Warning: Permanently added '10.128.0.175' (ED25519) to the list of known hosts.
2026/04/03 13:17:51 parsed 1 programs
[   57.843943][ T4187] cgroup: Unknown subsys name 'net'
[   57.987878][ T4187] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.453657][ T4187] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   61.072070][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.080141][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.099762][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   61.115006][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.123165][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.130825][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.688710][ T4224] chnl_net:caif_netlink_parms(): no params data found
[   61.754587][ T4224] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.762513][ T4224] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.770763][ T4224] device bridge_slave_0 entered promiscuous mode
[   61.780829][ T4224] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.788128][ T4224] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.796574][ T4224] device bridge_slave_1 entered promiscuous mode
[   61.824047][ T4224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.835589][ T4224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.863557][ T4224] team0: Port device team_slave_0 added
[   61.872797][ T4224] team0: Port device team_slave_1 added
[   61.895632][ T4224] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.902844][ T4224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.929407][ T4224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.950846][ T4224] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.958138][ T4224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.985828][ T4224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.028742][ T4224] device hsr_slave_0 entered promiscuous mode
[   62.035778][ T4224] device hsr_slave_1 entered promiscuous mode
[   62.189533][ T4224] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.201645][ T4224] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.215483][ T4224] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.227130][ T4224] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   62.317808][ T4224] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.335958][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   62.348828][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.361329][ T4224] 8021q: adding VLAN 0 to HW filter on device team0
[   62.382809][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   62.392596][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.402027][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.409304][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.420565][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.432677][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.441194][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.448312][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.458459][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   62.467637][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.482437][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   62.494499][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   62.504178][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.514808][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   62.535144][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   62.546138][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   62.555238][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.570853][ T4224] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   62.583115][ T4224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   62.593226][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.724172][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   62.731682][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   62.747316][ T4224] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.776742][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.790272][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   62.800243][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   62.809025][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.819281][ T4224] device veth0_vlan entered promiscuous mode
[   62.856014][ T4224] device veth1_vlan entered promiscuous mode
[   62.883182][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   62.892459][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.900914][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.915691][ T4224] device veth0_macvtap entered promiscuous mode
[   62.936943][ T4224] device veth1_macvtap entered promiscuous mode
[   62.957065][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.975473][ T4224] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.984906][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.994726][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.007387][ T4224] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.018657][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   63.028217][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.039528][ T4224] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.048819][ T4224] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.058445][ T4224] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.067575][ T4224] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.171161][ T4224] syz-executor (4224) used greatest stack depth: 20240 bytes left
