Warning: Permanently added '10.128.10.27' (ED25519) to the list of known hosts.
2025/07/03 09:45:28 ignoring optional flag "sandboxArg"="0"
2025/07/03 09:45:29 parsed 1 programs
[  124.316169][ T6310] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  126.950983][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.959191][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.982497][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.991413][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.065356][ T6335] chnl_net:caif_netlink_parms(): no params data found
[  128.146585][ T6335] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.154097][ T6335] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.161635][ T6335] bridge_slave_0: entered allmulticast mode
[  128.169242][ T6335] bridge_slave_0: entered promiscuous mode
[  128.177159][ T6335] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.185278][ T6335] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.192584][ T6335] bridge_slave_1: entered allmulticast mode
[  128.199870][ T6335] bridge_slave_1: entered promiscuous mode
[  128.245751][ T6335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.261429][ T6335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.291567][ T6335] team0: Port device team_slave_0 added
[  128.299586][ T6335] team0: Port device team_slave_1 added
[  128.323811][ T6335] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.330949][ T6335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.356916][ T6335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.369075][ T6335] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.376028][ T6335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.402429][ T6335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.442772][ T6335] hsr_slave_0: entered promiscuous mode
[  128.449760][ T6335] hsr_slave_1: entered promiscuous mode
[  129.055609][ T6335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.070530][ T6335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.083908][ T6335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.095989][ T6335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.216859][ T6335] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.241586][ T6335] 8021q: adding VLAN 0 to HW filter on device team0
[  129.255427][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.262639][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.278212][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.285395][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.558038][ T6335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.616538][ T6335] veth0_vlan: entered promiscuous mode
[  129.633316][ T6335] veth1_vlan: entered promiscuous mode
[  129.675480][ T6335] veth0_macvtap: entered promiscuous mode
[  129.687466][ T6335] veth1_macvtap: entered promiscuous mode
[  129.713826][ T6335] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.733390][ T6335] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.754534][ T1111] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.780508][ T1111] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.803623][ T1111] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.829813][ T1111] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.975982][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.054691][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.127108][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.201675][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.397282][ T5154] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  130.412729][ T5154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  130.421517][ T5154] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  130.430666][ T5154] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  130.439348][ T5154] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  132.345106][   T12] bridge_slave_1: left allmulticast mode
