Warning: Permanently added '10.128.0.149' (ED25519) to the list of known hosts.
2025/04/30 06:59:07 ignoring optional flag "sandboxArg"="0"
2025/04/30 06:59:08 parsed 1 programs
[  342.226351][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  342.233216][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  382.673280][ T6299] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  387.078085][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  387.111638][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  387.121468][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  387.136653][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  387.150899][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  388.601500][ T6341] chnl_net:caif_netlink_parms(): no params data found
[  388.901407][ T6341] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.909381][ T6341] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.917224][ T6341] bridge_slave_0: entered allmulticast mode
[  388.925287][ T6341] bridge_slave_0: entered promiscuous mode
[  388.938189][ T6341] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.945944][ T6341] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.953438][ T6341] bridge_slave_1: entered allmulticast mode
[  388.962475][ T6341] bridge_slave_1: entered promiscuous mode
[  389.029538][ T6341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.050153][ T6341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.114114][ T6341] team0: Port device team_slave_0 added
[  389.130146][ T6341] team0: Port device team_slave_1 added
[  389.192143][ T6341] batman_adv: batadv0: Adding interface: batadv_slave_0
[  389.200150][ T6341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.227696][ T6341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  389.243060][ T6341] batman_adv: batadv0: Adding interface: batadv_slave_1
[  389.250521][ T6341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.277173][ T6341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.370786][ T6341] hsr_slave_0: entered promiscuous mode
[  389.379221][ T6341] hsr_slave_1: entered promiscuous mode
[  390.222255][ T6341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  390.247848][ T6341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  390.270237][ T6341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  390.292551][ T6341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  390.645928][ T6341] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.702441][ T6341] 8021q: adding VLAN 0 to HW filter on device team0
[  390.738982][ T3645] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.746705][ T3645] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.785627][ T3645] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.793169][ T3645] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.373652][ T6341] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.569789][ T6341] veth0_vlan: entered promiscuous mode
[  391.609457][ T6341] veth1_vlan: entered promiscuous mode
[  391.753467][ T6341] veth0_macvtap: entered promiscuous mode
[  391.782594][ T6341] veth1_macvtap: entered promiscuous mode
[  391.856142][ T6341] batman_adv: batadv0: Interface activated: batadv_slave_0
[  391.899720][ T6341] batman_adv: batadv0: Interface activated: batadv_slave_1
[  391.931294][ T6341] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.942449][ T6341] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.951811][ T6341] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.961053][ T6341] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  393.924067][ T3645] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.295216][ T3645] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.428654][ T3645] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.562547][ T3645] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.848814][ T3645] bridge_slave_1: left allmulticast mode
[  394.854717][ T3645] bridge_slave_1: left promiscuous mode
[  394.861400][ T3645] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.900033][ T3645] bridge_slave_0: left allmulticast mode
