[ 425.082914][ T3620] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 425.322977][ T3620] usb 1-1: Using ep0 maxpacket: 16
[ 425.443111][ T3620] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[ 425.613106][ T3620] usb 1-1: New USB device found, idVendor=1435, idProduct=0826, bcdDevice=1c.50
[ 425.622185][ T3620] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 425.631394][ T3620] usb 1-1: Product: syz
[ 425.635587][ T3620] usb 1-1: Manufacturer: syz
[ 425.640165][ T3620] usb 1-1: SerialNumber: syz
[ 425.646783][ T3620] usb 1-1: config 0 descriptor??
[ 425.663234][ T6288] raw-gadget gadget: fail, usb_ep_enable returned -22
[ 425.702924][ C1] usb 1-1: RX USB error -71.
[ 425.722929][ C1] usb 1-1: RX USB error -71.
[ 425.742916][ C1] usb 1-1: RX USB error -71.
[ 425.762938][ C1] usb 1-1: RX USB error -71.
[ 425.792957][ C1] usb 1-1: RX USB error -71.
[ 425.812924][ C1] usb 1-1: RX USB error -71.
[ 425.832931][ C1] usb 1-1: RX USB error -71.
[ 425.852934][ C1] usb 1-1: RX USB error -71.
[ 425.872919][ C1] usb 1-1: RX USB error -71.
[ 425.892912][ C1] usb 1-1: RX USB error -71.
[ 425.912920][ C1] usb 1-1: RX USB error -71.
[ 425.932896][ C1] usb 1-1: RX USB error -71.
[ 425.952899][ C1] usb 1-1: RX USB error -71.
[ 425.972887][ C1] usb 1-1: RX USB error -71.
[ 425.992911][ C1] usb 1-1: RX USB error -71.
[ 426.012896][ C1] usb 1-1: RX USB error -71.
[ 426.032892][ C1] usb 1-1: RX USB error -71.
[ 426.052898][ C1] usb 1-1: RX USB error -71.
[ 426.072882][ C1] usb 1-1: RX USB error -71.
[ 426.092906][ C1] usb 1-1: RX USB error -71.
[ 426.112907][ C1] usb 1-1: RX USB error -71.
[ 426.132905][ C1] usb 1-1: RX USB error -71.
[ 426.152896][ C1] usb 1-1: RX USB error -71.
[ 426.172899][ C1] usb 1-1: RX USB error -71.
[ 426.192950][ C1] usb 1-1: RX USB error -71.
[ 426.212913][ C1] usb 1-1: RX USB error -71.
[ 426.232913][ C1] usb 1-1: RX USB error -71.
[ 426.252898][ C1] usb 1-1: RX USB error -71.
[ 426.272895][ C1] usb 1-1: RX USB error -71.
[ 426.292892][ C1] usb 1-1: RX USB error -71.
[ 426.312918][ C1] usb 1-1: RX USB error -71.
[ 426.332928][ C1] usb 1-1: RX USB error -71.
[ 426.352960][ C1] usb 1-1: RX USB error -71.
[ 426.372940][ C1] usb 1-1: RX USB error -71.
[ 426.392914][ C1] usb 1-1: RX USB error -71.
[ 426.412945][ C1] usb 1-1: RX USB error -71.
[ 426.432903][ C1] usb 1-1: RX USB error -71.
[ 426.452903][ C1] usb 1-1: RX USB error -71.
[ 426.472884][ C1] usb 1-1: RX USB error -71.
[ 426.492898][ C1] usb 1-1: RX USB error -71.
[ 426.512903][ C1] usb 1-1: RX USB error -71.
[ 426.532900][ C1] usb 1-1: RX USB error -71.
[ 426.552918][ C1] usb 1-1: RX USB error -71.
[ 426.572906][ C1] usb 1-1: RX USB error -71.
[ 426.592920][ C1] usb 1-1: RX USB error -71.
[ 426.612907][ C1] usb 1-1: RX USB error -71.
