Warning: Permanently added '10.128.10.46' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 39.093290][ T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 39.102000][ T5] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 39.103263][ T22] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 39.117901][ T17] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 39.125740][ T1740] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 39.133386][ T107] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 39.363206][ T12] usb 1-1: Using ep0 maxpacket: 8 [ 39.368886][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 39.383250][ T107] usb 3-1: Using ep0 maxpacket: 8 [ 39.388549][ T17] usb 6-1: Using ep0 maxpacket: 8 [ 39.393859][ T1740] usb 5-1: Using ep0 maxpacket: 8 [ 39.399208][ T22] usb 2-1: Using ep0 maxpacket: 8 [ 39.483272][ T12] usb 1-1: config 0 has an invalid interface number: 122 but max is 0 [ 39.492427][ T12] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.502658][ T12] usb 1-1: config 0 has no interface number 0 [ 39.509006][ T5] usb 4-1: config 0 has an invalid interface number: 122 but max is 0 [ 39.517425][ T5] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.523422][ T107] usb 3-1: config 0 has an invalid interface number: 122 but max is 0 [ 39.527869][ T5] usb 4-1: config 0 has no interface number 0 [ 39.528091][ T12] usb 1-1: config 0 interface 122 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0 [ 39.536171][ T107] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.542323][ T12] usb 1-1: New USB device found, idVendor=0595, idProduct=4343, bcdDevice= 1.06 [ 39.552301][ T107] usb 3-1: config 0 has no interface number 0 [ 39.562357][ T12] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.571737][ T17] usb 6-1: config 0 has an invalid interface number: 122 but max is 0 [ 39.577807][ T5] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0 [ 39.585873][ T17] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.594290][ T5] usb 4-1: New USB device found, idVendor=0595, idProduct=4343, bcdDevice= 1.06 [ 39.604167][ T17] usb 6-1: config 0 has no interface number 0 [ 39.614376][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.623726][ T1740] usb 5-1: config 0 has an invalid interface number: 122 but max is 0 [ 39.632532][ T12] usb 1-1: config 0 descriptor?? [ 39.637970][ T1740] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.637983][ T1740] usb 5-1: config 0 has no interface number 0 [ 39.641281][ T22] usb 2-1: config 0 has an invalid interface number: 122 but max is 0 [ 39.647807][ T5] usb 4-1: config 0 descriptor?? [ 39.651490][ T22] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 39.651503][ T22] usb 2-1: config 0 has no interface number 0 [ 39.654401][ T22] usb 2-1: config 0 interface 122 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0 [ 39.697547][ T12] usb-storage 1-1:0.122: USB Mass Storage device detected [ 39.697750][ T22] usb 2-1: New USB device found, idVendor=0595, idProduct=4343, bcdDevice= 1.06 [ 39.709535][ T5] usb-storage 4-1:0.122: USB Mass Storage device detected [ 39.715523][ T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.718570][ T1740] usb 5-1: config 0 interface 122 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0 [ 39.740232][ T1740] usb 5-1: New USB device found, idVendor=0595, idProduct=4343, bcdDevice= 1.06 [ 39.759446][ T1740] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.773197][ T107] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0 [ 39.783205][ T107] usb 3-1: New USB device found, idVendor=0595, idProduct=4343, bcdDevice= 1.06 [ 39.792238][ T107] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.800502][ T17] usb 6-1: config 0 interface 122 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0 [ 39.810487][ T17] usb 6-1: New USB device found, idVendor=0595, idProduct=4343, bcdDevice= 1.06 [ 39.819971][ T17] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 executing program executing program [ 39.822779][ T5] zr364xx 4-1:0.122: Zoran 364xx compatible webcam plugged [ 39.831362][ T22] usb 2-1: config 0 descriptor?? [ 39.835435][ T5] zr364xx 4-1:0.122: model 0595:4343 detected [ 39.840755][ T5] usb 4-1: 320x240 mode selected [ 39.847172][ T1740] usb 5-1: config 0 descriptor?? [ 39.855210][ T5] zr364xx: start read pipe failed [ 39.857310][ T107] usb 3-1: config 0 descriptor?? [ 39.867539][ T17] usb 6-1: config 0 descriptor?? [ 39.904892][ T12] zr364xx 1-1:0.122: Zoran 364xx compatible webcam plugged [ 39.912497][ T12] zr364xx 1-1:0.122: model 0595:4343 detected [ 39.919021][ T12] usb 1-1: 320x240 mode selected [ 39.923999][ T22] usb-storage 2-1:0.122: USB Mass Storage device detected [ 39.924944][ T12] zr364xx: start read pipe failed [ 39.932513][ T17] usb-storage 6-1:0.122: USB Mass Storage device detected [ 39.945653][ T1740] usb-storage 5-1:0.122: USB Mass Storage device detected [ 39.948520][ T5] usb 4-1: Zoran 364xx controlling device video0 [ 39.953637][ T107] usb-storage 3-1:0.122: USB Mass Storage device detected [ 39.984098][ T12] usb 1-1: Zoran 364xx controlling device video1 [ 39.991441][ T5] usb 4-1: USB disconnect, device number 2 [ 39.999228][ T12] usb 1-1: USB disconnect, device number 2 [ 40.008140][ T12] zr364xx 1-1:0.122: Zoran 364xx webcam unplugged executing program executing program executing program executing program [ 40.103704][ T5] zr364xx 4-1:0.122: Zoran 364xx webcam unplugged [ 40.113674][ T1740] zr364xx 5-1:0.122: Zoran 364xx compatible webcam plugged [ 40.120937][ T1740] zr364xx 5-1:0.122: model 0595:4343 detected [ 40.121076][ T1740] usb 5-1: 320x240 mode selected [ 40.133995][ T1740] zr364xx: start read pipe failed [ 40.243903][ T107] zr364xx 3-1:0.122: Zoran 364xx compatible webcam plugged [ 40.251547][ T107] zr364xx 3-1:0.122: model 0595:4343 detected [ 40.259083][ T22] zr364xx 2-1:0.122: Zoran 364xx compatible webcam plugged [ 40.267568][ T22] zr364xx 2-1:0.122: model 0595:4343 detected [ 40.274716][ T1740] usb 5-1: Zoran 364xx controlling device video0 [ 40.283213][ T17] zr364xx 6-1:0.122: Zoran 364xx compatible webcam plugged [ 40.290459][ T17] zr364xx 6-1:0.122: model 0595:4343 detected [ 40.296758][ T1740] usb 5-1: USB disconnect, device number 2 [ 40.303340][ T107] usb 3-1: 320x240 mode selected [ 40.308445][ T107] zr364xx: start read pipe failed [ 40.313634][ T22] usb 2-1: 320x240 mode selected [ 40.318760][ T22] zr364xx: start read pipe failed [ 40.324433][ T17] usb 6-1: 320x240 mode selected [ 40.329739][ T17] zr364xx: start read pipe failed [ 40.374901][ T107] usb 3-1: Zoran 364xx controlling device video1 [ 40.381587][ T22] usb 2-1: Zoran 364xx controlling device video2 [ 40.388030][ T1740] zr364xx 5-1:0.122: Zoran 364xx webcam unplugged [ 40.394753][ T17] usb 6-1: Zoran 364xx controlling device video3 [ 40.505518][ T12] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 