[�[36minfo�[39;49m] Using makefile-style concurrent boot in runlevel 2.
[ 13.734857][ C1] random: crng init done
[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.16' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 23.888266][ T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 23.978535][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 24.098335][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 24.268326][ T12] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26
[ 24.277411][ T12] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 24.285889][ T12] usb 1-1: Product: syz
[ 24.290206][ T12] usb 1-1: Manufacturer: syz
[ 24.294799][ T12] usb 1-1: SerialNumber: syz
[ 24.301450][ T12] usb 1-1: config 0 descriptor??
[ 24.359983][ T12] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0)
[ 24.370225][ T12] em28xx 1-1:0.0: Video interface 0 found:
executing program
[ 24.598529][ T12] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 24.818318][ T12] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 24.826475][ T12] em28xx 1-1:0.0: board has no eeprom
[ 24.938212][ T12] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57)
[ 24.946665][ T12] em28xx 1-1:0.0: analog set to bulk mode.
[ 24.953366][ T103] em28xx 1-1:0.0: Registering V4L2 extension
[ 24.961746][ T12] usb 1-1: USB disconnect, device number 2
[ 24.971368][ T12] em28xx 1-1:0.0: Disconnecting em28xx
[ 24.986135][ T103] em28xx 1-1:0.0: Config register raw data: 0xffffffed
[ 24.993607][ T103] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[ 25.002198][ T103] em28xx 1-1:0.0: No AC97 audio processor
[ 25.009474][ T103] usb 1-1: Decoder not found
[ 25.014247][ T103] em28xx 1-1:0.0: failed to create media graph
[ 25.020781][ T103] em28xx 1-1:0.0: V4L2 device video0 deregistered
[ 25.030011][ T103] em28xx 1-1:0.0: Binding DVB extension
[ 25.035601][ T103] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0
[ 25.043366][ T103] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB.
[ 25.051679][ T103] em28xx 1-1:0.0: Remote control support is not available for this card.
[ 25.060645][ T12] em28xx 1-1:0.0: Closing input extension
[ 25.070130][ T12] em28xx 1-1:0.0: Freeing device
[ 25.428256][ T12] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 25.518335][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 25.638341][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 25.808336][ T12] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26
[ 25.817489][ T12] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 25.825550][ T12] usb 1-1: Product: syz
[ 25.829749][ T12] usb 1-1: Manufacturer: syz
[ 25.834326][ T12] usb 1-1: SerialNumber: syz
[ 25.840222][ T12] usb 1-1: config 0 descriptor??
[ 25.879640][ T12] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0)
[ 25.889037][ T12] em28xx 1-1:0.0: Video interface 0 found:
executing program
[ 26.128322][ T12] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 26.358274][ T12] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 26.366356][ T12] em28xx 1-1:0.0: board has no eeprom
[ 26.478225][ T12] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57)
[ 26.486446][ T12] em28xx 1-1:0.0: analog set to bulk mode.
[ 26.493068][ T103] em28xx 1-1:0.0: Registering V4L2 extension
[ 26.501037][ T12] usb 1-1: USB disconnect, device number 3
[ 26.507435][ T12] em28xx 1-1:0.0: Disconnecting em28xx
[ 26.524052][ T103] em28xx 1-1:0.0: Config register raw data: 0xffffffed
[ 26.531166][ T103] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[ 26.538117][ T103] em28xx 1-1:0.0: No AC97 audio processor
[ 26.545023][ T103] usb 1-1: Decoder not found
[ 26.549805][ T103] em28xx 1-1:0.0: failed to create media graph
[ 26.555997][ T103] em28xx 1-1:0.0: V4L2 device video0 deregistered
[ 26.563170][ T103] em28xx 1-1:0.0: Binding DVB extension
[ 26.568867][ T103] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0
[ 26.576519][ T103] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB.
[ 26.585098][ T103] em28xx 1-1:0.0: Remote control support is not available for this card.
