Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts.
2025/04/29 16:58:33 ignoring optional flag "sandboxArg"="0"
2025/04/29 16:58:34 parsed 1 programs
[  342.194627][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  342.201288][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  378.166635][ T6229] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  384.661705][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  384.670971][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  384.683864][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  384.697724][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  384.709497][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  388.517422][ T6309] chnl_net:caif_netlink_parms(): no params data found
[  388.831816][ T6309] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.839506][ T6309] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.847191][ T6309] bridge_slave_0: entered allmulticast mode
[  388.855872][ T6309] bridge_slave_0: entered promiscuous mode
[  388.870194][ T6309] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.877897][ T6309] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.885551][ T6309] bridge_slave_1: entered allmulticast mode
[  388.893556][ T6309] bridge_slave_1: entered promiscuous mode
[  388.960153][ T6309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  388.977618][ T6309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.040813][ T6309] team0: Port device team_slave_0 added
[  389.056072][ T6309] team0: Port device team_slave_1 added
[  389.114703][ T6309] batman_adv: batadv0: Adding interface: batadv_slave_0
[  389.122046][ T6309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.150348][ T6309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  389.165237][ T6309] batman_adv: batadv0: Adding interface: batadv_slave_1
[  389.172362][ T6309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.200393][ T6309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.289578][ T6309] hsr_slave_0: entered promiscuous mode
[  389.298525][ T6309] hsr_slave_1: entered promiscuous mode
[  390.185335][ T6309] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  390.207382][ T6309] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  390.228947][ T6309] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  390.252086][ T6309] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  390.578002][ T6309] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.637448][ T6309] 8021q: adding VLAN 0 to HW filter on device team0
[  390.668529][ T3919] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.676677][ T3919] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.734087][ T3919] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.741773][ T3919] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.285779][ T6309] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.453069][ T6309] veth0_vlan: entered promiscuous mode
[  391.487187][ T6309] veth1_vlan: entered promiscuous mode
[  391.598620][ T6309] veth0_macvtap: entered promiscuous mode
[  391.631001][ T6309] veth1_macvtap: entered promiscuous mode
[  391.697367][ T6309] batman_adv: batadv0: Interface activated: batadv_slave_0
[  391.732824][ T6309] batman_adv: batadv0: Interface activated: batadv_slave_1
[  391.767061][ T6309] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.776444][ T6309] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.785645][ T6309] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.794784][ T6309] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  393.679282][ T4717] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.930075][ T4717] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.002680][ T3919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.011022][ T3919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.073115][ T4717] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.106979][ T3919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.115780][ T3919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.163700][ T4717] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.455242][ T4717] bridge_slave_1: left allmulticast mode
