Warning: Permanently added '10.128.1.179' (ED25519) to the list of known hosts.
2026/02/11 10:24:46 parsed 1 programs
[ 83.482867][ T4194] cgroup: Unknown subsys name 'net'
[ 83.616809][ T4194] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 85.085066][ T4194] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 86.682147][ T7] cfg80211: failed to load regulatory.db
[ 88.393696][ T4251] chnl_net:caif_netlink_parms(): no params data found
[ 88.453576][ T4251] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.461658][ T4251] bridge0: port 1(bridge_slave_0) entered disabled state
[ 88.469892][ T4251] device bridge_slave_0 entered promiscuous mode
[ 88.480353][ T4251] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.487514][ T4251] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.496192][ T4251] device bridge_slave_1 entered promiscuous mode
[ 88.522035][ T4251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.533751][ T4251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.565725][ T4251] team0: Port device team_slave_0 added
[ 88.573907][ T4251] team0: Port device team_slave_1 added
[ 88.593307][ T4251] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 88.600406][ T4251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.626554][ T4251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 88.639671][ T4251] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 88.646719][ T4251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.672655][ T4251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.718532][ T4251] device hsr_slave_0 entered promiscuous mode
[ 88.744216][ T4251] device hsr_slave_1 entered promiscuous mode
[ 88.921099][ T4251] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 88.931615][ T4251] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.941720][ T4251] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 88.951652][ T4251] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 88.976239][ T4251] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.983463][ T4251] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 88.991549][ T4251] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.998625][ T4251] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.042510][ T4251] 8021q: adding VLAN 0 to HW filter on device bond0
[ 89.055200][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 89.066073][ T1233] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.076023][ T1233] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.084743][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 89.099348][ T4251] 8021q: adding VLAN 0 to HW filter on device team0
[ 89.129588][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 89.139155][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.146291][ T1233] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.163640][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 89.172179][ T1233] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.179229][ T1233] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.196746][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 89.207368][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 89.236936][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 89.248806][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 89.261371][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 89.275168][ T4251] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 89.402241][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 89.409740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 89.424859][ T4251] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 89.456951][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 89.465845][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 89.487048][ T4251] device veth0_vlan entered promiscuous mode
[ 89.497111][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 89.505969][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 89.519645][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 89.527915][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 89.538506][ T4251] device veth1_vlan entered promiscuous mode
[ 89.578558][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 89.586846][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 89.596373][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 89.605435][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 89.617584][ T4251] device veth0_macvtap entered promiscuous mode
[ 89.651993][ T4251] device veth1_macvtap entered promiscuous mode
