Warning: Permanently added '10.128.1.128' (ED25519) to the list of known hosts.
2025/02/14 11:44:03 ignoring optional flag "sandboxArg"="0"
2025/02/14 11:44:04 parsed 1 programs
[ 100.797510][ T4599] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 102.534863][ T156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.542841][ T156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.562333][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 102.571457][ T4199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.579891][ T4199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.589322][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 104.079686][ T154] ODEBUG: Out of memory. ODEBUG disabled
[ 104.629186][ T4662] chnl_net:caif_netlink_parms(): no params data found
[ 104.671090][ T4662] bridge0: port 1(bridge_slave_0) entered blocking state
[ 104.678265][ T4662] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.686221][ T4662] device bridge_slave_0 entered promiscuous mode
[ 104.695212][ T4662] bridge0: port 2(bridge_slave_1) entered blocking state
[ 104.702402][ T4662] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.710385][ T4662] device bridge_slave_1 entered promiscuous mode
[ 104.748239][ T4662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 104.759489][ T4662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 104.784365][ T4662] team0: Port device team_slave_0 added
[ 104.809227][ T4662] team0: Port device team_slave_1 added
[ 104.826904][ T4662] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 104.834019][ T4662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.860368][ T4662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 104.873905][ T4662] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 104.880892][ T4662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 104.906963][ T4662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 104.954399][ T4662] device hsr_slave_0 entered promiscuous mode
[ 104.961211][ T4662] device hsr_slave_1 entered promiscuous mode
[ 105.465293][ T4662] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 105.475694][ T4662] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 105.487099][ T4662] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 105.508444][ T4662] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 105.533547][ T4662] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.540641][ T4662] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.548077][ T4662] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.555178][ T4662] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.644204][ T4662] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.705014][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 105.713938][ T156] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.721687][ T156] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.732403][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 105.748585][ T4662] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.776844][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 105.793901][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 105.811730][ T156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.818836][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.829994][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 105.843804][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 105.863329][ T156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.870419][ T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.915936][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 105.934024][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 105.947627][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 105.957391][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 105.968296][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 105.985871][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 105.995327][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 106.010070][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 106.021819][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 106.037061][ T4662] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 106.053913][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 106.073825][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 106.082562][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 106.230766][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 106.243281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 106.259768][ T4662] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 106.281862][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 106.293996][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 106.334129][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 106.343547][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 106.354251][ T4662] device veth0_vlan entered promiscuous mode
