Warning: Permanently added '[localhost]:37921' (ED25519) to the list of known hosts.
2024/11/08 08:17:56 ignoring optional flag "sandboxArg"="0"
2024/11/08 08:17:56 ignoring optional flag "type"="qemu"
2024/11/08 08:17:57 parsed 1 programs
[  110.878994][ T5581] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  113.767387][ T5603] chnl_net:caif_netlink_parms(): no params data found
[  113.802459][ T5603] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.805303][ T5603] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.808166][ T5603] bridge_slave_0: entered allmulticast mode
[  113.812768][ T5603] bridge_slave_0: entered promiscuous mode
[  113.816574][ T5603] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.819297][ T5603] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.822569][ T5603] bridge_slave_1: entered allmulticast mode
[  113.825470][ T5603] bridge_slave_1: entered promiscuous mode
[  113.841377][ T5603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.846523][ T5603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.863388][ T5603] team0: Port device team_slave_0 added
[  113.867464][ T5603] team0: Port device team_slave_1 added
[  113.879537][ T5603] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.882866][ T5603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.894723][ T5603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.900570][ T5603] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.903313][ T5603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.914414][ T5603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.935172][ T5603] hsr_slave_0: entered promiscuous mode
[  113.937721][ T5603] hsr_slave_1: entered promiscuous mode
[  114.419152][ T5603] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  114.434264][ T5603] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  114.450455][ T5603] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  114.462074][ T5603] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  114.486764][ T5603] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.489522][ T5603] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.492440][ T5603] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.495249][ T5603] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.582900][ T5603] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.603937][ T4035] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.607941][ T4035] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.634644][ T5603] 8021q: adding VLAN 0 to HW filter on device team0
[  114.660818][ T4035] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.663687][ T4035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.674020][ T4035] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.676837][ T4035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.938044][ T5603] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.002865][ T5603] veth0_vlan: entered promiscuous mode
[  115.018077][ T5603] veth1_vlan: entered promiscuous mode
[  115.056284][ T5603] veth0_macvtap: entered promiscuous mode
[  115.074076][ T5603] veth1_macvtap: entered promiscuous mode
[  115.096604][ T5603] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.113035][ T5603] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.117744][ T5603] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.130575][ T5603] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.134041][ T5603] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.137476][ T5603] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.422903][ T1030] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.516144][ T1030] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.626783][ T1030] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.719179][ T1030] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.905687][ T4035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.908885][ T4035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.959688][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.964627][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.872356][ T4676] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  117.876692][ T4676] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  117.883093][ T4676] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  117.886362][ T4676] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  117.889545][ T4676] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  117.896201][ T4676] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  118.022415][ T1030] bridge_slave_1: left allmulticast mode