[ 89.668100][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 89.676123][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 89.684408][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 89.693093][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 89.702973][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 89.715270][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 89.725119][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 89.733780][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 89.746000][ T4251] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.755075][ T4251] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.763927][ T4251] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.772678][ T4251] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 89.885338][ T4251] syz-executor (4251) used greatest stack depth: 20496 bytes left
[ 89.981962][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 89.990000][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.002311][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 90.029458][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 90.038185][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.047381][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2026/02/11 10:24:56 executed programs: 0
[ 90.861563][ T4292] chnl_net:caif_netlink_parms(): no params data found
[ 90.927228][ T4292] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.936850][ T4292] bridge0: port 1(bridge_slave_0) entered disabled state
[ 90.945453][ T4292] device bridge_slave_0 entered promiscuous mode
[ 90.955606][ T4292] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.963062][ T4292] bridge0: port 2(bridge_slave_1) entered disabled state
[ 90.971780][ T4292] device bridge_slave_1 entered promiscuous mode
[ 90.998556][ T4292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 91.011298][ T4292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 91.053969][ T4292] team0: Port device team_slave_0 added
[ 91.063224][ T4292] team0: Port device team_slave_1 added
[ 91.087848][ T4292] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 91.097427][ T4292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.126004][ T4292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 91.139358][ T4292] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 91.149499][ T4292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.178985][ T4292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 91.222438][ T4292] device hsr_slave_0 entered promiscuous mode
[ 91.229422][ T4292] device hsr_slave_1 entered promiscuous mode
[ 91.238398][ T4292] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 91.246930][ T4292] Cannot create hsr debugfs directory
[ 91.347083][ T4292] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 92.772152][ T4212] Bluetooth: hci0: command 0x0409 tx timeout
[ 94.588083][ T4292] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.840709][ T13] Bluetooth: hci0: command 0x041b tx timeout
[ 95.116132][ T4292] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 95.159216][ T4292] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 95.252623][ T4292] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 95.263969][ T4292] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 95.284315][ T4292] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 95.293438][ T4292] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 95.358467][ T4292] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.372279][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 95.380499][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 95.391831][ T4292] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.412489][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 95.421378][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 95.429874][ T554] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.436985][ T554] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.445088][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 95.456300][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 95.465160][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 95.474003][ T554] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.481138][ T554] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.501299][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 95.511118][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 95.523215][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 95.532535][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 95.541640][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 95.561557][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 95.570822][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 95.582988][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 95.591616][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 95.602059][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 95.610907][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 95.634870][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 95.739028][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 95.746644][ T554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 95.762161][ T4292] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 95.790793][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 95.799542][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 95.818076][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 95.828154][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 95.847977][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 95.856303][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 95.867140][ T4292] device veth0_vlan entered promiscuous mode