[ 106.364404][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 106.383407][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 106.397634][ T4662] device veth1_vlan entered promiscuous mode
[ 106.426913][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 106.437442][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 106.445721][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 106.456856][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 106.470522][ T4662] device veth0_macvtap entered promiscuous mode
[ 106.482904][ T4662] device veth1_macvtap entered promiscuous mode
[ 106.515884][ T4662] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 106.534933][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 106.543714][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 106.562696][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 106.578008][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 106.591139][ T4662] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.599708][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 106.615460][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 106.639741][ T4662] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.649074][ T4662] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.658200][ T4662] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.683166][ T4662] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/02/14 11:44:15 executed programs: 0
[ 107.879409][ T4778] chnl_net:caif_netlink_parms(): no params data found
[ 107.981552][ T4778] bridge0: port 1(bridge_slave_0) entered blocking state
[ 107.997899][ T4778] bridge0: port 1(bridge_slave_0) entered disabled state
[ 108.006248][ T4778] device bridge_slave_0 entered promiscuous mode
[ 108.019980][ T4778] bridge0: port 2(bridge_slave_1) entered blocking state
[ 108.027171][ T4778] bridge0: port 2(bridge_slave_1) entered disabled state
[ 108.035573][ T4778] device bridge_slave_1 entered promiscuous mode
[ 108.079608][ T4778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 108.106834][ T4778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 108.144855][ T4778] team0: Port device team_slave_0 added
[ 108.152837][ T4778] team0: Port device team_slave_1 added
[ 108.197774][ T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.213590][ T4778] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 108.220601][ T4778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 108.250106][ T4778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 108.265636][ T4778] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 108.272699][ T4778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 108.300415][ T4778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 108.340111][ T4778] device hsr_slave_0 entered promiscuous mode
[ 108.347077][ T4778] device hsr_slave_1 entered promiscuous mode
[ 108.354283][ T4778] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 108.361866][ T4778] Cannot create hsr debugfs directory
[ 109.753232][ T4212] Bluetooth: hci0: command 0x0409 tx timeout
[ 110.659538][ T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 111.101271][ T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 111.159189][ T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 111.833228][ T4215] Bluetooth: hci0: command 0x041b tx timeout
[ 112.052191][ T4778] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 112.066975][ T154] device hsr_slave_0 left promiscuous mode
[ 112.073903][ T154] device hsr_slave_1 left promiscuous mode
[ 112.080221][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 112.087766][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 112.095782][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 112.103484][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 112.111002][ T154] device bridge_slave_1 left promiscuous mode
[ 112.117776][ T154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 112.126071][ T154] device bridge_slave_0 left promiscuous mode
[ 112.132242][ T154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 112.146262][ T154] device veth1_macvtap left promiscuous mode
