[ 76.502668][ T14] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts.
2023/01/22 08:36:38 ignoring optional flag "sandboxArg"="0"
2023/01/22 08:36:38 parsed 1 programs
2023/01/22 08:36:38 executed programs: 0
[ 78.330181][ T4389] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.338225][ T4389] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.347597][ T4389] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.355200][ T4389] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 78.363262][ T4389] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.455242][ T5532] chnl_net:caif_netlink_parms(): no params data found
[ 78.492380][ T5532] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.499663][ T5532] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.507800][ T5532] device bridge_slave_0 entered promiscuous mode
[ 78.515874][ T5532] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.523252][ T5532] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.530988][ T5532] device bridge_slave_1 entered promiscuous mode
[ 78.550356][ T5532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.561341][ T5532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 78.582627][ T5532] team0: Port device team_slave_0 added
[ 78.590013][ T5532] team0: Port device team_slave_1 added
[ 78.606875][ T5532] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 78.614141][ T5532] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.640339][ T5532] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.652869][ T5532] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 78.659924][ T5532] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.686500][ T5532] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.714596][ T5532] device hsr_slave_0 entered promiscuous mode
[ 78.721790][ T5532] device hsr_slave_1 entered promiscuous mode
[ 79.525100][ T5532] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 79.535843][ T5532] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 79.546608][ T5532] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 79.556363][ T5532] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 79.628940][ T5532] 8021q: adding VLAN 0 to HW filter on device bond0
[ 79.644983][ T900] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 79.654590][ T900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 79.665994][ T5532] 8021q: adding VLAN 0 to HW filter on device team0
[ 79.677550][ T900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 79.687628][ T900] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 79.696701][ T900] bridge0: port 1(bridge_slave_0) entered blocking state
[ 79.703871][ T900] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.723217][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 79.733524][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 79.742873][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 79.753772][ T5080] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.760901][ T5080] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.769155][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 79.779482][ T5080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 79.807095][ T5566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 79.818100][ T5566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 79.829059][ T5566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 79.838478][ T5566] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 79.849491][ T5566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 79.858565][ T5566] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 79.870143][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 79.882751][ T900] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 80.076914][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 80.085487][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 80.098958][ T5532] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 80.122756][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 80.134063][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 80.154485][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 80.163536][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 80.174443][ T5532] device veth0_vlan entered promiscuous mode
