Warning: Permanently added '10.128.1.75' (ECDSA) to the list of known hosts.
2023/07/09 06:00:24 ignoring optional flag "sandboxArg"="0"
2023/07/09 06:00:24 parsed 1 programs
2023/07/09 06:00:27 executed programs: 0
[   79.222776][ T3053] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  128.388565][   T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  128.418436][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  128.426535][ T2327] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  128.498204][ T5792] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  128.558221][ T5799] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  128.638191][   T25] usb 2-1: Using ep0 maxpacket: 8
[  128.668168][  T717] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  128.698222][ T2327] usb 6-1: Using ep0 maxpacket: 8
[  128.703404][    T9] usb 1-1: Using ep0 maxpacket: 8
[  128.758391][ T5792] usb 5-1: Using ep0 maxpacket: 8
[  128.758550][   T25] usb 2-1: New USB device found, idVendor=2040, idProduct=2400, bcdDevice=e2.65
[  128.772780][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.784605][   T25] usb 2-1: config 0 descriptor??
[  128.829159][ T5799] usb 3-1: Using ep0 maxpacket: 8
[  128.832923][   T25] hub 2-1:0.0: bad descriptor, ignoring hub
[  128.840858][   T25] hub: probe of 2-1:0.0 failed with error -5
[  128.848385][    T9] usb 1-1: New USB device found, idVendor=2040, idProduct=2400, bcdDevice=e2.65
[  128.849330][   T25] pvrusb2: Hardware description: WinTV PVR USB2 Model 24xxx
[  128.857746][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.873497][ T2327] usb 6-1: New USB device found, idVendor=2040, idProduct=2400, bcdDevice=e2.65
[  128.882667][ T2327] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.897192][ T2327] usb 6-1: config 0 descriptor??
[  128.904868][    T9] usb 1-1: config 0 descriptor??
[  128.908296][  T717] usb 4-1: Using ep0 maxpacket: 8
[  128.938527][ T5792] usb 5-1: New USB device found, idVendor=2040, idProduct=2400, bcdDevice=e2.65
[  128.948838][ T5792] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.957995][ T2327] hub 6-1:0.0: bad descriptor, ignoring hub
[  128.964420][ T2327] hub: probe of 6-1:0.0 failed with error -5
[  128.971380][    T9] hub 1-1:0.0: bad descriptor, ignoring hub
[  128.977713][    T9] hub: probe of 1-1:0.0 failed with error -5
[  128.985197][ T2327] pvrusb2: Hardware description: WinTV PVR USB2 Model 24xxx
[  128.992704][ T5799] usb 3-1: New USB device found, idVendor=2040, idProduct=2400, bcdDevice=e2.65
[  129.002549][ T5799] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.012866][    T9] pvrusb2: Hardware description: WinTV PVR USB2 Model 24xxx
[  129.022182][ T5792] usb 5-1: config 0 descriptor??
[  129.028607][  T717] usb 4-1: New USB device found, idVendor=2040, idProduct=2400, bcdDevice=e2.65
[  129.030096][ T5799] usb 3-1: config 0 descriptor??
[  129.037783][  T717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.055875][  T717] usb 4-1: config 0 descriptor??
[  129.066459][  T892] usb 2-1: Direct firmware load for v4l-pvrusb2-24xxx-01.fw failed with error -2
[  129.069047][ T5792] hub 5-1:0.0: bad descriptor, ignoring hub
[  129.076989][   T25] usb 2-1: USB disconnect, device number 2
[  129.083254][ T5792] hub: probe of 5-1:0.0 failed with error -5
[  129.093586][  T892] pvrusb2: ***WARNING*** Device fx2 controller firmware seems to be missing.
[  129.096438][ T5799] hub 3-1:0.0: bad descriptor, ignoring hub
[  129.104411][  T892] pvrusb2: Did you install the pvrusb2 firmware files in their proper location?
[  129.104423][  T892] pvrusb2: request_firmware unable to locate fx2 controller file v4l-pvrusb2-24xxx-01.fw
[  129.104439][  T892] pvrusb2: Failure uploading firmware1
[  129.104448][  T892] pvrusb2: Device initialization was not successful.
[  129.104456][  T892] pvrusb2: Giving up since device microcontroller firmware appears to be missing.