[ 95.878148][ T4292] device veth1_vlan entered promiscuous mode
[ 95.915201][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 95.923940][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 95.932543][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 95.941428][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 95.952984][ T4292] device veth0_macvtap entered promiscuous mode
[ 95.964263][ T4292] device veth1_macvtap entered promiscuous mode
[ 95.985631][ T4292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 96.000079][ T4292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 96.012149][ T4292] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.028498][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 96.037065][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 96.046488][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 96.055532][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 96.066315][ T4292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 96.077110][ T4292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 96.089091][ T4292] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.101721][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 96.114598][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 96.124522][ T4292] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.134482][ T4292] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.143803][ T4292] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.152924][ T4292] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.167544][ T144] device hsr_slave_0 left promiscuous mode
[ 96.174444][ T144] device hsr_slave_1 left promiscuous mode
[ 96.181042][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 96.188455][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 96.197373][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 96.205156][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 96.213147][ T144] device bridge_slave_1 left promiscuous mode
[ 96.220062][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.234810][ T144] device bridge_slave_0 left promiscuous mode
[ 96.241128][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.259370][ T144] device veth1_macvtap left promiscuous mode
[ 96.265714][ T144] device veth0_macvtap left promiscuous mode
[ 96.272471][ T144] device veth1_vlan left promiscuous mode
[ 96.278382][ T144] device veth0_vlan left promiscuous mode
[ 96.443321][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 96.457361][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 96.471513][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 96.485671][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 96.540565][ T144] bond0 (unregistering): Released all slaves
[ 96.659740][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.669999][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.690584][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/02/11 10:25:02 executed programs: 2
[ 96.704311][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.713503][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.728328][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 96.922296][ T4212] Bluetooth: hci0: command 0x040f tx timeout
[ 97.026256][ T4309] loop0: detected capacity change from 0 to 32768
[ 97.119986][ T4309] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 97.129054][ T4309] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 97.161916][ T4309] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 97.175988][ T1111] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 97.186633][ T1111] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 97.244420][ T1111] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 57ms
[ 97.272390][ T1111] gfs2: fsid=syz:syz.0: jid=0: Done
[ 97.278714][ T4309] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 97.418928][ T4309] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 97.451017][ T4292] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 97.451017][ T4292] inode = 11 2339
[ 97.451017][ T4292] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 97.490896][ T4292] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 97.509434][ T4292] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 97.524168][ T4292] CPU: 1 PID: 4292 Comm: syz-executor Not tainted syzkaller #0
[ 97.531787][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 97.541881][ T4292] Call Trace:
[ 97.545184][ T4292]
[ 97.548152][ T4292] dump_stack_lvl+0x188/0x250
[ 97.552875][ T4292] ? show_regs_print_info+0x20/0x20