[ 80.182477][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 80.190499][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 80.203405][ T5532] device veth1_vlan entered promiscuous mode
[ 80.226708][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 80.236463][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 80.245283][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 80.254216][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 80.265050][ T5532] device veth0_macvtap entered promiscuous mode
[ 80.277356][ T5532] device veth1_macvtap entered promiscuous mode
[ 80.296728][ T5532] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 80.305661][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 80.315968][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 80.324686][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 80.334934][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 80.347306][ T5532] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 80.357304][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 80.366969][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 80.379218][ T5532] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.389782][ T5532] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.400447][ T5532] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.409891][ T5532] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 80.423604][ T47] Bluetooth: hci0: command 0x0409 tx timeout
[ 80.485892][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.507680][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.526377][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 80.545650][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 80.554788][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.566320][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 80.943949][ T5601] loop0: detected capacity change from 0 to 32768
[ 80.960789][ T5601] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 80.969603][ T5601] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 80.987091][ T5601] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 80.998449][ T14] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 81.005758][ T14] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 81.069245][ T14] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 63ms
[ 81.080351][ T14] gfs2: fsid=syz:syz.0: jid=0: Done
[ 81.086421][ T5601] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 81.243183][ T5601] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 81.287731][ T5532] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 81.287731][ T5532] inode = 11 2340
[ 81.287731][ T5532] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 460
[ 81.309886][ T5532] gfs2: fsid=syz:syz.0: G: s:EX n:2/924 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 81.320657][ T5532] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5532 [syz-executor.0] gfs2_quota_sync+0x3da/0x8b0
[ 81.333122][ T5532] gfs2: fsid=syz:syz.0: I: n:11/2340 t:8 f:0x00 d:0x00000201 s:176 p:0
[ 81.343794][ T5532] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 81.358455][ T5532] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1475
[ 81.372851][ T5532] CPU: 1 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 81.382080][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 81.392343][ T5532] Call Trace:
[ 81.395654][ T5532]
[ 81.398603][ T5532] dump_stack_lvl+0x1b1/0x290
[ 81.403489][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 81.409067][ T5532] ? panic+0x710/0x710
[ 81.413187][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 81.418421][ T5532] gfs2_assert_warn_i+0x19a/0x2e0
[ 81.423480][ T5532] gfs2_quota_cleanup+0x4c6/0x6b0
[ 81.428611][ T5532] gfs2_make_fs_ro+0x517/0x610
[ 81.433377][ T5532] ? __might_sleep+0xc0/0xc0
[ 81.437965][ T5532] ? gfs2_dinode_out+0xad0/0xad0
[ 81.442910][ T5532] ? gfs2_glock_nq+0xdaa/0x1700
[ 81.447756][ T5532] ? gfs2_instantiate+0x207/0x220
[ 81.452864][ T5532] ? gfs2_glock_wait+0x213/0x2a0
[ 81.457802][ T5532] gfs2_withdraw+0x609/0x1540
[ 81.462579][ T5532] ? gfs2_lm+0x220/0x220
[ 81.466820][ T5532] ? make_kgid+0x1fe/0x710
