[ 435.144190][ T8] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 435.384182][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 435.664383][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 435.673579][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 435.681637][ T8] usb 1-1: Product: syz
[ 435.685839][ T8] usb 1-1: Manufacturer: syz
[ 435.690514][ T8] usb 1-1: SerialNumber: syz
[ 435.697376][ T8] usb 1-1: config 0 descriptor??
[ 435.736430][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 435.743515][ T8] pvrusb2: **********
[ 435.747706][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 435.757891][ T8] pvrusb2: Important functionality might not be entirely working.
[ 435.766018][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 435.777711][ T8] pvrusb2: **********
[ 435.964393][ T901] pvrusb2: Invalid write control endpoint
[ 435.966918][ T8] usb 1-1: USB disconnect, device number 94
[ 436.004525][ T901] pvrusb2: Invalid write control endpoint
[ 436.010467][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 436.020887][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 436.029900][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 436.040378][ T901] pvrusb2: Device being rendered inoperable
[ 436.046912][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 436.054260][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 436.062786][ T901] pvrusb2: Attached sub-driver cx25840
[ 436.069333][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 436.079619][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 436.734309][ T32] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[ 436.974273][ T32] usb 1-1: Using ep0 maxpacket: 32
[ 437.254427][ T32] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 437.263902][ T32] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 437.272003][ T32] usb 1-1: Product: syz
[ 437.276404][ T32] usb 1-1: Manufacturer: syz
[ 437.281278][ T32] usb 1-1: SerialNumber: syz
[ 437.288203][ T32] usb 1-1: config 0 descriptor??
[ 437.326621][ T32] pvrusb2: Hardware description: Terratec Grabster AV400
[ 437.334459][ T32] pvrusb2: **********
[ 437.338523][ T32] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 437.348926][ T32] pvrusb2: Important functionality might not be entirely working.
[ 437.357342][ T32] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 437.369034][ T32] pvrusb2: **********
[ 437.555242][ T901] pvrusb2: Invalid write control endpoint
[ 437.561914][ T32] usb 1-1: USB disconnect, device number 95
[ 437.592812][ T901] pvrusb2: Invalid write control endpoint
[ 437.598846][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 437.608917][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 437.616716][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 437.626983][ T901] pvrusb2: Device being rendered inoperable
[ 437.633069][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 437.640320][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 437.650304][ T901] pvrusb2: Attached sub-driver cx25840
[ 437.656391][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 437.667061][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 438.314291][ T8] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 438.554240][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 438.834437][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 438.843637][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 438.852125][ T8] usb 1-1: Product: syz
[ 438.856858][ T8] usb 1-1: Manufacturer: syz
[ 438.861783][ T8] usb 1-1: SerialNumber: syz
[ 438.869381][ T8] usb 1-1: config 0 descriptor??
[ 438.916508][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 438.923760][ T8] pvrusb2: **********
[ 438.928160][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 438.938659][ T8] pvrusb2: Important functionality might not be entirely working.
[ 438.946712][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 438.958315][ T8] pvrusb2: **********
[ 439.144422][ T901] pvrusb2: Invalid write control endpoint
[ 439.146364][ T8] usb 1-1: USB disconnect, device number 96
[ 439.182660][ T901] pvrusb2: Invalid write control endpoint
[ 439.190529][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 439.200798][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 439.208702][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 439.219188][ T901] pvrusb2: Device being rendered inoperable
[ 439.225665][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 439.232936][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 439.243533][ T901] pvrusb2: Attached sub-driver cx25840
[ 439.249378][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 439.259707][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
Warning: Permanently added '10.128.1.69' (ED25519) to the list of known hosts.
[ 440.584203][ T8] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 440.824173][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 441.104387][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 441.113748][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 441.122078][ T8] usb 1-1: Product: syz
[ 441.126303][ T8] usb 1-1: Manufacturer: syz
[ 441.131075][ T8] usb 1-1: SerialNumber: syz
[ 441.138070][ T8] usb 1-1: config 0 descriptor??
