[ 38.597466][ T2480] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 38.609740][ T2474] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=2474 'syz-fuzzer'
[ 49.759917][ T2475] can: request_module (can-proto-0) failed.
[ 49.786680][ T2475] can: request_module (can-proto-2) failed.
[ 49.815265][ T2475] can: request_module (can-proto-0) failed.
[ 49.841880][ T2475] can: request_module (can-proto-7) failed.
[ 49.868205][ T2475] can: request_module (can-proto-0) failed.
[ 49.895241][ T2475] can: request_module (can-proto-1) failed.
[ 50.552303][ T2475] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 51.054057][ T2475] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts.
2023/08/27 16:35:52 ignoring optional flag "sandboxArg"="0"
2023/08/27 16:35:53 parsed 1 programs
2023/08/27 16:35:55 executed programs: 0
[ 75.308311][ T3055] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 84.862219][ T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 85.242249][ T25] usb 1-1: New USB device found, idVendor=0553, idProduct=0002, bcdDevice=b0.11
[ 85.251876][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 85.266928][ T25] usb 1-1: config 0 descriptor??
[ 85.315408][ T25] gspca_main: cpia1-2.14.0 probing 0553:0002
[ 85.752163][ T25] cpia1 1-1:0.0: unexpected state after lo power cmd: 01
[ 86.192128][ T25] gspca_cpia1: usb_control_msg 02, error -32
[ 86.492153][ T25] gspca_cpia1: usb_control_msg 01, error -32
[ 86.552163][ T25] gspca_cpia1: usb_control_msg 01, error -32
[ 86.602129][ T25] gspca_cpia1: usb_control_msg 01, error -32
[ 86.642091][ T25] gspca_cpia1: usb_control_msg 01, error -32
[ 86.862088][ T25] gspca_cpia1: usb_control_msg 03, error -32
[ 86.902139][ T25] gspca_cpia1: usb_control_msg 03, error -32
[ 86.982101][ T25] gspca_cpia1: usb_control_msg a1, error -32
[ 87.022123][ T25] gspca_cpia1: usb_control_msg a1, error -32
[ 87.062216][ T25] gspca_cpia1: usb_control_msg a1, error -32
2023/08/27 16:36:08 executed programs: 1
[ 88.042146][ T25] gspca_cpia1: usb_control_msg 03, error -71
[ 88.062250][ T25] gspca_cpia1: usb_control_msg 03, error -71
[ 88.069025][ T25] ==================================================================
[ 88.077100][ T25] BUG: KASAN: stack-out-of-bounds in set_flicker+0x101c/0x1190
[ 88.084743][ T25] Read of size 8 at addr ffffc900001b6f78 by task kworker/1:1/25
[ 88.092638][ T25]
[ 88.094983][ T25] CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 6.5.0-rc6-syzkaller-00158-g895ed7eb263d-dirty #0
[ 88.105404][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 88.115528][ T25] Workqueue: usb_hub_wq hub_event
[ 88.120606][ T25] Call Trace:
[ 88.123974][ T25]
[ 88.126913][ T25] dump_stack_lvl+0xd9/0x1b0
[ 88.132131][ T25] print_report+0xc4/0x620
[ 88.136544][ T25] ? __virt_addr_valid+0x5e/0x2d0
[ 88.141571][ T25] kasan_report+0xda/0x110
[ 88.145992][ T25] ? set_flicker+0x101c/0x1190
[ 88.150776][ T25] ? set_flicker+0x101c/0x1190
[ 88.155886][ T25] set_flicker+0x101c/0x1190
[ 88.160664][ T25] ? __mutex_lock+0x1b2/0x1340
[ 88.165444][ T25] ? v4l2_ctrl_new_std+0x280/0x280
[ 88.170567][ T25] ? v4l2_ctrl_handler_setup+0x48/0xa0
[ 88.176045][ T25] ? command_setexposure+0xca0/0xca0
[ 88.181430][ T25] ? v4l2_ctrl_new+0x2010/0x2010
[ 88.186365][ T25] ? ptr_to_ptr+0x104/0x170
[ 88.190960][ T25] ? v4l2_ctrl_type_op_init+0xb30/0xb30
[ 88.196606][ T25] sd_s_ctrl+0x2c6/0xbf0
[ 88.200855][ T25] ? sd_dq_callback+0x1e60/0x1e60
