Warning: Permanently added '10.128.1.229' (ED25519) to the list of known hosts. 2025/09/15 00:52:59 ignoring optional flag "type"="gce" 2025/09/15 00:52:59 parsed 1 programs 2025/09/15 00:53:01 executed programs: 0 [ 112.178762][ T6007] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 112.238082][ T5154] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 112.244969][ T5154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 112.245940][ T5154] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 112.247172][ T5154] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 112.247971][ T5154] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 112.469251][ T6030] chnl_net:caif_netlink_parms(): no params data found [ 112.746032][ T6030] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.746166][ T6030] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.746930][ T6030] bridge_slave_0: entered allmulticast mode [ 112.753075][ T6030] bridge_slave_0: entered promiscuous mode [ 112.761374][ T6030] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.761584][ T6030] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.761774][ T6030] bridge_slave_1: entered allmulticast mode [ 112.764451][ T6030] bridge_slave_1: entered promiscuous mode [ 112.902714][ T6030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 112.905684][ T6030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 113.041736][ T6030] team0: Port device team_slave_0 added [ 113.044320][ T6030] team0: Port device team_slave_1 added [ 113.190939][ T6030] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 113.190959][ T6030] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.190980][ T6030] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 113.192524][ T6030] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 113.192536][ T6030] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.192555][ T6030] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 113.415158][ T6030] hsr_slave_0: entered promiscuous mode [ 113.415988][ T6030] hsr_slave_1: entered promiscuous mode [ 114.328438][ T5154] Bluetooth: hci0: command tx timeout [ 115.417554][ T6030] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 115.462787][ T6030] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 115.496680][ T6030] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 115.542708][ T6030] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 115.731731][ T6030] 8021q: adding VLAN 0 to HW filter on device bond0 [ 115.772087][ T6030] 8021q: adding VLAN 0 to HW filter on device team0 [ 115.791578][ T3618] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.792617][ T3618] bridge0: port 1(bridge_slave_0) entered forwarding state [ 115.807262][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.809183][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.173629][ T6030] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 116.277229][ T6030] veth0_vlan: entered promiscuous mode [ 116.295544][ T6030] veth1_vlan: entered promiscuous mode [ 116.334764][ T6030] veth0_macvtap: entered promiscuous mode [ 116.348032][ T6030] veth1_macvtap: entered promiscuous mode [ 116.387691][ T6030] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.398485][ T5154] Bluetooth: hci0: command tx timeout [ 116.408083][ T6030] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.427833][ T1100] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.428125][ T1100] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.428159][ T1100] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.432666][ T1100] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.511959][ T6117] loop0: detected capacity change from 0 to 32768 [ 117.611328][ T6117] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 117.611352][ T6117] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 117.712353][ T6117] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 117.726778][ T10] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 117.726795][ T10] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 117.942436][ T10] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 215ms [ 117.966059][ T10] gfs2: fsid=syz:syz.0: jid=0: Done [ 117.976298][ T6117] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 118.057348][ T6117] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 118.057367][ T6117] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6117, name: syz-executor.0 [ 118.057382][ T6117] preempt_count: 1, expected: 0 [ 118.057390][ T6117] RCU nest depth: 1, expected: 1 [ 118.057410][ T6117] 4 locks held by syz-executor.0/6117: [ 118.057420][ T6117] #0: ffff88803376e0d0 (&type->s_umount_key#50/1){+.+.}-{4:4}, at: alloc_super+0x204/0x990 [ 118.057496][ T6117] #1: ffffffff8df7ef98 (qd_lock){+.+.}-{3:3}, at: gfs2_quota_init+0x845/0x1240 [ 118.057543][ T6117] #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 118.057591][ T6117] #3: ffff88803d3da088 (&lockref->lock#3){+.+.}-{3:3}, at: lockref_get_not_dead+0x28/0xd0 [ 118.057640][ T6117] Preemption disabled at: [ 118.057644][ T6117] [] spin_lock_bucket+0x3b/0x150 [ 118.057688][ T6117] CPU: 0 UID: 0 PID: 6117 Comm: syz-executor.0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 118.057707][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 118.057727][ T6117] Call Trace: [ 118.057734][ T6117] [ 118.057742][ T6117] dump_stack_lvl+0x189/0x250 [ 118.057770][ T6117] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.057792][ T6117] ? __pfx__printk+0x10/0x10 [ 118.057813][ T6117] ? print_lock_name+0xde/0x100 [ 118.057830][ T6117] ? spin_lock_bucket+0x3b/0x150 [ 118.057851][ T6117] __might_resched+0x44b/0x5d0 [ 118.057874][ T6117] ? spin_lock_bucket+0x3b/0x150 [ 118.057890][ T6117] ? __pfx___might_resched+0x10/0x10 [ 118.057908][ T6117] ? lockref_get_not_dead+0x28/0xd0 [ 118.057940][ T6117] rt_spin_lock+0xc7/0x2c0 [ 118.057962][ T6117] ? __pfx_rt_spin_lock+0x10/0x10 [ 118.057981][ T6117] ? migrate_disable+0xd5/0x190 [ 118.058002][ T6117] ? rt_spin_lock+0x223/0x2c0 [ 118.058024][ T6117] lockref_get_not_dead+0x28/0xd0 [ 118.058045][ T6117] gfs2_qd_search_bucket+0x139/0x210 [ 118.058088][ T6117] gfs2_quota_init+0x85d/0x1240 [ 118.058127][ T6117] ? __pfx_gfs2_quota_init+0x10/0x10 [ 118.058143][ T6117] ? __pfx_wake_up_bit+0x10/0x10 [ 118.058169][ T6117] ? inode_go_inval+0x259/0x2c0 [ 118.058189][ T6117] gfs2_make_fs_rw+0x181/0x2b0 [ 118.058211][ T6117] gfs2_fill_super+0x1af1/0x2120 [ 118.058244][ T6117] ? __pfx_gfs2_fill_super+0x10/0x10 [ 118.058267][ T6117] ? init_locking+0xb8/0x210 [ 118.058284][ T6117] ? sb_set_blocksize+0x104/0x180 [ 118.058305][ T6117] ? setup_bdev_super+0x4c1/0x5b0 [ 118.058337][ T6117] get_tree_bdev_flags+0x40e/0x4d0 [ 118.058356][ T6117] ? __pfx_gfs2_fill_super+0x10/0x10 [ 118.058374][ T6117] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 118.058397][ T6117] ? rcu_is_watching+0x15/0xb0 [ 118.058420][ T6117] ? cap_capable+0x11f/0x460 [ 118.058442][ T6117] gfs2_get_tree+0x51/0x1e0 [ 118.058466][ T6117] vfs_get_tree+0x8f/0x2b0 [ 118.058490][ T6117] do_new_mount+0x2a2/0x9e0 [ 118.058516][ T6117] ? ns_capable+0x8a/0xf0 [ 118.058536][ T6117] ? __pfx_do_new_mount+0x10/0x10 [ 118.058556][ T6117] ? path_mount+0x61c/0xfe0 [ 118.058589][ T6117] __se_sys_mount+0x317/0x410 [ 118.058618][ T6117] ? __pfx___se_sys_mount+0x10/0x10 [ 118.058646][ T6117] ? do_syscall_64+0xbe/0x3b0 [ 118.058660][ T6117] ? __x64_sys_mount+0x20/0xc0 [ 118.058685][ T6117] do_syscall_64+0xfa/0x3b0 [ 118.058699][ T6117] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.058721][ T6117] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.058738][ T6117] ? clear_bhb_loop+0x60/0xb0 [ 118.058759][ T6117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.058775][ T6117] RIP: 0033:0x7f8f2a0df4aa [ 118.058798][ T6117] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 118.058812][ T6117] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 118.058830][ T6117] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 118.058843][ T6117] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 118.058854][ T6117] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 118.058866][ T6117] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 118.058877][ T6117] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 118.058907][ T6117] [ 118.059114][ T6117] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 26671 [ 118.418562][ T6117] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 118.418597][ T6117] CPU: 0 UID: 0 PID: 6117 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 118.418621][ T6117] Tainted: [W]=WARN [ 118.418627][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 118.418637][ T6117] Call Trace: [ 118.418644][ T6117] [ 118.418656][ T6117] dump_stack_lvl+0x189/0x250 [ 118.418684][ T6117] ? reacquire_held_locks+0x127/0x1d0 [ 118.418709][ T6117] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.418732][ T6117] ? __pfx__printk+0x10/0x10 [ 118.418754][ T6117] ? rt_spin_unlock+0x65/0x80 [ 118.418781][ T6117] gfs2_assert_warn_i+0x194/0x2c0 [ 118.418810][ T6117] gfs2_qd_dispose+0x4aa/0x5b0 [ 118.418834][ T6117] gfs2_quota_init+0xcce/0x1240 [ 118.418875][ T6117] ? __pfx_gfs2_quota_init+0x10/0x10 [ 118.418893][ T6117] ? __pfx_wake_up_bit+0x10/0x10 [ 118.418920][ T6117] ? inode_go_inval+0x259/0x2c0 [ 118.418942][ T6117] gfs2_make_fs_rw+0x181/0x2b0 [ 118.418966][ T6117] gfs2_fill_super+0x1af1/0x2120 [ 118.419003][ T6117] ? __pfx_gfs2_fill_super+0x10/0x10 [ 118.419027][ T6117] ? init_locking+0xb8/0x210 [ 118.419046][ T6117] ? sb_set_blocksize+0x104/0x180 [ 118.419067][ T6117] ? setup_bdev_super+0x4c1/0x5b0 [ 118.419092][ T6117] get_tree_bdev_flags+0x40e/0x4d0 [ 118.419113][ T6117] ? __pfx_gfs2_fill_super+0x10/0x10 [ 118.419133][ T6117] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 118.419164][ T6117] ? rcu_is_watching+0x15/0xb0 [ 118.419188][ T6117] ? cap_capable+0x11f/0x460 [ 118.419210][ T6117] gfs2_get_tree+0x51/0x1e0 [ 118.419234][ T6117] vfs_get_tree+0x8f/0x2b0 [ 118.419257][ T6117] do_new_mount+0x2a2/0x9e0 [ 118.419284][ T6117] ? ns_capable+0x8a/0xf0 [ 118.419303][ T6117] ? __pfx_do_new_mount+0x10/0x10 [ 118.419323][ T6117] ? path_mount+0x61c/0xfe0 [ 118.419355][ T6117] __se_sys_mount+0x317/0x410 [ 118.419383][ T6117] ? __pfx___se_sys_mount+0x10/0x10 [ 118.419409][ T6117] ? do_syscall_64+0xbe/0x3b0 [ 118.419424][ T6117] ? __x64_sys_mount+0x20/0xc0 [ 118.419447][ T6117] do_syscall_64+0xfa/0x3b0 [ 118.419460][ T6117] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.419481][ T6117] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.419497][ T6117] ? clear_bhb_loop+0x60/0xb0 [ 118.419516][ T6117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.419531][ T6117] RIP: 0033:0x7f8f2a0df4aa [ 118.419547][ T6117] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 118.419559][ T6117] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 118.419577][ T6117] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 118.419589][ T6117] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 118.419600][ T6117] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 118.419611][ T6117] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 118.419622][ T6117] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 118.419651][ T6117] [ 118.478498][ T5154] Bluetooth: hci0: command tx timeout 2025/09/15 00:53:08 executed programs: 1 [ 119.026805][ T6117] gfs2: fsid=syz:syz.0: found 1 quota changes [ 120.139957][ T6172] loop0: detected capacity change from 0 to 32768 [ 120.173409][ T6172] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 120.173428][ T6172] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 120.229361][ T6172] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 120.237912][ T990] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 120.237931][ T990] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 120.525776][ T990] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 287ms [ 120.530948][ T990] gfs2: fsid=syz:syz.0: jid=0: Done [ 120.531048][ T6172] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 120.560764][ T5154] Bluetooth: hci0: command tx timeout [ 120.623013][ T6172] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 120.623034][ T6172] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6172, name: syz-executor.0 [ 120.623049][ T6172] preempt_count: 1, expected: 0 [ 120.623058][ T6172] RCU nest depth: 1, expected: 1 [ 120.623067][ T6172] 4 locks held by syz-executor.0/6172: [ 120.623077][ T6172] #0: ffff8880345820d0 (&type->s_umount_key#50/1){+.