usb 5-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 43.045810][ T2964] kthread+0x3af/0x750
[ 43.051155][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 43.057092][ T2964] ret_from_fork+0x45/0x80
[ 43.068206][ T9] usb 5-1: config 0 descriptor??
[ 43.069694][ T2964] ret_from_fork_asm+0x1a/0x30
[ 43.143616][ T2964]
[ 43.147451][ T2964] Freed by task 9:
[ 43.153260][ T2964] kasan_save_stack+0x33/0x60
[ 43.160308][ T2964] kasan_save_track+0x14/0x30
[ 43.167223][ T2964] kasan_save_free_info+0x3b/0x60
[ 43.173558][ T2964] __kasan_slab_free+0x37/0x50
[ 43.179998][ T2964] kfree+0x294/0x480
[ 43.186030][ T2964] release_nodes+0x11e/0x240
[ 43.191756][ T2964] devres_release_group+0x1be/0x2a0
[ 43.198587][ T2964] hid_device_remove+0x107/0x260
[ 43.204406][ T2964] device_remove+0xc8/0x170
[ 43.210704][ T2964] device_release_driver_internal+0x44a/0x610
[ 43.219471][ T2964] bus_remove_device+0x22f/0x420
[ 43.225769][ T2964] device_del+0x396/0x9f0
[ 43.231538][ T2964] hid_destroy_device+0x19c/0x240
[ 43.237752][ T2964] usbhid_disconnect+0xa0/0xe0
[ 43.243681][ T2964] usb_unbind_interface+0x1da/0x9a0
[ 43.249500][ T2964] device_remove+0x122/0x170
[ 43.254957][ T2964] device_release_driver_internal+0x44a/0x610
[ 43.262977][ T2964] bus_remove_device+0x22f/0x420
[ 43.268983][ T2964] device_del+0x396/0x9f0
[ 43.274421][ T2964] usb_disable_device+0x368/0x7e0
[ 43.284034][ T2964] usb_disconnect+0x2e1/0x920
[ 43.289506][ T2964] hub_event+0x1bed/0x4f40
[ 43.295234][ T2964] process_one_work+0x9c5/0x1ba0
[ 43.303474][ T2964] worker_thread+0x6c8/0xf00
[ 43.309624][ T2964] kthread+0x3af/0x750
[ 43.313808][ T2964] ret_from_fork+0x45/0x80
[ 43.318947][ T2964] ret_from_fork_asm+0x1a/0x30
[ 43.324060][ T2964]
[ 43.326658][ T2964] Last potentially related work creation:
[ 43.332848][ T2964] kasan_save_stack+0x33/0x60
[ 43.337590][ T2964] kasan_record_aux_stack+0x9b/0xb0
[ 43.344250][ T2964] insert_work+0x36/0x230
[ 43.349942][ T2964] __queue_work+0x97e/0x1080
[ 43.355494][ T2964] queue_work_on+0x11a/0x140
[ 43.360524][ T2964] steam_client_ll_open+0xab/0xf0
[ 43.366083][ T2964] hid_hw_open+0xe2/0x170
[ 43.371188][ T2964] hidraw_open+0x274/0x7e0
[ 43.376282][ T2964] chrdev_open+0x237/0x6a0
[ 43.381706][ T2964] do_dentry_open+0x6cb/0x1390
[ 43.386942][ T2964] vfs_open+0x82/0x3f0
[ 43.391666][ T2964] path_openat+0x1e88/0x2d80
[ 43.396659][ T2964] do_filp_open+0x20c/0x470
[ 43.401349][ T2964] do_sys_openat2+0x17a/0x1e0
[ 43.406117][ T2964] __x64_sys_openat+0x175/0x210
[ 43.411105][ T2964] do_syscall_64+0xcd/0x250
[ 43.416161][ T2964] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 43.422168][ T2964]
[ 43.424682][ T2964] Second to last potentially related work creation:
[ 43.431538][ T2964] kasan_save_stack+0x33/0x60
[ 43.436441][ T2964] kasan_record_aux_stack+0x9b/0xb0
[ 43.441762][ T2964] insert_work+0x36/0x230
[ 43.446436][ T2964] __queue_work+0x97e/0x1080
[ 43.451390][ T2964] queue_work_on+0x11a/0x140
[ 43.456311][ T2964] hid_hw_close+0xaf/0xe0
[ 43.460927][ T2964] drop_ref+0x186/0x390
[ 43.465247][ T2964] hidraw_release+0x3e6/0x560
[ 43.470442][ T2964] __fput+0x3ff/0xb70
[ 43.475076][ T2964] task_work_run+0x14e/0x250
[ 43.479923][ T2964] do_exit+0xad8/0x2ce0
[ 43.483003][ T9] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0
