[   84.344388][   T40] audit: type=1400 audit(1769965567.597:116): avc:  denied  { transition } for  pid=6136 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   84.353784][   T40] audit: type=1400 audit(1769965567.597:117): avc:  denied  { noatsecure } for  pid=6136 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   84.360273][   T40] audit: type=1400 audit(1769965567.607:118): avc:  denied  { rlimitinh } for  pid=6136 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   84.366146][   T40] audit: type=1400 audit(1769965567.607:119): avc:  denied  { siginh } for  pid=6136 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   86.473006][  T832] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:60028' (ED25519) to the list of known hosts.
2026/02/01 17:06:14 parsed 1 programs
[   91.733698][   T40] audit: type=1400 audit(1769965574.987:120): avc:  denied  { node_bind } for  pid=6171 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   93.961977][   T40] audit: type=1400 audit(1769965577.217:121): avc:  denied  { read write } for  pid=6188 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   93.970417][   T40] audit: type=1400 audit(1769965577.217:122): avc:  denied  { open } for  pid=6188 comm="syz-executor" path="/swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   94.022798][   T40] audit: type=1400 audit(1769965577.277:123): avc:  denied  { unlink } for  pid=6188 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   94.423437][   T40] audit: type=1400 audit(1769965577.677:124): avc:  denied  { relabelto } for  pid=6191 comm="mkswap" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[   95.057084][ T6188] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.766681][ T6194] chnl_net:caif_netlink_parms(): no params data found
[   96.814102][ T6194] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.816566][ T6194] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.818916][ T6194] bridge_slave_0: entered allmulticast mode
[   96.822513][ T6194] bridge_slave_0: entered promiscuous mode
[   96.826737][ T6194] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.829603][ T6194] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.832162][ T6194] bridge_slave_1: entered allmulticast mode
[   96.835552][ T6194] bridge_slave_1: entered promiscuous mode
[   96.852398][ T6194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.856951][ T6194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.872501][ T6194] team0: Port device team_slave_0 added
[   96.875605][ T6194] team0: Port device team_slave_1 added
[   96.889709][ T6194] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.892055][ T6194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.900363][ T6194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.906232][ T6194] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.908875][ T6194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.918135][ T6194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.943024][ T6194] hsr_slave_0: entered promiscuous mode
[   96.945368][ T6194] hsr_slave_1: entered promiscuous mode
[   97.407215][ T6194] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.413783][ T6194] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.419746][ T6194] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.428873][ T6194] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   97.447252][ T6194] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.449656][ T6194] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.456119][ T6194] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.458510][ T6194] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.490405][ T6194] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.503576][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.507491][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.516831][ T6194] 8021q: adding VLAN 0 to HW filter on device team0
