Warning: Permanently added '10.128.0.194' (ECDSA) to the list of known hosts.
[   76.264919][    T7] cfg80211: failed to load regulatory.db
2023/01/04 18:21:36 ignoring optional flag "sandboxArg"="0"
2023/01/04 18:21:36 parsed 1 programs
2023/01/04 18:21:36 executed programs: 0
[   76.818234][ T4388] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.826440][ T4388] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.834604][ T4388] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.842342][ T4388] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.849933][ T4388] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.954705][ T5530] chnl_net:caif_netlink_parms(): no params data found
[   76.995069][ T5530] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.002367][ T5530] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.010400][ T5530] device bridge_slave_0 entered promiscuous mode
[   77.018532][ T5530] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.026876][ T5530] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.034777][ T5530] device bridge_slave_1 entered promiscuous mode
[   77.054790][ T5530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.065703][ T5530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.088220][ T5530] team0: Port device team_slave_0 added
[   77.095902][ T5530] team0: Port device team_slave_1 added
[   77.112547][ T5530] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.119571][ T5530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.145674][ T5530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.158331][ T5530] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.165580][ T5530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.191548][ T5530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.220659][ T5530] device hsr_slave_0 entered promiscuous mode
[   77.227354][ T5530] device hsr_slave_1 entered promiscuous mode
[   77.968632][ T5530] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   77.979218][ T5530] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   77.990633][ T5530] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   78.001087][ T5530] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   78.077154][ T5530] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.094237][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   78.103612][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   78.114815][ T5530] 8021q: adding VLAN 0 to HW filter on device team0
[   78.127750][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   78.139734][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.149060][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.156235][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.176650][ T4768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.185318][ T4768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   78.194787][ T4768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.205485][ T4768] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.212600][ T4768] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.220783][ T4768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.231431][ T4768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.257659][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.270033][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   78.279711][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   78.291058][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   78.300126][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   78.310372][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   78.321481][ T5530] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   