[ 426.632895][ C1] usb 1-1: RX USB error -71.
[ 426.652925][ C1] usb 1-1: RX USB error -71.
[ 426.672897][ C1] usb 1-1: RX USB error -71.
[ 426.692897][ C1] usb 1-1: RX USB error -71.
[ 426.712905][ C1] usb 1-1: RX USB error -71.
[ 426.732892][ C1] usb 1-1: RX USB error -71.
[ 426.752916][ C1] usb 1-1: RX USB error -71.
[ 426.772891][ C1] usb 1-1: RX USB error -71.
[ 426.792884][ C1] usb 1-1: RX USB error -71.
[ 426.812889][ C1] usb 1-1: RX USB error -71.
[ 426.832930][ C1] usb 1-1: RX USB error -71.
[ 426.852922][ C1] usb 1-1: RX USB error -71.
[ 426.872938][ C1] usb 1-1: RX USB error -71.
[ 426.892925][ C1] usb 1-1: RX USB error -71.
[ 426.912917][ C1] usb 1-1: RX USB error -71.
[ 426.932933][ C1] usb 1-1: RX USB error -71.
[ 426.952940][ C1] usb 1-1: RX USB error -71.
[ 426.972903][ C1] usb 1-1: RX USB error -71.
[ 426.992927][ C1] usb 1-1: RX USB error -71.
[ 427.012921][ C1] usb 1-1: RX USB error -71.
[ 427.032925][ C1] usb 1-1: RX USB error -71.
[ 427.052926][ C1] usb 1-1: RX USB error -71.
[ 427.072924][ C1] usb 1-1: RX USB error -71.
[ 427.092913][ C1] usb 1-1: RX USB error -71.
[ 427.112910][ C1] usb 1-1: RX USB error -71.
[ 427.132909][ C1] usb 1-1: RX USB error -71.
[ 427.152890][ C1] usb 1-1: RX USB error -71.
[ 427.172882][ C1] usb 1-1: RX USB error -71.
[ 427.192882][ C1] usb 1-1: RX USB error -71.
[ 427.212897][ C1] usb 1-1: RX USB error -71.
[ 427.232895][ C1] usb 1-1: RX USB error -71.
[ 427.252901][ C1] usb 1-1: RX USB error -71.
[ 427.272907][ C1] usb 1-1: RX USB error -71.
[ 427.292909][ C1] usb 1-1: RX USB error -71.
[ 427.312936][ C1] usb 1-1: RX USB error -71.
[ 427.332904][ C1] usb 1-1: RX USB error -71.
[ 427.352908][ C1] usb 1-1: RX USB error -71.
[ 427.372918][ C1] usb 1-1: RX USB error -71.
[ 427.392906][ C1] usb 1-1: RX USB error -71.
[ 427.412923][ C1] usb 1-1: RX USB error -71.
[ 427.432894][ C1] usb 1-1: RX USB error -71.
[ 427.452908][ C1] usb 1-1: RX USB error -71.
[ 427.472932][ C1] usb 1-1: RX USB error -71.
[ 427.492904][ C1] usb 1-1: RX USB error -71.
[ 427.512905][ C1] usb 1-1: RX USB error -71.
[ 427.532913][ C1] usb 1-1: RX USB error -71.
[ 427.552907][ C1] usb 1-1: RX USB error -71.
[ 427.572903][ C1] usb 1-1: RX USB error -71.
[ 427.592894][ C1] usb 1-1: RX USB error -71.
[ 427.612899][ C1] usb 1-1: RX USB error -71.
[ 427.632896][ C1] usb 1-1: RX USB error -71.
[ 427.652905][ C1] usb 1-1: RX USB error -71.
[ 427.672908][ C1] usb 1-1: RX USB error -71.
[ 427.692899][ C1] usb 1-1: RX USB error -71.
[ 427.712908][ C1] usb 1-1: RX USB error -71.