[ 441.176519][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 441.183593][ T8] pvrusb2: **********
[ 441.187629][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 441.197823][ T8] pvrusb2: Important functionality might not be entirely working.
[ 441.205678][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 441.217182][ T8] pvrusb2: **********
[ 441.404402][ T901] pvrusb2: Invalid write control endpoint
[ 441.407327][ T8] usb 1-1: USB disconnect, device number 97
[ 441.444622][ T901] pvrusb2: Invalid write control endpoint
[ 441.450707][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 441.460698][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 441.468585][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 441.478676][ T901] pvrusb2: Device being rendered inoperable
[ 441.484660][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 441.491745][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 441.500461][ T901] pvrusb2: Attached sub-driver cx25840
[ 441.506087][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 441.516763][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 441.884233][ T8] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 442.124221][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 442.404437][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 442.413500][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 442.421522][ T8] usb 1-1: Product: syz
[ 442.426092][ T8] usb 1-1: Manufacturer: syz
[ 442.430735][ T8] usb 1-1: SerialNumber: syz
[ 442.437728][ T8] usb 1-1: config 0 descriptor??
[ 442.476398][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 442.483840][ T8] pvrusb2: **********
[ 442.488250][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 442.498437][ T8] pvrusb2: Important functionality might not be entirely working.
[ 442.506293][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 442.517875][ T8] pvrusb2: **********
[ 442.694858][ T901] pvrusb2: Invalid write control endpoint
[ 442.696854][ T8] usb 1-1: USB disconnect, device number 98
[ 442.733459][ T901] pvrusb2: Invalid write control endpoint
[ 442.739612][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 442.749434][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 442.757283][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 442.767758][ T901] pvrusb2: Device being rendered inoperable
[ 442.774023][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 442.781732][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 442.791112][ T901] pvrusb2: Attached sub-driver cx25840
[ 442.796648][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 442.807185][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 443.174465][ T8] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 443.414181][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 443.694444][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 443.703983][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 443.712099][ T8] usb 1-1: Product: syz
[ 443.716489][ T8] usb 1-1: Manufacturer: syz
[ 443.721281][ T8] usb 1-1: SerialNumber: syz
[ 443.728571][ T8] usb 1-1: config 0 descriptor??
[ 443.766578][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 443.773649][ T8] pvrusb2: **********
[ 443.780771][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 443.791548][ T8] pvrusb2: Important functionality might not be entirely working.
[ 443.799734][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 443.811288][ T8] pvrusb2: **********
[ 443.984666][ T901] pvrusb2: Invalid write control endpoint
[ 443.986149][ T8] usb 1-1: USB disconnect, device number 99
[ 444.026465][ T901] pvrusb2: Invalid write control endpoint
[ 444.033631][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 444.044164][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 444.051927][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 444.062441][ T901] pvrusb2: Device being rendered inoperable
[ 444.069315][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 444.076732][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 444.085292][ T901] pvrusb2: Attached sub-driver cx25840
[ 444.090760][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 444.100910][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 444.474247][ T8] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[ 444.714202][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 444.994440][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 445.003871][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 445.012124][ T8] usb 1-1: Product: syz
[ 445.016321][ T8] usb 1-1: Manufacturer: syz
[ 445.020909][ T8] usb 1-1: SerialNumber: syz
[ 445.027678][ T8] usb 1-1: config 0 descriptor??
[ 445.076444][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 445.083516][ T8] pvrusb2: **********
[ 445.087572][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 445.097967][ T8] pvrusb2: Important functionality might not be entirely working.
