[ 59.654918][ T33] bridge0: port 1(bridge_slave_0) entered disabled state
[ 59.670242][ T33] device veth1_macvtap left promiscuous mode
[ 59.678134][ T33] device veth0_macvtap left promiscuous mode
[ 59.684555][ T33] device veth1_vlan left promiscuous mode
[ 59.691264][ T33] device veth0_vlan left promiscuous mode
[ 59.900111][ T33] team0 (unregistering): Port device team_slave_1 removed
[ 59.915669][ T33] team0 (unregistering): Port device team_slave_0 removed
[ 59.927274][ T33] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 59.940701][ T33] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 59.983189][ T33] bond0 (unregistering): Released all slaves
[ 76.406623][ T2487] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.117' (ECDSA) to the list of known hosts.
2023/01/15 06:48:18 ignoring optional flag "sandboxArg"="0"
2023/01/15 06:48:18 parsed 1 programs
2023/01/15 06:48:18 executed programs: 0
[ 77.343280][ T5072] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 77.351229][ T5072] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 77.359635][ T5072] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 77.367491][ T5072] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 77.377197][ T5072] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 77.384677][ T5072] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 77.484111][ T5533] chnl_net:caif_netlink_parms(): no params data found
[ 77.526175][ T5533] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.533486][ T5533] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.541992][ T5533] device bridge_slave_0 entered promiscuous mode
[ 77.551182][ T5533] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.558593][ T5533] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.566866][ T5533] device bridge_slave_1 entered promiscuous mode
[ 77.587836][ T5533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.599681][ T5533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.621866][ T5533] team0: Port device team_slave_0 added
[ 77.629332][ T5533] team0: Port device team_slave_1 added
[ 77.646428][ T5533] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.653417][ T5533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.679810][ T5533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.693283][ T5533] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.700445][ T5533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.726852][ T5533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.754025][ T5533] device hsr_slave_0 entered promiscuous mode
[ 77.761177][ T5533] device hsr_slave_1 entered promiscuous mode
[ 78.590538][ T5533] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.601262][ T5533] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.611295][ T5533] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.621412][ T5533] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.696480][ T5533] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.710853][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 78.720819][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 78.731957][ T5533] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.744694][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 78.754330][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 78.764287][ T7] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.771481][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.796210][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 78.804306][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 78.813931][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 78.822884][ T7] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.830169][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.839617][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 78.849528][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 78.858697][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 78.868236][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 78.883369][ T5533] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 78.895630][ T5533] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 78.912961][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 78.922306][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 78.931127][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 78.941580][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 78.950629][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 78.963578][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 79.153364][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 79.161904][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 79.173271][ T5533] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.196940][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 79.208001][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 79.231911][ T5533] device veth0_vlan entered promiscuous mode