[ 88.206335][ T25] __v4l2_ctrl_handler_setup+0x511/0x710
[ 88.212013][ T25] v4l2_ctrl_handler_setup+0x50/0xa0
[ 88.217511][ T25] gspca_dev_probe2+0xdd6/0x1b20
[ 88.222623][ T25] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 88.228695][ T25] gspca_dev_probe+0x18b/0x270
[ 88.233546][ T25] usb_probe_interface+0x307/0x930
[ 88.238665][ T25] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 88.244209][ T25] really_probe+0x234/0xc90
[ 88.248797][ T25] __driver_probe_device+0x1de/0x4b0
[ 88.254089][ T25] driver_probe_device+0x4c/0x1a0
[ 88.259201][ T25] __device_attach_driver+0x1d4/0x300
[ 88.264762][ T25] ? driver_probe_device+0x1a0/0x1a0
[ 88.270077][ T25] bus_for_each_drv+0x157/0x1d0
[ 88.274965][ T25] ? bus_for_each_dev+0x1d0/0x1d0
[ 88.280168][ T25] ? lockdep_hardirqs_on+0x7d/0x100
[ 88.285395][ T25] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 88.291224][ T25] __device_attach+0x1e8/0x4b0
[ 88.296029][ T25] ? device_driver_attach+0x200/0x200
[ 88.301504][ T25] ? do_raw_spin_unlock+0x173/0x230
[ 88.306741][ T25] bus_probe_device+0x17c/0x1c0
[ 88.311606][ T25] device_add+0x11f1/0x1b40
[ 88.316323][ T25] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 88.323363][ T25] ? mark_held_locks+0x9f/0xe0
[ 88.328219][ T25] usb_set_configuration+0x10cb/0x1c40
[ 88.333687][ T25] usb_generic_driver_probe+0xca/0x130
[ 88.339156][ T25] usb_probe_device+0xda/0x2c0
[ 88.344135][ T25] ? usb_driver_release_interface+0x190/0x190
[ 88.350489][ T25] really_probe+0x234/0xc90
[ 88.355166][ T25] __driver_probe_device+0x1de/0x4b0
[ 88.360649][ T25] ? usb_driver_applicable+0x1c4/0x220
[ 88.366131][ T25] driver_probe_device+0x4c/0x1a0
[ 88.371175][ T25] __device_attach_driver+0x1d4/0x300
[ 88.378563][ T25] ? driver_probe_device+0x1a0/0x1a0
[ 88.383944][ T25] bus_for_each_drv+0x157/0x1d0
[ 88.388895][ T25] ? bus_for_each_dev+0x1d0/0x1d0
[ 88.393930][ T25] ? lockdep_hardirqs_on+0x7d/0x100
[ 88.399143][ T25] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 88.404979][ T25] __device_attach+0x1e8/0x4b0
[ 88.409758][ T25] ? device_driver_attach+0x200/0x200
[ 88.415149][ T25] ? do_raw_spin_unlock+0x173/0x230
[ 88.420359][ T25] bus_probe_device+0x17c/0x1c0
[ 88.425211][ T25] device_add+0x11f1/0x1b40
[ 88.429796][ T25] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 88.436737][ T25] ? usb_detect_static_quirks+0x335/0x3e0
[ 88.442572][ T25] usb_new_device+0xd80/0x1960
[ 88.447342][ T25] ? hub_disconnect+0x520/0x520
[ 88.452308][ T25] hub_event+0x2e62/0x4f30
[ 88.456971][ T25] ? hub_port_debounce+0x3d0/0x3d0
[ 88.462137][ T25] ? lock_sync+0x190/0x190
[ 88.466655][ T25] ? reacquire_held_locks+0x4b0/0x4b0
[ 88.472051][ T25] ? do_raw_spin_lock+0x12e/0x2b0
[ 88.477112][ T25] ? spin_bug+0x1d0/0x1d0
[ 88.481475][ T25] process_one_work+0xaa2/0x16f0
[ 88.486426][ T25] ? hcd_died_work+0x60/0x60
[ 88.491031][ T25] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 88.496597][ T25] ? spin_bug+0x1d0/0x1d0
[ 88.501021][ T25] worker_thread+0x687/0x1110
[ 88.505896][ T25] ? __kthread_parkme+0x152/0x220
[ 88.511194][ T25] ? process_one_work+0x16f0/0x16f0
[ 88.516492][ T25] kthread+0x33a/0x430
[ 88.520739][ T25] ? kthread_complete_and_exit+0x40/0x40
[ 88.526493][ T25] ret_from_fork+0x2c/0x70
[ 88.530911][ T25] ? kthread_complete_and_exit+0x40/0x40
[ 88.536571][ T25] ret_from_fork_asm+0x11/0x20
[ 88.541341][ T25]
[ 88.544351][ T25]
[ 88.546841][ T25] The buggy address belongs to stack of task kworker/1:1/25