[  394.906070][ T3645] bridge_slave_0: left promiscuous mode
[  394.912688][ T3645] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.446647][ T3645] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  395.539300][ T3645] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  395.581336][ T3645] bond0 (unregistering): Released all slaves
[  395.897721][ T3645] hsr_slave_0: left promiscuous mode
[  395.939332][ T3645] hsr_slave_1: left promiscuous mode
[  395.948676][ T3645] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.956602][ T3645] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.977759][ T3645] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.985426][ T3645] batman_adv: batadv0: Removing interface: batadv_slave_1
[  396.029449][ T3645] veth1_macvtap: left promiscuous mode
[  396.035375][ T3645] veth0_macvtap: left promiscuous mode
[  396.041722][ T3645] veth1_vlan: left promiscuous mode
[  396.048983][ T3645] veth0_vlan: left promiscuous mode
[  396.857525][ T3645] team0 (unregistering): Port device team_slave_1 removed
[  396.912627][ T3645] team0 (unregistering): Port device team_slave_0 removed
[  401.855898][ T3645] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.864085][ T3645] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.937814][ T3645] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.947173][ T3645] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/04/30 07:00:28 executed programs: 0
[  402.523994][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  402.534231][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  402.548273][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  402.561867][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  402.575938][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  403.160985][ T6568] chnl_net:caif_netlink_parms(): no params data found
[  403.626639][ T6568] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.634210][ T6568] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.646131][ T6568] bridge_slave_0: entered allmulticast mode
[  403.658215][ T6568] bridge_slave_0: entered promiscuous mode
[  403.673997][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  403.675136][ T6568] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.681491][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  403.697251][ T6568] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.704915][ T6568] bridge_slave_1: entered allmulticast mode
[  403.714271][ T6568] bridge_slave_1: entered promiscuous mode
[  403.807851][ T6568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  403.828069][ T6568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.936866][ T6568] team0: Port device team_slave_0 added
[  403.959481][ T6568] team0: Port device team_slave_1 added
[  404.061283][ T6568] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.070815][ T6568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.098642][ T6568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.117069][ T6568] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.124249][ T6568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.151101][ T6568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  404.279085][ T6568] hsr_slave_0: entered promiscuous mode
[  404.289050][ T6568] hsr_slave_1: entered promiscuous mode
[  404.605918][ T5846] Bluetooth: hci0: command tx timeout
[  405.091011][ T6568] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  405.116545][ T6568] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  405.142007][ T6568] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  405.171247][ T6568] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  405.525710][ T6568] 8021q: adding VLAN 0 to HW filter on device bond0
[  405.583312][ T6568] 8021q: adding VLAN 0 to HW filter on device team0
[  405.611340][ T3824] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.619110][ T3824] bridge0: port 1(bridge_slave_0) entered forwarding state