[ 79.240062][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 79.249998][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 79.265769][ T5533] device veth1_vlan entered promiscuous mode
[ 79.277207][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 79.286345][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 79.294696][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 79.303300][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 79.324099][ T5533] device veth0_macvtap entered promiscuous mode
[ 79.337371][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 79.348112][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 79.359724][ T5533] device veth1_macvtap entered promiscuous mode
[ 79.369504][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 79.378824][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 79.399354][ T5533] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.407334][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 79.417319][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 79.429377][ T5533] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.438641][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 79.448170][ T4389] Bluetooth: hci0: command 0x0409 tx timeout
[ 79.456810][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 79.468265][ T5533] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.479500][ T5533] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.488917][ T5533] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.498754][ T5533] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.569377][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.583451][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.597307][ T1009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.604306][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 79.608149][ T1009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.633228][ T5574] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 80.014394][ T5604] loop0: detected capacity change from 0 to 32768
[ 80.034724][ T5604] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 80.045585][ T5604] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 80.062391][ T5604] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 80.076720][ T5574] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 80.083980][ T5574] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 80.152751][ T5574] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 68ms
[ 80.162386][ T5574] gfs2: fsid=syz:syz.0: jid=0: Done
[ 80.171342][ T5604] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 80.342589][ T5604] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 80.368267][ T5533] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 80.368267][ T5533] inode = 11 2340
[ 80.368267][ T5533] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 460
[ 80.387711][ T5533] gfs2: fsid=syz:syz.0: G: s:EX n:2/924 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 80.397756][ T5533] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5533 [syz-executor.0] gfs2_quota_sync+0x3da/0x8b0
[ 80.409387][ T5533] gfs2: fsid=syz:syz.0: I: n:11/2340 t:8 f:0x00 d:0x00000201 s:176 p:0
[ 80.418627][ T5533] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 80.432394][ T5533] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1478
[ 80.448400][ T5533] CPU: 0 PID: 5533 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 80.457568][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 80.467647][ T5533] Call Trace:
[ 80.470941][ T5533]
[ 80.473891][ T5533] dump_stack_lvl+0x1b1/0x290
[ 80.479030][ T5533] ? nf_tcp_handle_invalid+0x630/0x630
[ 80.484616][ T5533] ? panic+0x710/0x710
[ 80.488723][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 80.493969][ T5533] gfs2_assert_warn_i+0x19a/0x2e0
[ 80.499045][ T5533] gfs2_quota_cleanup+0x4c6/0x6b0
[ 80.504285][ T5533] gfs2_make_fs_ro+0x517/0x610
[ 80.509246][ T5533] ? __might_sleep+0xc0/0xc0
[ 80.513864][ T5533] ? gfs2_dinode_out+0xad0/0xad0
[ 80.518822][ T5533] ? gfs2_glock_nq+0xdaa/0x1700
[ 80.523708][ T5533] ? gfs2_instantiate+0x207/0x220
[ 80.528858][ T5533] ? gfs2_glock_wait+0x213/0x2a0
[ 80.533980][ T5533] gfs2_withdraw+0x609/0x1540
[ 80.538724][ T5533] ? gfs2_lm+0x220/0x220
[ 80.543001][ T5533] ? make_kgid+0x1fe/0x710
[ 80.547638][ T5533] ? gfs2_withdraw+0x5cc/0x1540
[ 80.552541][ T5533] ? gfs2_consist_inode_i+0xf3/0x110
[ 80.558040][ T5533] gfs2_inode_refresh+0xb2d/0xf60
[ 80.563106][ T5533] ? gfs2_inode_metasync+0xf0/0xf0
[ 80.568422][ T5533] ? _raw_spin_unlock+0x24/0x40
[ 80.573304][ T5533] ? gfs2_glock_nq+0xdaa/0x1700
[ 80.578187][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 80.583421][ T5533] gfs2_instantiate+0x15e/0x220
[ 80.588390][ T5533] gfs2_glock_wait+0x1d9/0x2a0
[ 80.593188][ T5533] do_sync+0x485/0xc80
[ 80.597377][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 80.602359][ T5533] ? slot_put+0x1f0/0x1f0
[ 80.607010][ T5533] ? do_raw_spin_lock+0x147/0x3a0