2026/04/03 13:18:00 executed programs: 0
[   65.209872][ T4281] chnl_net:caif_netlink_parms(): no params data found
[   65.279704][ T4281] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.289512][ T4281] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.297487][ T4281] device bridge_slave_0 entered promiscuous mode
[   65.307215][ T4281] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.314516][ T4281] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.323121][ T4281] device bridge_slave_1 entered promiscuous mode
[   65.349374][ T4281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.361329][ T4281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.390387][ T4281] team0: Port device team_slave_0 added
[   65.398406][ T4281] team0: Port device team_slave_1 added
[   65.419818][ T4281] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.426915][ T4281] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.453708][ T4281] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.467330][ T4281] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.474852][ T4281] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.501242][ T4281] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.548806][ T4281] device hsr_slave_0 entered promiscuous mode
[   65.556312][ T4281] device hsr_slave_1 entered promiscuous mode
[   65.567242][ T4281] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.575679][ T4281] Cannot create hsr debugfs directory
[   65.678864][ T4281] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.082667][ T4301] Bluetooth: hci0: command 0x0409 tx timeout
[   67.828430][ T4281] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.867962][ T4281] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.928641][ T4281] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.014759][ T4281] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   68.026031][ T4281] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   68.052280][ T4281] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   68.060902][ T4281] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   68.116850][ T4281] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.129237][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   68.137659][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   68.159072][ T4281] 8021q: adding VLAN 0 to HW filter on device team0
[   68.168494][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   68.177466][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   68.186528][ T1210] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.193725][ T1210] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.206568][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   68.215347][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   68.224123][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.232894][ T1210] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.239996][ T1210] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.267785][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   68.282984][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   68.291577][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   68.301057][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   68.309737][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   68.337993][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   68.347915][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   68.360380][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   68.369353][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   68.384974][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   68.393756][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   68.405790][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   68.520293][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   68.528534][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   68.545922][  T145] device hsr_slave_0 left promiscuous mode
[   68.552960][  T145] device hsr_slave_1 left promiscuous mode
[   68.559333][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.567034][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.575486][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.583018][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.590661][  T145] device bridge_slave_1 left promiscuous mode
[   68.597661][  T145] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.610329][  T145] device bridge_slave_0 left promiscuous mode
[   68.617739][  T145] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.634773][  T145] device veth1_macvtap left promiscuous mode
[   68.641041][  T145] device veth0_macvtap left promiscuous mode
[   68.648159][  T145] device veth1_vlan left promiscuous mode
[   68.654318][  T145] device veth0_vlan left promiscuous mode
[   68.801125][  T145] team0 (unregistering): Port device team_slave_1 removed
[   68.816767][  T145] team0 (unregistering): Port device team_slave_0 removed
[   68.829143][  T145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.848141][  T145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.902647][  T145] bond0 (unregistering): Released all slaves
[   68.957841][ T4281] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.975861][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   68.984882][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.001341][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   69.010124][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.021007][ T4281] device veth0_vlan entered promiscuous mode