78.334559][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   78.537081][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   78.545380][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   78.558638][ T5530] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.581744][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   78.592517][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.614679][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   78.623978][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.634009][ T5530] device veth0_vlan entered promiscuous mode
[   78.643385][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   78.651237][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   78.662098][ T5530] device veth1_vlan entered promiscuous mode
[   78.687691][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   78.698203][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   78.707032][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   78.715969][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   78.726828][ T5530] device veth0_macvtap entered promiscuous mode
[   78.739242][ T5530] device veth1_macvtap entered promiscuous mode
[   78.758157][ T5530] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.767475][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   78.777206][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   78.786871][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   78.795726][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.808748][ T5530] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.818290][ T5581] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.829152][ T5581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.841675][ T5530] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.851910][ T5530] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.860968][ T5530] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.871077][ T5530] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.913710][ T4388] Bluetooth: hci0: command 0x0409 tx timeout
[   78.938960][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.956597][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.977092][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.995005][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.002959][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.016066][ T5581] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   79.454667][ T5595] loop0: detected capacity change from 0 to 32768
[   79.471015][ T5595] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   79.485877][ T5595] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   79.506280][ T5595] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[   79.517946][ T5581] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   79.525396][ T5581] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   79.593928][ T5581] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 68ms
[   79.602617][ T5581] gfs2: fsid=syz:syz.0: jid=0: Done
[   79.608494][ T5595] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   79.791009][ T5595] gfs2: fsid=syz:syz.0: found 1 quota changes
[   79.824768][ T5530] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[   79.824768][ T5530]   inode = 11 2340
[   79.824768][ T5530]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 460
[   79.845898][ T5530] gfs2: fsid=syz:syz.0: G:  s:EX n:2/924 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[   79.855391][ T5530] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5530 [syz-executor.0] gfs2_quota_sync+0x3da/0x8b0
[   79.867079][ T5530] gfs2: fsid=syz:syz.0:  I: n:11/2340 t:8 f:0x00 d:0x00000201 s:176 p:0