[ 80.612325][ T5533] ? __lock_acquire+0x1f60/0x1f60
[ 80.618441][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 80.623423][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 80.628667][ T5533] ? qd_check_sync+0xba/0x3f0
[ 80.633397][ T5533] gfs2_quota_sync+0x3da/0x8b0
[ 80.638243][ T5533] gfs2_sync_fs+0x49/0xb0
[ 80.642613][ T5533] sync_filesystem+0xe8/0x220
[ 80.647341][ T5533] generic_shutdown_super+0x6b/0x310
[ 80.652678][ T5533] kill_block_super+0x79/0xd0
[ 80.657390][ T5533] deactivate_locked_super+0xa7/0xf0
[ 80.662766][ T5533] cleanup_mnt+0x494/0x520
[ 80.667214][ T5533] ? lockdep_hardirqs_on+0x8d/0x130
[ 80.672531][ T5533] task_work_run+0x243/0x300
[ 80.677438][ T5533] ? task_work_cancel+0x290/0x290
[ 80.682509][ T5533] ? exit_to_user_mode_loop+0x42/0x150
[ 80.688367][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 80.693793][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 80.699394][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 80.704900][ T5533] do_syscall_64+0x49/0xb0
[ 80.709356][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 80.715298][ T5533] RIP: 0033:0x7fdc5148d517
[ 80.721139][ T5533] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 80.740784][ T5533] RSP: 002b:00007ffd939df018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 80.749243][ T5533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdc5148d517
[ 80.757245][ T5533] RDX: 00007ffd939df0e9 RSI: 000000000000000a RDI: 00007ffd939df0e0
[ 80.765250][ T5533] RBP: 00007ffd939df0e0 R08: 00000000ffffffff R09: 00007ffd939deeb0
[ 80.773247][ T5533] R10: 00005555574148b3 R11: 0000000000000246 R12: 00007fdc514e6b24
[ 80.781251][ T5533] R13: 00007ffd939e01a0 R14: 0000555557414810 R15: 00007ffd939e01e0
[ 80.789271][ T5533]
[ 80.825573][ T5533] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 80.834408][ T5533] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 80.844158][ T5533] gfs2: fsid=syz:syz.0: File system withdrawn
[ 80.850401][ T5533] CPU: 0 PID: 5533 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 80.859538][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 80.869624][ T5533] Call Trace:
[ 80.872922][ T5533]
[ 80.875911][ T5533] dump_stack_lvl+0x1b1/0x290
[ 80.880644][ T5533] ? nf_tcp_handle_invalid+0x630/0x630
[ 80.886146][ T5533] ? panic+0x710/0x710
[ 80.890302][ T5533] ? kobject_uevent_env+0x46b/0x8e0
[ 80.895631][ T5533] gfs2_withdraw+0xf33/0x1540
[ 80.900373][ T5533] ? gfs2_lm+0x220/0x220
[ 80.904660][ T5533] ? make_kgid+0x1fe/0x710
[ 80.909138][ T5533] ? gfs2_consist_inode_i+0xf3/0x110
[ 80.914552][ T5533] gfs2_inode_refresh+0xb2d/0xf60
[ 80.919629][ T5533] ? gfs2_inode_metasync+0xf0/0xf0
[ 80.924794][ T5533] ? _raw_spin_unlock+0x24/0x40
[ 80.929767][ T5533] ? gfs2_glock_nq+0xdaa/0x1700
[ 80.934682][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 80.940011][ T5533] gfs2_instantiate+0x15e/0x220
[ 80.944923][ T5533] gfs2_glock_wait+0x1d9/0x2a0
[ 80.949965][ T5533] do_sync+0x485/0xc80
[ 80.954081][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 80.959142][ T5533] ? slot_put+0x1f0/0x1f0
[ 80.963476][ T5533] ? do_raw_spin_lock+0x147/0x3a0
[ 80.968512][ T5533] ? __lock_acquire+0x1f60/0x1f60
[ 80.973532][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 80.978465][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 80.983660][ T5533] ? qd_check_sync+0xba/0x3f0
[ 80.988692][ T5533] gfs2_quota_sync+0x3da/0x8b0
[ 80.993566][ T5533] gfs2_sync_fs+0x49/0xb0
[ 80.998068][ T5533] sync_filesystem+0xe8/0x220
[ 81.003273][ T5533] generic_shutdown_super+0x6b/0x310
[ 81.008561][ T5533] kill_block_super+0x79/0xd0
[ 81.013259][ T5533] deactivate_locked_super+0xa7/0xf0
[ 81.018578][ T5533] cleanup_mnt+0x494/0x520
[ 81.023004][ T5533] ? lockdep_hardirqs_on+0x8d/0x130
[ 81.028206][ T5533] task_work_run+0x243/0x300
[ 81.032804][ T5533] ? task_work_cancel+0x290/0x290
[ 81.037843][ T5533] ? exit_to_user_mode_loop+0x42/0x150
[ 81.043477][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 81.048849][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 81.054397][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 81.059926][ T5533] do_syscall_64+0x49/0xb0
[ 81.064353][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.070505][ T5533] RIP: 0033:0x7fdc5148d517
[ 81.074916][ T5533] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.094805][ T5533] RSP: 002b:00007ffd939df018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 81.103224][ T5533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdc5148d517
[ 81.111192][ T5533] RDX: 00007ffd939df0e9 RSI: 000000000000000a RDI: 00007ffd939df0e0
[ 81.119161][ T5533] RBP: 00007ffd939df0e0 R08: 00000000ffffffff R09: 00007ffd939deeb0
[ 81.127126][ T5533] R10: 00005555574148b3 R11: 0000000000000246 R12: 00007fdc514e6b24
[ 81.135093][ T5533] R13: 00007ffd939e01a0 R14: 0000555557414810 R15: 00007ffd939e01e0
[ 81.143123][ T5533]
[ 81.157186][ C0]
[ 81.159567][ C0] ================================
