syzkaller
syzkaller login: [   41.207220][ T2458] can: request_module (can-proto-0) failed.
[   41.233038][ T2458] can: request_module (can-proto-2) failed.
[   41.263512][ T2458] can: request_module (can-proto-0) failed.
[   41.295464][ T2458] can: request_module (can-proto-7) failed.
[   41.325976][ T2458] can: request_module (can-proto-0) failed.
[   41.356452][ T2458] can: request_module (can-proto-1) failed.
Warning: Permanently added '10.128.0.75' (ECDSA) to the list of known hosts.
2023/04/13 03:26:02 ignoring optional flag "sandboxArg"="0"
2023/04/13 03:26:02 parsed 1 programs
2023/04/13 03:26:03 executed programs: 0
[   74.622037][   T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   74.862039][   T25] usb 1-1: Using ep0 maxpacket: 16
[   74.982113][   T25] usb 1-1: config 0 has an invalid interface number: 138 but max is 1
[   74.990439][   T25] usb 1-1: config 0 has no interface number 1
[   74.997193][   T25] usb 1-1: config 0 interface 138 altsetting 9 has an invalid endpoint with address 0x0, skipping
[   75.007862][   T25] usb 1-1: config 0 interface 138 has no altsetting 0
[   75.172177][   T25] usb 1-1: New USB device found, idVendor=11ba, idProduct=1003, bcdDevice=3b.05
[   75.181238][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.189257][   T25] usb 1-1: Product: syz
[   75.193429][   T25] usb 1-1: Manufacturer: syz
[   75.198013][   T25] usb 1-1: SerialNumber: syz
[   75.205226][   T25] usb 1-1: config 0 descriptor??
[   75.254489][   T25] pvrusb2: Hardware description: OnAir Creator Hybrid USB tuner
[   75.262618][   T25] usb 1-1: selecting invalid altsetting 0
[   75.271406][   T25] pvrusb2: Hardware description: OnAir Creator Hybrid USB tuner
[   75.500759][  T867] pvrusb2: Invalid read control endpoint
[   75.506591][  T867] ------------[ cut here ]------------
[   75.512119][  T867] URB ffff8881117e5c00 submitted while active
[   75.518435][  T867] WARNING: CPU: 1 PID: 867 at drivers/usb/core/urb.c:379 usb_submit_urb+0x14ec/0x1880
[   75.528043][  T867] Modules linked in:
[   75.532004][  T867] CPU: 1 PID: 867 Comm: pvrusb2-context Not tainted 6.3.0-rc6-syzkaller-00128-g8e86652e3e71 #0
[   75.542370][  T867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[   75.552475][  T867] RIP: 0010:usb_submit_urb+0x14ec/0x1880
[   75.558125][  T867] Code: 89 de e8 77 7a 5e fd 84 db 0f 85 a3 f3 ff ff e8 5a 7e 5e fd 4c 89 fe 48 c7 c7 c0 6a cb 86 c6 05 6e 36 0f 05 01 e8 74 25 2a fd <0f> 0b e9 81 f3 ff ff 48 89 7c 24 40 e8 33 7e 5e fd 48 8b 7c 24 40
[   75.577878][  T867] RSP: 0018:ffffc9000224ef10 EFLAGS: 00010286
[   75.583988][  T867] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   75.592032][  T867] RDX: ffff88810edfb900 RSI: ffffffff81163317 RDI: 0000000000000001
[   75.600055][  T867] RBP: 00000000c0008200 R08: 0000000000000001 R09: 0000000000000000
[   75.608072][  T867] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888108d99000
[   75.616100][  T867] R13: 0000000000000005 R14: 00000000fffffff0 R15: ffff8881117e5c00
[   75.624206][  T867] FS:  0000000000000000(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000
[   75.633184][  T867] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.639762][  T867] CR2: 00000000005680c0 CR3: 000000010df7c000 CR4: 00000000003506e0
[   75.647784][  T867] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   75.655810][  T867] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   75.663821][  T867] Call Trace:
[   75.667112][  T867]  <TASK>