[ 427.732888][ C1] usb 1-1: Failed to TX command. Status = -71
[ 427.739000][ C1] usb 1-1: RX USB error -71.
[ 427.743831][ T3620] usb 1-1: could not initialize adapter
[ 427.752880][ C1] usb 1-1: RX USB error -2.
[ 427.757435][ C1] usb 1-1: error -1 when submitting rx urb
[ 427.766060][ T3620] ar5523: probe of 1-1:0.0 failed with error -71
[ 427.775137][ T3620] usb 1-1: USB disconnect, device number 120
[ 429.344640][ T35] device hsr_slave_0 left promiscuous mode
[ 429.351334][ T35] device hsr_slave_1 left promiscuous mode
[ 429.358057][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 429.365541][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 429.376332][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 429.383741][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 429.392013][ T35] device bridge_slave_1 left promiscuous mode
[ 429.398314][ T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 429.406604][ T35] device bridge_slave_0 left promiscuous mode
[ 429.412731][ T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 429.423162][ T35] device veth1_macvtap left promiscuous mode
[ 429.429146][ T35] device veth0_macvtap left promiscuous mode
[ 429.436158][ T35] device veth1_vlan left promiscuous mode
[ 429.441906][ T35] device veth0_vlan left promiscuous mode
[ 432.547671][ T35] team0 (unregistering): Port device team_slave_1 removed
[ 432.560924][ T35] team0 (unregistering): Port device team_slave_0 removed
[ 432.572258][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 432.585799][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
Warning: Permanently added '10.128.10.12' (ECDSA) to the list of known hosts.
[ 432.630246][ T35] bond0 (unregistering): Released all slaves
[ 433.062913][ T3620] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 433.302892][ T3620] usb 1-1: Using ep0 maxpacket: 16
[ 433.422979][ T3620] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[ 433.593076][ T3620] usb 1-1: New USB device found, idVendor=1435, idProduct=0826, bcdDevice=1c.50
[ 433.602114][ T3620] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 433.610393][ T3620] usb 1-1: Product: syz
[ 433.614760][ T3620] usb 1-1: Manufacturer: syz
[ 433.619413][ T3620] usb 1-1: SerialNumber: syz
[ 433.626650][ T3620] usb 1-1: config 0 descriptor??
[ 433.653473][ T6295] raw-gadget gadget: fail, usb_ep_enable returned -22
[ 433.702885][ C1] usb 1-1: RX USB error -71.
[ 433.722877][ C1] usb 1-1: RX USB error -71.
[ 433.742875][ C1] usb 1-1: RX USB error -71.
[ 433.762875][ C1] usb 1-1: RX USB error -71.
[ 433.782877][ C1] usb 1-1: RX USB error -71.
[ 433.802898][ C1] usb 1-1: RX USB error -71.
[ 433.822913][ C1] usb 1-1: RX USB error -71.
[ 433.842906][ C1] usb 1-1: RX USB error -71.
[ 433.862896][ C1] usb 1-1: RX USB error -71.
[ 433.882906][ C1] usb 1-1: RX USB error -71.
[ 433.902898][ C1] usb 1-1: RX USB error -71.
[ 433.922906][ C1] usb 1-1: RX USB error -71.
[ 433.942902][ C1] usb 1-1: RX USB error -71.
[ 433.962919][ C1] usb 1-1: RX USB error -71.
[ 433.982895][ C1] usb 1-1: RX USB error -71.
[ 434.002901][ C1] usb 1-1: RX USB error -71.
[ 434.022904][ C1] usb 1-1: RX USB error -71.
[ 434.042900][ C1] usb 1-1: RX USB error -71.
[ 434.062898][ C1] usb 1-1: RX USB error -71.
[ 434.082901][ C1] usb 1-1: RX USB error -71.
[ 434.102897][ C1] usb 1-1: RX USB error -71.
[ 434.122905][ C1] usb 1-1: RX USB error -71.