[ 81.164680][ C0] WARNING: inconsistent lock state
[ 81.169778][ C0] 6.2.0-rc1-syzkaller-dirty #0 Not tainted
[ 81.175584][ C0] --------------------------------
[ 81.180798][ C0] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
[ 81.187726][ C0] ksoftirqd/0/15 [HC0[0]:SC1[1]:HE1:SE0] takes:
[ 81.194040][ C0] ffff888073f6a048 (&qd->qd_lockref.lock){+.?.}-{2:2}, at: gfs2_qd_dealloc+0x1e/0xa0
[ 81.203524][ C0] {SOFTIRQ-ON-W} state was registered at:
[ 81.209226][ C0] lock_acquire+0x182/0x3c0
[ 81.213832][ C0] _raw_spin_lock+0x2a/0x40
[ 81.218445][ C0] lockref_get_not_dead+0x22/0xb0
[ 81.223556][ C0] qd_check_sync+0x132/0x3f0
[ 81.228245][ C0] gfs2_quota_sync+0x202/0x8b0
[ 81.233122][ C0] gfs2_sync_fs+0x49/0xb0
[ 81.237544][ C0] sync_filesystem+0xe8/0x220
[ 81.242416][ C0] generic_shutdown_super+0x6b/0x310
[ 81.247805][ C0] kill_block_super+0x79/0xd0
[ 81.252593][ C0] deactivate_locked_super+0xa7/0xf0
[ 81.257973][ C0] cleanup_mnt+0x494/0x520
[ 81.262553][ C0] task_work_run+0x243/0x300
[ 81.267224][ C0] exit_to_user_mode_loop+0x124/0x150
[ 81.272677][ C0] exit_to_user_mode_prepare+0xb2/0x140
[ 81.278318][ C0] syscall_exit_to_user_mode+0x26/0x60
[ 81.284052][ C0] do_syscall_64+0x49/0xb0
[ 81.288550][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.294550][ C0] irq event stamp: 299328
[ 81.298933][ C0] hardirqs last enabled at (299328): [] _raw_spin_unlock_irqrestore+0x8b/0x120
[ 81.309521][ C0] hardirqs last disabled at (299327): [] _raw_spin_lock_irqsave+0x8e/0x100
[ 81.319687][ C0] softirqs last enabled at (299078): [] run_ksoftirqd+0xa2/0x100
[ 81.329140][ C0] softirqs last disabled at (299083): [] run_ksoftirqd+0xa2/0x100
[ 81.338864][ C0]
[ 81.338864][ C0] other info that might help us debug this:
[ 81.347009][ C0] Possible unsafe locking scenario:
[ 81.347009][ C0]
[ 81.354444][ C0] CPU0
[ 81.357714][ C0] ----
[ 81.360976][ C0] lock(&qd->qd_lockref.lock);
[ 81.365819][ C0]
[ 81.369254][ C0] lock(&qd->qd_lockref.lock);
[ 81.374264][ C0]
[ 81.374264][ C0] *** DEADLOCK ***
[ 81.374264][ C0]
[ 81.382390][ C0] 1 lock held by ksoftirqd/0/15:
[ 81.387308][ C0] #0: ffffffff8d326d80 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire+0x0/0x20
[ 81.396528][ C0]
[ 81.396528][ C0] stack backtrace:
[ 81.402486][ C0] CPU: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 81.411320][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 81.421362][ C0] Call Trace:
[ 81.424638][ C0]
[ 81.427646][ C0] dump_stack_lvl+0x1b1/0x290
[ 81.432319][ C0] ? nf_tcp_handle_invalid+0x630/0x630
[ 81.437771][ C0] ? panic+0x710/0x710
[ 81.441836][ C0] ? print_tainted+0x141/0x160
[ 81.446588][ C0] ? lockdep_print_held_locks+0x10f/0x1b0
[ 81.452392][ C0] print_usage_bug+0x8b4/0xba0
[ 81.457147][ C0] ? print_lock+0x650/0x650
[ 81.461636][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.466572][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.471497][ C0] ? unwind_next_frame+0x1b06/0x24c0
[ 81.476766][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.481692][ C0] ? unwind_next_frame+0x10d7/0x24c0
[ 81.486980][ C0] ? ret_from_fork+0x1f/0x30
[ 81.491570][ C0] ? stack_trace_save+0x1e0/0x1e0
[ 81.496679][ C0] ? arch_stack_walk+0xb2/0xe0
[ 81.501429][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.506352][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.511278][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.516264][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.521227][ C0] ? unwind_next_frame+0x1b06/0x24c0
[ 81.526510][ C0] ? deref_stack_reg+0x17a/0x210
[ 81.531435][ C0] ? unwind_next_frame+0x10d7/0x24c0
[ 81.536735][ C0] ? lockdep_unlock+0x144/0x2e0
[ 81.541588][ C0] ? lockdep_lock+0x290/0x290
[ 81.546268][ C0] ? stack_trace_save+0x1e0/0x1e0
[ 81.551296][ C0] mark_lock_irq+0xa7f/0xe60
[ 81.555911][ C0] ? save_trace+0xb20/0xb20
[ 81.560512][ C0] ? stack_trace_save+0x104/0x1e0
[ 81.565539][ C0] ? stack_trace_snprint+0xf0/0xf0
[ 81.570743][ C0] ? kmem_cache_free+0x94/0x1d0
[ 81.575583][ C0] ? save_trace+0x5a/0xb20
[ 81.580018][ C0] mark_lock+0x21e/0x350
[ 81.584352][ C0] __lock_acquire+0xb7d/0x1f60
[ 81.589110][ C0] lock_acquire+0x182/0x3c0
[ 81.593605][ C0] ? gfs2_qd_dealloc+0x1e/0xa0
[ 81.598455][ C0] ? read_lock_is_recursive+0x10/0x10
[ 81.603815][ C0] ? read_lock_is_recursive+0x10/0x10
[ 81.609258][ C0] ? do_raw_spin_unlock+0x134/0x8a0
[ 81.614446][ C0] ? _raw_spin_unlock_irqrestore+0x8b/0x120
[ 81.620342][ C0] ? lockdep_hardirqs_on+0x8d/0x130
[ 81.625546][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 81.632163][ C0] ? _raw_spin_unlock+0x40/0x40
[ 81.637016][ C0] ? gfs2_quota_cleanup+0x6b0/0x6b0
[ 81.642205][ C0] _raw_spin_lock+0x2a/0x40
[ 81.646703][ C0] ? gfs2_qd_dealloc+0x1e/0xa0
[ 81.651454][ C0] gfs2_qd_dealloc+0x1e/0xa0
[ 81.656048][ C0] ? gfs2_quota_cleanup+0x6b0/0x6b0
[ 81.661249][ C0] rcu_core+0x9c1/0x1690
[ 81.665479][ C0] ? local_bh_disable+0x20/0x20
[ 81.670311][ C0] ? rcu_qs+0xf2/0x160
[ 81.674368][ C0] ? rcu_softirq_qs+0x2c0/0x2c0