[ 112.152315][ T154] device veth0_macvtap left promiscuous mode
[ 112.158630][ T154] device veth1_vlan left promiscuous mode
[ 112.164602][ T154] device veth0_vlan left promiscuous mode
[ 112.297702][ T154] team0 (unregistering): Port device team_slave_1 removed
[ 112.310917][ T154] team0 (unregistering): Port device team_slave_0 removed
[ 112.322775][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 112.336517][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 112.387158][ T154] bond0 (unregistering): Released all slaves
[ 112.431245][ T4778] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 112.440540][ T4778] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 112.450190][ T4778] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 112.510268][ T4778] 8021q: adding VLAN 0 to HW filter on device bond0
[ 112.524014][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 112.531837][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 112.548004][ T4778] 8021q: adding VLAN 0 to HW filter on device team0
[ 112.557368][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 112.566641][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 112.575577][ T156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 112.582653][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 112.610919][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 112.619173][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 112.628323][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 112.636756][ T156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 112.643871][ T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 112.651495][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 112.660876][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 112.669969][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 112.680064][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 112.688651][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 112.697547][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 112.706850][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 112.719457][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 112.727979][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 112.739144][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 112.747995][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 112.758730][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 112.861919][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 112.870408][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 112.884067][ T4778] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 112.905737][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 112.914914][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 112.936583][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 112.945882][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 112.965369][ T4778] device veth0_vlan entered promiscuous mode
[ 112.974222][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 112.982438][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 112.994642][ T4778] device veth1_vlan entered promiscuous mode
[ 113.018051][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 113.026884][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 113.036024][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 113.044899][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 113.056438][ T4778] device veth0_macvtap entered promiscuous mode
[ 113.066312][ T4778] device veth1_macvtap entered promiscuous mode
[ 113.086115][ T4778] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 113.094013][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 113.102119][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 113.110705][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 113.120020][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 113.133684][ T4778] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 113.140996][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 113.149860][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 113.161820][ T4778] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.171190][ T4778] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.180650][ T4778] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.189934][ T4778] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.259237][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.278761][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.298344][ T4199] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2025/02/14 11:44:21 executed programs: 2
