Warning: Permanently added '10.128.1.136' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[ 42.095287][ T28] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 42.103040][ T2029] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 42.111195][ T22] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 42.115155][ T720] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 42.126376][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 42.345123][ T28] usb 2-1: Using ep0 maxpacket: 32
[ 42.355142][ T2029] usb 1-1: Using ep0 maxpacket: 32
[ 42.360542][ T22] usb 5-1: Using ep0 maxpacket: 32
[ 42.395137][ T720] usb 4-1: Using ep0 maxpacket: 32
[ 42.400332][ T9] usb 3-1: Using ep0 maxpacket: 32
[ 42.465465][ T28] usb 2-1: config 0 has an invalid interface number: 47 but max is 1
[ 42.473837][ T28] usb 2-1: config 0 has no interface number 1
[ 42.480035][ T28] usb 2-1: config 0 interface 47 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 42.490406][ T2029] usb 1-1: config 0 has an invalid interface number: 47 but max is 1
[ 42.498587][ T2029] usb 1-1: config 0 has no interface number 1
[ 42.504739][ T22] usb 5-1: config 0 has an invalid interface number: 47 but max is 1
[ 42.512876][ T22] usb 5-1: config 0 has no interface number 1
[ 42.519035][ T28] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[ 42.529090][ T2029] usb 1-1: config 0 interface 47 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 42.535656][ T9] usb 3-1: config 0 has an invalid interface number: 47 but max is 1
[ 42.538935][ T22] usb 5-1: config 0 interface 47 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 42.546973][ T9] usb 3-1: config 0 has no interface number 1
[ 42.556906][ T2029] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[ 42.562845][ T720] usb 4-1: config 0 has an invalid interface number: 47 but max is 1
[ 42.572890][ T22] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[ 42.580746][ T720] usb 4-1: config 0 has no interface number 1
[ 42.582642][ T9] usb 3-1: config 0 interface 47 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 42.606778][ T720] usb 4-1: config 0 interface 47 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 42.616613][ T720] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[ 42.626686][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[ 42.715360][ T28] usb 2-1: New USB device found, idVendor=2040, idProduct=7502, bcdDevice=f1.87
[ 42.724453][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 42.732597][ T28] usb 2-1: Product: syz
[ 42.736841][ T28] usb 2-1: Manufacturer: syz
[ 42.741441][ T28] usb 2-1: SerialNumber: syz
[ 42.748582][ T2029] usb 1-1: New USB device found, idVendor=2040, idProduct=7502, bcdDevice=f1.87
[ 42.757681][ T2029] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 42.765717][ T2029] usb 1-1: Product: syz
[ 42.769897][ T2029] usb 1-1: Manufacturer: syz
[ 42.774506][ T2029] usb 1-1: SerialNumber: syz
[ 42.779303][ T22] usb 5-1: New USB device found, idVendor=2040, idProduct=7502, bcdDevice=f1.87
[ 42.788387][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 42.795430][ T720] usb 4-1: New USB device found, idVendor=2040, idProduct=7502, bcdDevice=f1.87
[ 42.796418][ T22] usb 5-1: Product: syz
[ 42.805560][ T720] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 42.809620][ T22] usb 5-1: Manufacturer: syz
[ 42.817610][ T720] usb 4-1: Product: syz
[ 42.822192][ T22] usb 5-1: SerialNumber: syz
[ 42.826362][ T720] usb 4-1: Manufacturer: syz
[ 42.826387][ T720] usb 4-1: SerialNumber: syz
[ 42.833511][ T28] usb 2-1: config 0 descriptor??
[ 42.835712][ T9] usb 3-1: New USB device found, idVendor=2040, idProduct=7502, bcdDevice=f1.87
[ 42.854415][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 42.862483][ T9] usb 3-1: Product: syz
[ 42.865254][ T2029] usb 1-1: config 0 descriptor??
[ 42.866681][ T9] usb 3-1: Manufacturer: syz
[ 42.866707][ T9] usb 3-1: SerialNumber: syz
[ 42.873848][ T22] usb 5-1: config 0 descriptor??
[ 42.894234][ T720] usb 4-1: config 0 descriptor??
[ 42.903337][ T9] usb 3-1: config 0 descriptor??