[  132.351840][   T12] bridge_slave_1: left promiscuous mode
[  132.358554][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.374663][   T12] bridge_slave_0: left allmulticast mode
[  132.380863][   T12] bridge_slave_0: left promiscuous mode
[  132.386696][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.678851][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.690575][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.701201][   T12] bond0 (unregistering): Released all slaves
[  132.820840][   T12] hsr_slave_0: left promiscuous mode
[  132.826987][   T12] hsr_slave_1: left promiscuous mode
[  132.845248][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.866859][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.887861][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.899798][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.945633][   T12] veth1_macvtap: left promiscuous mode
[  132.969644][   T12] veth0_macvtap: left promiscuous mode
[  132.975362][   T12] veth1_vlan: left promiscuous mode
[  132.982254][   T12] veth0_vlan: left promiscuous mode
[  133.108431][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  133.115041][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  133.627689][   T12] team0 (unregistering): Port device team_slave_1 removed
[  133.667999][   T12] team0 (unregistering): Port device team_slave_0 removed
2025/07/03 09:45:44 executed programs: 0
[  135.964384][ T5154] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  135.973687][ T5154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  135.983408][ T5154] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  135.992469][ T5154] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  136.011248][ T5154] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  136.301547][ T6582] chnl_net:caif_netlink_parms(): no params data found
[  136.445452][ T6582] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.452838][ T6582] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.460685][ T6582] bridge_slave_0: entered allmulticast mode
[  136.469287][ T6582] bridge_slave_0: entered promiscuous mode
[  136.478282][ T6582] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.485609][ T6582] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.493005][ T6582] bridge_slave_1: entered allmulticast mode
[  136.501635][ T6582] bridge_slave_1: entered promiscuous mode
[  136.548038][ T6582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.561745][ T6582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.610216][ T6582] team0: Port device team_slave_0 added
[  136.619910][ T6582] team0: Port device team_slave_1 added
[  136.664403][ T6582] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.676833][ T6582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.703308][ T6582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.717486][ T6582] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.724892][ T6582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.751672][ T6582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.844366][ T6582] hsr_slave_0: entered promiscuous mode
[  136.851910][ T6582] hsr_slave_1: entered promiscuous mode
