Warning: Permanently added '10.128.0.48' (ED25519) to the list of known hosts.
2025/07/22 09:30:29 ignoring optional flag "sandboxArg"="0"
2025/07/22 09:30:30 parsed 1 programs
[  342.268801][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  342.275739][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  380.200744][ T6433] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  385.678346][ T6465] chnl_net:caif_netlink_parms(): no params data found
[  385.960892][ T6465] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.968341][ T6465] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.976015][ T6465] bridge_slave_0: entered allmulticast mode
[  385.984441][ T6465] bridge_slave_0: entered promiscuous mode
[  385.996965][ T6465] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.004586][ T6465] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.012023][ T6465] bridge_slave_1: entered allmulticast mode
[  386.021955][ T6465] bridge_slave_1: entered promiscuous mode
[  386.085646][ T6465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.103269][ T6465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.167078][ T6465] team0: Port device team_slave_0 added
[  386.180905][ T6465] team0: Port device team_slave_1 added
[  386.241144][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.249157][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.276199][ T6465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.290460][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.297797][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.324179][ T6465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.412302][ T6465] hsr_slave_0: entered promiscuous mode
[  386.422947][ T6465] hsr_slave_1: entered promiscuous mode
[  387.309237][ T6465] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  387.331417][ T6465] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  387.353945][ T6465] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  387.381788][ T6465] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  387.697543][ T6465] 8021q: adding VLAN 0 to HW filter on device bond0
[  387.751840][ T6465] 8021q: adding VLAN 0 to HW filter on device team0
[  387.781586][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.789187][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.819836][ T1866] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.827599][ T1866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  388.414956][ T6465] 8021q: adding VLAN 0 to HW filter on device batadv0
[  388.576300][ T6465] veth0_vlan: entered promiscuous mode
[  388.610203][ T6465] veth1_vlan: entered promiscuous mode
[  388.716720][ T6465] veth0_macvtap: entered promiscuous mode
[  388.749718][ T6465] veth1_macvtap: entered promiscuous mode
[  388.806528][ T6465] batman_adv: batadv0: Interface activated: batadv_slave_0
[  388.829214][ T6465] batman_adv: batadv0: Interface activated: batadv_slave_1
[  388.870052][ T6465] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  388.880936][ T6465] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  388.890144][ T6465] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  388.899349][ T6465] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  390.868324][   T57] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.146359][   T57] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.319786][   T57] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.418429][   T57] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.644512][   T57] bridge_slave_1: left allmulticast mode
[  391.650401][   T57] bridge_slave_1: left promiscuous mode
[  391.657548][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.715882][   T57] bridge_slave_0: left allmulticast mode
[  391.721788][   T57] bridge_slave_0: left promiscuous mode
[  391.728511][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.143829][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  392.205321][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  392.238936][   T57] bond0 (unregistering): Released all slaves
[  392.406879][   T57] hsr_slave_0: left promiscuous mode