[ 113.310682][ T4199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.320412][ T4199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.329711][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 113.735491][ T5057] loop0: detected capacity change from 0 to 32768
[ 113.851326][ T5057] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 113.873754][ T5057] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 113.896036][ T5057] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[ 113.908136][ T1107] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 113.915883][ T1107] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 113.952146][ T1107] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 36ms
[ 113.964742][ T1107] gfs2: fsid=syz:syz.0: jid=0: Done
[ 113.971042][ T5057] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 113.979680][ T1107] Bluetooth: hci0: command 0x040f tx timeout
[ 114.091081][ T5057] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 114.139379][ T4778] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 114.139379][ T4778] inode = 11 2339
[ 114.139379][ T4778] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 114.161887][ T4778] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 114.177588][ T4778] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 114.191795][ T4778] CPU: 1 PID: 4778 Comm: syz-executor Not tainted 5.15.178-syzkaller #0
[ 114.200137][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 114.210205][ T4778] Call Trace:
[ 114.213488][ T4778]
[ 114.216406][ T4778] dump_stack_lvl+0x1e3/0x2d0
[ 114.221102][ T4778] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 114.226720][ T4778] ? panic+0x860/0x860
[ 114.230780][ T4778] ? do_raw_spin_unlock+0x137/0x8b0
[ 114.236030][ T4778] gfs2_assert_warn_i+0x19b/0x2e0
[ 114.241079][ T4778] gfs2_quota_cleanup+0x4b1/0x6a0
[ 114.246125][ T4778] gfs2_make_fs_ro+0x23b/0x5f0
[ 114.250886][ T4778] ? gfs2_dinode_out+0xaf0/0xaf0
[ 114.255816][ T4778] ? _raw_spin_unlock+0x24/0x40
[ 114.260670][ T4778] ? gfs2_glock_nq+0xc6e/0x15e0
[ 114.265534][ T4778] ? gfs2_glock_wait+0x137/0x1c0
[ 114.270469][ T4778] gfs2_withdraw+0x5fb/0x14e0
[ 114.275160][ T4778] ? gfs2_lm+0x230/0x230
[ 114.279421][ T4778] ? gfs2_freeze_lock+0x52/0xc0
[ 114.284270][ T4778] ? gfs2_consist_inode_i+0xc0/0xe0
[ 114.289467][ T4778] gfs2_inode_refresh+0xbd6/0x1070
[ 114.294603][ T4778] ? gfs2_inode_metasync+0xf0/0xf0
[ 114.299710][ T4778] ? __lock_acquire+0x1ff0/0x1ff0
[ 114.304729][ T4778] inode_go_lock+0x12c/0x470
[ 114.309315][ T4778] do_promote+0x74b/0xb10
[ 114.313646][ T4778] ? demote_incompat_holders+0x4d1/0x550
[ 114.319334][ T4778] finish_xmote+0x50d/0xb60
[ 114.323837][ T4778] do_xmote+0x775/0x10b0
[ 114.328080][ T4778] gfs2_glock_nq+0xc32/0x15e0
[ 114.332763][ T4778] do_sync+0x47a/0xc60
[ 114.336832][ T4778] ? slot_put+0x210/0x210
[ 114.341153][ T4778] ? do_raw_spin_lock+0x14a/0x370
[ 114.346258][ T4778] ? do_sync+0x472/0xc60
[ 114.350489][ T4778] ? do_raw_spin_unlock+0x137/0x8b0
[ 114.355685][ T4778] gfs2_quota_sync+0x379/0x810
[ 114.360487][ T4778] gfs2_sync_fs+0x49/0xb0
[ 114.364821][ T4778] sync_filesystem+0xe8/0x220
[ 114.369495][ T4778] generic_shutdown_super+0x6b/0x310
[ 114.374791][ T4778] kill_block_super+0x7a/0xe0
[ 114.379455][ T4778] deactivate_locked_super+0xa0/0x110
[ 114.384818][ T4778] cleanup_mnt+0x44e/0x500
[ 114.389227][ T4778] ? lockdep_hardirqs_on+0x94/0x130
[ 114.394424][ T4778] task_work_run+0x129/0x1a0
[ 114.399030][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 114.404398][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 114.409934][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 114.415472][ T4778] do_syscall_64+0x47/0xb0
[ 114.419876][ T4778] ? clear_bhb_loop+0x15/0x70
[ 114.424627][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 114.430517][ T4778] RIP: 0033:0x7f01c56430d7
[ 114.434943][ T4778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 114.454542][ T4778] RSP: 002b:00007ffe602f2a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 114.462962][ T4778] RAX: 0000000000000000 RBX: 00007f01c56c308c RCX: 00007f01c56430d7
[ 114.470943][ T4778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe602f2af0
[ 114.479124][ T4778] RBP: 00007ffe602f2af0 R08: 0000000000000000 R09: 0000000000000000
