[ 86.681624][ T10] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:27847' (ED25519) to the list of known hosts.
[ 93.618512][ T5308] loop0: detected capacity change from 0 to 64
executing program
[ 93.645210][ T5308] ==================================================================
[ 93.648002][ T5308] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read+0x167/0x200
[ 93.650903][ T5308] Write of size 94 at addr ffff8880405be780 by task syz-executor197/5308
[ 93.653963][ T5308]
[ 93.654771][ T5308] CPU: 0 UID: 0 PID: 5308 Comm: syz-executor197 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[ 93.654783][ T5308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.654789][ T5308] Call Trace:
[ 93.654795][ T5308]
[ 93.654800][ T5308] dump_stack_lvl+0x241/0x360
[ 93.654820][ T5308] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.654830][ T5308] ? __pfx__printk+0x10/0x10
[ 93.654840][ T5308] ? _printk+0xd5/0x120
[ 93.654849][ T5308] ? __virt_addr_valid+0x183/0x530
[ 93.654858][ T5308] ? __virt_addr_valid+0x183/0x530
[ 93.654864][ T5308] print_report+0x16e/0x5b0
[ 93.654875][ T5308] ? __virt_addr_valid+0x183/0x530
[ 93.654884][ T5308] ? __virt_addr_valid+0x183/0x530
[ 93.654892][ T5308] ? __virt_addr_valid+0x45f/0x530
[ 93.654900][ T5308] ? __phys_addr+0xba/0x170
[ 93.654909][ T5308] ? hfs_bnode_read+0x167/0x200
[ 93.654920][ T5308] kasan_report+0x143/0x180
[ 93.654933][ T5308] ? hfs_bnode_read+0x167/0x200
[ 93.654945][ T5308] kasan_check_range+0x282/0x290
[ 93.654957][ T5308] ? hfs_bnode_read+0x167/0x200
[ 93.654967][ T5308] __asan_memcpy+0x40/0x70
[ 93.654978][ T5308] hfs_bnode_read+0x167/0x200
[ 93.654989][ T5308] hfs_bnode_read_key+0x172/0x240
[ 93.655001][ T5308] ? __pfx_hfs_bnode_read_key+0x10/0x10
[ 93.655012][ T5308] ? do_raw_spin_unlock+0x58/0x8b0
[ 93.655025][ T5308] ? hfs_bnode_put+0x1c4/0x380
[ 93.655037][ T5308] hfs_brec_insert+0x7f3/0xbd0
[ 93.655052][ T5308] ? __pfx_hfs_brec_insert+0x10/0x10
[ 93.655065][ T5308] hfs_cat_create+0x3dc/0x760
[ 93.655079][ T5308] ? __pfx_hfs_cat_create+0x10/0x10
[ 93.655094][ T5308] ? _raw_spin_unlock+0x28/0x50
[ 93.656635][ T5308] ? hfs_new_inode+0x8df/0xba0
[ 93.656651][ T5308] hfs_mkdir+0x6c/0xe0
[ 93.656664][ T5308] vfs_mkdir+0x2f9/0x4f0
[ 93.656677][ T5308] do_mkdirat+0x264/0x3a0
[ 93.656687][ T5308] ? __check_object_size+0x47a/0x730
[ 93.656701][ T5308] ? __pfx_do_mkdirat+0x10/0x10
[ 93.656709][ T5308] ? strncpy_from_user+0x146/0x270
[ 93.656719][ T5308] ? getname_flags+0x1e3/0x540
[ 93.656728][ T5308] __x64_sys_mkdir+0x6c/0x80
[ 93.656735][ T5308] do_syscall_64+0xf3/0x230
[ 93.656745][ T5308] ? clear_bhb_loop+0x35/0x90
[ 93.656754][ T5308] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.656764][ T5308] RIP: 0033:0x7f50f97bbad9
[ 93.656772][ T5308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 93.656778][ T5308] RSP: 002b:00007fffc9dc7d08 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 93.656786][ T5308] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f50f97bbad9
[ 93.656791][ T5308] RDX: 00007f50f97bbad9 RSI: 0000000000000000 RDI: 00004000000004c0
[ 93.656796][ T5308] RBP: 00007f50f982f5f0 R08: 000055556baeb4c0 R09: 000055556baeb4c0
[ 93.656800][ T5308] R10: 000055556baeb4c0 R11: 0000000000000246 R12: 00007fffc9dc7d30
[ 93.656809][ T5308] R13: 00007fffc9dc7f58 R14: 431bde82d7b634db R15: 00007f50f980403b
[ 93.656816][ T5308]
[ 93.656818][ T5308]
[ 93.772757][ T5308] Allocated by task 5308:
[ 93.774479][ T5308] kasan_save_track+0x3f/0x80
[ 93.776517][ T5308] __kasan_kmalloc+0x98/0xb0
[ 93.778490][ T5308] __kmalloc_noprof+0x285/0x4c0
[ 93.780486][ T5308] hfs_find_init+0x90/0x1f0
[ 93.782242][ T5308] hfs_cat_create+0x17f/0x760
[ 93.784029][ T5308] hfs_mkdir+0x6c/0xe0
[ 93.785634][ T5308] vfs_mkdir+0x2f9/0x4f0