[  394.461153][ T4717] bridge_slave_1: left promiscuous mode
[  394.468089][ T4717] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.542470][ T4717] bridge_slave_0: left allmulticast mode
[  394.548593][ T4717] bridge_slave_0: left promiscuous mode
[  394.555802][ T4717] bridge0: port 1(bridge_slave_0) entered disabled state
2025/04/29 16:59:51 executed programs: 0
[  394.955969][ T5093] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  394.976633][ T5093] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  394.987269][ T5093] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  394.999972][ T5093] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  395.011757][ T5093] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  395.193029][ T4717] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  395.212667][ T4717] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  395.231597][ T4717] bond0 (unregistering): Released all slaves
[  395.506188][ T4717] hsr_slave_0: left promiscuous mode
[  395.517034][ T4717] hsr_slave_1: left promiscuous mode
[  395.524894][ T4717] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.534708][ T4717] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.552030][ T4717] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.559888][ T4717] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.586889][ T4717] veth1_macvtap: left promiscuous mode
[  395.592664][ T4717] veth0_macvtap: left promiscuous mode
[  395.599958][ T4717] veth1_vlan: left promiscuous mode
[  395.605613][ T4717] veth0_vlan: left promiscuous mode
[  396.254916][ T4717] team0 (unregistering): Port device team_slave_1 removed
[  396.279809][ T4717] team0 (unregistering): Port device team_slave_0 removed
[  396.937521][ T6421] chnl_net:caif_netlink_parms(): no params data found
[  397.056953][ T5093] Bluetooth: hci0: command tx timeout
[  397.680371][ T6421] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.688098][ T6421] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.695864][ T6421] bridge_slave_0: entered allmulticast mode
[  397.705096][ T6421] bridge_slave_0: entered promiscuous mode
[  397.721669][ T6421] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.730471][ T6421] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.738304][ T6421] bridge_slave_1: entered allmulticast mode
[  397.747483][ T6421] bridge_slave_1: entered promiscuous mode
[  397.865555][ T6421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  397.887485][ T6421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  397.984381][ T6421] team0: Port device team_slave_0 added
[  398.004642][ T6421] team0: Port device team_slave_1 added
[  398.088501][ T6421] batman_adv: batadv0: Adding interface: batadv_slave_0
[  398.096659][ T6421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  398.124308][ T6421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  398.140440][ T6421] batman_adv: batadv0: Adding interface: batadv_slave_1
[  398.147913][ T6421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  398.175487][ T6421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  398.295354][ T6421] hsr_slave_0: entered promiscuous mode
[  398.309969][ T6421] hsr_slave_1: entered promiscuous mode
[  399.021078][ T6421] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  399.058622][ T6421] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  399.083853][ T6421] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  399.106796][ T6421] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  399.140423][ T5093] Bluetooth: hci0: command tx timeout
[  399.472067][ T6421] 8021q: adding VLAN 0 to HW filter on device bond0
[  399.540935][ T6421] 8021q: adding VLAN 0 to HW filter on device team0
[  399.571200][ T4717] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.578813][ T4717] bridge0: port 1(bridge_slave_0) entered forwarding state
[  399.615056][ T4976] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.622567][ T4976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  400.206248][ T6421] 8021q: adding VLAN 0 to HW filter on device batadv0