[  392.418975][   T57] hsr_slave_1: left promiscuous mode
[  392.426976][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.436864][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  392.451639][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.459605][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.513349][   T57] veth1_macvtap: left promiscuous mode
[  392.519124][   T57] veth0_macvtap: left promiscuous mode
[  392.525193][   T57] veth1_vlan: left promiscuous mode
[  392.530752][   T57] veth0_vlan: left promiscuous mode
[  393.122915][   T57] team0 (unregistering): Port device team_slave_1 removed
[  393.204285][   T57] team0 (unregistering): Port device team_slave_0 removed
[  397.383280][ T5878] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  397.392304][ T5878] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  397.410092][ T5878] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  397.424655][ T5878] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  397.448501][ T5878] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  398.261659][   T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.270383][   T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.371549][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.380835][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/22 09:31:47 executed programs: 0
[  398.761810][ T5878] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  398.771046][ T5878] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  398.780198][ T5878] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  398.792812][ T5878] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  398.816281][ T5878] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  399.441492][ T6677] chnl_net:caif_netlink_parms(): no params data found
[  399.836759][ T6677] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.846417][ T6677] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.854151][ T6677] bridge_slave_0: entered allmulticast mode
[  399.863290][ T6677] bridge_slave_0: entered promiscuous mode
[  399.881601][ T6677] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.889318][ T6677] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.897530][ T6677] bridge_slave_1: entered allmulticast mode
[  399.906462][ T6677] bridge_slave_1: entered promiscuous mode
[  399.996109][ T6677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  400.016266][ T6677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  400.099629][ T6677] team0: Port device team_slave_0 added
[  400.118881][ T6677] team0: Port device team_slave_1 added
[  400.196650][ T6677] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.204060][ T6677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.230345][ T6677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.245826][ T6677] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.253077][ T6677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.279500][ T6677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.418086][ T6677] hsr_slave_0: entered promiscuous mode
[  400.427460][ T6677] hsr_slave_1: entered promiscuous mode
[  400.894210][ T5100] Bluetooth: hci0: command tx timeout
[  401.129243][ T6677] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  401.151099][ T6677] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  401.172139][ T6677] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  401.193562][ T6677] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  401.535543][ T6677] 8021q: adding VLAN 0 to HW filter on device bond0
[  401.597806][ T6677] 8021q: adding VLAN 0 to HW filter on device team0
[  401.625944][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.633515][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.685976][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.693568][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.225084][ T6677] 8021q: adding VLAN 0 to HW filter on device batadv0
[  402.358852][ T6677] veth0_vlan: entered promiscuous mode
[  402.415783][ T6677] veth1_vlan: entered promiscuous mode