+.}-{4:4}, at: alloc_super+0x204/0x990 [ 120.623152][ T6172] #1: ffffffff8df7ef98 (qd_lock){+.+.}-{3:3}, at: gfs2_quota_init+0x845/0x1240 [ 120.623195][ T6172] #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 120.623238][ T6172] #3: ffff888040a50088 (&lockref->lock#3){+.+.}-{3:3}, at: lockref_get_not_dead+0x28/0xd0 [ 120.623286][ T6172] Preemption disabled at: [ 120.623290][ T6172] [] spin_lock_bucket+0x3b/0x150 [ 120.623322][ T6172] CPU: 1 UID: 0 PID: 6172 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 120.623345][ T6172] Tainted: [W]=WARN [ 120.623351][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 120.623364][ T6172] Call Trace: [ 120.623371][ T6172] [ 120.623379][ T6172] dump_stack_lvl+0x189/0x250 [ 120.623406][ T6172] ? __pfx_dump_stack_lvl+0x10/0x10 [ 120.623429][ T6172] ? __pfx__printk+0x10/0x10 [ 120.623451][ T6172] ? print_lock_name+0xde/0x100 [ 120.623468][ T6172] ? spin_lock_bucket+0x3b/0x150 [ 120.623488][ T6172] __might_resched+0x44b/0x5d0 [ 120.623512][ T6172] ? spin_lock_bucket+0x3b/0x150 [ 120.623529][ T6172] ? __pfx___might_resched+0x10/0x10 [ 120.623547][ T6172] ? lockref_get_not_dead+0x28/0xd0 [ 120.623581][ T6172] rt_spin_lock+0xc7/0x2c0 [ 120.623604][ T6172] ? __pfx_rt_spin_lock+0x10/0x10 [ 120.623623][ T6172] ? migrate_disable+0xd5/0x190 [ 120.623644][ T6172] ? rt_spin_lock+0x223/0x2c0 [ 120.623665][ T6172] lockref_get_not_dead+0x28/0xd0 [ 120.623687][ T6172] gfs2_qd_search_bucket+0x139/0x210 [ 120.623711][ T6172] gfs2_quota_init+0x85d/0x1240 [ 120.623753][ T6172] ? __pfx_gfs2_quota_init+0x10/0x10 [ 120.623771][ T6172] ? __pfx_wake_up_bit+0x10/0x10 [ 120.623798][ T6172] ? inode_go_inval+0x259/0x2c0 [ 120.623820][ T6172] gfs2_make_fs_rw+0x181/0x2b0 [ 120.623844][ T6172] gfs2_fill_super+0x1af1/0x2120 [ 120.623889][ T6172] ? __pfx_gfs2_fill_super+0x10/0x10 [ 120.623914][ T6172] ? init_locking+0xb8/0x210 [ 120.623932][ T6172] ? sb_set_blocksize+0x104/0x180 [ 120.623953][ T6172] ? setup_bdev_super+0x4c1/0x5b0 [ 120.623976][ T6172] get_tree_bdev_flags+0x40e/0x4d0 [ 120.623997][ T6172] ? __pfx_gfs2_fill_super+0x10/0x10 [ 120.624017][ T6172] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 120.624040][ T6172] ? rcu_is_watching+0x15/0xb0 [ 120.624063][ T6172] ? cap_capable+0x11f/0x460 [ 120.624084][ T6172] gfs2_get_tree+0x51/0x1e0 [ 120.624107][ T6172] vfs_get_tree+0x8f/0x2b0 [ 120.624128][ T6172] do_new_mount+0x2a2/0x9e0 [ 120.624153][ T6172] ? ns_capable+0x8a/0xf0 [ 120.624172][ T6172] ? __pfx_do_new_mount+0x10/0x10 [ 120.624192][ T6172] ? path_mount+0x61c/0xfe0 [ 120.624225][ T6172] __se_sys_mount+0x317/0x410 [ 120.624253][ T6172] ? __pfx___se_sys_mount+0x10/0x10 [ 120.624281][ T6172] ? do_syscall_64+0xbe/0x3b0 [ 120.624296][ T6172] ? __x64_sys_mount+0x20/0xc0 [ 120.624320][ T6172] do_syscall_64+0xfa/0x3b0 [ 120.624334][ T6172] ? lockdep_hardirqs_on+0x9c/0x150 [ 120.624356][ T6172] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.624372][ T6172] ? clear_bhb_loop+0x60/0xb0 [ 120.624393][ T6172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.624409][ T6172] RIP: 0033:0x7f8f2a0df4aa [ 120.624432][ T6172] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 120.624445][ T6172] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 120.624462][ T6172] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 120.624474][ T6172] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 120.624485][ T6172] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 120.624496][ T6172] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 120.624507][ T6172] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 120.624532][ T6172] [ 120.624548][ T6172] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 26671 [ 120.624573][ T6172] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 120.624595][ T6172] CPU: 1 UID: 0 PID: 6172 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 120.624617][ T6172] Tainted: [W]=WARN [ 120.624623][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 120.624632][ T6172] Call Trace: [ 120.624639][ T6172] [ 120.624646][ T6172] dump_stack_lvl+0x189/0x250 [ 120.624668][ T6172] ? reacquire_held_locks+0x127/0x1d0 [ 120.624692][ T6172] ? __pfx_dump_stack_lvl+0x10/0x10 [ 120.624714][ T6172] ? __pfx__printk+0x10/0x10 [ 120.624737][ T6172] ? rt_spin_unlock+0x65/0x80 [ 120.624759][ T6172] gfs2_assert_warn_i+0x194/0x2c0 [ 120.624786][ T6172] gfs2_qd_dispose+0x4aa/0x5b0 [ 120.624809][ T6172] gfs2_quota_init+0xcce/0x1240 [ 120.624848][ T6172] ? __pfx_gfs2_quota_init+0x10/0x10 [ 120.624866][ T6172] ? __pfx_wake_up_bit+0x10/0x10 [ 120.624901][ T6172] ? inode_go_inval+0x259/0x2c0 [ 120.624923][ T6172] gfs2_make_fs_rw+0x181/0x2b0 [ 120.624947][ T6172] gfs2_fill_super+0x1af1/0x2120 [ 120.624984][ T6172] ? __pfx_gfs2_fill_super+0x10/0x10 [ 120.625007][ T6172] ? init_locking+0xb8/0x210 [ 120.625024][ T6172] ? sb_set_blocksize+0x104/0x180 [ 120.625044][ T6172] ? setup_bdev_super+0x4c1/0x5b0 [ 120.625067][ T6172] get_tree_bdev_flags+0x40e/0x4d0 [ 120.625086][ T6172] ? __pfx_gfs2_fill_super+0x10/0x10 [ 120.625106][ T6172] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 120.625128][ T6172] ? rcu_is_watching+0x15/0xb0 [ 120.625152][ T6172] ? cap_capable+0x11f/0x460 [ 120.625173][ T6172] gfs2_get_tree+0x51/0x1e0 [ 120.625194][ T6172] vfs_get_tree+0x8f/0x2b0 [ 120.625215][ T6172] do_new_mount+0x2a2/0x9e0 [ 120.625238][ T6172] ? ns_capable+0x8a/0xf0 [ 120.625256][ T6172] ? __pfx_do_new_mount+0x10/0x10 [ 120.625276][ T6172] ? path_mount+0x61c/0xfe0 [ 120.625306][ T6172] __se_sys_mount+0x317/0x410 [ 120.625333][ T6172] ? __pfx___se_sys_mount+0x10/0x10 [ 120.625359][ T6172] ? do_syscall_64+0xbe/0x3b0 [ 120.625372][ T6172] ? __x64_sys_mount+0x20/0xc0 [ 120.625395][ T6172] do_syscall_64+0xfa/0x3b0 [ 120.625409][ T6172] ? lockdep_hardirqs_on+0x9c/0x150 [ 120.625429][ T6172] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.625444][ T6172] ? clear_bhb_loop+0x60/0xb0 [ 120.625463][ T6172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.625477][ T6172] RIP: 0033:0x7f8f2a0df4aa [ 120.625492][ T6172] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 120.625505][ T6172] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 120.625521][ T6172] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 120.625533][ T6172] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 120.625544][ T6172] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 120.625554][ T6172] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 120.625565][ T6172] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 120.625592][ T6172] [ 121.168475][ T6172] gfs2: fsid=syz:syz.0: found 1 quota changes [ 122.345983][ T6211] loop0: detected capacity change from 0 to 32768 [ 122.393583][ T6211] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 122.393601][ T6211] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 122.435557][ T6211] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 122.456633][ T5680] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 122.456653][ T5680] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 122.727236][ T5680] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 270ms [ 122.742832][ T5680] gfs2: fsid=syz:syz.0: jid=0: Done [ 122.742939][ T6211] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 122.816957][ T6211] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 122.816978][ T6211] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6211, name: syz-executor.0 [ 122.816993][ T6211] preempt_count: 1, expected: 0 [ 122.817001][ T6211] RCU nest depth: 1, expected: 1 [ 122.817008][ T6211] 4 locks held by syz-executor.0/6211: [ 122.817017][ T6211] #0: ffff8880338340d0 (&type->s_umount_key#50/1){+.+.}-{4:4}, at: alloc_super+0x204/0x990 [ 122.817076][ T6211] #1: ffffffff8df7ef98 (qd_lock){+.+.}-{3:3}, at: gfs2_quota_init+0x845/0x1240 [ 122.817117][ T6211] #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 122.817159][ T6211] #3: ffff888040a503a8 (&lockref->lock#3){+.+.}-{3:3}, at: lockref_get_not_dead+0x28/0xd0 [ 122.817205][ T6211] Preemption disabled at: [ 122.817210][ T6211] [] spin_lock_bucket+0x3b/0x150 [ 122.817237][ T6211] CPU: 1 UID: 0 PID: 6211 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 122.817259][ T6211] Tainted: [W]=WARN [ 122.817264][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 122.817274][ T6211] Call Trace: [ 122.817280][ T6211] [ 122.817288][ T6211] dump_stack_lvl+0x189/0x250 [ 122.817315][ T6211] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.817338][ T6211] ? __pfx__printk+0x10/0x10 [ 122.817361][ T6211] ? print_lock_name+0xde/0x100 [ 122.817378][ T6211] ? spin_lock_bucket+0x3b/0x150 [ 122.817398][ T6211] __might_resched+0x44b/0x5d0 [ 122.817420][ T6211] ? spin_lock_bucket+0x3b/0x150 [ 122.817436][ T6211] ? __pfx___might_resched+0x10/0x10 [ 122.817454][ T6211] ? lockref_get_not_dead+0x28/0xd0 [ 122.817487][ T6211] rt_spin_lock+0xc7/0x2c0 [ 122.817510][ T6211] ? __pfx_rt_spin_lock+0x10/0x10 [ 122.817528][ T6211] ? migrate_disable+0xd5/0x190 [ 122.817550][ T6211] ? rt_spin_lock+0x223/0x2c0 [ 122.817572][ T6211] lockref_get_not_dead+0x28/0xd0 [ 122.817594][ T6211] gfs2_qd_search_bucket+0x139/0x210 [ 122.817616][ T6211] gfs2_quota_init+0x85d/0x1240 [ 122.817657][ T6211] ? __pfx_gfs2_quota_init+0x10/0x10 [ 122.817675][ T6211] ? __pfx_wake_up_bit+0x10/0x10 [ 122.817720][ T6211] ? inode_go_inval+0x259/0x2c0 [ 122.817749][ T6211] gfs2_make_fs_rw+0x181/0x2b0 [ 122.817775][ T6211] gfs2_fill_super+0x1af1/0x2120 [ 122.817809][ T6211] ? __pfx_gfs2_fill_super+0x10/0x10 [ 122.817831][ T6211] ? init_locking+0xb8/0x210 [ 122.817847][ T6211] ? sb_set_blocksize+0x104/0x180 [ 122.817866][ T6211] ? setup_bdev_super+0x4c1/0x5b0 [ 122.817889][ T6211] get_tree_bdev_flags+0x40e/0x4d0 [ 122.817908][ T6211] ? __pfx_gfs2_fill_super+0x10/0x10 [ 122.817929][ T6211] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 122.817952][ T6211] ? rcu_is_watching+0x15/0xb0 [ 122.817974][ T6211] ? cap_capable+0x11f/0x460 [ 122.817996][ T6211] gfs2_get_tree+0x51/0x1e0 [ 122.818020][ T6211] vfs_get_tree+0x8f/0x2b0 [ 122.818044][ T6211] do_new_mount+0x2a2/0x9e0 [ 122.818071][ T6211] ? ns_capable+0x8a/0xf0 [ 122.818090][ T6211] ? __pfx_do_new_mount+0x10/0x10 [ 122.818109][ T6211] ? path_mount+0x61c/0xfe0 [ 122.818140][ T6211] __se_sys_mount+0x317/0x410 [ 122.818168][ T6211] ? __pfx___se_sys_mount+0x10/0x10 [ 122.818198][ T6211] ? do_syscall_64+0xbe/0x3b0 [ 122.818210][ T6211] ? __x64_sys_mount+0x20/0xc0 [ 122.818232][ T6211] do_syscall_64+0xfa/0x3b0 [ 122.818245][ T6211] ? lockdep_hardirqs_on+0x9c/0x150 [ 122.818266][ T6211] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.818281][ T6211] ? clear_bhb_loop+0x60/0xb0 [ 122.818300][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.818315][ T6211] RIP: 0033:0x7f8f2a0df4aa [ 122.818332][ T6211] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 122.818345][ T6211] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 122.818363][ T6211] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 122.818375][ T6211] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 122.818385][ T6211] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 122.818396][ T6211] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 122.818406][ T6211] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 122.818434][ T6211] [ 122.818497][ T6211] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 26671 [ 122.832937][ T6211] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 122.832969][ T6211] CPU: 1 UID: 0 PID: 6211 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 122.832992][ T6211] Tainted: [W]=WARN [ 