[  118.024683][ T1030] bridge_slave_1: left promiscuous mode
[  118.026928][ T1030] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.042362][ T1030] bridge_slave_0: left allmulticast mode
[  118.044609][ T1030] bridge_slave_0: left promiscuous mode
[  118.046820][ T1030] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.540833][ T1030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.552069][ T1030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.561900][ T1030] bond0 (unregistering): Released all slaves
[  118.643247][ T1030] hsr_slave_0: left promiscuous mode
[  118.664485][ T1030] hsr_slave_1: left promiscuous mode
[  118.667191][ T1030] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.693313][ T1030] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.704610][ T1030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.707483][ T1030] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.778627][ T1030] veth1_macvtap: left promiscuous mode
[  118.791467][ T1030] veth0_macvtap: left promiscuous mode
[  118.794024][ T1030] veth1_vlan: left promiscuous mode
[  118.795955][ T1030] veth0_vlan: left promiscuous mode
[  119.127521][ T1030] team0 (unregistering): Port device team_slave_1 removed
[  119.146891][ T1030] team0 (unregistering): Port device team_slave_0 removed
2024/11/08 08:18:11 executed programs: 0
[  120.989226][ T5373] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  120.995190][ T5373] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  120.998448][ T5373] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.003343][ T5373] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.006417][ T5373] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  121.009246][ T5373] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  121.426173][ T5786] chnl_net:caif_netlink_parms(): no params data found
[  121.550778][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.553567][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.556762][ T5786] bridge_slave_0: entered allmulticast mode
[  121.568769][ T5786] bridge_slave_0: entered promiscuous mode
[  121.583049][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.585932][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.588795][ T5786] bridge_slave_1: entered allmulticast mode
[  121.601435][ T5786] bridge_slave_1: entered promiscuous mode
[  121.642999][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.647837][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.692725][ T5786] team0: Port device team_slave_0 added
[  121.710782][ T5786] team0: Port device team_slave_1 added
[  121.744260][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.746776][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.771285][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.790424][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.793136][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.810002][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.854464][ T5786] hsr_slave_0: entered promiscuous mode
[  121.861368][ T5786] hsr_slave_1: entered promiscuous mode
[  122.187262][ T5786] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  122.204631][ T5786] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  122.211269][ T5786] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  122.224701][ T5786] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  122.323508][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.352635][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[  122.368050][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.370884][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.375894][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.378671][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.621056][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.673149][ T5786] veth0_vlan: entered promiscuous mode
[  122.679146][ T5786] veth1_vlan: entered promiscuous mode
[  122.699000][ T5786] veth0_macvtap: entered promiscuous mode
[  122.704835][ T5786] veth1_macvtap: entered promiscuous mode