[  405.657590][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.665368][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.246972][ T6568] 8021q: adding VLAN 0 to HW filter on device batadv0
[  406.409555][ T6568] veth0_vlan: entered promiscuous mode
[  406.461639][ T6568] veth1_vlan: entered promiscuous mode
[  406.588741][ T6568] veth0_macvtap: entered promiscuous mode
[  406.628178][ T6568] veth1_macvtap: entered promiscuous mode
[  406.687702][ T5846] Bluetooth: hci0: command tx timeout
[  406.719503][ T6568] batman_adv: batadv0: Interface activated: batadv_slave_0
[  406.742565][ T6568] batman_adv: batadv0: Interface activated: batadv_slave_1
[  406.781196][ T6568] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.790331][ T6568] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.799489][ T6568] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.808647][ T6568] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.600083][ T3645] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.608753][ T3645] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.681004][ T4391] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.689702][ T4391] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.765755][ T5846] Bluetooth: hci0: command tx timeout
2025/04/30 07:00:34 executed programs: 2
[  410.086909][ T6687] loop0: detected capacity change from 0 to 32768
[  410.120849][ T6687] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  410.129642][ T6687] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  410.215818][ T6687] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  410.244101][ T5899] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  410.251616][ T5899] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  410.333612][ T5899] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 81ms
[  410.342332][ T5899] gfs2: fsid=syz:syz.0: jid=0: Done
[  410.349918][ T6687] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  410.637119][ T6687] syz.0.15: attempt to access beyond end of device
[  410.637119][ T6687] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  410.652536][ T6687] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  410.669292][ T6687] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  410.699151][ T6687] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  410.708680][ T6687] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  410.716369][ T6687] gfs2: fsid=syz:syz.0: File system withdrawn
[  410.722698][ T6687] CPU: 1 UID: 0 PID: 6687 Comm: syz.0.15 Not tainted 6.15.0-rc4-syzkaller-gb6ea1680d0ac #0 PREEMPT(undef) 
[  410.722828][ T6687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  410.722987][ T6687] Call Trace:
[  410.723041][ T6687]  <TASK>
[  410.723088][ T6687]  __dump_stack+0x26/0x30
[  410.723324][ T6687]  dump_stack_lvl+0x1df/0x270
[  410.723492][ T6687]  dump_stack+0x1e/0x25
[  410.723647][ T6687]  gfs2_withdraw+0x1d26/0x22e0
[  410.723820][ T6687]  ? kmsan_get_metadata+0x105/0x1b0
[  410.724000][ T6687]  gfs2_meta_check_ii+0xe0/0x120
[  410.724152][ T6687]  gfs2_quota_init+0x2204/0x2800
[  410.724421][ T6687]  gfs2_make_fs_rw+0x4c7/0x6f0
[  410.724599][ T6687]  gfs2_fill_super+0x3cd9/0x3ee0
[  410.724749][ T6687]  ? init_locking+0xed/0x500
[  410.724929][ T6687]  get_tree_bdev_flags+0x6e3/0x920
[  410.725078][ T6687]  ? __pfx_gfs2_fill_super+0x10/0x10
[  410.725236][ T6687]  ? __pfx_gfs2_fill_super+0x10/0x10
[  410.725379][ T6687]  ? __pfx_gfs2_get_tree+0x10/0x10
[  410.725518][ T6687]  get_tree_bdev+0x38/0x50
[  410.725658][ T6687]  gfs2_get_tree+0x57/0x350
[  410.725804][ T6687]  ? __pfx_gfs2_get_tree+0x10/0x10
[  410.725936][ T6687]  vfs_get_tree+0xb0/0x5c0
[  410.726075][ T6687]  ? mount_capable+0x99/0x100
[  410.726267][ T6687]  do_new_mount+0x738/0x1610
[  410.726414][ T6687]  ? kmsan_get_metadata+0x105/0x1b0
[  410.726579][ T6687]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  410.726776][ T6687]  path_mount+0x6db/0x1e90
[  410.726925][ T6687]  ? user_path_at+0x32d/0x3d0
[  410.727119][ T6687]  __se_sys_mount+0x6eb/0x7d0