[ 88.554285][ T25] and is located at offset 32 in frame:
[ 88.559900][ T25] set_flicker+0x0/0x1190
[ 88.564330][ T25]
[ 88.566640][ T25] This frame has 1 object:
[ 88.571041][ T25] [32, 36) 'currentexp'
[ 88.571051][ T25]
[ 88.577676][ T25] The buggy address belongs to the virtual mapping at
[ 88.577676][ T25] [ffffc900001b0000, ffffc900001b9000) created by:
[ 88.577676][ T25] kernel_clone+0xfc/0x820
[ 88.595310][ T25]
[ 88.597888][ T25] The buggy address belongs to the physical page:
[ 88.604291][ T25] page:ffffea00040b97c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e5f
[ 88.614520][ T25] flags: 0x200000000000000(node=0|zone=2)
[ 88.620319][ T25] page_type: 0xffffffff()
[ 88.624652][ T25] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[ 88.633235][ T25] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 88.641852][ T25] page dumped because: kasan: bad access detected
[ 88.648596][ T25] page_owner tracks the page as allocated
[ 88.654507][ T25] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 2, tgid 2 (kthreadd), ts 2379209355, free_ts 0
[ 88.672663][ T25] post_alloc_hook+0x2d2/0x350
[ 88.677437][ T25] get_page_from_freelist+0x10e1/0x2fd0
[ 88.683079][ T25] __alloc_pages+0x1d0/0x4a0
[ 88.687675][ T25] __vmalloc_node_range+0x625/0x1540
[ 88.693048][ T25] copy_process+0x13de/0x7300
[ 88.697832][ T25] kernel_clone+0xfc/0x820
[ 88.702289][ T25] kernel_thread+0xc0/0x100
[ 88.706989][ T25] kthreadd+0x4fc/0x7b0
[ 88.711326][ T25] ret_from_fork+0x2c/0x70
[ 88.715886][ T25] ret_from_fork_asm+0x11/0x20
[ 88.720749][ T25] page_owner free stack trace missing
[ 88.726362][ T25]
[ 88.728669][ T25] Memory state around the buggy address:
[ 88.734285][ T25] ffffc900001b6e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.742506][ T25] ffffc900001b6e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.750552][ T25] >ffffc900001b6f00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04
[ 88.758603][ T25] ^
[ 88.766733][ T25] ffffc900001b6f80: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.774783][ T25] ffffc900001b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 88.783082][ T25] ==================================================================
[ 88.791374][ T25] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 88.798925][ T25] CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 6.5.0-rc6-syzkaller-00158-g895ed7eb263d-dirty #0
[ 88.809629][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 88.819688][ T25] Workqueue: usb_hub_wq hub_event
[ 88.824718][ T25] Call Trace:
[ 88.827996][ T25]
[ 88.831036][ T25] dump_stack_lvl+0xd9/0x1b0
[ 88.835724][ T25] panic+0x6a4/0x750
[ 88.839708][ T25] ? panic_smp_self_stop+0xa0/0xa0
[ 88.844902][ T25] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 88.851331][ T25] check_panic_on_warn+0xab/0xb0
[ 88.856277][ T25] end_report+0x108/0x150
[ 88.860683][ T25] kasan_report+0xea/0x110
[ 88.865094][ T25] ? set_flicker+0x101c/0x1190
[ 88.869855][ T25] ? set_flicker+0x101c/0x1190
[ 88.874722][ T25] set_flicker+0x101c/0x1190
[ 88.879435][ T25] ? __mutex_lock+0x1b2/0x1340
[ 88.884307][ T25] ? v4l2_ctrl_new_std+0x280/0x280
[ 88.889443][ T25] ? v4l2_ctrl_handler_setup+0x48/0xa0
[ 88.895003][ T25] ? command_setexposure+0xca0/0xca0
[ 88.900643][ T25] ? v4l2_ctrl_new+0x2010/0x2010
[ 88.905601][ T25] ? ptr_to_ptr+0x104/0x170
[ 88.910107][ T25] ? v4l2_ctrl_type_op_init+0xb30/0xb30
[ 88.915743][ T25] sd_s_ctrl+0x2c6/0xbf0