122.832998][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 122.833008][ T6211] Call Trace: [ 122.833015][ T6211] [ 122.833022][ T6211] dump_stack_lvl+0x189/0x250 [ 122.833050][ T6211] ? reacquire_held_locks+0x127/0x1d0 [ 122.833075][ T6211] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.833097][ T6211] ? __pfx__printk+0x10/0x10 [ 122.833118][ T6211] ? rt_spin_unlock+0x65/0x80 [ 122.833144][ T6211] gfs2_assert_warn_i+0x194/0x2c0 [ 122.833173][ T6211] gfs2_qd_dispose+0x4aa/0x5b0 [ 122.833196][ T6211] gfs2_quota_init+0xcce/0x1240 [ 122.833235][ T6211] ? __pfx_gfs2_quota_init+0x10/0x10 [ 122.833252][ T6211] ? __pfx_wake_up_bit+0x10/0x10 [ 122.833278][ T6211] ? inode_go_inval+0x259/0x2c0 [ 122.833299][ T6211] gfs2_make_fs_rw+0x181/0x2b0 [ 122.833322][ T6211] gfs2_fill_super+0x1af1/0x2120 [ 122.833358][ T6211] ? __pfx_gfs2_fill_super+0x10/0x10 [ 122.833381][ T6211] ? init_locking+0xb8/0x210 [ 122.833399][ T6211] ? sb_set_blocksize+0x104/0x180 [ 122.833419][ T6211] ? setup_bdev_super+0x4c1/0x5b0 [ 122.833443][ T6211] get_tree_bdev_flags+0x40e/0x4d0 [ 122.833463][ T6211] ? __pfx_gfs2_fill_super+0x10/0x10 [ 122.833482][ T6211] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 122.833505][ T6211] ? rcu_is_watching+0x15/0xb0 [ 122.833528][ T6211] ? cap_capable+0x11f/0x460 [ 122.833551][ T6211] gfs2_get_tree+0x51/0x1e0 [ 122.833574][ T6211] vfs_get_tree+0x8f/0x2b0 [ 122.833598][ T6211] do_new_mount+0x2a2/0x9e0 [ 122.833623][ T6211] ? ns_capable+0x8a/0xf0 [ 122.833641][ T6211] ? __pfx_do_new_mount+0x10/0x10 [ 122.833661][ T6211] ? path_mount+0x61c/0xfe0 [ 122.833693][ T6211] __se_sys_mount+0x317/0x410 [ 122.833720][ T6211] ? __pfx___se_sys_mount+0x10/0x10 [ 122.833754][ T6211] ? do_syscall_64+0xbe/0x3b0 [ 122.833768][ T6211] ? __x64_sys_mount+0x20/0xc0 [ 122.833792][ T6211] do_syscall_64+0xfa/0x3b0 [ 122.833806][ T6211] ? lockdep_hardirqs_on+0x9c/0x150 [ 122.833827][ T6211] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.833844][ T6211] ? clear_bhb_loop+0x60/0xb0 [ 122.833864][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.833880][ T6211] RIP: 0033:0x7f8f2a0df4aa [ 122.833895][ T6211] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 122.833909][ T6211] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 122.833926][ T6211] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 122.833939][ T6211] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 122.833950][ T6211] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 122.833961][ T6211] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 122.833972][ T6211] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 122.834000][ T6211] [ 123.274218][ T6211] gfs2: fsid=syz:syz.0: found 1 quota changes [ 124.182261][ T6247] loop0: detected capacity change from 0 to 32768 [ 124.195804][ T6247] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 124.195821][ T6247] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 124.209094][ T6247] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 124.221894][ T6114] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 124.221912][ T6114] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 124.383263][ T6114] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 161ms [ 124.386143][ T6114] gfs2: fsid=syz:syz.0: jid=0: Done [ 124.386198][ T6247] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 124.448488][ T6247] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 124.448510][ T6247] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6247, name: syz-executor.0 [ 124.448525][ T6247] preempt_count: 1, expected: 0 [ 124.448533][ T6247] RCU nest depth: 1, expected: 1 [ 124.448542][ T6247] 4 locks held by syz-executor.0/6247: [ 124.448552][ T6247] #0: ffff8880315700d0 (&type->s_umount_key#50/1){+.+.}-{4:4}, at: alloc_super+0x204/0x990 [ 124.448611][ T6247] #1: ffffffff8df7ef98 (qd_lock){+.+.}-{3:3}, at: gfs2_quota_init+0x845/0x1240 [ 124.448661][ T6247] #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 124.448704][ T6247] #3: ffff888040a506c8 (&lockref->lock#3){+.+.}-{3:3}, at: lockref_get_not_dead+0x28/0xd0 [ 124.448751][ T6247] Preemption disabled at: [ 124.448756][ T6247] [] spin_lock_bucket+0x3b/0x150 [ 124.448784][ T6247] CPU: 1 UID: 0 PID: 6247 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 124.448808][ T6247] Tainted: [W]=WARN [ 124.448813][ T6247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 124.448823][ T6247] Call Trace: [ 124.448830][ T6247] [ 124.448838][ T6247] dump_stack_lvl+0x189/0x250 [ 124.448866][ T6247] ? __pfx_dump_stack_lvl+0x10/0x10 [ 124.448889][ T6247] ? __pfx__printk+0x10/0x10 [ 124.448910][ T6247] ? print_lock_name+0xde/0x100 [ 124.448927][ T6247] ? spin_lock_bucket+0x3b/0x150 [ 124.448948][ T6247] __might_resched+0x44b/0x5d0 [ 124.448972][ T6247] ? spin_lock_bucket+0x3b/0x150 [ 124.448988][ T6247] ? __pfx___might_resched+0x10/0x10 [ 124.449007][ T6247] ? lockref_get_not_dead+0x28/0xd0 [ 124.449041][ T6247] rt_spin_lock+0xc7/0x2c0 [ 124.449063][ T6247] ? __pfx_rt_spin_lock+0x10/0x10 [ 124.449082][ T6247] ? migrate_disable+0xd5/0x190 [ 124.449104][ T6247] ? rt_spin_lock+0x223/0x2c0 [ 124.449127][ T6247] lockref_get_not_dead+0x28/0xd0 [ 124.449150][ T6247] gfs2_qd_search_bucket+0x139/0x210 [ 124.449173][ T6247] gfs2_quota_init+0x85d/0x1240 [ 124.449215][ T6247] ? __pfx_gfs2_quota_init+0x10/0x10 [ 124.449233][ T6247] ? __pfx_wake_up_bit+0x10/0x10 [ 124.449260][ T6247] ? inode_go_inval+0x259/0x2c0 [ 124.449283][ T6247] gfs2_make_fs_rw+0x181/0x2b0 [ 124.449306][ T6247] gfs2_fill_super+0x1af1/0x2120 [ 124.449345][ T6247] ? __pfx_gfs2_fill_super+0x10/0x10 [ 124.449369][ T6247] ? init_locking+0xb8/0x210 [ 124.449386][ T6247] ? sb_set_blocksize+0x104/0x180 [ 124.449407][ T6247] ? setup_bdev_super+0x4c1/0x5b0 [ 124.449431][ T6247] get_tree_bdev_flags+0x40e/0x4d0 [ 124.449451][ T6247] ? __pfx_gfs2_fill_super+0x10/0x10 [ 124.449472][ T6247] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 124.449495][ T6247] ? rcu_is_watching+0x15/0xb0 [ 124.449518][ T6247] ? cap_capable+0x11f/0x460 [ 124.449540][ T6247] gfs2_get_tree+0x51/0x1e0 [ 124.449564][ T6247] vfs_get_tree+0x8f/0x2b0 [ 124.449588][ T6247] do_new_mount+0x2a2/0x9e0 [ 124.449613][ T6247] ? ns_capable+0x8a/0xf0 [ 124.449632][ T6247] ? __pfx_do_new_mount+0x10/0x10 [ 124.449659][ T6247] ? path_mount+0x61c/0xfe0 [ 124.449692][ T6247] __se_sys_mount+0x317/0x410 [ 124.449720][ T6247] ? __pfx___se_sys_mount+0x10/0x10 [ 124.449748][ T6247] ? do_syscall_64+0xbe/0x3b0 [ 124.449763][ T6247] ? __x64_sys_mount+0x20/0xc0 [ 124.449787][ T6247] do_syscall_64+0xfa/0x3b0 [ 124.449801][ T6247] ? lockdep_hardirqs_on+0x9c/0x150 [ 124.449822][ T6247] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.449839][ T6247] ? clear_bhb_loop+0x60/0xb0 2025/09/15 00:53:14 executed programs: 4 [ 124.449860][ T6247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.449876][ T6247] RIP: 0033:0x7f8f2a0df4aa [ 124.449891][ T6247] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 124.449905][ T6247] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 124.449922][ T6247] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 124.449935][ T6247] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 124.449946][ T6247] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 124.449958][ T6247] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 124.449969][ T6247] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 124.449999][ T6247] [ 124.450015][ T6247] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 26671 [ 124.450041][ T6247] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 124.450062][ T6247] CPU: 1 UID: 0 PID: 6247 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 124.450084][ T6247] Tainted: [W]=WARN [ 124.450090][ T6247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 124.450099][ T6247] Call Trace: [ 124.450105][ T6247] [ 124.450112][ T6247] dump_stack_lvl+0x189/0x250 [ 124.450134][ T6247] ? reacquire_held_locks+0x127/0x1d0 [ 124.450158][ T6247] ? __pfx_dump_stack_lvl+0x10/0x10 [ 124.450180][ T6247] ? __pfx__printk+0x10/0x10 [ 124.450201][ T6247] ? rt_spin_unlock+0x65/0x80 [ 124.450227][ T6247] gfs2_assert_warn_i+0x194/0x2c0 [ 124.450260][ T6247] gfs2_qd_dispose+0x4aa/0x5b0 [ 124.450283][ T6247] gfs2_quota_init+0xcce/0x1240 [ 124.450324][ T6247] ? __pfx_gfs2_quota_init+0x10/0x10 [ 124.450342][ T6247] ? __pfx_wake_up_bit+0x10/0x10 [ 124.450367][ T6247] ? inode_go_inval+0x259/0x2c0 [ 124.450389][ T6247] gfs2_make_fs_rw+0x181/0x2b0 [ 124.450413][ T6247] gfs2_fill_super+0x1af1/0x2120 [ 124.450450][ T6247] ? __pfx_gfs2_fill_super+0x10/0x10 [ 124.450473][ T6247] ? init_locking+0xb8/0x210 [ 124.450491][ T6247] ? sb_set_blocksize+0x104/0x180 [ 124.450511][ T6247] ? setup_bdev_super+0x4c1/0x5b0 [ 124.450534][ T6247] get_tree_bdev_flags+0x40e/0x4d0 [ 124.450554][ T6247] ? __pfx_gfs2_fill_super+0x10/0x10 [ 124.450574][ T6247] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 124.450597][ T6247] ? rcu_is_watching+0x15/0xb0 [ 124.450620][ T6247] ? cap_capable+0x11f/0x460 [ 124.450646][ T6247] gfs2_get_tree+0x51/0x1e0 [ 124.450670][ T6247] vfs_get_tree+0x8f/0x2b0 [ 124.450693][ T6247] do_new_mount+0x2a2/0x9e0 [ 124.450718][ T6247] ? ns_capable+0x8a/0xf0 [ 124.450737][ T6247] ? __pfx_do_new_mount+0x10/0x10 [ 124.450757][ T6247] ? path_mount+0x61c/0xfe0 [ 124.450789][ T6247] __se_sys_mount+0x317/0x410 [ 124.450817][ T6247] ? __pfx___se_sys_mount+0x10/0x10 [ 124.450844][ T6247] ? do_syscall_64+0xbe/0x3b0 [ 124.450858][ T6247] ? __x64_sys_mount+0x20/0xc0 [ 124.450881][ T6247] do_syscall_64+0xfa/0x3b0 [ 124.450894][ T6247] ? lockdep_hardirqs_on+0x9c/0x150 [ 124.450914][ T6247] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.450929][ T6247] ? clear_bhb_loop+0x60/0xb0 [ 124.450948][ T6247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.450963][ T6247] RIP: 0033:0x7f8f2a0df4aa [ 124.450977][ T6247] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 124.450989][ T6247] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 124.451005][ T6247] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 124.451017][ T6247] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 124.451028][ T6247] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 124.451038][ T6247] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 124.451049][ T6247] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 124.451073][ T6247] [ 124.814854][ T6247] gfs2: fsid=syz:syz.0: found 1 quota changes [ 125.627059][ T6253] loop0: detected capacity change from 0 to 32768 [ 125.653484][ T6253] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 125.653510][ T6253] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 125.680308][ T6253] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 125.687174][ T5866] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 125.687200][ T5866] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 125.838105][ T5866] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 150ms [ 125.846783][ T5866] gfs2: fsid=syz:syz.0: jid=0: Done [ 125.846830][ T6253] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 125.907259][ T6253] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 125.907279][ T6253] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6253, name: syz-executor.0 [ 125.907295][ T6253] preempt_count: 1, expected: 0 [ 125.907303][ T6253] RCU nest depth: 1, expected: 1 [ 125.907312][ T6253] 4 locks held by syz-executor.0/6253: [ 125.907322][ T6253] #0: ffff8880239860d0 (&type->s_umount_key#50/1){+.+.}-{4:4}, at: alloc_super+0x204/0x990 [ 125.907380][ T6253] #1: ffffffff8df7ef98 (qd_lock){+.+.}-{3:3}, at: gfs2_quota_init+0x845/0x1240 [ 125.907413][ T6253] #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 125.907437][ T6253] #3: ffff888040a509e8 (&lockref->lock#3){+.+.