[  137.314486][ T6582] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  137.326474][ T6582] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  137.345546][ T6582] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  137.357992][ T6582] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  137.494204][ T6582] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.521809][ T6582] 8021q: adding VLAN 0 to HW filter on device team0
[  137.538133][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.545414][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.575804][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.583063][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.853261][ T6582] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.913034][ T6582] veth0_vlan: entered promiscuous mode
[  137.931182][ T6582] veth1_vlan: entered promiscuous mode
[  137.975206][ T6582] veth0_macvtap: entered promiscuous mode
[  137.990005][ T6582] veth1_macvtap: entered promiscuous mode
[  138.019300][ T6582] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.035275][ T6582] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.050158][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.060077][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.070315][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.071118][ T5932] Bluetooth: hci0: command tx timeout
[  138.085716][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.157443][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.176099][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.214320][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.232429][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.540016][ T5846] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  138.698792][ T5846] usb 1-1: Using ep0 maxpacket: 16
[  138.722494][ T5846] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.736379][ T5846] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.750856][ T5846] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  138.764936][ T5846] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  138.774461][ T5846] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.800768][ T5846] usb 1-1: config 0 descriptor??
[  139.232156][ T5846] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  139.239901][ T5846] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max
[  139.260460][ T5846] ==================================================================
[  139.268559][ T5846] BUG: KASAN: slab-out-of-bounds in mon_bin_event+0x12ec/0x23b0
[  139.276304][ T5846] Read of size 832 at addr ffff888021ad5e81 by task kworker/1:3/5846
[  139.284381][ T5846] 
[  139.286722][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: kworker/1:3 Not tainted 6.16.0-rc4-next-20250702-syzkaller-06656-g50c8770a42fa-dirty #0 PREEMPT(full) 
[  139.286744][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.286755][ T5846] Workqueue: usb_hub_wq hub_event
[  139.286792][ T5846] Call Trace:
[  139.286799][ T5846]  <TASK>
[  139.286805][ T5846]  dump_stack_lvl+0x189/0x250
[  139.286825][ T5846]  ? __virt_addr_valid+0x1c8/0x5c0
[  139.286843][ T5846]  ? rcu_is_watching+0x15/0xb0
[  139.286858][ T5846]  ? __kasan_check_byte+0x12/0x40
[  139.286876][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.286892][ T5846]  ? rcu_is_watching+0x15/0xb0
[  139.286907][ T5846]  ? lock_release+0x4b/0x3e0
[  139.286931][ T5846]  ? __virt_addr_valid+0x1c8/0x5c0
[  139.286948][ T5846]  ? __virt_addr_valid+0x4a5/0x5c0
[  139.286966][ T5846]  print_report+0xd2/0x2b0
[  139.286987][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  139.287000][ T5846]  kasan_report+0x118/0x150
[  139.287019][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  139.287036][ T5846]  kasan_check_range+0x2b0/0x2c0
[  139.287054][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  139.287069][ T5846]  __asan_memcpy+0x29/0x70