[   75.670041][  T867]  ? lockdep_init_map_type+0x21e/0x810
[   75.675645][  T867]  ? init_timer_on_stack_key+0xdc/0x110
[   75.681244][  T867]  pvr2_send_request_ex+0x7c2/0x2230
[   75.686617][  T867]  ? pvr2_hdw_render_useless.part.0+0x2d0/0x2d0
[   75.692912][  T867]  ? pvr2_ctl_write_complete+0xe0/0xe0
[   75.698374][  T867]  ? stack_trace_save+0x90/0xc0
[   75.703269][  T867]  pvr2_send_request+0x39/0x50
[   75.708064][  T867]  pvr2_i2c_read+0x200/0x6c0
[   75.712756][  T867]  pvr2_i2c_basic_op+0xb6/0xf0
[   75.717563][  T867]  pvr2_i2c_xfer+0x405/0xfc0
[   75.722195][  T867]  ? pvr2_i2c_write+0x4b0/0x4b0
[   75.727069][  T867]  __i2c_transfer+0x639/0x1f70
[   75.731851][  T867]  i2c_smbus_xfer_emulated+0x2f6/0x11e0
[   75.737450][  T867]  ? mutex_lock_io_nested+0x600/0x11a0
[   75.742959][  T867]  ? lock_downgrade+0x690/0x690
[   75.747818][  T867]  ? i2c_smbus_msg_pec.isra.0+0x140/0x140
[   75.753602][  T867]  ? mark_held_locks+0x9f/0xe0
[   75.758476][  T867]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   75.764343][  T867]  ? lockdep_hardirqs_on+0x7d/0x100
[   75.769569][  T867]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   75.775420][  T867]  ? rt_mutex_slowlock.constprop.0+0x1d0/0x630
[   75.781623][  T867]  ? task_blocks_on_rt_mutex.constprop.0.isra.0+0xf50/0xf50
[   75.788959][  T867]  __i2c_smbus_xfer+0x508/0xe50
[   75.793869][  T867]  i2c_smbus_xfer+0x104/0x380
[   75.798547][  T867]  i2c_smbus_read_byte_data+0x10b/0x1c0
[   75.804129][  T867]  ? i2c_smbus_write_byte+0xe0/0xe0
[   75.809348][  T867]  ? find_held_lock+0x2d/0x110
[   75.814144][  T867]  saa711x_probe+0x1f4/0x1f70
[   75.818874][  T867]  ? saa711x_s_std+0x70/0x70
[   75.823510][  T867]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   75.829341][  T867]  ? lockdep_hardirqs_on+0x7d/0x100
[   75.834594][  T867]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   75.840427][  T867]  ? devres_open_group+0x3b0/0x550
[   75.845574][  T867]  ? saa711x_s_std+0x70/0x70
[   75.850191][  T867]  i2c_device_probe+0x4ca/0xb60
[   75.855093][  T867]  ? i2c_device_remove+0x230/0x230
[   75.860224][  T867]  ? sysfs_create_link+0x6b/0xc0
[   75.865207][  T867]  ? i2c_device_remove+0x230/0x230
[   75.870423][  T867]  really_probe+0x240/0xca0
[   75.874988][  T867]  __driver_probe_device+0x1df/0x4d0
[   75.880296][  T867]  driver_probe_device+0x4c/0x1a0
[   75.885392][  T867]  __device_attach_driver+0x1d4/0x2e0
[   75.890794][  T867]  bus_for_each_drv+0x149/0x1d0
[   75.895694][  T867]  ? driver_probe_device+0x1a0/0x1a0
[   75.901001][  T867]  ? bus_for_each_dev+0x1c0/0x1c0
[   75.906063][  T867]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   75.911896][  T867]  ? lockdep_hardirqs_on+0x7d/0x100
[   75.917181][  T867]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   75.923141][  T867]  __device_attach+0x1e4/0x4b0
[   75.927933][  T867]  ? device_driver_attach+0x210/0x210
[   75.933351][  T867]  ? do_raw_spin_unlock+0x175/0x230
[   75.938576][  T867]  bus_probe_device+0x17c/0x1c0
[   75.943468][  T867]  device_add+0x11c4/0x1c50
[   75.947992][  T867]  ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[   75.954883][  T867]  ? __init_waitqueue_head+0xca/0x150
[   75.960296][  T867]  i2c_new_client_device+0x61f/0xbd0
[   75.965652][  T867]  v4l2_i2c_new_subdev_board+0xb3/0x2c0
[   75.971689][  T867]  v4l2_i2c_new_subdev+0x118/0x1a0
[   75.976901][  T867]  ? v4l2_i2c_new_subdev_board+0x2c0/0x2c0
[   75.982811][  T867]  ? find_held_lock+0x2d/0x110