[   97.523989][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.527049][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.533592][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.536678][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.608097][   T40] audit: type=1400 audit(1769965580.857:125): avc:  denied  { sys_module } for  pid=6194 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   97.672472][ T6194] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.694855][ T6194] veth0_vlan: entered promiscuous mode
[   97.699384][ T6194] veth1_vlan: entered promiscuous mode
[   97.717095][ T6194] veth0_macvtap: entered promiscuous mode
[   97.723752][ T6194] veth1_macvtap: entered promiscuous mode
[   97.733180][ T6194] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.741100][ T6194] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.747058][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.750785][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.758390][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.763166][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.865585][   T61] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.947174][   T61] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.013995][   T61] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.116569][   T61] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.172821][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.176157][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.197621][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.202377][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.505506][   T40] audit: type=1401 audit(1769965582.757:126): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   99.683346][   T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   99.687351][   T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   99.691491][   T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   99.695560][   T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   99.699082][   T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2026/02/01 17:06:23 executed programs: 0
[  100.280193][   T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  100.283119][   T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  100.285981][   T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  100.288815][   T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  100.291753][   T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  100.427891][ T6353] chnl_net:caif_netlink_parms(): no params data found
[  100.478166][ T6353] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.481396][ T6353] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.484390][ T6353] bridge_slave_0: entered allmulticast mode
[  100.488167][ T6353] bridge_slave_0: entered promiscuous mode
[  100.493060][ T6353] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.496162][ T6353] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.499443][ T6353] bridge_slave_1: entered allmulticast mode
[  100.503647][ T6353] bridge_slave_1: entered promiscuous mode
[  100.528752][ T6353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.535126][ T6353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.561081][ T6353] team0: Port device team_slave_0 added
[  100.565832][ T6353] team0: Port device team_slave_1 added