[  129.106140][   T25] pvrusb2: Device being rendered inoperable
[  129.110810][ T5799] hub: probe of 3-1:0.0 failed with error -5
[  129.113339][ T5799] pvrusb2: Hardware description: WinTV PVR USB2 Model 24xxx
[  129.129011][  T717] hub 4-1:0.0: bad descriptor, ignoring hub
[  129.132651][ T5792] pvrusb2: Hardware description: WinTV PVR USB2 Model 24xxx
[  129.135944][  T717] hub: probe of 4-1:0.0 failed with error -5
[  129.153652][  T717] pvrusb2: Hardware description: WinTV PVR USB2 Model 24xxx
[  129.171190][ T2327] usb 6-1: USB disconnect, device number 2
[  129.174606][  T892] usb 6-1: Direct firmware load for v4l-pvrusb2-24xxx-01.fw failed with error -2
[  129.180495][    T9] usb 1-1: USB disconnect, device number 2
[  129.192142][  T892] pvrusb2: ***WARNING*** Device fx2 controller firmware seems to be missing.
[  129.192159][  T892] pvrusb2: Did you install the pvrusb2 firmware files in their proper location?
[  129.192167][  T892] pvrusb2: request_firmware unable to locate fx2 controller file v4l-pvrusb2-24xxx-01.fw
[  129.192180][  T892] pvrusb2: Failure uploading firmware1
[  129.192190][  T892] pvrusb2: Device initialization was not successful.
[  129.192197][  T892] pvrusb2: Giving up since device microcontroller firmware appears to be missing.
[  129.192841][  T892] usb 1-1: Direct firmware load for v4l-pvrusb2-24xxx-01.fw failed with error -2
[  129.200620][ T2327] pvrusb2: Device being rendered inoperable
[  129.208732][  T892] pvrusb2: ***WARNING*** Device fx2 controller firmware seems to be missing.
[  129.290346][ T5792] usb 5-1: USB disconnect, device number 2
[  129.297018][  T892] pvrusb2: Did you install the pvrusb2 firmware files in their proper location?
[  129.297030][  T892] pvrusb2: request_firmware unable to locate fx2 controller file v4l-pvrusb2-24xxx-01.fw
[  129.314975][ T5792] pvrusb2: Device being rendered inoperable
[  129.323211][  T892] pvrusb2: Failure uploading firmware1
[  129.323224][  T892] pvrusb2: Device initialization was not successful.
[  129.323231][  T892] pvrusb2: Giving up since device microcontroller firmware appears to be missing.
[  129.353267][    T9] pvrusb2: Device being rendered inoperable
[  129.359900][  T717] usb 4-1: USB disconnect, device number 2
[  129.361213][ T5799] usb 3-1: USB disconnect, device number 2
[  129.372593][  T717] pvrusb2: Device being rendered inoperable
[  129.379735][ T5799] pvrusb2: Device being rendered inoperable
[  129.389629][ T5792] ==================================================================
[  129.398168][ T5792] BUG: KASAN: slab-use-after-free in pvr2_context_set_notify+0x2c4/0x310
[  129.406884][ T5792] Read of size 4 at addr ffff888113dc6cd8 by task kworker/0:3/5792
[  129.414946][ T5792] 
[  129.417352][ T5792] CPU: 0 PID: 5792 Comm: kworker/0:3 Not tainted 6.4.0-syzkaller-12454-g1c7873e33645 #0
[  129.427317][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
[  129.437816][ T5792] Workqueue: usb_hub_wq hub_event
[  129.442947][ T5792] Call Trace:
[  129.446233][ T5792]  <TASK>
[  129.449262][ T5792]  dump_stack_lvl+0xd9/0x150
[  129.454052][ T5792]  print_address_description.constprop.0+0x2c/0x3c0
[  129.460934][ T5792]  kasan_report+0x11d/0x130
[  129.465443][ T5792]  ? pvr2_context_set_notify+0x2c4/0x310
[  129.471200][ T5792]  pvr2_context_set_notify+0x2c4/0x310