[ 445.105903][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 445.117516][ T8] pvrusb2: **********
[ 445.285989][ T901] pvrusb2: Invalid write control endpoint
[ 445.291565][ T8] usb 1-1: USB disconnect, device number 100
[ 445.329349][ T901] pvrusb2: Invalid write control endpoint
[ 445.335196][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 445.345836][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 445.353382][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 445.363756][ T901] pvrusb2: Device being rendered inoperable
[ 445.370021][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 445.377174][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 445.387247][ T901] pvrusb2: Attached sub-driver cx25840
[ 445.392825][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 445.403120][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 445.764195][ T8] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 446.004172][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 446.284291][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 446.293713][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 446.301890][ T8] usb 1-1: Product: syz
[ 446.306250][ T8] usb 1-1: Manufacturer: syz
[ 446.310850][ T8] usb 1-1: SerialNumber: syz
[ 446.317861][ T8] usb 1-1: config 0 descriptor??
[ 446.356556][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 446.363914][ T8] pvrusb2: **********
[ 446.368081][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 446.378904][ T8] pvrusb2: Important functionality might not be entirely working.
[ 446.386798][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 446.398588][ T8] pvrusb2: **********
[ 446.584386][ T901] pvrusb2: Invalid write control endpoint
[ 446.592886][ T8] usb 1-1: USB disconnect, device number 101
[ 446.616844][ T901] pvrusb2: Invalid write control endpoint
[ 446.622644][ T901] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 446.632308][ T901] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 446.640114][ T901] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 446.650177][ T901] pvrusb2: Device being rendered inoperable
[ 446.656894][ T901] cx25840 0-0044: Unable to detect h/w, assuming cx23887
[ 446.664036][ T901] cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 446.672761][ T901] pvrusb2: Attached sub-driver cx25840
[ 446.679919][ T901] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 446.691105][ T901] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 447.064190][ T8] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 447.304207][ T8] usb 1-1: Using ep0 maxpacket: 32
[ 447.584437][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice= 4.dc
[ 447.593584][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 447.601770][ T8] usb 1-1: Product: syz
[ 447.606111][ T8] usb 1-1: Manufacturer: syz
[ 447.610735][ T8] usb 1-1: SerialNumber: syz
[ 447.618436][ T8] usb 1-1: config 0 descriptor??
[ 447.656851][ T8] pvrusb2: Hardware description: Terratec Grabster AV400
[ 447.664008][ T8] pvrusb2: **********
[ 447.668093][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 447.678404][ T8] pvrusb2: Important functionality might not be entirely working.