[  410.727267][ T6687]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  410.727447][ T6687]  __x64_sys_mount+0xe4/0x150
[  410.727610][ T6687]  x64_sys_call+0xfa7/0x3db0
[  410.727785][ T6687]  do_syscall_64+0xd9/0x1b0
[  410.727952][ T6687]  ? irqentry_exit+0x16/0x60
[  410.728102][ T6687]  ? clear_bhb_loop+0x25/0x80
[  410.728257][ T6687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.728410][ T6687] RIP: 0033:0x7f1c70f7ffba
[  410.728523][ T6687] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.728627][ T6687] RSP: 002b:00007f1c71c99e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  410.728759][ T6687] RAX: ffffffffffffffda RBX: 00007f1c71c99ef0 RCX: 00007f1c70f7ffba
[  410.728848][ T6687] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f1c71c99eb0
[  410.728932][ T6687] RBP: 0000000020000080 R08: 00007f1c71c99ef0 R09: 0000000000000000
[  410.729014][ T6687] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  410.729092][ T6687] R13: 00007f1c71c99eb0 R14: 0000000000012551 R15: 0000000020000000
[  410.729212][ T6687]  </TASK>
[  410.897627][ T5846] Bluetooth: hci0: command tx timeout
[  411.027988][ T6687] gfs2: fsid=syz:syz.0: can't make FS RW: -5
[  412.922263][ T6734] loop0: detected capacity change from 0 to 32768
[  412.966619][ T6734] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  412.975150][ T6734] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  413.050342][ T6734] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  413.061936][ T5899] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  413.069240][ T5899] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  413.172437][ T5899] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 103ms
[  413.181392][ T5899] gfs2: fsid=syz:syz.0: jid=0: Done
[  413.188693][ T6734] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  413.461561][ T6734] syz.0.16: attempt to access beyond end of device
[  413.461561][ T6734] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  413.476991][ T6734] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  413.493624][ T6734] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  413.529040][ T6734] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  413.538357][ T6734] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  413.546016][ T6734] gfs2: fsid=syz:syz.0: File system withdrawn
[  413.552505][ T6734] CPU: 1 UID: 0 PID: 6734 Comm: syz.0.16 Not tainted 6.15.0-rc4-syzkaller-gb6ea1680d0ac #0 PREEMPT(undef) 
[  413.552633][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  413.552709][ T6734] Call Trace:
[  413.552755][ T6734]  <TASK>
[  413.552800][ T6734]  __dump_stack+0x26/0x30
[  413.552970][ T6734]  dump_stack_lvl+0x1df/0x270
[  413.553135][ T6734]  dump_stack+0x1e/0x25
[  413.553278][ T6734]  gfs2_withdraw+0x1d26/0x22e0
[  413.553449][ T6734]  ? kmsan_get_metadata+0x105/0x1b0
[  413.553622][ T6734]  gfs2_meta_check_ii+0xe0/0x120
[  413.553770][ T6734]  gfs2_quota_init+0x2204/0x2800
[  413.554029][ T6734]  gfs2_make_fs_rw+0x4c7/0x6f0
[  413.554205][ T6734]  gfs2_fill_super+0x3cd9/0x3ee0
[  413.554353][ T6734]  ? init_locking+0xed/0x500
[  413.554518][ T6734]  get_tree_bdev_flags+0x6e3/0x920
[  413.554662][ T6734]  ? __pfx_gfs2_fill_super+0x10/0x10
[  413.554807][ T6734]  ? __pfx_gfs2_fill_super+0x10/0x10
[  413.555057][ T6734]  ? __pfx_gfs2_get_tree+0x10/0x10
[  413.555204][ T6734]  get_tree_bdev+0x38/0x50
[  413.555357][ T6734]  gfs2_get_tree+0x57/0x350
[  413.555501][ T6734]  ? __pfx_gfs2_get_tree+0x10/0x10
[  413.555642][ T6734]  vfs_get_tree+0xb0/0x5c0
[  413.555788][ T6734]  ? mount_capable+0x99/0x100
[  413.555989][ T6734]  do_new_mount+0x738/0x1610
[  413.556141][ T6734]  ? kmsan_get_metadata+0x105/0x1b0
[  413.556309][ T6734]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  413.556505][ T6734]  path_mount+0x6db/0x1e90
[  413.556657][ T6734]  ? user_path_at+0x32d/0x3d0
[  413.556853][ T6734]  __se_sys_mount+0x6eb/0x7d0
[  413.557023][ T6734]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  413.557204][ T6734]  __x64_sys_mount+0xe4/0x150
[  413.557367][ T6734]  x64_sys_call+0xfa7/0x3db0