[  100.589798][ T6353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.592804][ T6353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.603618][ T6353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.609769][ T6353] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.612992][ T6353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.623384][ T6353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.646736][ T6353] hsr_slave_0: entered promiscuous mode
[  100.649170][ T6353] hsr_slave_1: entered promiscuous mode
[  100.652067][ T6353] debugfs: 'hsr0' already exists in 'hsr'
[  100.653876][ T6353] Cannot create hsr debugfs directory
[  101.129415][   T61] bridge_slave_1: left allmulticast mode
[  101.131300][   T61] bridge_slave_1: left promiscuous mode
[  101.133186][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.137184][   T61] bridge_slave_0: left allmulticast mode
[  101.139066][   T61] bridge_slave_0: left promiscuous mode
[  101.141693][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.360734][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.365915][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.371624][   T61] bond0 (unregistering): Released all slaves
[  101.549358][   T61] hsr_slave_0: left promiscuous mode
[  101.551717][   T61] hsr_slave_1: left promiscuous mode
[  101.553729][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.556188][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.558994][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.561422][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.570576][   T61] veth1_macvtap: left promiscuous mode
[  101.572579][   T61] veth0_macvtap: left promiscuous mode
[  101.574402][   T61] veth1_vlan: left promiscuous mode
[  101.576194][   T61] veth0_vlan: left promiscuous mode
[  101.783571][   T61] team0 (unregistering): Port device team_slave_1 removed
[  101.799175][   T61] team0 (unregistering): Port device team_slave_0 removed
[  102.301017][   T64] Bluetooth: hci0: command tx timeout
[  102.419972][ T6353] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  102.427161][ T6353] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  102.433296][ T6353] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  102.440321][ T6353] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  102.492279][ T6353] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.500164][ T6353] 8021q: adding VLAN 0 to HW filter on device team0
[  102.505727][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.508116][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.515889][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.518991][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.897594][ T6353] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.918846][ T6353] veth0_vlan: entered promiscuous mode
[  102.924155][ T6353] veth1_vlan: entered promiscuous mode
[  102.937359][ T6353] veth0_macvtap: entered promiscuous mode
[  102.942127][ T6353] veth1_macvtap: entered promiscuous mode
[  102.951876][ T6353] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.959259][ T6353] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.970989][   T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.975080][   T46] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.978364][   T46] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.992214][   T46] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.050262][   T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.053173][   T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.070069][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.073055][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.137883][   