[   79.877651][ T5530] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   79.892174][ T5530] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1477
[   79.906480][ T5530] CPU: 1 PID: 5530 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[   79.915625][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   79.925713][ T5530] Call Trace:
[   79.929012][ T5530]  <TASK>
[   79.931967][ T5530]  dump_stack_lvl+0x1b1/0x290
[   79.936768][ T5530]  ? nf_tcp_handle_invalid+0x630/0x630
[   79.942261][ T5530]  ? panic+0x710/0x710
[   79.946360][ T5530]  ? do_raw_spin_unlock+0x134/0x8a0
[   79.951598][ T5530]  gfs2_assert_warn_i+0x19a/0x2e0
[   79.956661][ T5530]  gfs2_quota_cleanup+0x4c6/0x6b0
[   79.961733][ T5530]  gfs2_make_fs_ro+0x517/0x610
[   79.966527][ T5530]  ? __might_sleep+0xc0/0xc0
[   79.971169][ T5530]  ? gfs2_dinode_out+0xad0/0xad0
[   79.976138][ T5530]  ? gfs2_glock_nq+0xdaa/0x1700
[   79.981024][ T5530]  ? gfs2_instantiate+0x207/0x220
[   79.986091][ T5530]  ? gfs2_glock_wait+0x213/0x2a0
[   79.991068][ T5530]  gfs2_withdraw+0x609/0x1540
[   79.995799][ T5530]  ? gfs2_lm+0x220/0x220
[   80.000070][ T5530]  ? make_kgid+0x1fe/0x710
[   80.004530][ T5530]  ? gfs2_withdraw+0x5cc/0x1540
[   80.009413][ T5530]  ? gfs2_consist_inode_i+0xf3/0x110
[   80.014730][ T5530]  gfs2_inode_refresh+0xb2d/0xf60
[   80.019794][ T5530]  ? gfs2_inode_metasync+0xf0/0xf0
[   80.024930][ T5530]  ? _raw_spin_unlock+0x24/0x40
[   80.029809][ T5530]  ? gfs2_glock_nq+0xdaa/0x1700
[   80.034689][ T5530]  ? do_raw_spin_unlock+0x134/0x8a0
[   80.039917][ T5530]  gfs2_instantiate+0x15e/0x220
[   80.044808][ T5530]  gfs2_glock_wait+0x1d9/0x2a0
[   80.049604][ T5530]  do_sync+0x483/0xd00
[   80.053705][ T5530]  ? gfs2_quota_sync+0x3da/0x8b0
[   80.058683][ T5530]  ? slot_put+0x1f0/0x1f0
[   80.063050][ T5530]  ? do_raw_spin_lock+0x147/0x3a0
[   80.068111][ T5530]  ? __lock_acquire+0x1f60/0x1f60
[   80.073168][ T5530]  ? gfs2_quota_sync+0x3da/0x8b0
[   80.078141][ T5530]  ? do_raw_spin_unlock+0x134/0x8a0
[   80.083370][ T5530]  ? qd_check_sync+0xba/0x3f0
[   80.088082][ T5530]  gfs2_quota_sync+0x3da/0x8b0
[   80.092888][ T5530]  gfs2_sync_fs+0x49/0xb0
[   80.097242][ T5530]  sync_filesystem+0xe8/0x220
[   80.101962][ T5530]  generic_shutdown_super+0x6b/0x310
[   80.107279][ T5530]  kill_block_super+0x79/0xd0
[   80.111983][ T5530]  deactivate_locked_super+0xa7/0xf0
[   80.117304][ T5530]  cleanup_mnt+0x494/0x520
[   80.121742][ T5530]  ? lockdep_hardirqs_on+0x8d/0x130
[   80.126976][ T5530]  task_work_run+0x243/0x300
[   80.131602][ T5530]  ? task_work_cancel+0x290/0x290
[   80.136683][ T5530]  ? exit_to_user_mode_loop+0x42/0x150
[   80.142175][ T5530]  exit_to_user_mode_loop+0x124/0x150
[   80.147578][ T5530]  exit_to_user_mode_prepare+0xb2/0x140
[   80.153156][ T5530]  syscall_exit_to_user_mode+0x26/0x60
[   80.158644][ T5530]  do_syscall_64+0x49/0xb0
[   80.163093][ T5530]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.169036][ T5530] RIP: 0033:0x7f43c0a8d517
[   80.174088][ T5530] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   80.193722][ T5530] RSP: 002b:00007fff6e54caf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   80.202166][ T5530] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f43c0a8d517
[   80.210168][ T5530] RDX: 00007fff6e54cbc9 RSI: 000000000000000a RDI: 00007fff6e54cbc0
[   80.218168][ T5530] RBP: 00007fff6e54cbc0 R08: 00000000ffffffff R09: 00007fff6e54c990
[   80.226166][ T5530] R10: 0000555556b8d8b3 R11: 0000000000000246 R12: 00007f43c0ae6b24
[   80.234178][ T5530] R13: 00007fff6e54dc80 R14: 0000555556b8d810 R15: 00007fff6e54dcc0
[   80.242197][ T5530]  </TASK>