[   69.029093][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.037023][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.053102][ T4281] device veth1_vlan entered promiscuous mode
[   69.078663][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   69.087948][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   69.096888][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.106277][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.117415][ T4281] device veth0_macvtap entered promiscuous mode
[   69.127903][ T4281] device veth1_macvtap entered promiscuous mode
[   69.143724][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   69.153408][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   69.164199][    T7] Bluetooth: hci0: command 0x041b tx timeout
[   69.166410][ T4281] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.178473][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   69.187582][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.201101][ T4281] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.211966][ T4281] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.220794][ T4281] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.231456][ T4281] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.240415][ T4281] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.251392][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   69.260277][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.313917][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.323349][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.346919][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   69.358951][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.369621][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.378174][ T1210] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.806920][ T4307] loop0: detected capacity change from 0 to 32768
[   69.928436][ T4307] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   69.943320][ T4307] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   69.965225][ T4307] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   69.976693][ T4231] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   69.985444][ T4231] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   70.021497][ T4231] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 36ms
[   70.034044][ T4231] gfs2: fsid=syz:syz.0: jid=0: Done
[   70.039986][ T4307] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   70.211313][ T4307] gfs2: fsid=syz:syz.0: found 1 quota changes
[   70.256646][ T4281] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[   70.256646][ T4281]   inode = 11 2339
[   70.256646][ T4281]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[   70.301904][ T4281] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   70.334224][ T4281] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[   70.362052][ T4281] CPU: 0 PID: 4281 Comm: syz-executor Not tainted syzkaller #0
[   70.369827][ T4281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   70.379996][ T4281] Call Trace:
[   70.383308][ T4281]  <TASK>
[   70.386352][ T4281]  dump_stack_lvl+0x188/0x250
[   70.391057][ T4281]  ? show_regs_print_info+0x20/0x20
[   70.396282][ T4281]  ? load_image+0x400/0x400
[   70.400909][ T4281]  ? do_raw_spin_unlock+0x11d/0x230
[   70.406303][ T4281]  gfs2_assert_warn_i+0x18f/0x2c0
[   70.411354][ T4281]  gfs2_quota_cleanup+0x4b4/0x6a0
[   70.416408][ T4281]  gfs2_make_fs_ro+0x440/0x620
[   70.421185][ T4281]  ? __might_sleep+0xf0/0xf0
[   70.425878][ T4281]  ? gfs2_dinode_out+0xb00/0xb00
[   70.430841][ T4281]  ? _raw_spin_unlock+0x24/0x40
[   70.435712][ T4281]  ? gfs2_glock_nq+0xcb0/0x1550
[   70.440612][ T4281]  gfs2_withdraw+0x610/0x1490
[   70.445329][ T4281]  ? gfs2_lm+0x240/0x240
[   70.449774][ T4281]  ? __schedule+0x11f7/0x43c0
[   70.454477][ T4281]  ? gfs2_freeze_lock+0x52/0xc0
[   70.459350][ T4281]  ? gfs2_consist_inode_i+0xc0/0xe0
[   70.464572][ T4281]  gfs2_inode_refresh+0xb64/0xff0
[   70.469621][ T4281]  ? do_promote+0x71a/0xab0
[   70.474149][ T4281]  ? gfs2_inode_metasync+0xf0/0xf0
[   70.479292][ T4281]  ? __lock_acquire+0x7d10/0x7d10
[   70.484358][ T4281]  inode_go_lock+0x127/0x470
[   70.489059][ T4281]  do_promote+0x741/0xab0
[   70.493435][ T4281]  finish_xmote+0x4df/0xb00
[   70.497984][ T4281]  do_xmote+0x7b6/0x1120
[   70.502273][ T4281]  gfs2_glock_nq+0xc7a/0x1550
[   70.507001][ T4281]  do_sync+0x4ab/0xc40
[   70.511137][ T4281]  ? slot_put+0x1e0/0x1e0
[   70.515505][ T4281]  ? __lock_acquire+0x7d10/0x7d10
[   70.520558][ T4281]  ? do_raw_spin_lock+0x128/0x2f0
[   70.525806][ T4281]  ? do_sync+0x4a3/0xc40
[   70.530263][ T4281]  ? do_raw_spin_unlock+0x11d/0x230
[   70.535492][ T4281]  gfs2_quota_sync+0x32c/0x700
[   70.540389][ T4281]  gfs2_sync_fs+0x48/0xb0
[   70.544744][ T4281]  sync_filesystem+0xe6/0x220
[   70.549522][ T4281]  generic_shutdown_super+0x6b/0x300
[   70.555181][ T4281]  kill_block_super+0x7c/0xe0
[   70.559971][ T4281]  deactivate_locked_super+0x93/0xf0
[   70.565408][ T4281]  cleanup_mnt+0x42d/0x4e0
[   70.569864][ T4281]  ? lockdep_hardirqs_on+0x94/0x140
[   70.575177][ T4281]  task_work_run+0x125/0x1a0
[   70.579786][ T4281]  exit_to_user_mode_loop+0x10f/0x130
[   70.585336][ T4281]  exit_to_user_mode_prepare+0xee/0x180
[   70.590889][ T4281]  syscall_exit_to_user_mode+0x16/0x40