[ 434.142903][ C1] usb 1-1: RX USB error -71.
[ 434.162898][ C1] usb 1-1: RX USB error -71.
[ 434.182904][ C1] usb 1-1: RX USB error -71.
[ 434.202886][ C1] usb 1-1: RX USB error -71.
[ 434.222888][ C1] usb 1-1: RX USB error -71.
[ 434.242889][ C1] usb 1-1: RX USB error -71.
[ 434.262879][ C1] usb 1-1: RX USB error -71.
[ 434.282884][ C1] usb 1-1: RX USB error -71.
[ 434.302882][ C1] usb 1-1: RX USB error -71.
[ 434.322900][ C1] usb 1-1: RX USB error -71.
[ 434.342891][ C1] usb 1-1: RX USB error -71.
[ 434.362902][ C1] usb 1-1: RX USB error -71.
[ 434.382897][ C1] usb 1-1: RX USB error -71.
[ 434.402905][ C1] usb 1-1: RX USB error -71.
[ 434.422903][ C1] usb 1-1: RX USB error -71.
[ 434.442905][ C1] usb 1-1: RX USB error -71.
[ 434.462899][ C1] usb 1-1: RX USB error -71.
[ 434.482898][ C1] usb 1-1: RX USB error -71.
[ 434.502903][ C1] usb 1-1: RX USB error -71.
[ 434.522895][ C1] usb 1-1: RX USB error -71.
[ 434.542916][ C1] usb 1-1: RX USB error -71.
[ 434.562903][ C1] usb 1-1: RX USB error -71.
[ 434.582897][ C1] usb 1-1: RX USB error -71.
[ 434.602916][ C1] usb 1-1: RX USB error -71.
[ 434.622908][ C1] usb 1-1: RX USB error -71.
[ 434.642905][ C1] usb 1-1: RX USB error -71.
[ 434.662898][ C1] usb 1-1: RX USB error -71.
[ 434.682896][ C1] usb 1-1: RX USB error -71.
[ 434.702898][ C1] usb 1-1: RX USB error -71.
[ 434.722909][ C1] usb 1-1: RX USB error -71.
[ 434.742892][ C1] usb 1-1: RX USB error -71.
[ 434.762934][ C1] usb 1-1: RX USB error -71.
[ 434.782875][ C1] usb 1-1: RX USB error -71.
[ 434.802903][ C1] usb 1-1: RX USB error -71.
[ 434.822900][ C1] usb 1-1: RX USB error -71.
[ 434.842914][ C1] usb 1-1: RX USB error -71.
[ 434.862877][ C1] usb 1-1: RX USB error -71.
[ 434.882904][ C1] usb 1-1: RX USB error -71.
[ 434.902912][ C1] usb 1-1: RX USB error -71.
[ 434.922916][ C1] usb 1-1: RX USB error -71.
[ 434.942899][ C1] usb 1-1: RX USB error -71.
[ 434.962925][ C1] usb 1-1: RX USB error -71.
[ 434.982894][ C1] usb 1-1: RX USB error -71.
[ 435.002911][ C1] usb 1-1: RX USB error -71.
[ 435.022916][ C1] usb 1-1: RX USB error -71.
[ 435.042908][ C1] usb 1-1: RX USB error -71.
[ 435.062903][ C1] usb 1-1: RX USB error -71.
[ 435.082904][ C1] usb 1-1: RX USB error -71.
[ 435.102900][ C1] usb 1-1: RX USB error -71.
[ 435.122904][ C1] usb 1-1: RX USB error -71.
[ 435.142898][ C1] usb 1-1: RX USB error -71.
[ 435.162897][ C1] usb 1-1: RX USB error -71.
[ 435.182889][ C1] usb 1-1: RX USB error -71.
[ 435.202892][ C1] usb 1-1: RX USB error -71.
[ 435.222905][ C1] usb 1-1: RX USB error -71.
[ 435.242903][ C1] usb 1-1: RX USB error -71.