[  413.557533][ T6734]  do_syscall_64+0xd9/0x1b0
[  413.557688][ T6734]  ? irqentry_exit+0x16/0x60
[  413.557837][ T6734]  ? clear_bhb_loop+0x25/0x80
[  413.557994][ T6734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.558139][ T6734] RIP: 0033:0x7f1c70f7ffba
[  413.558246][ T6734] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.558348][ T6734] RSP: 002b:00007f1c71c99e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  413.558471][ T6734] RAX: ffffffffffffffda RBX: 00007f1c71c99ef0 RCX: 00007f1c70f7ffba
[  413.558559][ T6734] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f1c71c99eb0
[  413.558640][ T6734] RBP: 0000000020000080 R08: 00007f1c71c99ef0 R09: 0000000000000000
[  413.558709][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  413.558786][ T6734] R13: 00007f1c71c99eb0 R14: 0000000000012551 R15: 0000000020000000
[  413.558899][ T6734]  </TASK>
[  413.856682][ T6734] gfs2: fsid=syz:syz.0: can't make FS RW: -5
2025/04/30 07:00:40 executed programs: 4
[  415.569467][ T6778] loop0: detected capacity change from 0 to 32768
[  415.611017][ T6778] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  415.621450][ T6778] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  415.666175][ T6778] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  415.679328][ T2235] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  415.686911][ T2235] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  415.760248][ T2235] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 73ms
[  415.768861][ T2235] gfs2: fsid=syz:syz.0: jid=0: Done
[  415.777311][ T6778] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  416.053653][ T6778] syz.0.17: attempt to access beyond end of device
[  416.053653][ T6778] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  416.069287][ T6778] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  416.086013][ T6778] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  416.118055][ T6778] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  416.127378][ T6778] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  416.134835][ T6778] gfs2: fsid=syz:syz.0: File system withdrawn
[  416.141368][ T6778] CPU: 0 UID: 0 PID: 6778 Comm: syz.0.17 Not tainted 6.15.0-rc4-syzkaller-gb6ea1680d0ac #0 PREEMPT(undef) 
[  416.141494][ T6778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  416.141568][ T6778] Call Trace:
[  416.141614][ T6778]  <TASK>
[  416.141657][ T6778]  __dump_stack+0x26/0x30
[  416.141821][ T6778]  dump_stack_lvl+0x1df/0x270
[  416.141999][ T6778]  dump_stack+0x1e/0x25
[  416.142172][ T6778]  gfs2_withdraw+0x1d26/0x22e0
[  416.142351][ T6778]  ? kmsan_get_metadata+0x105/0x1b0
[  416.142535][ T6778]  gfs2_meta_check_ii+0xe0/0x120
[  416.142685][ T6778]  gfs2_quota_init+0x2204/0x2800
[  416.142942][ T6778]  gfs2_make_fs_rw+0x4c7/0x6f0
[  416.143123][ T6778]  gfs2_fill_super+0x3cd9/0x3ee0
[  416.143271][ T6778]  ? init_locking+0xed/0x500
[  416.143450][ T6778]  get_tree_bdev_flags+0x6e3/0x920
[  416.143604][ T6778]  ? __pfx_gfs2_fill_super+0x10/0x10
[  416.143752][ T6778]  ? __pfx_gfs2_fill_super+0x10/0x10
[  416.143894][ T6778]  ? __pfx_gfs2_get_tree+0x10/0x10
[  416.144044][ T6778]  get_tree_bdev+0x38/0x50
[  416.144185][ T6778]  gfs2_get_tree+0x57/0x350
[  416.144328][ T6778]  ? __pfx_gfs2_get_tree+0x10/0x10
[  416.144466][ T6778]  vfs_get_tree+0xb0/0x5c0
[  416.144600][ T6778]  ? mount_capable+0x99/0x100
[  416.144784][ T6778]  do_new_mount+0x738/0x1610
[  416.144931][ T6778]  ? kmsan_get_metadata+0x105/0x1b0
[  416.145113][ T6778]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  416.145319][ T6778]  path_mount+0x6db/0x1e90
[  416.145473][ T6778]  ? user_path_at+0x32d/0x3d0
[  416.145655][ T6778]  __se_sys_mount+0x6eb/0x7d0
[  416.145809][ T6778]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  416.145994][ T6778]  __x64_sys_mount+0xe4/0x150
[  416.146155][ T6778]  x64_sys_call+0xfa7/0x3db0
[  416.146326][ T6778]  do_syscall_64+0xd9/0x1b0
[  416.146493][ T6778]  ? irqentry_exit+0x16/0x60
[  416.146640][ T6778]  ? clear_bhb_loop+0x25/0x80