[  129.476863][ T5792]  pvr_disconnect+0x80/0xf0
[  129.481409][ T5792]  usb_unbind_interface+0x1dc/0x8e0
[  129.486623][ T5792]  ? usb_unbind_device+0x1a0/0x1a0
[  129.491872][ T5792]  device_remove+0x11f/0x170
[  129.496741][ T5792]  device_release_driver_internal+0x443/0x610
[  129.503151][ T5792]  ? put_device+0x1f/0x30
[  129.507673][ T5792]  bus_remove_device+0x22c/0x420
[  129.513170][ T5792]  device_del+0x399/0xa30
[  129.517523][ T5792]  ? usb_disconnect+0xff/0x8a0
[  129.522299][ T5792]  ? __device_link_del+0x380/0x380
[  129.529098][ T5792]  ? mutex_lock_io_nested+0x11a0/0x11a0
[  129.537680][ T5792]  ? lock_downgrade+0x690/0x690
[  129.542629][ T5792]  usb_disable_device+0x360/0x7b0
[  129.548229][ T5792]  usb_disconnect+0x2db/0x8a0
[  129.553118][ T5792]  hub_event+0x2073/0x4ed0
[  129.557660][ T5792]  ? hub_port_debounce+0x3b0/0x3b0
[  129.562843][ T5792]  ? lock_sync+0x190/0x190
[  129.567405][ T5792]  ? lock_downgrade+0x690/0x690
[  129.572357][ T5792]  ? do_raw_spin_lock+0x124/0x2b0
[  129.577387][ T5792]  ? _raw_spin_unlock_irq+0x23/0x50
[  129.582678][ T5792]  process_one_work+0xa34/0x16f0
[  129.587721][ T5792]  ? lock_sync+0x190/0x190
[  129.592166][ T5792]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[  129.597644][ T5792]  ? spin_bug+0x1c0/0x1c0
[  129.602191][ T5792]  ? _raw_spin_lock_irq+0x45/0x50
[  129.607254][ T5792]  worker_thread+0x881/0x10c0
[  129.612067][ T5792]  ? process_one_work+0x16f0/0x16f0
[  129.617444][ T5792]  kthread+0x344/0x440
[  129.621531][ T5792]  ? kthread_complete_and_exit+0x40/0x40
[  129.627232][ T5792]  ret_from_fork+0x1f/0x30
[  129.631726][ T5792]  </TASK>
[  129.634758][ T5792] 
[  129.637174][ T5792] Allocated by task 5792:
[  129.641637][ T5792]  kasan_save_stack+0x22/0x40
[  129.646848][ T5792]  kasan_set_track+0x25/0x30
[  129.651574][ T5792]  __kasan_kmalloc+0x7b/0x90
[  129.656271][ T5792]  pvr2_context_create+0x53/0x2a0
[  129.661405][ T5792]  pvr_probe+0x25/0xe0
[  129.665597][ T5792]  usb_probe_interface+0x30f/0x960
[  129.670713][ T5792]  really_probe+0x240/0xca0
[  129.675224][ T5792]  __driver_probe_device+0x1df/0x4b0
[  129.680700][ T5792]  driver_probe_device+0x4c/0x1a0
[  129.685774][ T5792]  __device_attach_driver+0x1d4/0x2e0
[  129.691300][ T5792]  bus_for_each_drv+0x149/0x1d0
[  129.696266][ T5792]  __device_attach+0x1e4/0x4b0
[  129.701153][ T5792]  bus_probe_device+0x17c/0x1c0
[  129.706020][ T5792]  device_add+0x112d/0x1a40
[  129.710529][ T5792]  usb_set_configuration+0x1196/0x1bc0
[  129.716060][ T5792]  usb_generic_driver_probe+0xcf/0x130
[  129.721555][ T5792]  usb_probe_device+0xd8/0x2c0
[  129.726355][ T5792]  really_probe+0x240/0xca0
[  129.730982][ T5792]  __driver_probe_device+0x1df/0x4b0
[  129.736280][ T5792]  driver_probe_device+0x4c/0x1a0
[  129.741598][ T5792]  __device_attach_driver+0x1d4/0x2e0
[  129.747072][ T5792]  bus_for_each_drv+0x149/0x1d0
[  129.751927][ T5792]  __device_attach+0x1e4/0x4b0
[  129.756919][ T5792]  bus_probe_device+0x17c/0x1c0
[  129.761979][ T5792]  device_add+0x112d/0x1a40
[  129.766513][ T5792]  usb_new_device+0xcb2/0x19d0
[  129.771754][ T5792]  hub_event+0x2e3d/0x4ed0
[  129.776436][ T5792]  process_one_work+0xa34/0x16f0
[  129.781758][ T5792]  worker_thread+0x67d/0x10c0
[  129.786706][ T5792]  kthread+0x344/0x440