[ 26.593609][ T12] em28xx 1-1:0.0: Closing input extension
[ 26.600274][ T12] em28xx 1-1:0.0: Freeing device
[ 26.948259][ T12] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 27.038340][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 27.158312][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 27.328343][ T12] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26
[ 27.337715][ T12] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 27.345772][ T12] usb 1-1: Product: syz
[ 27.349986][ T12] usb 1-1: Manufacturer: syz
[ 27.354594][ T12] usb 1-1: SerialNumber: syz
[ 27.361291][ T12] usb 1-1: config 0 descriptor??
[ 27.399648][ T12] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0)
[ 27.409055][ T12] em28xx 1-1:0.0: Video interface 0 found:
executing program
[ 27.648371][ T12] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 27.868283][ T12] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 27.876313][ T12] em28xx 1-1:0.0: board has no eeprom
[ 27.988255][ T12] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57)
[ 27.996461][ T12] em28xx 1-1:0.0: analog set to bulk mode.
[ 28.004267][ T12] usb 1-1: USB disconnect, device number 4
[ 28.010728][ T12] em28xx 1-1:0.0: Disconnecting em28xx
[ 28.016386][ T103] em28xx 1-1:0.0: Registering V4L2 extension
[ 28.030841][ T103] em28xx 1-1:0.0: Config register raw data: 0xffffffed
[ 28.037700][ T103] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[ 28.044714][ T103] em28xx 1-1:0.0: No AC97 audio processor
[ 28.051022][ T103] usb 1-1: Decoder not found
[ 28.055614][ T103] em28xx 1-1:0.0: failed to create media graph
[ 28.061832][ T103] em28xx 1-1:0.0: V4L2 device video0 deregistered
[ 28.069008][ T103] em28xx 1-1:0.0: Binding DVB extension
[ 28.074574][ T103] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0
[ 28.082235][ T103] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB.
[ 28.090531][ T103] em28xx 1-1:0.0: Remote control support is not available for this card.
[ 28.099022][ T12] em28xx 1-1:0.0: Closing input extension
[ 28.105726][ T12] em28xx 1-1:0.0: Freeing device
[ 28.458249][ T12] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 28.548343][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 28.668357][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 28.838334][ T12] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26
[ 28.847531][ T12] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 28.855640][ T12] usb 1-1: Product: syz
[ 28.859866][ T12] usb 1-1: Manufacturer: syz
[ 28.864443][ T12] usb 1-1: SerialNumber: syz
[ 28.870331][ T12] usb 1-1: config 0 descriptor??
[ 28.909546][ T12] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0)
[ 28.918994][ T12] em28xx 1-1:0.0: Video interface 0 found:
executing program
[ 29.148363][ T12] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 29.368291][ T12] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 29.376307][ T12] em28xx 1-1:0.0: board has no eeprom
[ 29.488246][ T12] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57)
[ 29.496684][ T12] em28xx 1-1:0.0: analog set to bulk mode.
[ 29.503118][ T103] em28xx 1-1:0.0: Registering V4L2 extension
[ 29.511084][ T12] usb 1-1: USB disconnect, device number 5
[ 29.519944][ T103] em28xx 1-1:0.0: reading from i2c device at 0xb8 failed (error=-19)
[ 29.529940][ T12] em28xx 1-1:0.0: Disconnecting em28xx
[ 29.541752][ T103] em28xx 1-1:0.0: Config register raw data: 0xffffffed
[ 29.548777][ T103] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[ 29.555752][ T103] em28xx 1-1:0.0: No AC97 audio processor
[ 29.562252][ T103] usb 1-1: Decoder not found
[ 29.566993][ T103] em28xx 1-1:0.0: failed to create media graph
[ 29.573259][ T103] em28xx 1-1:0.0: V4L2 device video0 deregistered
[ 29.580383][ T103] em28xx 1-1:0.0: Binding DVB extension
[ 29.585989][ T103] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0
[ 29.593599][ T103] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB.
