null pointer dereference in uvcvideo

This change was made by a bot.

To be clear, the line below (taken from the longer log output above) was not due to me physically disconnecting the camera. I disconnected it after capturing the kernel log.

[ 938.125745] usb 3-3: USB disconnect, device number 5

Would it be possible for you to test the latest upstream kernel? Refer
to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest
v5.1-2 kernel[1].

If this bug is fixed in the mainline kernel, please add the following
tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag:
'kernel-bug-exists-upstream'.

Once testing of the upstream kernel is complete, please mark this bug as
"Confirmed".

Thanks in advance.

[1] https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.1.2/

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

I know this is closed but I've been having this same issue for months as well. In fact I tried a different webcam from a different vendor and I see the same behaviour.

Linux 5.8.18-200.fc32.x86_64 #1 SMP Mon Nov 2 19:49:11 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Just adding this for the record, thanks.

Update on this. Pretty sure I managed to find the line in the kernel triggering this. I've submitted a PR to the kernel USB maintainers. Hopefully tested and merged soon.

https://github.com/torvalds/linux/commit/a40519014549f60969c8e67a2fd91426db05fe04

Hi John,
thanks for the fix!
Let's wait for some good news.

Update again.
The kernel maintainers have been helpful but prefer NULL checking to be done in the drivers, not in the kernel. I've explored further with some test builds and it turns out the NULL is actually on the dev config interfaces (usb.c:281 current line). During initialization the Logitech C920 sometimes unplugs/deactivates itself. Apparently many Logitech models do this if you search the issue - Windows included. Shame to have such a great quality camera paired with such subpar firmware.

Anyway I'm trying fix uvc_driver.c to verify devices are still plugged in before calling usb_ifnum_to_if. It won't fix webcams or devices that unplug themselves (or get unplugged) during initialization but it will protect the USB subsystem so you can plug it back in again.

Hi latest on this. I've played with about 50 custom kernel patches here and I can see exactly what happens. When uvcvideo looks for webcam devices it finds a perfectly healthy idle webcam on the USB hub (even built-in hub). Then when it starts a stream the webcam obviously requires more power. I've seen this with multiple webcam vendors and a cheap USB extension cable.

The device initializes and then disconnects when it sometimes decides it needs more power. It disconnects via interrupt even though the comments in hub.c:usb_disconnect say "This call is synchronous, and may not be used in an interrupt context." Disconnect usually occurs during uvc_parse_vendor_control, setting all interfaces in the device to NULL just as usb_ifnum_to_if expects it to NOT be NULL implicitly. In the end an active USB HUB or better cable should fix this but IoT field devices and small Raspberry Pi SBCs often don't have that luxury.

I've submitted two options to the kernel maintainers to fix this. One was rejected and one was ignored.

1) usb.c:usb_ifnum_to_if checking NULL before dereferencing interfaces, which would fix this at the usbcore level (which is where the interrupt actually is anyway). This was rejected saying it should be fixed in the driver.

2) uvc_driver.c:uvc_parse_standard_control sleep a few ms (10 or so) to give a device time to decide if it wants to disconnect before proceeding in usb_ifnum_to_if. A device lock would be ideal but I'm still not sure what the best locking strategy would be or if this is the only place it would be required. This inquiry to the uvcvideo maintainers was ignored.

Sorry folks I can't seem to get much traction. A simple patch to usb.c preserves usbcore to avoid wiping out the whole usb subsystem during an error but that's not the ideal fix. I'm guessing the kernel maintainers have heard piles of these issues already and can't/don't care for a universal fix.

For what it's worth, as a dev who's spent plenty of time hacking the kernel in a prior job, I really appreciate the effort. Hopefully it won't be completely in vain.

The maintainer merely wants to see the stack trace...

I shared the stack trace. Was there a reply somewhere I didn't get? Is it on lkms? Link?