[  129.790956][ T5792]  ret_from_fork+0x1f/0x30
[  129.795479][ T5792] 
[  129.798196][ T5792] Freed by task 892:
[  129.802190][ T5792]  kasan_save_stack+0x22/0x40
[  129.807039][ T5792]  kasan_set_track+0x25/0x30
[  129.812019][ T5792]  kasan_save_free_info+0x2b/0x40
[  129.817240][ T5792]  ____kasan_slab_free+0x144/0x1b0
[  129.822453][ T5792]  __kmem_cache_free+0xa1/0x350
[  129.827510][ T5792]  pvr2_context_thread_func+0x664/0x8e0
[  129.833452][ T5792]  kthread+0x344/0x440
[  129.837737][ T5792]  ret_from_fork+0x1f/0x30
2023/07/09 06:01:18 executed programs: 6
[  129.842621][ T5792] 
[  129.845154][ T5792] Last potentially related work creation:
[  129.851214][ T5792]  kasan_save_stack+0x22/0x40
[  129.856027][ T5792]  __kasan_record_aux_stack+0x99/0xb0
[  129.862376][ T5792]  kvfree_call_rcu+0x70/0xbc0
[  129.867836][ T5792]  drop_sysctl_table+0x3c2/0x4e0
[  129.873802][ T5792]  unregister_sysctl_table+0x41/0x60
[  129.879650][ T5792]  sysctl_route_net_exit+0x5c/0x90
[  129.884800][ T5792]  ops_exit_list+0xb0/0x170
[  129.889340][ T5792]  cleanup_net+0x4ee/0xb10
[  129.894151][ T5792]  process_one_work+0xa34/0x16f0
[  129.899419][ T5792]  worker_thread+0x67d/0x10c0
[  129.904126][ T5792]  kthread+0x344/0x440
[  129.908365][ T5792]  ret_from_fork+0x1f/0x30
[  129.912815][ T5792] 
[  129.915202][ T5792] The buggy address belongs to the object at ffff888113dc6c00
[  129.915202][ T5792]  which belongs to the cache kmalloc-256 of size 256
[  129.929613][ T5792] The buggy address is located 216 bytes inside of
[  129.929613][ T5792]  freed 256-byte region [ffff888113dc6c00, ffff888113dc6d00)
[  129.944392][ T5792] 
[  129.946991][ T5792] The buggy address belongs to the physical page:
[  129.953665][ T5792] page:ffffea00044f7180 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113dc6
[  129.965065][ T5792] head:ffffea00044f7180 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  129.974344][ T5792] flags: 0x200000000010200(slab|head|node=0|zone=2)
[  129.981841][ T5792] page_type: 0xffffffff()
[  129.986267][ T5792] raw: 0200000000010200 ffff888100041b40 ffffea00043ede80 dead000000000002
[  129.995814][ T5792] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  130.004401][ T5792] page dumped because: kasan: bad access detected
[  130.010992][ T5792] page_owner tracks the page as allocated
[  130.017504][ T5792] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 8012323672, free_ts 0
[  130.039120][ T5792]  post_alloc_hook+0x2db/0x350
[  130.043893][ T5792]  get_page_from_freelist+0x13d5/0x2cb0
[  130.049716][ T5792]  __alloc_pages+0x1cb/0x4a0
[  130.054947][ T5792]  alloc_page_interleave+0x1e/0x1e0
[  130.061130][ T5792]  alloc_pages+0x233/0x270
[  130.065935][ T5792]  allocate_slab+0x25f/0x390
[  130.071060][ T5792]  ___slab_alloc+0xbc3/0x15d0
[  130.075985][ T5792]  __slab_alloc.constprop.0+0x56/0xa0
[  130.081768][ T5792]  __kmem_cache_alloc_node+0x2de/0x310
[  130.087699][ T5792]  __kmalloc_node_track_caller+0x4f/0x1a0
[  130.093777][ T5792]  krealloc+0x5e/0xf0
[  130.097797][ T5792]  add_sysfs_param+0xca/0x960
[  130.102626][ T5792]  param_sysfs_builtin_init+0x241/0x440
[  130.108358][ T5792]  do_one_initcall+0x105/0x630
[  130.113471][ T5792]  kernel_init_freeable+0x649/0xb90
[  130.118759][ T5792]  kernel_init+0x1e/0x2c0
[  130.123184][ T5792] page_owner free stack trace missing