[ 42.913751][ T2029] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 42.924704][ T28] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 42.935917][ T22] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 42.938924][ T720] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 42.958230][ T9] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
executing program
executing program
[ 43.100142][ T904] pvrusb2: Invalid read control endpoint
[ 43.110467][ T28] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 43.131266][ T2029] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
executing program
executing program
[ 43.147821][ T904] usb 2-1: Direct firmware load for v4l-pvrusb2-160xxx-01.fw failed with error -2
[ 43.170652][ T22] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 43.187875][ T904] pvrusb2: ***WARNING*** Device fx2 controller firmware seems to be missing.
[ 43.191562][ T28] usb 2-1: USB disconnect, device number 2
[ 43.197132][ T904] pvrusb2: Did you install the pvrusb2 firmware files in their proper location?
[ 43.211981][ T904] pvrusb2: request_firmware unable to locate fx2 controller file v4l-pvrusb2-160xxx-01.fw
[ 43.212196][ T2029] usb 1-1: USB disconnect, device number 2
[ 43.221902][ T904] pvrusb2: Failure uploading firmware1
[ 43.221914][ T904] pvrusb2: Device initialization was not successful.
[ 43.221925][ T904] pvrusb2: Giving up since device microcontroller firmware appears to be missing.
executing program
[ 43.234664][ T720] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 43.243314][ T28] pvrusb2: Device being rendered inoperable
[ 43.266566][ T9] pvrusb2: Hardware description: WinTV HVR-1955 Model 160111
[ 43.270450][ T22] usb 5-1: USB disconnect, device number 2
[ 43.296908][ T22] pvrusb2: Device being rendered inoperable
[ 43.316113][ T28] pvrusb2: Device being rendered inoperable
[ 43.319417][ T720] usb 4-1: USB disconnect, device number 2
[ 43.332324][ T22] pvrusb2: Device being rendered inoperable
[ 43.343997][ T2029] pvrusb2: Device being rendered inoperable
[ 43.344076][ T9] usb 3-1: USB disconnect, device number 2
[ 43.363534][ T2029] pvrusb2: Device being rendered inoperable
[ 43.366477][ T720] pvrusb2: Device being rendered inoperable
[ 43.376448][ T904] pvrusb2: Failed to submit write-control URB status=-19
[ 43.398432][ T720] ==================================================================
[ 43.401119][ T904] usb 3-1: Direct firmware load for v4l-pvrusb2-160xxx-01.fw failed with error -2
[ 43.406519][ T720] BUG: KASAN: slab-use-after-free in pvr2_context_set_notify+0x2c4/0x310
[ 43.406586][ T720] Read of size 4 at addr ffff88811356ced8 by task kworker/0:2/720
[ 43.406611][ T720]
[ 43.416601][ T904] pvrusb2: ***WARNING*** Device fx2 controller firmware seems to be missing.
[ 43.424184][ T720] CPU: 0 PID: 720 Comm: kworker/0:2 Not tainted 6.8.0-rc6-syzkaller-00190-ga788e53c05ae #0
[ 43.424219][ T720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 43.432080][ T904] pvrusb2: Did you install the pvrusb2 firmware files in their proper location?
[ 43.434343][ T720] Workqueue: usb_hub_wq hub_event
[ 43.443128][ T904] pvrusb2: request_firmware unable to locate fx2 controller file v4l-pvrusb2-160xxx-01.fw
[ 43.453039][ T720]
[ 43.453047][ T720] Call Trace:
[ 43.453059][ T720]
[ 43.453069][ T720] dump_stack_lvl+0xd9/0x1b0
[ 43.463148][ T904] pvrusb2: Failure uploading firmware1
[ 43.472129][ T720] print_report+0xc4/0x620
[ 43.472166][ T720] ? __virt_addr_valid+0x5e/0x580
[ 43.477224][ T904] pvrusb2: Device initialization was not successful.
[ 43.487066][ T720] ? __phys_addr+0xc6/0x140
[ 43.487107][ T720] kasan_report+0xda/0x110
[ 43.489431][ T904] pvrusb2: Giving up since device microcontroller firmware appears to be missing.