[  122.716732][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.725158][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.733251][ T5786] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.736548][ T5786] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.739729][ T5786] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.744180][ T5786] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.799616][ T1031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.806830][ T1031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.826991][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.832543][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.020075][ T4676] Bluetooth: hci0: command tx timeout
[  123.064932][ T5831] loop0: detected capacity change from 0 to 32768
[  123.104015][ T5831] JBD2: Ignoring recovery information on journal
[  123.140475][ T5831] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  123.156998][   T24] audit: type=1800 audit(1731053893.829:2): pid=5831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.15" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  123.187532][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  123.474880][ T5835] loop0: detected capacity change from 0 to 32768
[  123.507474][ T5835] JBD2: Ignoring recovery information on journal
[  123.537379][ T5835] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  123.546565][   T24] audit: type=1800 audit(1731053894.219:3): pid=5835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.16" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  123.569361][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  123.845904][ T5839] loop0: detected capacity change from 0 to 32768
[  123.887541][ T5839] JBD2: Ignoring recovery information on journal
[  123.922549][ T5839] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  123.929076][   T24] audit: type=1800 audit(1731053894.599:4): pid=5839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  123.949072][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  124.226641][ T5843] loop0: detected capacity change from 0 to 32768
[  124.250414][ T5843] JBD2: Ignoring recovery information on journal
[  124.281999][ T5843] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  124.288918][   T24] audit: type=1800 audit(1731053894.959:5): pid=5843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.18" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  124.312221][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  124.581269][ T5847] loop0: detected capacity change from 0 to 32768
[  124.610921][ T5847] JBD2: Ignoring recovery information on journal
[  124.647854][ T5847] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  124.655764][   T24] audit: type=1800 audit(1731053895.329:6): pid=5847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.19" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  124.674044][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  124.978881][ T5851] loop0: detected capacity change from 0 to 32768
[  124.998767][ T5851] JBD2: Ignoring recovery information on journal
[  125.036198][ T5851] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  125.043090][   T24] audit: type=1800 audit(1731053895.719:7): pid=5851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.20" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  125.059677][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  125.101811][ T4676] Bluetooth: hci0: command tx timeout
[  125.331803][ T5855] loop0: detected capacity change from 0 to 32768
[  125.349638][ T5855] JBD2: Ignoring recovery information on journal
[  125.387759][ T5855] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  125.401971][   T24] audit: type=1800 audit(1731053896.079:8): pid=5855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.21" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  125.419782][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  125.688957][ T5859] loop0: detected capacity change from 0 to 32768
[  125.705557][ T5859] JBD2: Ignoring recovery information on journal
[  125.739594][ T5859] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  125.749131][   T24] audit: type=1800 audit(1731053896.429:9): pid=5859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.22" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  125.775200][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  126.036604][ T5863] loop0: detected capacity change from 0 to 32768
[  126.055133][ T5863] JBD2: Ignoring recovery information on journal
[  126.089431][ T5863] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  126.098284][   T24] audit: type=1800 audit(1731053896.779:10): pid=5863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.23" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  126.115788][ T5786] ocfs2: Unmounting device (7,0) on (node local)
