Starting System Logging Service...
Starting OpenBSD Secure Shell server...
Starting Permit User Sessions...
[�[0;32m OK �[0m] Started Regular background program processing daemon.
Starting getty on tty2-tty6 if dbus and logind are not available...
[�[0;32m OK �[0m] Started System Logging Service.
[�[0;32m OK �[0m] Started Permit User Sessions.
[�[0;32m OK �[0m] Found device /dev/ttyS0.
[�[0;32m OK �[0m] Started OpenBSD Secure Shell server.
[�[0;32m OK �[0m] Started getty on tty2-tty6 if dbus and logind are not available.
[�[0;32m OK �[0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[�[0;32m OK �[0m] Started Getty on tty6.
[�[0;32m OK �[0m] Started Getty on tty5.
[�[0;32m OK �[0m] Started Getty on tty4.
[�[0;32m OK �[0m] Started Getty on tty3.
[�[0;32m OK �[0m] Started Getty on tty2.
[�[0;32m OK �[0m] Started Serial Getty on ttyS0.
[�[0;32m OK �[0m] Started Getty on tty1.
[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Warning: Permanently added '10.128.0.109' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
[ 77.878026][ T35] audit: type=1400 audit(1613413749.386:8): avc: denied { execmem } for pid=8422 comm="syz-executor519" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
executing program
executing program
executing program
Debian GNU/Linux 9 syzkaller ttyS0
syzkaller login: [ 78.156425][ T34] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 78.187508][ T4373] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 78.195080][ T19] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 78.196423][ T5] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 78.210699][ T2990] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 78.217589][ T8439] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 78.426421][ T34] usb 6-1: Using ep0 maxpacket: 8
[ 78.446478][ T4373] usb 5-1: Using ep0 maxpacket: 8
[ 78.456427][ T2990] usb 4-1: Using ep0 maxpacket: 8
[ 78.463094][ T5] usb 1-1: Using ep0 maxpacket: 8
[ 78.466378][ T19] usb 2-1: Using ep0 maxpacket: 8
[ 78.476834][ T8439] usb 3-1: Using ep0 maxpacket: 8
[ 78.576581][ T2990] usb 4-1: config 0 has an invalid interface number: 86 but max is 0
[ 78.576714][ T34] usb 6-1: config 0 has an invalid interface number: 86 but max is 0
[ 78.585260][ T2990] usb 4-1: config 0 has no interface number 0
[ 78.593913][ T34] usb 6-1: config 0 has no interface number 0
[ 78.603841][ T5] usb 1-1: config 0 has an invalid interface number: 86 but max is 0
[ 78.606296][ T4373] usb 5-1: config 0 has an invalid interface number: 86 but max is 0
[ 78.614323][ T5] usb 1-1: config 0 has no interface number 0
[ 78.623165][ T34] usb 6-1: config 0 interface 86 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 78.632581][ T2990] usb 4-1: config 0 interface 86 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 78.638882][ T4373] usb 5-1: config 0 has no interface number 0
[ 78.650516][ T5] usb 1-1: config 0 interface 86 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 78.654768][ T8439] usb 3-1: config 0 has an invalid interface number: 86 but max is 0
[ 78.667919][ T2990] usb 4-1: config 0 interface 86 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[ 78.672624][ T19] usb 2-1: config 0 has an invalid interface number: 86 but max is 0
[ 78.684396][ T5] usb 1-1: config 0 interface 86 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[ 78.690899][ T34] usb 6-1: config 0 interface 86 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[ 78.702677][ T2990] usb 4-1: config 0 interface 86 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 78.710719][ T4373] usb 5-1: config 0 interface 86 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 78.722638][ T5] usb 1-1: config 0 interface 86 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 78.730126][ T8439] usb 3-1: config 0 has no interface number 0
[ 78.730174][ T8439] usb 3-1: config 0 interface 86 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 78.730202][ T8439] usb 3-1: config 0 interface 86 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[ 78.730232][ T8439] usb 3-1: config 0 interface 86 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 78.730271][ T8439] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=77.fc
[ 78.746061][ T2990] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=77.fc
[ 78.747889][ T19] usb 2-1: config 0 has no interface number 0
[ 78.760100][ T2990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 78.767524][ T34] usb 6-1: config 0 interface 86 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 78.779653][ T5] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=77.fc
[ 78.786513][ T4373] usb 5-1: config 0 interface 86 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[ 78.797857][ T5] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 78.801852][ T8439] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 78.820569][ T5] usb 1-1: config 0 descriptor??