[ 435.262900][ C1] usb 1-1: RX USB error -71.
[ 435.282892][ C1] usb 1-1: RX USB error -71.
[ 435.302895][ C1] usb 1-1: RX USB error -71.
[ 435.322897][ C1] usb 1-1: RX USB error -71.
[ 435.342892][ C1] usb 1-1: RX USB error -71.
[ 435.362903][ C1] usb 1-1: RX USB error -71.
[ 435.382906][ C1] usb 1-1: RX USB error -71.
[ 435.402910][ C1] usb 1-1: RX USB error -71.
[ 435.422880][ C1] usb 1-1: RX USB error -71.
[ 435.442885][ C1] usb 1-1: RX USB error -71.
[ 435.462896][ C1] usb 1-1: RX USB error -71.
[ 435.482898][ C1] usb 1-1: RX USB error -71.
[ 435.502883][ C1] usb 1-1: RX USB error -71.
[ 435.522897][ C1] usb 1-1: RX USB error -71.
[ 435.542887][ C1] usb 1-1: RX USB error -71.
[ 435.562879][ C1] usb 1-1: RX USB error -71.
[ 435.582881][ C1] usb 1-1: RX USB error -71.
[ 435.602907][ C1] usb 1-1: RX USB error -71.
[ 435.622900][ C1] usb 1-1: RX USB error -71.
[ 435.642900][ C1] usb 1-1: RX USB error -71.
[ 435.662896][ C1] usb 1-1: RX USB error -71.
[ 435.682918][ C1] usb 1-1: RX USB error -71.
[ 435.702896][ C1] usb 1-1: RX USB error -71.
[ 435.722906][ C1] usb 1-1: RX USB error -71.
[ 435.742891][ C1] usb 1-1: RX USB error -71.
[ 435.762932][ C1] usb 1-1: RX USB error -71.
[ 435.767700][ T3620] usb 1-1: timeout waiting for command 01 reply
[ 435.774257][ T3620] usb 1-1: could not initialize adapter
[ 435.782905][ C1] usb 1-1: RX USB error -2.
[ 435.787431][ C1] usb 1-1: error -1 when submitting rx urb
[ 435.793889][ T3620] ar5523: probe of 1-1:0.0 failed with error -110
[ 437.779544][ T6291] usb 1-1: USB disconnect, device number 121
[ 437.793078][ C1] ==================================================================
[ 437.801290][ C1] BUG: KASAN: use-after-free in ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 437.808735][ C1] Read of size 8 at addr ffff88801e27b210 by task swapper/1/0
[ 437.816164][ C1]
[ 437.818478][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.11.0-syzkaller #0
[ 437.826080][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[ 437.836117][ C1] Call Trace:
[ 437.839415][ C1]
[ 437.842239][ C1] dump_stack+0x9a/0xcc
[ 437.846447][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 437.851447][ C1] print_address_description.constprop.0.cold+0x5b/0x2f8
[ 437.858474][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 437.863468][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 437.868460][ C1] kasan_report.cold+0x79/0xd5
[ 437.873197][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 437.878191][ C1] ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 437.883015][ C1] __usb_hcd_giveback_urb+0x238/0x3f0
[ 437.888384][ C1] dummy_timer+0xeb8/0x2eb0
[ 437.892921][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 437.898924][ C1] ? lock_acquire+0x1a8/0x720
[ 437.903590][ C1] ? dummy_dequeue+0x490/0x490
[ 437.908327][ C1] ? dummy_dequeue+0x490/0x490