[  139.287083][ T5846]  mon_bin_event+0x12ec/0x23b0
[  139.287107][ T5846]  ? __pfx_mon_bin_event+0x10/0x10
[  139.287120][ T5846]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  139.287140][ T5846]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  139.287157][ T5846]  ? __driver_probe_device+0x18c/0x2f0
[  139.287177][ T5846]  ? __device_attach_driver+0x2ce/0x530
[  139.287194][ T5846]  ? bus_for_each_drv+0x251/0x2e0
[  139.287216][ T5846]  ? __device_attach+0x2b8/0x400
[  139.287231][ T5846]  ? bus_probe_device+0x185/0x260
[  139.287251][ T5846]  ? hid_add_device+0x398/0x540
[  139.287272][ T5846]  ? __pfx_mon_bin_submit+0x10/0x10
[  139.287296][ T5846]  mon_submit+0x193/0x210
[  139.287317][ T5846]  usb_hcd_submit_urb+0x11d/0x1aa0
[  139.287343][ T5846]  usb_start_wait_urb+0x114/0x4c0
[  139.287362][ T5846]  ? __pfx_usb_start_wait_urb+0x10/0x10
[  139.287386][ T5846]  usb_control_msg+0x232/0x3e0
[  139.287404][ T5846]  usbhid_raw_request+0x3cd/0x4e0
[  139.287431][ T5846]  __hid_request+0x1c1/0x370
[  139.287450][ T5846]  hidinput_connect+0x218a/0x3030
[  139.287489][ T5846]  hid_connect+0x499/0x19a0
[  139.287512][ T5846]  ? usbhid_start+0x1a92/0x24b0
[  139.287534][ T5846]  ? __pfx_hid_connect+0x10/0x10
[  139.287559][ T5846]  hid_hw_start+0xa8/0x120
[  139.287578][ T5846]  ms_probe+0x180/0x430
[  139.287601][ T5846]  hid_device_probe+0x39d/0x710
[  139.287622][ T5846]  ? driver_sysfs_add+0x1fe/0x210
[  139.287640][ T5846]  ? __pfx_hid_device_probe+0x10/0x10
[  139.287658][ T5846]  really_probe+0x26a/0x9a0
[  139.287679][ T5846]  __driver_probe_device+0x18c/0x2f0
[  139.287698][ T5846]  driver_probe_device+0x4f/0x430
[  139.287717][ T5846]  __device_attach_driver+0x2ce/0x530
[  139.287737][ T5846]  bus_for_each_drv+0x251/0x2e0
[  139.287759][ T5846]  ? __pfx___device_attach_driver+0x10/0x10
[  139.287777][ T5846]  ? __pfx_bus_for_each_drv+0x10/0x10
[  139.287798][ T5846]  ? __lock_acquire+0xab9/0xd20
[  139.287823][ T5846]  __device_attach+0x2b8/0x400
[  139.287841][ T5846]  ? __pfx___device_attach+0x10/0x10
[  139.287859][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  139.287879][ T5846]  bus_probe_device+0x185/0x260
[  139.287902][ T5846]  device_add+0x7b6/0xb50
[  139.287920][ T5846]  hid_add_device+0x398/0x540
[  139.287941][ T5846]  usbhid_probe+0xe13/0x12a0
[  139.287967][ T5846]  usb_probe_interface+0x637/0xbf0
[  139.287991][ T5846]  ? __pfx_usb_probe_interface+0x10/0x10
[  139.288010][ T5846]  really_probe+0x26a/0x9a0
[  139.288030][ T5846]  __driver_probe_device+0x18c/0x2f0
[  139.288049][ T5846]  driver_probe_device+0x4f/0x430
[  139.288068][ T5846]  __device_attach_driver+0x2ce/0x530
[  139.288088][ T5846]  bus_for_each_drv+0x251/0x2e0
[  139.288110][ T5846]  ? __pfx___device_attach_driver+0x10/0x10
[  139.288128][ T5846]  ? __pfx_bus_for_each_drv+0x10/0x10
[  139.288154][ T5846]  __device_attach+0x2b8/0x400
[  139.288172][ T5846]  ? __pfx___device_attach+0x10/0x10
[  139.288190][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  139.288210][ T5846]  bus_probe_device+0x185/0x260
[  139.288233][ T5846]  device_add+0x7b6/0xb50
[  139.288250][ T5846]  usb_set_configuration+0x1a87/0x20e0
[  139.288280][ T5846]  usb_generic_driver_probe+0x8d/0x150
[  139.288300][ T5846]  usb_probe_device+0x1c1/0x390
[  139.288320][ T5846]  ? __pfx_usb_probe_device+0x10/0x10
[  139.288337][ T5846]  really_probe+0x26a/0x9a0
[  139.288354][ T5846]  __driver_probe_device+0x18c/0x2f0
[  139.288369][ T5846]  driver_probe_device+0x4f/0x430
[  139.288384][ T5846]  __device_attach_driver+0x2ce/0x530
[  139.288403][ T5846]  bus_for_each_drv+0x251/0x2e0