T40] audit: type=1400 audit(1769965586.387:127): avc:  denied  { read write } for  pid=6398 comm="syz.0.17" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  103.146957][   T40] audit: type=1400 audit(1769965586.387:128): avc:  denied  { open } for  pid=6398 comm="syz.0.17" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  103.158522][   T40] audit: type=1400 audit(1769965586.387:129): avc:  denied  { ioctl } for  pid=6398 comm="syz.0.17" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  103.381099][   T53] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  103.543057][   T53] usb 5-1: not running at top speed; connect to a high speed hub
[  103.547868][   T53] usb 5-1: config 1 has an invalid interface number: 78 but max is 0
[  103.551005][   T53] usb 5-1: config 1 has no interface number 0
[  103.553363][   T53] usb 5-1: config 1 interface 78 has no altsetting 0
[  103.558974][   T53] usb 5-1: string descriptor 0 read error: -22
[  103.561784][   T53] usb 5-1: New USB device found, idVendor=11ba, idProduct=1001, bcdDevice=ec.57
[  103.565445][   T53] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.577752][   T53] pvrusb2: Hardware description: OnAir USB2 Hybrid USB tuner
[  103.581698][   T53] usb 5-1: selecting invalid altsetting 0
[  103.801251][ T2490] pvrusb2: Invalid read control endpoint
[  103.803176][ T2490] ------------[ cut here ]------------
[  103.804952][ T2490] URB ffff888034253100 submitted while active
[  103.806862][ T2490] WARNING: drivers/usb/core/urb.c:380 at usb_submit_urb+0x15fa/0x1910, CPU#1: pvrusb2-context/2490
[  103.810336][ T2490] Modules linked in:
[  103.811794][ T2490] CPU: 1 UID: 0 PID: 2490 Comm: pvrusb2-context Not tainted syzkaller #0 PREEMPT(full) 
[  103.814864][ T2490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.818190][ T2490] RIP: 0010:usb_submit_urb+0x15fd/0x1910
[  103.820082][ T2490] Code: 00 48 8b 04 24 48 8b 90 b0 00 00 00 e9 73 ff ff ff bb ed ff ff ff e9 be f2 ff ff e8 5d df c8 fa 48 8d 3d 06 b9 85 09 48 89 de <67> 48 0f b9 3a bb f0 ff ff ff e9 a0 f2 ff ff c7 44 24 30 00 00 00
[  103.826457][ T2490] RSP: 0018:ffffc9000e46ecf8 EFLAGS: 00010293
[  103.828433][ T2490] RAX: 0000000000000000 RBX: ffff888034253100 RCX: ffffffff881616a1
[  103.831019][ T2490] RDX: ffff88802e824980 RSI: ffff888034253100 RDI: ffffffff90c3d510
[  103.833546][ T2490] RBP: 0000000000000005 R08: 0000000000000005 R09: 0000000000000000
[  103.836110][ T2490] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  103.838665][ T2490] R13: 00000000c0008200 R14: ffff888035897000 R15: ffff888029431628
[  103.841231][ T2490] FS:  0000000000000000(0000) GS:ffff8880d66d9000(0000) knlGS:0000000000000000
[  103.844067][ T2490] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  103.846185][ T2490] CR2: 00007f16c26dc3a0 CR3: 000000003399f000 CR4: 0000000000352ef0
[  103.848747][ T2490] Call Trace:
[  103.849897][ T2490]  <TASK>
[  103.850932][ T2490]  ? lockdep_init_map_type+0x5c/0x250
[  103.852699][ T2490]  ? lockdep_init_map_type+0x5c/0x250
[  103.854442][ T2490]  ? timer_init_key_on_stack+0xdc/0x120
[  103.856376][ T2490]  pvr2_send_request_ex+0x7ed/0x1cb0
[  103.858126][ T2490]  ? __pfx_pvr2_send_request_ex+0x10/0x10
[  103.860050][ T2490]  ? __pfx___mutex_lock+0x10/0x10
[  103.861724][ T2490]  ? __pfx_pvr2_ctl_timeout+0x10/0x10
[  103.863515][ T2490]  ? __kasan_check_byte+0x13/0x50
[  103.865147][ T2490]  pvr2_send_request+0x3a/0x50
[  103.866724][ T2490]  pvr2_i2c_read+0x20c/0x670
[  103.868265][ T2490]  pvr2_i2c_basic_op+0xa4/0x100
[  103.869894][ T2490]  pvr2_i2c_xfer+0x380/0xb50
[  103.871456][ T2490]  ? __pfx_pvr2_i2c_basic_op+0x10/0x10