[  402.543883][ T6677] veth0_macvtap: entered promiscuous mode
[  402.573183][ T6677] veth1_macvtap: entered promiscuous mode
[  402.632966][ T6677] batman_adv: batadv0: Interface activated: batadv_slave_0
[  402.668229][ T6677] batman_adv: batadv0: Interface activated: batadv_slave_1
[  402.698074][ T6677] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  402.707361][ T6677] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  402.717703][ T6677] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  402.727211][ T6677] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  402.976030][ T5100] Bluetooth: hci0: command tx timeout
[  403.724948][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  403.731615][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  404.584244][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.592312][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.669525][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.679785][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/22 09:31:53 executed programs: 2
[  405.054154][ T5100] Bluetooth: hci0: command tx timeout
[  405.875997][ T6782] loop0: detected capacity change from 0 to 32768
[  405.922285][ T6782] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  405.930936][ T6782] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  405.977744][ T6782] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  405.991067][ T1865] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  405.998235][ T1865] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  406.160082][ T1865] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 161ms
[  406.168632][ T1865] gfs2: fsid=syz:syz.0: jid=0: Done
[  406.180709][ T6782] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  406.281899][ T6782] syz.0.15: attempt to access beyond end of device
[  406.281899][ T6782] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  406.297747][ T6782] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  406.314652][ T6782] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  406.359971][ T6782] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  406.372969][ T6782] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  406.382138][ T6782] gfs2: fsid=syz:syz.0: File system withdrawn
[  406.389938][ T6782] CPU: 0 UID: 0 PID: 6782 Comm: syz.0.15 Not tainted 6.16.0-rc7-syzkaller-g89be9a83ccf1 #0 PREEMPT(none) 
[  406.390068][ T6782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  406.390150][ T6782] Call Trace:
[  406.390202][ T6782]  <TASK>
[  406.390247][ T6782]  __dump_stack+0x26/0x30
[  406.390416][ T6782]  dump_stack_lvl+0x1df/0x270
[  406.390584][ T6782]  dump_stack+0x1e/0x25
[  406.390723][ T6782]  gfs2_withdraw+0x1d26/0x22e0
[  406.390900][ T6782]  ? kmsan_get_metadata+0xfb/0x160
[  406.391056][ T6782]  gfs2_meta_check_ii+0xe0/0x120
[  406.391208][ T6782]  gfs2_quota_init+0x2204/0x2800
[  406.391370][ T6782]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  406.391597][ T6782]  gfs2_make_fs_rw+0x1d5/0x460
[  406.391760][ T6782]  gfs2_fill_super+0x3d2e/0x3f50
[  406.391921][ T6782]  ? init_locking+0xed/0x500
[  406.392114][ T6782]  get_tree_bdev_flags+0x6e6/0x920
[  406.392257][ T6782]  ? __pfx_gfs2_fill_super+0x10/0x10
[  406.392404][ T6782]  ? __pfx_gfs2_fill_super+0x10/0x10
[  406.392554][ T6782]  ? __pfx_gfs2_get_tree+0x10/0x10
[  406.392701][ T6782]  get_tree_bdev+0x38/0x50
[  406.392835][ T6782]  gfs2_get_tree+0x57/0x350
[  406.392987][ T6782]  ? __pfx_gfs2_get_tree+0x10/0x10
[  406.393137][ T6782]  vfs_get_tree+0xb3/0x5c0
[  406.393270][ T6782]  ? mount_capable+0x99/0x100
[  406.393450][ T6782]  do_new_mount+0x738/0x1610
[  406.393591][ T6782]  ? kmsan_get_metadata+0xfb/0x160
[  406.393732][ T6782]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  406.393900][ T6782]  path_mount+0x6db/0x1e90
[  406.394039][ T6782]  ? user_path_at+0x32d/0x3d0
[  406.394220][ T6782]  __se_sys_mount+0x6eb/0x7d0
[  406.394355][ T6782]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  406.394566][ T6782]  __x64_sys_mount+0xe4/0x150
[  406.394719][ T6782]  x64_sys_call+0xfa7/0x3db0
[  406.394882][ T6782]  do_syscall_64+0xd9/0x210
