Warning: Permanently added '10.128.1.108' (ED25519) to the list of known hosts.
2023/08/31 12:11:30 parsed 1 programs
2023/08/31 12:11:30 executed programs: 0
[ 64.880193][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 65.130048][ T9] usb 1-1: Using ep0 maxpacket: 32
[ 65.260167][ T9] usb 1-1: config 0 has an invalid interface number: 254 but max is 0
[ 65.268554][ T9] usb 1-1: config 0 has no interface number 0
[ 65.274966][ T9] usb 1-1: config 0 interface 254 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 65.440187][ T9] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=29.3d
[ 65.449603][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 65.458063][ T9] usb 1-1: Product: syz
[ 65.462276][ T9] usb 1-1: Manufacturer: syz
[ 65.466873][ T9] usb 1-1: SerialNumber: syz
[ 65.476227][ T9] usb 1-1: config 0 descriptor??
[ 65.772374][ T9] em28xx 1-1:0.254: New device syz syz @ 480 Mbps (eb1a:e303, interface 254, class 254)
[ 65.782265][ T9] em28xx 1-1:0.254: Video interface 254 found:
[ 65.910113][ T9] em28xx 1-1:0.254: unknown em28xx chip ID (0)
2023/08/31 12:11:41 executed programs: 1
[ 66.248027][ T9] em28xx 1-1:0.254: reading from i2c device at 0xa0 failed (error=-5)
[ 66.256939][ T9] em28xx 1-1:0.254: board has no eeprom
[ 66.370098][ T9] em28xx 1-1:0.254: Identified as Kaiomy TVnPC U2 (card=63)
[ 66.377825][ T9] em28xx 1-1:0.254: analog set to bulk mode.
[ 66.385794][ T2329] em28xx 1-1:0.254: Registering V4L2 extension
[ 66.401394][ T9] usb 1-1: USB disconnect, device number 2
[ 66.408469][ T9] em28xx 1-1:0.254: Disconnecting em28xx
[ 66.457375][ T2329] i2c i2c-0: Invalid 7-bit I2C address 0x00
[ 66.488347][ T2329] tuner: 0-0061: Tuner -1 found with type(s) Radio TV.
[ 66.520581][ T2329] DVB: Unable to find symbol xc2028_attach()
[ 66.526616][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 66.533068][ T2329] em28xx 1-1:0.254: Config register raw data: 0xffffffed
[ 66.540982][ T2329] em28xx 1-1:0.254: AC97 chip type couldn't be determined
[ 66.548212][ T2329] em28xx 1-1:0.254: No AC97 audio processor
[ 66.554715][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 66.563488][ T2329] em28xx 1-1:0.254: Registered radio device as radio0
[ 66.571621][ T2329] usb 1-1: Decoder not found
[ 66.576271][ T2329] em28xx 1-1:0.254: failed to create media graph
[ 66.582870][ T2329] em28xx 1-1:0.254: V4L2 device radio0 deregistered
[ 66.591133][ T2329] em28xx 1-1:0.254: V4L2 device video0 deregistered
[ 66.600598][ T2329] em28xx 1-1:0.254: Registering input extension
[ 66.607643][ T9] em28xx 1-1:0.254: Closing input extension
[ 66.617024][ T9] em28xx 1-1:0.254: Freeing device
[ 66.980414][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 67.230042][ T9] usb 1-1: Using ep0 maxpacket: 32
[ 67.350247][ T9] usb 1-1: config 0 has an invalid interface number: 254 but max is 0
[ 67.358472][ T9] usb 1-1: config 0 has no interface number 0
[ 67.365379][ T9] usb 1-1: config 0 interface 254 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 67.530285][ T9] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=29.3d
[ 67.539735][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 67.547895][ T9] usb 1-1: Product: syz
[ 67.552209][ T9] usb 1-1: Manufacturer: syz
[ 67.556824][ T9] usb 1-1: SerialNumber: syz
[ 67.568568][ T9] usb 1-1: config 0 descriptor??
[ 67.854247][ T9] em28xx 1-1:0.254: New device syz syz @ 480 Mbps (eb1a:e303, interface 254, class 254)
[ 67.864347][ T9] em28xx 1-1:0.254: Video interface 254 found:
[ 68.000134][ T9] em28xx 1-1:0.254: unknown em28xx chip ID (0)
[ 68.331643][ T9] em28xx 1-1:0.254: reading from i2c device at 0xa0 failed (error=-5)
[ 68.340305][ T9] em28xx 1-1:0.254: board has no eeprom
[ 68.470082][ T9] em28xx 1-1:0.254: Identified as Kaiomy TVnPC U2 (card=63)
[ 68.477513][ T9] em28xx 1-1:0.254: analog set to bulk mode.