[   80.270440][ T5530] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   80.279399][ T5530] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   80.289651][ T5530] gfs2: fsid=syz:syz.0: File system withdrawn
[   80.296067][ T5530] CPU: 1 PID: 5530 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[   80.305209][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   80.315283][ T5530] Call Trace:
[   80.318578][ T5530]  <TASK>
[   80.321534][ T5530]  dump_stack_lvl+0x1b1/0x290
[   80.326244][ T5530]  ? nf_tcp_handle_invalid+0x630/0x630
[   80.331731][ T5530]  ? panic+0x710/0x710
[   80.335822][ T5530]  ? kobject_uevent_env+0x46b/0x8e0
[   80.341063][ T5530]  gfs2_withdraw+0xf33/0x1540
[   80.345784][ T5530]  ? gfs2_lm+0x220/0x220
[   80.350053][ T5530]  ? make_kgid+0x1fe/0x710
[   80.354508][ T5530]  ? gfs2_consist_inode_i+0xf3/0x110
[   80.359817][ T5530]  gfs2_inode_refresh+0xb2d/0xf60
[   80.364855][ T5530]  ? gfs2_inode_metasync+0xf0/0xf0
[   80.369968][ T5530]  ? _raw_spin_unlock+0x24/0x40
[   80.374820][ T5530]  ? gfs2_glock_nq+0xdaa/0x1700
[   80.379673][ T5530]  ? do_raw_spin_unlock+0x134/0x8a0
[   80.384876][ T5530]  gfs2_instantiate+0x15e/0x220
[   80.389728][ T5530]  gfs2_glock_wait+0x1d9/0x2a0
[   80.394503][ T5530]  do_sync+0x483/0xd00
[   80.398578][ T5530]  ? gfs2_quota_sync+0x3da/0x8b0
[   80.403538][ T5530]  ? slot_put+0x1f0/0x1f0
[   80.407868][ T5530]  ? do_raw_spin_lock+0x147/0x3a0
[   80.412894][ T5530]  ? __lock_acquire+0x1f60/0x1f60
[   80.417922][ T5530]  ? gfs2_quota_sync+0x3da/0x8b0
[   80.422858][ T5530]  ? do_raw_spin_unlock+0x134/0x8a0
[   80.428145][ T5530]  ? qd_check_sync+0xba/0x3f0
[   80.432826][ T5530]  gfs2_quota_sync+0x3da/0x8b0
[   80.437600][ T5530]  gfs2_sync_fs+0x49/0xb0
[   80.441957][ T5530]  sync_filesystem+0xe8/0x220
[   80.446637][ T5530]  generic_shutdown_super+0x6b/0x310
[   80.451945][ T5530]  kill_block_super+0x79/0xd0
[   80.456616][ T5530]  deactivate_locked_super+0xa7/0xf0
[   80.461900][ T5530]  cleanup_mnt+0x494/0x520
[   80.466311][ T5530]  ? lockdep_hardirqs_on+0x8d/0x130
[   80.471508][ T5530]  task_work_run+0x243/0x300
[   80.476119][ T5530]  ? task_work_cancel+0x290/0x290
[   80.481147][ T5530]  ? exit_to_user_mode_loop+0x42/0x150
[   80.486611][ T5530]  exit_to_user_mode_loop+0x124/0x150
[   80.491990][ T5530]  exit_to_user_mode_prepare+0xb2/0x140
[   80.497539][ T5530]  syscall_exit_to_user_mode+0x26/0x60
[   80.503003][ T5530]  do_syscall_64+0x49/0xb0
[   80.507420][ T5530]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.513310][ T5530] RIP: 0033:0x7f43c0a8d517
[   80.517721][ T5530] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   80.537338][ T5530] RSP: 002b:00007fff6e54caf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   80.545758][ T5530] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f43c0a8d517
[   80.553722][ T5530] RDX: 00007fff6e54cbc9 RSI: 000000000000000a RDI: 00007fff6e54cbc0
[   80.561688][ T5530] RBP: 00007fff6e54cbc0 R08: 00000000ffffffff R09: 00007fff6e54c990
[   80.569655][ T5530] R10: 0000555556b8d8b3 R11: 0000000000000246 R12: 00007f43c0ae6b24
[   80.577635][ T5530] R13: 00007fff6e54dc80 R14: 0000555556b8d810 R15: 00007fff6e54dcc0
[   80.585625][ T5530]  </TASK>
[   80.597258][ T5530] ==================================================================
[   80.605346][ T5530] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[   80.612040][ T5530] Read of size 8 at addr ffff888072c8d090 by task syz-executor.0/5530
[   80.620201][ T5530] 
[   80.622529][ T5530] CPU: 0 PID: 5530 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[   80.631653][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   80.641711][ T5530] Call Trace:
[   80.644984][ T5530]  <TASK>
[   80.647910][ T5530]  dump_stack_lvl+0x1b1/0x290
[   80.652704][ T5530]  ? nf_tcp_handle_invalid+0x630/0x630
[   80.658158][ T5530]  ? __wake_up_klogd+0xcd/0x100
[   80.663010][ T5530]  ? panic+0x710/0x710
[   80.667075][ T5530]  ? _printk+0xc0/0x100
[   80.671225][ T5530]  ? _raw_spin_lock_irqsave+0x8e/0x100
[   80.676681][ T5530]  print_address_description+0x74/0x340
[   80.682229][ T5530]  print_report+0x107/0x1f0
[   80.686733][ T5530]  ? __virt_addr_valid+0x21b/0x2d0
[   80.691838][ T5530]  ? __phys_addr+0xb5/0x160
[   80.696339][ T5530]  ? qd_unlock+0x30/0x2d0
[   80.700665][ T5530]  kasan_report+0xcd/0x100
[   80.705166][ T5530]  ? qd_unlock+0x30/0x2d0
[   80.709580][ T5530]  kasan_check_range+0x2a7/0x2e0
[   80.714514][ T5530]  qd_unlock+0x30/0x2d0
[   80.718709][ T5530]  gfs2_quota_sync+0x768/0x8b0
[   80.723472][ T5530]  gfs2_sync_fs+0x49/0xb0
[   80.727795][ T5530]  sync_filesystem+0xe8/0x220
[   80.732909][ T5530]  generic_shutdown_super+0x6b/0x310
[   80.738277][ T5530]  kill_block_super+0x79/0xd0
[   80.742945][ T5530]  deactivate_locked_super+0xa7/0xf0
[   80.748229][ T5530]  cleanup_mnt+0x494/0x520
[   80.752636][ T5530]  ? lockdep_hardirqs_on+0x8d/0x130
[   80.757826][ T5530]  task_work_run+0x243/0x300
[   80.762418][ T5530]  ? task_work_cancel+0x290/0x290
[   80.767440][ T5530]  ? exit_to_user_mode_loop+0x42/0x150
[   80.772894][ T5530]  exit_to_user_mode_loop+0x124/0x150
[   80.778262][ T5530]  exit_to_user_mode_prepare+0xb2/0x140
[   80.783822][ T5530]  syscall_exit_to_user_mode+0x26/0x60
[   80.789275][ T5530]  do_syscall_64+0x49/0xb0
[   80.793706][ T5530]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.799604][ T5530] RIP: 0033:0x7f43c0a8d517
[   80.804445][ T5530] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   80.824039][ T5530] RSP: 002b:00007fff6e54caf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   80.832443][ T5530] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f43c0a8d517
[   80.840402][ T5530] RDX: 00007fff6e54cbc9 RSI: 000000000000000a RDI: 00007fff6e54cbc0
[   80.848456][ T5530] RBP: 00007fff6e54cbc0 R08: 00000000ffffffff R09: 00007fff6e54c990
[   80.856416][ T5530] R10: 0000555556b8d8b3 R11: 0000000000000246 R12: 00007f43c0ae6b24
[   80.864377][ T5530] R13: 00007fff6e54dc80 R14: 0000555556b8d810 R15: 00007fff6e54dcc0
[   80.872348][ T5530]  </TASK>
[   80.875358][ T5530] 
[   80.877750][ T5530] Allocated by task 5595:
[   80.882190][ T5530]  kasan_set_track+0x3d/0x60
[   80.886793][ T5530]  __kasan_slab_alloc+0x65/0x70
[   80.891649][ T5530]  kmem_cache_alloc+0x1b3/0x350
[   80.896673][ T5530]  qd_alloc+0x51/0x250
[   80.900742][ T5530]  gfs2_quota_init+0x7c4/0x10e0
[   80.905585][ T5530]  gfs2_make_fs_rw+0x48e/0x590
[   80.910337][ T5530]  gfs2_fill_super+0x2357/0x2700
[   80.915263][ T5530]  get_tree_bdev+0x400/0x620
[   80.919857][ T5530]  gfs2_get_tree+0x50/0x210
[   80.924352][ T5530]  vfs_get_tree+0x88/0x270
[   80.928773][ T5530]  do_new_mount+0x289/0xad0
[   80.933282][ T5530]  __se_sys_mount+0x2d3/0x3c0
[   80.938061][ T5530]  do_syscall_64+0x3d/0xb0
[   80.942495][ T5530]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.948400][ T5530] 
[   80.950984][ T5530] Freed by task 5581:
[   80.954967][ T5530]  kasan_set_track+0x3d/0x60
[   80.959576][ T5530]  kasan_save_free_info+0x27/0x40
[   80.964604][ T5530]  ____kasan_slab_free+0xd6/0x120
[   80.969639][ T5530]  slab_free_freelist_hook+0x12e/0x1a0
[   80.975111][ T5530]  kmem_cache_free+0x94/0x1d0
[   80.979794][ T5530]  rcu_core+0x9c1/0x1690
[   80.984062][ T5530]  __do_softirq+0x277/0x738
[   80.988664][ T5530] 
[   80.990989][ T5530] Last potentially related work creation:
[   80.996789][ T5530]  kasan_save_stack+0x2b/0x50
[   81.001470][ T5530]  __kasan_record_aux_stack+0xb0/0xc0
[   81.006835][ T5530]  call_rcu+0x163/0xa70
[   81.010989][ T5530]  gfs2_quota_cleanup+0x457/0x6b0
[   81.016008][ T5530]  gfs2_make_fs_ro+0x517/0x610
[   81.020760][ T5530]  gfs2_withdraw+0x609/0x1540
[   81.025427][ T5530]  gfs2_inode_refresh+0xb2d/0xf60
[   81.030446][ T5530]  gfs2_instantiate+0x15e/0x220
[   81.035286][ T5530]  gfs2_glock_wait+0x1d9/0x2a0
[   81.040041][ T5530]  do_sync+0x483/0xd00
[   81.044116][ T5530]  gfs2_quota_sync+0x3da/0x8b0
[   81.048889][ T5530]  gfs2_sync_fs+0x49/0xb0
[   81.053218][ T5530]  sync_filesystem+0xe8/0x220
[   81.057898][ T5530]  generic_shutdown_super+0x6b/0x310
[   81.063201][ T5530]  kill_block_super+0x79/0xd0
[   81.067872][ T5530]  deactivate_locked_super+0xa7/0xf0
[   81.073174][ T5530]  cleanup_mnt+0x494/0x520
[   81.077594][ T5530]  task_work_run+0x243/0x300
[   81.082189][ T5530]  exit_to_user_mode_loop+0x124/0x150
[   81.087562][ T5530]  exit_to_user_mode_prepare+0xb2/0x140
[   81.093119][ T5530]  syscall_exit_to_user_mode+0x26/0x60
[   81.098584][ T5530]  do_syscall_64+0x49/0xb0
[   81.103016][ T5530]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.108920][ T5530] 
[   81.111237][ T5530] The buggy address belongs to the object at ffff888072c8d000
[   81.111237][ T5530]  which belongs to the cache gfs2_quotad of size 272
[   81.125295][ T5530] The buggy address is located 144 bytes inside of
[   81.125295][ T5530]  272-byte region [ffff888072c8d000, ffff888072c8d110)
[   81.138564][ T5530] 
[   81.140877][ T5530] The buggy address belongs to the physical page:
[   81.147273][ T5530] page:ffffea0001cb2340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x72c8d
[   81.157410][ T5530] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[   81.164952][ T5530] raw: 00fff00000000200 ffff88801c0903c0 dead000000000122 0000000000000000
[   81.173643][ T5530] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[   81.182295][ T5530] page dumped because: kasan: bad access detected
[   81.188703][ T5530] page_owner tracks the page as allocated
[   81.194402][ T5530] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5595, tgid 5594 (syz-executor.0), ts 79751945116, free_ts 12843743189
[   81.215841][ T5530]  get_page_from_freelist+0x742/0x7c0
[   81.221209][ T5530]  __alloc_pages+0x259/0x560
[   81.225791][ T5530]  alloc_slab_page+0xbd/0x190
[   81.230459][ T5530]  allocate_slab+0x5e/0x3c0
[   81.234954][ T5530]  ___slab_alloc+0x782/0xe20
[   81.239534][ T5530]  kmem_cache_alloc+0x268/0x350
[   81.244372][ T5530]  qd_alloc+0x51/0x250
[   81.248434][ T5530]  gfs2_quota_init+0x7c4/0x10e0
[   81.253279][ T5530]  gfs2_make_fs_rw+0x48e/0x590
[   81.258040][ T5530]  gfs2_fill_super+0x2357/0x2700
[   81.263058][ T5530]  get_tree_bdev+0x400/0x620
[   81.267641][ T5530]  gfs2_get_tree+0x50/0x210
[   81.272135][ T5530]  vfs_get_tree+0x88/0x270
[   81.276539][ T5530]  do_new_mount+0x289/0xad0
[   81.281032][ T5530]  __se_sys_mount+0x2d3/0x3c0
[   81.285695][ T5530]  do_syscall_64+0x3d/0xb0
[   81.290105][ T5530] page last free stack trace:
[   81.294763][ T5530]  free_pcp_prepare+0x751/0x780
[   81.299630][ T5530]  free_unref_page+0x19/0x4c0
[   81.304297][ T5530]  free_contig_range+0xa3/0x160
[   81.309139][ T5530]  destroy_args+0xfe/0x940
[   81.313553][ T5530]  debug_vm_pgtable+0x43d/0x4a0
[   81.318393][ T5530]  do_one_initcall+0x1d1/0x410
[   81.323163][ T5530]  do_initcall_level+0x168/0x220
[   81.328103][ T5530]  do_initcalls+0x43/0x90
[   81.332425][ T5530]  kernel_init_freeable+0x428/0x5e0
[   81.337618][ T5530]  kernel_init+0x19/0x2b0
[   81.341949][ T5530]  ret_from_fork+0x1f/0x30