[ 43.492703][ T720] ? pvr2_context_set_notify+0x2c4/0x310
[ 43.545759][ T720] ? pvr2_context_set_notify+0x2c4/0x310
[ 43.551455][ T720] pvr2_context_set_notify+0x2c4/0x310
[ 43.556970][ T720] pvr2_context_disconnect+0x94/0xb0
[ 43.562311][ T720] pvr_disconnect+0x80/0xf0
[ 43.566863][ T720] usb_unbind_interface+0x1e5/0x960
[ 43.572125][ T720] ? kernfs_find_ns+0x2eb/0x3f0
[ 43.577021][ T720] ? usb_autopm_get_interface+0xe0/0xe0
[ 43.582619][ T720] device_remove+0x11f/0x170
[ 43.587253][ T720] device_release_driver_internal+0x44a/0x610
[ 43.593373][ T720] bus_remove_device+0x22c/0x420
[ 43.598361][ T720] device_del+0x39a/0xa50
[ 43.602732][ T720] ? __device_link_del+0x380/0x380
[ 43.607897][ T720] ? kobject_put+0x220/0x5b0
[ 43.612560][ T720] usb_disable_device+0x36c/0x7f0
[ 43.617635][ T720] usb_disconnect+0x2e1/0x910
[ 43.622366][ T720] hub_event+0x1be0/0x4f40
[ 43.626848][ T720] ? hub_port_debounce+0x3d0/0x3d0
[ 43.631996][ T720] ? check_irq_usage+0x1f1/0x1490
[ 43.637064][ T720] ? lock_sync+0x190/0x190
[ 43.641522][ T720] ? reacquire_held_locks+0x4c0/0x4c0
[ 43.646934][ T720] process_one_work+0x886/0x15d0
[ 43.651918][ T720] ? hub_port_debounce+0x3d0/0x3d0
[ 43.657070][ T720] ? workqueue_congested+0x300/0x300
[ 43.662408][ T720] ? assign_work+0x1a0/0x250
[ 43.667047][ T720] worker_thread+0x8b9/0x1290
[ 43.671772][ T720] ? __kthread_parkme+0x14b/0x220
[ 43.676840][ T720] ? process_one_work+0x15d0/0x15d0
[ 43.682097][ T720] kthread+0x2c6/0x3a0
[ 43.686212][ T720] ? _raw_spin_unlock_irq+0x23/0x50
[ 43.691450][ T720] ? kthread_complete_and_exit+0x40/0x40
[ 43.697121][ T720] ret_from_fork+0x45/0x80
[ 43.701569][ T720] ? kthread_complete_and_exit+0x40/0x40
[ 43.707269][ T720] ret_from_fork_asm+0x11/0x20
[ 43.712077][ T720]
[ 43.715104][ T720]
[ 43.717466][ T720] Allocated by task 720:
[ 43.721736][ T720] kasan_save_stack+0x33/0x50
[ 43.726420][ T720] kasan_save_track+0x14/0x30
[ 43.731106][ T720] __kasan_kmalloc+0x87/0x90
[ 43.735717][ T720] pvr2_context_create+0x53/0x2a0
[ 43.740751][ T720] pvr_probe+0x25/0xe0
[ 43.744827][ T720] usb_probe_interface+0x307/0x9c0
[ 43.745171][ T28] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 43.749938][ T720] really_probe+0x234/0xc90
[ 43.749967][ T720] __driver_probe_device+0x1de/0x4b0
[ 43.767218][ T720] driver_probe_device+0x4c/0x1a0
[ 43.772290][ T720] __device_attach_driver+0x1d4/0x300
[ 43.777689][ T720] bus_for_each_drv+0x157/0x1d0
[ 43.782561][ T720] __device_attach+0x1e8/0x4b0
[ 43.787354][ T720] bus_probe_device+0x17c/0x1c0
[ 43.792214][ T720] device_add+0x117e/0x1aa0
[ 43.795673][ T22] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 43.796723][ T720] usb_set_configuration+0x10cb/0x1c40
[ 43.796760][ T720] usb_generic_driver_probe+0xad/0x110
[ 43.815117][ T720] usb_probe_device+0xec/0x3e0
[ 43.820005][ T720] really_probe+0x234/0xc90
[ 43.824526][ T720] __driver_probe_device+0x1de/0x4b0
[ 43.829854][ T720] driver_probe_device+0x4c/0x1a0
[ 43.834883][ T720] __device_attach_driver+0x1d4/0x300
[ 43.840281][ T720] bus_for_each_drv+0x157/0x1d0
[ 43.845215][ T720] __device_attach+0x1e8/0x4b0
[ 43.849980][ T720] bus_probe_device+0x17c/0x1c0