[ 437.913063][ C1] call_timer_fn+0x163/0x4b0
[ 437.917766][ C1] ? add_timer_on+0x410/0x410
[ 437.922411][ C1] ? lock_downgrade+0x6d0/0x6d0
[ 437.927235][ C1] ? dummy_dequeue+0x490/0x490
[ 437.931979][ C1] ? lockdep_hardirqs_on_prepare+0x17b/0x400
[ 437.937931][ C1] ? dummy_dequeue+0x490/0x490
[ 437.942664][ C1] __run_timers.part.0+0x52a/0x8b0
[ 437.947757][ C1] ? hrtimer_interrupt+0x442/0x930
[ 437.952849][ C1] ? call_timer_fn+0x4b0/0x4b0
[ 437.957590][ C1] ? ktime_get+0x102/0x2c0
[ 437.961994][ C1] ? kvm_sched_clock_read+0x14/0x40
[ 437.967211][ C1] ? sched_clock+0x2a/0x40
[ 437.971621][ C1] ? sched_clock_cpu+0x18/0x1f0
[ 437.976471][ C1] run_timer_softirq+0x9c/0x190
[ 437.981313][ C1] __do_softirq+0x29b/0x9f6
[ 437.985844][ C1] asm_call_irq_on_stack+0xf/0x20
[ 437.990928][ C1]
[ 437.993835][ C1] do_softirq_own_stack+0xaa/0xd0
[ 437.998855][ C1] irq_exit_rcu+0x134/0x200
[ 438.003358][ C1] sysvec_apic_timer_interrupt+0x4d/0x100
[ 438.009259][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 438.015208][ C1] RIP: 0010:acpi_idle_do_entry+0x161/0x1c0
[ 438.020984][ C1] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 6d 48 8b 45 00 a8 08 75 c9 e8 5d 48 3b f9 e9 07 00 00 00 0f 00 2d 21 bd b5 00 fb f4 <9c> 58 fa f6 c4 02 74 ae 5d e9 b1 44 3b f9 48 89 ef 5d e9 c8 f9 ff
[ 438.040646][ C1] RSP: 0018:ffffc90000d47d30 EFLAGS: 00000206
[ 438.046732][ C1] RAX: 00000000002e1d1d RBX: ffff888143bdc065 RCX: 1ffffffff18641e9
[ 438.054675][ C1] RDX: 0000000000000000 RSI: ffffffff888ae7e0 RDI: ffffffff88ddb560
[ 438.062702][ C1] RBP: ffff8880101b3800 R08: 0000000000000001 R09: 0000000000000001
[ 438.070651][ C1] R10: ffffed1002036700 R11: 0000000000000001 R12: 0000000000000001
[ 438.078605][ C1] R13: ffff888143bdc064 R14: ffffffff8b09fcc0 R15: ffff888142bce804
[ 438.086633][ C1] acpi_idle_enter+0x2c0/0x4b0
[ 438.091438][ C1] ? rcu_preempt_deferred_qs+0x13/0xe0
[ 438.096962][ C1] cpuidle_enter_state+0x152/0xb40
[ 438.102152][ C1] cpuidle_enter+0x45/0xa0
[ 438.106631][ C1] do_idle+0x3e1/0x590
[ 438.110678][ C1] ? arch_cpu_idle_exit+0x30/0x30
[ 438.115809][ C1] cpu_startup_entry+0x14/0x20
[ 438.120567][ C1] start_secondary+0x274/0x350
[ 438.125334][ C1] ? set_cpu_sibling_map+0x2460/0x2460
[ 438.130784][ C1] secondary_startup_64_no_verify+0xb0/0xbb
[ 438.136703][ C1]
[ 438.139002][ C1] The buggy address belongs to the page:
[ 438.144691][ C1] page:00000000b8500c60 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e27b
[ 438.154805][ C1] flags: 0xfff00000000000()
[ 438.159278][ C1] raw: 00fff00000000000 0000000000000000 ffffea0000b73508 0000000000000000
[ 438.167841][ C1] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 438.176409][ C1] page dumped because: kasan: bad access detected
[ 438.182796][ C1] page_owner tracks the page as freed
[ 438.188227][ C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x140dc0(GFP_USER|__GFP_COMP|__GFP_ZERO), pid 3620, ts 433683576780