[ 114.487183][ T4778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe602f3b80
[ 114.495152][ T4778] R13: 00007f01c56c308c R14: 000000000001bacc R15: 00007ffe602f3bc0
[ 114.503137][ T4778]
[ 114.513348][ T4778] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 114.522314][ T4778] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 114.529650][ T4778] gfs2: fsid=syz:syz.0: File system withdrawn
[ 114.536104][ T4778] CPU: 1 PID: 4778 Comm: syz-executor Not tainted 5.15.178-syzkaller #0
[ 114.544427][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 114.554497][ T4778] Call Trace:
[ 114.557791][ T4778]
[ 114.560726][ T4778] dump_stack_lvl+0x1e3/0x2d0
[ 114.565742][ T4778] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 114.571555][ T4778] ? panic+0x860/0x860
[ 114.575643][ T4778] gfs2_withdraw+0xe9e/0x14e0
[ 114.580336][ T4778] ? gfs2_lm+0x230/0x230
[ 114.584609][ T4778] ? gfs2_consist_inode_i+0xc0/0xe0
[ 114.589844][ T4778] gfs2_inode_refresh+0xbd6/0x1070
[ 114.594963][ T4778] ? gfs2_inode_metasync+0xf0/0xf0
[ 114.600073][ T4778] ? __lock_acquire+0x1ff0/0x1ff0
[ 114.605128][ T4778] inode_go_lock+0x12c/0x470
[ 114.609718][ T4778] do_promote+0x74b/0xb10
[ 114.614043][ T4778] ? demote_incompat_holders+0x4d1/0x550
[ 114.619671][ T4778] finish_xmote+0x50d/0xb60
[ 114.624194][ T4778] do_xmote+0x775/0x10b0
[ 114.628451][ T4778] gfs2_glock_nq+0xc32/0x15e0
[ 114.633142][ T4778] do_sync+0x47a/0xc60
[ 114.637226][ T4778] ? slot_put+0x210/0x210
[ 114.641551][ T4778] ? do_raw_spin_lock+0x14a/0x370
[ 114.646574][ T4778] ? do_sync+0x472/0xc60
[ 114.650811][ T4778] ? do_raw_spin_unlock+0x137/0x8b0
[ 114.656010][ T4778] gfs2_quota_sync+0x379/0x810
[ 114.660774][ T4778] gfs2_sync_fs+0x49/0xb0
[ 114.665095][ T4778] sync_filesystem+0xe8/0x220
[ 114.669769][ T4778] generic_shutdown_super+0x6b/0x310
[ 114.675069][ T4778] kill_block_super+0x7a/0xe0
[ 114.679739][ T4778] deactivate_locked_super+0xa0/0x110
[ 114.685111][ T4778] cleanup_mnt+0x44e/0x500
[ 114.689609][ T4778] ? lockdep_hardirqs_on+0x94/0x130
[ 114.694908][ T4778] task_work_run+0x129/0x1a0
[ 114.699500][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 114.704865][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 114.710493][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 114.716037][ T4778] do_syscall_64+0x47/0xb0
[ 114.720477][ T4778] ? clear_bhb_loop+0x15/0x70
[ 114.725164][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 114.731193][ T4778] RIP: 0033:0x7f01c56430d7
[ 114.735610][ T4778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 114.755320][ T4778] RSP: 002b:00007ffe602f2a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 114.763825][ T4778] RAX: 0000000000000000 RBX: 00007f01c56c308c RCX: 00007f01c56430d7
[ 114.771804][ T4778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe602f2af0
[ 114.779783][ T4778] RBP: 00007ffe602f2af0 R08: 0000000000000000 R09: 0000000000000000
[ 114.787744][ T4778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe602f3b80
[ 114.795802][ T4778] R13: 00007f01c56c308c R14: 000000000001bacc R15: 00007ffe602f3bc0
[ 114.803792][ T4778]
[ 115.170023][ T5061] loop0: detected capacity change from 0 to 32768
[ 115.266929][ T5061] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 115.276790][ T5061] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 115.288873][ T5061] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[ 115.297997][ T4186] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 115.304976][ T4186] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 115.327045][ T4186] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 22ms
[ 115.334594][ T4186] gfs2: fsid=syz:syz.0: jid=0: Done
[ 115.339882][ T5061] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 115.418315][ T5061] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 115.431259][ T4778] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 115.431259][ T4778] inode = 11 2339
[ 115.431259][ T4778] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 115.450541][ T4778] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 115.465261][ T4778] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 115.480090][ T4778] CPU: 0 PID: 4778 Comm: syz-executor Not tainted 5.15.178-syzkaller #0
[ 115.488448][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 115.498501][ T4778] Call Trace:
[ 115.501772][ T4778]
[ 115.504697][ T4778] dump_stack_lvl+0x1e3/0x2d0
[ 115.509371][ T4778] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 115.514993][ T4778] ? panic+0x860/0x860