[  406.395021][ T6782]  ? irqentry_exit+0x16/0x60
[  406.395144][ T6782]  ? clear_bhb_loop+0x40/0x90
[  406.395305][ T6782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.395460][ T6782] RIP: 0033:0x7f4e0c77ffba
[  406.395571][ T6782] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.395677][ T6782] RSP: 002b:00007f4e0d63be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  406.395809][ T6782] RAX: ffffffffffffffda RBX: 00007f4e0d63bef0 RCX: 00007f4e0c77ffba
[  406.395897][ T6782] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f4e0d63beb0
[  406.395979][ T6782] RBP: 0000000020000080 R08: 00007f4e0d63bef0 R09: 0000000000000000
[  406.396059][ T6782] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  406.396134][ T6782] R13: 00007f4e0d63beb0 R14: 0000000000012551 R15: 0000000020000000
[  406.396246][ T6782]  </TASK>
[  406.694189][ T6782] gfs2: fsid=syz:syz.0: can't make FS RW: -5
[  407.134270][ T5100] Bluetooth: hci0: command tx timeout
[  408.310885][ T6814] loop0: detected capacity change from 0 to 32768
[  408.334962][ T6814] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  408.343946][ T6814] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  408.396439][ T6814] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  408.419614][ T1865] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  408.427771][ T1865] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  408.561108][ T1865] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 133ms
[  408.569677][ T1865] gfs2: fsid=syz:syz.0: jid=0: Done
[  408.576499][ T6814] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  408.665169][ T6814] syz.0.16: attempt to access beyond end of device
[  408.665169][ T6814] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  408.681205][ T6814] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  408.697924][ T6814] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  408.725456][ T6814] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  408.735693][ T6814] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  408.743497][ T6814] gfs2: fsid=syz:syz.0: File system withdrawn
[  408.749795][ T6814] CPU: 0 UID: 0 PID: 6814 Comm: syz.0.16 Not tainted 6.16.0-rc7-syzkaller-g89be9a83ccf1 #0 PREEMPT(none) 
[  408.749923][ T6814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  408.750005][ T6814] Call Trace:
[  408.750050][ T6814]  <TASK>
[  408.750094][ T6814]  __dump_stack+0x26/0x30
[  408.750252][ T6814]  dump_stack_lvl+0x1df/0x270
[  408.750416][ T6814]  dump_stack+0x1e/0x25
[  408.750548][ T6814]  gfs2_withdraw+0x1d26/0x22e0
[  408.750729][ T6814]  ? kmsan_get_metadata+0xfb/0x160
[  408.750882][ T6814]  gfs2_meta_check_ii+0xe0/0x120
[  408.751041][ T6814]  gfs2_quota_init+0x2204/0x2800
[  408.751200][ T6814]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  408.751422][ T6814]  gfs2_make_fs_rw+0x1d5/0x460
[  408.751593][ T6814]  gfs2_fill_super+0x3d2e/0x3f50
[  408.751754][ T6814]  ? init_locking+0xed/0x500
[  408.751941][ T6814]  get_tree_bdev_flags+0x6e6/0x920
[  408.752093][ T6814]  ? __pfx_gfs2_fill_super+0x10/0x10
[  408.752249][ T6814]  ? __pfx_gfs2_fill_super+0x10/0x10
[  408.752396][ T6814]  ? __pfx_gfs2_get_tree+0x10/0x10
[  408.752539][ T6814]  get_tree_bdev+0x38/0x50
[  408.752669][ T6814]  gfs2_get_tree+0x57/0x350
[  408.752825][ T6814]  ? __pfx_gfs2_get_tree+0x10/0x10
[  408.752983][ T6814]  vfs_get_tree+0xb3/0x5c0
[  408.753120][ T6814]  ? mount_capable+0x99/0x100
[  408.753294][ T6814]  do_new_mount+0x738/0x1610
[  408.753439][ T6814]  ? kmsan_get_metadata+0xfb/0x160
[  408.753578][ T6814]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  408.753745][ T6814]  path_mount+0x6db/0x1e90
[  408.753890][ T6814]  ? user_path_at+0x32d/0x3d0
[  408.754083][ T6814]  __se_sys_mount+0x6eb/0x7d0
[  408.754227][ T6814]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  408.754435][ T6814]  __x64_sys_mount+0xe4/0x150
[  408.754591][ T6814]  x64_sys_call+0xfa7/0x3db0
[  408.754766][ T6814]  do_syscall_64+0xd9/0x210
[  408.754907][ T6814]  ? irqentry_exit+0x16/0x60
[  408.755052][ T6814]  ? clear_bhb_loop+0x40/0x90
