On Thu, Sep 26, 2019 at 05:44:31PM -0400, Alan Stern wrote: > On Wed, 25 Sep 2019, Andrey Konovalov wrote: > > > On Wed, Sep 25, 2019 at 4:10 PM Alan Stern <st...@rowland.harvard.edu> > > wrote: > > > > > > On Wed, 25 Sep 2019, syzbot wrote: > > > > > > > Hello, > > > > > > > > syzbot found the following crash on: > > > > > > > > HEAD commit: d9e63adc usb-fuzzer: main usb gadget fuzzer driver > > > > git tree: https://github.com/google/kasan.git usb-fuzzer > > > > console output: https://syzkaller.appspot.com/x/log.txt?x=16b5fcd5600000 > > > > kernel config: > > > > https://syzkaller.appspot.com/x/.config?x=f4fa60e981ee8e6a > > > > dashboard link: > > > > https://syzkaller.appspot.com/bug?extid=e74a998ca8f1df9cc332 > > > > compiler: gcc (GCC) 9.0.0 20181231 (experimental) > > > > syz repro: > > > > https://syzkaller.appspot.com/x/repro.syz?x=16ec07b1600000 > > > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=13ff0871600000 > > > > > > > > IMPORTANT: if you fix the bug, please add the following tag to the > > > > commit: > > > > Reported-by: syzbot+e74a998ca8f1df9cc...@syzkaller.appspotmail.com > > > > > > > > pvrusb2: Device being rendered inoperable > > > > cx25840 0-0044: Unable to detect h/w, assuming cx23887 > > > > cx25840 0-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) > > > > pvrusb2: Attached sub-driver cx25840 > > > > pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and > > > > I > > > > can't clear it. > > > > pvrusb2: You might need to power cycle the pvrusb2 device in order to > > > > recover. > > > > ------------[ cut here ]------------ > > > > sysfs group 'power' not found for kobject 'i2c-0' > > > > WARNING: CPU: 0 PID: 102 at fs/sysfs/group.c:278 sysfs_remove_group > > > > fs/sysfs/group.c:278 [inline] > > > > WARNING: CPU: 0 PID: 102 at fs/sysfs/group.c:278 > > > > sysfs_remove_group+0x155/0x1b0 fs/sysfs/group.c:269 > > > > > > I have seen a lot of error messages like this one (i.e., "group 'power' > > > not found for kobject"), in runs that involved fuzzing a completely > > > different USB driver. Initial testing failed to find a cause. > > > > > > This leads me to wonder whether the problem might lie somewhere else > > > entirely. A bug in some core kernel code? Memory corruption? > > > > AFAICS so far this has only been triggered from the usbvision driver > > [1] and from the pvrusb2 driver (this report). > > > > I wanted to loop in sysfs maintainers, but it seems that Greg and > > Rafael are already cc'ed on this. > > > > [1] https://syzkaller.appspot.com/bug?extid=7fa38a608b1075dfd634 > > It turns out the reason for this error is simple: The driver > unregisters its subdevices in the release handler instead of in the > disconnect handler. There probably is documentation about this > somewhere, but I don't know exactly where -- maybe Greg remembers.
Nope, I don't remember. It should happen in the disconnect handler, odd of it to be in release, but maybe that's the "easiest" way for v4l to handle this? thanks, greg k-h