[   81.346370][ T5530] 
[   81.348771][ T5530] Memory state around the buggy address:
[   81.354386][ T5530]  ffff888072c8cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.362438][ T5530]  ffff888072c8d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.370484][ T5530] >ffff888072c8d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.378622][ T5530]                          ^
[   81.383282][ T5530]  ffff888072c8d100: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.391327][ T5530]  ffff888072c8d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.399370][ T5530] ==================================================================
[   81.411912][ T4388] Bluetooth: hci0: command 0x041b tx timeout
[   81.431036][ T5530] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   81.438259][ T5530] CPU: 0 PID: 5530 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[   81.447358][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   81.457402][ T5530] Call Trace:
[   81.460675][ T5530]  <TASK>
[   81.463598][ T5530]  dump_stack_lvl+0x1b1/0x290
[   81.468274][ T5530]  ? nf_tcp_handle_invalid+0x630/0x630
[   81.473723][ T5530]  ? panic+0x710/0x710
[   81.477800][ T5530]  ? lock_release+0x81/0x820
[   81.482379][ T5530]  ? vscnprintf+0x59/0x80
[   81.486701][ T5530]  panic+0x2d6/0x710
[   81.490591][ T5530]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   81.496738][ T5530]  ? check_panic_on_warn+0x1d/0xa0
[   81.501841][ T5530]  ? memcpy_page_flushcache+0x100/0x100
[   81.507380][ T5530]  ? _raw_spin_unlock_irqrestore+0x110/0x120
[   81.513354][ T5530]  ? _raw_spin_unlock+0x40/0x40
[   81.518197][ T5530]  ? print_report+0x1b4/0x1f0
[   81.522871][ T5530]  check_panic_on_warn+0x80/0xa0
[   81.527810][ T5530]  ? qd_unlock+0x30/0x2d0
[   81.532133][ T5530]  end_report+0x47/0x90
[   81.536291][ T5530]  kasan_report+0xda/0x100
[   81.540699][ T5530]  ? qd_unlock+0x30/0x2d0
[   81.545025][ T5530]  kasan_check_range+0x2a7/0x2e0
[   81.549958][ T5530]  qd_unlock+0x30/0x2d0
[   81.554115][ T5530]  gfs2_quota_sync+0x768/0x8b0
[   81.558877][ T5530]  gfs2_sync_fs+0x49/0xb0
[   81.563201][ T5530]  sync_filesystem+0xe8/0x220
[   81.567874][ T5530]  generic_shutdown_super+0x6b/0x310
[   81.573159][ T5530]  kill_block_super+0x79/0xd0
[   81.577823][ T5530]  deactivate_locked_super+0xa7/0xf0
[   81.583102][ T5530]  cleanup_mnt+0x494/0x520
[   81.587515][ T5530]  ? lockdep_hardirqs_on+0x8d/0x130
[   81.592704][ T5530]  task_work_run+0x243/0x300
[   81.597292][ T5530]  ? task_work_cancel+0x290/0x290
[   81.602313][ T5530]  ? exit_to_user_mode_loop+0x42/0x150
[   81.607765][ T5530]  exit_to_user_mode_loop+0x124/0x150
[   81.613136][ T5530]  exit_to_user_mode_prepare+0xb2/0x140
[   81.618692][ T5530]  syscall_exit_to_user_mode+0x26/0x60
[   81.624139][ T5530]  do_syscall_64+0x49/0xb0
[   81.628547][ T5530]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.634432][ T5530] RIP: 0033:0x7f43c0a8d517
[   81.638835][ T5530] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   81.658428][ T5530] RSP: 002b:00007fff6e54caf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   81.666832][ T5530] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f43c0a8d517
[   81.674789][ T5530] RDX: 00007fff6e54cbc9 RSI: 000000000000000a RDI: 00007fff6e54cbc0
[   81.682750][ T5530] RBP: 00007fff6e54cbc0 R08: 00000000ffffffff R09: 00007fff6e54c990
[   81.690708][ T5530] R10: 0000555556b8d8b3 R11: 0000000000000246 R12: 00007f43c0ae6b24
[   81.698666][ T5530] R13: 00007fff6e54dc80 R14: 0000555556b8d810 R15: 00007fff6e54dcc0
[   81.706633][ T5530]  </TASK>
[   81.709820][ T5530] Kernel Offset: disabled
[   81.714148][ T5530] Rebooting in 86400 seconds..