[  139.288421][ T5846]  ? __pfx___device_attach_driver+0x10/0x10
[  139.288438][ T5846]  ? __pfx_bus_for_each_drv+0x10/0x10
[  139.288463][ T5846]  __device_attach+0x2b8/0x400
[  139.288502][ T5846]  ? __pfx___device_attach+0x10/0x10
[  139.288520][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  139.288538][ T5846]  bus_probe_device+0x185/0x260
[  139.288560][ T5846]  device_add+0x7b6/0xb50
[  139.288574][ T5846]  usb_new_device+0xa39/0x16f0
[  139.288592][ T5846]  ? __pfx_usb_new_device+0x10/0x10
[  139.288607][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  139.288622][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.288640][ T5846]  hub_event+0x2941/0x4a00
[  139.288673][ T5846]  ? __pfx_hub_event+0x10/0x10
[  139.288688][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  139.288711][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  139.288726][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  139.288747][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  139.288769][ T5846]  process_scheduled_works+0xae1/0x17b0
[  139.288801][ T5846]  ? __pfx_process_scheduled_works+0x10/0x10
[  139.288829][ T5846]  worker_thread+0x8a0/0xda0
[  139.288845][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  139.288866][ T5846]  ? __kthread_parkme+0x7b/0x200
[  139.288884][ T5846]  kthread+0x70e/0x8a0
[  139.288902][ T5846]  ? __pfx_worker_thread+0x10/0x10
[  139.288917][ T5846]  ? __pfx_kthread+0x10/0x10
[  139.288932][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  139.288947][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.288964][ T5846]  ? __pfx_kthread+0x10/0x10
[  139.288982][ T5846]  ret_from_fork+0x3fc/0x770
[  139.288996][ T5846]  ? __pfx_ret_from_fork+0x10/0x10
[  139.289012][ T5846]  ? __switch_to_asm+0x39/0x70
[  139.289029][ T5846]  ? __switch_to_asm+0x33/0x70
[  139.289046][ T5846]  ? __pfx_kthread+0x10/0x10
[  139.289063][ T5846]  ret_from_fork_asm+0x1a/0x30
[  139.289088][ T5846]  </TASK>
[  139.289094][ T5846] 
[  139.906181][ T5846] Allocated by task 5846:
[  139.910569][ T5846]  kasan_save_track+0x3e/0x80
[  139.915228][ T5846]  __kasan_kmalloc+0x93/0xb0
[  139.919790][ T5846]  __kmalloc_noprof+0x27a/0x4f0
[  139.924614][ T5846]  __hid_request+0x94/0x370
[  139.929091][ T5846]  hidinput_connect+0x218a/0x3030
[  139.934098][ T5846]  hid_connect+0x499/0x19a0
[  139.938574][ T5846]  hid_hw_start+0xa8/0x120
[  139.942990][ T5846]  ms_probe+0x180/0x430
[  139.947156][ T5846]  hid_device_probe+0x39d/0x710
[  139.952124][ T5846]  really_probe+0x26a/0x9a0
[  139.956723][ T5846]  __driver_probe_device+0x18c/0x2f0
[  139.961982][ T5846]  driver_probe_device+0x4f/0x430
[  139.966981][ T5846]  __device_attach_driver+0x2ce/0x530
[  139.972412][ T5846]  bus_for_each_drv+0x251/0x2e0
[  139.977241][ T5846]  __device_attach+0x2b8/0x400
[  139.982074][ T5846]  bus_probe_device+0x185/0x260
[  139.986904][ T5846]  device_add+0x7b6/0xb50
[  139.991312][ T5846]  hid_add_device+0x398/0x540
[  139.995961][ T5846]  usbhid_probe+0xe13/0x12a0
[  140.000612][ T5846]  usb_probe_interface+0x637/0xbf0
[  140.005720][ T5846]  really_probe+0x26a/0x9a0
[  140.010195][ T5846]  __driver_probe_device+0x18c/0x2f0
[  140.015451][ T5846]  driver_probe_device+0x4f/0x430
[  140.020457][ T5846]  __device_attach_driver+0x2ce/0x530
[  140.025811][ T5846]  bus_for_each_drv+0x251/0x2e0
[  140.030640][ T5846]  __device_attach+0x2b8/0x400
[  140.035376][ T5846]  bus_probe_device+0x185/0x260
[  140.040325][ T5846]  device_add+0x7b6/0xb50
[  140.044636][ T5846]  usb_set_configuration+0x1a87/0x20e0
[  140.050066][ T5846]  usb_generic_driver_probe+0x8d/0x150
[  140.055500][ T5846]  usb_probe_device+0x1c1/0x390