[ 43.854852][ T720] device_add+0x117e/0x1aa0
[ 43.859364][ T720] usb_new_device+0xd90/0x1a10
[ 43.864134][ T720] hub_event+0x2e62/0x4f40
[ 43.868562][ T720] process_one_work+0x886/0x15d0
[ 43.873556][ T720] worker_thread+0x8b9/0x1290
[ 43.878242][ T720] kthread+0x2c6/0x3a0
[ 43.882321][ T720] ret_from_fork+0x45/0x80
[ 43.886744][ T720] ret_from_fork_asm+0x11/0x20
[ 43.891523][ T720]
[ 43.893848][ T720] Freed by task 904:
[ 43.897745][ T720] kasan_save_stack+0x33/0x50
[ 43.902431][ T720] kasan_save_track+0x14/0x30
[ 43.907132][ T720] kasan_save_free_info+0x3f/0x60
[ 43.912182][ T720] __kasan_slab_free+0x106/0x1b0
[ 43.917133][ T720] kfree+0x105/0x340
[ 43.921039][ T720] pvr2_context_thread_func+0x69d/0x960
[ 43.926605][ T720] kthread+0x2c6/0x3a0
[ 43.930694][ T720] ret_from_fork+0x45/0x80
[ 43.935128][ T720] ret_from_fork_asm+0x11/0x20
[ 43.939916][ T720]
[ 43.942243][ T720] The buggy address belongs to the object at ffff88811356ce00
[ 43.942243][ T720] which belongs to the cache kmalloc-256 of size 256
[ 43.956311][ T720] The buggy address is located 216 bytes inside of
[ 43.956311][ T720] freed 256-byte region [ffff88811356ce00, ffff88811356cf00)
[ 43.970321][ T720]
[ 43.972647][ T720] The buggy address belongs to the physical page:
[ 43.979069][ T720] page:ffffea00044d5b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11356c
[ 43.989354][ T720] head:ffffea00044d5b00 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 43.995168][ T28] usb 2-1: Using ep0 maxpacket: 32
[ 43.998299][ T720] anon flags: 0x200000000000840(slab|head|node=0|zone=2)
[ 43.998323][ T720] page_type: 0xffffffff()
[ 43.998347][ T720] raw: 0200000000000840 ffff888100041b40 ffffea000447f900 0000000000000003
[ 44.023373][ T720] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 44.031957][ T720] page dumped because: kasan: bad access detected
[ 44.035440][ T22] usb 5-1: Using ep0 maxpacket: 32
[ 44.038353][ T720] page_owner tracks the page as allocated
[ 44.038362][ T720] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 11334302324, free_ts 0
[ 44.068904][ T720] post_alloc_hook+0x2d0/0x350
[ 44.073687][ T720] get_page_from_freelist+0x139c/0x3470
[ 44.079263][ T720] __alloc_pages+0x228/0x2250
[ 44.083964][ T720] new_slab+0xcc/0x3a0
[ 44.088049][ T720] ___slab_alloc+0x4b0/0x1860
[ 44.092740][ T720] __slab_alloc.constprop.0+0x56/0xa0
[ 44.098124][ T720] __kmalloc_node_track_caller+0x171/0x420
[ 44.103943][ T720] krealloc+0x5d/0xf0
[ 44.107953][ T720] add_sysfs_param+0xca/0x960
[ 44.112639][ T720] param_sysfs_builtin_init+0x2ca/0x450
[ 44.115701][ T28] usb 2-1: config 0 has an invalid interface number: 47 but max is 1
[ 44.118187][ T720] do_one_initcall+0x11c/0x650
[ 44.126292][ T28] usb 2-1: config 0 has no interface number 1
[ 44.130994][ T720] kernel_init_freeable+0x682/0xc10
[ 44.140170][ T28] usb 2-1: config 0 interface 47 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 44.142221][ T720] kernel_init+0x1c/0x2a0
[ 44.142269][ T720] ret_from_fork+0x45/0x80
[ 44.152117][ T28] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[ 44.156278][ T720] ret_from_fork_asm+0x11/0x20