[ 93.787338][ T5308] do_mkdirat+0x264/0x3a0
[ 93.788997][ T5308] __x64_sys_mkdir+0x6c/0x80
[ 93.790864][ T5308] do_syscall_64+0xf3/0x230
[ 93.792810][ T5308] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.795042][ T5308]
[ 93.795997][ T5308] The buggy address belongs to the object at ffff8880405be780
[ 93.795997][ T5308] which belongs to the cache kmalloc-96 of size 96
[ 93.801426][ T5308] The buggy address is located 0 bytes inside of
[ 93.801426][ T5308] allocated 78-byte region [ffff8880405be780, ffff8880405be7ce)
[ 93.807106][ T5308]
[ 93.808127][ T5308] The buggy address belongs to the physical page:
[ 93.810915][ T5308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x405be
[ 93.814463][ T5308] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 93.817357][ T5308] page_type: f5(slab)
[ 93.819086][ T5308] raw: 04fff00000000000 ffff88801b041280 dead000000000100 dead000000000122
[ 93.822474][ T5308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[ 93.825809][ T5308] page dumped because: kasan: bad access detected
[ 93.828255][ T5308] page_owner tracks the page as allocated
[ 93.830416][ T5308] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4740, tgid 4740 (udevadm), ts 27775161619, free_ts 27649736147
[ 93.837243][ T5308] post_alloc_hook+0x1f4/0x240
[ 93.839105][ T5308] get_page_from_freelist+0x365c/0x37a0
[ 93.841319][ T5308] __alloc_frozen_pages_noprof+0x292/0x710
[ 93.843793][ T5308] alloc_pages_mpol+0x311/0x660
[ 93.845777][ T5308] allocate_slab+0x8f/0x3a0
[ 93.847596][ T5308] ___slab_alloc+0xc27/0x14a0
[ 93.849457][ T5308] __slab_alloc+0x58/0xa0
[ 93.850875][ T5308] __kmalloc_noprof+0x2e6/0x4c0
[ 93.852807][ T5308] tomoyo_encode+0x26f/0x540
[ 93.854738][ T5308] tomoyo_realpath_from_path+0x59e/0x5e0
[ 93.857154][ T5308] tomoyo_check_open_permission+0x258/0x4f0
[ 93.859720][ T5308] security_file_open+0xac/0x250
[ 93.861833][ T5308] do_dentry_open+0x320/0x1960
[ 93.863840][ T5308] vfs_open+0x3b/0x370
[ 93.865491][ T5308] path_openat+0x2c81/0x3590
[ 93.867272][ T5308] do_filp_open+0x27f/0x4e0
[ 93.869119][ T5308] page last free pid 4740 tgid 4740 stack trace:
[ 93.871646][ T5308] free_frozen_pages+0xe0d/0x10e0
[ 93.873547][ T5308] rcu_core+0xaaa/0x17a0
[ 93.875255][ T5308] handle_softirqs+0x2d4/0x9b0
[ 93.877207][ T5308] __irq_exit_rcu+0xf7/0x220
[ 93.879006][ T5308] irq_exit_rcu+0x9/0x30
[ 93.880566][ T5308] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 93.882772][ T5308] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 93.885238][ T5308]
[ 93.886276][ T5308] Memory state around the buggy address:
[ 93.888543][ T5308] ffff8880405be680: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 93.891845][ T5308] ffff8880405be700: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 93.895105][ T5308] >ffff8880405be780: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc
[ 93.898336][ T5308] ^
[ 93.900924][ T5308] ffff8880405be800: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 93.904103][ T5308] ffff8880405be880: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 93.907175][ T5308] ==================================================================
[ 93.918974][ T5308] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 93.921716][ T5308] CPU: 0 UID: 0 PID: 5308 Comm: syz-executor197 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[ 93.925703][ T5308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.929822][ T5308] Call Trace:
[ 93.931209][ T5308]
[ 93.932422][ T5308] dump_stack_lvl+0x241/0x360
[ 93.934341][ T5308] ? __pfx_dump_stack_lvl+0x10/0x10
[ 93.936457][ T5308] ? __pfx__printk+0x10/0x10
[ 93.938142][ T5308] ? preempt_schedule+0xe1/0xf0
[ 93.940168][ T5308] ? vscnprintf+0x5d/0x90
[ 93.941976][ T5308] panic+0x349/0x880
[ 93.943713][ T5308] ? check_panic_on_warn+0x21/0xb0