2024/11/08 08:18:16 executed programs: 11
[  126.372838][ T5867] loop0: detected capacity change from 0 to 32768
[  126.406961][ T5867] JBD2: Ignoring recovery information on journal
[  126.428990][ T5867] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  126.437399][   T24] audit: type=1800 audit(1731053897.109:11): pid=5867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.24" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  126.457230][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  126.716745][ T5871] loop0: detected capacity change from 0 to 32768
[  126.739668][ T5871] JBD2: Ignoring recovery information on journal
[  126.769457][ T5871] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  126.787696][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  127.058281][ T5875] loop0: detected capacity change from 0 to 32768
[  127.076352][ T5875] JBD2: Ignoring recovery information on journal
[  127.109773][ T5875] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  127.128558][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  127.181411][ T4676] Bluetooth: hci0: command tx timeout
[  127.398567][ T5879] loop0: detected capacity change from 0 to 32768
[  127.425759][ T5879] JBD2: Ignoring recovery information on journal
[  127.468619][ T5879] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  127.486665][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  127.774194][ T5883] loop0: detected capacity change from 0 to 32768
[  127.802342][ T5883] JBD2: Ignoring recovery information on journal
[  127.832886][ T5883] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  127.847696][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  128.121277][ T5887] loop0: detected capacity change from 0 to 32768
[  128.157503][ T5887] JBD2: Ignoring recovery information on journal
[  128.182513][ T5887] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  128.189256][   T24] kauditd_printk_skb: 4 callbacks suppressed
[  128.189268][   T24] audit: type=1800 audit(1731053898.859:16): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.29" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  128.212395][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  128.474544][ T5891] loop0: detected capacity change from 0 to 32768
[  128.491792][ T5891] JBD2: Ignoring recovery information on journal
[  128.532781][ T5891] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  128.539330][   T24] audit: type=1800 audit(1731053899.209:17): pid=5891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.30" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  128.559371][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  128.832072][ T5895] loop0: detected capacity change from 0 to 32768
[  128.853177][ T5895] JBD2: Ignoring recovery information on journal
[  128.903078][ T5895] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  128.923090][   T24] audit: type=1800 audit(1731053899.599:18): pid=5895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.31" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  128.943526][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  129.260467][ T4676] Bluetooth: hci0: command tx timeout
[  129.294867][ T5899] loop0: detected capacity change from 0 to 32768
[  129.332845][ T5899] JBD2: Ignoring recovery information on journal
[  129.363050][ T5899] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  129.369480][   T24] audit: type=1800 audit(1731053900.039:19): pid=5899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.32" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  129.388829][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  129.656172][ T5903] loop0: detected capacity change from 0 to 32768
[  129.685418][ T5903] JBD2: Ignoring recovery information on journal
[  129.717310][ T5903] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  129.726408][   T24] audit: type=1800 audit(1731053900.399:20): pid=5903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.33" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  129.748190][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  130.015375][ T5907] loop0: detected capacity change from 0 to 32768
[  130.032516][ T5907] JBD2: Ignoring recovery information on journal
[  130.073965][ T5907] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  130.082819][   T24] audit: type=1800 audit(1731053900.759:21): pid=5907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.34" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  130.101844][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  130.371401][ T5911] loop0: detected capacity change from 0 to 32768