With UVC trace on:
[ 638.729455] uvcvideo: uvc_v4l2_open
[ 638.824646] uvcvideo: Resuming interface 0
[ 638.824648] uvcvideo: Resuming interface 1
[ 638.825644] uvcvideo: uvc_v4l2_release
[ 638.898089] uvcvideo: uvc_v4l2_open
[ 638.925805] uvcvideo: Trying format 0x56595559 (YUYV): 1280x720.
[ 638.925807] uvcvideo: Using default frame interval 100000.0 us (10.0 fps).
[ 638.946272] uvcvideo: Trying format 0x56595559 (YUYV): 1280x720.
[ 638.946273] uvcvideo: Using default frame interval 100000.0 us (10.0 fps).
[ 638.946549] uvcvideo: Setting frame interval to 1/10 (1000000).
[ 638.946825] uvcvideo: Control 0x00980927 not found.
[ 638.947000] uvcvideo: Control 0x00980927 not found.
[ 638.949080] uvcvideo: Device requested 2688 B/frame bandwidth.
[ 638.949082] uvcvideo: Selecting alternate setting 10 (2688 B/frame bandwidth).
[ 639.102943] uvcvideo: Allocated 5 URB buffers of 32x2688 bytes each.
[ 639.205221] uvcvideo: Control 3/4 value change len 7.
[ 639.357674] uvcvideo: uvc_v4l2_release
[ 639.358800] uvcvideo: uvc_v4l2_open
[ 639.379511] uvcvideo: Trying format 0x56595559 (YUYV): 1280x720.
[ 639.379514] uvcvideo: Using default frame interval 100000.0 us (10.0 fps).
[ 639.466691] uvcvideo: Trying format 0x56595559 (YUYV): 1280x720.
[ 639.466694] uvcvideo: Using default frame interval 100000.0 us (10.0 fps).
[ 639.466986] uvcvideo: Setting frame interval to 1/10 (1000000).
[ 639.467269] uvcvideo: Control 0x00980927 not found.
[ 639.467403] uvcvideo: Control 0x00980927 not found.
[ 639.469801] uvcvideo: Device requested 2688 B/frame bandwidth.
[ 639.469804] uvcvideo: Selecting alternate setting 10 (2688 B/frame bandwidth).
[ 639.476133] usb 3-4: USB disconnect, device number 3
[ 644.565643] BUG: kernel NULL pointer dereference, address: 0000000000000000
[ 644.565648] #PF: supervisor read access in kernel mode
[ 644.565651] #PF: error_code(0x0000) - not-present page
[ 644.565653] PGD 0 P4D 0
[ 644.565658] Oops: 0000 [#1] SMP PTI
[ 644.565662] CPU: 34 PID: 31130 Comm: v4l2src1:src Tainted: P S OE 5.9.8-100.fc32.x86_64 #1
[ 644.565665] Hardware name: Hewlett-Packard HP Z640 Workstation/212A, BIOS M60 v02.54 06/12/2020
[ 644.565673] RIP: 0010:usb_ifnum_to_if+0x3a/0x50
[ 644.565677] Code: 34 41 0f b6 50 04 84 d2 74 2f 83 ea 01 49 8d 80 98 00 00 00 49 8d 8c d0 a0 00 00 00 eb 09 48 83 c0 08 48 39 c8 74 12 4c 8b 00 <49> 8b 10 0f b6 52 02 39 f2 75 e9 4c 89 c0 c3 45 31 c0 4c 89 c0 c3
[ 644.565679] RSP: 0018:ffffb41c097ffbc8 EFLAGS: 00010206
[ 644.565682] RAX: ffff89b9783d7098 RBX: 0000000000000000 RCX: ffff89b9783d70b8
[ 644.565684] RDX: 0000000000000003 RSI: 0000000000000001 RDI: ffff89b97b55d800
[ 644.565686] RBP: ffff89b9704db398 R08: 0000000000000000 R09: ffffffff8fbce608
[ 644.565688] R10: 0000000000023411 R11: 0000000000000000 R12: ffff89b9704db398
[ 644.565690] R13: ffff89b97b55d800 R14: ffff89b97b55d800 R15: ffff89b9882a0000
[ 644.565694] FS: 00007f8d0bfff700(0000) GS:ffff89b98fc80000(0000) knlGS:0000000000000000
[ 644.565696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 644.565698] CR2: 00...

https://<email address hidden>/

Just attach the full dmesg for maintainers to debug.

Yes this was the original thread. Alan was helpful and responsive but in the end he suggested I contact the uvcvideo maintainers which I did and got nowhere.

https://<email address hidden>/#t

The 2nd patch was to uvcvideo maintainers Laurent Pinchart and <email address hidden> and isn't archived. Maybe it never got through?

There it is: https://lore.kernel.org<email address hidden>/

Please test this patch.

Only compile tested.

Can someone please test it?

Thanks I will test as soon as I get some time (weekend). I have to hook up my shoddy tester USB cable and compile a fresh kernel but in the meantime trying to get business wrapped up before holidays.