[  416.146789][ T6778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.146932][ T6778] RIP: 0033:0x7f1c70f7ffba
[  416.147047][ T6778] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.147163][ T6778] RSP: 002b:00007f1c71c99e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  416.147291][ T6778] RAX: ffffffffffffffda RBX: 00007f1c71c99ef0 RCX: 00007f1c70f7ffba
[  416.147381][ T6778] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f1c71c99eb0
[  416.147464][ T6778] RBP: 0000000020000080 R08: 00007f1c71c99ef0 R09: 0000000000000000
[  416.147542][ T6778] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  416.147620][ T6778] R13: 00007f1c71c99eb0 R14: 0000000000012551 R15: 0000000020000000
[  416.147734][ T6778]  </TASK>
[  416.459031][ T6778] gfs2: fsid=syz:syz.0: can't make FS RW: -5
[  417.870431][ T6818] loop0: detected capacity change from 0 to 32768
[  417.900079][ T6818] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  417.909385][ T6818] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  417.940208][ T6818] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  417.952611][ T2235] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  417.960006][ T2235] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  418.030620][ T2235] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 70ms
[  418.039336][ T2235] gfs2: fsid=syz:syz.0: jid=0: Done
[  418.044991][ T6818] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  418.226879][ T6818] syz.0.18: attempt to access beyond end of device
[  418.226879][ T6818] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  418.242020][ T6818] =====================================================
[  418.249387][ T6818] BUG: KMSAN: uninit-value in gfs2_quota_init+0x21b2/0x2800
[  418.257017][ T6818]  gfs2_quota_init+0x21b2/0x2800
[  418.262080][ T6818]  gfs2_make_fs_rw+0x4c7/0x6f0
[  418.267363][ T6818]  gfs2_fill_super+0x3cd9/0x3ee0
[  418.272650][ T6818]  get_tree_bdev_flags+0x6e3/0x920
[  418.278049][ T6818]  get_tree_bdev+0x38/0x50
[  418.282612][ T6818]  gfs2_get_tree+0x57/0x350
[  418.287523][ T6818]  vfs_get_tree+0xb0/0x5c0
[  418.292191][ T6818]  do_new_mount+0x738/0x1610
[  418.297206][ T6818]  path_mount+0x6db/0x1e90
[  418.301951][ T6818]  __se_sys_mount+0x6eb/0x7d0
[  418.307006][ T6818]  __x64_sys_mount+0xe4/0x150
[  418.311844][ T6818]  x64_sys_call+0xfa7/0x3db0
[  418.316853][ T6818]  do_syscall_64+0xd9/0x1b0
[  418.321556][ T6818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.327747][ T6818] 
[  418.330125][ T6818] Uninit was created at:
[  418.334502][ T6818]  __alloc_frozen_pages_noprof+0x689/0xf00
[  418.340682][ T6818]  alloc_pages_mpol+0x328/0x860
[  418.345983][ T6818]  folio_alloc_noprof+0x109/0x360
[  418.351229][ T6818]  filemap_alloc_folio_noprof+0x9d/0x420
[  418.357253][ T6818]  __filemap_get_folio+0xb45/0x1930
[  418.362604][ T6818]  gfs2_getbuf+0x21a/0xca0
[  418.367419][ T6818]  gfs2_meta_ra+0x13c/0x720
[  418.372110][ T6818]  gfs2_quota_init+0x759/0x2800
[  418.377306][ T6818]  gfs2_make_fs_rw+0x4c7/0x6f0
[  418.382275][ T6818]  gfs2_fill_super+0x3cd9/0x3ee0
[  418.387512][ T6818]  get_tree_bdev_flags+0x6e3/0x920
[  418.392817][ T6818]  get_tree_bdev+0x38/0x50
[  418.397879][ T6818]  gfs2_get_tree+0x57/0x350
[  418.402560][ T6818]  vfs_get_tree+0xb0/0x5c0
[  418.407377][ T6818]  do_new_mount+0x738/0x1610
[  418.412217][ T6818]  path_mount+0x6db/0x1e90
[  418.417025][ T6818]  __se_sys_mount+0x6eb/0x7d0
[  418.421876][ T6818]  __x64_sys_mount+0xe4/0x150
[  418.426870][ T6818]  x64_sys_call+0xfa7/0x3db0
[  418.431650][ T6818]  do_syscall_64+0xd9/0x1b0
[  418.436497][ T6818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.442567][ T6818] 
[  418.444979][ T6818] CPU: 1 UID: 0 PID: 6818 Comm: syz.0.18 Not tainted 6.15.0-rc4-syzkaller-gb6ea1680d0ac #0 PREEMPT(undef) 
[  418.456710][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  418.467216][ T6818] =====================================================
[  418.474321][ T6818] Disabling lock debugging due to kernel taint
[  418.480870][ T6818] Kernel panic - not syncing: kmsan.panic set ...
