IPVS: ftp: loaded support on port[0] = 21 BUG: MAX_LOCKDEP_CHAINS too low! turning off the locking correctness validator. CPU: 0 PID: 7113 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 add_chain_cache kernel/locking/lockdep.c:2259 [inline] lookup_chain_cache_add kernel/locking/lockdep.c:2371 [inline] validate_chain kernel/locking/lockdep.c:2391 [inline] __lock_acquire.cold+0x420/0x57e kernel/locking/lockdep.c:3416 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 rq_lock kernel/sched/sched.h:1826 [inline] __schedule+0x1f9/0x2040 kernel/sched/core.c:3455 preempt_schedule_irq+0xb0/0x140 kernel/sched/core.c:3744 retint_kernel+0x1b/0x2d RIP: 0010:__write_once_size include/linux/compiler.h:290 [inline] RIP: 0010:__sanitizer_cov_trace_pc+0x44/0x50 kernel/kcov.c:109 Code: 75 2b 8b 90 60 13 00 00 83 fa 02 75 20 48 8b 88 68 13 00 00 8b 80 64 13 00 00 48 8b 11 48 83 c2 01 48 39 d0 76 07 48 89 34 d1 <48> 89 11 c3 0f 1f 84 00 00 00 00 00 49 89 f1 49 89 fa 65 48 8b 34 RSP: 0018:ffff8880a1266ef8 EFLAGS: 00000212 ORIG_RAX: ffffffffffffff13 RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc9000d233000 RDX: 000000000000d046 RSI: ffffffff816d1128 RDI: 0000000000000005 RBP: 00007fc141b300f9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000005 R11: 0000000000074071 R12: 0000000000000000 R13: 0000000000000000 R14: ffff8880a46799c0 R15: 0000000000000068 bpf_jit_kallsyms_enabled include/linux/filter.h:951 [inline] bpf_prog_kallsyms_find kernel/bpf/core.c:509 [inline] is_bpf_text_address+0x88/0x1b0 kernel/bpf/core.c:547 kernel_text_address kernel/extable.c:152 [inline] kernel_text_address+0xbd/0xf0 kernel/extable.c:122 __kernel_text_address+0x9/0x30 kernel/extable.c:107 unwind_get_return_address arch/x86/kernel/unwind_orc.c:297 [inline] unwind_get_return_address+0x51/0x90 arch/x86/kernel/unwind_orc.c:292 __save_stack_trace+0xaf/0x190 arch/x86/kernel/stacktrace.c:45 save_stack mm/kasan/kasan.c:448 [inline] set_track mm/kasan/kasan.c:460 [inline] kasan_kmalloc+0xeb/0x160 mm/kasan/kasan.c:553 slab_post_alloc_hook mm/slab.h:445 [inline] slab_alloc mm/slab.c:3397 [inline] kmem_cache_alloc+0x110/0x370 mm/slab.c:3557 btrfs_add_delayed_tree_ref+0xfe/0xb40 fs/btrfs/delayed-ref.c:726 btrfs_alloc_tree_block+0x1124/0x15f0 fs/btrfs/extent-tree.c:8317 alloc_tree_block_no_bg_flush+0x1b6/0x250 fs/btrfs/ctree.c:1039 __btrfs_cow_block+0x3c7/0x10a0 fs/btrfs/ctree.c:1094 btrfs_cow_block+0x276/0x840 fs/btrfs/ctree.c:1557 btrfs_search_slot+0x66a/0x1ee0 fs/btrfs/ctree.c:2881 btrfs_insert_empty_items+0xba/0x180 fs/btrfs/ctree.c:4910 btrfs_insert_empty_item fs/btrfs/ctree.h:2923 [inline] btrfs_insert_inode_ref+0x169/0xbe0 fs/btrfs/inode-item.c:340 btrfs_rename fs/btrfs/inode.c:9961 [inline] btrfs_rename2+0x8ac/0x5bb0 fs/btrfs/inode.c:10112 vfs_rename+0x67e/0x1bc0 fs/namei.c:4479 do_renameat2+0xb59/0xc70 fs/namei.c:4629 __do_sys_rename fs/namei.c:4675 [inline] __se_sys_rename fs/namei.c:4673 [inline] __x64_sys_rename+0x5d/0x80 fs/namei.c:4673 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc141b300f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fc1400a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 RAX: ffffffffffffffda RBX: 00007fc141c4ff80 RCX: 00007fc141b300f9 RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 00000000200005c0 RBP: 00007fc141b8bae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffcd479634f R14: 00007fc1400a2300 R15: 0000000000022000 audit: type=1804 audit(1678123815.998:838): pid=7299 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2413571419/syzkaller.DJgFzs/677/bus" dev="sda1" ino=14387 res=1 audit: type=1804 audit(1678123816.028:839): pid=7299 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2413571419/syzkaller.DJgFzs/677/bus" dev="sda1" ino=14387 res=1 audit: type=1804 audit(1678123816.548:840): pid=7407 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2413571419/syzkaller.DJgFzs/678/bus" dev="sda1" ino=14727 