[ 43.484618][ T2964] do_group_exit+0xd3/0x2a0
[ 43.492599][ T9] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0
[ 43.499901][ T2964] get_signal+0x24ed/0x26c0
[ 43.499936][ T2964] arch_do_signal_or_restart+0x90/0x7e0
[ 43.499959][ T2964] syscall_exit_to_user_mode+0x147/0x260
[ 43.499987][ T2964] do_syscall_64+0xda/0x250
[ 43.500014][ T2964] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 43.518915][ T9] hid-steam 0003:28DE:1102.000A: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0
[ 43.523209][ T2964]
[ 43.523218][ T2964] The buggy address belongs to the object at ffff888117ead800
[ 43.523218][ T2964] which belongs to the cache kmalloc-1k of size 1024
[ 43.584417][ T2964] The buggy address is located 288 bytes inside of
[ 43.584417][ T2964] freed 1024-byte region [ffff888117ead800, ffff888117eadc00)
[ 43.587817][ T9] hid-steam 0003:28DE:1102.000A: Steam Controller 'XXXXXXXXXX' connected
[ 43.600986][ T2964]
[ 43.600998][ T2964] The buggy address belongs to the physical page:
[ 43.601016][ T2964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117ea8
[ 43.601044][ T2964] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 43.601061][ T2964] flags: 0x200000000000040(head|node=0|zone=2)
[ 43.601078][ T2964] page_type: f5(slab)
[ 43.601095][ T2964] raw: 0200000000000040 ffff888100041dc0 dead000000000122 0000000000000000
[ 43.601112][ T2964] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 43.601130][ T2964] head: 0200000000000040 ffff888100041dc0 dead000000000122 0000000000000000
[ 43.601147][ T2964] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 43.601165][ T2964] head: 0200000000000003 ffffea00045faa01 ffffffffffffffff 0000000000000000
[ 43.612496][ T9] input: Steam Controller as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28DE:1102.000A/input/input13
[ 43.613672][ T2964] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 43.630404][ T9] hid-steam 0003:28DE:1102.000B: unknown main item tag 0x0
[ 43.631779][ T2964] page dumped because: kasan: bad access detected
[ 43.631803][ T2964] page_owner tracks the page as allocated
[ 43.643232][ T9] hid-steam 0003:28DE:1102.000B: unknown main item tag 0x0
[ 43.650037][ T2964] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2933, tgid 2933 (sshd), ts 31183864294, free_ts 31147613087
[ 43.650087][ T2964] post_alloc_hook+0x181/0x1b0
[ 43.650122][ T2964] get_page_from_freelist+0xe76/0x2b90
[ 43.650148][ T2964] __alloc_frozen_pages_noprof+0x21c/0x2290
[ 43.650172][ T2964] alloc_pages_mpol+0xe7/0x410
[ 43.661236][ T9] hid-steam 0003:28DE:1102.000B: hidraw2: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0
[ 43.665587][ T2964] new_slab+0x23d/0x330
[ 43.665615][ T2964] ___slab_alloc+0xc41/0x1670
[ 43.665634][ T2964] __slab_alloc.constprop.0+0x56/0xb0
[ 43.665657][ T2964] __kmalloc_node_noprof+0x159/0x4c0
[ 43.665682][ T2964] __kvmalloc_node_noprof+0xad/0x1a0
[ 43.845633][ T2964] bpf_int_jit_compile+0x7f4/0x1830
[ 43.851170][ T2964] bpf_prog_select_runtime+0x3c1/0x6f0
[ 43.856839][ T2964] bpf_prepare_filter+0xd3d/0x1100
[ 43.862199][ T2964] bpf_prog_create_from_user+0x1e4/0x2d0
[ 43.867844][ T2964] do_seccomp+0x7b6/0x2640
[ 43.872269][ T2964] prctl_set_seccomp+0x4b/0x70
[ 43.877155][ T2964] __do_sys_prctl+0xb30/0x1c50