Thanks I finally managed to set up the same test cable and give this patch a go. I still see the same error - third attempt in the trace attached. I'm still of the opinion that this would need to be fixed in usbcore.

@kaihengfeng
The usb disconnect comes directly via interrupt. Execution doesn't hit uvc_disconnect and this patch has no effect. :/

Well, it should.

And I get it all wrong. I thought there's a race, but the NULL pointer dereference actually happened long after the disconnect.

Test take 2.

Can someone please test the patch in #23?

Sorry I've been reluctant to test it since that code block is never even hit during the issue.

I am pretty sure it's called.

Can someone else try it?

I read at [1] about the issue.

@kaihengfeng, I suggest to send the patch upstream for review even with no tests. Maybe there will be testers on the Linux kernel mailing list.

[1]: https://etbe.coker.com.au/2022/01/09/video-conferencing-lca/

Sorry this only seems reproducible in a scenario a USB switch or cable that
doesn't support enough amps for the device. Any device or webcam which
overloads its power supply and then disconnects during UVC initialization
will disconnect itself during a critical period in the kernel where an
interrupt is not expected. The interrupt will trigger an unexpected
disconnect and crash the USB module. The patch was rejected for this by
the USB module maintainers.

JohnnyB

On Sat, Jan 15, 2022 at 2:55 PM Paul Menzel <email address hidden>
wrote:

> I read at [1] about the issue.
>
> @kaihengfeng, I suggest to send the patch upstream for review even with
> no tests. Maybe there will be testers on the Linux kernel mailing list.
>
> [1]: https://etbe.coker.com.au/2022/01/09/video-conferencing-lca/
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1827452
>
> Title:
> null pointer dereference in uvcvideo
>
> Status in linux package in Ubuntu:
> Expired
>
> Bug description:
> I have a logitech c920 webcam. When using this camera in obs-studio
> v23.x, all of my USB devices stop working and I see the following in
> my kernel log:
>
> [ 590.282211] usb 3-3: new high-speed USB device number 5 using xhci_hcd
> [ 592.660916] usb 3-3: New USB device found, idVendor=046d,
> idProduct=082d, bcdDevice= 0.11
> [ 592.660922] usb 3-3: New USB device strings: Mfr=0, Product=2,
> SerialNumber=1
> [ 592.660925] usb 3-3: Product: HD Pro Webcam C920
> [ 592.660928] usb 3-3: SerialNumber: 2EAD866F
> [ 592.664600] uvcvideo: Found UVC 1.00 device HD Pro Webcam C920
> (046d:082d)
> [ 592.666416] uvcvideo 3-3:1.0: Entity type for entity Processing 3 was
> not initialized!
> [ 592.666421] uvcvideo 3-3:1.0: Entity type for entity Extension 6 was
> not initialized!
> [ 592.666425] uvcvideo 3-3:1.0: Entity type for entity Extension 12 was
> not initialized!
> [ 592.666428] uvcvideo 3-3:1.0: Entity type for entity Camera 1 was not
> initialized!
> [ 592.666430] uvcvideo 3-3:1.0: Entity type for entity Extension 8 was
> not initialized!
> [ 592.666433] uvcvideo 3-3:1.0: Entity type for entity Extension 9 was
> not initialized!
> [ 592.666436] uvcvideo 3-3:1.0: Entity type for entity Extension 10 was
> not initialized!
> [ 592.666439] uvcvideo 3-3:1.0: Entity type for entity Extension 11 was
> not initialized!
> [ 592.666622] input: HD Pro Webcam C920 as
> /devices/pci0000:00/0000:00:14.0/usb3/3-3/3-3:1.0/input/input23
> [ 748.490453] usb 3-3: reset high-speed USB device number 5 using
> xhci_hcd
> [ 938.125745] usb 3-3: USB disconnect, device number 5
> [ 943.298530] BUG: unable to handle kernel NULL pointer dereference at
> 0000000000000000
> [ 943.298533] #PF error: [normal kernel read fault]
> [ 943.298534] PGD 80000007ca5f3067 P4D 80000007ca5f3067 PUD 0
> [ 943.298536] Oops: 0000 [#1] SMP PTI
> [ 943.298538] CPU: 0 PID: 9442 Comm: libobs: graphic Tainted: P
> OE 5.0.0-13-generic #14-Ubuntu
> [ 943.298539] Hardware name: Gigabyte Technology Co., Ltd.
> Z87-HD3/Z87-HD3, BIOS F7 01/20/2014
> [ 943.298543] RIP: ...

