Warning: Permanently added '10.128.1.22' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 119.726663][ T78] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 119.816885][ T78] usb 1-1: Using ep0 maxpacket: 32 [ 119.937475][ T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 120.106742][ T78] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26 [ 120.115918][ T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.124068][ T78] usb 1-1: Product: syz [ 120.128360][ T78] usb 1-1: Manufacturer: syz [ 120.132959][ T78] usb 1-1: SerialNumber: syz [ 120.139471][ T78] usb 1-1: config 0 descriptor?? [ 120.178345][ T78] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0) [ 120.187956][ T78] em28xx 1-1:0.0: Video interface 0 found: executing program [ 120.416743][ T78] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 120.636785][ T78] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 120.645012][ T78] em28xx 1-1:0.0: board has no eeprom [ 120.757090][ T78] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57) [ 120.765529][ T78] em28xx 1-1:0.0: analog set to bulk mode. [ 120.773909][ T78] usb 1-1: USB disconnect, device number 2 [ 120.783740][ T78] em28xx 1-1:0.0: Disconnecting em28xx [ 120.789676][ T1793] em28xx 1-1:0.0: Registering V4L2 extension [ 120.805140][ T1793] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 120.812182][ T1793] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 120.819351][ T1793] em28xx 1-1:0.0: No AC97 audio processor [ 120.826471][ T1793] usb 1-1: Decoder not found [ 120.831268][ T1793] em28xx 1-1:0.0: failed to create media graph [ 120.837687][ T1793] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 120.845520][ T1793] em28xx 1-1:0.0: Binding DVB extension [ 120.851814][ T1793] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0 [ 120.859422][ T1793] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB. [ 120.867779][ T1793] em28xx 1-1:0.0: Remote control support is not available for this card. [ 120.876450][ T78] em28xx 1-1:0.0: Closing input extension [ 120.884603][ T78] em28xx 1-1:0.0: Freeing device [ 121.266645][ T78] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 121.356783][ T78] usb 1-1: Using ep0 maxpacket: 32 [ 121.477183][ T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 121.646721][ T78] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26 [ 121.656330][ T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.664545][ T78] usb 1-1: Product: syz [ 121.668744][ T78] usb 1-1: Manufacturer: syz [ 121.673456][ T78] usb 1-1: SerialNumber: syz [ 121.679638][ T78] usb 1-1: config 0 descriptor?? [ 121.718111][ T78] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0) [ 121.727777][ T78] em28xx 1-1:0.0: Video interface 0 found: executing program [ 121.956813][ T78] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 122.176701][ T78] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 122.185256][ T78] em28xx 1-1:0.0: board has no eeprom [ 122.297211][ T78] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57) [ 122.305823][ T78] em28xx 1-1:0.0: analog set to bulk mode. [ 122.313793][ T78] usb 1-1: USB disconnect, device number 3 [ 122.320285][ T78] em28xx 1-1:0.0: Disconnecting em28xx [ 122.325999][ T1793] em28xx 1-1:0.0: Registering V4L2 extension [ 122.344877][ T1793] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 122.351826][ T1793] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 122.359081][ T1793] em28xx 1-1:0.0: No AC97 audio processor [ 122.365578][ T1793] usb 1-1: Decoder not found [ 122.370262][ T1793] em28xx 1-1:0.0: failed to create media graph [ 122.376740][ T1793] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 122.383834][ T1793] em28xx 1-1:0.0: Binding DVB extension [ 122.389556][ T1793] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0 [ 122.397221][ T1793] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB. [ 122.405797][ T1793] em28xx 1-1:0.0: Remote control support is not available for this card. [ 122.414401][ T78] em28xx 1-1:0.0: Closing input extension [ 122.421314][ T78] em28xx 1-1:0.0: Freeing device [ 122.786711][ T78] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 