[ 29.601992][ T103] em28xx 1-1:0.0: Remote control support is not available for this card.
[ 29.610518][ T12] em28xx 1-1:0.0: Closing input extension
[ 29.617109][ T12] em28xx 1-1:0.0: Freeing device
[ 29.968252][ T12] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 30.058313][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 30.178354][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 30.348334][ T12] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26
[ 30.357481][ T12] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 30.365525][ T12] usb 1-1: Product: syz
[ 30.369928][ T12] usb 1-1: Manufacturer: syz
[ 30.374599][ T12] usb 1-1: SerialNumber: syz
[ 30.380565][ T12] usb 1-1: config 0 descriptor??
[ 30.419560][ T12] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0)
[ 30.428899][ T12] em28xx 1-1:0.0: Video interface 0 found:
executing program
[ 30.678307][ T12] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 30.898307][ T12] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 30.906343][ T12] em28xx 1-1:0.0: board has no eeprom
[ 31.018255][ T12] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57)
[ 31.026593][ T12] em28xx 1-1:0.0: analog set to bulk mode.
[ 31.034134][ T12] usb 1-1: USB disconnect, device number 6
[ 31.040649][ T12] em28xx 1-1:0.0: Disconnecting em28xx
[ 31.046338][ T103] em28xx 1-1:0.0: Registering V4L2 extension
[ 31.060633][ T103] em28xx 1-1:0.0: Config register raw data: 0xffffffed
[ 31.067946][ T103] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[ 31.075122][ T103] em28xx 1-1:0.0: No AC97 audio processor
[ 31.082210][ T103] usb 1-1: Decoder not found
[ 31.087178][ T103] em28xx 1-1:0.0: failed to create media graph
[ 31.093391][ T103] em28xx 1-1:0.0: V4L2 device video0 deregistered
[ 31.100524][ T103] em28xx 1-1:0.0: Binding DVB extension
[ 31.106080][ T103] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0
[ 31.113867][ T103] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB.
[ 31.122314][ T103] em28xx 1-1:0.0: Remote control support is not available for this card.
[ 31.130799][ T12] em28xx 1-1:0.0: Closing input extension
[ 31.137358][ T12] em28xx 1-1:0.0: Freeing device
[ 31.488261][ T12] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 31.578381][ T12] usb 1-1: Using ep0 maxpacket: 32
[ 31.698356][ T12] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 31.868324][ T12] usb 1-1: New USB device found, idVendor=eb1a, idProduct=a316, bcdDevice=5c.26
[ 31.877601][ T12] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 31.886881][ T12] usb 1-1: Product: syz
[ 31.891075][ T12] usb 1-1: Manufacturer: syz
[ 31.895820][ T12] usb 1-1: SerialNumber: syz
[ 31.901666][ T12] usb 1-1: config 0 descriptor??
[ 31.939540][ T12] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (eb1a:a316, interface 0, class 0)
[ 31.948822][ T12] em28xx 1-1:0.0: Video interface 0 found:
executing program
[ 32.178441][ T12] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 32.398266][ T12] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 32.406298][ T12] em28xx 1-1:0.0: board has no eeprom
[ 32.518230][ T12] em28xx 1-1:0.0: Identified as Kworld PlusTV HD Hybrid 330 (card=57)
[ 32.526522][ T12] em28xx 1-1:0.0: analog set to bulk mode.