[  130.399099][ T5911] JBD2: Ignoring recovery information on journal
[  130.432720][ T5911] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  130.439615][   T24] audit: type=1800 audit(1731053901.109:22): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.35" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  130.458131][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  130.720079][ T5915] loop0: detected capacity change from 0 to 32768
[  130.737194][ T5915] JBD2: Ignoring recovery information on journal
[  130.768722][ T5915] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  130.781045][   T24] audit: type=1800 audit(1731053901.459:23): pid=5915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.36" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  130.798163][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  131.065260][ T5919] loop0: detected capacity change from 0 to 32768
[  131.100766][ T5919] JBD2: Ignoring recovery information on journal
[  131.124975][ T5919] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  131.133650][   T24] audit: type=1800 audit(1731053901.809:24): pid=5919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.37" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  131.152703][ T5786] ocfs2: Unmounting device (7,0) on (node local)
2024/11/08 08:18:21 executed programs: 25
[  131.416474][ T5923] loop0: detected capacity change from 0 to 32768
[  131.438620][ T5923] JBD2: Ignoring recovery information on journal
[  131.477787][ T5923] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  131.484984][ T5923] ==================================================================
[  131.488031][ T5923] BUG: KASAN: use-after-free in ocfs2_search_dirblock+0x26b/0x830
[  131.491169][ T5923] Read of size 1 at addr ffff88804b96a982 by task syz.0.38/5923
[  131.495163][ T5923] 
[  131.496136][ T5923] CPU: 0 UID: 0 PID: 5923 Comm: syz.0.38 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  131.500040][ T5923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.503900][ T5923] Call Trace:
[  131.505189][ T5923]  <TASK>
[  131.506362][ T5923]  dump_stack_lvl+0x241/0x360
[  131.508266][ T5923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.510367][ T5923]  ? __pfx__printk+0x10/0x10
[  131.512207][ T5923]  ? _printk+0xd5/0x120
[  131.513798][ T5923]  ? __virt_addr_valid+0x183/0x530
[  131.515762][ T5923]  ? __virt_addr_valid+0x183/0x530
[  131.517660][ T5923]  print_report+0x169/0x550
[  131.519397][ T5923]  ? __virt_addr_valid+0x183/0x530
[  131.521376][ T5923]  ? __virt_addr_valid+0x183/0x530
[  131.523400][ T5923]  ? __virt_addr_valid+0x45f/0x530
[  131.525442][ T5923]  ? __phys_addr+0xba/0x170
[  131.527390][ T5923]  ? ocfs2_search_dirblock+0x26b/0x830
[  131.529676][ T5923]  kasan_report+0x143/0x180
[  131.531503][ T5923]  ? ocfs2_search_dirblock+0x26b/0x830
[  131.533571][ T5923]  ocfs2_search_dirblock+0x26b/0x830
[  131.535438][ T5923]  ? ocfs2_read_inode_block+0x14c/0x1e0
[  131.537417][ T5923]  ? __pfx_ocfs2_search_dirblock+0x10/0x10
[  131.539614][ T5923]  ? validate_chain+0x11e/0x5920
[  131.541548][ T5923]  ocfs2_find_entry+0x1169/0x2780
[  131.543498][ T5923]  ? mark_lock+0x9a/0x360
[  131.545205][ T5923]  ? __lock_acquire+0x1384/0x2050
[  131.547060][ T5923]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  131.548949][ T5923]  ? __pfx_lock_acquire+0x10/0x10
[  131.550778][ T5923]  ? ocfs2_inode_lock_full_nested+0x17b/0x1c30
[  131.553192][ T5923]  ? __pfx_lock_release+0x10/0x10
[  131.555169][ T5923]  ? do_raw_spin_lock+0x14f/0x370
[  131.557120][ T5923]  ? do_raw_spin_unlock+0x58/0x8b0
[  131.559142][ T5923]  ? _raw_spin_unlock+0x28/0x50
[  131.561020][ T5923]  ? ocfs2_inode_lock_full_nested+0xb29/0x1c30
[  131.563422][ T5923]  ? __pfx_ocfs2_inode_lock_full_nested+0x10/0x10
[  131.565899][ T5923]  ocfs2_find_files_on_disk+0xff/0x360
[  131.568087][ T5923]  ocfs2_lookup_ino_from_name+0xb1/0x1e0
[  131.570369][ T5923]  ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10
[  131.572759][ T5923]  ocfs2_lookup+0x292/0xa60
[  131.574556][ T5923]  ? __pfx_ocfs2_lookup+0x10/0x10
[  131.576516][ T5923]  ? from_kgid+0x1a7/0x730
[  131.578360][ T5923]  ? make_vfsgid+0x51/0xa0
[  131.580170][ T5923]  ? HAS_UNMAPPED_ID+0xf9/0x150
[  131.582139][ T5923]  ? inode_permission+0xff/0x460