[  400.384314][ T6421] veth0_vlan: entered promiscuous mode
[  400.425852][ T6421] veth1_vlan: entered promiscuous mode
[  400.531868][ T6421] veth0_macvtap: entered promiscuous mode
[  400.560756][ T6421] veth1_macvtap: entered promiscuous mode
[  400.639122][ T6421] batman_adv: batadv0: Interface activated: batadv_slave_0
[  400.677394][ T6421] batman_adv: batadv0: Interface activated: batadv_slave_1
[  400.719168][ T6421] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  400.729809][ T6421] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  400.741415][ T6421] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  400.750844][ T6421] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  401.216495][ T5093] Bluetooth: hci0: command tx timeout
[  402.510237][ T3763] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.520112][ T3763] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.601205][ T4717] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.609476][ T4717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/04/29 16:59:59 executed programs: 2
[  403.294962][ T5093] Bluetooth: hci0: command tx timeout
[  403.643931][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  403.650871][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  403.996147][ T6559] loop0: detected capacity change from 0 to 32768
[  404.037733][ T6559] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  404.047202][ T6559] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  404.128636][ T6559] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  404.150214][ T2234] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  404.158900][ T2234] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  404.242010][ T2234] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 83ms
[  404.250656][ T2234] gfs2: fsid=syz:syz.0: jid=0: Done
[  404.256653][ T6559] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  404.599025][ T6559] syz.0.15: attempt to access beyond end of device
[  404.599025][ T6559] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  404.614234][ T6559] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  404.630841][ T6559] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  404.671958][ T6559] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  404.681200][ T6559] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  404.688915][ T6559] gfs2: fsid=syz:syz.0: File system withdrawn
[  404.695385][ T6559] CPU: 0 UID: 0 PID: 6559 Comm: syz.0.15 Not tainted 6.15.0-rc4-syzkaller-gca91b9500108 #0 PREEMPT(undef) 
[  404.695517][ T6559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  404.695610][ T6559] Call Trace:
[  404.695663][ T6559]  <TASK>
[  404.695708][ T6559]  __dump_stack+0x26/0x30
[  404.695888][ T6559]  dump_stack_lvl+0x1df/0x270
[  404.696058][ T6559]  dump_stack+0x1e/0x25
[  404.696207][ T6559]  gfs2_withdraw+0x1d26/0x22e0
[  404.696383][ T6559]  ? kmsan_get_metadata+0x105/0x1b0
[  404.696563][ T6559]  gfs2_meta_check_ii+0xe0/0x120
[  404.696713][ T6559]  gfs2_quota_init+0x2204/0x2800
[  404.696971][ T6559]  gfs2_make_fs_rw+0x4c7/0x6f0
[  404.697138][ T6559]  gfs2_fill_super+0x3cd9/0x3ee0
[  404.697282][ T6559]  ? init_locking+0xed/0x500
[  404.697454][ T6559]  get_tree_bdev_flags+0x6e3/0x920
[  404.697603][ T6559]  ? __pfx_gfs2_fill_super+0x10/0x10
[  404.697741][ T6559]  ? __pfx_gfs2_fill_super+0x10/0x10
[  404.697880][ T6559]  ? __pfx_gfs2_get_tree+0x10/0x10
[  404.698015][ T6559]  get_tree_bdev+0x38/0x50
[  404.698148][ T6559]  gfs2_get_tree+0x57/0x350
[  404.698292][ T6559]  ? __pfx_gfs2_get_tree+0x10/0x10
[  404.698431][ T6559]  vfs_get_tree+0xb0/0x5c0
[  404.698575][ T6559]  ? mount_capable+0x99/0x100
[  404.698762][ T6559]  do_new_mount+0x738/0x1610
[  404.698912][ T6559]  ? kmsan_get_metadata+0x105/0x1b0
[  404.699068][ T6559]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  404.699249][ T6559]  path_mount+0x6db/0x1e90
[  404.699397][ T6559]  ? user_path_at+0x32d/0x3d0
[  404.699589][ T6559]  __se_sys_mount+0x6eb/0x7d0