122.876759][ T78] usb 1-1: Using ep0 maxpacket: 32 [ 122.997187][ T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 123.166781][ T78] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26 [ 123.176107][ T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.184246][ T78] usb 1-1: Product: syz [ 123.188533][ T78] usb 1-1: Manufacturer: syz [ 123.193148][ T78] usb 1-1: SerialNumber: syz [ 123.199208][ T78] usb 1-1: config 0 descriptor?? [ 123.237984][ T78] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0) [ 123.247403][ T78] em28xx 1-1:0.0: Video interface 0 found: executing program [ 123.476793][ T78] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 123.696705][ T78] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 123.704733][ T78] em28xx 1-1:0.0: board has no eeprom [ 123.817192][ T78] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57) [ 123.825527][ T78] em28xx 1-1:0.0: analog set to bulk mode. [ 123.833340][ T78] usb 1-1: USB disconnect, device number 4 [ 123.839831][ T78] em28xx 1-1:0.0: Disconnecting em28xx [ 123.845372][ T1793] em28xx 1-1:0.0: Registering V4L2 extension [ 123.861897][ T1793] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 123.868858][ T1793] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 123.875983][ T1793] em28xx 1-1:0.0: No AC97 audio processor [ 123.882916][ T1793] usb 1-1: Decoder not found [ 123.887653][ T1793] em28xx 1-1:0.0: failed to create media graph [ 123.894039][ T1793] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 123.901923][ T1793] em28xx 1-1:0.0: Binding DVB extension [ 123.907837][ T1793] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0 [ 123.915399][ T1793] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB. [ 123.923957][ T1793] em28xx 1-1:0.0: Remote control support is not available for this card. [ 123.932655][ T78] em28xx 1-1:0.0: Closing input extension [ 123.939537][ T78] em28xx 1-1:0.0: Freeing device [ 124.296665][ T78] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 124.386736][ T78] usb 1-1: Using ep0 maxpacket: 32 [ 124.507180][ T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 124.676735][ T78] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26 [ 124.686171][ T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.694353][ T78] usb 1-1: Product: syz [ 124.698561][ T78] usb 1-1: Manufacturer: syz [ 124.703245][ T78] usb 1-1: SerialNumber: syz [ 124.709599][ T78] usb 1-1: config 0 descriptor?? [ 124.748119][ T78] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0) [ 124.758372][ T78] em28xx 1-1:0.0: Video interface 0 found: executing program [ 125.006686][ T78] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 125.236696][ T78] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 125.245029][ T78] em28xx 1-1:0.0: board has no eeprom [ 125.357003][ T78] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57) [ 125.365746][ T78] em28xx 1-1:0.0: analog set to bulk mode. [ 125.373852][ T78] usb 1-1: USB disconnect, device number 5 [ 125.381017][ T78] em28xx 1-1:0.0: Disconnecting em28xx [ 125.387338][ T1793] em28xx 1-1:0.0: Registering V4L2 extension [ 125.403106][ T1793] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 125.410220][ T1793] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 125.417590][ T1793] em28xx 1-1:0.0: No AC97 audio processor [ 125.424047][ T1793] usb 1-1: Decoder not found [ 125.428756][ T1793] em28xx 1-1:0.0: failed to create media graph [ 125.435175][ T1793] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 125.443105][ T1793] em28xx 1-1:0.0: Binding DVB extension [ 125.449040][ T1793] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0 [ 125.457187][ T1793] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB. [ 125.465805][ T1793] em28xx 1-1:0.0: Remote control support is not available for this card. [ 125.474455][ T78] em28xx 1-1:0.0: Closing input extension [ 125.481339][ T78] em28xx 1-1:0.0: Freeing device [ 125.846668][ T78] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 125.936724][ T78] usb 1-1: Using ep0 maxpacket: 32 [ 126.056804][ T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 126.226770][ T78] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26 [ 126.236213][ T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.244441][ T78] usb 1-1: Product: syz [ 126.248950][ T78] usb 1-1: Manufacturer: syz [ 126.254086][ T78] usb 1-1: SerialNumber: syz [ 126.260555][ T78] usb 1-1: config 0 descriptor?? [ 126.308122][ T78] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0) [ 126.317799][ T78] em28xx 1-1:0.0: Video interface 0 found: executing program [ 126.546826][ T78] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 126.766743][ T78] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 126.774935][ T78] em28xx 1-1:0.0: board has no eeprom [ 126.887171][ T78] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57) [ 126.895421][ T78] em28xx 1-1:0.0: analog set to bulk mode. [ 126.901872][ T1793] em28xx 1-1:0.0: Registering V4L2 extension [ 126.917776][ T78] usb 1-1: USB disconnect, device number 6 [ 126.924324][ T78] em28xx 1-1:0.0: Disconnecting em28xx [ 126.936721][ T1793] em28xx 1-1:0.0: reading from i2c device at 0xb8 failed (error=-5) [ 126.950224][ T1793] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 126.957172][ T1793] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 126.964314][ T1793] em28xx 1-1:0.0: No AC97 audio processor [ 126.971420][ T1793] usb 1-1: Decoder not found [ 126.976120][ T1793] em28xx 1-1:0.0: failed to create media graph [ 126.982658][ T1793] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 126.989930][ T1793] em28xx 1-1:0.0: Binding DVB extension [ 126.995764][ T1793] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0 [ 127.003924][ T1793] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB. [ 127.012361][ T1793] em28xx 1-1:0.0: Remote control support is not available for this card. [ 127.021456][ T78] em28xx 1-1:0.0: Closing input extension [ 127.028578][ T78] em28xx 1-1:0.0: Freeing device [ 127.386677][ T78] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 127.476730][ T78] usb 1-1: Using ep0 maxpacket: 32 [ 127.597274][ T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 127.766755][ T78] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26 [ 127.776228][ T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.784490][ T78] usb 1-1: Product: syz [ 127.788894][ T78] usb 1-1: Manufacturer: syz [ 127.793611][ T78] usb 1-1: SerialNumber: syz [ 127.799941][ T78] usb 1-1: config 0 descriptor?? [ 127.838100][ T78] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0) [ 127.847751][ T78] em28xx 1-1:0.0: Video interface 0 found: executing program [ 128.076732][ T78] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 128.296737][ T78] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 128.305323][ T78] em28xx 1-1:0.0: board has no eeprom [ 128.417161][ T78] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57) [ 128.425590][ T78] em28xx 1-1:0.0: analog set to bulk mode. [ 128.432131][ T1793] em28xx 1-1:0.0: Registering V4L2 extension [ 128.439973][ T78] usb 1-1: USB disconnect, device number 7 [ 128.454432][ T1793] em28xx 1-1:0.0: reading from i2c device at 0xb8 failed (error=-19) [ 128.463229][ T78] em28xx 1-1:0.0: Disconnecting em28xx [ 128.473365][ T1793] em28xx 1-1:0.0: Config register raw data: 0xffffffed [ 128.480388][ T1793] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 128.487825][ T1793] em28xx 1-1:0.0: No AC97 audio processor [ 128.494453][ T1793] usb 1-1: Decoder not found [ 128.499272][ T1793] em28xx 1-1:0.0: failed to create media graph [ 128.505547][ T1793] em28xx 1-1:0.0: V4L2 device video0 deregistered [ 128.513461][ T1793] em28xx 1-1:0.0: Binding DVB extension [ 128.513623][ T1835] ================================================================== [ 128.519530][ T1793] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0 [ 128.527649][ T1835] BUG: KASAN: use-after-free in v4l2_fh_init+0x279/0x2c0 [ 128.527660][ T1835] Read of size 8 at addr ffff8881cca78870 by task v4l_id/1835 [ 128.527663][ T1835] [ 128.527676][ T1835] CPU: 0 PID: 1835 Comm: v4l_id Not tainted 5.6.0-rc3-syzkaller #0 [ 128.527682][ T1835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.527686][ T1835] Call Trace: [ 128.527702][ T1835] dump_stack+0xef/0x16e [ 128.527712][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 128.527721][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 128.527737][ T1835] print_address_description.constprop.0.cold+0xd3/0x314 [ 128.527748][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 128.527759][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 128.527779][ T1835] __kasan_report.cold+0x37/0x77 [ 128.527790][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 128.527802][ T1835] kasan_report+0xe/0x20 [ 128.527813][ T1835] v4l2_fh_init+0x279/0x2c0 [ 128.527824][ T1835] v4l2_fh_open+0x88/0xc0 [ 128.527837][ T1835] em28xx_v4l2_open+0x11a/0x570 [ 128.527849][ T1835] v4l2_open+0x20f/0x3d0 [ 128.527861][ T1835] ? v4l2_release+0x390/0x390 [ 128.527871][ T1835] chrdev_open+0x219/0x5c0 [ 128.527881][ T1835] ? cdev_put.part.0+0x50/0x50 [ 128.527902][ T1835] do_dentry_open+0x494/0x1120 [ 128.535604][ T1793] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB. [ 128.542777][ T1835] ? cdev_put.part.0+0x50/0x50 [ 128.542792][ T1835] ? chmod_common+0x3c0/0x3c0 [ 128.542804][ T1835] ? inode_permission+0xbe/0x3a0 [ 128.542814][ T1835] path_openat+0x1222/0x32a0 [ 128.542827][ T1835] ? path_mountpoint.isra.0+0x370/0x370 [ 128.542839][ T1835] ? __lock_acquire+0x145e/0x3b60 [ 128.542852][ T1835] do_filp_open+0x192/0x260 [ 128.542872][ T1835] ? may_open_dev+0xf0/0xf0 [ 128.550440][ T1793] em28xx 1-1:0.0: Remote control support is not available for this card. [ 128.552704][ T1835] ? __alloc_fd+0x46d/0x600 [ 128.560737][ T78] em28xx 1-1:0.0: Closing input extension [ 128.570671][ T1835] ? do_raw_spin_lock+0x129/0x290 [ 128.570685][ T1835] ? _raw_spin_unlock+0x1a/0x30 [ 128.570696][ T1835] ? __alloc_fd+0x46d/0x600 [ 128.570706][ T1835] do_sys_openat2+0x54c/0x740 [ 128.570718][ T1835] ? file_open_root+0x3d0/0x3d0 [ 128.570736][ T1835] ? up_read+0x1ab/0x750 [ 128.754749][ T1835] do_sys_open+0xc3/0x140 [ 128.759224][ T1835] ? filp_open+0x70/0x70 [ 128.763646][ T1835] ? trace_hardirqs_off_caller+0x55/0x200 [ 128.769506][ T1835] do_syscall_64+0xb6/0x5a0 [ 128.774079][ T1835] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 128.780268][ T1835] RIP: 0033:0x7f72c6426120 [ 128.784846][ T1835] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 128.805409][ T1835] RSP: 002b:00007fff155c5798 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 128.813868][ T1835] RAX: ffffffffffffffda RBX: 00007fff155c58f8 RCX: 00007f72c6426120 [ 128.821889][ T1835] RDX: 00007f72c66db138 RSI: 0000000000000000 RDI: 00007fff155c6f1e [ 128.829917][ T1835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 128.837892][ T1835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400884 [ 128.846005][ T1835] R13: 00007fff155c58f0 R14: 0000000000000000 R15: 0000000000000000 [ 128.854035][ T1835] [ 128.856395][ T1835] Allocated by task 1793: [ 128.861136][ T1835] save_stack+0x1b/0x80 [ 128.865547][ T1835] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 128.871212][ T1835] em28xx_v4l2_init.cold+0x93/0x33eb [ 128.876688][ T1835] em28xx_init_extension+0x12f/0x1f0 [ 128.882267][ T1835] request_module_async+0x5d/0x70 [ 128.887862][ T1835] process_one_work+0x94b/0x1620 [ 128.893196][ T1835] worker_thread+0x96/0xe20 [ 128.898472][ T1835] kthread+0x318/0x420 [ 128.902724][ T1835] ret_from_fork+0x24/0x30 [ 128.907179][ T1835] [ 128.909507][ T1835] Freed by task 1793: [ 128.913498][ T1835] save_stack+0x1b/0x80 [ 128.917653][ T1835] __kasan_slab_free+0x117/0x160 [ 128.922633][ T1835] kfree+0xd5/0x300 [ 128.926868][ T1835] em28xx_v4l2_init.cold+0x2d4/0x33eb [ 128.932769][ T1835] em28xx_init_extension+0x12f/0x1f0 [ 128.939719][ T1835] request_module_async+0x5d/0x70 [ 128.945197][ T1835] process_one_work+0x94b/0x1620 [ 128.951362][ T1835] worker_thread+0x96/0xe20 [ 128.955916][ T1835] kthread+0x318/0x420 [ 128.960204][ T1835] ret_from_fork+0x24/0x30 [ 128.964609][ T1835] [ 128.967061][ T1835] The buggy address belongs to the object at ffff8881cca78000 [ 128.967061][ T1835] which belongs to the cache kmalloc-8k of size 8192 [ 128.981468][ T1835] The buggy address is located 2160 bytes inside of [ 128.981468][ T1835] 