[ 97.558100][ T4292] ? load_image+0x400/0x400
[ 97.562633][ T4292] ? do_raw_spin_unlock+0x11d/0x230
[ 97.567859][ T4292] gfs2_assert_warn_i+0x18f/0x2c0
[ 97.572923][ T4292] gfs2_quota_cleanup+0x4b4/0x6a0
[ 97.577983][ T4292] gfs2_make_fs_ro+0x440/0x620
[ 97.582769][ T4292] ? __might_sleep+0xf0/0xf0
[ 97.587389][ T4292] ? gfs2_dinode_out+0xb00/0xb00
[ 97.592350][ T4292] ? _raw_spin_unlock+0x24/0x40
[ 97.597218][ T4292] ? gfs2_glock_nq+0xcb0/0x1550
[ 97.602129][ T4292] gfs2_withdraw+0x610/0x1490
[ 97.606839][ T4292] ? gfs2_lm+0x240/0x240
[ 97.611123][ T4292] ? __schedule+0x11f7/0x43c0
[ 97.615827][ T4292] ? gfs2_freeze_lock+0x52/0xc0
[ 97.620728][ T4292] ? gfs2_consist_inode_i+0xc0/0xe0
[ 97.625957][ T4292] gfs2_inode_refresh+0xb64/0xff0
[ 97.631014][ T4292] ? do_promote+0x71a/0xab0
[ 97.635545][ T4292] ? gfs2_inode_metasync+0xf0/0xf0
[ 97.640685][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 97.645746][ T4292] inode_go_lock+0x127/0x470
[ 97.650407][ T4292] do_promote+0x741/0xab0
[ 97.654774][ T4292] finish_xmote+0x4df/0xb00
[ 97.659324][ T4292] do_xmote+0x7b6/0x1120
[ 97.663600][ T4292] gfs2_glock_nq+0xc7a/0x1550
[ 97.668328][ T4292] do_sync+0x4ab/0xc40
[ 97.672428][ T4292] ? slot_put+0x1e0/0x1e0
[ 97.676781][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 97.681827][ T4292] ? do_raw_spin_lock+0x128/0x2f0
[ 97.686876][ T4292] ? do_sync+0x4a3/0xc40
[ 97.691164][ T4292] ? do_raw_spin_unlock+0x11d/0x230
[ 97.696406][ T4292] gfs2_quota_sync+0x32c/0x700
[ 97.701216][ T4292] gfs2_sync_fs+0x48/0xb0
[ 97.705613][ T4292] sync_filesystem+0xe6/0x220
[ 97.710336][ T4292] generic_shutdown_super+0x6b/0x300
[ 97.715652][ T4292] kill_block_super+0x7c/0xe0
[ 97.720352][ T4292] deactivate_locked_super+0x93/0xf0
[ 97.725655][ T4292] cleanup_mnt+0x42d/0x4e0
[ 97.730114][ T4292] ? lockdep_hardirqs_on+0x94/0x140
[ 97.735339][ T4292] task_work_run+0x125/0x1a0
[ 97.739964][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 97.745356][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 97.750927][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 97.756401][ T4292] do_syscall_64+0x58/0xa0
[ 97.760835][ T4292] ? clear_bhb_loop+0x30/0x80
[ 97.765525][ T4292] ? clear_bhb_loop+0x30/0x80
[ 97.770223][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 97.776177][ T4292] RIP: 0033:0x7f84943cb1d7
[ 97.780626][ T4292] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 97.800255][ T4292] RSP: 002b:00007fffec04f4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 97.808733][ T4292] RAX: 0000000000000000 RBX: 00007f849445fc3b RCX: 00007f84943cb1d7
[ 97.816749][ T4292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffec04f570
[ 97.824744][ T4292] RBP: 00007fffec04f570 R08: 00007fffec050570 R09: 00000000ffffffff
[ 97.832736][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffec050600
[ 97.840748][ T4292] R13: 00007f849445fc3b R14: 00000000000179d5 R15: 00007fffec050640
[ 97.848757][ T4292]
[ 97.862771][ T4292] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 97.871655][ T4292] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 97.879358][ T4292] gfs2: fsid=syz:syz.0: File system withdrawn
[ 97.887532][ T4292] CPU: 1 PID: 4292 Comm: syz-executor Not tainted syzkaller #0
[ 97.895130][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 97.905210][ T4292] Call Trace:
[ 97.908519][ T4292]
[ 97.911467][ T4292] dump_stack_lvl+0x188/0x250
[ 97.916176][ T4292] ? kobject_uevent_env+0x371/0x890
[ 97.921396][ T4292] ? show_regs_print_info+0x20/0x20
[ 97.926615][ T4292] ? load_image+0x400/0x400
[ 97.931138][ T4292] ? kobject_uevent_env+0x371/0x890
[ 97.936352][ T4292] ? lockref_put_or_lock+0x6e/0xb0
[ 97.941491][ T4292] gfs2_withdraw+0x1149/0x1490
[ 97.946297][ T4292] ? gfs2_lm+0x240/0x240
[ 97.950563][ T4292] ? __schedule+0x11f7/0x43c0
[ 97.955273][ T4292] ? gfs2_consist_inode_i+0xc0/0xe0
[ 97.960521][ T4292] gfs2_inode_refresh+0xb64/0xff0
[ 97.965573][ T4292] ? do_promote+0x71a/0xab0
[ 97.970099][ T4292] ? gfs2_inode_metasync+0xf0/0xf0
[ 97.975229][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 97.980302][ T4292] inode_go_lock+0x127/0x470
[ 97.984921][ T4292] do_promote+0x741/0xab0
[ 97.989283][ T4292] finish_xmote+0x4df/0xb00
[ 97.993847][ T4292] do_xmote+0x7b6/0x1120
[ 97.998135][ T4292] gfs2_glock_nq+0xc7a/0x1550
[ 98.002849][ T4292] do_sync+0x4ab/0xc40
[ 98.006948][ T4292] ? slot_put+0x1e0/0x1e0
[ 98.011307][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 98.016365][ T4292] ? do_raw_spin_lock+0x128/0x2f0
[ 98.021419][ T4292] ? do_sync+0x4a3/0xc40
[ 98.025690][ T4292] ? do_raw_spin_unlock+0x11d/0x230
[ 98.030920][ T4292] gfs2_quota_sync+0x32c/0x700
[ 98.035741][ T4292] gfs2_sync_fs+0x48/0xb0
[ 98.040097][ T4292] sync_filesystem+0xe6/0x220
[ 98.044808][ T4292] generic_shutdown_super+0x6b/0x300
[ 98.050127][ T4292] kill_block_super+0x7c/0xe0
[ 98.054831][ T4292] deactivate_locked_super+0x93/0xf0
[ 98.060157][ T4292] cleanup_mnt+0x42d/0x4e0