[  404.699735][ T6559]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  404.699920][ T6559]  __x64_sys_mount+0xe4/0x150
[  404.700075][ T6559]  x64_sys_call+0xfa7/0x3db0
[  404.700249][ T6559]  do_syscall_64+0xd9/0x1b0
[  404.700409][ T6559]  ? irqentry_exit+0x16/0x60
[  404.700548][ T6559]  ? clear_bhb_loop+0x25/0x80
[  404.700691][ T6559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.700843][ T6559] RIP: 0033:0x7f2af537ffba
[  404.700953][ T6559] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.701057][ T6559] RSP: 002b:00007f2af60cee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  404.701188][ T6559] RAX: ffffffffffffffda RBX: 00007f2af60ceef0 RCX: 00007f2af537ffba
[  404.701279][ T6559] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f2af60ceeb0
[  404.701363][ T6559] RBP: 0000000020000080 R08: 00007f2af60ceef0 R09: 0000000000000000
[  404.701438][ T6559] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  404.701514][ T6559] R13: 00007f2af60ceeb0 R14: 0000000000012551 R15: 0000000020000000
[  404.701627][ T6559]  </TASK>
[  404.996605][ T6559] gfs2: fsid=syz:syz.0: can't make FS RW: -5
[  406.849205][ T6606] loop0: detected capacity change from 0 to 32768
[  406.868317][ T6606] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  406.879471][ T6606] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  406.949520][ T6606] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  406.969553][ T2234] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  406.976852][ T2234] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  407.058654][ T2234] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 81ms
[  407.067668][ T2234] gfs2: fsid=syz:syz.0: jid=0: Done
[  407.073251][ T6606] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  407.377784][ T6606] syz.0.16: attempt to access beyond end of device
[  407.377784][ T6606] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  407.393011][ T6606] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 281474976710656 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  407.410431][ T6606] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  407.440452][ T6606] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  407.449693][ T6606] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  407.457293][ T6606] gfs2: fsid=syz:syz.0: File system withdrawn
[  407.463604][ T6606] CPU: 0 UID: 0 PID: 6606 Comm: syz.0.16 Not tainted 6.15.0-rc4-syzkaller-gca91b9500108 #0 PREEMPT(undef) 
[  407.463736][ T6606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  407.463813][ T6606] Call Trace:
[  407.463859][ T6606]  <TASK>
[  407.463906][ T6606]  __dump_stack+0x26/0x30
[  407.464071][ T6606]  dump_stack_lvl+0x1df/0x270
[  407.464242][ T6606]  dump_stack+0x1e/0x25
[  407.464394][ T6606]  gfs2_withdraw+0x1d26/0x22e0
[  407.464569][ T6606]  ? kmsan_get_metadata+0x105/0x1b0
[  407.464751][ T6606]  gfs2_meta_check_ii+0xe0/0x120
[  407.464902][ T6606]  gfs2_quota_init+0x2204/0x2800
[  407.465154][ T6606]  gfs2_make_fs_rw+0x4c7/0x6f0
[  407.465329][ T6606]  gfs2_fill_super+0x3cd9/0x3ee0
[  407.465478][ T6606]  ? init_locking+0xed/0x500
[  407.465662][ T6606]  get_tree_bdev_flags+0x6e3/0x920
[  407.465811][ T6606]  ? __pfx_gfs2_fill_super+0x10/0x10
[  407.465956][ T6606]  ? __pfx_gfs2_fill_super+0x10/0x10
[  407.466095][ T6606]  ? __pfx_gfs2_get_tree+0x10/0x10
[  407.466233][ T6606]  get_tree_bdev+0x38/0x50
[  407.466370][ T6606]  gfs2_get_tree+0x57/0x350
[  407.466513][ T6606]  ? __pfx_gfs2_get_tree+0x10/0x10
[  407.466652][ T6606]  vfs_get_tree+0xb0/0x5c0
[  407.466788][ T6606]  ? mount_capable+0x99/0x100
[  407.466976][ T6606]  do_new_mount+0x738/0x1610
[  407.467121][ T6606]  ? kmsan_get_metadata+0x105/0x1b0
[  407.467280][ T6606]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  407.467468][ T6606]  path_mount+0x6db/0x1e90
[  407.467622][ T6606]  ? user_path_at+0x32d/0x3d0
[  407.467814][ T6606]  __se_sys_mount+0x6eb/0x7d0
[  407.467962][ T6606]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  407.468142][ T6606]  __x64_sys_mount+0xe4/0x150
[  407.468306][ T6606]  x64_sys_call+0xfa7/0x3db0