I wasn't aware that I could change the status of this bug. It's clear to me from the comments above that others have observed it, so I've gone ahead and switched it from "Expired" to "Confirmed."

Benjamin,

Can you please test my patch in comment #23? Thanks in advance.

Unfortunately at the moment I no longer have access to a box that's running Ubuntu (or any linux) on bare metal. I suppose I can give it a try with USB passthrough in a VM over the weekend, perhaps?

Also it's been ages since I've built and booted a custom kernel. Does Ubuntu have an easy method for building a patched kernel w/ official config, or is it just like it always was - clone source tree, etc?

Ah, I suppose I could try booting off of a Live USB.

It'd be a fair amount of effort, but if you're looking for a more reliable test jig, you might try using a Teensy 2.0++ or similar. They've been used in the past for similar purposes (e.g. https://fail0verflow.com/blog/2014/hubcap-chromecast-root-pt1/), as they allow very low-level access to their USB interface.

And one more tool that might help you get a more reliable repro: https://github.com/HexHive/USBFuzz - likely would need modification to target this specific problem, however. More details here: https://www.usenix.org/conference/usenixsecurity20/presentation/peng

Sorry I kept the thin USB extension cable that I used to reproduce this. I
will try the patch in #23 over the next week or so when I can find time. I
still don't think it will have any effect though as the issue seems to be
in usbcore. Happy to see once and for all.

John

On Tue, Jan 18, 2022 at 5:25 AM Benjamin Burns <email address hidden>
wrote:

> And one more tool that might help you get a more reliable repro:
> https://github.com/HexHive/USBFuzz - likely would need modification to
> target this specific problem, however. More details here:
> https://www.usenix.org/conference/usenixsecurity20/presentation/peng
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1827452
>
> Title:
> null pointer dereference in uvcvideo
>
> Status in linux package in Ubuntu:
> Confirmed
>
> Bug description:
> I have a logitech c920 webcam. When using this camera in obs-studio
> v23.x, all of my USB devices stop working and I see the following in
> my kernel log:
>
> [ 590.282211] usb 3-3: new high-speed USB device number 5 using xhci_hcd
> [ 592.660916] usb 3-3: New USB device found, idVendor=046d,
> idProduct=082d, bcdDevice= 0.11
> [ 592.660922] usb 3-3: New USB device strings: Mfr=0, Product=2,
> SerialNumber=1
> [ 592.660925] usb 3-3: Product: HD Pro Webcam C920
> [ 592.660928] usb 3-3: SerialNumber: 2EAD866F
> [ 592.664600] uvcvideo: Found UVC 1.00 device HD Pro Webcam C920
> (046d:082d)
> [ 592.666416] uvcvideo 3-3:1.0: Entity type for entity Processing 3 was
> not initialized!
> [ 592.666421] uvcvideo 3-3:1.0: Entity type for entity Extension 6 was
> not initialized!
> [ 592.666425] uvcvideo 3-3:1.0: Entity type for entity Extension 12 was
> not initialized!
> [ 592.666428] uvcvideo 3-3:1.0: Entity type for entity Camera 1 was not
> initialized!
> [ 592.666430] uvcvideo 3-3:1.0: Entity type for entity Extension 8 was
> not initialized!
> [ 592.666433] uvcvideo 3-3:1.0: Entity type for entity Extension 9 was
> not initialized!
> [ 592.666436] uvcvideo 3-3:1.0: Entity type for entity Extension 10 was
> not initialized!
> [ 592.666439] uvcvideo 3-3:1.0: Entity type for entity Extension 11 was
> not initialized!
> [ 592.666622] input: HD Pro Webcam C920 as
> /devices/pci0000:00/0000:00:14.0/usb3/3-3/3-3:1.0/input/input23
> [ 748.490453] usb 3-3: reset high-speed USB device number 5 using
> xhci_hcd
> [ 938.125745] usb 3-3: USB disconnect, device number 5
> [ 943.298530] BUG: unable to handle kernel NULL pointer dereference at
> 0000000000000000
> [ 943.298533] #PF error: [normal kernel read fault]
> [ 943.298534] PGD 80000007ca5f3067 P4D 80000007ca5f3067 PUD 0
> [ 943.298536] Oops: 0000 [#1] SMP PTI
> [ 943.298538] CPU: 0 PID: 9442 Comm: libobs: graphic Tainted: P
> OE 5.0.0-13-generic #14-Ubuntu
> [ 943.298539] Hardware name: Gigabyte Technology Co., Ltd.
> Z87-HD3/Z87-HD3, BIOS F7 01/20/2014
> [ 943.298543] RIP: 0010:usb_ifnum_to_if+0x24/0x60
> [ 943.298544] Code: ff c3 0f 1f 40 00 0f 1f 44 00 00 55 48 8b 87 c0 03
> 00 00 48 89 e5 48 85 c0 74 43 0f b6 48 04 84 c9 74 39 48 8b 90 9...