8192-byte region [ffff8881cca78000, ffff8881cca7a000) [ 128.995092][ T1835] The buggy address belongs to the page: [ 129.000732][ T1835] page:ffffea0007329e00 refcount:1 mapcount:0 mapping:ffff8881da00c500 index:0x0 compound_mapcount: 0 [ 129.011665][ T1835] flags: 0x200000000010200(slab|head) [ 129.017083][ T1835] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da00c500 [ 129.025671][ T1835] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 129.034530][ T1835] page dumped because: kasan: bad access detected [ 129.041061][ T1835] [ 129.043387][ T1835] Memory state around the buggy address: [ 129.049162][ T1835] ffff8881cca78700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.057288][ T1835] ffff8881cca78780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.065495][ T1835] >ffff8881cca78800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.073765][ T1835] ^ [ 129.081819][ T1835] ffff8881cca78880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.091567][ T1835] ffff8881cca78900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.100085][ T1835] ================================================================== [ 129.109127][ T1835] Disabling lock debugging due to kernel taint [ 129.115630][ T1835] Kernel panic - not syncing: panic_on_warn set ... [ 129.122396][ T1835] CPU: 0 PID: 1835 Comm: v4l_id Tainted: G B 5.6.0-rc3-syzkaller #0 [ 129.132439][ T1835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.142972][ T1835] Call Trace: [ 129.146265][ T1835] dump_stack+0xef/0x16e [ 129.150744][ T1835] panic+0x2aa/0x6e1 [ 129.154989][ T1835] ? add_taint.cold+0x16/0x16 [ 129.160095][ T1835] ? retint_kernel+0x10/0x10 [ 129.165030][ T1835] ? trace_hardirqs_on+0x55/0x200 [ 129.170233][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 129.175140][ T1835] end_report+0x43/0x49 [ 129.179526][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 129.184643][ T1835] __kasan_report.cold+0x55/0x77 [ 129.189798][ T1835] ? v4l2_fh_init+0x279/0x2c0 [ 129.194625][ T1835] kasan_report+0xe/0x20 [ 129.198982][ T1835] v4l2_fh_init+0x279/0x2c0 [ 129.203509][ T1835] v4l2_fh_open+0x88/0xc0 [ 129.207843][ T1835] em28xx_v4l2_open+0x11a/0x570 [ 129.212698][ T1835] v4l2_open+0x20f/0x3d0 [ 129.217047][ T1835] ? v4l2_release+0x390/0x390 [ 129.221723][ T1835] chrdev_open+0x219/0x5c0 [ 129.226149][ T1835] ? cdev_put.part.0+0x50/0x50 [ 129.230920][ T1835] do_dentry_open+0x494/0x1120 [ 129.237128][ T1835] ? cdev_put.part.0+0x50/0x50 [ 129.242071][ T1835] ? chmod_common+0x3c0/0x3c0 [ 129.246748][ T1835] ? inode_permission+0xbe/0x3a0 [ 129.251817][ T1835] path_openat+0x1222/0x32a0 [ 129.256734][ T1835] ? path_mountpoint.isra.0+0x370/0x370 [ 129.262281][ T1835] ? __lock_acquire+0x145e/0x3b60 [ 129.267478][ T1835] do_filp_open+0x192/0x260 [ 129.272041][ T1835] ? may_open_dev+0xf0/0xf0 [ 129.276556][ T1835] ? __alloc_fd+0x46d/0x600 [ 129.281075][ T1835] ? do_raw_spin_lock+0x129/0x290 [ 129.287914][ T1835] ? _raw_spin_unlock+0x1a/0x30 [ 129.293109][ T1835] ? __alloc_fd+0x46d/0x600 [ 129.297800][ T1835] do_sys_openat2+0x54c/0x740 [ 129.302794][ T1835] ? file_open_root+0x3d0/0x3d0 [ 129.307646][ T1835] ? up_read+0x1ab/0x750 [ 129.311932][ T1835] do_sys_open+0xc3/0x140 [ 129.316586][ T1835] ? filp_open+0x70/0x70 [ 129.321470][ T1835] ? trace_hardirqs_off_caller+0x55/0x200 [ 129.327729][ T1835] do_syscall_64+0xb6/0x5a0 [ 129.332583][ T1835] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 129.338593][ T1835] RIP: 0033:0x7f72c6426120 [ 129.343114][ T1835] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 129.363819][ T1835] RSP: 002b:00007fff155c5798 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 129.372817][ T1835] RAX: ffffffffffffffda RBX: 00007fff155c58f8 RCX: 00007f72c6426120 [ 129.381135][ T1835] RDX: 00007f72c66db138 RSI: 0000000000000000 RDI: 00007fff155c6f1e [ 129.389277][ T1835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 129.397674][ T1835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400884 [ 129.406761][ T1835] R13: 00007fff155c58f0 R14: 0000000000000000 R15: 0000000000000000 [ 129.415700][ T1835] Kernel Offset: disabled [ 129.420198][ T1835] Rebooting in 86400 seconds..