[ 115.519062][ T4778] ? do_raw_spin_unlock+0x137/0x8b0
[ 115.524265][ T4778] gfs2_assert_warn_i+0x19b/0x2e0
[ 115.529308][ T4778] gfs2_quota_cleanup+0x4b1/0x6a0
[ 115.534349][ T4778] gfs2_make_fs_ro+0x23b/0x5f0
[ 115.539166][ T4778] ? gfs2_dinode_out+0xaf0/0xaf0
[ 115.544178][ T4778] ? _raw_spin_unlock+0x24/0x40
[ 115.549022][ T4778] ? gfs2_glock_nq+0xc6e/0x15e0
[ 115.553900][ T4778] ? gfs2_glock_wait+0x137/0x1c0
[ 115.558835][ T4778] gfs2_withdraw+0x5fb/0x14e0
[ 115.563624][ T4778] ? gfs2_lm+0x230/0x230
[ 115.567903][ T4778] ? gfs2_freeze_lock+0x52/0xc0
[ 115.572770][ T4778] ? gfs2_consist_inode_i+0xc0/0xe0
[ 115.577989][ T4778] gfs2_inode_refresh+0xbd6/0x1070
[ 115.583120][ T4778] ? gfs2_inode_metasync+0xf0/0xf0
[ 115.588281][ T4778] ? __lock_acquire+0x1ff0/0x1ff0
[ 115.593338][ T4778] inode_go_lock+0x12c/0x470
[ 115.598139][ T4778] do_promote+0x74b/0xb10
[ 115.602511][ T4778] ? demote_incompat_holders+0x4d1/0x550
[ 115.608165][ T4778] finish_xmote+0x50d/0xb60
[ 115.612676][ T4778] do_xmote+0x775/0x10b0
[ 115.616924][ T4778] gfs2_glock_nq+0xc32/0x15e0
[ 115.621629][ T4778] do_sync+0x47a/0xc60
[ 115.625698][ T4778] ? slot_put+0x210/0x210
[ 115.630020][ T4778] ? do_raw_spin_lock+0x14a/0x370
[ 115.635154][ T4778] ? do_sync+0x472/0xc60
[ 115.639420][ T4778] ? do_raw_spin_unlock+0x137/0x8b0
[ 115.644627][ T4778] gfs2_quota_sync+0x379/0x810
[ 115.649390][ T4778] gfs2_sync_fs+0x49/0xb0
[ 115.653708][ T4778] sync_filesystem+0xe8/0x220
[ 115.658382][ T4778] generic_shutdown_super+0x6b/0x310
[ 115.663661][ T4778] kill_block_super+0x7a/0xe0
[ 115.668327][ T4778] deactivate_locked_super+0xa0/0x110
[ 115.673802][ T4778] cleanup_mnt+0x44e/0x500
[ 115.678230][ T4778] ? lockdep_hardirqs_on+0x94/0x130
[ 115.683434][ T4778] task_work_run+0x129/0x1a0
[ 115.688047][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 115.693416][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 115.698955][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 115.704496][ T4778] do_syscall_64+0x47/0xb0
[ 115.708902][ T4778] ? clear_bhb_loop+0x15/0x70
[ 115.713576][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 115.719463][ T4778] RIP: 0033:0x7f01c56430d7
[ 115.723870][ T4778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 115.743469][ T4778] RSP: 002b:00007ffe602f2a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 115.751877][ T4778] RAX: 0000000000000000 RBX: 00007f01c56c308c RCX: 00007f01c56430d7
[ 115.759838][ T4778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe602f2af0
[ 115.767798][ T4778] RBP: 00007ffe602f2af0 R08: 0000000000000000 R09: 0000000000000000
[ 115.775772][ T4778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe602f3b80
[ 115.783740][ T4778] R13: 00007f01c56c308c R14: 000000000001c0eb R15: 00007ffe602f3bc0
[ 115.791734][ T4778]
[ 115.795508][ T4778] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 115.804344][ T4778] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 115.810918][ T4778] gfs2: fsid=syz:syz.0: File system withdrawn
[ 115.817127][ T4778] CPU: 0 PID: 4778 Comm: syz-executor Not tainted 5.15.178-syzkaller #0
[ 115.825586][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 115.835635][ T4778] Call Trace:
[ 115.838956][ T4778]
[ 115.841897][ T4778] dump_stack_lvl+0x1e3/0x2d0
[ 115.846581][ T4778] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 115.852221][ T4778] ? panic+0x860/0x860
[ 115.856295][ T4778] gfs2_withdraw+0xe9e/0x14e0
[ 115.861001][ T4778] ? gfs2_lm+0x230/0x230
[ 115.865242][ T4778] ? gfs2_consist_inode_i+0xc0/0xe0
[ 115.870433][ T4778] gfs2_inode_refresh+0xbd6/0x1070
[ 115.875553][ T4778] ? gfs2_inode_metasync+0xf0/0xf0
[ 115.880755][ T4778] ? __lock_acquire+0x1ff0/0x1ff0
[ 115.885781][ T4778] inode_go_lock+0x12c/0x470
[ 115.890376][ T4778] do_promote+0x74b/0xb10
[ 115.894706][ T4778] ? demote_incompat_holders+0x4d1/0x550
[ 115.900331][ T4778] finish_xmote+0x50d/0xb60
[ 115.904830][ T4778] do_xmote+0x775/0x10b0
[ 115.909072][ T4778] gfs2_glock_nq+0xc32/0x15e0
[ 115.913864][ T4778] do_sync+0x47a/0xc60
[ 115.917949][ T4778] ? slot_put+0x210/0x210
[ 115.922282][ T4778] ? do_raw_spin_lock+0x14a/0x370
[ 115.927308][ T4778] ? do_sync+0x472/0xc60
[ 115.931557][ T4778] ? do_raw_spin_unlock+0x137/0x8b0
[ 115.936840][ T4778] gfs2_quota_sync+0x379/0x810
[ 115.941663][ T4778] gfs2_sync_fs+0x49/0xb0
[ 115.946000][ T4778] sync_filesystem+0xe8/0x220
[ 115.950897][ T4778] generic_shutdown_super+0x6b/0x310
[ 115.956183][ T4778] kill_block_super+0x7a/0xe0
[ 115.960857][ T4778] deactivate_locked_super+0xa0/0x110