[ 32.532878][ T103] em28xx 1-1:0.0: Registering V4L2 extension
[ 32.540326][ T12] usb 1-1: USB disconnect, device number 7
[ 32.553843][ T103] em28xx 1-1:0.0: reading from i2c device at 0xb8 failed (error=-19)
[ 32.562413][ T12] em28xx 1-1:0.0: Disconnecting em28xx
[ 32.571953][ T103] em28xx 1-1:0.0: Config register raw data: 0xffffffed
[ 32.579035][ T103] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[ 32.585946][ T103] em28xx 1-1:0.0: No AC97 audio processor
[ 32.592834][ T103] usb 1-1: Decoder not found
[ 32.597476][ T103] em28xx 1-1:0.0: failed to create media graph
[ 32.603903][ T103] em28xx 1-1:0.0: V4L2 device video0 deregistered
[ 32.611227][ T103] em28xx 1-1:0.0: Binding DVB extension
[ 32.611372][ T1833] ==================================================================
[ 32.616856][ T103] em28xx 1-1:0.0: no endpoint for DVB mode and transfer type 0
[ 32.624885][ T1833] BUG: KASAN: use-after-free in v4l2_fh_init+0x279/0x2c0
[ 32.624896][ T1833] Read of size 8 at addr ffff8881cd0b0870 by task v4l_id/1833
[ 32.624899][ T1833]
[ 32.624912][ T1833] CPU: 1 PID: 1833 Comm: v4l_id Not tainted 5.6.0-rc3-syzkaller #0
[ 32.624919][ T1833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 32.624924][ T1833] Call Trace:
[ 32.624938][ T1833] dump_stack+0xef/0x16e
[ 32.624948][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 32.624958][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 32.624973][ T1833] print_address_description.constprop.0.cold+0xd3/0x314
[ 32.624988][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 32.632544][ T103] em28xx 1-1:0.0: failed to pre-allocate USB transfer buffers for DVB.
[ 32.639527][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 32.639541][ T1833] __kasan_report.cold+0x37/0x77
[ 32.639553][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 32.639565][ T1833] kasan_report+0xe/0x20
[ 32.639581][ T1833] v4l2_fh_init+0x279/0x2c0
[ 32.647051][ T103] em28xx 1-1:0.0: Remote control support is not available for this card.
[ 32.649359][ T1833] v4l2_fh_open+0x88/0xc0
[ 32.649374][ T1833] em28xx_v4l2_open+0x11a/0x570
[ 32.649385][ T1833] v4l2_open+0x20f/0x3d0
[ 32.649396][ T1833] ? v4l2_release+0x390/0x390
[ 32.649406][ T1833] chrdev_open+0x219/0x5c0
[ 32.649421][ T1833] ? cdev_put.part.0+0x50/0x50
[ 32.657804][ T12] em28xx 1-1:0.0: Closing input extension
[ 32.667981][ T1833] do_dentry_open+0x494/0x1120
[ 32.667995][ T1833] ? cdev_put.part.0+0x50/0x50
[ 32.668007][ T1833] ? chmod_common+0x3c0/0x3c0
[ 32.668020][ T1833] ? inode_permission+0xbe/0x3a0
[ 32.668031][ T1833] path_openat+0x1222/0x32a0
[ 32.668043][ T1833] ? path_mountpoint.isra.0+0x370/0x370
[ 32.668060][ T1833] ? __lock_acquire+0x145e/0x3b60
[ 32.803323][ T1833] do_filp_open+0x192/0x260
[ 32.807808][ T1833] ? may_open_dev+0xf0/0xf0
[ 32.812286][ T1833] ? __alloc_fd+0x46d/0x600
[ 32.816878][ T1833] ? do_raw_spin_lock+0x129/0x290
[ 32.821951][ T1833] ? _raw_spin_unlock+0x1a/0x30
[ 32.826975][ T1833] ? __alloc_fd+0x46d/0x600
[ 32.831589][ T1833] do_sys_openat2+0x54c/0x740
[ 32.836254][ T1833] ? file_open_root+0x3d0/0x3d0
[ 32.841140][ T1833] ? up_read+0x1ab/0x750
[ 32.845365][ T1833] do_sys_open+0xc3/0x140
[ 32.849723][ T1833] ? filp_open+0x70/0x70
[ 32.853947][ T1833] ? trace_hardirqs_off_caller+0x55/0x200
[ 32.859646][ T1833] do_syscall_64+0xb6/0x5a0