40.612001][ T17] usb 6-1: USB disconnect, device number 2 [ 40.618040][ T107] usb 3-1: USB disconnect, device number 2 [ 40.624022][ T1778] ================================================================== [ 40.624068][ T1778] BUG: KASAN: null-ptr-deref in read_word_at_a_time+0xe/0x20 [ 40.639600][ T1778] Read of size 1 at addr 0000000000000000 by task v4l_id/1778 [ 40.641098][ T107] zr364xx 3-1:0.122: Zoran 364xx webcam unplugged [ 40.647040][ T1778] [ 40.647054][ T1778] CPU: 0 PID: 1778 Comm: v4l_id Not tainted 5.2.0-rc6+ #13 [ 40.647060][ T1778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.647064][ T1778] Call Trace: [ 40.647080][ T1778] dump_stack+0xca/0x13e [ 40.647098][ T1778] ? read_word_at_a_time+0xe/0x20 [ 40.653668][ T22] usb 2-1: USB disconnect, device number 2 [ 40.655801][ T1778] ? read_word_at_a_time+0xe/0x20 [ 40.655813][ T1778] __kasan_report.cold+0x5/0x32 [ 40.655828][ T1778] ? mutex_trylock+0x1a0/0x1a0 [ 40.663740][ T22] zr364xx 2-1:0.122: Zoran 364xx webcam unplugged [ 40.673210][ T1778] ? read_word_at_a_time+0xe/0x20 [ 40.673223][ T1778] kasan_report+0xe/0x20 [ 40.673233][ T1778] read_word_at_a_time+0xe/0x20 [ 40.673247][ T1778] strscpy+0x8a/0x280 [ 40.730959][ T1778] zr364xx_vidioc_querycap+0xb0/0x210 [ 40.736488][ T1778] ? is_module_text_address+0xc/0x1a [ 40.741752][ T1778] v4l_querycap+0x121/0x340 [ 40.746323][ T1778] __video_do_ioctl+0x5b0/0xb30 [ 40.751162][ T1778] ? copy_overflow+0x30/0x30 [ 40.755750][ T1778] ? stack_trace_save+0x9f/0xe0 [ 40.760671][ T1778] ? stack_trace_consume_entry+0x180/0x180 [ 40.766454][ T1778] video_usercopy+0x446/0xee0 [ 40.771203][ T1778] ? copy_overflow+0x30/0x30 [ 40.775861][ T1778] ? __kprobes_text_end+0x10dc28/0x10dc28 [ 40.781557][ T1778] ? v4l_enumstd+0x60/0x60 [ 40.785977][ T1778] ? debug_check_no_obj_freed+0x20a/0x42e [ 40.792465][ T1778] ? do_raw_spin_lock+0x11a/0x280 [ 40.797545][ T1778] ? video_usercopy+0xee0/0xee0 [ 40.802480][ T1778] v4l2_ioctl+0x147/0x1a0 [ 40.806860][ T1778] ? video_devdata+0xa0/0xa0 [ 40.811570][ T1778] do_vfs_ioctl+0xcda/0x12e0 [ 40.816267][ T1778] ? quarantine_put+0xb2/0x150 [ 40.821026][ T1778] ? ioctl_preallocate+0x200/0x200 [ 40.826130][ T1778] ? putname+0xe1/0x120 [ 40.830379][ T1778] ? putname+0xe1/0x120 [ 40.834529][ T1778] ? rcu_read_lock_sched_held+0x113/0x130 [ 40.840241][ T1778] ? kmem_cache_free+0x258/0x2a0 [ 40.845178][ T1778] ? rcu_read_lock_sched_held+0x113/0x130 [ 40.850901][ T1778] ksys_ioctl+0x9b/0xc0 [ 40.855265][ T1778] __x64_sys_ioctl+0x6f/0xb0 [ 40.860009][ T1778] ? lockdep_hardirqs_on+0x379/0x580 [ 40.865496][ T1778] do_syscall_64+0xb7/0x560 [ 40.870001][ T1778] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.876129][ T1778] RIP: 0033:0x7f10dc273347 [ 40.880531][ T1778] Code: 90 90 90 48 8b 05 f1 fa 2a 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 90 90 90 90 90 90 90 90 90 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c1 fa 2a 00 31 d2 48 29 c2 64 [ 40.900258][ T1778] RSP: 002b:00007ffec5df0098 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 40.908660][ T1778] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f10dc273347 [ 40.916765][ T1778] RDX: 00007ffec5df00a0 RSI: 0000000080685600 RDI: 0000000000000003 [ 40.924724][ T1778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 40.932813][ T1778] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000400884 [ 40.940779][ T1778] R13: 00007ffec5df01f0 R14: 0000000000000000 R15: 