[ 86.687087][ T58] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:56216' (ED25519) to the list of known hosts.
executing program
[ 114.740843][ T5318] loop0: detected capacity change from 0 to 4096
[ 114.792783][ T5318] syz-executor263 (5318) used greatest stack depth: 18352 bytes left
executing program
[ 114.872234][ T5319] loop0: detected capacity change from 0 to 4096
executing program
[ 114.983124][ T5320] loop0: detected capacity change from 0 to 4096
executing program
[ 115.091663][ T5321] loop0: detected capacity change from 0 to 4096
executing program
[ 115.208292][ T5322] loop0: detected capacity change from 0 to 4096
executing program
[ 115.334041][ T5323] loop0: detected capacity change from 0 to 4096
executing program
[ 115.507036][ T5324] loop0: detected capacity change from 0 to 4096
[ 115.581616][ T1033] ==================================================================
[ 115.584875][ T1033] BUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xc1/0xd0
[ 115.588003][ T1033] Write of size 4 at addr ffffc9000d08e340 by task kworker/u4:5/1033
[ 115.591885][ T1033]
[ 115.592871][ T1033] CPU: 0 UID: 0 PID: 1033 Comm: kworker/u4:5 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[ 115.592885][ T1033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 115.592893][ T1033] Workqueue: loop0 loop_rootcg_workfn
[ 115.592908][ T1033] Call Trace:
[ 115.592915][ T1033]
[ 115.592921][ T1033] dump_stack_lvl+0x241/0x360
[ 115.592934][ T1033] ? __pfx_dump_stack_lvl+0x10/0x10
[ 115.592944][ T1033] ? __pfx__printk+0x10/0x10
[ 115.592954][ T1033] ? _printk+0xd5/0x120
[ 115.592963][ T1033] print_report+0x16e/0x5b0
[ 115.592975][ T1033] ? wake_bit_function+0xee/0x220
[ 115.592989][ T1033] ? __virt_addr_valid+0xbd/0x530
[ 115.592999][ T1033] ? end_buffer_read_sync+0xc1/0xd0
[ 115.593012][ T1033] kasan_report+0x143/0x180
[ 115.593024][ T1033] ? end_buffer_read_sync+0xc1/0xd0
[ 115.593037][ T1033] kasan_check_range+0x282/0x290
[ 115.593050][ T1033] ? __pfx_end_buffer_read_sync+0x10/0x10
[ 115.593062][ T1033] end_buffer_read_sync+0xc1/0xd0
[ 115.593074][ T1033] end_bio_bh_io_sync+0xbf/0x120
[ 115.593083][ T1033] blk_update_request+0x5e5/0x1160
[ 115.593102][ T1033] blk_mq_end_request+0x3e/0x70
[ 115.593114][ T1033] loop_process_work+0x1bc8/0x21c0
[ 115.593134][ T1033] ? __pfx_loop_process_work+0x10/0x10
[ 115.593144][ T1033] ? register_lock_class+0x102/0x980
[ 115.593159][ T1033] ? __pfx_register_lock_class+0x10/0x10
[ 115.593175][ T1033] ? mark_lock+0x9a/0x360
[ 115.593184][ T1033] ? debug_object_deactivate+0x2d5/0x390
[ 115.593199][ T1033] ? __lock_acquire+0x1397/0x2100
[ 115.593213][ T1033] ? do_raw_spin_unlock+0x58/0x8b0
[ 115.593228][ T1033] ? __pfx_lock_acquire+0x10/0x10
[ 115.593240][ T1033] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 115.593254][ T1033] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 115.593268][ T1033] ? process_scheduled_works+0x9c6/0x18e0
[ 115.593280][ T1033] process_scheduled_works+0xabe/0x18e0
[ 115.593298][ T1033] ? __pfx_process_scheduled_works+0x10/0x10
[ 115.593311][ T1033] ? assign_work+0x364/0x3d0
[ 115.593322][ T1033] worker_thread+0x870/0xd30
[ 115.593336][ T1033] ? __kthread_parkme+0x169/0x1d0
[ 115.593349][ T1033] ? __pfx_worker_thread+0x10/0x10
[ 115.593361][ T1033] kthread+0x7a9/0x920
[ 115.593368][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.593376][ T1033] ? __pfx_worker_thread+0x10/0x10
[ 115.593388][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.593395][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.593403][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.593411][ T1033] ? _raw_spin_unlock_irq+0x23/0x50