[   75.987707][  T867]  pvr2_hdw_initialize+0xd34/0x4320
[   75.992967][  T867]  ? pvr2_hdw_gpio_chg_dir+0x220/0x220
[   75.998468][  T867]  ? __mutex_unlock_slowpath+0x157/0x5e0
[   76.004160][  T867]  ? bit_wait_timeout+0x160/0x160
[   76.009222][  T867]  ? lock_downgrade+0x690/0x690
[   76.014120][  T867]  ? _raw_spin_lock_irqsave+0x52/0x60
[   76.019526][  T867]  pvr2_context_thread_func+0x254/0x8e0
[   76.025119][  T867]  ? pvr2_context_destroy+0x270/0x270
[   76.030512][  T867]  ? prepare_to_swait_exclusive+0x240/0x240
[   76.036469][  T867]  ? __kthread_parkme+0x163/0x220
[   76.041520][  T867]  ? pvr2_context_destroy+0x270/0x270
[   76.046936][  T867]  kthread+0x2ee/0x3a0
[   76.051033][  T867]  ? kthread_complete_and_exit+0x40/0x40
[   76.056718][  T867]  ret_from_fork+0x1f/0x30
[   76.061172][  T867]  </TASK>
[   76.064255][  T867] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.071552][  T867] CPU: 1 PID: 867 Comm: pvrusb2-context Not tainted 6.3.0-rc6-syzkaller-00128-g8e86652e3e71 #0
[   76.081893][  T867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
[   76.091989][  T867] Call Trace:
[   76.095265][  T867]  <TASK>
[   76.098189][  T867]  dump_stack_lvl+0xd9/0x150
[   76.102809][  T867]  panic+0x688/0x730
[   76.106713][  T867]  ? panic_smp_self_stop+0x90/0x90
[   76.111817][  T867]  ? show_trace_log_lvl+0x285/0x390
[   76.117016][  T867]  ? usb_submit_urb+0x14ec/0x1880
[   76.122058][  T867]  check_panic_on_warn+0xb1/0xc0
[   76.126992][  T867]  __warn+0xf2/0x390
[   76.130884][  T867]  ? usb_submit_urb+0x14ec/0x1880
[   76.135917][  T867]  report_bug+0x2da/0x500
[   76.140270][  T867]  handle_bug+0x3c/0x70
[   76.144465][  T867]  exc_invalid_op+0x18/0x50
[   76.148967][  T867]  asm_exc_invalid_op+0x1a/0x20
[   76.153814][  T867] RIP: 0010:usb_submit_urb+0x14ec/0x1880
[   76.159447][  T867] Code: 89 de e8 77 7a 5e fd 84 db 0f 85 a3 f3 ff ff e8 5a 7e 5e fd 4c 89 fe 48 c7 c7 c0 6a cb 86 c6 05 6e 36 0f 05 01 e8 74 25 2a fd <0f> 0b e9 81 f3 ff ff 48 89 7c 24 40 e8 33 7e 5e fd 48 8b 7c 24 40
[   76.179049][  T867] RSP: 0018:ffffc9000224ef10 EFLAGS: 00010286
[   76.185302][  T867] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   76.193282][  T867] RDX: ffff88810edfb900 RSI: ffffffff81163317 RDI: 0000000000000001
[   76.201271][  T867] RBP: 00000000c0008200 R08: 0000000000000001 R09: 0000000000000000
[   76.209251][  T867] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888108d99000
[   76.217234][  T867] R13: 0000000000000005 R14: 00000000fffffff0 R15: ffff8881117e5c00
[   76.225216][  T867]  ? __warn_printk+0x187/0x310
[   76.229997][  T867]  ? lockdep_init_map_type+0x21e/0x810
[   76.235475][  T867]  ? init_timer_on_stack_key+0xdc/0x110
[   76.241052][  T867]  pvr2_send_request_ex+0x7c2/0x2230
[   76.246356][  T867]  ? pvr2_hdw_render_useless.part.0+0x2d0/0x2d0
[   76.252619][  T867]  ? pvr2_ctl_write_complete+0xe0/0xe0
[   76.258091][  T867]  ? stack_trace_save+0x90/0xc0
[   76.262955][  T867]  pvr2_send_request+0x39/0x50
[   76.267737][  T867]  pvr2_i2c_read+0x200/0x6c0
[   76.272352][  T867]  pvr2_i2c_basic_op+0xb6/0xf0
[   76.277141][  T867]  pvr2_i2c_xfer+0x405/0xfc0
[   76.281752][  T867]  ? pvr2_i2c_write+0x4b0/0x4b0
[   76.286724][  T867]  __i2c_transfer+0x639/0x1f70
[   76.291503][  T867]  i2c_smbus_xfer_emulated+0x2f6/0x11e0
[   76.297072][  T867]  ? mutex_lock_io_nested+0x600/0x11a0
[   76.302542][  T867]  ? lock_downgrade+0x690/0x690
[   76.307404][  T867]  ? i2c_smbus_msg_pec.isra.0+0x140/0x140