[ 44.156316][ T720] page_owner free stack trace missing
[ 44.156325][ T720]
[ 44.156329][ T720] Memory state around the buggy address:
[ 44.156343][ T720] ffff88811356cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 44.156364][ T720] ffff88811356ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 44.156383][ T720] >ffff88811356ce80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 44.156398][ T720] ^
[ 44.156413][ T720] ffff88811356cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 44.156432][ T720] ffff88811356cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 44.156447][ T720] ==================================================================
[ 44.156544][ T720] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 44.156559][ T720] CPU: 0 PID: 720 Comm: kworker/0:2 Not tainted 6.8.0-rc6-syzkaller-00190-ga788e53c05ae #0
[ 44.156593][ T720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 44.156612][ T720] Workqueue: usb_hub_wq hub_event
[ 44.156639][ T720] Call Trace:
[ 44.156649][ T720]
[ 44.156658][ T720] dump_stack_lvl+0xd9/0x1b0
[ 44.156699][ T720] panic+0x6dc/0x790
[ 44.156738][ T720] ? panic_smp_self_stop+0xa0/0xa0
[ 44.156783][ T720] ? check_panic_on_warn+0x1f/0xb0
[ 44.156826][ T720] check_panic_on_warn+0xab/0xb0
[ 44.156868][ T720] end_report+0x108/0x150
[ 44.156900][ T720] kasan_report+0xea/0x110
[ 44.156931][ T720] ? pvr2_context_set_notify+0x2c4/0x310
[ 44.156976][ T720] ? pvr2_context_set_notify+0x2c4/0x310
[ 44.157022][ T720] pvr2_context_set_notify+0x2c4/0x310
[ 44.157067][ T720] pvr2_context_disconnect+0x94/0xb0
[ 44.157112][ T720] pvr_disconnect+0x80/0xf0
[ 44.157151][ T720] usb_unbind_interface+0x1e5/0x960
[ 44.157202][ T720] ? kernfs_find_ns+0x2eb/0x3f0
[ 44.157238][ T720] ? usb_autopm_get_interface+0xe0/0xe0
[ 44.157280][ T720] device_remove+0x11f/0x170
[ 44.157311][ T720] device_release_driver_internal+0x44a/0x610
[ 44.157356][ T720] bus_remove_device+0x22c/0x420
[ 44.157385][ T720] device_del+0x39a/0xa50
[ 44.157422][ T720] ? __device_link_del+0x380/0x380
[ 44.157459][ T720] ? kobject_put+0x220/0x5b0
[ 44.157501][ T720] usb_disable_device+0x36c/0x7f0
[ 44.157539][ T720] usb_disconnect+0x2e1/0x910
[ 44.157587][ T720] hub_event+0x1be0/0x4f40
[ 44.157622][ T720] ? hub_port_debounce+0x3d0/0x3d0
[ 44.157650][ T720] ? check_irq_usage+0x1f1/0x1490
[ 44.157681][ T720] ? lock_sync+0x190/0x190
[ 44.157713][ T720] ? reacquire_held_locks+0x4c0/0x4c0
[ 44.157750][ T720] process_one_work+0x886/0x15d0
[ 44.157791][ T720] ? hub_port_debounce+0x3d0/0x3d0
[ 44.157818][ T720] ? workqueue_congested+0x300/0x300
[ 44.157858][ T720] ? assign_work+0x1a0/0x250
[ 44.157893][ T720] worker_thread+0x8b9/0x1290
[ 44.157934][ T720] ? __kthread_parkme+0x14b/0x220
[ 44.157966][ T720] ? process_one_work+0x15d0/0x15d0
[ 44.158005][ T720] kthread+0x2c6/0x3a0
[ 44.158036][ T720] ? _raw_spin_unlock_irq+0x23/0x50
[ 44.158072][ T720] ? kthread_complete_and_exit+0x40/0x40
[ 44.158108][ T720] ret_from_fork+0x45/0x80
[ 44.158133][ T720] ? kthread_complete_and_exit+0x40/0x40
[ 44.158175][ T720] ret_from_fork_asm+0x11/0x20
[ 44.158214][ T720]
[ 44.161182][ T720] Kernel Offset: disabled