[  140.060325][ T5846]  really_probe+0x26a/0x9a0
[  140.064805][ T5846]  __driver_probe_device+0x18c/0x2f0
[  140.070063][ T5846]  driver_probe_device+0x4f/0x430
[  140.075065][ T5846]  __device_attach_driver+0x2ce/0x530
[  140.080411][ T5846]  bus_for_each_drv+0x251/0x2e0
[  140.085327][ T5846]  __device_attach+0x2b8/0x400
[  140.090062][ T5846]  bus_probe_device+0x185/0x260
[  140.094922][ T5846]  device_add+0x7b6/0xb50
[  140.099273][ T5846]  usb_new_device+0xa39/0x16f0
[  140.104008][ T5846]  hub_event+0x2941/0x4a00
[  140.108403][ T5846]  process_scheduled_works+0xae1/0x17b0
[  140.113938][ T5846]  worker_thread+0x8a0/0xda0
[  140.118535][ T5846]  kthread+0x70e/0x8a0
[  140.122593][ T5846]  ret_from_fork+0x3fc/0x770
[  140.127153][ T5846]  ret_from_fork_asm+0x1a/0x30
[  140.131894][ T5846] 
[  140.134294][ T5846] The buggy address belongs to the object at ffff888021ad5e80
[  140.134294][ T5846]  which belongs to the cache kmalloc-8 of size 8
[  140.147970][ T5846] The buggy address is located 1 bytes inside of
[  140.147970][ T5846]  allocated 7-byte region [ffff888021ad5e80, ffff888021ad5e87)
[  140.161733][ T5846] 
[  140.164040][ T5846] The buggy address belongs to the physical page:
[  140.170516][ T5846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21ad5
[  140.179450][ T5846] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  140.186639][ T5846] page_type: f5(slab)
[  140.190696][ T5846] raw: 00fff00000000000 ffff88801a841500 dead000000000100 dead000000000122
[  140.199250][ T5846] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[  140.207891][ T5846] page dumped because: kasan: bad access detected
[  140.214293][ T5846] page_owner tracks the page as allocated
[  140.219978][ T5846] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 3280583634, free_ts 3148007746
[  140.238614][ T5846]  post_alloc_hook+0x240/0x2a0
[  140.243553][ T5846]  get_page_from_freelist+0x21e4/0x22c0
[  140.249100][ T5846]  __alloc_frozen_pages_noprof+0x181/0x370
[  140.254904][ T5846]  alloc_pages_mpol+0x232/0x4a0
[  140.259747][ T5846]  allocate_slab+0x8a/0x370
[  140.264233][ T5846]  ___slab_alloc+0xbeb/0x1410
[  140.268888][ T5846]  __kmalloc_noprof+0x305/0x4f0
[  140.273711][ T5846]  acpi_ns_internalize_name+0x2c2/0x3a0
[  140.279320][ T5846]  acpi_ns_get_node+0x1a3/0x350
[  140.284244][ T5846]  acpi_get_handle+0x181/0x2a0
[  140.288998][ T5846]  acpi_has_method+0x86/0xd0
[  140.293570][ T5846]  acpi_attr_is_visible+0x19d/0x4f0
[  140.298742][ T5846]  internal_create_group+0x5d7/0x1110
[  140.304101][ T5846]  sysfs_create_groups+0x59/0x120
[  140.309301][ T5846]  device_add_attrs+0x1c4/0x5a0
[  140.314127][ T5846]  device_add+0x496/0xb50
[  140.318606][ T5846] page last free pid 43 tgid 43 stack trace:
[  140.324560][ T5846]  __free_frozen_pages+0xb80/0xd80
[  140.329663][ T5846]  __put_partials+0x156/0x1a0
[  140.334314][ T5846]  flush_cpu_slab+0x2b7/0x450
[  140.338966][ T5846]  process_scheduled_works+0xae1/0x17b0
[  140.344487][ T5846]  worker_thread+0x8a0/0xda0
[  140.349309][ T5846]  kthread+0x70e/0x8a0
[  140.353439][ T5846]  ret_from_fork+0x3fc/0x770
[  140.358091][ T5846]  ret_from_fork_asm+0x1a/0x30
[  140.362834][ T5846] 
[  140.365133][ T5846] Memory state around the buggy address:
[  140.370736][ T5846]  ffff888021ad5d80: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc
[  140.378814][ T5846]  ffff888021ad5e00: 00 fc fc fc 02 fc fc fc 00 fc fc fc fa fc fc fc
[  140.386851][ T5846] >ffff888021ad5e80: 07 fc fc fc 00 fc fc fc 00 fc fc fc 05 fc fc fc
[  140.394899][ T5846]                    ^
[  140.398994][ T5846]  ffff888021ad5f00: fa fc fc fc 05 fc fc fc fa fc fc fc 05 fc fc fc