[ 68.483887][ T2329] em28xx 1-1:0.254: Registering V4L2 extension
[ 68.507577][ T9] usb 1-1: USB disconnect, device number 3
[ 68.514315][ T9] em28xx 1-1:0.254: Disconnecting em28xx
[ 68.549998][ T2329] i2c i2c-0: Invalid 7-bit I2C address 0x00
[ 68.579614][ T2329] tuner: 0-0061: Tuner -1 found with type(s) Radio TV.
[ 68.611690][ T2329] DVB: Unable to find symbol xc2028_attach()
[ 68.618029][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 68.624655][ T2329] em28xx 1-1:0.254: Config register raw data: 0xffffffed
[ 68.631883][ T2329] em28xx 1-1:0.254: AC97 chip type couldn't be determined
[ 68.639119][ T2329] em28xx 1-1:0.254: No AC97 audio processor
[ 68.645952][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 68.654824][ T2329] em28xx 1-1:0.254: Registered radio device as radio0
[ 68.661836][ T2329] usb 1-1: Decoder not found
[ 68.666523][ T2329] em28xx 1-1:0.254: failed to create media graph
[ 68.677084][ T2329] em28xx 1-1:0.254: V4L2 device radio0 deregistered
[ 68.691500][ T2329] em28xx 1-1:0.254: V4L2 device video0 deregistered
[ 68.709381][ T2329] em28xx 1-1:0.254: Registering input extension
[ 68.725001][ T9] em28xx 1-1:0.254: Closing input extension
[ 68.737191][ T9] em28xx 1-1:0.254: Freeing device
[ 69.110182][ T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 69.360049][ T9] usb 1-1: Using ep0 maxpacket: 32
[ 69.490264][ T9] usb 1-1: config 0 has an invalid interface number: 254 but max is 0
[ 69.498569][ T9] usb 1-1: config 0 has no interface number 0
[ 69.505035][ T9] usb 1-1: config 0 interface 254 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 69.670272][ T9] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=29.3d
[ 69.679347][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 69.687394][ T9] usb 1-1: Product: syz
[ 69.691593][ T9] usb 1-1: Manufacturer: syz
[ 69.696225][ T9] usb 1-1: SerialNumber: syz
[ 69.703458][ T9] usb 1-1: config 0 descriptor??
[ 69.982429][ T9] em28xx 1-1:0.254: New device syz syz @ 480 Mbps (eb1a:e303, interface 254, class 254)
[ 69.992416][ T9] em28xx 1-1:0.254: Video interface 254 found:
[ 70.120115][ T9] em28xx 1-1:0.254: unknown em28xx chip ID (0)
[ 70.440096][ T9] em28xx 1-1:0.254: reading from i2c device at 0xa0 failed (error=-5)
[ 70.448429][ T9] em28xx 1-1:0.254: board has no eeprom
[ 70.570058][ T9] em28xx 1-1:0.254: Identified as Kaiomy TVnPC U2 (card=63)
[ 70.577407][ T9] em28xx 1-1:0.254: analog set to bulk mode.
[ 70.584561][ T2329] em28xx 1-1:0.254: Registering V4L2 extension
[ 70.600664][ T9] usb 1-1: USB disconnect, device number 4
[ 70.607284][ T9] em28xx 1-1:0.254: Disconnecting em28xx
[ 70.654608][ T2329] i2c i2c-0: Invalid 7-bit I2C address 0x00
[ 70.684293][ T2329] tuner: 0-0061: Tuner -1 found with type(s) Radio TV.