[ 32.864240][ T1833] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 32.870110][ T1833] RIP: 0033:0x7eff434ca120
[ 32.874574][ T1833] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24
[ 32.894167][ T1833] RSP: 002b:00007fffb1be1d78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 32.902565][ T1833] RAX: ffffffffffffffda RBX: 00007fffb1be1ed8 RCX: 00007eff434ca120
[ 32.910544][ T1833] RDX: 00007eff4377f138 RSI: 0000000000000000 RDI: 00007fffb1be2f1f
[ 32.918669][ T1833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 32.926641][ T1833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400884
[ 32.934600][ T1833] R13: 00007fffb1be1ed0 R14: 0000000000000000 R15: 0000000000000000
[ 32.942559][ T1833]
[ 32.944874][ T1833] Allocated by task 103:
[ 32.949141][ T1833] save_stack+0x1b/0x80
[ 32.953304][ T1833] __kasan_kmalloc.constprop.0+0xbf/0xd0
[ 32.959090][ T1833] em28xx_v4l2_init.cold+0x93/0x33eb
[ 32.964403][ T1833] em28xx_init_extension+0x12f/0x1f0
[ 32.969667][ T1833] request_module_async+0x5d/0x70
[ 32.974667][ T1833] process_one_work+0x94b/0x1620
[ 32.979580][ T1833] worker_thread+0x96/0xe20
[ 32.984072][ T1833] kthread+0x318/0x420
[ 32.988128][ T1833] ret_from_fork+0x24/0x30
[ 32.992527][ T1833]
[ 32.994840][ T1833] Freed by task 103:
[ 32.998720][ T1833] save_stack+0x1b/0x80
[ 33.002872][ T1833] __kasan_slab_free+0x117/0x160
[ 33.007795][ T1833] kfree+0xd5/0x300
[ 33.011604][ T1833] em28xx_v4l2_init.cold+0x2d4/0x33eb
[ 33.016966][ T1833] em28xx_init_extension+0x12f/0x1f0
[ 33.022319][ T1833] request_module_async+0x5d/0x70
[ 33.027323][ T1833] process_one_work+0x94b/0x1620
[ 33.032236][ T1833] worker_thread+0x96/0xe20
[ 33.036719][ T1833] kthread+0x318/0x420
[ 33.040766][ T1833] ret_from_fork+0x24/0x30
[ 33.045154][ T1833]
[ 33.047462][ T1833] The buggy address belongs to the object at ffff8881cd0b0000
[ 33.047462][ T1833] which belongs to the cache kmalloc-8k of size 8192
[ 33.061505][ T1833] The buggy address is located 2160 bytes inside of
[ 33.061505][ T1833] 8192-byte region [ffff8881cd0b0000, ffff8881cd0b2000)
[ 33.074926][ T1833] The buggy address belongs to the page:
[ 33.080540][ T1833] page:ffffea0007342c00 refcount:1 mapcount:0 mapping:ffff8881da00c500 index:0x0 compound_mapcount: 0
[ 33.091444][ T1833] flags: 0x200000000010200(slab|head)
[ 33.096796][ T1833] raw: 0200000000010200 dead000000000100 dead000000000122 ffff8881da00c500
[ 33.105378][ T1833] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 33.114062][ T1833] page dumped because: kasan: bad access detected
[ 33.120453][ T1833]
[ 33.122757][ T1833] Memory state around the buggy address:
[ 33.128424][ T1833] ffff8881cd0b0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 33.136464][ T1833] ffff8881cd0b0780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 33.144508][ T1833] >ffff8881cd0b0800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 33.152546][ T1833] ^
[ 33.160257][ T1833] ffff8881cd0b0880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 33.168299][ T1833] ffff8881cd0b0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 33.176363][ T1833] ==================================================================
[ 33.184398][ T1833] Disabling lock debugging due to kernel taint
[ 33.190635][ T1833] Kernel panic - not syncing: panic_on_warn set ...