[  140.407056][ T5846]  ffff888021ad5f80: 00 fc fc fc fa fc fc fc 00 fc fc fc 00 fc fc fc
[  140.415097][ T5846] ==================================================================
[  140.423169][ T5846] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  140.430340][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: kworker/1:3 Not tainted 6.16.0-rc4-next-20250702-syzkaller-06656-g50c8770a42fa-dirty #0 PREEMPT(full) 
[  140.444293][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.454335][ T5846] Workqueue: usb_hub_wq hub_event
[  140.459396][ T5846] Call Trace:
[  140.462682][ T5846]  <TASK>
[  140.465605][ T5846]  dump_stack_lvl+0x99/0x250
[  140.470177][ T5846]  ? __asan_memcpy+0x40/0x70
[  140.474741][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.479916][ T5846]  ? __pfx__printk+0x10/0x10
[  140.484485][ T5846]  panic+0x2db/0x790
[  140.488364][ T5846]  ? __pfx_panic+0x10/0x10
[  140.492753][ T5846]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  140.498662][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.505139][ T5846]  ? print_memory_metadata+0x314/0x400
[  140.510701][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  140.515634][ T5846]  check_panic_on_warn+0x89/0xb0
[  140.520589][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  140.525520][ T5846]  end_report+0x78/0x160
[  140.529758][ T5846]  kasan_report+0x129/0x150
[  140.534243][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  140.539156][ T5846]  kasan_check_range+0x2b0/0x2c0
[  140.544179][ T5846]  ? mon_bin_event+0x12ec/0x23b0
[  140.549096][ T5846]  __asan_memcpy+0x29/0x70
[  140.553512][ T5846]  mon_bin_event+0x12ec/0x23b0
[  140.558284][ T5846]  ? __pfx_mon_bin_event+0x10/0x10
[  140.563386][ T5846]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  140.568753][ T5846]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  140.574799][ T5846]  ? __driver_probe_device+0x18c/0x2f0
[  140.580237][ T5846]  ? __device_attach_driver+0x2ce/0x530
[  140.585773][ T5846]  ? bus_for_each_drv+0x251/0x2e0
[  140.590777][ T5846]  ? __device_attach+0x2b8/0x400
[  140.595689][ T5846]  ? bus_probe_device+0x185/0x260
[  140.600705][ T5846]  ? hid_add_device+0x398/0x540
[  140.605558][ T5846]  ? __pfx_mon_bin_submit+0x10/0x10
[  140.610759][ T5846]  mon_submit+0x193/0x210
[  140.615070][ T5846]  usb_hcd_submit_urb+0x11d/0x1aa0
[  140.620163][ T5846]  usb_start_wait_urb+0x114/0x4c0
[  140.625164][ T5846]  ? __pfx_usb_start_wait_urb+0x10/0x10
[  140.630772][ T5846]  usb_control_msg+0x232/0x3e0
[  140.635540][ T5846]  usbhid_raw_request+0x3cd/0x4e0
[  140.640563][ T5846]  __hid_request+0x1c1/0x370
[  140.645172][ T5846]  hidinput_connect+0x218a/0x3030
[  140.650265][ T5846]  hid_connect+0x499/0x19a0
[  140.654930][ T5846]  ? usbhid_start+0x1a92/0x24b0
[  140.659764][ T5846]  ? __pfx_hid_connect+0x10/0x10
[  140.664801][ T5846]  hid_hw_start+0xa8/0x120
[  140.669220][ T5846]  ms_probe+0x180/0x430
[  140.673359][ T5846]  hid_device_probe+0x39d/0x710
[  140.678189][ T5846]  ? driver_sysfs_add+0x1fe/0x210
[  140.683199][ T5846]  ? __pfx_hid_device_probe+0x10/0x10
[  140.688768][ T5846]  really_probe+0x26a/0x9a0
[  140.693615][ T5846]  __driver_probe_device+0x18c/0x2f0
[  140.699014][ T5846]  driver_probe_device+0x4f/0x430
[  140.704051][ T5846]  __device_attach_driver+0x2ce/0x530
[  140.709475][ T5846]  bus_for_each_drv+0x251/0x2e0
[  140.714312][ T5846]  ? __pfx___device_attach_driver+0x10/0x10
[  140.720204][ T5846]  ? __pfx_bus_for_each_drv+0x10/0x10
[  140.725574][ T5846]  ? __lock_acquire+0xab9/0xd20
[  140.730467][ T5846]  __device_attach+0x2b8/0x400
[  140.735250][ T5846]  ? __pfx___device_attach+0x10/0x10