[ 81.471237][ T5532] ? gfs2_withdraw+0x5cc/0x1540
[ 81.476170][ T5532] ? gfs2_consist_inode_i+0xf3/0x110
[ 81.481452][ T5532] gfs2_inode_refresh+0xb2d/0xf60
[ 81.486484][ T5532] ? gfs2_inode_metasync+0xf0/0xf0
[ 81.491592][ T5532] ? _raw_spin_unlock+0x24/0x40
[ 81.496532][ T5532] ? gfs2_glock_nq+0xdaa/0x1700
[ 81.501462][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 81.506658][ T5532] gfs2_instantiate+0x15e/0x220
[ 81.511504][ T5532] gfs2_glock_wait+0x1d9/0x2a0
[ 81.516352][ T5532] do_sync+0x485/0xc80
[ 81.520420][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 81.525368][ T5532] ? slot_put+0x1f0/0x1f0
[ 81.529690][ T5532] ? do_raw_spin_lock+0x147/0x3a0
[ 81.534715][ T5532] ? __lock_acquire+0x1f60/0x1f60
[ 81.539821][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 81.544803][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 81.550083][ T5532] ? qd_check_sync+0xba/0x3f0
[ 81.554943][ T5532] gfs2_quota_sync+0x3da/0x8b0
[ 81.559738][ T5532] gfs2_sync_fs+0x49/0xb0
[ 81.564063][ T5532] sync_filesystem+0xe8/0x220
[ 81.568740][ T5532] generic_shutdown_super+0x6b/0x310
[ 81.574112][ T5532] kill_block_super+0x79/0xd0
[ 81.578779][ T5532] deactivate_locked_super+0xa7/0xf0
[ 81.584064][ T5532] cleanup_mnt+0x494/0x520
[ 81.588562][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 81.593753][ T5532] task_work_run+0x243/0x300
[ 81.598343][ T5532] ? task_work_cancel+0x290/0x290
[ 81.603372][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 81.608837][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 81.614232][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 81.619820][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 81.625287][ T5532] do_syscall_64+0x49/0xb0
[ 81.629710][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.636292][ T5532] RIP: 0033:0x7efdd688d517
[ 81.640728][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.660550][ T5532] RSP: 002b:00007fff34520ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 81.669413][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdd688d517
[ 81.677403][ T5532] RDX: 00007fff34520db9 RSI: 000000000000000a RDI: 00007fff34520db0
[ 81.685388][ T5532] RBP: 00007fff34520db0 R08: 00000000ffffffff R09: 00007fff34520b80
[ 81.695973][ T5532] R10: 0000555555ca38b3 R11: 0000000000000246 R12: 00007efdd68e6b24
[ 81.704152][ T5532] R13: 00007fff34521e70 R14: 0000555555ca3810 R15: 00007fff34521eb0
[ 81.712868][ T5532]
[ 81.727275][ T5532] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 81.744376][ T5532] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 81.757208][ T5532] gfs2: fsid=syz:syz.0: File system withdrawn
[ 81.763429][ T5532] CPU: 0 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 81.772834][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 81.783399][ T5532] Call Trace:
[ 81.787044][ T5532]
[ 81.790096][ T5532] dump_stack_lvl+0x1b1/0x290
[ 81.794819][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 81.800403][ T5532] ? panic+0x710/0x710
[ 81.804509][ T5532] ? kobject_uevent_env+0x46b/0x8e0
[ 81.809936][ T5532] gfs2_withdraw+0xf33/0x1540
[ 81.814705][ T5532] ? gfs2_lm+0x220/0x220
[ 81.819235][ T5532] ? make_kgid+0x1fe/0x710
[ 81.823801][ T5532] ? gfs2_consist_inode_i+0xf3/0x110
[ 81.829222][ T5532] gfs2_inode_refresh+0xb2d/0xf60
[ 81.834302][ T5532] ? gfs2_inode_metasync+0xf0/0xf0
[ 81.839712][ T5532] ? _raw_spin_unlock+0x24/0x40
[ 81.844688][ T5532] ? gfs2_glock_nq+0xdaa/0x1700
[ 81.849572][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 81.854819][ T5532] gfs2_instantiate+0x15e/0x220
[ 81.859920][ T5532] gfs2_glock_wait+0x1d9/0x2a0
[ 81.864748][ T5532] do_sync+0x485/0xc80
[ 81.868861][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 81.873847][ T5532] ? slot_put+0x1f0/0x1f0
[ 81.878213][ T5532] ? do_raw_spin_lock+0x147/0x3a0
[ 81.883354][ T5532] ? __lock_acquire+0x1f60/0x1f60
[ 81.888507][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 81.893478][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 81.898814][ T5532] ? qd_check_sync+0xba/0x3f0
[ 81.903794][ T5532] gfs2_quota_sync+0x3da/0x8b0
[ 81.908614][ T5532] gfs2_sync_fs+0x49/0xb0
[ 81.913593][ T5532] sync_filesystem+0xe8/0x220
[ 81.918669][ T5532] generic_shutdown_super+0x6b/0x310
