Warning: Permanently added '10.128.0.120' (ECDSA) to the list of known hosts. executing program [ 36.962983][ T102] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 37.323078][ T102] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has wMaxPacketSize 0, skipping [ 37.333135][ T102] usb 1-1: New USB device found, idVendor=eb1a, idProduct=5006, bcdDevice=ed.9a [ 37.342139][ T102] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 37.351491][ T102] usb 1-1: config 0 descriptor?? [ 37.405152][ T102] em28xx 1-1:0.0: New device @ 480 Mbps (eb1a:5006, interface 0, class 0) [ 37.413984][ T102] em28xx 1-1:0.0: Video interface 0 found: executing program [ 37.643180][ T102] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 37.773062][ T102] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 37.781212][ T102] em28xx 1-1:0.0: board has no eeprom [ 37.892987][ T102] em28xx 1-1:0.0: Identified as Honestech Vidbox NW03 (card=83) [ 37.900743][ T102] em28xx 1-1:0.0: analog set to bulk mode. [ 37.907597][ T5] em28xx 1-1:0.0: Registering V4L2 extension [ 37.916057][ T102] usb 1-1: USB disconnect, device number 2 [ 37.924106][ T102] em28xx 1-1:0.0: Disconnecting em28xx [ 37.929721][ T5] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 37.936676][ T5] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 37.943631][ T5] em28xx 1-1:0.0: No AC97 audio processor [ 37.950871][ T5] usb 1-1: Decoder not found [ 37.955546][ T5] em28xx 1-1:0.0: failed to create media graph [ 37.961723][ T5] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 37.969315][ T5] em28xx 1-1:0.0: Remote control support is not available for this card. [ 37.978041][ T102] em28xx 1-1:0.0: Closing input extension [ 37.986231][ T102] em28xx 1-1:0.0: Freeing device [ 38.352997][ T102] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 38.713077][ T102] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has wMaxPacketSize 0, skipping [ 38.723028][ T102] usb 1-1: New USB device found, idVendor=eb1a, idProduct=5006, bcdDevice=ed.9a [ 38.735809][ T102] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.744536][ T102] usb 1-1: config 0 descriptor?? [ 38.784802][ T102] em28xx 1-1:0.0: New device @ 480 Mbps (eb1a:5006, interface 0, class 0) [ 38.793578][ T102] em28xx 1-1:0.0: Video interface 0 found: executing program [ 39.043004][ T102] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 39.173061][ T102] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 39.181127][ T102] em28xx 1-1:0.0: board has no eeprom [ 39.292944][ T102] em28xx 1-1:0.0: Identified as Honestech Vidbox NW03 (card=83) [ 39.300689][ T102] em28xx 1-1:0.0: analog set to bulk mode. [ 39.307049][ T5] em28xx 1-1:0.0: Registering V4L2 extension [ 39.314698][ T102] usb 1-1: USB disconnect, device number 3 [ 39.320968][ T102] em28xx 1-1:0.0: Disconnecting em28xx [ 39.327153][ T5] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 39.334067][ T5] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 39.340990][ T5] em28xx 1-1:0.0: No AC97 audio processor [ 39.347509][ T5] usb 1-1: Decoder not found [ 39.352114][ T5] em28xx 1-1:0.0: failed to create media graph [ 39.358347][ T5] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 39.365459][ T5] em28xx 1-1:0.0: Remote control support is not available for this card. [ 39.365612][ T1721] ================================================================== [ 39.374011][ T102] em28xx 1-1:0.0: Closing input extension [ 39.381971][ T1721] BUG: KASAN: use-after-free in v4l2_fh_init+0x279/0x2c0 [ 39.381985][ T1721] Read of size 8 at addr ffff8881cf99c850 by task v4l_id/1721 [ 39.402094][ T1721] [ 39.404409][ T1721] CPU: 1 PID: 1721 Comm: v4l_id Not tainted 5.4.0-rc6+ #0 [ 39.411496][ T1721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.421536][ T1721] Call Trace: [ 39.424810][ T1721] dump_stack+0xca/0x13e [ 39.429033][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.433690][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.438351][ T1721] print_address_description.constprop.0+0x36/0x50 [ 39.444831][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.449499][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.454240][ T1721] __kasan_report.cold+0x1a/0x33 [ 39.459158][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.463813][ T1721] kasan_report+0xe/0x20 [ 39.468032][ T1721] v4l2_fh_init+0x279/0x2c0 [ 39.472516][ T1721] v4l2_fh_open+0x88/0xc0 [ 39.476836][ T1721] em28xx_v4l2_open+0x11a/0x460 [ 39.481670][ T1721] ? refcount_inc_checked+0x1d/0x60 [ 39.486849][ T1721] v4l2_open+0x20f/0x3d0 [ 39.491071][ T1721] ? v4l2_release+0x390/0x390 [ 39.495725][ T1721] chrdev_open+0x219/0x5c0 [ 39.500119][ T1721] ? cdev_put.part.0+0x50/0x50 [ 39.504860][ T1721] do_dentry_open+0x494/0x1120 [ 39.509612][ T1721] ? cdev_put.part.0+0x50/0x50 [ 39.514355][ T1721] ? chmod_common+0x3c0/0x3c0 [ 39.519011][ T1721] ? inode_permission+0xbe/0x3a0 [ 39.523925][ T1721] path_openat+0x1430/0x3ff0 [ 39.528497][ T1721] ? save_stack+0x1b/0x80 [ 39.533065][ T1721] ? do_sys_open+0x294/0x580 [ 39.537633][ T1721] ? do_syscall_64+0xb7/0x580 [ 39.542292][ T1721] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.548339][ T1721] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 39.553692][ T1721] ? __lock_acquire+0x145e/0x3b60 [ 39.558695][ T1721] do_filp_open+0x1a1/0x280 [ 39.563188][ T1721] ? may_open_dev+0xf0/0xf0 [ 39.567670][ T1721] ? __alloc_fd+0x46d/0x600 [ 39.572154][ T1721] ? do_raw_spin_lock+0x11a/0x280 [ 39.577167][ T1721] ? do_raw_spin_unlock+0x50/0x220 [ 39.582263][ T1721] ? _raw_spin_unlock+0x1f/0x30 [ 39.587100][ T1721] ? __alloc_fd+0x46d/0x600 [ 39.591585][ T1721] do_sys_open+0x3c0/0x580 [ 39.595981][ T1721] ? filp_open+0x70/0x70 [ 39.600203][ T1721] ? trace_hardirqs_off_caller+0x55/0x1e0 [ 39.605900][ T1721] do_syscall_64+0xb7/0x580 [ 39.610387][ T1721] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.616270][ T1721] RIP: 0033:0x7f02c49c6120 [ 39.620667][ T1721] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 39.640261][ T1721] RSP: 002b:00007fffea0f2cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 39.648670][ T1721] RAX: ffffffffffffffda RBX: 00007fffea0f2e28 RCX: 00007f02c49c6120 [ 39.656630][ T1721] RDX: 00007f02c4c7b138 RSI: 0000000000000000 RDI: 00007fffea0f4f1f [ 39.664591][ T1721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 39.672540][ T1721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400884 [ 39.680505][ T1721] R13: 00007fffea0f2e20 R14: 0000000000000000 R15: 0000000000000000 [ 39.688470][ T1721] [ 39.690794][ T1721] Allocated by task 5: [ 39.694853][ T1721] save_stack+0x1b/0x80 [ 39.699001][ T1721] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 39.704614][ T1721] em28xx_v4l2_init.cold+0x93/0x3365 [ 39.709890][ T1721] em28xx_init_extension+0x12f/0x1f0 [ 39.715153][ T1721] request_module_async+0x5d/0x70 [ 39.720167][ T1721] process_one_work+0x92b/0x1530 [ 39.725178][ T1721] worker_thread+0x96/0xe20 [ 39.729660][ T1721] kthread+0x318/0x420 [ 39.733707][ T1721] ret_from_fork+0x24/0x30 [ 39.738093][ T1721] [ 39.740399][ T1721] Freed by task 5: [ 39.744276][ T1721] save_stack+0x1b/0x80 [ 39.748413][ T1721] __kasan_slab_free+0x130/0x180 [ 39.753329][ T1721] kfree+0xe4/0x320 [ 39.757122][ T1721] em28xx_v4l2_init.cold+0x2cf/0x3365 [ 39.762488][ T1721] em28xx_init_extension+0x12f/0x1f0 [ 39.767752][ T1721] request_module_async+0x5d/0x70 [ 39.772774][ T1721] process_one_work+0x92b/0x1530 [ 39.777693][ T1721] worker_thread+0x96/0xe20 [ 39.782177][ T1721] kthread+0x318/0x420 [ 39.786236][ T1721] ret_from_fork+0x24/0x30 [ 39.790636][ T1721] [ 39.792946][ T1721] The buggy address belongs to the object at ffff8881cf99c000 [ 39.792946][ T1721] which belongs to the cache kmalloc-8k of size 8192 [ 39.807595][ T1721] The buggy address is located 2128 bytes inside of [ 39.807595][ T1721] 8192-byte region [ffff8881cf99c000, ffff8881cf99e000) [ 39.821023][ T1721] The buggy address belongs to the page: [ 39.826637][ T1721] page:ffffea00073e6600 refcount:1 mapcount:0 mapping:ffff8881da00c500 index:0x0 compound_mapcount: 0 [ 39.837554][ T1721] flags: 0x200000000010200(slab|head) [ 39.842914][ T1721] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da00c500 [ 39.851500][ T1721] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 39.860156][ T1721] page dumped because: kasan: bad access detected [ 39.866544][ T1721] [ 39.868859][ T1721] Memory state around the buggy address: [ 39.874473][ T1721] ffff8881cf99c700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.882514][ T1721] ffff8881cf99c780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.890562][ T1721] >ffff8881cf99c800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.898601][ T1721] ^ [ 39.905252][ T1721] ffff8881cf99c880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.913303][ T1721] ffff8881cf99c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.921360][ T1721] ================================================================== [ 39.929396][ T1721] Disabling lock debugging due to kernel taint [ 39.935670][ T1721] Kernel panic - not syncing: panic_on_warn set ... [ 39.942337][ T1721] CPU: 1 PID: 1721 Comm: v4l_id Tainted: G B 5.4.0-rc6+ #0 [ 39.950817][ T1721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.962538][ T1721] Call Trace: [ 39.965813][ T1721] dump_stack+0xca/0x13e [ 39.970034][ T1721] panic+0x2aa/0x6e1 [ 39.973945][ T1721] ? add_taint.cold+0x16/0x16 [ 39.978633][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.983298][ T1721] ? trace_hardirqs_on+0x55/0x1e0 [ 39.988330][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 39.993004][ T1721] end_report+0x43/0x49 [ 39.997166][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 40.001819][ T1721] __kasan_report.cold+0xd/0x33 [ 40.006818][ T1721] ? v4l2_fh_init+0x279/0x2c0 [ 40.011477][ T1721] kasan_report+0xe/0x20 [ 40.015705][ T1721] v4l2_fh_init+0x279/0x2c0 [ 40.020185][ T1721] v4l2_fh_open+0x88/0xc0 [ 40.024502][ T1721] em28xx_v4l2_open+0x11a/0x460 [ 40.029332][ T1721] ? refcount_inc_checked+0x1d/0x60 [ 40.034508][ T1721] v4l2_open+0x20f/0x3d0 [ 40.038728][ T1721] ? v4l2_release+0x390/0x390 [ 40.043382][ T1721] chrdev_open+0x219/0x5c0 [ 40.047769][ T1721] ? cdev_put.part.0+0x50/0x50 [ 40.052506][ T1721] do_dentry_open+0x494/0x1120 [ 40.057247][ T1721] ? cdev_put.part.0+0x50/0x50 [ 40.061998][ T1721] ? chmod_common+0x3c0/0x3c0 [ 40.066649][ T1721] ? inode_permission+0xbe/0x3a0 [ 40.071560][ T1721] path_openat+0x1430/0x3ff0 [ 40.076138][ T1721] ? save_stack+0x1b/0x80 [ 40.080454][ T1721] ? do_sys_open+0x294/0x580 [ 40.085020][ T1721] ? do_syscall_64+0xb7/0x580 [ 40.089686][ T1721] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.095743][ T1721] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 40.101088][ T1721] ? __lock_acquire+0x145e/0x3b60 [ 40.106087][ T1721] do_filp_open+0x1a1/0x280 [ 40.110577][ T1721] ? may_open_dev+0xf0/0xf0 [ 40.115061][ T1721] ? __alloc_fd+0x46d/0x600 [ 40.120260][ T1721] ? do_raw_spin_lock+0x11a/0x280 [ 40.125262][ T1721] ? do_raw_spin_unlock+0x50/0x220 [ 40.130358][ T1721] ? _raw_spin_unlock+0x1f/0x30 [ 40.135193][ T1721] ? __alloc_fd+0x46d/0x600 [ 40.139693][ T1721] do_sys_open+0x3c0/0x580 [ 40.144095][ T1721] ? filp_open+0x70/0x70 [ 40.148331][ T1721] ? trace_hardirqs_off_caller+0x55/0x1e0 [ 40.154256][ T1721] do_syscall_64+0xb7/0x580 [ 40.158785][ T1721] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.164656][ T1721] RIP: 0033:0x7f02c49c6120 [ 40.169050][ T1721] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 40.188627][ T1721] RSP: 002b:00007fffea0f2cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 40.197123][ T1721] RAX: ffffffffffffffda RBX: 00007fffea0f2e28 RCX: 00007f02c49c6120 [ 40.205076][ T1721] RDX: 00007f02c4c7b138 RSI: 0000000000000000 RDI: 00007fffea0f4f1f [ 40.213027][ T1721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 40.220979][ T1721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400884 [ 40.228958][ T1721] R13: 00007fffea0f2e20 R14: 0000000000000000 R15: 0000000000000000 [ 40.237597][ T1721] Kernel Offset: disabled [ 40.241905][ T1721] Rebooting in 86400 seconds..