[ 93.945960][ T5308] ? __pfx_panic+0x10/0x10
[ 93.947863][ T5308] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 93.950316][ T5308] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 93.952701][ T5308] ? print_report+0x519/0x5b0
[ 93.954452][ T5308] check_panic_on_warn+0x86/0xb0
[ 93.956361][ T5308] ? hfs_bnode_read+0x167/0x200
[ 93.958078][ T5308] end_report+0x77/0x160
[ 93.959666][ T5308] kasan_report+0x154/0x180
[ 93.961408][ T5308] ? hfs_bnode_read+0x167/0x200
[ 93.963427][ T5308] kasan_check_range+0x282/0x290
[ 93.965416][ T5308] ? hfs_bnode_read+0x167/0x200
[ 93.967389][ T5308] __asan_memcpy+0x40/0x70
[ 93.969108][ T5308] hfs_bnode_read+0x167/0x200
[ 93.970969][ T5308] hfs_bnode_read_key+0x172/0x240
[ 93.972911][ T5308] ? __pfx_hfs_bnode_read_key+0x10/0x10
[ 93.975060][ T5308] ? do_raw_spin_unlock+0x58/0x8b0
[ 93.977199][ T5308] ? hfs_bnode_put+0x1c4/0x380
[ 93.979004][ T5308] hfs_brec_insert+0x7f3/0xbd0
[ 93.981005][ T5308] ? __pfx_hfs_brec_insert+0x10/0x10
[ 93.983220][ T5308] hfs_cat_create+0x3dc/0x760
[ 93.985150][ T5308] ? __pfx_hfs_cat_create+0x10/0x10
[ 93.987157][ T5308] ? _raw_spin_unlock+0x28/0x50
[ 93.989083][ T5308] ? hfs_new_inode+0x8df/0xba0
[ 93.991072][ T5308] hfs_mkdir+0x6c/0xe0
[ 93.992875][ T5308] vfs_mkdir+0x2f9/0x4f0
[ 93.994696][ T5308] do_mkdirat+0x264/0x3a0
[ 93.996577][ T5308] ? __check_object_size+0x47a/0x730
[ 93.998766][ T5308] ? __pfx_do_mkdirat+0x10/0x10
[ 94.000887][ T5308] ? strncpy_from_user+0x146/0x270
[ 94.003000][ T5308] ? getname_flags+0x1e3/0x540
[ 94.004992][ T5308] __x64_sys_mkdir+0x6c/0x80
[ 94.006960][ T5308] do_syscall_64+0xf3/0x230
[ 94.008855][ T5308] ? clear_bhb_loop+0x35/0x90
[ 94.010838][ T5308] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.013224][ T5308] RIP: 0033:0x7f50f97bbad9
[ 94.015033][ T5308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 94.022787][ T5308] RSP: 002b:00007fffc9dc7d08 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 94.026139][ T5308] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f50f97bbad9
[ 94.029224][ T5308] RDX: 00007f50f97bbad9 RSI: 0000000000000000 RDI: 00004000000004c0
[ 94.032396][ T5308] RBP: 00007f50f982f5f0 R08: 000055556baeb4c0 R09: 000055556baeb4c0
[ 94.035263][ T5308] R10: 000055556baeb4c0 R11: 0000000000000246 R12: 00007fffc9dc7d30
[ 94.038138][ T5308] R13: 00007fffc9dc7f58 R14: 431bde82d7b634db R15: 00007f50f980403b
[ 94.041149][ T5308]
[ 94.042722][ T5308] Kernel Offset: disabled
[ 94.044498][ T5308] Rebooting in 86400 seconds..
VM DIAGNOSIS:
17:54:29 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000033 RBX=ffffffff9a999100 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000d27f090
R8 =ffffffff858430fb R9 =1ffff11003e1d046 R10=dffffc0000000000 R11=ffffffff858430b0
R12=dffffc0000000000 R13=0000000000000033 R14=0000000000000033 R15=00000000000003f8
RIP=ffffffff8584312e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055556baea380 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe1ae79d54 CR3=00000000442c0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffffff Opmask01=0000000000000006 Opmask02=0000000000000007 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9dc7300 00007fffc9dc72e0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9dc7440 00007fffc9dc72c0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f50f9820544 00007f50f9834240
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9dc7300
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9dc7440
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9dc7440 00007fffc9dc72c0
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9dc7300 00007fffc9dc72e0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000736668
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000