[ 98.064612][ T4292] ? lockdep_hardirqs_on+0x94/0x140
[ 98.069843][ T4292] task_work_run+0x125/0x1a0
[ 98.074465][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 98.079873][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 98.085465][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 98.091150][ T4292] do_syscall_64+0x58/0xa0
[ 98.095629][ T4292] ? clear_bhb_loop+0x30/0x80
[ 98.100340][ T4292] ? clear_bhb_loop+0x30/0x80
[ 98.105056][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 98.110975][ T4292] RIP: 0033:0x7f84943cb1d7
[ 98.115429][ T4292] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 98.135087][ T4292] RSP: 002b:00007fffec04f4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 98.143536][ T4292] RAX: 0000000000000000 RBX: 00007f849445fc3b RCX: 00007f84943cb1d7
[ 98.151540][ T4292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffec04f570
[ 98.159592][ T4292] RBP: 00007fffec04f570 R08: 00007fffec050570 R09: 00000000ffffffff
[ 98.167597][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffec050600
[ 98.175583][ T4292] R13: 00007f849445fc3b R14: 00000000000179d5 R15: 00007fffec050640
[ 98.183586][ T4292]
[ 98.692965][ T4312] loop0: detected capacity change from 0 to 32768
[ 98.741125][ T4312] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 98.749339][ T4312] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 98.765085][ T4312] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 98.774430][ T4267] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 98.781599][ T4267] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 98.810694][ T4267] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 29ms
[ 98.820483][ T4267] gfs2: fsid=syz:syz.0: jid=0: Done
[ 98.825759][ T4312] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 98.929761][ T4312] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 98.944452][ T4292] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 98.944452][ T4292] inode = 11 2339
[ 98.944452][ T4292] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 98.964269][ T4292] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 98.979888][ T4292] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 98.997363][ T4292] CPU: 0 PID: 4292 Comm: syz-executor Not tainted syzkaller #0
[ 99.005061][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 99.015166][ T4292] Call Trace:
[ 99.018547][ T4292]
[ 99.021502][ T4292] dump_stack_lvl+0x188/0x250
[ 99.026222][ T4292] ? show_regs_print_info+0x20/0x20
[ 99.031449][ T4292] ? load_image+0x400/0x400
[ 99.035993][ T4292] ? do_raw_spin_unlock+0x11d/0x230
[ 99.041235][ T4292] gfs2_assert_warn_i+0x18f/0x2c0
[ 99.046296][ T4292] gfs2_quota_cleanup+0x4b4/0x6a0
[ 99.051353][ T4292] gfs2_make_fs_ro+0x440/0x620
[ 99.056116][ T4292] ? __might_sleep+0xf0/0xf0
[ 99.060703][ T4292] ? gfs2_dinode_out+0xb00/0xb00
[ 99.065633][ T4292] ? _raw_spin_unlock+0x24/0x40
[ 99.070481][ T4292] ? gfs2_glock_nq+0xcb0/0x1550
[ 99.075362][ T4292] gfs2_withdraw+0x610/0x1490
[ 99.080051][ T4292] ? gfs2_lm+0x240/0x240
[ 99.084296][ T4292] ? __schedule+0x11f7/0x43c0
[ 99.088981][ T4292] ? gfs2_freeze_lock+0x52/0xc0
[ 99.093839][ T4292] ? gfs2_consist_inode_i+0xc0/0xe0
[ 99.099040][ T4292] gfs2_inode_refresh+0xb64/0xff0
[ 99.104077][ T4292] ? do_promote+0x71a/0xab0
[ 99.108578][ T4292] ? gfs2_inode_metasync+0xf0/0xf0
[ 99.113928][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 99.119116][ T4292] inode_go_lock+0x127/0x470
[ 99.123728][ T4292] do_promote+0x741/0xab0
[ 99.128079][ T4292] finish_xmote+0x4df/0xb00
[ 99.132606][ T4292] do_xmote+0x7b6/0x1120
[ 99.136869][ T4292] gfs2_glock_nq+0xc7a/0x1550
[ 99.141586][ T4292] do_sync+0x4ab/0xc40
[ 99.145662][ T4292] ? slot_put+0x1e0/0x1e0
[ 99.150077][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 99.155105][ T4292] ? do_raw_spin_lock+0x128/0x2f0
[ 99.160141][ T4292] ? do_sync+0x4a3/0xc40
[ 99.164420][ T4292] ? do_raw_spin_unlock+0x11d/0x230
[ 99.169627][ T4292] gfs2_quota_sync+0x32c/0x700
[ 99.174412][ T4292] gfs2_sync_fs+0x48/0xb0
[ 99.178746][ T4292] sync_filesystem+0xe6/0x220
[ 99.183427][ T4292] generic_shutdown_super+0x6b/0x300
[ 99.188719][ T4292] kill_block_super+0x7c/0xe0
[ 99.193399][ T4292] deactivate_locked_super+0x93/0xf0
[ 99.198684][ T4292] cleanup_mnt+0x42d/0x4e0
[ 99.203103][ T4292] ? lockdep_hardirqs_on+0x94/0x140
[ 99.208304][ T4292] task_work_run+0x125/0x1a0
[ 99.212907][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 99.218294][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 99.223860][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 99.229317][ T4292] do_syscall_64+0x58/0xa0
[ 99.233730][ T4292] ? clear_bhb_loop+0x30/0x80
[ 99.238411][ T4292] ? clear_bhb_loop+0x30/0x80
[ 99.243108][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 99.249010][ T4292] RIP: 0033:0x7f84943cb1d7