[ 78.836454][ T19] usb 2-1: config 0 interface 86 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 78.838925][ T2990] usb 4-1: config 0 descriptor??
[ 78.854786][ T34] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=77.fc
[ 78.884640][ T4373] usb 5-1: config 0 interface 86 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 78.896969][ T19] usb 2-1: config 0 interface 86 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[ 78.914901][ T4373] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=77.fc
[ 78.925935][ T19] usb 2-1: config 0 interface 86 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 78.931029][ T5] em28xx 1-1:0.86: New device @ 480 Mbps (0ccd:10af, interface 86, class 86)
[ 78.938148][ T4373] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 78.955839][ T2990] em28xx 4-1:0.86: New device @ 480 Mbps (0ccd:10af, interface 86, class 86)
[ 78.956974][ T8439] usb 3-1: config 0 descriptor??
[ 78.973422][ T19] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=77.fc
[ 78.983806][ T2990] em28xx 4-1:0.86: Video interface 86 found:
[ 78.989412][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 78.999604][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 79.006577][ T5] em28xx 1-1:0.86: Video interface 86 found:
[ 79.021608][ T4373] usb 5-1: config 0 descriptor??
[ 79.034795][ T34] usb 6-1: config 0 descriptor??
[ 79.048835][ T8439] em28xx 3-1:0.86: New device @ 480 Mbps (0ccd:10af, interface 86, class 86)
[ 79.068824][ T19] usb 2-1: config 0 descriptor??
[ 79.081839][ T8439] em28xx 3-1:0.86: Video interface 86 found:
[ 79.099138][ T4373] em28xx 5-1:0.86: New device @ 480 Mbps (0ccd:10af, interface 86, class 86)
[ 79.119127][ T34] em28xx 6-1:0.86: New device @ 480 Mbps (0ccd:10af, interface 86, class 86)
executing program
[ 79.131223][ T19] em28xx 2-1:0.86: New device @ 480 Mbps (0ccd:10af, interface 86, class 86)
executing program
[ 79.156356][ T4373] em28xx 5-1:0.86: Video interface 86 found:
[ 79.174449][ T34] em28xx 6-1:0.86: Video interface 86 found:
[ 79.187507][ T19] em28xx 2-1:0.86: Video interface 86 found:
executing program
[ 79.226570][ T2990] em28xx 4-1:0.86: unknown em28xx chip ID (0)
[ 79.246729][ T5] em28xx 1-1:0.86: unknown em28xx chip ID (0)
executing program
executing program
executing program
[ 79.316541][ T8439] em28xx 3-1:0.86: unknown em28xx chip ID (0)
[ 79.396551][ T5] em28xx 1-1:0.86: reading from i2c device at 0xa0 failed (error=-5)
[ 79.404952][ T5] em28xx 1-1:0.86: board has no eeprom
[ 79.410720][ T2990] em28xx 4-1:0.86: reading from i2c device at 0xa0 failed (error=-5)
[ 79.423091][ T2990] em28xx 4-1:0.86: board has no eeprom
[ 79.436571][ T19] em28xx 2-1:0.86: unknown em28xx chip ID (0)
[ 79.442870][ T34] em28xx 6-1:0.86: unknown em28xx chip ID (0)
[ 79.449312][ T4373] em28xx 5-1:0.86: unknown em28xx chip ID (0)
[ 79.486890][ T8439] em28xx 3-1:0.86: reading from i2c device at 0xa0 failed (error=-5)
[ 79.495020][ T8439] em28xx 3-1:0.86: board has no eeprom
[ 79.546344][ T5] em28xx 1-1:0.86: Identified as Terratec Grabby (card=67)
[ 79.553570][ T5] em28xx 1-1:0.86: analog set to bulk mode.