}-{3:3}, at: lockref_get_not_dead+0x28/0xd0 [ 125.907463][ T6253] Preemption disabled at: [ 125.907466][ T6253] [] spin_lock_bucket+0x3b/0x150 [ 125.907483][ T6253] CPU: 0 UID: 0 PID: 6253 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 125.907499][ T6253] Tainted: [W]=WARN [ 125.907502][ T6253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 125.907508][ T6253] Call Trace: [ 125.907513][ T6253] [ 125.907518][ T6253] dump_stack_lvl+0x189/0x250 [ 125.907535][ T6253] ? __pfx_dump_stack_lvl+0x10/0x10 [ 125.907549][ T6253] ? __pfx__printk+0x10/0x10 [ 125.907561][ T6253] ? print_lock_name+0xde/0x100 [ 125.907571][ T6253] ? spin_lock_bucket+0x3b/0x150 [ 125.907582][ T6253] __might_resched+0x44b/0x5d0 [ 125.907596][ T6253] ? spin_lock_bucket+0x3b/0x150 [ 125.907605][ T6253] ? __pfx___might_resched+0x10/0x10 [ 125.907615][ T6253] ? lockref_get_not_dead+0x28/0xd0 [ 125.907633][ T6253] rt_spin_lock+0xc7/0x2c0 [ 125.907646][ T6253] ? __pfx_rt_spin_lock+0x10/0x10 [ 125.907656][ T6253] ? migrate_disable+0xd5/0x190 [ 125.907669][ T6253] ? rt_spin_lock+0x223/0x2c0 [ 125.907682][ T6253] lockref_get_not_dead+0x28/0xd0 [ 125.907695][ T6253] gfs2_qd_search_bucket+0x139/0x210 [ 125.907707][ T6253] gfs2_quota_init+0x85d/0x1240 [ 125.907728][ T6253] ? __pfx_gfs2_quota_init+0x10/0x10 [ 125.907738][ T6253] ? __pfx_wake_up_bit+0x10/0x10 [ 125.907761][ T6253] ? inode_go_inval+0x259/0x2c0 [ 125.907773][ T6253] gfs2_make_fs_rw+0x181/0x2b0 [ 125.907787][ T6253] gfs2_fill_super+0x1af1/0x2120 [ 125.907808][ T6253] ? __pfx_gfs2_fill_super+0x10/0x10 [ 125.907821][ T6253] ? init_locking+0xb8/0x210 [ 125.907832][ T6253] ? sb_set_blocksize+0x104/0x180 [ 125.907843][ T6253] ? setup_bdev_super+0x4c1/0x5b0 [ 125.907857][ T6253] get_tree_bdev_flags+0x40e/0x4d0 [ 125.907869][ T6253] ? __pfx_gfs2_fill_super+0x10/0x10 [ 125.907881][ T6253] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 125.907894][ T6253] ? rcu_is_watching+0x15/0xb0 [ 125.907909][ T6253] ? cap_capable+0x11f/0x460 [ 125.907922][ T6253] gfs2_get_tree+0x51/0x1e0 [ 125.907935][ T6253] vfs_get_tree+0x8f/0x2b0 [ 125.907948][ T6253] do_new_mount+0x2a2/0x9e0 [ 125.907963][ T6253] ? ns_capable+0x8a/0xf0 [ 125.907975][ T6253] ? __pfx_do_new_mount+0x10/0x10 [ 125.907986][ T6253] ? path_mount+0x61c/0xfe0 [ 125.908004][ T6253] __se_sys_mount+0x317/0x410 [ 125.908020][ T6253] ? __pfx___se_sys_mount+0x10/0x10 [ 125.908036][ T6253] ? do_syscall_64+0xbe/0x3b0 [ 125.908044][ T6253] ? __x64_sys_mount+0x20/0xc0 [ 125.908058][ T6253] do_syscall_64+0xfa/0x3b0 [ 125.908066][ T6253] ? lockdep_hardirqs_on+0x9c/0x150 [ 125.908087][ T6253] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.908104][ T6253] ? clear_bhb_loop+0x60/0xb0 [ 125.908124][ T6253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.908140][ T6253] RIP: 0033:0x7f8f2a0df4aa [ 125.908155][ T6253] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 125.908168][ T6253] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 125.908188][ T6253] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 125.908200][ T6253] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 125.908211][ T6253] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 125.908222][ T6253] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 125.908232][ T6253] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 125.908259][ T6253] [ 125.908337][ T6253] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 26671 [ 126.298287][ T6253] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 126.298321][ T6253] CPU: 0 UID: 0 PID: 6253 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 126.298344][ T6253] Tainted: [W]=WARN [ 126.298349][ T6253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 126.298358][ T6253] Call Trace: [ 126.298365][ T6253] [ 126.298373][ T6253] dump_stack_lvl+0x189/0x250 [ 126.298400][ T6253] ? reacquire_held_locks+0x127/0x1d0 [ 126.298426][ T6253] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.298447][ T6253] ? __pfx__printk+0x10/0x10 [ 126.298470][ T6253] ? rt_spin_unlock+0x65/0x80 [ 126.298496][ T6253] gfs2_assert_warn_i+0x194/0x2c0 [ 126.298525][ T6253] gfs2_qd_dispose+0x4aa/0x5b0 [ 126.298549][ T6253] gfs2_quota_init+0xcce/0x1240 [ 126.298590][ T6253] ? __pfx_gfs2_quota_init+0x10/0x10 [ 126.298608][ T6253] ? __pfx_wake_up_bit+0x10/0x10 [ 126.298635][ T6253] ? inode_go_inval+0x259/0x2c0 [ 126.298657][ T6253] gfs2_make_fs_rw+0x181/0x2b0 [ 126.298681][ T6253] gfs2_fill_super+0x1af1/0x2120 [ 126.298725][ T6253] ? __pfx_gfs2_fill_super+0x10/0x10 [ 126.298749][ T6253] ? init_locking+0xb8/0x210 [ 126.298768][ T6253] ? sb_set_blocksize+0x104/0x180 [ 126.298788][ T6253] ? setup_bdev_super+0x4c1/0x5b0 [ 126.298812][ T6253] get_tree_bdev_flags+0x40e/0x4d0 [ 126.298833][ T6253] ? __pfx_gfs2_fill_super+0x10/0x10 [ 126.298853][ T6253] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 126.298876][ T6253] ? rcu_is_watching+0x15/0xb0 [ 126.298899][ T6253] ? cap_capable+0x11f/0x460 [ 126.298922][ T6253] gfs2_get_tree+0x51/0x1e0 [ 126.298946][ T6253] vfs_get_tree+0x8f/0x2b0 [ 126.298969][ T6253] do_new_mount+0x2a2/0x9e0 [ 126.298995][ T6253] ? ns_capable+0x8a/0xf0 [ 126.299014][ T6253] ? __pfx_do_new_mount+0x10/0x10 [ 126.299035][ T6253] ? path_mount+0x61c/0xfe0 [ 126.299067][ T6253] __se_sys_mount+0x317/0x410 [ 126.299095][ T6253] ? __pfx___se_sys_mount+0x10/0x10 [ 126.299121][ T6253] ? do_syscall_64+0xbe/0x3b0 [ 126.299134][ T6253] ? __x64_sys_mount+0x20/0xc0 [ 126.299156][ T6253] do_syscall_64+0xfa/0x3b0 [ 126.299170][ T6253] ? lockdep_hardirqs_on+0x9c/0x150 [ 126.299191][ T6253] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.299207][ T6253] ? clear_bhb_loop+0x60/0xb0 [ 126.299227][ T6253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.299243][ T6253] RIP: 0033:0x7f8f2a0df4aa [ 126.299259][ T6253] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 126.299273][ T6253] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 126.299292][ T6253] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 126.299304][ T6253] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 126.299316][ T6253] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 126.299328][ T6253] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 126.299339][ T6253] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 126.299368][ T6253] [ 126.641346][ T6253] gfs2: fsid=syz:syz.0: found 1 quota changes [ 127.243535][ T6259] loop0: detected capacity change from 0 to 32768 [ 127.269123][ T6259] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 127.269141][ T6259] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 127.298106][ T6259] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 127.313123][ T6114] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 127.313141][ T6114] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 127.475695][ T6114] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 162ms [ 127.475873][ T6114] gfs2: fsid=syz:syz.0: jid=0: Done [ 127.475967][ T6259] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 127.523269][ T6259] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 127.523294][ T6259] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6259, name: syz-executor.0 [ 127.523326][ T6259] preempt_count: 1, expected: 0 [ 127.523334][ T6259] RCU nest depth: 1, expected: 1 [ 127.523349][ T6259] 4 locks held by syz-executor.0/6259: [ 127.523359][ T6259] #0: ffff88802365e0d0 (&type->s_umount_key#50/1){+.+.}-{4:4}, at: alloc_super+0x204/0x990 [ 127.523411][ T6259] #1: ffffffff8df7ef98 (qd_lock){+.+.}-{3:3}, at: gfs2_quota_init+0x845/0x1240 [ 127.523434][ T6259] #2: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 127.523458][ T6259] #3: ffff88803d3da538 (&lockref->lock#3){+.+.}-{3:3}, at: lockref_get_not_dead+0x28/0xd0 [ 127.523485][ T6259] Preemption disabled at: [ 127.523487][ T6259] [] spin_lock_bucket+0x3b/0x150 [ 127.523505][ T6259] CPU: 0 UID: 0 PID: 6259 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 127.523519][ T6259] Tainted: [W]=WARN [ 127.523522][ T6259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 127.523528][ T6259] Call Trace: [ 127.523533][ T6259] [ 127.523537][ T6259] dump_stack_lvl+0x189/0x250 [ 127.523554][ T6259] ? __pfx_dump_stack_lvl+0x10/0x10 [ 127.523567][ T6259] ? __pfx__printk+0x10/0x10 [ 127.523579][ T6259] ? print_lock_name+0xde/0x100 [ 127.523589][ T6259] ? spin_lock_bucket+0x3b/0x150 [ 127.523602][ T6259] __might_resched+0x44b/0x5d0 [ 127.523616][ T6259] ? spin_lock_bucket+0x3b/0x150 [ 127.523626][ T6259] ? __pfx___might_resched+0x10/0x10 [ 127.523636][ T6259] ? lockref_get_not_dead+0x28/0xd0 [ 127.523654][ T6259] rt_spin_lock+0xc7/0x2c0 [ 127.523667][ T6259] ? __pfx_rt_spin_lock+0x10/0x10 [ 127.523678][ T6259] ? migrate_disable+0xd5/0x190 [ 127.523690][ T6259] ? rt_spin_lock+0x223/0x2c0 [ 127.523703][ T6259] lockref_get_not_dead+0x28/0xd0 [ 127.523717][ T6259] gfs2_qd_search_bucket+0x139/0x210 [ 127.523729][ T6259] gfs2_quota_init+0x85d/0x1240 [ 127.523751][ T6259] ? __pfx_gfs2_quota_init+0x10/0x10 [ 127.523761][ T6259] ? __pfx_wake_up_bit+0x10/0x10 [ 127.523776][ T6259] ? inode_go_inval+0x259/0x2c0 [ 127.523788][ T6259] gfs2_make_fs_rw+0x181/0x2b0 [ 127.523802][ T6259] gfs2_fill_super+0x1af1/0x2120 [ 127.523823][ T6259] ? __pfx_gfs2_fill_super+0x10/0x10 [ 127.523836][ T6259] ? init_locking+0xb8/0x210 [ 127.523847][ T6259] ? sb_set_blocksize+0x104/0x180 [ 127.523858][ T6259] ? setup_bdev_super+0x4c1/0x5b0 [ 127.523872][ T6259] get_tree_bdev_flags+0x40e/0x4d0 [ 127.523884][ T6259] ? __pfx_gfs2_fill_super+0x10/0x10 [ 127.523895][ T6259] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 127.523909][ T6259] ? rcu_is_watching+0x15/0xb0 [ 127.523924][ T6259] ? cap_capable+0x11f/0x460 [ 127.523936][ T6259] gfs2_get_tree+0x51/0x1e0 [ 127.523950][ T6259] vfs_get_tree+0x8f/0x2b0 [ 127.523963][ T6259] do_new_mount+0x2a2/0x9e0 [ 127.523978][ T6259] ? ns_capable+0x8a/0xf0 [ 127.523990][ T6259] ? __pfx_do_new_mount+0x10/0x10 [ 127.524002][ T6259] ? path_mount+0x61c/0xfe0 [ 127.524020][ T6259] __se_sys_mount+0x317/0x410 [ 127.524036][ T6259] ? __pfx___se_sys_mount+0x10/0x10 [ 127.524051][ T6259] ? do_syscall_64+0xbe/0x3b0 [ 127.524059][ T6259] ? __x64_sys_mount+0x20/0xc0 [ 127.524074][ T6259] do_syscall_64+0xfa/0x3b0 [ 127.524082][ T6259] ? lockdep_hardirqs_on+0x9c/0x150 [ 127.524095][ T6259] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.524104][ T6259] ? clear_bhb_loop+0x60/0xb0 [ 127.524116][ T6259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.524125][ T6259] RIP: 0033:0x7f8f2a0df4aa [ 127.524135][ T6259] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 127.524143][ T6259] RSP: 002b:00007f8f2945def8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 127.524153][ T6259] RAX: ffffffffffffffda RBX: 00007f8f2945df80 RCX: 00007f8f2a0df4aa [ 127.524160][ T6259] RDX: 0000000020000100 RSI: 0000000020013440 RDI: 00007f8f2945df40 [ 127.524166][ T6259] RBP: 0000000020000100 R08: 00007f8f2945df80 R09: 0000000001000000 [ 127.524172][ T6259] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020013440 [ 127.524178][ T6259] R13: 00007f8f2945df40 R14: 000000000001343f R15: 0000000020002380 [ 127.524193][ T6259] [ 127.524203][ T6259] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 26671 [ 127.524291][ T6259] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 127.524313][ T6259] CPU: 0 UID: 0 PID: 6259 Comm: syz-executor.0 Tainted: G W syzkaller #0 PREEMPT_{RT,(full)} [ 127.524332][ T6259] Tainted: [W]=WARN [ 127.524335][ T6259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 127.524346][ T6259] Call Trace: [ 127.524350][ T6259] [ 127.524354][ T6259] dump_stack_lvl+0x189/0x250 [ 127.524369][ T6259] ? reacquire_held_locks+0x127/0x1d0 [ 127.524384][ T6259] ? __pfx_dump_stack_lvl+0x10/0x10 [ 127.524397][ T6259] ? __pfx__printk+0x10/0x10 [ 127.524409][ T6259] ? rt_spin_unlock+0x65/0x80 [ 127.524423][ T6259] gfs2_assert_warn_i+0x194/0x2c0 [ 127.524440][ T6259] gfs2_qd_dispose+0x4aa/0x5b0 [ 127.524453][ T6259] gfs2_quota_init+0xcce/0x1240 [ 127.524474][ T6259] ? __pfx_gfs2_quota_init+0x10/0x10 [ 127.524485][ T6259] ? __pfx_wake_up_bit+0x10/0x10 [ 127.524499][ T6259] ? inode_go_inval+0x259/0x2c0 [ 127.524512][ T6259] gfs2_make_fs_rw+0x181/0x2b0 [ 127.524526][ T6259] gfs2_fill_super+0x1af1/0x2120 [ 127.524546][ T6259] ? __pfx_gfs2_fill_super+0x10/0x10 [ 127.524559][ T6259] ? init_locking+0xb8/0x210