[  408.755196][ T6814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.755336][ T6814] RIP: 0033:0x7f4e0c77ffba
[  408.755437][ T6814] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.755536][ T6814] RSP: 002b:00007f4e0d63be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  408.755658][ T6814] RAX: ffffffffffffffda RBX: 00007f4e0d63bef0 RCX: 00007f4e0c77ffba
[  408.755745][ T6814] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f4e0d63beb0
[  408.755828][ T6814] RBP: 0000000020000080 R08: 00007f4e0d63bef0 R09: 0000000000000000
[  408.755908][ T6814] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  408.755992][ T6814] R13: 00007f4e0d63beb0 R14: 0000000000012551 R15: 0000000020000000
[  408.756104][ T6814]  </TASK>
[  409.113742][ T6814] gfs2: fsid=syz:syz.0: can't make FS RW: -5
2025/07/22 09:31:58 executed programs: 4
[  410.891818][ T6853] loop0: detected capacity change from 0 to 32768
[  410.915297][ T6853] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  410.923944][ T6853] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  410.976904][ T6853] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  410.995434][ T1865] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  411.003351][ T1865] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  411.139787][ T1865] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 136ms
[  411.148436][ T1865] gfs2: fsid=syz:syz.0: jid=0: Done
[  411.165600][ T6853] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  411.259370][ T6853] syz.0.17: attempt to access beyond end of device
[  411.259370][ T6853] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  411.274609][ T6853] =====================================================
[  411.281772][ T6853] BUG: KMSAN: uninit-value in gfs2_quota_init+0x21b2/0x2800
[  411.289475][ T6853]  gfs2_quota_init+0x21b2/0x2800
[  411.295579][ T6853]  gfs2_make_fs_rw+0x1d5/0x460
[  411.300550][ T6853]  gfs2_fill_super+0x3d2e/0x3f50
[  411.306197][ T6853]  get_tree_bdev_flags+0x6e6/0x920
[  411.311493][ T6853]  get_tree_bdev+0x38/0x50
[  411.317349][ T6853]  gfs2_get_tree+0x57/0x350
[  411.322044][ T6853]  vfs_get_tree+0xb3/0x5c0
[  411.327614][ T6853]  do_new_mount+0x738/0x1610
[  411.333544][ T6853]  path_mount+0x6db/0x1e90
[  411.338133][ T6853]  __se_sys_mount+0x6eb/0x7d0
[  411.343916][ T6853]  __x64_sys_mount+0xe4/0x150
[  411.348779][ T6853]  x64_sys_call+0xfa7/0x3db0
[  411.353696][ T6853]  do_syscall_64+0xd9/0x210
[  411.358374][ T6853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.364550][ T6853] 
[  411.366974][ T6853] Uninit was created at:
[  411.371438][ T6853]  __alloc_frozen_pages_noprof+0x689/0xf00
[  411.377650][ T6853]  alloc_pages_mpol+0x328/0x860
[  411.382866][ T6853]  folio_alloc_noprof+0x109/0x360
[  411.388068][ T6853]  filemap_alloc_folio_noprof+0x9d/0x420
[  411.394833][ T6853]  __filemap_get_folio+0xb45/0x1930
[  411.400315][ T6853]  gfs2_getbuf+0x246/0xce0
[  411.405562][ T6853]  gfs2_meta_ra+0x13c/0x720
[  411.410234][ T6853]  gfs2_quota_init+0x759/0x2800
[  411.415632][ T6853]  gfs2_make_fs_rw+0x1d5/0x460
[  411.420582][ T6853]  gfs2_fill_super+0x3d2e/0x3f50
[  411.425859][ T6853]  get_tree_bdev_flags+0x6e6/0x920
[  411.431141][ T6853]  get_tree_bdev+0x38/0x50
[  411.435992][ T6853]  gfs2_get_tree+0x57/0x350
[  411.440678][ T6853]  vfs_get_tree+0xb3/0x5c0
[  411.445445][ T6853]  do_new_mount+0x738/0x1610
[  411.450214][ T6853]  path_mount+0x6db/0x1e90
[  411.455033][ T6853]  __se_sys_mount+0x6eb/0x7d0
[  411.459893][ T6853]  __x64_sys_mount+0xe4/0x150
[  411.464983][ T6853]  x64_sys_call+0xfa7/0x3db0
[  411.469777][ T6853]  do_syscall_64+0xd9/0x210
[  411.474641][ T6853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.480735][ T6853] 
[  411.483406][ T6853] CPU: 0 UID: 0 PID: 6853 Comm: syz.0.17 Not tainted 6.16.0-rc7-syzkaller-g89be9a83ccf1 #0 PREEMPT(none) 
[  411.495028][ T6853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  411.506212][ T6853] =====================================================
[  411.513939][ T6853] Disabling lock debugging due to kernel taint
