kye 0003:0458:5015.0002: hidraw1: USB HID v0.00 Device [HID 0458:5015] on usb-dummy_hcd.0-1/input0
kye 0003:0458:5015.0002: implement() called with too large value 18 (n: 0)! (kworker/2:1)
------------[ cut here ]------------
WARNING: CPU: 2 PID: 37 at drivers/hid/hid-core.c:1451 implement+0x22f/0x270 drivers/hid/hid-core.c:1451
Modules linked in:
CPU: 2 PID: 37 Comm: kworker/2:1 Not tainted 6.8.0-rc4-syzkaller-g841c35169323 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Workqueue: usb_hub_wq hub_event
RIP: 0010:implement+0x22f/0x270 drivers/hid/hid-core.c:1451
Code: c7 c2 a0 94 10 8c 65 48 8b 04 25 40 c2 03 00 49 8d bd 38 19 00 00 48 c7 c6 c0 73 10 8c 4c 8d 88 90 08 00 00 e8 e2 ee 72 fd 90 <0f> 0b 90 44 21 fd e9 58 ff ff ff 48 89 d7 89 44 24 14 48 89 54 24
RSP: 0018:ffffc90000916a80 EFLAGS: 00010082
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff816d4fb9
RDX: ffff88801578a400 RSI: ffffffff8588f9b5 RDI: 0000000000000005
RBP: 0000000000000012 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000001 R11: 0000000000000007 R12: 0000000000000000
R13: ffff88802496c000 R14: 0000000000000008 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88806b400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055f0ff8a9928 CR3: 0000000020596000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 hid_output_field drivers/hid/hid-core.c:1833 [inline]
 hid_output_report+0x2ef/0x4a0 drivers/hid/hid-core.c:1863
 __usbhid_submit_report+0x778/0xed0 drivers/hid/usbhid/hid-core.c:591
 usbhid_submit_report drivers/hid/usbhid/hid-core.c:636 [inline]
 usbhid_request+0x79/0xf0 drivers/hid/usbhid/hid-core.c:1281
 hid_hw_request+0x72/0xb0 drivers/hid/hid-core.c:2390
 kye_tablet_enable drivers/hid/hid-kye.c:557 [inline]
 kye_probe drivers/hid/hid-kye.c:600 [inline]
 kye_probe+0x3d3/0x550 drivers/hid/hid-kye.c:562
 __hid_device_probe drivers/hid/hid-core.c:2633 [inline]
 hid_device_probe+0x2eb/0x490 drivers/hid/hid-core.c:2670
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x23a/0xcb0 drivers/base/dd.c:658
 __driver_probe_device+0x1de/0x4b0 drivers/base/dd.c:800
 driver_probe_device+0x4c/0x1b0 drivers/base/dd.c:830
 __device_attach_driver+0x1df/0x310 drivers/base/dd.c:958
 bus_for_each_drv+0x157/0x1e0 drivers/base/bus.c:457
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17f/0x1c0 drivers/base/bus.c:532
 device_add+0x1188/0x1ab0 drivers/base/core.c:3625
 hid_add_device+0x37f/0xa70 drivers/hid/hid-core.c:2816
 usbhid_probe+0xd0a/0x1370 drivers/hid/usbhid/hid-core.c:1429
 usb_probe_interface+0x309/0x940 drivers/usb/core/driver.c:399
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x23a/0xcb0 drivers/base/dd.c:658
 __driver_probe_device+0x1de/0x4b0 drivers/base/dd.c:800
 driver_probe_device+0x4c/0x1b0 drivers/base/dd.c:830
 __device_attach_driver+0x1df/0x310 drivers/base/dd.c:958
 bus_for_each_drv+0x157/0x1e0 drivers/base/bus.c:457
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17f/0x1c0 drivers/base/bus.c:532
 device_add+0x1188/0x1ab0 drivers/base/core.c:3625
 usb_set_configuration+0x10cb/0x1c50 drivers/usb/core/message.c:2207
 usb_generic_driver_probe+0xb1/0x110 drivers/usb/core/generic.c:254
 usb_probe_device+0xec/0x360 drivers/usb/core/driver.c:294
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x23a/0xcb0 drivers/base/dd.c:658
 __driver_probe_device+0x1de/0x4b0 drivers/base/dd.c:800
 driver_probe_device+0x4c/0x1b0 drivers/base/dd.c:830
 __device_attach_driver+0x1df/0x310 drivers/base/dd.c:958
 bus_for_each_drv+0x157/0x1e0 drivers/base/bus.c:457
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17f/0x1c0 drivers/base/bus.c:532
 device_add+0x1188/0x1ab0 drivers/base/core.c:3625
 usb_new_device+0xd90/0x1a10 drivers/usb/core/hub.c:2614
 hub_port_connect drivers/usb/core/hub.c:5483 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5623 [inline]
 port_event drivers/usb/core/hub.c:5783 [inline]
 hub_event+0x2db0/0x4e20 drivers/usb/core/hub.c:5865
 process_one_work+0x889/0x15e0 kernel/workqueue.c:2633
 process_scheduled_works kernel/workqueue.c:2706 [inline]
 worker_thread+0x8b9/0x12a0 kernel/workqueue.c:2787
 kthread+0x2c6/0x3b0 kernel/kthread.c:388
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:242
 </TASK>