[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.178' (ECDSA) to the list of known hosts. syzkaller login: [ 58.655282][ T8392] IPVS: ftp: loaded support on port[0] = 21 [ 58.769052][ T8392] chnl_net:caif_netlink_parms(): no params data found [ 58.810681][ T8392] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.819182][ T8392] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.828423][ T8392] device bridge_slave_0 entered promiscuous mode [ 58.838008][ T8392] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.845352][ T8392] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.853338][ T8392] device bridge_slave_1 entered promiscuous mode [ 58.871508][ T8392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.882396][ T8392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.901277][ T8392] team0: Port device team_slave_0 added [ 58.908423][ T8392] team0: Port device team_slave_1 added [ 58.923192][ T8392] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.930360][ T8392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.957464][ T8392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.970538][ T8392] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.977798][ T8392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.004113][ T8392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.027816][ T8392] device hsr_slave_0 entered promiscuous mode [ 59.034424][ T8392] device hsr_slave_1 entered promiscuous mode [ 59.115482][ T8392] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.126714][ T8392] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.136402][ T8392] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.144979][ T8392] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.164785][ T8392] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.172446][ T8392] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.180765][ T8392] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.188028][ T8392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.227265][ T8392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.240030][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.251205][ T3296] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.260067][ T3296] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.268881][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 59.281946][ T8392] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.292496][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.301070][ T3296] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.308402][ T3296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.327094][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.337959][ T4544] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.345145][ T4544] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.365888][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.375002][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.383829][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.392666][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.402451][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.412036][ T8392] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.430267][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.438260][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.451782][ T8392] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.472505][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.493604][ T8392] device veth0_vlan entered promiscuous mode [ 59.502284][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.511565][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.519872][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.532456][ T8392] device veth1_vlan entered promiscuous mode [ 59.554381][ T8392] device veth0_macvtap entered promiscuous mode [ 59.562794][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.572578][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.581727][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.592306][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.604188][ T8392] device veth1_macvtap entered promiscuous mode [ 59.622244][ T8392] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.631024][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.644326][ T8392] batman_adv: batadv0: Interface activated: batadv_slave_1 executing program [ 59.653219][ T3296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.665807][ T8392] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.675037][ T8392] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.683828][ T8392] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.694212][ T8392] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.006409][ T3296] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 60.296213][ T3296] usb 1-1: Using ep0 maxpacket: 16 [ 60.454893][ T3296] usb 1-1: config 0 has an invalid interface number: 121 but max is 0 [ 60.463392][ T3296] usb 1-1: config 0 has no interface number 0 [ 60.470043][ T3296] usb 1-1: config 0 interface 121 altsetting 0 has a duplicate endpoint with address 0xF, skipping [ 60.655487][ T27] Bluetooth: hci0: command 0x0409 tx timeout [ 60.663376][ T3296] usb 1-1: New USB device found, idVendor=1164, idProduct=0622, bcdDevice=8e.9f [ 60.673267][ T3296] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.681490][ T3296] usb 1-1: Product: syz [ 60.685825][ T3296] usb 1-1: Manufacturer: syz [ 60.690626][ T3296] usb 1-1: SerialNumber: syz [ 60.700634][ T3296] usb 1-1: config 0 descriptor?? [ 60.768305][ T3296] pvrusb2: Hardware description: Gotview USB 2.0 DVD 2 [ 60.977760][ T3956] pvrusb2: Invalid write control endpoint [ 60.981482][ T3296] usb 1-1: USB disconnect, device number 2 [ 61.092342][ T3956] pvrusb2: Invalid write control endpoint [ 61.103522][ T3956] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 61.118834][ T3956] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 61.127679][ T3956] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 61.140682][ T3956] pvrusb2: Device being rendered inoperable [ 61.148589][ T3956] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 61.158374][ T3956] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 61.170986][ T3956] pvrusb2: Attached sub-driver cx25840 [ 61.187740][ T3956] pvrusb2: Attempted to execute control transfer when device not ok [ 61.197512][ T3956] pvrusb2: Attempted to execute control transfer when device not ok [ 61.207267][ T3956] pvrusb2: Attempted to execute control transfer when device not ok [ 61.217709][ T3956] pvrusb2: Attempted to execute control transfer when device not ok [ 61.226809][ T3956] pvrusb2: Module ID 4 (tuner) for device Gotview USB 2.0 DVD 2 failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 61.272830][ T3956] TUNER: Unable to find symbol tda829x_probe() [ 61.296712][ T3956] DVB: Unable to find symbol tda9887_attach() [ 61.303704][ T3956] tuner: 1-0043: Tuner 4 found with type(s) Radio TV. [ 61.313702][ T3956] pvrusb2: Attached sub-driver tuner [ 61.323805][ T3956] pvrusb2: ***WARNING*** pvrusb2 driver initialization failed due to the failure of one or more sub-device kernel modules. [ 61.337592][ T3956] pvrusb2: You need to resolve the failing condition before this driver can function. There should be some earlier messages giving more information about the problem. [ 61.363639][ T3956] ------------[ cut here ]------------ [ 61.375378][ T3956] sysfs group 'power' not found for kobject '1-0044' [ 61.382317][ T3956] WARNING: CPU: 1 PID: 3956 at fs/sysfs/group.c:279 sysfs_remove_group+0x126/0x170 [ 61.392487][ T3956] Modules linked in: [ 61.397006][ T3956] CPU: 1 PID: 3956 Comm: pvrusb2-context Not tainted 5.12.0-rc4-syzkaller #0 [ 61.406612][ T3956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.417964][ T3956] RIP: 0010:sysfs_remove_group+0x126/0x170 [ 61.424059][ T3956] Code: 48 89 d9 49 8b 14 24 48 b8 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 01 00 75 37 48 8b 33 48 c7 c7 e0 54 7c 89 e8 77 87 d3 06 <0f> 0b eb 98 e8 51 4a c9 ff e9 01 ff ff ff 48 89 df e8 44 4a c9 ff [ 61.445095][ T3956] RSP: 0018:ffffc900036dfb80 EFLAGS: 00010286 [ 61.451191][ T3956] RAX: 0000000000000000 RBX: ffffffff89d9f2c0 RCX: 0000000000000000 [ 61.459977][ T3956] RDX: ffff88801d8e3880 RSI: ffffffff815c4cf5 RDI: fffff520006dbf62 [ 61.468957][ T3956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 61.477992][ T3956] R10: ffffffff815bda8e R11: 0000000000000000 R12: ffff88802361f020 [ 61.486895][ T3956] R13: ffffffff89d9f860 R14: 1ffff920006dbf98 R15: dffffc0000000000 [ 61.495535][ T3956] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 61.495558][ T3956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.495571][ T3956] CR2: 00007f5236bbea21 CR3: 0000000011aa6000 CR4: 0000000000350ee0 [ 61.495584][ T3956] Call Trace: [ 61.495592][ T3956] ? i2c_adapter_lock_bus+0x130/0x130 [ 61.495621][ T3956] dpm_sysfs_remove+0x97/0xb0 [ 61.495643][ T3956] device_del+0x20c/0xd40 [ 61.495669][ T3956] ? __device_links_queue_sync_state+0x3f0/0x3f0 [ 61.510103][ T134] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.511575][ T3956] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 61.560377][ T3956] ? lockdep_hardirqs_on+0x79/0x100 [ 61.566992][ T3956] ? i2c_adapter_lock_bus+0x130/0x130 [ 61.573037][ T3956] device_unregister+0x22/0xc0 [ 61.578840][ T3956] ? i2c_adapter_lock_bus+0x130/0x130 [ 61.585269][ T3956] __unregister_client+0x95/0xa0 [ 61.590991][ T3956] device_for_each_child+0xf9/0x170 [ 61.596930][ T3956] ? device_remove_class_symlinks+0x210/0x210 [ 61.603418][ T3956] ? __radix_tree_lookup+0x211/0x2a0 [ 61.609910][ T3956] i2c_del_adapter+0x37b/0x680 [ 61.615395][ T3956] ? del_timer_sync+0x17e/0x1b0 [ 61.620300][ T3956] pvr2_i2c_core_done+0x69/0xc0 [ 61.625713][ T3956] pvr2_hdw_destroy+0x179/0x3b0 [ 61.630639][ T3956] pvr2_context_destroy+0x84/0x230 [ 61.635950][ T3956] pvr2_context_thread_func+0x64b/0x850 [ 61.641626][ T3956] ? pvr2_context_destroy+0x230/0x230 [ 61.647273][ T3956] ? finish_wait+0x260/0x260 [ 61.651901][ T3956] ? lockdep_hardirqs_on+0x79/0x100 [ 61.657392][ T3956] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 61.663903][ T3956] ? __kthread_parkme+0x13f/0x1e0 [ 61.669247][ T3956] ? pvr2_context_destroy+0x230/0x230 [ 61.674818][ T3956] kthread+0x3b1/0x4a0 [ 61.679121][ T3956] ? __kthread_bind_mask+0xc0/0xc0 [ 61.684272][ T3956] ret_from_fork+0x1f/0x30 [ 61.689502][ T3956] Kernel panic - not syncing: panic_on_warn set ... [ 61.696103][ T3956] CPU: 1 PID: 3956 Comm: pvrusb2-context Not tainted 5.12.0-rc4-syzkaller #0 [ 61.705533][ T3956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.715780][ T3956] Call Trace: [ 61.719071][ T3956] dump_stack+0x141/0x1d7 [ 61.723411][ T3956] panic+0x306/0x73d [ 61.727343][ T3956] ? __warn_printk+0xf3/0xf3 [ 61.731960][ T3956] ? __warn.cold+0x1a/0x44 [ 61.736387][ T3956] ? sysfs_remove_group+0x126/0x170 [ 61.741643][ T3956] __warn.cold+0x35/0x44 [ 61.745891][ T3956] ? sysfs_remove_group+0x126/0x170 [ 61.751095][ T3956] report_bug+0x1bd/0x210 [ 61.755446][ T3956] handle_bug+0x3c/0x60 [ 61.759741][ T3956] exc_invalid_op+0x14/0x40 [ 61.764350][ T3956] asm_exc_invalid_op+0x12/0x20 [ 61.769230][ T3956] RIP: 0010:sysfs_remove_group+0x126/0x170 [ 61.775274][ T3956] Code: 48 89 d9 49 8b 14 24 48 b8 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 01 00 75 37 48 8b 33 48 c7 c7 e0 54 7c 89 e8 77 87 d3 06 <0f> 0b eb 98 e8 51 4a c9 ff e9 01 ff ff ff 48 89 df e8 44 4a c9 ff [ 61.795083][ T3956] RSP: 0018:ffffc900036dfb80 EFLAGS: 00010286 [ 61.801400][ T3956] RAX: 0000000000000000 RBX: ffffffff89d9f2c0 RCX: 0000000000000000 [ 61.809732][ T3956] RDX: ffff88801d8e3880 RSI: ffffffff815c4cf5 RDI: fffff520006dbf62 [ 61.817709][ T3956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 61.825796][ T3956] R10: ffffffff815bda8e R11: 0000000000000000 R12: ffff88802361f020 [ 61.833911][ T3956] R13: ffffffff89d9f860 R14: 1ffff920006dbf98 R15: dffffc0000000000 [ 61.842019][ T3956] ? wake_up_klogd.part.0+0x8e/0xd0 [ 61.847268][ T3956] ? vprintk_func+0x95/0x1e0 [ 61.851888][ T3956] ? i2c_adapter_lock_bus+0x130/0x130 [ 61.857384][ T3956] dpm_sysfs_remove+0x97/0xb0 [ 61.862095][ T3956] device_del+0x20c/0xd40 [ 61.866471][ T3956] ? __device_links_queue_sync_state+0x3f0/0x3f0 [ 61.873096][ T3956] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 61.879044][ T3956] ? lockdep_hardirqs_on+0x79/0x100 [ 61.884269][ T3956] ? i2c_adapter_lock_bus+0x130/0x130 [ 61.890037][ T3956] device_unregister+0x22/0xc0 [ 61.894831][ T3956] ? i2c_adapter_lock_bus+0x130/0x130 [ 61.900526][ T3956] __unregister_client+0x95/0xa0 [ 61.905681][ T3956] device_for_each_child+0xf9/0x170 [ 61.911524][ T3956] ? device_remove_class_symlinks+0x210/0x210 [ 61.917790][ T3956] ? __radix_tree_lookup+0x211/0x2a0 [ 61.923094][ T3956] i2c_del_adapter+0x37b/0x680 [ 61.928408][ T3956] ? del_timer_sync+0x17e/0x1b0 [ 61.933277][ T3956] pvr2_i2c_core_done+0x69/0xc0 [ 61.938328][ T3956] pvr2_hdw_destroy+0x179/0x3b0 [ 61.943296][ T3956] pvr2_context_destroy+0x84/0x230 [ 61.948425][ T3956] pvr2_context_thread_func+0x64b/0x850 [ 61.954020][ T3956] ? pvr2_context_destroy+0x230/0x230 [ 61.959577][ T3956] ? finish_wait+0x260/0x260 [ 61.964608][ T3956] ? lockdep_hardirqs_on+0x79/0x100 [ 61.970160][ T3956] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 61.976420][ T3956] ? __kthread_parkme+0x13f/0x1e0 [ 61.981453][ T3956] ? pvr2_context_destroy+0x230/0x230 [ 61.986859][ T3956] kthread+0x3b1/0x4a0 [ 61.991026][ T3956] ? __kthread_bind_mask+0xc0/0xc0 [ 61.996139][ T3956] ret_from_fork+0x1f/0x30 [ 62.004565][ T3956] Kernel Offset: disabled [ 62.009068][ T3956] Rebooting in 86400 seconds..