[  130.128730][ T5792] 
[  130.131095][ T5792] Memory state around the buggy address:
[  130.137084][ T5792]  ffff888113dc6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  130.145322][ T5792]  ffff888113dc6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  130.153914][ T5792] >ffff888113dc6c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  130.162336][ T5792]                                                     ^
[  130.169630][ T5792]  ffff888113dc6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  130.177870][ T5792]  ffff888113dc6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  130.187051][ T5792] ==================================================================
[  130.195815][ T5792] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  130.203046][ T5792] CPU: 0 PID: 5792 Comm: kworker/0:3 Not tainted 6.4.0-syzkaller-12454-g1c7873e33645 #0
[  130.212963][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
[  130.223377][ T5792] Workqueue: usb_hub_wq hub_event
[  130.228498][ T5792] Call Trace:
[  130.231773][ T5792]  <TASK>
[  130.235045][ T5792]  dump_stack_lvl+0xd9/0x150
[  130.239691][ T5792]  panic+0x686/0x730
[  130.243714][ T5792]  ? panic_smp_self_stop+0xa0/0xa0
[  130.248972][ T5792]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  130.255547][ T5792]  check_panic_on_warn+0xb1/0xc0
[  130.260587][ T5792]  end_report+0x108/0x150
[  130.265123][ T5792]  kasan_report+0xfa/0x130
[  130.269755][ T5792]  ? pvr2_context_set_notify+0x2c4/0x310
[  130.275566][ T5792]  pvr2_context_set_notify+0x2c4/0x310
[  130.281233][ T5792]  pvr_disconnect+0x80/0xf0
[  130.286279][ T5792]  usb_unbind_interface+0x1dc/0x8e0
[  130.291893][ T5792]  ? usb_unbind_device+0x1a0/0x1a0
[  130.297271][ T5792]  device_remove+0x11f/0x170
[  130.301895][ T5792]  device_release_driver_internal+0x443/0x610
[  130.308051][ T5792]  ? put_device+0x1f/0x30
[  130.312489][ T5792]  bus_remove_device+0x22c/0x420
[  130.317652][ T5792]  device_del+0x399/0xa30
[  130.322116][ T5792]  ? usb_disconnect+0xff/0x8a0
[  130.327078][ T5792]  ? __device_link_del+0x380/0x380
[  130.332224][ T5792]  ? mutex_lock_io_nested+0x11a0/0x11a0
[  130.337920][ T5792]  ? lock_downgrade+0x690/0x690
[  130.342981][ T5792]  usb_disable_device+0x360/0x7b0
[  130.348325][ T5792]  usb_disconnect+0x2db/0x8a0
[  130.353082][ T5792]  hub_event+0x2073/0x4ed0
[  130.357717][ T5792]  ? hub_port_debounce+0x3b0/0x3b0
[  130.362927][ T5792]  ? lock_sync+0x190/0x190
[  130.367339][ T5792]  ? lock_downgrade+0x690/0x690
[  130.372273][ T5792]  ? do_raw_spin_lock+0x124/0x2b0
[  130.377473][ T5792]  ? _raw_spin_unlock_irq+0x23/0x50
[  130.382753][ T5792]  process_one_work+0xa34/0x16f0
[  130.387709][ T5792]  ? lock_sync+0x190/0x190
[  130.392416][ T5792]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[  130.397821][ T5792]  ? spin_bug+0x1c0/0x1c0
[  130.402156][ T5792]  ? _raw_spin_lock_irq+0x45/0x50
[  130.407475][ T5792]  worker_thread+0x881/0x10c0
[  130.412374][ T5792]  ? process_one_work+0x16f0/0x16f0
[  130.418149][ T5792]  kthread+0x344/0x440
[  130.422541][ T5792]  ? kthread_complete_and_exit+0x40/0x40
[  130.428441][ T5792]  ret_from_fork+0x1f/0x30
[  130.432998][ T5792]  </TASK>
[  130.436326][ T5792] Kernel Offset: disabled
[  130.440651][ T5792] Rebooting in 86400 seconds..