[  407.468478][ T6606]  do_syscall_64+0xd9/0x1b0
[  407.468651][ T6606]  ? irqentry_exit+0x16/0x60
[  407.468799][ T6606]  ? clear_bhb_loop+0x25/0x80
[  407.468946][ T6606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.469091][ T6606] RIP: 0033:0x7f2af537ffba
[  407.469196][ T6606] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.469297][ T6606] RSP: 002b:00007f2af60cee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  407.469416][ T6606] RAX: ffffffffffffffda RBX: 00007f2af60ceef0 RCX: 00007f2af537ffba
[  407.469510][ T6606] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f2af60ceeb0
[  407.469594][ T6606] RBP: 0000000020000080 R08: 00007f2af60ceef0 R09: 0000000000000000
[  407.469675][ T6606] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  407.469750][ T6606] R13: 00007f2af60ceeb0 R14: 0000000000012551 R15: 0000000020000000
[  407.469863][ T6606]  </TASK>
[  407.812653][ T6606] gfs2: fsid=syz:syz.0: can't make FS RW: -5
2025/04/29 17:00:04 executed programs: 4
[  409.534279][ T6650] loop0: detected capacity change from 0 to 32768
[  409.587011][ T6650] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  409.596643][ T6650] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  409.666046][ T6650] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  409.706659][ T2234] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  409.713675][ T2234] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  409.789320][ T2234] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 75ms
[  409.797872][ T2234] gfs2: fsid=syz:syz.0: jid=0: Done
[  409.805224][ T6650] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  410.076964][ T6650] syz.0.17: attempt to access beyond end of device
[  410.076964][ T6650] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  410.118395][ T6650] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 2194 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  410.134194][ T6650] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  410.169642][ T6650] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  410.179744][ T6650] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  410.187667][ T6650] gfs2: fsid=syz:syz.0: File system withdrawn
[  410.193974][ T6650] CPU: 1 UID: 0 PID: 6650 Comm: syz.0.17 Not tainted 6.15.0-rc4-syzkaller-gca91b9500108 #0 PREEMPT(undef) 
[  410.194104][ T6650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  410.194179][ T6650] Call Trace:
[  410.194224][ T6650]  <TASK>
[  410.194270][ T6650]  __dump_stack+0x26/0x30
[  410.194434][ T6650]  dump_stack_lvl+0x1df/0x270
[  410.194604][ T6650]  dump_stack+0x1e/0x25
[  410.194750][ T6650]  gfs2_withdraw+0x1d26/0x22e0
[  410.194923][ T6650]  ? kmsan_get_metadata+0x105/0x1b0
[  410.195098][ T6650]  gfs2_meta_check_ii+0xe0/0x120
[  410.195244][ T6650]  gfs2_quota_init+0x2204/0x2800
[  410.195508][ T6650]  gfs2_make_fs_rw+0x4c7/0x6f0
[  410.195680][ T6650]  gfs2_fill_super+0x3cd9/0x3ee0
[  410.195828][ T6650]  ? init_locking+0xed/0x500
[  410.196004][ T6650]  get_tree_bdev_flags+0x6e3/0x920
[  410.196157][ T6650]  ? __pfx_gfs2_fill_super+0x10/0x10
[  410.196299][ T6650]  ? __pfx_gfs2_fill_super+0x10/0x10
[  410.196431][ T6650]  ? __pfx_gfs2_get_tree+0x10/0x10
[  410.196584][ T6650]  get_tree_bdev+0x38/0x50
[  410.196725][ T6650]  gfs2_get_tree+0x57/0x350
[  410.196865][ T6650]  ? __pfx_gfs2_get_tree+0x10/0x10
[  410.197006][ T6650]  vfs_get_tree+0xb0/0x5c0
[  410.197143][ T6650]  ? mount_capable+0x99/0x100
[  410.197323][ T6650]  do_new_mount+0x738/0x1610
[  410.197469][ T6650]  ? kmsan_get_metadata+0x105/0x1b0
[  410.197640][ T6650]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  410.197836][ T6650]  path_mount+0x6db/0x1e90
[  410.197978][ T6650]  ? user_path_at+0x32d/0x3d0
[  410.198165][ T6650]  __se_sys_mount+0x6eb/0x7d0
[  410.198312][ T6650]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  410.198498][ T6650]  __x64_sys_mount+0xe4/0x150
[  410.198662][ T6650]  x64_sys_call+0xfa7/0x3db0
[  410.198837][ T6650]  do_syscall_64+0xd9/0x1b0
[  410.199003][ T6650]  ? irqentry_exit+0x16/0x60
[  410.199150][ T6650]  ? clear_bhb_loop+0x25/0x80