[ 33.197235][ T1833] CPU: 1 PID: 1833 Comm: v4l_id Tainted: G B 5.6.0-rc3-syzkaller #0
[ 33.206501][ T1833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 33.216536][ T1833] Call Trace:
[ 33.219817][ T1833] dump_stack+0xef/0x16e
[ 33.224048][ T1833] panic+0x2aa/0x6e1
[ 33.227931][ T1833] ? add_taint.cold+0x16/0x16
[ 33.232597][ T1833] ? retint_kernel+0x10/0x10
[ 33.237163][ T1833] ? trace_hardirqs_on+0x55/0x200
[ 33.242172][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 33.246842][ T1833] end_report+0x43/0x49
[ 33.250994][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 33.255679][ T1833] __kasan_report.cold+0x55/0x77
[ 33.261040][ T1833] ? v4l2_fh_init+0x279/0x2c0
[ 33.265692][ T1833] kasan_report+0xe/0x20
[ 33.269910][ T1833] v4l2_fh_init+0x279/0x2c0
[ 33.274403][ T1833] v4l2_fh_open+0x88/0xc0
[ 33.278798][ T1833] em28xx_v4l2_open+0x11a/0x570
[ 33.283624][ T1833] v4l2_open+0x20f/0x3d0
[ 33.287845][ T1833] ? v4l2_release+0x390/0x390
[ 33.292509][ T1833] chrdev_open+0x219/0x5c0
[ 33.296898][ T1833] ? cdev_put.part.0+0x50/0x50
[ 33.301661][ T1833] do_dentry_open+0x494/0x1120
[ 33.306404][ T1833] ? cdev_put.part.0+0x50/0x50
[ 33.311141][ T1833] ? chmod_common+0x3c0/0x3c0
[ 33.315793][ T1833] ? inode_permission+0xbe/0x3a0
[ 33.320712][ T1833] path_openat+0x1222/0x32a0
[ 33.325290][ T1833] ? path_mountpoint.isra.0+0x370/0x370
[ 33.330822][ T1833] ? __lock_acquire+0x145e/0x3b60
[ 33.335832][ T1833] do_filp_open+0x192/0x260
[ 33.340326][ T1833] ? may_open_dev+0xf0/0xf0
[ 33.344818][ T1833] ? __alloc_fd+0x46d/0x600
[ 33.349319][ T1833] ? do_raw_spin_lock+0x129/0x290
[ 33.354322][ T1833] ? _raw_spin_unlock+0x1a/0x30
[ 33.359147][ T1833] ? __alloc_fd+0x46d/0x600
[ 33.363785][ T1833] do_sys_openat2+0x54c/0x740
[ 33.368449][ T1833] ? file_open_root+0x3d0/0x3d0
[ 33.373288][ T1833] ? up_read+0x1ab/0x750
[ 33.377549][ T1833] do_sys_open+0xc3/0x140
[ 33.381867][ T1833] ? filp_open+0x70/0x70
[ 33.386152][ T1833] ? trace_hardirqs_off_caller+0x55/0x200
[ 33.391866][ T1833] do_syscall_64+0xb6/0x5a0
[ 33.396364][ T1833] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 33.402265][ T1833] RIP: 0033:0x7eff434ca120
[ 33.406667][ T1833] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24
[ 33.426343][ T1833] RSP: 002b:00007fffb1be1d78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 33.434733][ T1833] RAX: ffffffffffffffda RBX: 00007fffb1be1ed8 RCX: 00007eff434ca120
[ 33.442680][ T1833] RDX: 00007eff4377f138 RSI: 0000000000000000 RDI: 00007fffb1be2f1f
[ 33.450643][ T1833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 33.458610][ T1833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400884
[ 33.466567][ T1833] R13: 00007fffb1be1ed0 R14: 0000000000000000 R15: 0000000000000000
[ 33.475260][ T1833] Kernel Offset: disabled
[ 33.479586][ T1833] Rebooting in 86400 seconds..