[ 447.686379][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 447.697983][ T8] pvrusb2: **********
[ 447.886172][ T8] usb 1-1: USB disconnect, device number 102
[ 447.892682][ T8] pvrusb2: Device being rendered inoperable
[ 447.900104][ T8] ==================================================================
[ 447.908313][ T8] BUG: KASAN: slab-use-after-free in pvr2_context_set_notify+0x2fa/0x350
[ 447.917347][ T8] Read of size 4 at addr ffff8881093becd8 by task kworker/0:0/8
[ 447.925541][ T8]
[ 447.927869][ T8] CPU: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.6.0-rc2-syzkaller-dirty #0
[ 447.936543][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 447.946784][ T8] Workqueue: usb_hub_wq hub_event
[ 447.951857][ T8] Call Trace:
[ 447.955146][ T8]
[ 447.958166][ T8] dump_stack_lvl+0xd9/0x1b0
[ 447.962820][ T8] print_report+0xc4/0x620
[ 447.967448][ T8] ? __virt_addr_valid+0x5e/0x2d0
[ 447.972519][ T8] ? __phys_addr+0xc6/0x140
[ 447.977106][ T8] kasan_report+0xda/0x110
[ 447.981609][ T8] ? pvr2_context_set_notify+0x2fa/0x350
[ 447.987704][ T8] ? pvr2_context_set_notify+0x2fa/0x350
[ 447.993580][ T8] pvr2_context_set_notify+0x2fa/0x350
[ 447.999082][ T8] pvr_disconnect+0x80/0xf0
[ 448.003757][ T8] usb_unbind_interface+0x1dd/0x8d0
[ 448.009674][ T8] ? kernfs_find_ns+0x2e9/0x3e0
[ 448.014936][ T8] ? usb_unbind_device+0x1a0/0x1a0
[ 448.020260][ T8] device_remove+0x11f/0x170
[ 448.024980][ T8] device_release_driver_internal+0x44a/0x610
[ 448.031069][ T8] bus_remove_device+0x22c/0x420
[ 448.036114][ T8] device_del+0x39a/0xa50
[ 448.040535][ T8] ? __device_link_del+0x380/0x380
[ 448.045767][ T8] ? reacquire_held_locks+0x4b0/0x4b0
[ 448.051220][ T8] usb_disable_device+0x36c/0x7f0
[ 448.056544][ T8] ? lockdep_hardirqs_on+0x7d/0x100
[ 448.061908][ T8] usb_disconnect+0x2e1/0x890
[ 448.066940][ T8] hub_event+0x1be0/0x4f30
[ 448.071356][ T8] ? hub_port_debounce+0x3d0/0x3d0
[ 448.076648][ T8] ? mark_lock+0x14a1/0x1950
[ 448.081492][ T8] ? lock_sync+0x190/0x190
[ 448.086087][ T8] ? reacquire_held_locks+0x4b0/0x4b0
[ 448.091655][ T8] process_one_work+0x884/0x15c0
[ 448.096878][ T8] ? hub_port_debounce+0x3d0/0x3d0
[ 448.102004][ T8] ? init_worker_pool+0x770/0x770
[ 448.107290][ T8] ? assign_work+0x1a0/0x240
[ 448.111974][ T8] worker_thread+0x8b9/0x1290
[ 448.116666][ T8] ? process_one_work+0x15c0/0x15c0
[ 448.121968][ T8] kthread+0x33c/0x440
[ 448.126228][ T8] ? _raw_spin_unlock_irq+0x23/0x50
[ 448.131618][ T8] ? kthread_complete_and_exit+0x40/0x40
[ 448.137297][ T8] ret_from_fork+0x45/0x80
[ 448.141813][ T8] ? kthread_complete_and_exit+0x40/0x40
[ 448.147649][ T8] ret_from_fork_asm+0x11/0x20
[ 448.152503][ T8]
[ 448.155512][ T8]
[ 448.157911][ T8] Allocated by task 8:
[ 448.162135][ T8] kasan_save_stack+0x33/0x50
[ 448.166992][ T8] kasan_set_track+0x25/0x30
[ 448.171763][ T8] __kasan_kmalloc+0x87/0x90
[ 448.176572][ T8] pvr2_context_create+0x53/0x2a0
[ 448.181609][ T8] pvr_probe+0x25/0xe0
[ 448.185680][ T8] usb_probe_interface+0x307/0x930
[ 448.190796][ T8] really_probe+0x234/0xc90
[ 448.195298][ T8] __driver_probe_device+0x1de/0x4b0
[ 448.200764][ T8] driver_probe_device+0x4c/0x1a0
[ 448.205786][ T8] __device_attach_driver+0x1d4/0x300
[ 448.211200][ T8] bus_for_each_drv+0x157/0x1d0
[ 448.216061][ T8] __device_attach+0x1e8/0x4b0