[ 99.253457][ T4292] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 99.273088][ T4292] RSP: 002b:00007fffec04f4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 99.281516][ T4292] RAX: 0000000000000000 RBX: 00007f849445fc3b RCX: 00007f84943cb1d7
[ 99.289527][ T4292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffec04f570
[ 99.297515][ T4292] RBP: 00007fffec04f570 R08: 00007fffec050570 R09: 00000000ffffffff
[ 99.305488][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffec050600
[ 99.313459][ T4292] R13: 00007f849445fc3b R14: 0000000000018046 R15: 00007fffec050640
[ 99.321444][ T4292]
[ 99.325272][ T1111] Bluetooth: hci0: command 0x0419 tx timeout
[ 99.334460][ T4292] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 99.344189][ T4292] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 99.350985][ T4292] gfs2: fsid=syz:syz.0: File system withdrawn
[ 99.357091][ T4292] CPU: 0 PID: 4292 Comm: syz-executor Not tainted syzkaller #0
[ 99.364662][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 99.374734][ T4292] Call Trace:
[ 99.378014][ T4292]
[ 99.380962][ T4292] dump_stack_lvl+0x188/0x250
[ 99.385666][ T4292] ? kobject_uevent_env+0x371/0x890
[ 99.390869][ T4292] ? show_regs_print_info+0x20/0x20
[ 99.396068][ T4292] ? load_image+0x400/0x400
[ 99.400573][ T4292] ? kobject_uevent_env+0x371/0x890
[ 99.405788][ T4292] ? lockref_put_or_lock+0x6e/0xb0
[ 99.410920][ T4292] gfs2_withdraw+0x1149/0x1490
[ 99.415690][ T4292] ? gfs2_lm+0x240/0x240
[ 99.419934][ T4292] ? __schedule+0x11f7/0x43c0
[ 99.424620][ T4292] ? gfs2_consist_inode_i+0xc0/0xe0
[ 99.429822][ T4292] gfs2_inode_refresh+0xb64/0xff0
[ 99.434857][ T4292] ? do_promote+0x71a/0xab0
[ 99.439362][ T4292] ? gfs2_inode_metasync+0xf0/0xf0
[ 99.444482][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 99.449521][ T4292] inode_go_lock+0x127/0x470
[ 99.454138][ T4292] do_promote+0x741/0xab0
[ 99.458484][ T4292] finish_xmote+0x4df/0xb00
[ 99.463018][ T4292] do_xmote+0x7b6/0x1120
[ 99.467286][ T4292] gfs2_glock_nq+0xc7a/0x1550
[ 99.471975][ T4292] do_sync+0x4ab/0xc40
[ 99.476055][ T4292] ? slot_put+0x1e0/0x1e0
[ 99.480406][ T4292] ? __lock_acquire+0x7d10/0x7d10
[ 99.485480][ T4292] ? do_raw_spin_lock+0x128/0x2f0
[ 99.490526][ T4292] ? do_sync+0x4a3/0xc40
[ 99.494779][ T4292] ? do_raw_spin_unlock+0x11d/0x230
[ 99.499974][ T4292] gfs2_quota_sync+0x32c/0x700
[ 99.504759][ T4292] gfs2_sync_fs+0x48/0xb0
[ 99.509084][ T4292] sync_filesystem+0xe6/0x220
[ 99.513762][ T4292] generic_shutdown_super+0x6b/0x300
[ 99.519060][ T4292] kill_block_super+0x7c/0xe0
[ 99.523751][ T4292] deactivate_locked_super+0x93/0xf0
[ 99.529046][ T4292] cleanup_mnt+0x42d/0x4e0
[ 99.533481][ T4292] ? lockdep_hardirqs_on+0x94/0x140
[ 99.538688][ T4292] task_work_run+0x125/0x1a0
[ 99.543293][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 99.548685][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 99.554248][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 99.559721][ T4292] do_syscall_64+0x58/0xa0
[ 99.564136][ T4292] ? clear_bhb_loop+0x30/0x80
[ 99.568814][ T4292] ? clear_bhb_loop+0x30/0x80
[ 99.573494][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 99.579386][ T4292] RIP: 0033:0x7f84943cb1d7
[ 99.583808][ T4292] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 99.603448][ T4292] RSP: 002b:00007fffec04f4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 99.611859][ T4292] RAX: 0000000000000000 RBX: 00007f849445fc3b RCX: 00007f84943cb1d7
[ 99.619830][ T4292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffec04f570
[ 99.627801][ T4292] RBP: 00007fffec04f570 R08: 00007fffec050570 R09: 00000000ffffffff
[ 99.635779][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffec050600
[ 99.643746][ T4292] R13: 00007f849445fc3b R14: 0000000000018046 R15: 00007fffec050640
[ 99.651729][ T4292]
[ 99.656063][ T4292] ==================================================================
[ 99.664389][ T4292] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[ 99.671093][ T4292] Read of size 8 at addr ffff8880683f81e0 by task syz-executor/4292
[ 99.679083][ T4292]
[ 99.681406][ T4292] CPU: 0 PID: 4292 Comm: syz-executor Not tainted syzkaller #0
[ 99.688949][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 99.699004][ T4292] Call Trace:
[ 99.702282][ T4292]
[ 99.705212][ T4292] dump_stack_lvl+0x188/0x250
[ 99.709892][ T4292] ? show_regs_print_info+0x20/0x20
[ 99.715092][ T4292] ? _printk+0xda/0x130
[ 99.719276][ T4292] ? qd_unlock+0x30/0x2d0
[ 99.723607][ T4292] ? load_image+0x400/0x400
[ 99.728129][ T4292] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 99.733609][ T4292] print_address_description+0x60/0x2d0
[ 99.739184][ T4292] ? qd_unlock+0x30/0x2d0
[ 99.743531][ T4292] kasan_report+0xdf/0x130
[ 99.747956][ T4292] ? qd_unlock+0x30/0x2d0
[ 99.752301][ T4292] kasan_check_range+0x235/0x290
[ 99.757276][ T4292] qd_unlock+0x30/0x2d0
[ 99.761430][ T4292] gfs2_quota_sync+0x5cf/0x700
[ 99.766206][ T4292] gfs2_sync_fs+0x48/0xb0
[ 99.770545][ T4292] sync_filesystem+0xe6/0x220
[ 99.775241][ T4292] generic_shutdown_super+0x6b/0x300