[ 79.560143][ T2990] em28xx 4-1:0.86: Identified as Terratec Grabby (card=67)
[ 79.567522][ T2990] em28xx 4-1:0.86: analog set to bulk mode.
[ 79.588783][ T5] usb 1-1: USB disconnect, device number 2
[ 79.596823][ T2990] usb 4-1: USB disconnect, device number 2
[ 79.606256][ T8439] em28xx 3-1:0.86: Identified as Terratec Grabby (card=67)
[ 79.613493][ T8439] em28xx 3-1:0.86: analog set to bulk mode.
[ 79.627755][ T4373] em28xx 5-1:0.86: reading from i2c device at 0xa0 failed (error=-5)
[ 79.636818][ T19] em28xx 2-1:0.86: reading from i2c device at 0xa0 failed (error=-5)
[ 79.650928][ T8447] em28xx 1-1:0.86: Registering V4L2 extension
[ 79.652272][ T4373] em28xx 5-1:0.86: board has no eeprom
[ 79.659140][ T2990] em28xx 4-1:0.86: Disconnecting em28xx
[ 79.663033][ T34] em28xx 6-1:0.86: reading from i2c device at 0xa0 failed (error=-5)
[ 79.678156][ T19] em28xx 2-1:0.86: board has no eeprom
[ 79.679304][ T5] em28xx 1-1:0.86: Disconnecting em28xx
[ 79.709863][ T8439] usb 3-1: USB disconnect, device number 2
[ 79.725515][ T34] em28xx 6-1:0.86: board has no eeprom
[ 79.743889][ T8439] em28xx 3-1:0.86: Disconnecting em28xx
[ 79.805330][ T8447] em28xx 1-1:0.86: Config register raw data: 0xffffffed
[ 79.826277][ T8447] em28xx 1-1:0.86: AC97 chip type couldn't be determined
[ 79.836663][ T4373] em28xx 5-1:0.86: Identified as Terratec Grabby (card=67)
[ 79.844040][ T19] em28xx 2-1:0.86: Identified as Terratec Grabby (card=67)
[ 79.846483][ T8447] em28xx 1-1:0.86: No AC97 audio processor
[ 79.851401][ T34] em28xx 6-1:0.86: Identified as Terratec Grabby (card=67)
[ 79.864500][ T34] em28xx 6-1:0.86: analog set to bulk mode.
[ 79.881889][ T19] em28xx 2-1:0.86: analog set to bulk mode.
[ 79.882006][ T8447] usb 1-1: Decoder not found
[ 79.887929][ T4373] em28xx 5-1:0.86: analog set to bulk mode.
[ 79.901025][ T4373] usb 5-1: USB disconnect, device number 2
[ 79.914563][ T34] usb 6-1: USB disconnect, device number 2
[ 79.929861][ T19] usb 2-1: USB disconnect, device number 2
[ 79.940203][ T4373] em28xx 5-1:0.86: Disconnecting em28xx
[ 79.966532][ T34] em28xx 6-1:0.86: Disconnecting em28xx
[ 79.969849][ T8447] em28xx 1-1:0.86: failed to create media graph
[ 79.974452][ T19] em28xx 2-1:0.86: Disconnecting em28xx
[ 79.998945][ T8447] em28xx 1-1:0.86: V4L2 device video71 deregistered
[ 80.028037][ T8447] em28xx 1-1:0.86: Registering snapshot button...
[ 80.082833][ T8447] input: em28xx snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.86/input/input5
[ 80.120487][ T8447] em28xx 1-1:0.86: Remote control support is not available for this card.
[ 80.129854][ T7] em28xx 4-1:0.86: Registering V4L2 extension
[ 80.148859][ T7] em28xx 4-1:0.86: Config register raw data: 0xffffffed
[ 80.155838][ T7] em28xx 4-1:0.86: AC97 chip type couldn't be determined
[ 80.163403][ T7] em28xx 4-1:0.86: No AC97 audio processor
[ 80.177016][ T7] usb 4-1: Decoder not found
[ 80.181640][ T7] em28xx 4-1:0.86: failed to create media graph
[ 80.196240][ T7] em28xx 4-1:0.86: V4L2 device video71 deregistered
[ 80.217437][ T7] em28xx 4-1:0.86: Registering snapshot button...