[ 70.715453][ T2329] DVB: Unable to find symbol xc2028_attach()
[ 70.721729][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 70.728255][ T2329] em28xx 1-1:0.254: Config register raw data: 0xffffffed
[ 70.735367][ T2329] em28xx 1-1:0.254: AC97 chip type couldn't be determined
[ 70.742830][ T2329] em28xx 1-1:0.254: No AC97 audio processor
[ 70.748766][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 70.758142][ T2329] em28xx 1-1:0.254: Registered radio device as radio0
[ 70.765051][ T2329] usb 1-1: Decoder not found
[ 70.769665][ T2329] em28xx 1-1:0.254: failed to create media graph
[ 70.776083][ T2329] em28xx 1-1:0.254: V4L2 device radio0 deregistered
[ 70.783601][ T2329] em28xx 1-1:0.254: V4L2 device video0 deregistered
[ 70.792447][ T2329] em28xx 1-1:0.254: Registering input extension
[ 70.799123][ T9] em28xx 1-1:0.254: Closing input extension
[ 70.806918][ T9] em28xx 1-1:0.254: Freeing device
[ 71.180046][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 71.420029][ T9] usb 1-1: Using ep0 maxpacket: 32
[ 71.580060][ T9] usb 1-1: config 0 has an invalid interface number: 254 but max is 0
[ 71.588363][ T9] usb 1-1: config 0 has no interface number 0
[ 71.609967][ T9] usb 1-1: config 0 interface 254 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 71.820108][ T9] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e303, bcdDevice=29.3d
[ 71.829185][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 71.837321][ T9] usb 1-1: Product: syz
[ 71.841610][ T9] usb 1-1: Manufacturer: syz
[ 71.846201][ T9] usb 1-1: SerialNumber: syz
[ 71.857182][ T9] usb 1-1: config 0 descriptor??
[ 72.143702][ T9] em28xx 1-1:0.254: New device syz syz @ 480 Mbps (eb1a:e303, interface 254, class 254)
[ 72.153774][ T9] em28xx 1-1:0.254: Video interface 254 found:
[ 72.290060][ T9] em28xx 1-1:0.254: unknown em28xx chip ID (0)
2023/08/31 12:11:48 executed programs: 4
[ 72.610098][ T9] em28xx 1-1:0.254: reading from i2c device at 0xa0 failed (error=-5)
[ 72.618424][ T9] em28xx 1-1:0.254: board has no eeprom
[ 72.729999][ T9] em28xx 1-1:0.254: Identified as Kaiomy TVnPC U2 (card=63)
[ 72.737361][ T9] em28xx 1-1:0.254: analog set to bulk mode.
[ 72.743462][ T2329] em28xx 1-1:0.254: Registering V4L2 extension
[ 72.768144][ T9] usb 1-1: USB disconnect, device number 5
[ 72.774984][ T9] em28xx 1-1:0.254: Disconnecting em28xx
[ 72.806203][ T2329] i2c i2c-0: Invalid 7-bit I2C address 0x00
[ 72.836788][ T2329] tuner: 0-0061: Tuner -1 found with type(s) Radio TV.
[ 72.868321][ T2329] DVB: Unable to find symbol xc2028_attach()
[ 72.874563][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 72.880946][ T2329] em28xx 1-1:0.254: Config register raw data: 0xffffffed
[ 72.889198][ T2329] em28xx 1-1:0.254: AC97 chip type couldn't be determined
[ 72.896528][ T2329] em28xx 1-1:0.254: No AC97 audio processor
[ 72.902479][ T2329] tuner: 0-0061: Tuner has no way to set tv freq
[ 72.923055][ T2329] em28xx 1-1:0.254: Registered radio device as radio0
[ 72.940003][ T2329] usb 1-1: Decoder not found
[ 72.944838][ T2329] em28xx 1-1:0.254: failed to create media graph
[ 72.960097][ T2329] em28xx 1-1:0.254: V4L2 device radio0 deregistered
[ 72.980696][ T2329] em28xx 1-1:0.254: V4L2 device video0 deregistered
[ 72.989671][ T2329] em28xx 1-1:0.254: Registering input extension
[ 72.992130][ T3087] ==================================================================
[ 73.004037][ T3087] BUG: KASAN: slab-use-after-free in v4l2_fh_init+0x27d/0x2c0