[ 99.780528][ T4292] kill_block_super+0x7c/0xe0
[ 99.785204][ T4292] deactivate_locked_super+0x93/0xf0
[ 99.790541][ T4292] cleanup_mnt+0x42d/0x4e0
[ 99.794991][ T4292] ? lockdep_hardirqs_on+0x94/0x140
[ 99.800192][ T4292] task_work_run+0x125/0x1a0
[ 99.804799][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 99.810192][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 99.815764][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 99.821233][ T4292] do_syscall_64+0x58/0xa0
[ 99.825642][ T4292] ? clear_bhb_loop+0x30/0x80
[ 99.830346][ T4292] ? clear_bhb_loop+0x30/0x80
[ 99.835045][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 99.840955][ T4292] RIP: 0033:0x7f84943cb1d7
[ 99.845391][ T4292] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 99.865026][ T4292] RSP: 002b:00007fffec04f4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 99.873445][ T4292] RAX: 0000000000000000 RBX: 00007f849445fc3b RCX: 00007f84943cb1d7
[ 99.881421][ T4292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffec04f570
[ 99.889389][ T4292] RBP: 00007fffec04f570 R08: 00007fffec050570 R09: 00000000ffffffff
[ 99.897356][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffec050600
[ 99.905326][ T4292] R13: 00007f849445fc3b R14: 0000000000018046 R15: 00007fffec050640
[ 99.913313][ T4292]
[ 99.916343][ T4292]
[ 99.918659][ T4292] Allocated by task 4312:
[ 99.922979][ T4292] __kasan_slab_alloc+0x9c/0xd0
[ 99.927838][ T4292] slab_post_alloc_hook+0x4c/0x380
[ 99.932955][ T4292] kmem_cache_alloc+0x100/0x290
[ 99.937822][ T4292] qd_alloc+0x50/0x260
[ 99.941891][ T4292] gfs2_quota_init+0x74e/0xea0
[ 99.946654][ T4292] gfs2_make_fs_rw+0x414/0x580
[ 99.951426][ T4292] gfs2_fill_super+0x1837/0x1f00
[ 99.956442][ T4292] get_tree_bdev+0x3f1/0x610
[ 99.961216][ T4292] gfs2_get_tree+0x4d/0x1e0
[ 99.965745][ T4292] vfs_get_tree+0x88/0x270
[ 99.970184][ T4292] do_new_mount+0x24a/0xa40
[ 99.974704][ T4292] __se_sys_mount+0x2e3/0x3d0
[ 99.979408][ T4292] do_syscall_64+0x4c/0xa0
[ 99.983825][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 99.989716][ T4292]
[ 99.992040][ T4292] Freed by task 4292:
[ 99.996046][ T4292] kasan_set_track+0x4b/0x70
[ 100.000632][ T4292] kasan_set_free_info+0x1f/0x40
[ 100.005566][ T4292] ____kasan_slab_free+0xd5/0x110
[ 100.010594][ T4292] slab_free_freelist_hook+0xea/0x170
[ 100.015980][ T4292] kmem_cache_free+0x8f/0x210
[ 100.020658][ T4292] rcu_core+0x9d2/0x1670
[ 100.024917][ T4292] handle_softirqs+0x339/0x830
[ 100.029673][ T4292] __irq_exit_rcu+0x13b/0x230
[ 100.034347][ T4292] irq_exit_rcu+0x5/0x20
[ 100.038588][ T4292] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 100.044232][ T4292] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 100.050214][ T4292]
[ 100.052548][ T4292] Last potentially related work creation:
[ 100.058295][ T4292] kasan_save_stack+0x35/0x60
[ 100.062980][ T4292] kasan_record_aux_stack+0xb8/0x100
[ 100.068268][ T4292] call_rcu+0x189/0x950
[ 100.072423][ T4292] gfs2_quota_cleanup+0x43c/0x6a0
[ 100.077464][ T4292] gfs2_make_fs_ro+0x440/0x620
[ 100.082229][ T4292] gfs2_withdraw+0x610/0x1490
[ 100.086921][ T4292] gfs2_inode_refresh+0xb64/0xff0
[ 100.091949][ T4292] inode_go_lock+0x127/0x470
[ 100.096550][ T4292] do_promote+0x741/0xab0
[ 100.100875][ T4292] finish_xmote+0x4df/0xb00
[ 100.105384][ T4292] do_xmote+0x7b6/0x1120
[ 100.109636][ T4292] gfs2_glock_nq+0xc7a/0x1550
[ 100.114314][ T4292] do_sync+0x4ab/0xc40
[ 100.118405][ T4292] gfs2_quota_sync+0x32c/0x700
[ 100.123173][ T4292] gfs2_sync_fs+0x48/0xb0
[ 100.127513][ T4292] sync_filesystem+0xe6/0x220
[ 100.132194][ T4292] generic_shutdown_super+0x6b/0x300
[ 100.137493][ T4292] kill_block_super+0x7c/0xe0
[ 100.142180][ T4292] deactivate_locked_super+0x93/0xf0
[ 100.147463][ T4292] cleanup_mnt+0x42d/0x4e0
[ 100.151887][ T4292] task_work_run+0x125/0x1a0
[ 100.156502][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 100.161870][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 100.167430][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 100.172891][ T4292] do_syscall_64+0x58/0xa0
[ 100.177329][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.183218][ T4292]
[ 100.185533][ T4292] The buggy address belongs to the object at ffff8880683f8150
[ 100.185533][ T4292] which belongs to the cache gfs2_quotad of size 272
[ 100.199578][ T4292] The buggy address is located 144 bytes inside of
[ 100.199578][ T4292] 272-byte region [ffff8880683f8150, ffff8880683f8260)
[ 100.212862][ T4292] The buggy address belongs to the page:
[ 100.218536][ T4292] page:ffffea0001a0fe00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x683f8
[ 100.228683][ T4292] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 100.236252][ T4292] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801e42cc80
[ 100.244834][ T4292] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 100.253419][ T4292] page dumped because: kasan: bad access detected