[   76.313142][  T867]  ? mark_held_locks+0x9f/0xe0
[   76.317918][  T867]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   76.323740][  T867]  ? lockdep_hardirqs_on+0x7d/0x100
[   76.328958][  T867]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   76.334781][  T867]  ? rt_mutex_slowlock.constprop.0+0x1d0/0x630
[   76.340950][  T867]  ? task_blocks_on_rt_mutex.constprop.0.isra.0+0xf50/0xf50
[   76.348251][  T867]  __i2c_smbus_xfer+0x508/0xe50
[   76.353126][  T867]  i2c_smbus_xfer+0x104/0x380
[   76.357823][  T867]  i2c_smbus_read_byte_data+0x10b/0x1c0
[   76.363385][  T867]  ? i2c_smbus_write_byte+0xe0/0xe0
[   76.368600][  T867]  ? find_held_lock+0x2d/0x110
[   76.373376][  T867]  saa711x_probe+0x1f4/0x1f70
[   76.378070][  T867]  ? saa711x_s_std+0x70/0x70
[   76.382678][  T867]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   76.388502][  T867]  ? lockdep_hardirqs_on+0x7d/0x100
[   76.393741][  T867]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   76.399565][  T867]  ? devres_open_group+0x3b0/0x550
[   76.404686][  T867]  ? saa711x_s_std+0x70/0x70
[   76.409293][  T867]  i2c_device_probe+0x4ca/0xb60
[   76.414155][  T867]  ? i2c_device_remove+0x230/0x230
[   76.419279][  T867]  ? sysfs_create_link+0x6b/0xc0
[   76.424228][  T867]  ? i2c_device_remove+0x230/0x230
[   76.429352][  T867]  really_probe+0x240/0xca0
[   76.433872][  T867]  __driver_probe_device+0x1df/0x4d0
[   76.439171][  T867]  driver_probe_device+0x4c/0x1a0
[   76.444208][  T867]  __device_attach_driver+0x1d4/0x2e0
[   76.449599][  T867]  bus_for_each_drv+0x149/0x1d0
[   76.454460][  T867]  ? driver_probe_device+0x1a0/0x1a0
[   76.459759][  T867]  ? bus_for_each_dev+0x1c0/0x1c0
[   76.464791][  T867]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   76.470704][  T867]  ? lockdep_hardirqs_on+0x7d/0x100
[   76.475923][  T867]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   76.481762][  T867]  __device_attach+0x1e4/0x4b0
[   76.486539][  T867]  ? device_driver_attach+0x210/0x210
[   76.491927][  T867]  ? do_raw_spin_unlock+0x175/0x230
[   76.497147][  T867]  bus_probe_device+0x17c/0x1c0
[   76.502019][  T867]  device_add+0x11c4/0x1c50
[   76.506535][  T867]  ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[   76.513397][  T867]  ? __init_waitqueue_head+0xca/0x150
[   76.518787][  T867]  i2c_new_client_device+0x61f/0xbd0
[   76.524088][  T867]  v4l2_i2c_new_subdev_board+0xb3/0x2c0
[   76.529660][  T867]  v4l2_i2c_new_subdev+0x118/0x1a0
[   76.534796][  T867]  ? v4l2_i2c_new_subdev_board+0x2c0/0x2c0
[   76.540622][  T867]  ? find_held_lock+0x2d/0x110
[   76.545406][  T867]  pvr2_hdw_initialize+0xd34/0x4320
[   76.550624][  T867]  ? pvr2_hdw_gpio_chg_dir+0x220/0x220
[   76.556098][  T867]  ? __mutex_unlock_slowpath+0x157/0x5e0
[   76.561744][  T867]  ? bit_wait_timeout+0x160/0x160
[   76.566780][  T867]  ? lock_downgrade+0x690/0x690
[   76.571643][  T867]  ? _raw_spin_lock_irqsave+0x52/0x60
[   76.577122][  T867]  pvr2_context_thread_func+0x254/0x8e0
[   76.582683][  T867]  ? pvr2_context_destroy+0x270/0x270
[   76.588071][  T867]  ? prepare_to_swait_exclusive+0x240/0x240
[   76.593981][  T867]  ? __kthread_parkme+0x163/0x220
[   76.599034][  T867]  ? pvr2_context_destroy+0x270/0x270
[   76.604425][  T867]  kthread+0x2ee/0x3a0
[   76.608515][  T867]  ? kthread_complete_and_exit+0x40/0x40
[   76.614168][  T867]  ret_from_fork+0x1f/0x30
[   76.618609][  T867]  </TASK>
[   76.621874][  T867] Kernel Offset: disabled
[   76.626256][  T867] Rebooting in 86400 seconds..