[ 80.236576][ T7] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.86/input/input6
[ 80.277243][ T7] em28xx 4-1:0.86: Remote control support is not available for this card.
[ 80.285912][ T8449] em28xx 3-1:0.86: Registering V4L2 extension
[ 80.310579][ T8449] em28xx 3-1:0.86: Config register raw data: 0xffffffed
[ 80.318357][ T8449] em28xx 3-1:0.86: AC97 chip type couldn't be determined
[ 80.325699][ T8449] em28xx 3-1:0.86: No AC97 audio processor
[ 80.335243][ T8449] usb 3-1: Decoder not found
[ 80.341589][ T8449] em28xx 3-1:0.86: failed to create media graph
[ 80.348749][ T8449] em28xx 3-1:0.86: V4L2 device video71 deregistered
[ 80.358949][ T8449] em28xx 3-1:0.86: Registering snapshot button...
[ 80.376044][ T8449] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.86/input/input7
[ 80.404949][ T8449] em28xx 3-1:0.86: Remote control support is not available for this card.
[ 80.425437][ T8511] em28xx 5-1:0.86: Registering V4L2 extension
[ 80.460090][ T8511] em28xx 5-1:0.86: Config register raw data: 0xffffffed
[ 80.469535][ T8511] em28xx 5-1:0.86: AC97 chip type couldn't be determined
[ 80.480023][ T8511] em28xx 5-1:0.86: No AC97 audio processor
[ 80.496364][ T8511] usb 5-1: Decoder not found
[ 80.505600][ T8511] em28xx 5-1:0.86: failed to create media graph
[ 80.520303][ T8511] em28xx 5-1:0.86: V4L2 device video71 deregistered
[ 80.537932][ T8511] em28xx 5-1:0.86: Registering snapshot button...
[ 80.545921][ T8511] input: em28xx snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.86/input/input8
[ 80.559166][ T8511] em28xx 5-1:0.86: Remote control support is not available for this card.
[ 80.569081][ T8436] em28xx 6-1:0.86: Registering V4L2 extension
[ 80.604823][ T8436] em28xx 6-1:0.86: Config register raw data: 0xffffffed
[ 80.612354][ T8436] em28xx 6-1:0.86: AC97 chip type couldn't be determined
[ 80.620764][ T8436] em28xx 6-1:0.86: No AC97 audio processor
[ 80.628926][ T8436] usb 6-1: Decoder not found
[ 80.634227][ T8436] em28xx 6-1:0.86: failed to create media graph
[ 80.641270][ T8436] em28xx 6-1:0.86: V4L2 device video71 deregistered
[ 80.649901][ T8436] em28xx 6-1:0.86: Registering snapshot button...
[ 80.659051][ T8436] input: em28xx snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.86/input/input9
[ 80.673006][ T8436] em28xx 6-1:0.86: Remote control support is not available for this card.
[ 80.684445][ T8523] em28xx 2-1:0.86: Registering V4L2 extension
[ 80.721157][ T8523] em28xx 2-1:0.86: Config register raw data: 0xffffffed
[ 80.730890][ T8523] em28xx 2-1:0.86: AC97 chip type couldn't be determined
[ 80.744327][ T8523] em28xx 2-1:0.86: No AC97 audio processor
[ 80.769396][ T8523] usb 2-1: Decoder not found
[ 80.780272][ T8523] em28xx 2-1:0.86: failed to create media graph
[ 80.802484][ T8523] em28xx 2-1:0.86: V4L2 device video71 deregistered
[ 80.819688][ T8523] em28xx 2-1:0.86: Registering snapshot button...