[ 115.593470][ T1033] ? lockdep_hardirqs_on+0x99/0x150
[ 115.593483][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.593492][ T1033] ret_from_fork+0x4b/0x80
[ 115.593504][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.593512][ T1033] ret_from_fork_asm+0x1a/0x30
[ 115.593526][ T1033]
[ 115.593530][ T1033]
[ 115.702038][ T1033] The buggy address belongs to the virtual mapping at
[ 115.702038][ T1033] [ffffc9000d088000, ffffc9000d091000) created by:
[ 115.702038][ T1033] copy_process+0x5d1/0x3cf0
[ 115.708703][ T1033]
[ 115.709743][ T1033] The buggy address belongs to the physical page:
[ 115.712331][ T1033] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x36c44
[ 115.716111][ T1033] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 115.718896][ T1033] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 115.722294][ T1033] raw: ffff888000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 115.725576][ T1033] page dumped because: kasan: bad access detected
[ 115.727953][ T1033] page_owner tracks the page as allocated
[ 115.730159][ T1033] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5317, tgid 5317 (syz-executor263), ts 114695490715, free_ts 114694660148
[ 115.737852][ T1033] post_alloc_hook+0x1f4/0x240
[ 115.739788][ T1033] get_page_from_freelist+0x365c/0x37a0
[ 115.742045][ T1033] __alloc_frozen_pages_noprof+0x292/0x710
[ 115.744449][ T1033] alloc_pages_mpol+0x311/0x660
[ 115.746455][ T1033] alloc_pages_noprof+0x121/0x190
[ 115.748538][ T1033] __vmalloc_node_range_noprof+0x9c6/0x1380
[ 115.750971][ T1033] dup_task_struct+0x444/0x8c0
[ 115.752910][ T1033] copy_process+0x5d1/0x3cf0
[ 115.754739][ T1033] kernel_clone+0x226/0x8e0
[ 115.756543][ T1033] __x64_sys_clone+0x267/0x2e0
[ 115.758513][ T1033] do_syscall_64+0xf3/0x230
[ 115.760481][ T1033] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 115.762905][ T1033] page last free pid 17 tgid 17 stack trace:
[ 115.765349][ T1033] free_frozen_pages+0xe0d/0x10e0
[ 115.767496][ T1033] __tlb_remove_table+0x33c/0x420
[ 115.769684][ T1033] tlb_remove_table_rcu+0x76/0xf0
[ 115.771778][ T1033] rcu_core+0xaaa/0x17a0
[ 115.773588][ T1033] handle_softirqs+0x2d4/0x9b0
[ 115.775627][ T1033] run_ksoftirqd+0xca/0x130
[ 115.777541][ T1033] smpboot_thread_fn+0x544/0xa30
[ 115.779593][ T1033] kthread+0x7a9/0x920
[ 115.781276][ T1033] ret_from_fork+0x4b/0x80
[ 115.783119][ T1033] ret_from_fork_asm+0x1a/0x30
[ 115.785083][ T1033]
[ 115.786099][ T1033] Memory state around the buggy address:
[ 115.788401][ T1033] ffffc9000d08e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 115.791708][ T1033] ffffc9000d08e280: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 f2
[ 115.794938][ T1033] >ffffc9000d08e300: f2 f2 f2 f2 04 f2 00 f2 f2 f2 00 00 f3 f3 f3 f3
[ 115.798144][ T1033] ^
[ 115.800608][ T1033] ffffc9000d08e380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 115.803870][ T1033] ffffc9000d08e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 115.807129][ T1033] ==================================================================
[ 115.839969][ T1033] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 115.842894][ T1033] CPU: 0 UID: 0 PID: 1033 Comm: kworker/u4:5 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[ 115.847003][ T1033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 115.851240][ T1033] Workqueue: loop0 loop_rootcg_workfn
[ 115.853488][ T1033] Call Trace:
[ 115.854899][ T1033]
[ 115.856130][ T1033] dump_stack_lvl+0x241/0x360
[ 115.858106][ T1033] ? __pfx_dump_stack_lvl+0x10/0x10
[ 115.860219][ T1033] ? __pfx__printk+0x10/0x10
[ 115.862110][ T1033] ? preempt_schedule+0xe1/0xf0