[ 81.679232][ C0] ? rcu_read_lock_sched_held+0x87/0x110
[ 81.684863][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 81.690832][ C0] ? print_irqtrace_events+0x220/0x220
[ 81.696302][ C0] __do_softirq+0x277/0x738
[ 81.700856][ C0] ? run_ksoftirqd+0xa2/0x100
[ 81.705629][ C0] ? __lock_text_end+0x6/0x6
[ 81.710297][ C0] ? preempt_schedule_common+0xb7/0xe0
[ 81.715752][ C0] ? run_ksoftirqd+0x84/0x100
[ 81.720446][ C0] run_ksoftirqd+0xa2/0x100
[ 81.724960][ C0] ? ksoftirqd_should_run+0x20/0x20
[ 81.730147][ C0] ? takeover_tasklets+0x890/0x890
[ 81.735286][ C0] ? ksoftirqd_should_run+0x20/0x20
[ 81.740513][ C0] smpboot_thread_fn+0x533/0xa10
[ 81.745455][ C0] kthread+0x266/0x300
[ 81.749510][ C0] ? cpu_report_death+0x2a0/0x2a0
[ 81.754612][ C0] ? kthread_blkcg+0xd0/0xd0
[ 81.759185][ C0] ret_from_fork+0x1f/0x30
[ 81.763594][ C0]
[ 81.767181][ T5072] Bluetooth: hci0: command 0x041b tx timeout
[ 82.016440][ T5649] loop0: detected capacity change from 0 to 32768
[ 82.024648][ T5649] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 82.035828][ T5649] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 82.044640][ T5649] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 82.053239][ T5574] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 82.060438][ T5574] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 82.096500][ T5574] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 36ms
[ 82.105298][ T5574] gfs2: fsid=syz:syz.0: jid=0: Done
[ 82.110539][ T5649] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 82.202312][ T5649] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 82.229473][ T5533] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 82.229473][ T5533] inode = 11 2340
[ 82.229473][ T5533] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 460
[ 82.248803][ T5533] gfs2: fsid=syz:syz.0: G: s:EX n:2/924 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 82.258691][ T5533] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5533 [syz-executor.0] gfs2_quota_sync+0x3da/0x8b0
[ 82.269572][ T5533] gfs2: fsid=syz:syz.0: I: n:11/2340 t:8 f:0x00 d:0x00000201 s:176 p:0
[ 82.278637][ T5533] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 82.288141][ T5533] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1478
[ 82.302792][ T5533] CPU: 0 PID: 5533 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 82.312019][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 82.322096][ T5533] Call Trace:
[ 82.325655][ T5533]
[ 82.328593][ T5533] dump_stack_lvl+0x1b1/0x290
[ 82.333388][ T5533] ? nf_tcp_handle_invalid+0x630/0x630
[ 82.339080][ T5533] ? panic+0x710/0x710
[ 82.343267][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 82.348498][ T5533] gfs2_assert_warn_i+0x19a/0x2e0
[ 82.353558][ T5533] gfs2_quota_cleanup+0x4c6/0x6b0
[ 82.358632][ T5533] gfs2_make_fs_ro+0x517/0x610
[ 82.363419][ T5533] ? __might_sleep+0xc0/0xc0
[ 82.368076][ T5533] ? gfs2_dinode_out+0xad0/0xad0
[ 82.373113][ T5533] ? gfs2_glock_nq+0xdaa/0x1700
[ 82.377990][ T5533] ? gfs2_instantiate+0x207/0x220
[ 82.383225][ T5533] ? gfs2_glock_wait+0x213/0x2a0
[ 82.388283][ T5533] gfs2_withdraw+0x609/0x1540
[ 82.392995][ T5533] ? gfs2_lm+0x220/0x220
[ 82.397287][ T5533] ? make_kgid+0x1fe/0x710
[ 82.401722][ T5533] ? gfs2_withdraw+0x5cc/0x1540
[ 82.406688][ T5533] ? gfs2_consist_inode_i+0xf3/0x110
[ 82.412004][ T5533] gfs2_inode_refresh+0xb2d/0xf60
[ 82.417146][ T5533] ? gfs2_inode_metasync+0xf0/0xf0
[ 82.422289][ T5533] ? _raw_spin_unlock+0x24/0x40
[ 82.427253][ T5533] ? gfs2_glock_nq+0xdaa/0x1700
[ 82.432129][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 82.437349][ T5533] gfs2_instantiate+0x15e/0x220
[ 82.442221][ T5533] gfs2_glock_wait+0x1d9/0x2a0
[ 82.447008][ T5533] do_sync+0x485/0xc80
[ 82.451105][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 82.456068][ T5533] ? slot_put+0x1f0/0x1f0
[ 82.460511][ T5533] ? do_raw_spin_lock+0x147/0x3a0
[ 82.465559][ T5533] ? __lock_acquire+0x1f60/0x1f60
[ 82.470608][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 82.475567][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 82.480819][ T5533] ? qd_check_sync+0xba/0x3f0
[ 82.485524][ T5533] gfs2_quota_sync+0x3da/0x8b0
[ 82.490318][ T5533] gfs2_sync_fs+0x49/0xb0
[ 82.494668][ T5533] sync_filesystem+0xe8/0x220
[ 82.499367][ T5533] generic_shutdown_super+0x6b/0x310
[ 82.504675][ T5533] kill_block_super+0x79/0xd0
[ 82.509371][ T5533] deactivate_locked_super+0xa7/0xf0
[ 82.514703][ T5533] cleanup_mnt+0x494/0x520
[ 82.519141][ T5533] task_work_run+0x243/0x300
[ 82.523766][ T5533] ? task_work_cancel+0x290/0x290
[ 82.528899][ T5533] ? __x64_sys_umount+0x113/0x150
[ 82.533948][ T5533] ? path_umount+0xf90/0xf90
[ 82.538562][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 82.543959][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 82.549612][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 82.555183][ T5533] do_syscall_64+0x49/0xb0
[ 82.559620][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.565618][ T5533] RIP: 0033:0x7fdc5148d517