[ 73.010163][ T9] em28xx 1-1:0.254: Closing input extension
[ 73.011686][ T3087] Read of size 8 at addr ffff888119738730 by task v4l_id/3087
[ 73.025042][ T3087]
[ 73.027402][ T3087] CPU: 1 PID: 3087 Comm: v4l_id Not tainted 6.5.0-rc6-syzkaller-00158-g895ed7eb263d #0
[ 73.037485][ T3087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 73.047707][ T3087] Call Trace:
[ 73.050974][ T3087]
[ 73.053897][ T3087] dump_stack_lvl+0xd9/0x1b0
[ 73.058486][ T3087] print_report+0xc4/0x620
[ 73.062893][ T3087] ? __virt_addr_valid+0x5e/0x2d0
[ 73.067922][ T3087] ? __phys_addr+0xc6/0x140
[ 73.072419][ T3087] kasan_report+0xda/0x110
[ 73.076834][ T3087] ? v4l2_fh_init+0x27d/0x2c0
[ 73.081592][ T3087] ? v4l2_fh_init+0x27d/0x2c0
[ 73.086261][ T3087] v4l2_fh_init+0x27d/0x2c0
[ 73.090930][ T3087] v4l2_fh_open+0x89/0xc0
[ 73.095382][ T3087] em28xx_v4l2_open+0x250/0x7e0
[ 73.100225][ T3087] v4l2_open+0x226/0x490
[ 73.104583][ T3087] ? v4l2_ioctl+0x250/0x250
[ 73.109091][ T3087] chrdev_open+0x277/0x700
[ 73.113589][ T3087] ? __unregister_chrdev+0x100/0x100
[ 73.118903][ T3087] ? fsnotify_perm.part.0+0x25d/0x630
[ 73.124281][ T3087] ? fsnotify_perm.part.0+0x268/0x630
[ 73.129646][ T3087] do_dentry_open+0x8b2/0x15c0
[ 73.134407][ T3087] ? __unregister_chrdev+0x100/0x100
[ 73.139773][ T3087] ? may_open+0x1f2/0x400
[ 73.144096][ T3087] path_openat+0x19af/0x29c0
[ 73.148683][ T3087] ? path_lookupat+0x770/0x770
[ 73.153439][ T3087] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 73.159406][ T3087] do_filp_open+0x1de/0x430
[ 73.163937][ T3087] ? may_open_dev+0xf0/0xf0
[ 73.168451][ T3087] ? _raw_spin_unlock+0x28/0x40
[ 73.173322][ T3087] ? alloc_fd+0x2da/0x6c0
[ 73.177655][ T3087] do_sys_openat2+0x176/0x1e0
[ 73.182416][ T3087] ? build_open_flags+0x690/0x690
[ 73.187772][ T3087] ? __up_read+0x1fc/0x750
[ 73.192228][ T3087] __x64_sys_openat+0x175/0x210
[ 73.197080][ T3087] ? __ia32_sys_open+0x1e0/0x1e0
[ 73.202190][ T3087] ? syscall_enter_from_user_mode+0x26/0x80
[ 73.208080][ T3087] do_syscall_64+0x38/0xb0
[ 73.212500][ T3087] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 73.218498][ T3087] RIP: 0033:0x7f7a7242d9a4
[ 73.223093][ T3087] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[ 73.243148][ T3087] RSP: 002b:00007ffcfc390470 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 73.251556][ T3087] RAX: ffffffffffffffda RBX: 00007ffcfc390688 RCX: 00007f7a7242d9a4
[ 73.259714][ T3087] RDX: 0000000000000000 RSI: 00007ffcfc390f25 RDI: 00000000ffffff9c
[ 73.267867][ T3087] RBP: 00007ffcfc390f25 R08: 0000000000000000 R09: 0000000000000000
[ 73.275859][ T3087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 73.283836][ T3087] R13: 00007ffcfc3906a0 R14: 0000562c5a9e3670 R15: 00007f7a72876a80
[ 73.291807][ T3087]
[ 73.294813][ T3087]
[ 73.297122][ T3087] Allocated by task 2329:
[ 73.301533][ T3087] kasan_save_stack+0x33/0x50
[ 73.306468][ T3087] kasan_set_track+0x25/0x30
[ 73.311052][ T3087] __kasan_kmalloc+0x87/0x90
[ 73.315644][ T3087] em28xx_v4l2_init+0x114/0x4040
[ 73.320659][ T3087] em28xx_init_extension+0x133/0x1f0
[ 73.326035][ T3087] request_module_async+0x61/0x70
[ 73.331134][ T3087] process_one_work+0xaa2/0x16f0
[ 73.336068][ T3087] worker_thread+0x687/0x1110
[ 73.340909][ T3087] kthread+0x33a/0x430
[ 73.344965][ T3087] ret_from_fork+0x2c/0x70
[ 73.349393][ T3087] ret_from_fork_asm+0x11/0x20
[ 73.354429][ T3087]
[ 73.356853][ T3087] Freed by task 2329:
[ 73.360916][ T3087] kasan_save_stack+0x33/0x50