[  418.487417][ T6818] CPU: 1 UID: 0 PID: 6818 Comm: syz.0.18 Tainted: G    B               6.15.0-rc4-syzkaller-gb6ea1680d0ac #0 PREEMPT(undef) 
[  418.500658][ T6818] Tainted: [B]=BAD_PAGE
[  418.504892][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  418.515115][ T6818] Call Trace:
[  418.518543][ T6818]  <TASK>
[  418.521615][ T6818]  __dump_stack+0x26/0x30
[  418.526085][ T6818]  dump_stack_lvl+0x53/0x270
[  418.530891][ T6818]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  418.536847][ T6818]  dump_stack+0x1e/0x25
[  418.541271][ T6818]  panic+0x4bd/0xd50
[  418.545331][ T6818]  kmsan_report+0x29d/0x2a0
[  418.549989][ T6818]  ? __msan_warning+0x96/0x120
[  418.555099][ T6818]  ? gfs2_quota_init+0x21b2/0x2800
[  418.560375][ T6818]  ? gfs2_make_fs_rw+0x4c7/0x6f0
[  418.565432][ T6818]  ? gfs2_fill_super+0x3cd9/0x3ee0
[  418.570682][ T6818]  ? get_tree_bdev_flags+0x6e3/0x920
[  418.576180][ T6818]  ? get_tree_bdev+0x38/0x50
[  418.580949][ T6818]  ? gfs2_get_tree+0x57/0x350
[  418.585745][ T6818]  ? vfs_get_tree+0xb0/0x5c0
[  418.590508][ T6818]  ? do_new_mount+0x738/0x1610
[  418.595592][ T6818]  ? path_mount+0x6db/0x1e90
[  418.600411][ T6818]  ? __se_sys_mount+0x6eb/0x7d0
[  418.605382][ T6818]  ? __x64_sys_mount+0xe4/0x150
[  418.610484][ T6818]  ? x64_sys_call+0xfa7/0x3db0
[  418.615382][ T6818]  ? do_syscall_64+0xd9/0x1b0
[  418.620411][ T6818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.626614][ T6818]  ? submit_bio+0x5a9/0x5d0
[  418.631243][ T6818]  ? submit_bh_wbc+0x7e0/0x870
[  418.636242][ T6818]  ? kmsan_get_metadata+0x105/0x1b0
[  418.641745][ T6818]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  418.647877][ T6818]  ? gfs2_meta_ra+0x68b/0x720
[  418.652702][ T6818]  ? kmsan_get_metadata+0x105/0x1b0
[  418.658099][ T6818]  __msan_warning+0x96/0x120
[  418.662792][ T6818]  gfs2_quota_init+0x21b2/0x2800
[  418.667904][ T6818]  gfs2_make_fs_rw+0x4c7/0x6f0
[  418.672789][ T6818]  gfs2_fill_super+0x3cd9/0x3ee0
[  418.677926][ T6818]  ? init_locking+0xed/0x500
[  418.682664][ T6818]  get_tree_bdev_flags+0x6e3/0x920
[  418.687888][ T6818]  ? __pfx_gfs2_fill_super+0x10/0x10
[  418.693403][ T6818]  ? __pfx_gfs2_fill_super+0x10/0x10
[  418.698817][ T6818]  ? __pfx_gfs2_get_tree+0x10/0x10
[  418.704207][ T6818]  get_tree_bdev+0x38/0x50
[  418.708729][ T6818]  gfs2_get_tree+0x57/0x350
[  418.713334][ T6818]  ? __pfx_gfs2_get_tree+0x10/0x10
[  418.718548][ T6818]  vfs_get_tree+0xb0/0x5c0
[  418.723160][ T6818]  ? mount_capable+0x99/0x100
[  418.727985][ T6818]  do_new_mount+0x738/0x1610
[  418.732687][ T6818]  ? kmsan_get_metadata+0x105/0x1b0
[  418.738047][ T6818]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  418.744072][ T6818]  path_mount+0x6db/0x1e90
[  418.748606][ T6818]  ? user_path_at+0x32d/0x3d0
[  418.753460][ T6818]  __se_sys_mount+0x6eb/0x7d0
[  418.758354][ T6818]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  418.764570][ T6818]  __x64_sys_mount+0xe4/0x150
[  418.769389][ T6818]  x64_sys_call+0xfa7/0x3db0
[  418.774126][ T6818]  do_syscall_64+0xd9/0x1b0
[  418.778752][ T6818]  ? irqentry_exit+0x16/0x60
[  418.783468][ T6818]  ? clear_bhb_loop+0x25/0x80
[  418.788286][ T6818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.794386][ T6818] RIP: 0033:0x7f1c70f7ffba
[  418.798888][ T6818] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.818895][ T6818] RSP: 002b:00007f1c71c99e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  418.827519][ T6818] RAX: ffffffffffffffda RBX: 00007f1c71c99ef0 RCX: 00007f1c70f7ffba
[  418.835605][ T6818] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f1c71c99eb0
[  418.843745][ T6818] RBP: 0000000020000080 R08: 00007f1c71c99ef0 R09: 0000000000000000
[  418.851804][ T6818] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  418.859868][ T6818] R13: 00007f1c71c99eb0 R14: 0000000000012551 R15: 0000000020000000
[  418.867970][ T6818]  </TASK>
[  418.871405][ T6818] Kernel Offset: disabled
[  418.875978][ T6818] Rebooting in 86400 seconds..