[ 80.819754][ T8558] ==================================================================
[ 80.828341][ T8523] input: em28xx snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.86/input/input10
[ 80.834284][ T8558] BUG: KASAN: use-after-free in v4l2_fh_init+0x279/0x2c0
[ 80.834338][ T8558] Read of size 8 at addr ffff8880367d88b8 by task v4l_id/8558
[ 80.834359][ T8558]
[ 80.834367][ T8558] CPU: 0 PID: 8558 Comm: v4l_id Not tainted 5.11.0-syzkaller #0
[ 80.834391][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 80.852676][ T8523] em28xx 2-1:0.86: Remote control support is not available for this card.
[ 80.859317][ T8558] Call Trace:
[ 80.859331][ T8558] dump_stack+0x107/0x163
[ 80.859369][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 80.859398][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 80.859424][ T8558] print_address_description.constprop.0.cold+0x5b/0x2c6
[ 80.859459][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 80.859485][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 80.868202][ T19] em28xx 2-1:0.86: Closing input extension
[ 80.869428][ T8558] kasan_report.cold+0x79/0xd5
[ 80.869467][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 80.882894][ T19] em28xx 2-1:0.86: Deregistering snapshot button
[ 80.888433][ T8558] v4l2_fh_init+0x279/0x2c0
[ 80.888475][ T8558] v4l2_fh_open+0x88/0xc0
[ 80.888505][ T8558] em28xx_v4l2_open+0x11c/0x570
[ 80.888539][ T8558] v4l2_open+0x21c/0x3f0
[ 80.888567][ T8558] ? v4l2_release+0x3b0/0x3b0
[ 80.888591][ T8558] chrdev_open+0x266/0x770
[ 80.970311][ T8558] ? cdev_device_add+0x210/0x210
[ 80.975283][ T8558] ? security_file_open+0x205/0x4f0
[ 80.980513][ T8558] do_dentry_open+0x4b9/0x11b0
[ 80.985301][ T8558] ? cdev_device_add+0x210/0x210
[ 80.990241][ T8558] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 80.996486][ T8558] ? may_open+0x1e4/0x400
[ 81.000831][ T8558] path_openat+0x1b9a/0x2730
[ 81.005430][ T8558] ? path_lookupat+0x830/0x830
[ 81.010224][ T8558] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 81.016246][ T8558] do_filp_open+0x17e/0x3c0
[ 81.020773][ T8558] ? may_open_dev+0xf0/0xf0
[ 81.025275][ T8558] ? do_raw_spin_lock+0x120/0x2b0
[ 81.030294][ T8558] ? rwlock_bug.part.0+0x90/0x90
[ 81.035230][ T8558] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 81.041480][ T8558] ? _raw_spin_unlock+0x24/0x40
[ 81.046343][ T8558] ? alloc_fd+0x2bc/0x640
[ 81.050706][ T8558] do_sys_openat2+0x16d/0x420
[ 81.055405][ T8558] ? build_open_flags+0x680/0x680
[ 81.060447][ T8558] __x64_sys_open+0x119/0x1c0
[ 81.065125][ T8558] ? do_sys_open+0x140/0x140
[ 81.069706][ T8558] ? __secure_computing+0x104/0x360
[ 81.074931][ T8558] do_syscall_64+0x2d/0x70
[ 81.079339][ T8558] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 81.085225][ T8558] RIP: 0033:0x7f1b6b279840
[ 81.089631][ T8558] Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24
[ 81.109260][ T8558] RSP: 002b:00007ffec8393f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 81.117699][ T8558] RAX: ffffffffffffffda RBX: 00007ffec8394098 RCX: 00007f1b6b279840
[ 81.125658][ T8558] RDX: 00007f1b6b265ea0 RSI: 0000000000000000 RDI: 00007ffec8394f1f
[ 81.133618][ T8558] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[ 81.141578][ T8558] R10: 0000000000000002 R11: 0000000000000246 R12: 000055c0ace068d0