[  411.520220][ T6853] Kernel panic - not syncing: kmsan.panic set ...
[  411.526786][ T6853] CPU: 0 UID: 0 PID: 6853 Comm: syz.0.17 Tainted: G    B               6.16.0-rc7-syzkaller-g89be9a83ccf1 #0 PREEMPT(none) 
[  411.539850][ T6853] Tainted: [B]=BAD_PAGE
[  411.544119][ T6853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  411.554326][ T6853] Call Trace:
[  411.557713][ T6853]  <TASK>
[  411.560754][ T6853]  __dump_stack+0x26/0x30
[  411.565472][ T6853]  dump_stack_lvl+0x53/0x270
[  411.570264][ T6853]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  411.576279][ T6853]  dump_stack+0x1e/0x25
[  411.580678][ T6853]  panic+0x4bd/0xd50
[  411.584819][ T6853]  kmsan_report+0x31c/0x320
[  411.589520][ T6853]  ? __msan_warning+0x1b/0x30
[  411.594359][ T6853]  ? gfs2_quota_init+0x21b2/0x2800
[  411.599643][ T6853]  ? gfs2_make_fs_rw+0x1d5/0x460
[  411.604781][ T6853]  ? gfs2_fill_super+0x3d2e/0x3f50
[  411.610185][ T6853]  ? get_tree_bdev_flags+0x6e6/0x920
[  411.615658][ T6853]  ? get_tree_bdev+0x38/0x50
[  411.620427][ T6853]  ? gfs2_get_tree+0x57/0x350
[  411.625291][ T6853]  ? vfs_get_tree+0xb3/0x5c0
[  411.630060][ T6853]  ? do_new_mount+0x738/0x1610
[  411.635000][ T6853]  ? path_mount+0x6db/0x1e90
[  411.639788][ T6853]  ? __se_sys_mount+0x6eb/0x7d0
[  411.644840][ T6853]  ? __x64_sys_mount+0xe4/0x150
[  411.649882][ T6853]  ? x64_sys_call+0xfa7/0x3db0
[  411.654949][ T6853]  ? do_syscall_64+0xd9/0x210
[  411.659810][ T6853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.666084][ T6853]  ? submit_bio+0x5a9/0x5d0
[  411.670783][ T6853]  ? submit_bh_wbc+0x7e0/0x870
[  411.675761][ T6853]  ? kmsan_get_metadata+0xfb/0x160
[  411.681154][ T6853]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  411.687166][ T6853]  ? gfs2_meta_ra+0x68b/0x720
[  411.692010][ T6853]  ? kmsan_get_metadata+0xfb/0x160
[  411.697317][ T6853]  __msan_warning+0x1b/0x30
[  411.701994][ T6853]  gfs2_quota_init+0x21b2/0x2800
[  411.707158][ T6853]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  411.713767][ T6853]  gfs2_make_fs_rw+0x1d5/0x460
[  411.718741][ T6853]  gfs2_fill_super+0x3d2e/0x3f50
[  411.723882][ T6853]  ? init_locking+0xed/0x500
[  411.728690][ T6853]  get_tree_bdev_flags+0x6e6/0x920
[  411.734044][ T6853]  ? __pfx_gfs2_fill_super+0x10/0x10
[  411.739529][ T6853]  ? __pfx_gfs2_fill_super+0x10/0x10
[  411.745105][ T6853]  ? __pfx_gfs2_get_tree+0x10/0x10
[  411.750406][ T6853]  get_tree_bdev+0x38/0x50
[  411.755012][ T6853]  gfs2_get_tree+0x57/0x350
[  411.759711][ T6853]  ? __pfx_gfs2_get_tree+0x10/0x10
[  411.765020][ T6853]  vfs_get_tree+0xb3/0x5c0
[  411.769608][ T6853]  ? mount_capable+0x99/0x100
[  411.774508][ T6853]  do_new_mount+0x738/0x1610
[  411.779293][ T6853]  ? kmsan_get_metadata+0xfb/0x160
[  411.784579][ T6853]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  411.790602][ T6853]  path_mount+0x6db/0x1e90
[  411.795217][ T6853]  ? user_path_at+0x32d/0x3d0
[  411.800129][ T6853]  __se_sys_mount+0x6eb/0x7d0
[  411.804995][ T6853]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  411.811411][ T6853]  __x64_sys_mount+0xe4/0x150
[  411.816291][ T6853]  x64_sys_call+0xfa7/0x3db0
[  411.821088][ T6853]  do_syscall_64+0xd9/0x210
[  411.825782][ T6853]  ? irqentry_exit+0x16/0x60
[  411.830542][ T6853]  ? clear_bhb_loop+0x40/0x90
[  411.835413][ T6853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.841495][ T6853] RIP: 0033:0x7f4e0c77ffba
[  411.846052][ T6853] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.865863][ T6853] RSP: 002b:00007f4e0d63be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  411.874479][ T6853] RAX: ffffffffffffffda RBX: 00007f4e0d63bef0 RCX: 00007f4e0c77ffba
[  411.882617][ T6853] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f4e0d63beb0
[  411.890768][ T6853] RBP: 0000000020000080 R08: 00007f4e0d63bef0 R09: 0000000000000000
[  411.898897][ T6853] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  411.907029][ T6853] R13: 00007f4e0d63beb0 R14: 0000000000012551 R15: 0000000020000000
[  411.915188][ T6853]  </TASK>
[  411.918649][ T6853] Kernel Offset: disabled
[  411.923050][ T6853] Rebooting in 86400 seconds..