[ 438.202035][ C1] post_alloc_hook+0x144/0x1c0
[ 438.206920][ C1] get_page_from_freelist+0x1c6e/0x3f80
[ 438.212530][ C1] __alloc_pages_nodemask+0x2d6/0x730
[ 438.217873][ C1] kmalloc_order+0x32/0xd0
[ 438.222302][ C1] kmalloc_order_trace+0x14/0x130
[ 438.227335][ C1] wiphy_new_nm+0x63a/0x1db0
[ 438.231940][ C1] ieee80211_alloc_hw_nm+0x2f6/0x2230
[ 438.237309][ C1] ar5523_probe+0xfd/0x1c20
[ 438.241785][ C1] usb_probe_interface+0x274/0x6a0
[ 438.246897][ C1] really_probe+0x1fd/0xc60
[ 438.251442][ C1] driver_probe_device+0x1ed/0x380
[ 438.256526][ C1] bus_for_each_drv+0x11e/0x1a0
[ 438.261353][ C1] __device_attach+0x1db/0x400
[ 438.266106][ C1] bus_probe_device+0x19d/0x250
[ 438.270940][ C1] device_add+0x99a/0x1ad0
[ 438.275439][ C1] usb_set_configuration+0x9f9/0x1750
[ 438.280801][ C1] page last free stack trace:
[ 438.285450][ C1] __free_pages_ok+0x4da/0xed0
[ 438.290189][ C1] device_release+0x93/0x200
[ 438.294955][ C1] kobject_put+0x139/0x410
[ 438.299405][ C1] ar5523_probe+0x11a8/0x1c20
[ 438.304068][ C1] usb_probe_interface+0x274/0x6a0
[ 438.309166][ C1] really_probe+0x1fd/0xc60
[ 438.313644][ C1] driver_probe_device+0x1ed/0x380
[ 438.318728][ C1] bus_for_each_drv+0x11e/0x1a0
[ 438.323572][ C1] __device_attach+0x1db/0x400
[ 438.328425][ C1] bus_probe_device+0x19d/0x250
[ 438.333255][ C1] device_add+0x99a/0x1ad0
[ 438.337650][ C1] usb_set_configuration+0x9f9/0x1750
[ 438.342999][ C1] usb_generic_driver_probe+0x74/0xa0
[ 438.348348][ C1] usb_probe_device+0x98/0x240
[ 438.353078][ C1] really_probe+0x1fd/0xc60
[ 438.357553][ C1] driver_probe_device+0x1ed/0x380
[ 438.362710][ C1]
[ 438.365014][ C1] Memory state around the buggy address:
[ 438.370618][ C1] ffff88801e27b100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 438.378649][ C1] ffff88801e27b180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 438.386680][ C1] >ffff88801e27b200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 438.394710][ C1] ^
[ 438.399285][ C1] ffff88801e27b280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 438.407315][ C1] ffff88801e27b300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 438.415343][ C1] ==================================================================
[ 438.423372][ C1] Disabling lock debugging due to kernel taint
[ 438.429485][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 438.436123][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.11.0-syzkaller #0
[ 438.445244][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[ 438.455272][ C1] Call Trace:
[ 438.458529][ C1]
[ 438.461377][ C1] dump_stack+0x9a/0xcc
[ 438.465509][ C1] panic+0x256/0x4eb
[ 438.469595][ C1] ? __warn_printk+0xee/0xee
[ 438.474244][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 438.479326][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 438.484403][ C1] end_report+0x58/0x5e