[  131.584090][ T5923]  ? __pfx_ocfs2_permission+0x10/0x10
[  131.586183][ T5923]  ? bpf_lsm_inode_create+0x9/0x10
[  131.588171][ T5923]  ? security_inode_create+0xbe/0x340
[  131.590316][ T5923]  ? __pfx_ocfs2_lookup+0x10/0x10
[  131.592255][ T5923]  path_openat+0x11a7/0x3590
[  131.594051][ T5923]  ? __pfx_path_openat+0x10/0x10
[  131.595970][ T5923]  do_filp_open+0x235/0x490
[  131.597816][ T5923]  ? __pfx_do_filp_open+0x10/0x10
[  131.599749][ T5923]  ? _raw_spin_unlock+0x28/0x50
[  131.601693][ T5923]  ? alloc_fd+0x5a1/0x640
[  131.603319][ T5923]  do_sys_openat2+0x13e/0x1d0
[  131.605307][ T5923]  ? __pfx_do_sys_openat2+0x10/0x10
[  131.607428][ T5923]  __x64_sys_openat+0x247/0x2a0
[  131.609371][ T5923]  ? __pfx___x64_sys_openat+0x10/0x10
[  131.611506][ T5923]  ? do_syscall_64+0x100/0x230
[  131.613399][ T5923]  ? do_syscall_64+0xb6/0x230
[  131.615291][ T5923]  do_syscall_64+0xf3/0x230
[  131.617031][ T5923]  ? clear_bhb_loop+0x35/0x90
[  131.618916][ T5923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.621206][ T5923] RIP: 0033:0x7f94543799b9
[  131.622942][ T5923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.630248][ T5923] RSP: 002b:00007f94550b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  131.633462][ T5923] RAX: ffffffffffffffda RBX: 00007f9454515f80 RCX: 00007f94543799b9
[  131.636600][ T5923] RDX: 0000000000105042 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  131.639672][ T5923] RBP: 00007f94543e78d8 R08: 0000000000000000 R09: 0000000000000000
[  131.642769][ T5923] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000000
[  131.645833][ T5923] R13: 0000000000000000 R14: 00007f9454515f80 R15: 00007fff075278a8
[  131.648902][ T5923]  </TASK>
[  131.650119][ T5923] 
[  131.651090][ T5923] The buggy address belongs to the physical page:
[  131.653531][ T5923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f9454512 pfn:0x4b96a
[  131.657187][ T5923] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  131.660039][ T5923] raw: 04fff00000000000 ffffea00012e5ac8 ffff88801fc44cb0 0000000000000000
[  131.663377][ T5923] raw: 00000007f9454512 0000000000000000 00000000ffffffff 0000000000000000
[  131.667073][ T5923] page dumped because: kasan: bad access detected
[  131.669119][ T5923] page_owner tracks the page as freed
[  131.671105][ T5923] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5918, tgid 5918 (syz.0.37), ts 131141890694, free_ts 131143969541
[  131.677843][ T5923]  post_alloc_hook+0x1f3/0x230
[  131.679812][ T5923]  get_page_from_freelist+0x303f/0x3190
[  131.681917][ T5923]  __alloc_pages_noprof+0x292/0x710
[  131.683888][ T5923]  alloc_pages_mpol_noprof+0x3e8/0x680
[  131.685950][ T5923]  vma_alloc_folio_noprof+0x12e/0x230
[  131.687987][ T5923]  folio_prealloc+0x31/0x170
[  131.689841][ T5923]  do_wp_page+0x11c4/0x52d0
[  131.691619][ T5923]  handle_pte_fault+0x10e3/0x6820
[  131.693580][ T5923]  handle_mm_fault+0x1106/0x1bb0
[  131.695524][ T5923]  exc_page_fault+0x459/0x8c0
[  131.697293][ T5923]  asm_exc_page_fault+0x26/0x30
[  131.699180][ T5923] page last free pid 5919 tgid 5918 stack trace:
[  131.701580][ T5923]  free_unref_folios+0xf12/0x18d0
[  131.703671][ T5923]  folios_put_refs+0x76c/0x860
[  131.705638][ T5923]  free_pages_and_swap_cache+0x2ea/0x690
[  131.707786][ T5923]  tlb_flush_mmu+0x3a3/0x680
[  131.709565][ T5923]  tlb_finish_mmu+0xd4/0x200
[  131.711339][ T5923]  exit_mmap+0x496/0xc40
[  131.712907][ T5923]  __mmput+0x115/0x390
[  131.714421][ T5923]  exit_mm+0x220/0x310
[  131.715983][ T5923]  do_exit+0x9b2/0x28e0
[  131.717574][ T5923]  do_group_exit+0x207/0x2c0
[  131.719594][ T5923]  get_signal+0x16a3/0x1740
[  131.721334][ T5923]  arch_do_signal_or_restart+0x96/0x860
[  131.723608][ T5923]  syscall_exit_to_user_mode+0xc9/0x370
[  131.725574][ T5923]  do_syscall_64+0x100/0x230
[  131.727343][ T5923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.729635][ T5923] 
[  131.730531][ T5923] Memory state around the buggy address:
[  131.732626][ T5923]  ffff88804b96a880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  131.735744][ T5923]  ffff88804b96a900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  131.738930][ T5923] >ffff88804b96a980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  131.742006][ T5923]                    ^
[  131.743811][ T5923]  ffff88804b96aa00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  131.746913][ T5923]  ffff88804b96aa80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  131.749994][ T5923] ==================================================================