[  103.873343][ T2490]  ? ret_from_fork_asm+0x1a/0x30
[  103.874961][ T2490]  __i2c_transfer+0x5e1/0x1610
[  103.876742][ T2490]  ? __pfx___i2c_transfer+0x10/0x10
[  103.878434][ T2490]  ? check_noncircular+0x97/0x160
[  103.880139][ T2490]  i2c_smbus_xfer_emulated+0x22a/0x10e0
[  103.882027][ T2490]  ? __pfx_i2c_smbus_xfer_emulated+0x10/0x10
[  103.884044][ T2490]  ? __traceiter_contention_begin+0x20/0xa0
[  103.886078][ T2490]  __i2c_smbus_xfer+0x5b7/0xf10
[  103.887747][ T2490]  ? mark_held_locks+0x40/0x70
[  103.889377][ T2490]  ? lockdep_hardirqs_on+0x78/0x100
[  103.891350][ T2490]  ? __pfx___i2c_smbus_xfer+0x10/0x10
[  103.893066][ T2490]  ? rt_mutex_slowtrylock+0x93/0x100
[  103.894753][ T2490]  i2c_smbus_xfer+0x185/0x3c0
[  103.896304][ T2490]  i2c_smbus_read_byte_data+0x135/0x1e0
[  103.898071][ T2490]  ? __pfx_i2c_smbus_read_byte_data+0x10/0x10
[  103.900061][ T2490]  saa711x_probe+0x1e1/0x870
[  103.901844][ T2490]  ? __pfx_saa711x_probe+0x10/0x10
[  103.903563][ T2490]  ? dput.part.0+0xdd/0x570
[  103.905041][ T2490]  ? dput+0x24/0x30
[  103.906287][ T2490]  ? __pfx_saa711x_probe+0x10/0x10
[  103.907966][ T2490]  i2c_device_probe+0x658/0xd10
[  103.909592][ T2490]  ? kernfs_put+0x3f/0x60
[  103.911035][ T2490]  ? __pfx_i2c_device_probe+0x10/0x10
[  103.912802][ T2490]  ? sysfs_create_link+0x68/0xc0
[  103.914443][ T2490]  ? __pfx_i2c_device_probe+0x10/0x10
[  103.916210][ T2490]  really_probe+0x241/0xa60
[  103.917821][ T2490]  __driver_probe_device+0x1de/0x400
[  103.919592][ T2490]  driver_probe_device+0x4c/0x1b0
[  103.921276][ T2490]  __device_attach_driver+0x1df/0x340
[  103.923032][ T2490]  ? __pfx___device_attach_driver+0x10/0x10
[  103.924953][ T2490]  bus_for_each_drv+0x159/0x1e0
[  103.926590][ T2490]  ? __pfx_bus_for_each_drv+0x10/0x10
[  103.928388][ T2490]  ? lockdep_hardirqs_on+0x78/0x100
[  103.930124][ T2490]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  103.932018][ T2490]  __device_attach+0x1e4/0x4d0
[  103.933581][ T2490]  ? __pfx___device_attach+0x10/0x10
[  103.935323][ T2490]  ? do_raw_spin_unlock+0x145/0x1e0
[  103.937047][ T2490]  device_initial_probe+0xaf/0xd0
[  103.938693][ T2490]  bus_probe_device+0x64/0x160
[  103.940340][ T2490]  device_add+0x11d9/0x1950
[  103.941892][ T2490]  ? __pfx_device_add+0x10/0x10
[  103.943556][ T2490]  ? lockdep_init_map_type+0x5c/0x250
[  103.945314][ T2490]  ? __init_waitqueue_head+0xca/0x150
[  103.947140][ T2490]  i2c_new_client_device+0x660/0xd30
[  103.948932][ T2490]  v4l2_i2c_new_subdev_board+0xb6/0x2b0
[  103.950730][ T2490]  v4l2_i2c_new_subdev+0x13e/0x190
[  103.952443][ T2490]  ? __pfx_v4l2_i2c_new_subdev+0x10/0x10
[  103.954292][ T2490]  ? __pfx___might_resched+0x10/0x10
[  103.956055][ T2490]  ? __pfx_pvr2_context_notify+0x10/0x10
[  103.957931][ T2490]  pvr2_hdw_initialize+0x2158/0x3710
[  103.959706][ T2490]  ? __pfx_pvr2_hdw_initialize+0x10/0x10
[  103.961574][ T2490]  ? __pfx___schedule+0x10/0x10
[  103.963169][ T2490]  ? find_held_lock+0x2b/0x80
[  103.964734][ T2490]  ? schedule+0x2bf/0x390
[  103.966164][ T2490]  pvr2_context_thread_func+0x253/0x920
[  103.967970][ T2490]  ? __pfx_pvr2_context_thread_func+0x10/0x10
[  103.969997][ T2490]  ? rcu_is_watching+0x12/0xc0
[  103.971615][ T2490]  ? __pfx_autoremove_wake_function+0x10/0x10
[  103.973595][ T2490]  ? __kthread_parkme+0x18c/0x230
[  103.975299][ T2490]  ? __pfx_pvr2_context_thread_func+0x10/0x10
[  103.977352][ T2490]  kthread+0x3b3/0x730
[  103.978708][ T2490]  ? __pfx_kthread+0x10/0x10
[  103.980248][ T2490]  ? ret_from_fork+0x79/0xaf0
[  103.981972][ T2490]  ? ret_from_fork+0x79/0xaf0
[  103.983684][ T2490]  ? rcu_is_watching+0x12/0xc0
[  103.985413][ T2490]  ? __pfx_kthread+0x10/0x10