[ 81.924027][ T5532] kill_block_super+0x79/0xd0
[ 81.928834][ T5532] deactivate_locked_super+0xa7/0xf0
[ 81.934185][ T5532] cleanup_mnt+0x494/0x520
[ 81.938659][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 81.943980][ T5532] task_work_run+0x243/0x300
[ 81.948723][ T5532] ? task_work_cancel+0x290/0x290
[ 81.953798][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 81.959472][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 81.964896][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 81.970493][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 81.976161][ T5532] do_syscall_64+0x49/0xb0
[ 81.980736][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 81.986761][ T5532] RIP: 0033:0x7efdd688d517
[ 81.991203][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.010847][ T5532] RSP: 002b:00007fff34520ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 82.019294][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdd688d517
[ 82.027484][ T5532] RDX: 00007fff34520db9 RSI: 000000000000000a RDI: 00007fff34520db0
[ 82.035681][ T5532] RBP: 00007fff34520db0 R08: 00000000ffffffff R09: 00007fff34520b80
[ 82.043799][ T5532] R10: 0000555555ca38b3 R11: 0000000000000246 R12: 00007efdd68e6b24
[ 82.051798][ T5532] R13: 00007fff34521e70 R14: 0000555555ca3810 R15: 00007fff34521eb0
[ 82.059815][ T5532]
[ 82.077349][ T5532] ==================================================================
[ 82.085890][ T5532] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[ 82.092589][ T5532] Read of size 8 at addr ffff888075a86090 by task syz-executor.0/5532
[ 82.100924][ T5532]
[ 82.103257][ T5532] CPU: 0 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 82.112559][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 82.122804][ T5532] Call Trace:
[ 82.126099][ T5532]
[ 82.129040][ T5532] dump_stack_lvl+0x1b1/0x290
[ 82.133912][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 82.139410][ T5532] ? __wake_up_klogd+0xcd/0x100
[ 82.144275][ T5532] ? panic+0x710/0x710
[ 82.148372][ T5532] ? _printk+0xc0/0x100
[ 82.152540][ T5532] ? _raw_spin_lock_irqsave+0x8e/0x100
[ 82.158028][ T5532] print_address_description+0x74/0x340
[ 82.163597][ T5532] print_report+0x107/0x1f0
[ 82.168179][ T5532] ? __virt_addr_valid+0x21b/0x2d0
[ 82.173314][ T5532] ? __phys_addr+0xb5/0x160
[ 82.177840][ T5532] ? qd_unlock+0x30/0x2d0
[ 82.182204][ T5532] kasan_report+0xcd/0x100
[ 82.186666][ T5532] ? qd_unlock+0x30/0x2d0
[ 82.191031][ T5532] kasan_check_range+0x2a7/0x2e0
[ 82.196012][ T5532] qd_unlock+0x30/0x2d0
[ 82.200193][ T5532] gfs2_quota_sync+0x768/0x8b0
[ 82.205079][ T5532] gfs2_sync_fs+0x49/0xb0
[ 82.209429][ T5532] sync_filesystem+0xe8/0x220
[ 82.214132][ T5532] generic_shutdown_super+0x6b/0x310
[ 82.219539][ T5532] kill_block_super+0x79/0xd0
[ 82.224324][ T5532] deactivate_locked_super+0xa7/0xf0
[ 82.229636][ T5532] cleanup_mnt+0x494/0x520
[ 82.234083][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 82.239395][ T5532] task_work_run+0x243/0x300
[ 82.244016][ T5532] ? task_work_cancel+0x290/0x290
[ 82.249153][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 82.254637][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 82.260056][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 82.265978][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 82.272079][ T5532] do_syscall_64+0x49/0xb0
[ 82.276681][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.282699][ T5532] RIP: 0033:0x7efdd688d517
[ 82.287288][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.307089][ T5532] RSP: 002b:00007fff34520ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 82.315626][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdd688d517
[ 82.323705][ T5532] RDX: 00007fff34520db9 RSI: 000000000000000a RDI: 00007fff34520db0
[ 82.331785][ T5532] RBP: 00007fff34520db0 R08: 00000000ffffffff R09: 00007fff34520b80
[ 82.339866][ T5532] R10: 0000555555ca38b3 R11: 0000000000000246 R12: 00007efdd68e6b24
[ 82.347948][ T5532] R13: 00007fff34521e70 R14: 0000555555ca3810 R15: 00007fff34521eb0
[ 82.356038][ T5532]
[ 82.359077][ T5532]
[ 82.361452][ T5532] Allocated by task 5601:
[ 82.365798][ T5532] kasan_set_track+0x3d/0x60
[ 82.370620][ T5532] __kasan_slab_alloc+0x65/0x70