[ 73.365607][ T3087] kasan_set_track+0x25/0x30
[ 73.370190][ T3087] kasan_save_free_info+0x2b/0x40
[ 73.375549][ T3087] ____kasan_slab_free+0x13f/0x190
[ 73.381463][ T3087] __kmem_cache_free+0xff/0x340
[ 73.386422][ T3087] em28xx_v4l2_init+0x228d/0x4040
[ 73.391703][ T3087] em28xx_init_extension+0x133/0x1f0
[ 73.398276][ T3087] request_module_async+0x61/0x70
[ 73.403390][ T3087] process_one_work+0xaa2/0x16f0
[ 73.408339][ T3087] worker_thread+0x687/0x1110
[ 73.413009][ T3087] kthread+0x33a/0x430
[ 73.417074][ T3087] ret_from_fork+0x2c/0x70
[ 73.421484][ T3087] ret_from_fork_asm+0x11/0x20
[ 73.426235][ T3087]
[ 73.428554][ T3087] The buggy address belongs to the object at ffff888119738000
[ 73.428554][ T3087] which belongs to the cache kmalloc-8k of size 8192
[ 73.442599][ T3087] The buggy address is located 1840 bytes inside of
[ 73.442599][ T3087] freed 8192-byte region [ffff888119738000, ffff88811973a000)
[ 73.456641][ T3087]
[ 73.458949][ T3087] The buggy address belongs to the physical page:
[ 73.465351][ T3087] page:ffffea000465ce00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x119738
[ 73.475585][ T3087] head:ffffea000465ce00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 73.484695][ T3087] anon flags: 0x200000000010200(slab|head|node=0|zone=2)
[ 73.491711][ T3087] page_type: 0xffffffff()
[ 73.496295][ T3087] raw: 0200000000010200 ffff888100042280 ffffea000465ee00 0000000000000005
[ 73.504980][ T3087] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 73.513573][ T3087] page dumped because: kasan: bad access detected
[ 73.520005][ T3087] page_owner tracks the page as allocated
[ 73.525719][ T3087] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2594, tgid 2594 (syz-execprog), ts 54915421619, free_ts 54914537521
[ 73.546648][ T3087] post_alloc_hook+0x2d2/0x350
[ 73.551415][ T3087] get_page_from_freelist+0x10e1/0x2fd0
[ 73.557050][ T3087] __alloc_pages+0x1d0/0x4a0
[ 73.561730][ T3087] alloc_pages+0x1a9/0x270
[ 73.566135][ T3087] allocate_slab+0x24e/0x380
[ 73.570715][ T3087] ___slab_alloc+0x8bc/0x1570
[ 73.575384][ T3087] __slab_alloc.constprop.0+0x56/0xa0
[ 73.580748][ T3087] __kmem_cache_alloc_node+0x132/0x310
[ 73.586200][ T3087] kmalloc_trace+0x25/0xe0
[ 73.590801][ T3087] tomoyo_init_log+0xce5/0x2130
[ 73.595639][ T3087] tomoyo_supervisor+0x30c/0xea0
[ 73.600593][ T3087] tomoyo_env_perm+0x18f/0x200
[ 73.605526][ T3087] tomoyo_find_next_domain+0xef6/0x2020
[ 73.611128][ T3087] tomoyo_bprm_check_security+0x12d/0x1d0
[ 73.616951][ T3087] security_bprm_check+0x6a/0xe0
[ 73.621981][ T3087] bprm_execve+0x74d/0x1a40
[ 73.626478][ T3087] page last free stack trace:
[ 73.631231][ T3087] free_unref_page_prepare+0x4ec/0xb60
[ 73.636778][ T3087] free_unref_page+0x33/0x2c0
[ 73.641541][ T3087] __unfreeze_partials+0x21d/0x240
[ 73.646741][ T3087] qlist_free_all+0x6a/0x170
[ 73.651354][ T3087] kasan_quarantine_reduce+0x18b/0x1d0
[ 73.656986][ T3087] __kasan_slab_alloc+0x4a/0x70
[ 73.661842][ T3087] __kmem_cache_alloc_node+0x196/0x310
[ 73.667305][ T3087] kmalloc_trace+0x25/0xe0
[ 73.671719][ T3087] tomoyo_init_log+0xce5/0x2130
[ 73.676558][ T3087] tomoyo_supervisor+0x30c/0xea0
[ 73.681523][ T3087] tomoyo_env_perm+0x18f/0x200
[ 73.686274][ T3087] tomoyo_find_next_domain+0xef6/0x2020
[ 73.692252][ T3087] tomoyo_bprm_check_security+0x12d/0x1d0
[ 73.697956][ T3087] security_bprm_check+0x6a/0xe0
[ 73.702885][ T3087] bprm_execve+0x74d/0x1a40
[ 73.707396][ T3087] do_execveat_common.isra.0+0x5d3/0x740
[ 73.713237][ T3087]