[  103.987086][ T2490]  ret_from_fork+0x754/0xaf0
[  103.988780][ T2490]  ? __pfx_ret_from_fork+0x10/0x10
[  103.990641][ T2490]  ? __switch_to+0x7b9/0x10c0
[  103.992566][ T2490]  ? __pfx_kthread+0x10/0x10
[  103.994555][ T2490]  ret_from_fork_asm+0x1a/0x30
[  103.997001][ T2490]  </TASK>
[  103.998367][ T2490] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  104.001304][ T2490] CPU: 1 UID: 0 PID: 2490 Comm: pvrusb2-context Not tainted syzkaller #0 PREEMPT(full) 
[  104.005036][ T2490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.008241][ T2490] Call Trace:
[  104.009335][ T2490]  <TASK>
[  104.010288][ T2490]  dump_stack_lvl+0x100/0x190
[  104.011809][ T2490]  vpanic+0x20d/0x630
[  104.013096][ T2490]  panic+0xd1/0xd1
[  104.014304][ T2490]  ? __pfx_panic+0x10/0x10
[  104.015768][ T2490]  ? check_panic_on_warn+0x1f/0x90
[  104.017402][ T2490]  check_panic_on_warn.cold+0x19/0x34
[  104.019139][ T2490]  ? usb_submit_urb+0x15fa/0x1910
[  104.020747][ T2490]  __warn.cold+0x191/0x2f8
[  104.022161][ T2490]  __report_bug+0x296/0x3d0
[  104.023623][ T2490]  ? usb_submit_urb+0x15fa/0x1910
[  104.025230][ T2490]  ? __pfx___report_bug+0x10/0x10
[  104.026828][ T2490]  ? tick_nohz_tick_stopped+0x6c/0xa0
[  104.028539][ T2490]  ? pvr2_send_request_ex+0x7b1/0x1cb0
[  104.030290][ T2490]  ? do_raw_spin_lock+0x128/0x260
[  104.031892][ T2490]  report_bug_entry+0xe1/0x290
[  104.033411][ T2490]  ? usb_submit_urb+0x15fd/0x1910
[  104.035000][ T2490]  handle_bug+0x1c9/0x2a0
[  104.036394][ T2490]  exc_invalid_op+0x17/0x50
[  104.037844][ T2490]  asm_exc_invalid_op+0x1a/0x20
[  104.039425][ T2490] RIP: 0010:usb_submit_urb+0x15fd/0x1910
[  104.041217][ T2490] Code: 00 48 8b 04 24 48 8b 90 b0 00 00 00 e9 73 ff ff ff bb ed ff ff ff e9 be f2 ff ff e8 5d df c8 fa 48 8d 3d 06 b9 85 09 48 89 de <67> 48 0f b9 3a bb f0 ff ff ff e9 a0 f2 ff ff c7 44 24 30 00 00 00
[  104.047200][ T2490] RSP: 0018:ffffc9000e46ecf8 EFLAGS: 00010293
[  104.049128][ T2490] RAX: 0000000000000000 RBX: ffff888034253100 RCX: ffffffff881616a1
[  104.051608][ T2490] RDX: ffff88802e824980 RSI: ffff888034253100 RDI: ffffffff90c3d510
[  104.054079][ T2490] RBP: 0000000000000005 R08: 0000000000000005 R09: 0000000000000000
[  104.056566][ T2490] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  104.059063][ T2490] R13: 00000000c0008200 R14: ffff888035897000 R15: ffff888029431628
[  104.061557][ T2490]  ? pvr2_send_request_ex+0x7b1/0x1cb0
[  104.063281][ T2490]  ? usb_submit_urb+0x15f3/0x1910
[  104.064882][ T2490]  ? lockdep_init_map_type+0x5c/0x250
[  104.066566][ T2490]  ? lockdep_init_map_type+0x5c/0x250
[  104.068262][ T2490]  ? timer_init_key_on_stack+0xdc/0x120
[  104.070036][ T2490]  pvr2_send_request_ex+0x7ed/0x1cb0
[  104.071719][ T2490]  ? __pfx_pvr2_send_request_ex+0x10/0x10
[  104.073506][ T2490]  ? __pfx___mutex_lock+0x10/0x10
[  104.075097][ T2490]  ? __pfx_pvr2_ctl_timeout+0x10/0x10
[  104.076812][ T2490]  ? __kasan_check_byte+0x13/0x50
[  104.078412][ T2490]  pvr2_send_request+0x3a/0x50
[  104.079968][ T2490]  pvr2_i2c_read+0x20c/0x670
[  104.081446][ T2490]  pvr2_i2c_basic_op+0xa4/0x100
[  104.082990][ T2490]  pvr2_i2c_xfer+0x380/0xb50
[  104.084466][ T2490]  ? __pfx_pvr2_i2c_basic_op+0x10/0x10
[  104.086187][ T2490]  ? ret_from_fork_asm+0x1a/0x30
[  104.087768][ T2490]  __i2c_transfer+0x5e1/0x1610
[  104.089327][ T2490]  ? __pfx___i2c_transfer+0x10/0x10
[  104.090986][ T2490]  ? check_noncircular+0x97/0x160
[  104.092594][ T2490]  i2c_smbus_xfer_emulated+0x22a/0x10e0
[  104.094354][ T2490]  ? __pfx_i2c_smbus_xfer_emulated+0x10/0x10
[  104.096279][ T2490]  ? __traceiter_contention_begin+0x20/0xa0