The issue is that uvc_disconnect() set the USB intf to NULL, but still kept the uvcvideo device registered, hence a NULL pointer deference happens afterward.

If you encounter uvc_disconnect then you may have a different issue
than I do. I can clearly see via debugging that uvc_disconnect is
never reached. In my case the disconnect is happening in
usb/core/hub.c:usb_disconnect. The comment on top if this function
says "This call is synchronous, and may not be used in an interrupt
context" though I can clearly see that during uvc initialization it is
being triggered by interrupt (the device disconnecting itself). So
the disconnect comes unexpectedly via interrupt from hub, not from
uvc_video. Maybe there are two separate issues?

https://github.com/torvalds/linux/blob/99613159ad749543621da8238acf1a122880144e/drivers/usb/core/hub.c#L2263
*pdev = NULL;

On Tue, Jan 18, 2022 at 2:50 PM Kai-Heng Feng
<email address hidden> wrote:
>
> The issue is that uvc_disconnect() set the USB intf to NULL, but still
> kept the uvcvideo device registered, hence a NULL pointer deference
> happens afterward.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1827452
>
> Title:
> null pointer dereference in uvcvideo
>
> Status in linux package in Ubuntu:
> Confirmed
>
> Bug description:
> I have a logitech c920 webcam. When using this camera in obs-studio
> v23.x, all of my USB devices stop working and I see the following in
> my kernel log:
>
> [ 590.282211] usb 3-3: new high-speed USB device number 5 using xhci_hcd
> [ 592.660916] usb 3-3: New USB device found, idVendor=046d, idProduct=082d, bcdDevice= 0.11
> [ 592.660922] usb 3-3: New USB device strings: Mfr=0, Product=2, SerialNumber=1
> [ 592.660925] usb 3-3: Product: HD Pro Webcam C920
> [ 592.660928] usb 3-3: SerialNumber: 2EAD866F
> [ 592.664600] uvcvideo: Found UVC 1.00 device HD Pro Webcam C920 (046d:082d)
> [ 592.666416] uvcvideo 3-3:1.0: Entity type for entity Processing 3 was not initialized!
> [ 592.666421] uvcvideo 3-3:1.0: Entity type for entity Extension 6 was not initialized!
> [ 592.666425] uvcvideo 3-3:1.0: Entity type for entity Extension 12 was not initialized!
> [ 592.666428] uvcvideo 3-3:1.0: Entity type for entity Camera 1 was not initialized!
> [ 592.666430] uvcvideo 3-3:1.0: Entity type for entity Extension 8 was not initialized!
> [ 592.666433] uvcvideo 3-3:1.0: Entity type for entity Extension 9 was not initialized!
> [ 592.666436] uvcvideo 3-3:1.0: Entity type for entity Extension 10 was not initialized!
> [ 592.666439] uvcvideo 3-3:1.0: Entity type for entity Extension 11 was not initialized!
> [ 592.666622] input: HD Pro Webcam C920 as /devices/pci0000:00/0000:00:14.0/usb3/3-3/3-3:1.0/input/input23
> [ 748.490453] usb 3-3: reset high-speed USB device number 5 using xhci_hcd
> [ 938.125745] usb 3-3: USB disconnect, device number 5
> [ 943.298530] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
> [ 943.298533] #PF error: [normal kernel read fault]
> [ 943.298534] PGD 80000007ca5f3067 P4D 80000007ca5f3067 PUD 0
> [ 943.298536] Oops: 0000 [#1] SMP PTI
> [ 943.298538] CPU: 0 PID: 9442 Comm: libobs: graphic Tainted: P OE 5.0.0-13-generic #14-Ubunt...

Can you attach ftrace dump here?