[ 82.570056][ T5533] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.589768][ T5533] RSP: 002b:00007ffd939df018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 82.598219][ T5533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdc5148d517
[ 82.606298][ T5533] RDX: 00007ffd939df0e9 RSI: 000000000000000a RDI: 00007ffd939df0e0
[ 82.614376][ T5533] RBP: 00007ffd939df0e0 R08: 00000000ffffffff R09: 00007ffd939deeb0
[ 82.622370][ T5533] R10: 00005555574148b3 R11: 0000000000000246 R12: 00007fdc514e6b24
[ 82.630358][ T5533] R13: 00007ffd939e01a0 R14: 0000555557414810 R15: 00007ffd939e01e0
[ 82.638351][ T5533]
[ 82.649818][ T5533] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 82.659027][ T5533] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 82.667464][ T5533] gfs2: fsid=syz:syz.0: File system withdrawn
[ 82.673565][ T5533] CPU: 0 PID: 5533 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 82.682694][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 82.692782][ T5533] Call Trace:
[ 82.696074][ T5533]
[ 82.699017][ T5533] dump_stack_lvl+0x1b1/0x290
[ 82.703727][ T5533] ? nf_tcp_handle_invalid+0x630/0x630
[ 82.709328][ T5533] ? panic+0x710/0x710
[ 82.713435][ T5533] ? kobject_uevent_env+0x46b/0x8e0
[ 82.718657][ T5533] gfs2_withdraw+0xf33/0x1540
[ 82.723360][ T5533] ? gfs2_lm+0x220/0x220
[ 82.727618][ T5533] ? make_kgid+0x1fe/0x710
[ 82.732062][ T5533] ? gfs2_consist_inode_i+0xf3/0x110
[ 82.737453][ T5533] gfs2_inode_refresh+0xb2d/0xf60
[ 82.742509][ T5533] ? gfs2_inode_metasync+0xf0/0xf0
[ 82.747645][ T5533] ? _raw_spin_unlock+0x24/0x40
[ 82.752522][ T5533] ? gfs2_glock_nq+0xdaa/0x1700
[ 82.757568][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 82.762974][ T5533] gfs2_instantiate+0x15e/0x220
[ 82.767844][ T5533] gfs2_glock_wait+0x1d9/0x2a0
[ 82.772807][ T5533] do_sync+0x485/0xc80
[ 82.776984][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 82.782126][ T5533] ? slot_put+0x1f0/0x1f0
[ 82.786584][ T5533] ? do_raw_spin_lock+0x147/0x3a0
[ 82.791628][ T5533] ? __lock_acquire+0x1f60/0x1f60
[ 82.796679][ T5533] ? gfs2_quota_sync+0x3da/0x8b0
[ 82.801738][ T5533] ? do_raw_spin_unlock+0x134/0x8a0
[ 82.806974][ T5533] ? qd_check_sync+0xba/0x3f0
[ 82.811678][ T5533] gfs2_quota_sync+0x3da/0x8b0
[ 82.816743][ T5533] gfs2_sync_fs+0x49/0xb0
[ 82.821092][ T5533] sync_filesystem+0xe8/0x220
[ 82.825799][ T5533] generic_shutdown_super+0x6b/0x310
[ 82.831109][ T5533] kill_block_super+0x79/0xd0
[ 82.835954][ T5533] deactivate_locked_super+0xa7/0xf0
[ 82.841521][ T5533] cleanup_mnt+0x494/0x520
[ 82.846131][ T5533] task_work_run+0x243/0x300
[ 82.850753][ T5533] ? task_work_cancel+0x290/0x290
[ 82.855811][ T5533] ? __x64_sys_umount+0x113/0x150
[ 82.860978][ T5533] ? path_umount+0xf90/0xf90
[ 82.865603][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 82.871003][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 82.876579][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 82.882065][ T5533] do_syscall_64+0x49/0xb0
[ 82.886515][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.892434][ T5533] RIP: 0033:0x7fdc5148d517
[ 82.896863][ T5533] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.916492][ T5533] RSP: 002b:00007ffd939df018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 82.925091][ T5533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdc5148d517
[ 82.933078][ T5533] RDX: 00007ffd939df0e9 RSI: 000000000000000a RDI: 00007ffd939df0e0
[ 82.941067][ T5533] RBP: 00007ffd939df0e0 R08: 00000000ffffffff R09: 00007ffd939deeb0
[ 82.949051][ T5533] R10: 00005555574148b3 R11: 0000000000000246 R12: 00007fdc514e6b24
[ 82.957120][ T5533] R13: 00007ffd939e01a0 R14: 0000555557414810 R15: 00007ffd939e01e0
[ 82.965122][ T5533]
[ 82.975171][ T5533] ==================================================================
[ 82.983632][ T5533] BUG: KASAN: use-after-free in qd_unlock+0x43/0x2f0
[ 82.990341][ T5533] Read of size 8 at addr ffff888073f6a1e0 by task syz-executor.0/5533
[ 82.998601][ T5533]
[ 83.000932][ T5533] CPU: 0 PID: 5533 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 83.010400][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 83.020560][ T5533] Call Trace:
[ 83.023867][ T5533]
[ 83.026895][ T5533] dump_stack_lvl+0x1b1/0x290
[ 83.031594][ T5533] ? nf_tcp_handle_invalid+0x630/0x630
[ 83.037072][ T5533] ? __wake_up_klogd+0xcd/0x100
[ 83.041948][ T5533] ? panic+0x710/0x710
[ 83.046050][ T5533] ? _printk+0xc0/0x100
[ 83.050481][ T5533] print_address_description+0x74/0x340
[ 83.056221][ T5533] print_report+0x107/0x1f0
[ 83.060929][ T5533] ? __virt_addr_valid+0x21b/0x2d0
[ 83.066240][ T5533] ? __phys_addr+0xb5/0x160
[ 83.070776][ T5533] ? qd_unlock+0x43/0x2f0
[ 83.075301][ T5533] kasan_report+0xcd/0x100
[ 83.079754][ T5533] ? qd_unlock+0x43/0x2f0
[ 83.084121][ T5533] kasan_check_range+0x2a7/0x2e0
[ 83.089081][ T5533] qd_unlock+0x43/0x2f0
[ 83.093267][ T5533] gfs2_quota_sync+0x768/0x8b0