[  104.098152][ T2490]  __i2c_smbus_xfer+0x5b7/0xf10
[  104.099744][ T2490]  ? mark_held_locks+0x40/0x70
[  104.101262][ T2490]  ? lockdep_hardirqs_on+0x78/0x100
[  104.102955][ T2490]  ? __pfx___i2c_smbus_xfer+0x10/0x10
[  104.104669][ T2490]  ? rt_mutex_slowtrylock+0x93/0x100
[  104.106347][ T2490]  i2c_smbus_xfer+0x185/0x3c0
[  104.107864][ T2490]  i2c_smbus_read_byte_data+0x135/0x1e0
[  104.109655][ T2490]  ? __pfx_i2c_smbus_read_byte_data+0x10/0x10
[  104.111585][ T2490]  saa711x_probe+0x1e1/0x870
[  104.113061][ T2490]  ? __pfx_saa711x_probe+0x10/0x10
[  104.114691][ T2490]  ? dput.part.0+0xdd/0x570
[  104.116159][ T2490]  ? dput+0x24/0x30
[  104.117387][ T2490]  ? __pfx_saa711x_probe+0x10/0x10
[  104.119055][ T2490]  i2c_device_probe+0x658/0xd10
[  104.120612][ T2490]  ? kernfs_put+0x3f/0x60
[  104.121981][ T2490]  ? __pfx_i2c_device_probe+0x10/0x10
[  104.123694][ T2490]  ? sysfs_create_link+0x68/0xc0
[  104.125264][ T2490]  ? __pfx_i2c_device_probe+0x10/0x10
[  104.126964][ T2490]  really_probe+0x241/0xa60
[  104.128426][ T2490]  __driver_probe_device+0x1de/0x400
[  104.130136][ T2490]  driver_probe_device+0x4c/0x1b0
[  104.131742][ T2490]  __device_attach_driver+0x1df/0x340
[  104.133446][ T2490]  ? __pfx___device_attach_driver+0x10/0x10
[  104.135315][ T2490]  bus_for_each_drv+0x159/0x1e0
[  104.136883][ T2490]  ? __pfx_bus_for_each_drv+0x10/0x10
[  104.138583][ T2490]  ? lockdep_hardirqs_on+0x78/0x100
[  104.140279][ T2490]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  104.142123][ T2490]  __device_attach+0x1e4/0x4d0
[  104.143655][ T2490]  ? __pfx___device_attach+0x10/0x10
[  104.145324][ T2490]  ? do_raw_spin_unlock+0x145/0x1e0
[  104.146971][ T2490]  device_initial_probe+0xaf/0xd0
[  104.148571][ T2490]  bus_probe_device+0x64/0x160
[  104.150119][ T2490]  device_add+0x11d9/0x1950
[  104.151580][ T2490]  ? __pfx_device_add+0x10/0x10
[  104.153124][ T2490]  ? lockdep_init_map_type+0x5c/0x250
[  104.154853][ T2490]  ? __init_waitqueue_head+0xca/0x150
[  104.156572][ T2490]  i2c_new_client_device+0x660/0xd30
[  104.158233][ T2490]  v4l2_i2c_new_subdev_board+0xb6/0x2b0
[  104.160024][ T2490]  v4l2_i2c_new_subdev+0x13e/0x190
[  104.161649][ T2490]  ? __pfx_v4l2_i2c_new_subdev+0x10/0x10
[  104.163440][ T2490]  ? __pfx___might_resched+0x10/0x10
[  104.165171][ T2490]  ? __pfx_pvr2_context_notify+0x10/0x10
[  104.166942][ T2490]  pvr2_hdw_initialize+0x2158/0x3710
[  104.168631][ T2490]  ? __pfx_pvr2_hdw_initialize+0x10/0x10
[  104.170436][ T2490]  ? __pfx___schedule+0x10/0x10
[  104.172106][ T2490]  ? find_held_lock+0x2b/0x80
[  104.173674][ T2490]  ? schedule+0x2bf/0x390
[  104.175070][ T2490]  pvr2_context_thread_func+0x253/0x920
[  104.176840][ T2490]  ? __pfx_pvr2_context_thread_func+0x10/0x10
[  104.179247][ T2490]  ? rcu_is_watching+0x12/0xc0
[  104.180818][ T2490]  ? __pfx_autoremove_wake_function+0x10/0x10
[  104.182741][ T2490]  ? __kthread_parkme+0x18c/0x230
[  104.184351][ T2490]  ? __pfx_pvr2_context_thread_func+0x10/0x10
[  104.186272][ T2490]  kthread+0x3b3/0x730
[  104.187595][ T2490]  ? __pfx_kthread+0x10/0x10
[  104.189092][ T2490]  ? ret_from_fork+0x79/0xaf0
[  104.190597][ T2490]  ? ret_from_fork+0x79/0xaf0
[  104.192109][ T2490]  ? rcu_is_watching+0x12/0xc0
[  104.193650][ T2490]  ? __pfx_kthread+0x10/0x10
[  104.195128][ T2490]  ret_from_fork+0x754/0xaf0
[  104.196628][ T2490]  ? __pfx_ret_from_fork+0x10/0x10
[  104.198254][ T2490]  ? __switch_to+0x7b9/0x10c0
[  104.199804][ T2490]  ? __pfx_kthread+0x10/0x10
[  104.201276][ T2490]  ret_from_fork_asm+0x1a/0x30
[  104.202857][ T2490]  </TASK>
[  104.204587][ T2490] Kernel Offset: disabled
[  104.205967][ T2490] Rebooting in 86400 seconds..