[ 115.864085][ T1033] ? vscnprintf+0x5d/0x90
[ 115.865850][ T1033] panic+0x349/0x880
[ 115.867433][ T1033] ? check_panic_on_warn+0x21/0xb0
[ 115.869591][ T1033] ? __pfx_panic+0x10/0x10
[ 115.871425][ T1033] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 115.873793][ T1033] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 115.876397][ T1033] ? print_report+0x519/0x5b0
[ 115.878225][ T1033] check_panic_on_warn+0x86/0xb0
[ 115.880249][ T1033] ? end_buffer_read_sync+0xc1/0xd0
[ 115.882324][ T1033] end_report+0x77/0x160
[ 115.884063][ T1033] kasan_report+0x154/0x180
[ 115.885893][ T1033] ? end_buffer_read_sync+0xc1/0xd0
[ 115.887951][ T1033] kasan_check_range+0x282/0x290
[ 115.890005][ T1033] ? __pfx_end_buffer_read_sync+0x10/0x10
[ 115.892246][ T1033] end_buffer_read_sync+0xc1/0xd0
[ 115.894275][ T1033] end_bio_bh_io_sync+0xbf/0x120
[ 115.896395][ T1033] blk_update_request+0x5e5/0x1160
[ 115.898655][ T1033] blk_mq_end_request+0x3e/0x70
[ 115.900695][ T1033] loop_process_work+0x1bc8/0x21c0
[ 115.902783][ T1033] ? __pfx_loop_process_work+0x10/0x10
[ 115.904816][ T1033] ? register_lock_class+0x102/0x980
[ 115.906757][ T1033] ? __pfx_register_lock_class+0x10/0x10
[ 115.908874][ T1033] ? mark_lock+0x9a/0x360
[ 115.910493][ T1033] ? debug_object_deactivate+0x2d5/0x390
[ 115.912622][ T1033] ? __lock_acquire+0x1397/0x2100
[ 115.914446][ T1033] ? do_raw_spin_unlock+0x58/0x8b0
[ 115.916318][ T1033] ? __pfx_lock_acquire+0x10/0x10
[ 115.917941][ T1033] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 115.920406][ T1033] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 115.922928][ T1033] ? process_scheduled_works+0x9c6/0x18e0
[ 115.925307][ T1033] process_scheduled_works+0xabe/0x18e0
[ 115.927650][ T1033] ? __pfx_process_scheduled_works+0x10/0x10
[ 115.930169][ T1033] ? assign_work+0x364/0x3d0
[ 115.932063][ T1033] worker_thread+0x870/0xd30
[ 115.934156][ T1033] ? __kthread_parkme+0x169/0x1d0
[ 115.936264][ T1033] ? __pfx_worker_thread+0x10/0x10
[ 115.938030][ T1033] kthread+0x7a9/0x920
[ 115.939673][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.941526][ T1033] ? __pfx_worker_thread+0x10/0x10
[ 115.943639][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.945444][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.947260][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.949181][ T1033] ? _raw_spin_unlock_irq+0x23/0x50
[ 115.951246][ T1033] ? lockdep_hardirqs_on+0x99/0x150
[ 115.953277][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.955127][ T1033] ret_from_fork+0x4b/0x80
[ 115.956993][ T1033] ? __pfx_kthread+0x10/0x10
[ 115.958926][ T1033] ret_from_fork_asm+0x1a/0x30
[ 115.960900][ T1033]
[ 115.962429][ T1033] Kernel Offset: disabled
[ 115.964241][ T1033] Rebooting in 86400 seconds..
VM DIAGNOSIS:
22:45:52 Registers:
info registers vcpu 0
CPU#0
RAX=0000000000000074 RBX=ffffffff9a999100 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc900025fed10
R8 =ffffffff858430fb R9 =1ffff11006830046 R10=dffffc0000000000 R11=ffffffff858430b0
R12=dffffc0000000000 R13=0000000000000074 R14=0000000000000074 R15=00000000000003f8
RIP=ffffffff8584312e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000400000000080 CR3=00000000412fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000440401 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcb104b820 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65723d73726f7272 6500747865003036 36396f7369007265 6c6c616b7a797300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40571856574a5757 4000515d40001513 131c4a564c005740 4949444e5f5c5600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000