[ 83.098052][ T5533] gfs2_sync_fs+0x49/0xb0
[ 83.102399][ T5533] sync_filesystem+0xe8/0x220
[ 83.107203][ T5533] generic_shutdown_super+0x6b/0x310
[ 83.112492][ T5533] kill_block_super+0x79/0xd0
[ 83.117182][ T5533] deactivate_locked_super+0xa7/0xf0
[ 83.122474][ T5533] cleanup_mnt+0x494/0x520
[ 83.126879][ T5533] task_work_run+0x243/0x300
[ 83.131464][ T5533] ? task_work_cancel+0x290/0x290
[ 83.136585][ T5533] ? __x64_sys_umount+0x113/0x150
[ 83.141647][ T5533] ? path_umount+0xf90/0xf90
[ 83.146243][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 83.151729][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 83.157299][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 83.162758][ T5533] do_syscall_64+0x49/0xb0
[ 83.167180][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 83.173092][ T5533] RIP: 0033:0x7fdc5148d517
[ 83.177509][ T5533] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 83.197391][ T5533] RSP: 002b:00007ffd939df018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 83.205902][ T5533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdc5148d517
[ 83.214034][ T5533] RDX: 00007ffd939df0e9 RSI: 000000000000000a RDI: 00007ffd939df0e0
[ 83.222186][ T5533] RBP: 00007ffd939df0e0 R08: 00000000ffffffff R09: 00007ffd939deeb0
[ 83.230179][ T5533] R10: 00005555574148b3 R11: 0000000000000246 R12: 00007fdc514e6b24
[ 83.238424][ T5533] R13: 00007ffd939e01a0 R14: 0000555557414810 R15: 00007ffd939e01e0
[ 83.246398][ T5533]
[ 83.249401][ T5533]
[ 83.251706][ T5533] Allocated by task 5649:
[ 83.256137][ T5533] kasan_set_track+0x3d/0x60
[ 83.260739][ T5533] __kasan_slab_alloc+0x65/0x70
[ 83.265577][ T5533] kmem_cache_alloc+0x1b3/0x350
[ 83.270441][ T5533] qd_alloc+0x51/0x250
[ 83.274508][ T5533] gfs2_quota_init+0x7c4/0x10e0
[ 83.279439][ T5533] gfs2_make_fs_rw+0x48e/0x590
[ 83.284190][ T5533] gfs2_fill_super+0x2357/0x2700
[ 83.289114][ T5533] get_tree_bdev+0x400/0x620
[ 83.293695][ T5533] gfs2_get_tree+0x50/0x210
[ 83.298183][ T5533] vfs_get_tree+0x88/0x270
[ 83.302583][ T5533] do_new_mount+0x289/0xad0
[ 83.307070][ T5533] __se_sys_mount+0x2d3/0x3c0
[ 83.311816][ T5533] do_syscall_64+0x3d/0xb0
[ 83.316308][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 83.322302][ T5533]
[ 83.325051][ T5533] Freed by task 5533:
[ 83.329016][ T5533] kasan_set_track+0x3d/0x60
[ 83.333714][ T5533] kasan_save_free_info+0x27/0x40
[ 83.338736][ T5533] ____kasan_slab_free+0xd6/0x120
[ 83.343777][ T5533] slab_free_freelist_hook+0x12e/0x1a0
[ 83.349262][ T5533] kmem_cache_free+0x94/0x1d0
[ 83.353935][ T5533] rcu_core+0x9c1/0x1690
[ 83.358261][ T5533] __do_softirq+0x277/0x738
[ 83.362854][ T5533]
[ 83.365162][ T5533] Last potentially related work creation:
[ 83.370904][ T5533] kasan_save_stack+0x2b/0x50
[ 83.375585][ T5533] __kasan_record_aux_stack+0xb0/0xc0
[ 83.380967][ T5533] call_rcu+0x163/0xa70
[ 83.385134][ T5533] gfs2_quota_cleanup+0x457/0x6b0
[ 83.390221][ T5533] gfs2_make_fs_ro+0x517/0x610
[ 83.395374][ T5533] gfs2_withdraw+0x609/0x1540
[ 83.400066][ T5533] gfs2_inode_refresh+0xb2d/0xf60
[ 83.405077][ T5533] gfs2_instantiate+0x15e/0x220
[ 83.410089][ T5533] gfs2_glock_wait+0x1d9/0x2a0
[ 83.414893][ T5533] do_sync+0x485/0xc80
[ 83.419037][ T5533] gfs2_quota_sync+0x3da/0x8b0
[ 83.423789][ T5533] gfs2_sync_fs+0x49/0xb0
[ 83.428113][ T5533] sync_filesystem+0xe8/0x220
[ 83.432781][ T5533] generic_shutdown_super+0x6b/0x310
[ 83.438056][ T5533] kill_block_super+0x79/0xd0
[ 83.442722][ T5533] deactivate_locked_super+0xa7/0xf0
[ 83.448016][ T5533] cleanup_mnt+0x494/0x520
[ 83.452432][ T5533] task_work_run+0x243/0x300
[ 83.457011][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 83.462375][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 83.468003][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 83.473448][ T5533] do_syscall_64+0x49/0xb0
[ 83.477949][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 83.484091][ T5533]
[ 83.486403][ T5533] The buggy address belongs to the object at ffff888073f6a150
[ 83.486403][ T5533] which belongs to the cache gfs2_quotad of size 272
[ 83.500550][ T5533] The buggy address is located 144 bytes inside of
[ 83.500550][ T5533] 272-byte region [ffff888073f6a150, ffff888073f6a260)
[ 83.513901][ T5533]
[ 83.516230][ T5533] The buggy address belongs to the physical page:
[ 83.522714][ T5533] page:ffffea0001cfda80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x73f6a
[ 83.532950][ T5533] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 83.540767][ T5533] raw: 00fff00000000200 ffff888146489b40 dead000000000122 0000000000000000
[ 83.549868][ T5533] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 83.558507][ T5533] page dumped because: kasan: bad access detected
[ 83.564922][ T5533] page_owner tracks the page as allocated
[ 83.570616][ T5533] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5604, tgid 5602 (syz-executor.0), ts 80310187158, free_ts 79966873636
[ 83.592847][ T5533] get_page_from_freelist+0x742/0x7c0
[ 83.598223][ T5533] __alloc_pages+0x259/0x560