[ 88.919988][ T25] ? sd_dq_callback+0x1e60/0x1e60
[ 88.925102][ T25] __v4l2_ctrl_handler_setup+0x511/0x710
[ 88.930916][ T25] v4l2_ctrl_handler_setup+0x50/0xa0
[ 88.936204][ T25] gspca_dev_probe2+0xdd6/0x1b20
[ 88.941418][ T25] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 88.947341][ T25] gspca_dev_probe+0x18b/0x270
[ 88.952123][ T25] usb_probe_interface+0x307/0x930
[ 88.957272][ T25] ? usb_match_dynamic_id+0x1a0/0x1a0
[ 88.962760][ T25] really_probe+0x234/0xc90
[ 88.967441][ T25] __driver_probe_device+0x1de/0x4b0
[ 88.972727][ T25] driver_probe_device+0x4c/0x1a0
[ 88.977756][ T25] __device_attach_driver+0x1d4/0x300
[ 88.983150][ T25] ? driver_probe_device+0x1a0/0x1a0
[ 88.988629][ T25] bus_for_each_drv+0x157/0x1d0
[ 88.993583][ T25] ? bus_for_each_dev+0x1d0/0x1d0
[ 88.998691][ T25] ? lockdep_hardirqs_on+0x7d/0x100
[ 89.003911][ T25] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 89.009848][ T25] __device_attach+0x1e8/0x4b0
[ 89.014720][ T25] ? device_driver_attach+0x200/0x200
[ 89.020189][ T25] ? do_raw_spin_unlock+0x173/0x230
[ 89.025472][ T25] bus_probe_device+0x17c/0x1c0
[ 89.030412][ T25] device_add+0x11f1/0x1b40
[ 89.034915][ T25] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 89.041845][ T25] ? mark_held_locks+0x9f/0xe0
[ 89.046623][ T25] usb_set_configuration+0x10cb/0x1c40
[ 89.052263][ T25] usb_generic_driver_probe+0xca/0x130
[ 89.057750][ T25] usb_probe_device+0xda/0x2c0
[ 89.062515][ T25] ? usb_driver_release_interface+0x190/0x190
[ 89.068756][ T25] really_probe+0x234/0xc90
[ 89.073540][ T25] __driver_probe_device+0x1de/0x4b0
[ 89.078856][ T25] ? usb_driver_applicable+0x1c4/0x220
[ 89.084583][ T25] driver_probe_device+0x4c/0x1a0
[ 89.089604][ T25] __device_attach_driver+0x1d4/0x300
[ 89.095000][ T25] ? driver_probe_device+0x1a0/0x1a0
[ 89.100370][ T25] bus_for_each_drv+0x157/0x1d0
[ 89.105304][ T25] ? bus_for_each_dev+0x1d0/0x1d0
[ 89.110325][ T25] ? lockdep_hardirqs_on+0x7d/0x100
[ 89.115528][ T25] ? _raw_spin_unlock_irqrestore+0x3b/0x70
[ 89.121333][ T25] __device_attach+0x1e8/0x4b0
[ 89.126619][ T25] ? device_driver_attach+0x200/0x200
[ 89.132006][ T25] ? do_raw_spin_unlock+0x173/0x230
[ 89.137589][ T25] bus_probe_device+0x17c/0x1c0
[ 89.142449][ T25] device_add+0x11f1/0x1b40
[ 89.147043][ T25] ? __fw_devlink_link_to_consumers.isra.0+0x270/0x270
[ 89.153892][ T25] ? usb_detect_static_quirks+0x335/0x3e0
[ 89.160653][ T25] usb_new_device+0xd80/0x1960
[ 89.165413][ T25] ? hub_disconnect+0x520/0x520
[ 89.170436][ T25] hub_event+0x2e62/0x4f30
[ 89.174940][ T25] ? hub_port_debounce+0x3d0/0x3d0
[ 89.180049][ T25] ? lock_sync+0x190/0x190
[ 89.184975][ T25] ? reacquire_held_locks+0x4b0/0x4b0
[ 89.190358][ T25] ? do_raw_spin_lock+0x12e/0x2b0
[ 89.195474][ T25] ? spin_bug+0x1d0/0x1d0
[ 89.199920][ T25] process_one_work+0xaa2/0x16f0
[ 89.204890][ T25] ? hcd_died_work+0x60/0x60
[ 89.209662][ T25] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 89.215233][ T25] ? spin_bug+0x1d0/0x1d0
[ 89.219838][ T25] worker_thread+0x687/0x1110
[ 89.224547][ T25] ? __kthread_parkme+0x152/0x220
[ 89.229606][ T25] ? process_one_work+0x16f0/0x16f0
[ 89.234901][ T25] kthread+0x33a/0x430
[ 89.238966][ T25] ? kthread_complete_and_exit+0x40/0x40
[ 89.244611][ T25] ret_from_fork+0x2c/0x70
[ 89.249699][ T25] ? kthread_complete_and_exit+0x40/0x40
[ 89.255335][ T25] ret_from_fork_asm+0x11/0x20
[ 89.260103][ T25]
[ 89.263407][ T25] Kernel Offset: disabled
[ 89.267753][ T25] Rebooting in 86400 seconds..