0000000000000000 [ 40.948736][ T1778] ================================================================== [ 40.957288][ T1778] Disabling lock debugging due to kernel taint [ 40.963630][ T1778] Kernel panic - not syncing: panic_on_warn set ... [ 40.970234][ T1778] CPU: 0 PID: 1778 Comm: v4l_id Tainted: G B 5.2.0-rc6+ #13 [ 40.978797][ T1778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.988830][ T1778] Call Trace: [ 40.992102][ T1778] dump_stack+0xca/0x13e [ 40.996324][ T1778] panic+0x292/0x6c9 [ 41.000198][ T1778] ? __warn_printk+0xf3/0xf3 [ 41.004787][ T1778] ? retint_kernel+0x10/0x10 [ 41.010482][ T1778] ? trace_hardirqs_on+0x55/0x1c0 [ 41.015486][ T1778] ? read_word_at_a_time+0xe/0x20 [ 41.020489][ T1778] end_report+0x43/0x49 [ 41.024622][ T1778] ? read_word_at_a_time+0xe/0x20 [ 41.029622][ T1778] __kasan_report.cold+0xd/0x32 [ 41.034451][ T1778] ? mutex_trylock+0x1a0/0x1a0 [ 41.039191][ T1778] ? read_word_at_a_time+0xe/0x20 [ 41.044194][ T1778] kasan_report+0xe/0x20 [ 41.048414][ T1778] read_word_at_a_time+0xe/0x20 [ 41.053331][ T1778] strscpy+0x8a/0x280 [ 41.057382][ T1778] zr364xx_vidioc_querycap+0xb0/0x210 [ 41.062736][ T1778] ? is_module_text_address+0xc/0x1a [ 41.068014][ T1778] v4l_querycap+0x121/0x340 [ 41.072518][ T1778] __video_do_ioctl+0x5b0/0xb30 [ 41.077431][ T1778] ? copy_overflow+0x30/0x30 [ 41.082117][ T1778] ? stack_trace_save+0x9f/0xe0 [ 41.087116][ T1778] ? stack_trace_consume_entry+0x180/0x180 [ 41.092911][ T1778] video_usercopy+0x446/0xee0 [ 41.097576][ T1778] ? copy_overflow+0x30/0x30 [ 41.102158][ T1778] ? __kprobes_text_end+0x10dc28/0x10dc28 [ 41.108171][ T1778] ? v4l_enumstd+0x60/0x60 [ 41.112608][ T1778] ? debug_check_no_obj_freed+0x20a/0x42e [ 41.118339][ T1778] ? do_raw_spin_lock+0x11a/0x280 [ 41.123351][ T1778] ? video_usercopy+0xee0/0xee0 [ 41.128526][ T1778] v4l2_ioctl+0x147/0x1a0 [ 41.132856][ T1778] ? video_devdata+0xa0/0xa0 [ 41.137576][ T1778] do_vfs_ioctl+0xcda/0x12e0 [ 41.142238][ T1778] ? quarantine_put+0xb2/0x150 [ 41.147139][ T1778] ? ioctl_preallocate+0x200/0x200 [ 41.152611][ T1778] ? putname+0xe1/0x120 [ 41.156752][ T1778] ? putname+0xe1/0x120 [ 41.161193][ T1778] ? rcu_read_lock_sched_held+0x113/0x130 [ 41.167091][ T1778] ? kmem_cache_free+0x258/0x2a0 [ 41.172032][ T1778] ? rcu_read_lock_sched_held+0x113/0x130 [ 41.177743][ T1778] ksys_ioctl+0x9b/0xc0 [ 41.181881][ T1778] __x64_sys_ioctl+0x6f/0xb0 [ 41.186455][ T1778] ? lockdep_hardirqs_on+0x379/0x580 [ 41.191732][ T1778] do_syscall_64+0xb7/0x560 [ 41.196233][ T1778] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.202117][ T1778] RIP: 0033:0x7f10dc273347 [ 41.206619][ T1778] Code: 90 90 90 48 8b 05 f1 fa 2a 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 90 90 90 90 90 90 90 90 90 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c1 fa 2a 00 31 d2 48 29 c2 64 [ 41.226373][ T1778] RSP: 002b:00007ffec5df0098 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 41.234808][ T1778] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f10dc273347 [ 41.242769][ T1778] RDX: 00007ffec5df00a0 RSI: 0000000080685600 RDI: 0000000000000003 [ 41.250731][ T1778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 41.259266][ T1778] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000400884 [ 41.267217][ T1778] R13: 00007ffec5df01f0 R14: 0000000000000000 R15: 0000000000000000 [ 41.276672][ T1778] Kernel Offset: disabled [ 41.280993][ T1778] Rebooting in 86400 seconds..