[ 73.715547][ T3087] Memory state around the buggy address:
[ 73.721163][ T3087] ffff888119738600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.729245][ T3087] ffff888119738680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.737296][ T3087] >ffff888119738700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.745352][ T3087] ^
[ 73.751067][ T3087] ffff888119738780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.759122][ T3087] ffff888119738800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 73.767172][ T3087] ==================================================================
[ 73.776231][ T3087] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 73.783445][ T3087] CPU: 1 PID: 3087 Comm: v4l_id Not tainted 6.5.0-rc6-syzkaller-00158-g895ed7eb263d #0
[ 73.793540][ T3087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 73.804036][ T3087] Call Trace:
[ 73.807312][ T3087]
[ 73.810237][ T3087] dump_stack_lvl+0xd9/0x1b0
[ 73.814840][ T3087] panic+0x6a4/0x750
[ 73.818730][ T3087] ? panic_smp_self_stop+0xa0/0xa0
[ 73.823903][ T3087] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 73.830165][ T3087] check_panic_on_warn+0xab/0xb0
[ 73.835123][ T3087] end_report+0x108/0x150
[ 73.839541][ T3087] kasan_report+0xea/0x110
[ 73.843962][ T3087] ? v4l2_fh_init+0x27d/0x2c0
[ 73.848811][ T3087] ? v4l2_fh_init+0x27d/0x2c0
[ 73.853493][ T3087] v4l2_fh_init+0x27d/0x2c0
[ 73.857990][ T3087] v4l2_fh_open+0x89/0xc0
[ 73.862313][ T3087] em28xx_v4l2_open+0x250/0x7e0
[ 73.867249][ T3087] v4l2_open+0x226/0x490
[ 73.871663][ T3087] ? v4l2_ioctl+0x250/0x250
[ 73.876182][ T3087] chrdev_open+0x277/0x700
[ 73.880705][ T3087] ? __unregister_chrdev+0x100/0x100
[ 73.886000][ T3087] ? fsnotify_perm.part.0+0x25d/0x630
[ 73.891454][ T3087] ? fsnotify_perm.part.0+0x268/0x630
[ 73.896847][ T3087] do_dentry_open+0x8b2/0x15c0
[ 73.901610][ T3087] ? __unregister_chrdev+0x100/0x100
[ 73.906920][ T3087] ? may_open+0x1f2/0x400
[ 73.911253][ T3087] path_openat+0x19af/0x29c0
[ 73.915854][ T3087] ? path_lookupat+0x770/0x770
[ 73.920616][ T3087] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 73.926587][ T3087] do_filp_open+0x1de/0x430
[ 73.931197][ T3087] ? may_open_dev+0xf0/0xf0
[ 73.935711][ T3087] ? _raw_spin_unlock+0x28/0x40
[ 73.940572][ T3087] ? alloc_fd+0x2da/0x6c0
[ 73.944924][ T3087] do_sys_openat2+0x176/0x1e0
[ 73.950027][ T3087] ? build_open_flags+0x690/0x690
[ 73.955141][ T3087] ? __up_read+0x1fc/0x750
[ 73.959565][ T3087] __x64_sys_openat+0x175/0x210
[ 73.964499][ T3087] ? __ia32_sys_open+0x1e0/0x1e0
[ 73.969429][ T3087] ? syscall_enter_from_user_mode+0x26/0x80
[ 73.975362][ T3087] do_syscall_64+0x38/0xb0
[ 73.979857][ T3087] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 73.985745][ T3087] RIP: 0033:0x7f7a7242d9a4
[ 73.990148][ T3087] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[ 74.009946][ T3087] RSP: 002b:00007ffcfc390470 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 74.018637][ T3087] RAX: ffffffffffffffda RBX: 00007ffcfc390688 RCX: 00007f7a7242d9a4
[ 74.026644][ T3087] RDX: 0000000000000000 RSI: 00007ffcfc390f25 RDI: 00000000ffffff9c
[ 74.034630][ T3087] RBP: 00007ffcfc390f25 R08: 0000000000000000 R09: 0000000000000000
[ 74.042783][ T3087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 74.050872][ T3087] R13: 00007ffcfc3906a0 R14: 0000562c5a9e3670 R15: 00007f7a72876a80
[ 74.058853][ T3087]
[ 74.062110][ T3087] Kernel Offset: disabled
[ 74.066434][ T3087] Rebooting in 86400 seconds..