[  140.740517][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  140.745695][ T5846]  bus_probe_device+0x185/0x260
[  140.750528][ T5846]  device_add+0x7b6/0xb50
[  140.754837][ T5846]  hid_add_device+0x398/0x540
[  140.759582][ T5846]  usbhid_probe+0xe13/0x12a0
[  140.764161][ T5846]  usb_probe_interface+0x637/0xbf0
[  140.769257][ T5846]  ? __pfx_usb_probe_interface+0x10/0x10
[  140.774878][ T5846]  really_probe+0x26a/0x9a0
[  140.779362][ T5846]  __driver_probe_device+0x18c/0x2f0
[  140.784622][ T5846]  driver_probe_device+0x4f/0x430
[  140.789624][ T5846]  __device_attach_driver+0x2ce/0x530
[  140.795062][ T5846]  bus_for_each_drv+0x251/0x2e0
[  140.800004][ T5846]  ? __pfx___device_attach_driver+0x10/0x10
[  140.805876][ T5846]  ? __pfx_bus_for_each_drv+0x10/0x10
[  140.811346][ T5846]  __device_attach+0x2b8/0x400
[  140.816099][ T5846]  ? __pfx___device_attach+0x10/0x10
[  140.821357][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  140.826536][ T5846]  bus_probe_device+0x185/0x260
[  140.831363][ T5846]  device_add+0x7b6/0xb50
[  140.835666][ T5846]  usb_set_configuration+0x1a87/0x20e0
[  140.841117][ T5846]  usb_generic_driver_probe+0x8d/0x150
[  140.846557][ T5846]  usb_probe_device+0x1c1/0x390
[  140.851567][ T5846]  ? __pfx_usb_probe_device+0x10/0x10
[  140.856923][ T5846]  really_probe+0x26a/0x9a0
[  140.861402][ T5846]  __driver_probe_device+0x18c/0x2f0
[  140.866664][ T5846]  driver_probe_device+0x4f/0x430
[  140.871682][ T5846]  __device_attach_driver+0x2ce/0x530
[  140.877137][ T5846]  bus_for_each_drv+0x251/0x2e0
[  140.881977][ T5846]  ? __pfx___device_attach_driver+0x10/0x10
[  140.887909][ T5846]  ? __pfx_bus_for_each_drv+0x10/0x10
[  140.893262][ T5846]  __device_attach+0x2b8/0x400
[  140.898001][ T5846]  ? __pfx___device_attach+0x10/0x10
[  140.903262][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  140.908441][ T5846]  bus_probe_device+0x185/0x260
[  140.913281][ T5846]  device_add+0x7b6/0xb50
[  140.917587][ T5846]  usb_new_device+0xa39/0x16f0
[  140.922330][ T5846]  ? __pfx_usb_new_device+0x10/0x10
[  140.927505][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  140.932678][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.937849][ T5846]  hub_event+0x2941/0x4a00
[  140.942342][ T5846]  ? __pfx_hub_event+0x10/0x10
[  140.947079][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  140.952791][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  140.958137][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  140.963836][ T5846]  ? process_scheduled_works+0x9ef/0x17b0
[  140.969533][ T5846]  process_scheduled_works+0xae1/0x17b0
[  140.975078][ T5846]  ? __pfx_process_scheduled_works+0x10/0x10
[  140.981039][ T5846]  worker_thread+0x8a0/0xda0
[  140.985617][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.991925][ T5846]  ? __kthread_parkme+0x7b/0x200
[  140.996841][ T5846]  kthread+0x70e/0x8a0
[  141.000971][ T5846]  ? __pfx_worker_thread+0x10/0x10
[  141.006055][ T5846]  ? __pfx_kthread+0x10/0x10
[  141.010638][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  141.015898][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  141.021071][ T5846]  ? __pfx_kthread+0x10/0x10
[  141.025635][ T5846]  ret_from_fork+0x3fc/0x770
[  141.030202][ T5846]  ? __pfx_ret_from_fork+0x10/0x10
[  141.035286][ T5846]  ? __switch_to_asm+0x39/0x70
[  141.040035][ T5846]  ? __switch_to_asm+0x33/0x70
[  141.044866][ T5846]  ? __pfx_kthread+0x10/0x10
[  141.049436][ T5846]  ret_from_fork_asm+0x1a/0x30
[  141.054189][ T5846]  </TASK>
[  142.132866][ T5846] Shutting down cpus with NMI
[  142.137892][ T5846] Kernel Offset: disabled
[  142.142212][ T5846] Rebooting in 86400 seconds..