[   70.596443][ T4281]  do_syscall_64+0x58/0xa0
[   70.600947][ T4281]  ? clear_bhb_loop+0x30/0x80
[   70.605719][ T4281]  ? clear_bhb_loop+0x30/0x80
[   70.610489][ T4281]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   70.616385][ T4281] RIP: 0033:0x7fc45885ba57
[   70.620808][ T4281] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   70.640622][ T4281] RSP: 002b:00007ffcd5311f38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   70.649157][ T4281] RAX: 0000000000000000 RBX: 00007fc4588f0048 RCX: 00007fc45885ba57
[   70.657150][ T4281] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd5311ff0
[   70.665124][ T4281] RBP: 00007ffcd5311ff0 R08: 00007ffcd5312ff0 R09: 00000000ffffffff
[   70.673191][ T4281] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd5313080
[   70.681249][ T4281] R13: 00007fc4588f0048 R14: 0000000000010f09 R15: 00007ffcd53130c0
[   70.689235][ T4281]  </TASK>
[   70.704946][ T4281] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   70.715678][ T4281] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   70.724848][ T4281] gfs2: fsid=syz:syz.0: File system withdrawn
[   70.730948][ T4281] CPU: 0 PID: 4281 Comm: syz-executor Not tainted syzkaller #0
[   70.738517][ T4281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   70.748590][ T4281] Call Trace:
[   70.751898][ T4281]  <TASK>
[   70.754849][ T4281]  dump_stack_lvl+0x188/0x250
[   70.759545][ T4281]  ? kobject_uevent_env+0x371/0x890
[   70.764772][ T4281]  ? show_regs_print_info+0x20/0x20
[   70.769994][ T4281]  ? load_image+0x400/0x400
[   70.774523][ T4281]  ? kobject_uevent_env+0x371/0x890
[   70.779743][ T4281]  ? lockref_put_or_lock+0x6e/0xb0
[   70.784878][ T4281]  gfs2_withdraw+0x1149/0x1490
[   70.789673][ T4281]  ? gfs2_lm+0x240/0x240
[   70.794055][ T4281]  ? __schedule+0x11f7/0x43c0
[   70.798957][ T4281]  ? gfs2_consist_inode_i+0xc0/0xe0
[   70.804182][ T4281]  gfs2_inode_refresh+0xb64/0xff0
[   70.809230][ T4281]  ? do_promote+0x71a/0xab0
[   70.813767][ T4281]  ? gfs2_inode_metasync+0xf0/0xf0
[   70.818901][ T4281]  ? __lock_acquire+0x7d10/0x7d10
[   70.823962][ T4281]  inode_go_lock+0x127/0x470
[   70.828668][ T4281]  do_promote+0x741/0xab0
[   70.833039][ T4281]  finish_xmote+0x4df/0xb00
[   70.837661][ T4281]  do_xmote+0x7b6/0x1120
[   70.841949][ T4281]  gfs2_glock_nq+0xc7a/0x1550
[   70.846665][ T4281]  do_sync+0x4ab/0xc40
[   70.850764][ T4281]  ? slot_put+0x1e0/0x1e0
[   70.855120][ T4281]  ? __lock_acquire+0x7d10/0x7d10
[   70.860174][ T4281]  ? do_raw_spin_lock+0x128/0x2f0
[   70.865222][ T4281]  ? do_sync+0x4a3/0xc40
[   70.869492][ T4281]  ? do_raw_spin_unlock+0x11d/0x230
[   70.874813][ T4281]  gfs2_quota_sync+0x32c/0x700
[   70.879616][ T4281]  gfs2_sync_fs+0x48/0xb0
[   70.883967][ T4281]  sync_filesystem+0xe6/0x220
[   70.888668][ T4281]  generic_shutdown_super+0x6b/0x300
[   70.894066][ T4281]  kill_block_super+0x7c/0xe0
[   70.898767][ T4281]  deactivate_locked_super+0x93/0xf0
[   70.904081][ T4281]  cleanup_mnt+0x42d/0x4e0
[   70.908587][ T4281]  ? lockdep_hardirqs_on+0x94/0x140
[   70.913897][ T4281]  task_work_run+0x125/0x1a0
[   70.918526][ T4281]  exit_to_user_mode_loop+0x10f/0x130
[   70.923940][ T4281]  exit_to_user_mode_prepare+0xee/0x180
[   70.929691][ T4281]  syscall_exit_to_user_mode+0x16/0x40
[   70.935188][ T4281]  do_syscall_64+0x58/0xa0
[   70.940737][ T4281]  ? clear_bhb_loop+0x30/0x80
[   70.945448][ T4281]  ? clear_bhb_loop+0x30/0x80
[   70.950175][ T4281]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   70.956102][ T4281] RIP: 0033:0x7fc45885ba57
[   70.960548][ T4281] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   70.980265][ T4281] RSP: 002b:00007ffcd5311f38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   70.988706][ T4281] RAX: 0000000000000000 RBX: 00007fc4588f0048 RCX: 00007fc45885ba57
[   70.996707][ T4281] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd5311ff0
[   71.004816][ T4281] RBP: 00007ffcd5311ff0 R08: 00007ffcd5312ff0 R09: 00000000ffffffff
[   71.012826][ T4281] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd5313080
[   71.020928][ T4281] R13: 00007fc4588f0048 R14: 0000000000010f09 R15: 00007ffcd53130c0
[   71.028960][ T4281]  </TASK>
[   71.043393][ T4281] ==================================================================
[   71.051718][ T4281] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[   71.058513][ T4281] Read of size 8 at addr ffff88805a13d090 by task syz-executor/4281
[   71.066521][ T4281] 
[   71.068873][ T4281] CPU: 0 PID: 4281 Comm: syz-executor Not tainted syzkaller #0
[   71.076552][ T4281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   71.086815][ T4281] Call Trace:
[   71.090260][ T4281]  <TASK>
[   71.093218][ T4281]  dump_stack_lvl+0x188/0x250
[   71.097938][ T4281]  ? show_regs_print_info+0x20/0x20
[   71.103161][ T4281]  ? _printk+0xda/0x130
[   71.107432][ T4281]  ? qd_unlock+0x30/0x2d0
[   71.112062][ T4281]  ? load_image+0x400/0x400
[   71.116607][ T4281]  ? _raw_spin_lock_irqsave+0xbc/0x100
[   71.122445][ T4281]  print_address_description+0x60/0x2d0
[   71.128019][ T4281]  ? qd_unlock+0x30/0x2d0
[   71.132377][ T4281]  kasan_report+0xdf/0x130
[   71.136832][ T4281]  ? qd_unlock+0x30/0x2d0
[   71.141194][ T4281]  kasan_check_range+0x235/0x290
[   71.146155][ T4281]  qd_unlock+0x30/0x2d0
[   71.150340][ T4281]  gfs2_quota_sync+0x5cf/0x700
[   71.155308][ T4281]  gfs2_sync_fs+0x48/0xb0
[   71.159873][ T4281]  sync_filesystem+0xe6/0x220
[   71.164663][ T4281]  generic_sh