[ 100.259855][ T4292] page_owner tracks the page as allocated
[ 100.265606][ T4292] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4309, ts 97405111314, free_ts 21015133958
[ 100.284645][ T4292] get_page_from_freelist+0x1bbd/0x1ca0
[ 100.290214][ T4292] __alloc_pages+0x1ee/0x480
[ 100.294823][ T4292] new_slab+0xc0/0x4b0
[ 100.298890][ T4292] ___slab_alloc+0x80a/0xdd0
[ 100.303488][ T4292] kmem_cache_alloc+0x195/0x290
[ 100.308329][ T4292] qd_alloc+0x50/0x260
[ 100.312401][ T4292] gfs2_quota_init+0x74e/0xea0
[ 100.317180][ T4292] gfs2_make_fs_rw+0x414/0x580
[ 100.321955][ T4292] gfs2_fill_super+0x1837/0x1f00
[ 100.326896][ T4292] get_tree_bdev+0x3f1/0x610
[ 100.331499][ T4292] gfs2_get_tree+0x4d/0x1e0
[ 100.336016][ T4292] vfs_get_tree+0x88/0x270
[ 100.340434][ T4292] do_new_mount+0x24a/0xa40
[ 100.344949][ T4292] __se_sys_mount+0x2e3/0x3d0
[ 100.349626][ T4292] do_syscall_64+0x4c/0xa0
[ 100.354055][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.359956][ T4292] page last free stack trace:
[ 100.364618][ T4292] free_unref_page_prepare+0x637/0x6c0
[ 100.370079][ T4292] free_unref_page+0x8f/0x2a0
[ 100.374754][ T4292] free_contig_range+0x96/0xf0
[ 100.379523][ T4292] destroy_args+0xf0/0xa00
[ 100.383939][ T4292] debug_vm_pgtable+0x321/0x380
[ 100.388809][ T4292] do_one_initcall+0x272/0x730
[ 100.393575][ T4292] do_initcall_level+0x137/0x1f0
[ 100.398548][ T4292] do_initcalls+0x4b/0x90
[ 100.402872][ T4292] kernel_init_freeable+0x3e9/0x570
[ 100.408065][ T4292] kernel_init+0x19/0x1b0
[ 100.412401][ T4292] ret_from_fork+0x1f/0x30
[ 100.416837][ T4292]
[ 100.419154][ T4292] Memory state around the buggy address:
[ 100.424777][ T4292] ffff8880683f8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 100.432843][ T4292] ffff8880683f8100: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb
[ 100.440912][ T4292] >ffff8880683f8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 100.448963][ T4292] ^
[ 100.456148][ T4292] ffff8880683f8200: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 100.464210][ T4292] ffff8880683f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 100.472293][ T4292] ==================================================================
[ 100.480361][ T4292] Disabling lock debugging due to kernel taint
[ 100.490755][ T4292] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 100.497997][ T4292] CPU: 0 PID: 4292 Comm: syz-executor Tainted: G B syzkaller #0
[ 100.506955][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 100.517039][ T4292] Call Trace:
[ 100.520337][ T4292]
[ 100.523295][ T4292] dump_stack_lvl+0x188/0x250
[ 100.528015][ T4292] ? show_regs_print_info+0x20/0x20
[ 100.533230][ T4292] ? load_image+0x400/0x400
[ 100.537749][ T4292] panic+0x2e5/0x810
[ 100.541644][ T4292] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 100.547794][ T4292] ? bpf_jit_dump+0xd0/0xd0
[ 100.552296][ T4292] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 100.558281][ T4292] ? _raw_spin_unlock+0x40/0x40
[ 100.563127][ T4292] ? qd_unlock+0x30/0x2d0
[ 100.567466][ T4292] check_panic_on_warn+0x80/0xa0
[ 100.572417][ T4292] ? qd_unlock+0x30/0x2d0
[ 100.576744][ T4292] end_report+0x6d/0xf0
[ 100.580905][ T4292] kasan_report+0x102/0x130
[ 100.585445][ T4292] ? qd_unlock+0x30/0x2d0
[ 100.589782][ T4292] kasan_check_range+0x235/0x290
[ 100.594715][ T4292] qd_unlock+0x30/0x2d0
[ 100.598872][ T4292] gfs2_quota_sync+0x5cf/0x700
[ 100.603636][ T4292] gfs2_sync_fs+0x48/0xb0
[ 100.607982][ T4292] sync_filesystem+0xe6/0x220
[ 100.612660][ T4292] generic_shutdown_super+0x6b/0x300
[ 100.617944][ T4292] kill_block_super+0x7c/0xe0
[ 100.622617][ T4292] deactivate_locked_super+0x93/0xf0
[ 100.627905][ T4292] cleanup_mnt+0x42d/0x4e0
[ 100.632313][ T4292] ? lockdep_hardirqs_on+0x94/0x140
[ 100.637541][ T4292] task_work_run+0x125/0x1a0
[ 100.642140][ T4292] exit_to_user_mode_loop+0x10f/0x130
[ 100.647507][ T4292] exit_to_user_mode_prepare+0xee/0x180
[ 100.653052][ T4292] syscall_exit_to_user_mode+0x16/0x40
[ 100.658510][ T4292] do_syscall_64+0x58/0xa0
[ 100.662924][ T4292] ? clear_bhb_loop+0x30/0x80
[ 100.667594][ T4292] ? clear_bhb_loop+0x30/0x80
[ 100.672272][ T4292] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 100.678160][ T4292] RIP: 0033:0x7f84943cb1d7
[ 100.682578][ T4292] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 100.702291][ T4292] RSP: 002b:00007fffec04f4b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 100.710716][ T4292] RAX: 0000000000000000 RBX: 00007f849445fc3b RCX: 00007f84943cb1d7
[ 100.718687][ T4292] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffec04f570
[ 100.726658][ T4292] RBP: 00007fffec04f570 R08: 00007fffec050570 R09: 00000000ffffffff
[ 100.734628][ T4292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffec050600
[ 100.742605][ T4292] R13: 00007f849445fc3b R14: 0000000000018046 R15: 00007fffec050640
[ 100.750580][ T4292]
[ 100.753920][ T4292] Kernel Offset: disabled
[ 100.758254][ T4292] Rebooting in 86400 seconds..