[ 448.221036][ T8] bus_probe_device+0x17c/0x1c0
[ 448.225908][ T8] device_add+0x117e/0x1aa0
[ 448.230512][ T8] usb_set_configuration+0x10cb/0x1c40
[ 448.236253][ T8] usb_generic_driver_probe+0xca/0x130
[ 448.241897][ T8] usb_probe_device+0xda/0x2c0
[ 448.246689][ T8] really_probe+0x234/0xc90
[ 448.251338][ T8] __driver_probe_device+0x1de/0x4b0
[ 448.257179][ T8] driver_probe_device+0x4c/0x1a0
[ 448.262281][ T8] __device_attach_driver+0x1d4/0x300
[ 448.267645][ T8] bus_for_each_drv+0x157/0x1d0
[ 448.272506][ T8] __device_attach+0x1e8/0x4b0
[ 448.277401][ T8] bus_probe_device+0x17c/0x1c0
[ 448.282246][ T8] device_add+0x117e/0x1aa0
[ 448.286741][ T8] usb_new_device+0xd80/0x1960
[ 448.291499][ T8] hub_event+0x2e62/0x4f30
[ 448.295911][ T8] process_one_work+0x884/0x15c0
[ 448.300864][ T8] worker_thread+0x8b9/0x1290
[ 448.306167][ T8] kthread+0x33c/0x440
[ 448.310242][ T8] ret_from_fork+0x45/0x80
[ 448.314671][ T8] ret_from_fork_asm+0x11/0x20
[ 448.319710][ T8]
[ 448.322144][ T8] Freed by task 901:
[ 448.326385][ T8] kasan_save_stack+0x33/0x50
[ 448.331092][ T8] kasan_set_track+0x25/0x30
[ 448.336130][ T8] kasan_save_free_info+0x2b/0x40
[ 448.341785][ T8] ____kasan_slab_free+0x13c/0x190
[ 448.347461][ T8] __kmem_cache_free+0xff/0x330
[ 448.352598][ T8] pvr2_context_thread_func+0x69d/0x960
[ 448.358616][ T8] kthread+0x33c/0x440
[ 448.362871][ T8] ret_from_fork+0x45/0x80
[ 448.367730][ T8] ret_from_fork_asm+0x11/0x20
[ 448.373289][ T8]
[ 448.375745][ T8] The buggy address belongs to the object at ffff8881093bec00
[ 448.375745][ T8] which belongs to the cache kmalloc-256 of size 256
[ 448.390326][ T8] The buggy address is located 216 bytes inside of
[ 448.390326][ T8] freed 256-byte region [ffff8881093bec00, ffff8881093bed00)
[ 448.404653][ T8]
[ 448.406968][ T8] The buggy address belongs to the physical page:
[ 448.413920][ T8] page:ffffea000424ef80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1093be
[ 448.424364][ T8] head:ffffea000424ef80 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 448.433676][ T8] anon flags: 0x200000000000840(slab|head|node=0|zone=2)
[ 448.441047][ T8] page_type: 0xffffffff()
[ 448.445581][ T8] raw: 0200000000000840 ffff888100041b40 0000000000000000 dead000000000001
[ 448.454973][ T8] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 448.466098][ T8] page dumped because: kasan: bad access detected
[ 448.472711][ T8] page_owner tracks the page as allocated
[ 448.478686][ T8] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 8817323426, free_ts 0
[ 448.499878][ T8] post_alloc_hook+0x2cf/0x340
[ 448.505000][ T8] get_page_from_freelist+0x10e1/0x2fd0
[ 448.510869][ T8] __alloc_pages+0x1d0/0x4a0
[ 448.515569][ T8] alloc_page_interleave+0x1e/0x230
[ 448.520874][ T8] alloc_pages+0x22a/0x270
[ 448.525400][ T8] allocate_slab+0x251/0x380
[ 448.530544][ T8] ___slab_alloc+0x8c7/0x1580
[ 448.535944][ T8] __slab_alloc.constprop.0+0x56/0xa0
[ 448.541940][ T8] __kmem_cache_alloc_node+0x12c/0x310
[ 448.547895][ T8] kmalloc_trace+0x25/0xe0
[ 448.553253][ T8] bus_add_driver+0x92/0x630
[ 448.558048][ T8] driver_register+0x15c/0x4a0
[ 448.563892][ T8] usb_register_driver+0x24f/0x500
[ 448.569716][ T8] do_one_initcall+0x117/0x630