[  410.199297][ T6650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.199443][ T6650] RIP: 0033:0x7f2af537ffba
[  410.199558][ T6650] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.199664][ T6650] RSP: 002b:00007f2af60cee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  410.199788][ T6650] RAX: ffffffffffffffda RBX: 00007f2af60ceef0 RCX: 00007f2af537ffba
[  410.199880][ T6650] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f2af60ceeb0
[  410.199963][ T6650] RBP: 0000000020000080 R08: 00007f2af60ceef0 R09: 0000000000000000
[  410.200044][ T6650] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  410.200121][ T6650] R13: 00007f2af60ceeb0 R14: 0000000000012551 R15: 0000000020000000
[  410.200232][ T6650]  </TASK>
[  410.516966][ T6650] gfs2: fsid=syz:syz.0: can't make FS RW: -5
[  412.262526][ T6694] loop0: detected capacity change from 0 to 32768
[  412.288200][ T6694] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  412.297903][ T6694] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  412.333728][ T6694] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  412.351026][   T11] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  412.359419][   T11] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  412.522318][   T11] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 162ms
[  412.532049][   T11] gfs2: fsid=syz:syz.0: jid=0: Done
[  412.540556][ T6694] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  412.828900][ T6694] syz.0.18: attempt to access beyond end of device
[  412.828900][ T6694] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768
[  412.845020][ T6694] =====================================================
[  412.852254][ T6694] BUG: KMSAN: uninit-value in gfs2_quota_init+0x21b2/0x2800
[  412.860280][ T6694]  gfs2_quota_init+0x21b2/0x2800
[  412.865550][ T6694]  gfs2_make_fs_rw+0x4c7/0x6f0
[  412.870507][ T6694]  gfs2_fill_super+0x3cd9/0x3ee0
[  412.875741][ T6694]  get_tree_bdev_flags+0x6e3/0x920
[  412.881052][ T6694]  get_tree_bdev+0x38/0x50
[  412.885836][ T6694]  gfs2_get_tree+0x57/0x350
[  412.890511][ T6694]  vfs_get_tree+0xb0/0x5c0
[  412.895297][ T6694]  do_new_mount+0x738/0x1610
[  412.900112][ T6694]  path_mount+0x6db/0x1e90
[  412.904815][ T6694]  __se_sys_mount+0x6eb/0x7d0
[  412.909680][ T6694]  __x64_sys_mount+0xe4/0x150
[  412.914673][ T6694]  x64_sys_call+0xfa7/0x3db0
[  412.919473][ T6694]  do_syscall_64+0xd9/0x1b0
[  412.924191][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.930424][ T6694] 
[  412.932846][ T6694] Uninit was created at:
[  412.938290][ T6694]  __alloc_frozen_pages_noprof+0x689/0xf00
[  412.944319][ T6694]  alloc_pages_mpol+0x328/0x860
[  412.949824][ T6694]  folio_alloc_noprof+0x109/0x360
[  412.955165][ T6694]  filemap_alloc_folio_noprof+0x9d/0x420
[  412.961143][ T6694]  __filemap_get_folio+0xb45/0x1930
[  412.966660][ T6694]  gfs2_getbuf+0x21a/0xca0
[  412.971283][ T6694]  gfs2_meta_ra+0x13c/0x720
[  412.976116][ T6694]  gfs2_quota_init+0x759/0x2800
[  412.981192][ T6694]  gfs2_make_fs_rw+0x4c7/0x6f0
[  412.986285][ T6694]  gfs2_fill_super+0x3cd9/0x3ee0
[  412.991422][ T6694]  get_tree_bdev_flags+0x6e3/0x920
[  412.996824][ T6694]  get_tree_bdev+0x38/0x50
[  413.001456][ T6694]  gfs2_get_tree+0x57/0x350
[  413.006690][ T6694]  vfs_get_tree+0xb0/0x5c0
[  413.011284][ T6694]  do_new_mount+0x738/0x1610
[  413.016161][ T6694]  path_mount+0x6db/0x1e90
[  413.020761][ T6694]  __se_sys_mount+0x6eb/0x7d0
[  413.025790][ T6694]  __x64_sys_mount+0xe4/0x150
[  413.030734][ T6694]  x64_sys_call+0xfa7/0x3db0
[  413.035842][ T6694]  do_syscall_64+0xd9/0x1b0
[  413.041479][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.048071][ T6694] 
[  413.050515][ T6694] CPU: 0 UID: 0 PID: 6694 Comm: syz.0.18 Not tainted 6.15.0-rc4-syzkaller-gca91b9500108 #0 PREEMPT(undef) 
[  413.062263][ T6694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  413.072657][ T6694] =====================================================
[  413.079908][ T6694] Disabling lock debugging due to kernel taint
[  413.086328][ T6694] Kernel panic - not syncing: kmsan.panic set ...