res=1 BTRFS info (device loop2): using free space tree BTRFS info (device loop2): has skinny extents audit: type=1804 audit(1678123816.548:841): pid=7407 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2413571419/syzkaller.DJgFzs/678/bus" dev="sda1" ino=14727 res=1 audit: type=1804 audit(1678123816.578:842): pid=7408 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2413571419/syzkaller.DJgFzs/678/bus" dev="sda1" ino=14727 res=1 Cannot find add_set index 0 as target XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop4): Quotacheck needed: Please wait. XFS (loop4): Quotacheck: Done. audit: type=1804 audit(1678123817.589:843): pid=7404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2418996324/syzkaller.coWr2K/89/bus/bus" dev="loop4" ino=42 res=1 XFS (loop4): Unmounting Filesystem XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop4): Quotacheck needed: Please wait. XFS (loop4): Quotacheck: Done. audit: type=1804 audit(1678123818.719:844): pid=7574 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2418996324/syzkaller.coWr2K/90/bus/bus" dev="loop4" ino=42 res=1 audit: type=1804 audit(1678123818.749:845): pid=7573 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2418996324/syzkaller.coWr2K/90/bus/bus" dev="loop4" ino=42 res=1 Cannot find add_set index 0 as target XFS (loop4): Unmounting Filesystem XFS (loop4): Mounting V4 Filesystem XFS (loop4): Ending clean mount XFS (loop4): Quotacheck needed: Please wait. XFS (loop4): Quotacheck: Done. audit: type=1804 audit(1678123820.150:846): pid=7617 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2418996324/syzkaller.coWr2K/91/bus/bus" dev="loop4" ino=42 res=1 XFS (loop4): Unmounting Filesystem Cannot find add_set index 0 as target Cannot find add_set index 0 as target Cannot find add_set index 0 as target Cannot find add_set index 0 as target EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount audit: type=1804 audit(1678123823.301:847): pid=7829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir4020529699/syzkaller.qO1Rxs/157/file0/bus" dev="loop2" ino=41 res=1 audit: type=1804 audit(1678123823.331:848): pid=7829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir4020529699/syzkaller.qO1Rxs/157/file0/bus" dev="loop2" ino=41 res=1 audit: type=1804 audit(1678123823.331:849): pid=7829 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir4020529699/syzkaller.qO1Rxs/157/file0/bus" dev="loop2" ino=41 res=1 audit: type=1804 audit(1678123823.391:850): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir4020529699/syzkaller.qO1Rxs/157/file0/bus" dev="loop2" ino=41 res=1 syz-executor.2 (7829) used greatest stack depth: 21168 bytes left XFS (loop2): Unmounting Filesystem XFS (loop2): Mounting V4 Filesystem XFS (loop2): Ending clean mount XFS (loop2): Unmounting Filesystem À: renamed from syztnl2 9pnet: Insufficient options for proto=fd À: renamed from syztnl2 9pnet: Insufficient options for proto=fd 9pnet: Insufficient options for proto=fd 9pnet: Insufficient options for proto=fd 9pnet: Insufficient options for proto=fd 9pnet: Insufficient options for proto=fd 9pnet: Insufficient options for proto=fd À: renamed from syztnl2 9pnet: Insufficient options for proto=fd À: renamed from syztnl2 À: renamed from syztnl2 ---------------- Code disassembly (best guess): 0: 75 2b jne 0x2d 2: 8b 90 60 13 00 00 mov 0x1360(%rax),%edx 8: 83 fa 02 cmp $0x2,%edx b: 75 20 jne 0x2d d: 48 8b 88 68 13 00 00 mov 0x1368(%rax),%rcx 14: 8b 80 64 13 00 00 mov 0x1364(%rax),%eax 1a: 48 8b 11 mov (%rcx),%rdx 1d: 48 83 c2 01 add $0x1,%rdx 21: 48 39 d0 cmp %rdx,%rax 24: 76 07 jbe 0x2d 26: 48 89 34 d1 mov %rsi,(%rcx,%rdx,8) * 2a: 48 89 11 mov %rdx,(%rcx) <-- trapping instruction 2d: c3 retq 2e: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1) 35: 00 36: 49 89 f1 mov %rsi,%r9 39: 49 89 fa mov %rdi,%r10 3c: 65 gs 3d: 48 rex.W 3e: 8b .byte 0x8b 3f: 34 .byte 0x34