[ 448.574680][ T8] kernel_init_freeable+0x5bd/0x8f0
[ 448.580016][ T8] kernel_init+0x1c/0x2a0
[ 448.584349][ T8] page_owner free stack trace missing
[ 448.589702][ T8]
[ 448.592047][ T8] Memory state around the buggy address:
[ 448.597761][ T8] ffff8881093beb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 448.605821][ T8] ffff8881093bec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 448.614489][ T8] >ffff8881093bec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 448.622605][ T8] ^
[ 448.629559][ T8] ffff8881093bed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 448.637702][ T8] ffff8881093bed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 448.645752][ T8] ==================================================================
[ 448.654215][ T8] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 448.661452][ T8] CPU: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.6.0-rc2-syzkaller-dirty #0
[ 448.670058][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 448.680441][ T8] Workqueue: usb_hub_wq hub_event
[ 448.685495][ T8] Call Trace:
[ 448.688868][ T8]
[ 448.691796][ T8] dump_stack_lvl+0xd9/0x1b0
[ 448.696584][ T8] panic+0x6a6/0x750
[ 448.700485][ T8] ? panic_smp_self_stop+0xa0/0xa0
[ 448.706032][ T8] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 448.712699][ T8] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 448.719070][ T8] check_panic_on_warn+0xab/0xb0
[ 448.724258][ T8] end_report+0x108/0x150
[ 448.728627][ T8] kasan_report+0xea/0x110
[ 448.733457][ T8] ? pvr2_context_set_notify+0x2fa/0x350
[ 448.739133][ T8] ? pvr2_context_set_notify+0x2fa/0x350
[ 448.744960][ T8] pvr2_context_set_notify+0x2fa/0x350
[ 448.750613][ T8] pvr_disconnect+0x80/0xf0
[ 448.755313][ T8] usb_unbind_interface+0x1dd/0x8d0
[ 448.760719][ T8] ? kernfs_find_ns+0x2e9/0x3e0
[ 448.765931][ T8] ? usb_unbind_device+0x1a0/0x1a0
[ 448.771077][ T8] device_remove+0x11f/0x170
[ 448.775690][ T8] device_release_driver_internal+0x44a/0x610
[ 448.782326][ T8] bus_remove_device+0x22c/0x420
[ 448.787493][ T8] device_del+0x39a/0xa50
[ 448.791939][ T8] ? __device_link_del+0x380/0x380
[ 448.797248][ T8] ? reacquire_held_locks+0x4b0/0x4b0
[ 448.803049][ T8] usb_disable_device+0x36c/0x7f0
[ 448.808286][ T8] ? lockdep_hardirqs_on+0x7d/0x100
[ 448.813591][ T8] usb_disconnect+0x2e1/0x890
[ 448.818276][ T8] hub_event+0x1be0/0x4f30
[ 448.822697][ T8] ? hub_port_debounce+0x3d0/0x3d0
[ 448.827975][ T8] ? mark_lock+0x14a1/0x1950
[ 448.832682][ T8] ? lock_sync+0x190/0x190
[ 448.837157][ T8] ? reacquire_held_locks+0x4b0/0x4b0
[ 448.842705][ T8] process_one_work+0x884/0x15c0
[ 448.847668][ T8] ? hub_port_debounce+0x3d0/0x3d0
[ 448.852885][ T8] ? init_worker_pool+0x770/0x770
[ 448.858018][ T8] ? assign_work+0x1a0/0x240
[ 448.862611][ T8] worker_thread+0x8b9/0x1290
[ 448.867383][ T8] ? process_one_work+0x15c0/0x15c0
[ 448.872639][ T8] kthread+0x33c/0x440
[ 448.876807][ T8] ? _raw_spin_unlock_irq+0x23/0x50
[ 448.882283][ T8] ? kthread_complete_and_exit+0x40/0x40
[ 448.888186][ T8] ret_from_fork+0x45/0x80
[ 448.893318][ T8] ? kthread_complete_and_exit+0x40/0x40
[ 448.899317][ T8] ret_from_fork_asm+0x11/0x20
[ 448.904395][ T8]
[ 448.907859][ T8] Kernel Offset: disabled
[ 448.912466][ T8] Rebooting in 86400 seconds..