[ 82.375577][ T5532] kmem_cache_alloc+0x1b3/0x350
[ 82.380442][ T5532] qd_alloc+0x51/0x250
[ 82.384540][ T5532] gfs2_quota_init+0x7c4/0x10e0
[ 82.391678][ T5532] gfs2_make_fs_rw+0x48e/0x590
[ 82.396467][ T5532] gfs2_fill_super+0x2357/0x2700
[ 82.401430][ T5532] get_tree_bdev+0x400/0x620
[ 82.406048][ T5532] gfs2_get_tree+0x50/0x210
[ 82.410843][ T5532] vfs_get_tree+0x88/0x270
[ 82.415457][ T5532] do_new_mount+0x289/0xad0
[ 82.420156][ T5532] __se_sys_mount+0x2d3/0x3c0
[ 82.424861][ T5532] do_syscall_64+0x3d/0xb0
[ 82.429319][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.435320][ T5532]
[ 82.438082][ T5532] Freed by task 5628:
[ 82.442064][ T5532] kasan_set_track+0x3d/0x60
[ 82.447016][ T5532] kasan_save_free_info+0x27/0x40
[ 82.452136][ T5532] ____kasan_slab_free+0xd6/0x120
[ 82.457187][ T5532] slab_free_freelist_hook+0x12e/0x1a0
[ 82.462675][ T5532] kmem_cache_free+0x94/0x1d0
[ 82.467455][ T5532] rcu_core+0x9c1/0x1690
[ 82.471712][ T5532] __do_softirq+0x277/0x738
[ 82.476235][ T5532]
[ 82.478568][ T5532] Last potentially related work creation:
[ 82.484389][ T5532] kasan_save_stack+0x2b/0x50
[ 82.489168][ T5532] __kasan_record_aux_stack+0xb0/0xc0
[ 82.494723][ T5532] call_rcu+0x163/0xa70
[ 82.498981][ T5532] gfs2_quota_cleanup+0x457/0x6b0
[ 82.504114][ T5532] gfs2_make_fs_ro+0x517/0x610
[ 82.509256][ T5532] gfs2_withdraw+0x609/0x1540
[ 82.513951][ T5532] gfs2_inode_refresh+0xb2d/0xf60
[ 82.519002][ T5532] gfs2_instantiate+0x15e/0x220
[ 82.523866][ T5532] gfs2_glock_wait+0x1d9/0x2a0
[ 82.528647][ T5532] do_sync+0x485/0xc80
[ 82.531238][ T47] Bluetooth: hci0: command 0x041b tx timeout
[ 82.532715][ T5532] gfs2_quota_sync+0x3da/0x8b0
[ 82.543814][ T5532] gfs2_sync_fs+0x49/0xb0
[ 82.548280][ T5532] sync_filesystem+0xe8/0x220
[ 82.552989][ T5532] generic_shutdown_super+0x6b/0x310
[ 82.558292][ T5532] kill_block_super+0x79/0xd0
[ 82.562980][ T5532] deactivate_locked_super+0xa7/0xf0
[ 82.568306][ T5532] cleanup_mnt+0x494/0x520
[ 82.572729][ T5532] task_work_run+0x243/0x300
[ 82.577337][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 82.582726][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 82.588385][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 82.593881][ T5532] do_syscall_64+0x49/0xb0
[ 82.598382][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.604291][ T5532]
[ 82.606667][ T5532] The buggy address belongs to the object at ffff888075a86000
[ 82.606667][ T5532] which belongs to the cache gfs2_quotad of size 272
[ 82.620904][ T5532] The buggy address is located 144 bytes inside of
[ 82.620904][ T5532] 272-byte region [ffff888075a86000, ffff888075a86110)
[ 82.634448][ T5532]
[ 82.636796][ T5532] The buggy address belongs to the physical page:
[ 82.643223][ T5532] page:ffffea0001d6a180 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x75a86
[ 82.653608][ T5532] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 82.661171][ T5532] raw: 00fff00000000200 ffff88814618cdc0 dead000000000122 0000000000000000
[ 82.669956][ T5532] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 82.678550][ T5532] page dumped because: kasan: bad access detected
[ 82.684970][ T5532] page_owner tracks the page as allocated
[ 82.690777][ T5532] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5601, tgid 5599 (syz-executor.0), ts 81209929771, free_ts 80716307165
[ 82.712438][ T5532] get_page_from_freelist+0x742/0x7c0
[ 82.717832][ T5532] __alloc_pages+0x259/0x560
[ 82.722447][ T5532] alloc_slab_page+0xbd/0x190
[ 82.727167][ T5532] allocate_slab+0x5e/0x3c0
[ 82.731694][ T5532] ___slab_alloc+0x782/0xe20
[ 82.736309][ T5532] kmem_cache_alloc+0x268/0x350
[ 82.741175][ T5532] qd_alloc+0x51/0x250
[ 82.745257][ T5532] gfs2_quota_init+0x7c4/0x10e0
[ 82.750206][ T5532] gfs2_make_fs_rw+0x48e/0x590
[ 82.755064][ T5532] gfs2_fill_super+0x2357/0x2700
[ 82.760202][ T5532] get_tree_bdev+0x400/0x620
[ 82.764901][ T5532] gfs2_get_tree+0x50/0x210
[ 82.769428][ T5532] vfs_get_tree+0x88/0x270
[ 82.773864][ T5532] do_new_mount+0x289/0xad0
[ 82.778376][ T5532] __se_sys_mount+0x2d3/0x3c0
[ 82.783066][ T5532] do_syscall_64+0x3d/0xb0
[ 82.787547][ T5532] page last free stack trace:
[ 82.792316][ T5532] free_pcp_prepare+0x751/0x780