[ 438.488527][ C1] kasan_report.cold+0x67/0xd5
[ 438.493257][ C1] ? ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 438.498255][ C1] ar5523_cmd_tx_cb+0x1cc/0x1e0
[ 438.503076][ C1] __usb_hcd_giveback_urb+0x238/0x3f0
[ 438.508424][ C1] dummy_timer+0xeb8/0x2eb0
[ 438.512895][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 438.518842][ C1] ? lock_acquire+0x1a8/0x720
[ 438.523490][ C1] ? dummy_dequeue+0x490/0x490
[ 438.528224][ C1] ? dummy_dequeue+0x490/0x490
[ 438.532974][ C1] call_timer_fn+0x163/0x4b0
[ 438.537617][ C1] ? add_timer_on+0x410/0x410
[ 438.542367][ C1] ? lock_downgrade+0x6d0/0x6d0
[ 438.547186][ C1] ? dummy_dequeue+0x490/0x490
[ 438.551921][ C1] ? lockdep_hardirqs_on_prepare+0x17b/0x400
[ 438.557866][ C1] ? dummy_dequeue+0x490/0x490
[ 438.562591][ C1] __run_timers.part.0+0x52a/0x8b0
[ 438.567666][ C1] ? hrtimer_interrupt+0x442/0x930
[ 438.572740][ C1] ? call_timer_fn+0x4b0/0x4b0
[ 438.577466][ C1] ? ktime_get+0x102/0x2c0
[ 438.581845][ C1] ? kvm_sched_clock_read+0x14/0x40
[ 438.587007][ C1] ? sched_clock+0x2a/0x40
[ 438.591385][ C1] ? sched_clock_cpu+0x18/0x1f0
[ 438.596207][ C1] run_timer_softirq+0x9c/0x190
[ 438.601019][ C1] __do_softirq+0x29b/0x9f6
[ 438.605487][ C1] asm_call_irq_on_stack+0xf/0x20
[ 438.610487][ C1]
[ 438.613392][ C1] do_softirq_own_stack+0xaa/0xd0
[ 438.618388][ C1] irq_exit_rcu+0x134/0x200
[ 438.622866][ C1] sysvec_apic_timer_interrupt+0x4d/0x100
[ 438.628850][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 438.634832][ C1] RIP: 0010:acpi_idle_do_entry+0x161/0x1c0
[ 438.640606][ C1] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 6d 48 8b 45 00 a8 08 75 c9 e8 5d 48 3b f9 e9 07 00 00 00 0f 00 2d 21 bd b5 00 fb f4 <9c> 58 fa f6 c4 02 74 ae 5d e9 b1 44 3b f9 48 89 ef 5d e9 c8 f9 ff
[ 438.660614][ C1] RSP: 0018:ffffc90000d47d30 EFLAGS: 00000206
[ 438.666650][ C1] RAX: 00000000002e1d1d RBX: ffff888143bdc065 RCX: 1ffffffff18641e9
[ 438.674587][ C1] RDX: 0000000000000000 RSI: ffffffff888ae7e0 RDI: ffffffff88ddb560
[ 438.682525][ C1] RBP: ffff8880101b3800 R08: 0000000000000001 R09: 0000000000000001
[ 438.690470][ C1] R10: ffffed1002036700 R11: 0000000000000001 R12: 0000000000000001
[ 438.698844][ C1] R13: ffff888143bdc064 R14: ffffffff8b09fcc0 R15: ffff888142bce804
[ 438.706786][ C1] acpi_idle_enter+0x2c0/0x4b0
[ 438.711520][ C1] ? rcu_preempt_deferred_qs+0x13/0xe0
[ 438.717047][ C1] cpuidle_enter_state+0x152/0xb40
[ 438.722135][ C1] cpuidle_enter+0x45/0xa0
[ 438.726528][ C1] do_idle+0x3e1/0x590
[ 438.730585][ C1] ? arch_cpu_idle_exit+0x30/0x30
[ 438.735579][ C1] cpu_startup_entry+0x14/0x20
[ 438.740376][ C1] start_secondary+0x274/0x350
[ 438.745114][ C1] ? set_cpu_sibling_map+0x2460/0x2460
[ 438.750558][ C1] secondary_startup_64_no_verify+0xb0/0xbb
[ 438.756609][ C1] Kernel Offset: disabled
[ 438.761001][ C1] Rebooting in 86400 seconds..