[ 83.603187][ T5533] alloc_slab_page+0xbd/0x190
[ 83.608319][ T5533] allocate_slab+0x5e/0x3c0
[ 83.612807][ T5533] ___slab_alloc+0x782/0xe20
[ 83.617917][ T5533] kmem_cache_alloc+0x268/0x350
[ 83.622777][ T5533] qd_alloc+0x51/0x250
[ 83.626882][ T5533] gfs2_quota_init+0x7c4/0x10e0
[ 83.631836][ T5533] gfs2_make_fs_rw+0x48e/0x590
[ 83.636606][ T5533] gfs2_fill_super+0x2357/0x2700
[ 83.641712][ T5533] get_tree_bdev+0x400/0x620
[ 83.646293][ T5533] gfs2_get_tree+0x50/0x210
[ 83.650959][ T5533] vfs_get_tree+0x88/0x270
[ 83.655361][ T5533] do_new_mount+0x289/0xad0
[ 83.659962][ T5533] __se_sys_mount+0x2d3/0x3c0
[ 83.665013][ T5533] do_syscall_64+0x3d/0xb0
[ 83.669680][ T5533] page last free stack trace:
[ 83.676353][ T5533] free_pcp_prepare+0x751/0x780
[ 83.681305][ T5533] free_unref_page+0x19/0x4c0
[ 83.686058][ T5533] __unfreeze_partials+0x1a5/0x1e0
[ 83.691178][ T5533] put_cpu_partial+0x106/0x170
[ 83.695929][ T5533] qlist_free_all+0x2b/0x70
[ 83.700415][ T5533] kasan_quarantine_reduce+0x156/0x170
[ 83.707163][ T5533] __kasan_slab_alloc+0x1f/0x70
[ 83.712020][ T5533] kmem_cache_alloc+0x1b3/0x350
[ 83.717030][ T5533] mas_alloc_nodes+0x1fd/0x650
[ 83.721781][ T5533] mas_preallocate+0x133/0x340
[ 83.726535][ T5533] do_mas_align_munmap+0x211/0x14e0
[ 83.731726][ T5533] do_mas_munmap+0x245/0x2b0
[ 83.737611][ T5533] mmap_region+0x7b0/0x1e20
[ 83.742121][ T5533] do_mmap+0x8d9/0xf30
[ 83.746207][ T5533] vm_mmap_pgoff+0x19e/0x2b0
[ 83.750796][ T5533] ksys_mmap_pgoff+0x48c/0x6d0
[ 83.755555][ T5533]
[ 83.758055][ T5533] Memory state around the buggy address:
[ 83.763674][ T5533] ffff888073f6a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 83.772228][ T5533] ffff888073f6a100: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb
[ 83.780729][ T5533] >ffff888073f6a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 83.789077][ T5533] ^
[ 83.796280][ T5533] ffff888073f6a200: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 83.804411][ T5533] ffff888073f6a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 83.812470][ T5533] ==================================================================
[ 83.824850][ T5533] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 83.832117][ T5533] CPU: 0 PID: 5533 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 83.841219][ T5533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 83.851547][ T5533] Call Trace:
[ 83.855173][ T5533]
[ 83.858102][ T5533] dump_stack_lvl+0x1b1/0x290
[ 83.862907][ T5533] ? nf_tcp_handle_invalid+0x630/0x630
[ 83.868472][ T5533] ? panic+0x710/0x710
[ 83.872554][ T5533] ? lock_release+0x81/0x820
[ 83.877423][ T5533] ? vscnprintf+0x59/0x80
[ 83.882021][ T5533] panic+0x2d6/0x710
[ 83.885919][ T5533] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 83.892328][ T5533] ? check_panic_on_warn+0x1d/0xa0
[ 83.897431][ T5533] ? memcpy_page_flushcache+0x100/0x100
[ 83.902985][ T5533] ? _raw_spin_unlock_irqrestore+0x110/0x120
[ 83.909230][ T5533] ? _raw_spin_unlock+0x40/0x40
[ 83.914258][ T5533] ? print_report+0x1b4/0x1f0
[ 83.919021][ T5533] check_panic_on_warn+0x80/0xa0
[ 83.924455][ T5533] ? qd_unlock+0x43/0x2f0
[ 83.928894][ T5533] end_report+0x47/0x90
[ 83.933046][ T5533] kasan_report+0xda/0x100
[ 83.937547][ T5533] ? qd_unlock+0x43/0x2f0
[ 83.942047][ T5533] kasan_check_range+0x2a7/0x2e0
[ 83.947065][ T5533] qd_unlock+0x43/0x2f0
[ 83.951300][ T5533] gfs2_quota_sync+0x768/0x8b0
[ 83.956229][ T5533] gfs2_sync_fs+0x49/0xb0
[ 83.960755][ T5533] sync_filesystem+0xe8/0x220
[ 83.965439][ T5533] generic_shutdown_super+0x6b/0x310
[ 83.970716][ T5533] kill_block_super+0x79/0xd0
[ 83.975434][ T5533] deactivate_locked_super+0xa7/0xf0
[ 83.980889][ T5533] cleanup_mnt+0x494/0x520
[ 83.985296][ T5533] task_work_run+0x243/0x300
[ 83.989902][ T5533] ? task_work_cancel+0x290/0x290
[ 83.995012][ T5533] ? __x64_sys_umount+0x113/0x150
[ 84.000131][ T5533] ? path_umount+0xf90/0xf90
[ 84.004896][ T5533] exit_to_user_mode_loop+0x124/0x150
[ 84.010272][ T5533] exit_to_user_mode_prepare+0xb2/0x140
[ 84.015990][ T5533] syscall_exit_to_user_mode+0x26/0x60
[ 84.021441][ T5533] do_syscall_64+0x49/0xb0
[ 84.025851][ T5533] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 84.032082][ T5533] RIP: 0033:0x7fdc5148d517
[ 84.036483][ T5533] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 84.056256][ T5533] RSP: 002b:00007ffd939df018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 84.064833][ T5533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdc5148d517
[ 84.072904][ T5533] RDX: 00007ffd939df0e9 RSI: 000000000000000a RDI: 00007ffd939df0e0
[ 84.080989][ T5533] RBP: 00007ffd939df0e0 R08: 00000000ffffffff R09: 00007ffd939deeb0
[ 84.089242][ T5533] R10: 00005555574148b3 R11: 0000000000000246 R12: 00007fdc514e6b24
[ 84.097236][ T5533] R13: 00007ffd939e01a0 R14: 0000555557414810 R15: 00007ffd939e01e0
[ 84.105289][ T5533]
[ 84.108506][ T5533] Kernel Offset: disabled
[ 84.112833][ T5533] Rebooting in 86400 seconds..