[ 81.149538][ T8558] R13: 00007ffec8394090 R14: 0000000000000000 R15: 0000000000000000
[ 81.157524][ T8558]
[ 81.159836][ T8558] Allocated by task 8523:
[ 81.164160][ T8558] kasan_save_stack+0x1b/0x40
[ 81.168827][ T8558] ____kasan_kmalloc.constprop.0+0x7f/0xa0
[ 81.174619][ T8558] kmem_cache_alloc_trace+0x1e0/0x400
[ 81.179977][ T8558] em28xx_v4l2_init.cold+0x93/0x329d
[ 81.185253][ T8558] em28xx_init_extension+0x12f/0x1f0
[ 81.190542][ T8558] request_module_async+0x5d/0x70
[ 81.195568][ T8558] process_one_work+0x98d/0x15f0
[ 81.200497][ T8558] worker_thread+0x7da/0x1120
[ 81.205161][ T8558] kthread+0x3b1/0x4a0
[ 81.209244][ T8558] ret_from_fork+0x1f/0x30
[ 81.213687][ T8558]
[ 81.215996][ T8558] Freed by task 8523:
[ 81.219967][ T8558] kasan_save_stack+0x1b/0x40
[ 81.224703][ T8558] kasan_set_track+0x1c/0x30
[ 81.229282][ T8558] kasan_set_free_info+0x20/0x30
[ 81.234255][ T8558] ____kasan_slab_free+0xb0/0xe0
[ 81.239179][ T8558] kfree+0xed/0x270
[ 81.242981][ T8558] kref_put.isra.0+0x6f/0xa0
[ 81.247603][ T8558] em28xx_v4l2_init.cold+0x263/0x329d
[ 81.252968][ T8558] em28xx_init_extension+0x12f/0x1f0
[ 81.258246][ T8558] request_module_async+0x5d/0x70
[ 81.263286][ T8558] process_one_work+0x98d/0x15f0
[ 81.268214][ T8558] worker_thread+0x7da/0x1120
[ 81.272886][ T8558] kthread+0x3b1/0x4a0
[ 81.276952][ T8558] ret_from_fork+0x1f/0x30
[ 81.281379][ T8558]
[ 81.283714][ T8558] The buggy address belongs to the object at ffff8880367d8000
[ 81.283714][ T8558] which belongs to the cache kmalloc-16k of size 16384
[ 81.297982][ T8558] The buggy address is located 2232 bytes inside of
[ 81.297982][ T8558] 16384-byte region [ffff8880367d8000, ffff8880367dc000)
[ 81.311536][ T8558] The buggy address belongs to the page:
[ 81.317179][ T8558] page:000000001d9248b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x367d8
[ 81.327351][ T8558] head:000000001d9248b1 order:3 compound_mapcount:0 compound_pincount:0
[ 81.335690][ T8558] flags: 0xfff00000010200(slab|head)
[ 81.341006][ T8558] raw: 00fff00000010200 ffffea00004c8608 ffff888010c41c50 ffff888010c40b00
[ 81.349610][ T8558] raw: 0000000000000000 ffff8880367d8000 0000000100000001 0000000000000000
[ 81.358202][ T8558] page dumped because: kasan: bad access detected
[ 81.364619][ T8558]
[ 81.366954][ T8558] Memory state around the buggy address:
[ 81.372592][ T8558] ffff8880367d8780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 81.380668][ T8558] ffff8880367d8800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 81.388775][ T8558] >ffff8880367d8880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 81.396842][ T8558] ^
[ 81.402742][ T8558] ffff8880367d8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 81.410819][ T8558] ffff8880367d8980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 81.418911][ T8558] ==================================================================
[ 81.426971][ T8558] Disabling lock debugging due to kernel taint
[ 81.439455][ T5] em28xx 1-1:0.86: Closing input extension
[ 81.445375][ T5] em28xx 1-1:0.86: Deregistering snapshot button
[ 81.470019][ T2990] em28xx 4-1:0.86: Closing input extension
[ 81.480866][ T5] em28xx 1-1:0.86: Freeing device
[ 81.489366][ T2990] em28xx 4-1:0.86: Deregistering snapshot button
[ 81.515488][ T8558] Kernel panic - not syncing: panic_on_warn set ...