[ 43.881924][ T2964] page last free pid 2932 tgid 2932 stack trace:
[ 43.888762][ T2964] free_frozen_pages+0x653/0xde0
[ 43.893960][ T2964] __put_partials+0x14c/0x170
[ 43.898831][ T2964] qlist_free_all+0x4e/0x120
[ 43.903771][ T2964] kasan_quarantine_reduce+0x195/0x1e0
[ 43.909421][ T2964] __kasan_slab_alloc+0x4e/0x70
[ 43.914808][ T2964] kmem_cache_alloc_noprof+0x154/0x3b0
[ 43.920552][ T2964] getname_flags.part.0+0x4c/0x550
[ 43.925774][ T2964] getname+0x8d/0xe0
[ 43.929861][ T2964] do_sys_openat2+0x104/0x1e0
[ 43.934821][ T2964] __x64_sys_openat+0x175/0x210
[ 43.940339][ T2964] do_syscall_64+0xcd/0x250
[ 43.945116][ T2964] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 43.951475][ T2964]
[ 43.953806][ T2964] Memory state around the buggy address:
[ 43.959619][ T2964] ffff888117ead800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 43.968307][ T2964] ffff888117ead880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 43.976482][ T2964] >ffff888117ead900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 43.984886][ T2964] ^
[ 43.990183][ T2964] ffff888117ead980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 43.998630][ T2964] ffff888117eada00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 44.006721][ T2964] ==================================================================
executing program
[ 44.015786][ T2964] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 44.024251][ T2964] CPU: 1 UID: 0 PID: 2964 Comm: kworker/1:4 Not tainted 6.14.0-rc3-syzkaller-00071-gb331a3d8097f #0
[ 44.035289][ T2964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 44.045540][ T2964] Workqueue: events steam_work_unregister_cb
[ 44.051737][ T2964] Call Trace:
[ 44.055313][ T2964]
[ 44.058452][ T2964] dump_stack_lvl+0x3d/0x1f0
[ 44.063779][ T2964] panic+0x71d/0x800
[ 44.067882][ T2964] ? mark_held_locks+0x9f/0xe0
[ 44.072961][ T2964] ? __pfx_panic+0x10/0x10
[ 44.077534][ T2964] ? irqentry_exit+0x3b/0x90
[ 44.082249][ T2964] ? lockdep_hardirqs_on+0x7c/0x110
[ 44.087564][ T2964] ? check_panic_on_warn+0x1f/0xb0
[ 44.092799][ T2964] check_panic_on_warn+0xab/0xb0
[ 44.097915][ T2964] end_report+0x117/0x180
[ 44.103071][ T2964] kasan_report+0xe9/0x110
[ 44.108226][ T2964] ? steam_input_register+0x131f/0x14a0
[ 44.115214][ T2964] ? steam_input_register+0x131f/0x14a0
[ 44.124724][ T2964] steam_input_register+0x131f/0x14a0
[ 44.133017][ T2964] steam_work_unregister_cb+0x127/0x190
[ 44.141209][ T2964] process_one_work+0x9c5/0x1ba0
[ 44.146713][ T2964] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 44.153086][ T2964] ? __pfx_process_one_work+0x10/0x10
[ 44.159819][ T2964] ? assign_work+0x1a0/0x250
[ 44.164515][ T2964] worker_thread+0x6c8/0xf00
[ 44.169387][ T2964] ? __kthread_parkme+0x148/0x220
[ 44.174849][ T2964] ? __pfx_worker_thread+0x10/0x10
[ 44.180408][ T2964] kthread+0x3af/0x750
[ 44.184488][ T2964] ? __pfx_kthread+0x10/0x10
[ 44.189081][ T2964] ? lock_acquire+0x2f/0xb0
[ 44.193735][ T2964] ? __pfx_kthread+0x10/0x10
[ 44.198869][ T2964] ret_from_fork+0x45/0x80
[ 44.203494][ T2964] ? __pfx_kthread+0x10/0x10
[ 44.208365][ T2964] ret_from_fork_asm+0x1a/0x30
[ 44.213249][ T2964]
[ 44.216711][ T2964] Kernel Offset: disabled
[ 44.221396][ T2964] Rebooting in 86400 seconds..