[ 82.797192][ T5532] free_unref_page+0x19/0x4c0
[ 82.801972][ T5532] __unfreeze_partials+0x1a5/0x1e0
[ 82.807099][ T5532] put_cpu_partial+0x106/0x170
[ 82.811878][ T5532] qlist_free_all+0x2b/0x70
[ 82.816402][ T5532] kasan_quarantine_reduce+0x156/0x170
[ 82.821883][ T5532] __kasan_slab_alloc+0x1f/0x70
[ 82.826848][ T5532] kmem_cache_alloc+0x1b3/0x350
[ 82.832152][ T5532] ptlock_alloc+0x1c/0x60
[ 82.836587][ T5532] pte_alloc_one+0xc3/0x320
[ 82.841216][ T5532] __pte_alloc+0x75/0x220
[ 82.845557][ T5532] do_anonymous_page+0xda9/0x10b0
[ 82.850599][ T5532] handle_mm_fault+0x1610/0x26b0
[ 82.855552][ T5532] do_user_addr_fault+0x69b/0xcb0
[ 82.860770][ T5532] exc_page_fault+0x7a/0x110
[ 82.865473][ T5532] asm_exc_page_fault+0x22/0x30
[ 82.870436][ T5532]
[ 82.872763][ T5532] Memory state around the buggy address:
[ 82.878486][ T5532] ffff888075a85f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 82.886664][ T5532] ffff888075a86000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 82.895043][ T5532] >ffff888075a86080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 82.903117][ T5532] ^
[ 82.907842][ T5532] ffff888075a86100: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 82.916174][ T5532] ffff888075a86180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 82.924854][ T5532] ==================================================================
[ 82.954194][ T5532] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 82.961696][ T5532] CPU: 0 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 82.970905][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 82.980986][ T5532] Call Trace:
[ 82.984367][ T5532]
[ 82.987318][ T5532] dump_stack_lvl+0x1b1/0x290
[ 82.992105][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 82.998016][ T5532] ? panic+0x710/0x710
[ 83.002109][ T5532] ? lock_release+0x81/0x820
[ 83.007068][ T5532] ? vscnprintf+0x59/0x80
[ 83.012248][ T5532] panic+0x2d6/0x710
[ 83.016259][ T5532] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 83.022432][ T5532] ? check_panic_on_warn+0x1d/0xa0
[ 83.027680][ T5532] ? memcpy_page_flushcache+0x100/0x100
[ 83.033427][ T5532] ? _raw_spin_unlock_irqrestore+0x110/0x120
[ 83.039612][ T5532] ? _raw_spin_unlock+0x40/0x40
[ 83.044570][ T5532] ? print_report+0x1b4/0x1f0
[ 83.049356][ T5532] check_panic_on_warn+0x80/0xa0
[ 83.054399][ T5532] ? qd_unlock+0x30/0x2d0
[ 83.058753][ T5532] end_report+0x47/0x90
[ 83.063020][ T5532] kasan_report+0xda/0x100
[ 83.067455][ T5532] ? qd_unlock+0x30/0x2d0
[ 83.071803][ T5532] kasan_check_range+0x2a7/0x2e0
[ 83.076957][ T5532] qd_unlock+0x30/0x2d0
[ 83.081655][ T5532] gfs2_quota_sync+0x768/0x8b0
[ 83.086620][ T5532] gfs2_sync_fs+0x49/0xb0
[ 83.090970][ T5532] sync_filesystem+0xe8/0x220
[ 83.095766][ T5532] generic_shutdown_super+0x6b/0x310
[ 83.101250][ T5532] kill_block_super+0x79/0xd0
[ 83.106032][ T5532] deactivate_locked_super+0xa7/0xf0
[ 83.111513][ T5532] cleanup_mnt+0x494/0x520
[ 83.116125][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 83.121443][ T5532] task_work_run+0x243/0x300
[ 83.126183][ T5532] ? task_work_cancel+0x290/0x290
[ 83.131256][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 83.136748][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 83.142150][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 83.147809][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 83.153285][ T5532] do_syscall_64+0x49/0xb0
[ 83.157735][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 83.163647][ T5532] RIP: 0033:0x7efdd688d517
[ 83.168161][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 83.187957][ T5532] RSP: 002b:00007fff34520ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 83.196388][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007efdd688d517
[ 83.204381][ T5532] RDX: 00007fff34520db9 RSI: 000000000000000a RDI: 00007fff34520db0
[ 83.212453][ T5532] RBP: 00007fff34520db0 R08: 00000000ffffffff R09: 00007fff34520b80
[ 83.220540][ T5532] R10: 0000555555ca38b3 R11: 0000000000000246 R12: 00007efdd68e6b24
[ 83.228787][ T5532] R13: 00007fff34521e70 R14: 0000555555ca3810 R15: 00007fff34521eb0
[ 83.236877][ T5532]
[ 83.240080][ T5532] Kernel Offset: disabled
[ 83.244406][ T5532] Rebooting in 86400 seconds..