[ 81.522106][ T8558] CPU: 1 PID: 8558 Comm: v4l_id Tainted: G B 5.11.0-syzkaller #0
[ 81.531136][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 81.541194][ T8558] Call Trace:
[ 81.544458][ T8558] dump_stack+0x107/0x163
[ 81.548791][ T8558] ? v4l2_fh_init+0x1d0/0x2c0
[ 81.553453][ T8558] panic+0x306/0x73d
[ 81.557331][ T8558] ? __warn_printk+0xf3/0xf3
[ 81.561918][ T8558] ? preempt_schedule_common+0x59/0xc0
[ 81.567361][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 81.572025][ T8558] ? preempt_schedule_thunk+0x16/0x18
[ 81.577387][ T8558] ? trace_hardirqs_on+0x38/0x1c0
[ 81.582396][ T8558] ? trace_hardirqs_on+0x51/0x1c0
[ 81.587418][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 81.592094][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 81.596755][ T8558] end_report+0x58/0x5e
[ 81.600911][ T8558] kasan_report.cold+0x67/0xd5
[ 81.605658][ T8558] ? v4l2_fh_init+0x279/0x2c0
[ 81.610321][ T8558] v4l2_fh_init+0x279/0x2c0
[ 81.614808][ T8558] v4l2_fh_open+0x88/0xc0
[ 81.619124][ T8558] em28xx_v4l2_open+0x11c/0x570
[ 81.623972][ T8558] v4l2_open+0x21c/0x3f0
[ 81.628196][ T8558] ? v4l2_release+0x3b0/0x3b0
[ 81.632855][ T8558] chrdev_open+0x266/0x770
[ 81.637253][ T8558] ? cdev_device_add+0x210/0x210
[ 81.642187][ T8558] ? security_file_open+0x205/0x4f0
[ 81.647371][ T8558] do_dentry_open+0x4b9/0x11b0
[ 81.652135][ T8558] ? cdev_device_add+0x210/0x210
[ 81.657066][ T8558] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 81.663303][ T8558] ? may_open+0x1e4/0x400
[ 81.667626][ T8558] path_openat+0x1b9a/0x2730
[ 81.672201][ T8558] ? path_lookupat+0x830/0x830
[ 81.676950][ T8558] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 81.682928][ T8558] do_filp_open+0x17e/0x3c0
[ 81.687414][ T8558] ? may_open_dev+0xf0/0xf0
[ 81.691927][ T8558] ? do_raw_spin_lock+0x120/0x2b0
[ 81.696937][ T8558] ? rwlock_bug.part.0+0x90/0x90
[ 81.701877][ T8558] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 81.708115][ T8558] ? _raw_spin_unlock+0x24/0x40
[ 81.712950][ T8558] ? alloc_fd+0x2bc/0x640
[ 81.717279][ T8558] do_sys_openat2+0x16d/0x420
[ 81.721957][ T8558] ? build_open_flags+0x680/0x680
[ 81.726982][ T8558] __x64_sys_open+0x119/0x1c0
[ 81.731654][ T8558] ? do_sys_open+0x140/0x140
[ 81.736243][ T8558] ? __secure_computing+0x104/0x360
[ 81.741452][ T8558] do_syscall_64+0x2d/0x70
[ 81.745879][ T8558] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 81.751759][ T8558] RIP: 0033:0x7f1b6b279840
[ 81.756165][ T8558] Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24
[ 81.775767][ T8558] RSP: 002b:00007ffec8393f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 81.784261][ T8558] RAX: ffffffffffffffda RBX: 00007ffec8394098 RCX: 00007f1b6b279840
[ 81.792213][ T8558] RDX: 00007f1b6b265ea0 RSI: 0000000000000000 RDI: 00007ffec8394f1f
[ 81.800179][ T8558] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[ 81.808143][ T8558] R10: 0000000000000002 R11: 0000000000000246 R12: 000055c0ace068d0
[ 81.816098][ T8558] R13: 00007ffec8394090 R14: 0000000000000000 R15: 0000000000000000
[ 81.824557][ T8558] Kernel Offset: disabled
[ 81.828876][ T8558] Rebooting in 86400 seconds..