[  131.768188][ T5923] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  131.770848][ T5923] CPU: 0 UID: 0 PID: 5923 Comm: syz.0.38 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  131.774786][ T5923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.778668][ T5923] Call Trace:
[  131.779919][ T5923]  <TASK>
[  131.781060][ T5923]  dump_stack_lvl+0x241/0x360
[  131.783189][ T5923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.785723][ T5923]  ? __pfx__printk+0x10/0x10
[  131.788009][ T5923]  ? preempt_schedule+0xe1/0xf0
[  131.790086][ T5923]  ? vscnprintf+0x5d/0x90
[  131.791718][ T5923]  panic+0x349/0x880
[  131.793265][ T5923]  ? check_panic_on_warn+0x21/0xb0
[  131.795247][ T5923]  ? __pfx_panic+0x10/0x10
[  131.796898][ T5923]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  131.799193][ T5923]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  131.801546][ T5923]  ? print_report+0x502/0x550
[  131.803315][ T5923]  check_panic_on_warn+0x86/0xb0
[  131.805169][ T5923]  ? ocfs2_search_dirblock+0x26b/0x830
[  131.807601][ T5923]  end_report+0x77/0x160
[  131.809265][ T5923]  kasan_report+0x154/0x180
[  131.811098][ T5923]  ? ocfs2_search_dirblock+0x26b/0x830
[  131.813191][ T5923]  ocfs2_search_dirblock+0x26b/0x830
[  131.815434][ T5923]  ? ocfs2_read_inode_block+0x14c/0x1e0
[  131.817491][ T5923]  ? __pfx_ocfs2_search_dirblock+0x10/0x10
[  131.819751][ T5923]  ? validate_chain+0x11e/0x5920
[  131.821745][ T5923]  ocfs2_find_entry+0x1169/0x2780
[  131.823641][ T5923]  ? mark_lock+0x9a/0x360
[  131.825646][ T5923]  ? __lock_acquire+0x1384/0x2050
[  131.827584][ T5923]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  131.829763][ T5923]  ? __pfx_lock_acquire+0x10/0x10
[  131.831760][ T5923]  ? ocfs2_inode_lock_full_nested+0x17b/0x1c30
[  131.834110][ T5923]  ? __pfx_lock_release+0x10/0x10
[  131.836080][ T5923]  ? do_raw_spin_lock+0x14f/0x370
[  131.838039][ T5923]  ? do_raw_spin_unlock+0x58/0x8b0
[  131.840068][ T5923]  ? _raw_spin_unlock+0x28/0x50
[  131.841931][ T5923]  ? ocfs2_inode_lock_full_nested+0xb29/0x1c30
[  131.844496][ T5923]  ? __pfx_ocfs2_inode_lock_full_nested+0x10/0x10
[  131.847102][ T5923]  ocfs2_find_files_on_disk+0xff/0x360
[  131.849203][ T5923]  ocfs2_lookup_ino_from_name+0xb1/0x1e0
[  131.851387][ T5923]  ? __pfx_ocfs2_lookup_ino_from_name+0x10/0x10
[  131.853787][ T5923]  ocfs2_lookup+0x292/0xa60
[  131.855580][ T5923]  ? __pfx_ocfs2_lookup+0x10/0x10
[  131.857547][ T5923]  ? from_kgid+0x1a7/0x730
[  131.859276][ T5923]  ? make_vfsgid+0x51/0xa0
[  131.860965][ T5923]  ? HAS_UNMAPPED_ID+0xf9/0x150
[  131.862930][ T5923]  ? inode_permission+0xff/0x460
[  131.864851][ T5923]  ? __pfx_ocfs2_permission+0x10/0x10
[  131.866949][ T5923]  ? bpf_lsm_inode_create+0x9/0x10
[  131.868934][ T5923]  ? security_inode_create+0xbe/0x340
[  131.871067][ T5923]  ? __pfx_ocfs2_lookup+0x10/0x10
[  131.873036][ T5923]  path_openat+0x11a7/0x3590
[  131.874998][ T5923]  ? __pfx_path_openat+0x10/0x10
[  131.877074][ T5923]  do_filp_open+0x235/0x490
[  131.878893][ T5923]  ? __pfx_do_filp_open+0x10/0x10
[  131.880886][ T5923]  ? _raw_spin_unlock+0x28/0x50
[  131.882764][ T5923]  ? alloc_fd+0x5a1/0x640
[  131.884428][ T5923]  do_sys_openat2+0x13e/0x1d0
[  131.886287][ T5923]  ? __pfx_do_sys_openat2+0x10/0x10
[  131.888241][ T5923]  __x64_sys_openat+0x247/0x2a0
[  131.890157][ T5923]  ? __pfx___x64_sys_openat+0x10/0x10
[  131.892280][ T5923]  ? do_syscall_64+0x100/0x230
[  131.894132][ T5923]  ? do_syscall_64+0xb6/0x230
[  131.895986][ T5923]  do_syscall_64+0xf3/0x230
[  131.897832][ T5923]  ? clear_bhb_loop+0x35/0x90
[  131.899653][ T5923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.902016][ T5923] RIP: 0033:0x7f94543799b9
[  131.903739][ T5923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.911194][ T5923] RSP: 002b:00007f94550b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  131.914433][ T5923] RAX: ffffffffffffffda RBX: 00007f9454515f80 RCX: 00007f94543799b9
[  131.917676][ T5923] RDX: 0000000000105042 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  131.920904][ T5923] RBP: 00007f94543e78d8 R08: 0000000000000000 R09: 0000000000000000
[  131.924069][ T5923] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000000
[  131.927021][ T5923] R13: 0000000000000000 R14: 00007f9454515f80 R15: 00007fff075278a8
[  131.930074][ T5923]  </TASK>
[  131.931587][ T5923] Kernel Offset: disabled
[  131.933271][ T5923] Rebooting in 86400 seconds..