$ sudo trace-cmd record -p function --module uvcvideo

I've seen this on 5.19.9 as well (not Ubuntu, NixOS 22.05). I thought it's interesting as well.

My setup is a Logitech BRIO camera connected to a USB3 hub, connected to a LG display, connected via USB-C to my laptop. The issue happened (I think) when plugging in the camera into the USB hub.

[91105.117569] usb 3-6.1.3: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[91105.117574] usb 3-6.1.3: Product: USB-Serial Controller D
[91105.117576] usb 3-6.1.3: Manufacturer: Prolific Technology Inc.
[91105.126255] pl2303 3-6.1.3:1.0: pl2303 converter detected
[91105.127474] usb 3-6.1.3: pl2303 converter now attached to ttyUSB0
[91108.797780] BUG: kernel NULL pointer dereference, address: 0000000000000000
[91108.797787] #PF: supervisor read access in kernel mode
[91108.797790] #PF: error_code(0x0000) - not-present page
[91108.797793] PGD 0 P4D 0
[91108.797797] Oops: 0000 [#1] PREEMPT SMP NOPTI
[91108.797801] CPU: 6 PID: 80084 Comm: ThreadPoolSingl Tainted: G O 5.19.9 #1-NixOS
[91108.797806] Hardware name: TUXEDO TUXEDO Book XP14 Gen12/NV4XMB,ME,MZ, BIOS 1.07.14RTR1 08/24/2021
[91108.797808] RIP: 0010:usb_ifnum_to_if+0x3a/0x60 [usbcore]
[91108.797824] Code: 34 41 0f b6 50 04 84 d2 74 33 83 ea 01 49 8d 80 98 00 00 00 49 8d 8c d0 a0 00 00 00 eb 09 48 83 c0 08 48 39 c8 74 16 4c 8b 00 <49> 8b 10 0f b6 52 02 39 f2 75 e9 4c 89 c0 c3 cc cc cc cc 45 31 c0
[91108.797826] RSP: 0018:ffffa54807acfbb0 EFLAGS: 00010206
[91108.797829] RAX: ffff92881be64c98 RBX: 0000000000000000 RCX: ffff92881be64cc8
[91108.797831] RDX: 0000000000000005 RSI: 0000000000000001 RDI: ffff9287d09c9000
[91108.797832] RBP: ffff92881be66920 R08: 0000000000000000 R09: 000000008015000c
[91108.797834] R10: 0000000000000000 R11: 0000000000000000 R12: ffff92881be62c00
[91108.797835] R13: ffff92881be66920 R14: ffff9287d09c9000 R15: ffff9287c4ebe000
[91108.797836] FS: 00007f444d99f640(0000) GS:ffff928f51580000(0000) knlGS:0000000000000000
[91108.797838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[91108.797840] CR2: 0000000000000000 CR3: 000000040ecc2005 CR4: 0000000000770ee0
[91108.797842] PKRU: 55555554
[91108.797843] Call Trace:
[91108.797845] <TASK>
[91108.797847] usb_hcd_alloc_bandwidth+0x245/0x370 [usbcore]
[91108.797862] usb_set_interface+0x127/0x360 [usbcore]
[91108.797877] uvc_video_start_transfer+0x181/0x4d0 [uvcvideo]
[91108.797883] uvc_video_start_streaming+0x7f/0xe0 [uvcvideo]
[91108.797889] uvc_start_streaming+0x2d/0xe0 [uvcvideo]
[91108.797895] vb2_start_streaming+0x60/0x100 [videobuf2_common]
[91108.797901] vb2_core_streamon+0x5c/0xd0 [videobuf2_common]
[91108.797905] uvc_queue_streamon+0x2a/0x50 [uvcvideo]
[91108.797910] uvc_ioctl_streamon+0x3a/0x60 [uvcvideo]
[91108.797915] __video_do_ioctl+0x19c/0x3f0 [videodev]
[91108.797927] ? mmap_region+0x281/0x600
[91108.797933] video_usercopy+0x171/0x710 [videodev]
[91108.797942] ? v4l_print_control+0x20/0x20 [videodev]
[91108.797951] v4l2_ioctl+0x46/0x50 [videodev]
[91108.797959] __x64_sys_ioctl+0x87/0xc0
[91108.797963] do_syscall_64+0x38/0x90
[91108.797968] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[91108.797972] RIP: 0033:0x7f44611e1e37
[91108.797975] Code: ff ff 48 89 d8 5b 5d 41 5c c3 6...