[  413.092900][ T6694] CPU: 0 UID: 0 PID: 6694 Comm: syz.0.18 Tainted: G    B               6.15.0-rc4-syzkaller-gca91b9500108 #0 PREEMPT(undef) 
[  413.106084][ T6694] Tainted: [B]=BAD_PAGE
[  413.110734][ T6694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  413.121039][ T6694] Call Trace:
[  413.124434][ T6694]  <TASK>
[  413.127494][ T6694]  __dump_stack+0x26/0x30
[  413.132033][ T6694]  dump_stack_lvl+0x53/0x270
[  413.136828][ T6694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  413.142878][ T6694]  dump_stack+0x1e/0x25
[  413.147353][ T6694]  panic+0x4bd/0xd50
[  413.151533][ T6694]  kmsan_report+0x29d/0x2a0
[  413.156265][ T6694]  ? __msan_warning+0x96/0x120
[  413.161219][ T6694]  ? gfs2_quota_init+0x21b2/0x2800
[  413.166558][ T6694]  ? gfs2_make_fs_rw+0x4c7/0x6f0
[  413.171690][ T6694]  ? gfs2_fill_super+0x3cd9/0x3ee0
[  413.177019][ T6694]  ? get_tree_bdev_flags+0x6e3/0x920
[  413.182590][ T6694]  ? get_tree_bdev+0x38/0x50
[  413.187362][ T6694]  ? gfs2_get_tree+0x57/0x350
[  413.192221][ T6694]  ? vfs_get_tree+0xb0/0x5c0
[  413.197006][ T6694]  ? do_new_mount+0x738/0x1610
[  413.201961][ T6694]  ? path_mount+0x6db/0x1e90
[  413.206910][ T6694]  ? __se_sys_mount+0x6eb/0x7d0
[  413.211960][ T6694]  ? __x64_sys_mount+0xe4/0x150
[  413.217000][ T6694]  ? x64_sys_call+0xfa7/0x3db0
[  413.221992][ T6694]  ? do_syscall_64+0xd9/0x1b0
[  413.226877][ T6694]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.233144][ T6694]  ? submit_bio+0x5a9/0x5d0
[  413.237944][ T6694]  ? submit_bh_wbc+0x7e0/0x870
[  413.242909][ T6694]  ? kmsan_get_metadata+0x105/0x1b0
[  413.248328][ T6694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  413.254448][ T6694]  ? gfs2_meta_ra+0x68b/0x720
[  413.259328][ T6694]  ? kmsan_get_metadata+0x105/0x1b0
[  413.264751][ T6694]  __msan_warning+0x96/0x120
[  413.269529][ T6694]  gfs2_quota_init+0x21b2/0x2800
[  413.274751][ T6694]  gfs2_make_fs_rw+0x4c7/0x6f0
[  413.279722][ T6694]  gfs2_fill_super+0x3cd9/0x3ee0
[  413.284834][ T6694]  ? init_locking+0xed/0x500
[  413.289629][ T6694]  get_tree_bdev_flags+0x6e3/0x920
[  413.294915][ T6694]  ? __pfx_gfs2_fill_super+0x10/0x10
[  413.300372][ T6694]  ? __pfx_gfs2_fill_super+0x10/0x10
[  413.306020][ T6694]  ? __pfx_gfs2_get_tree+0x10/0x10
[  413.311318][ T6694]  get_tree_bdev+0x38/0x50
[  413.315911][ T6694]  gfs2_get_tree+0x57/0x350
[  413.320604][ T6694]  ? __pfx_gfs2_get_tree+0x10/0x10
[  413.325954][ T6694]  vfs_get_tree+0xb0/0x5c0
[  413.330542][ T6694]  ? mount_capable+0x99/0x100
[  413.335428][ T6694]  do_new_mount+0x738/0x1610
[  413.340185][ T6694]  ? kmsan_get_metadata+0x105/0x1b0
[  413.345571][ T6694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  413.351596][ T6694]  path_mount+0x6db/0x1e90
[  413.356197][ T6694]  ? user_path_at+0x32d/0x3d0
[  413.361091][ T6694]  __se_sys_mount+0x6eb/0x7d0
[  413.365948][ T6694]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  413.372218][ T6694]  __x64_sys_mount+0xe4/0x150
[  413.377085][ T6694]  x64_sys_call+0xfa7/0x3db0
[  413.381877][ T6694]  do_syscall_64+0xd9/0x1b0
[  413.386574][ T6694]  ? irqentry_exit+0x16/0x60
[  413.391352][ T6694]  ? clear_bhb_loop+0x25/0x80
[  413.396199][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.402268][ T6694] RIP: 0033:0x7f2af537ffba
[  413.406807][ T6694] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.426691][ T6694] RSP: 002b:00007f2af60cee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  413.435284][ T6694] RAX: ffffffffffffffda RBX: 00007f2af60ceef0 RCX: 00007f2af537ffba
[  413.443398][ T6694] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007f2af60ceeb0
[  413.451512][ T6694] RBP: 0000000020000080 R08: 00007f2af60ceef0 R09: 0000000000000000
[  413.459620][ T6694] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0
[  413.467727][ T6694] R13: 00007f2af60ceeb0 R14: 0000000000012551 R15: 0000000020000000
[  413.475868][ T6694]  </TASK>
[  413.479307][ T6694] Kernel Offset: disabled
[  413.483696][ T6694] Rebooting in 86400 seconds..