[ 115.966225][ T4778] cleanup_mnt+0x44e/0x500
[ 115.970633][ T4778] ? lockdep_hardirqs_on+0x94/0x130
[ 115.975826][ T4778] task_work_run+0x129/0x1a0
[ 115.980437][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 115.985804][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 115.991342][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 115.996996][ T4778] do_syscall_64+0x47/0xb0
[ 116.001488][ T4778] ? clear_bhb_loop+0x15/0x70
[ 116.006154][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.012039][ T4778] RIP: 0033:0x7f01c56430d7
[ 116.016464][ T4778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 116.036159][ T4778] RSP: 002b:00007ffe602f2a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 116.044586][ T4778] RAX: 0000000000000000 RBX: 00007f01c56c308c RCX: 00007f01c56430d7
[ 116.052634][ T4778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe602f2af0
[ 116.060614][ T4778] RBP: 00007ffe602f2af0 R08: 0000000000000000 R09: 0000000000000000
[ 116.068575][ T4778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe602f3b80
[ 116.076558][ T4778] R13: 00007f01c56c308c R14: 000000000001c0eb R15: 00007ffe602f3bc0
[ 116.084648][ T4778]
[ 116.088380][ T1107] Bluetooth: hci0: command 0x0419 tx timeout
[ 116.095644][ T4778] ==================================================================
[ 116.103974][ T4778] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[ 116.110851][ T4778] Read of size 8 at addr ffff88807049d1e0 by task syz-executor/4778
[ 116.118817][ T4778]
[ 116.121130][ T4778] CPU: 1 PID: 4778 Comm: syz-executor Not tainted 5.15.178-syzkaller #0
[ 116.129442][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 116.139647][ T4778] Call Trace:
[ 116.142935][ T4778]
[ 116.145867][ T4778] dump_stack_lvl+0x1e3/0x2d0
[ 116.150545][ T4778] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 116.156177][ T4778] ? _printk+0xd1/0x120
[ 116.160338][ T4778] ? __wake_up_klogd+0xcc/0x100
[ 116.165293][ T4778] ? panic+0x860/0x860
[ 116.169357][ T4778] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 116.174819][ T4778] print_address_description+0x63/0x3b0
[ 116.180359][ T4778] ? qd_unlock+0x30/0x2d0
[ 116.184708][ T4778] kasan_report+0x16b/0x1c0
[ 116.189217][ T4778] ? qd_unlock+0x30/0x2d0
[ 116.193540][ T4778] kasan_check_range+0x27e/0x290
[ 116.198480][ T4778] qd_unlock+0x30/0x2d0
[ 116.202646][ T4778] gfs2_quota_sync+0x6e3/0x810
[ 116.207442][ T4778] gfs2_sync_fs+0x49/0xb0
[ 116.211792][ T4778] sync_filesystem+0xe8/0x220
[ 116.216507][ T4778] generic_shutdown_super+0x6b/0x310
[ 116.221791][ T4778] kill_block_super+0x7a/0xe0
[ 116.226484][ T4778] deactivate_locked_super+0xa0/0x110
[ 116.231853][ T4778] cleanup_mnt+0x44e/0x500
[ 116.236275][ T4778] ? lockdep_hardirqs_on+0x94/0x130
[ 116.241478][ T4778] task_work_run+0x129/0x1a0
[ 116.246079][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 116.251578][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 116.257119][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 116.262692][ T4778] do_syscall_64+0x47/0xb0
[ 116.267167][ T4778] ? clear_bhb_loop+0x15/0x70
[ 116.271835][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.277725][ T4778] RIP: 0033:0x7f01c56430d7
[ 116.282133][ T4778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 116.301934][ T4778] RSP: 002b:00007ffe602f2a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 116.310604][ T4778] RAX: 0000000000000000 RBX: 00007f01c56c308c RCX: 00007f01c56430d7
[ 116.318573][ T4778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe602f2af0
[ 116.326541][ T4778] RBP: 00007ffe602f2af0 R08: 0000000000000000 R09: 0000000000000000
[ 116.334516][ T4778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe602f3b80
[ 116.342479][ T4778] R13: 00007f01c56c308c R14: 000000000001c0eb R15: 00007ffe602f3bc0
[ 116.350452][ T4778]
[ 116.353466][ T4778]
[ 116.355780][ T4778] Allocated by task 5061:
[ 116.360121][ T4778] __kasan_slab_alloc+0x8e/0xc0
[ 116.364978][ T4778] slab_post_alloc_hook+0x53/0x380
[ 116.370077][ T4778] kmem_cache_alloc+0xf3/0x280
[ 116.374827][ T4778] qd_alloc+0x51/0x250
[ 116.378883][ T4778] gfs2_quota_init+0x7ea/0x1110
[ 116.383742][ T4778] gfs2_make_fs_rw+0x436/0x5b0
[ 116.388499][ T4778] gfs2_fill_super+0x23e8/0x2750
[ 116.393423][ T4778] get_tree_bdev+0x3fe/0x620
[ 116.397998][ T4778] gfs2_get_tree+0x50/0x210
[ 116.402498][ T4778] vfs_get_tree+0x88/0x270
[ 116.406988][ T4778] do_new_mount+0x2ba/0xb40
[ 116.411658][ T4778] __se_sys_mount+0x2d5/0x3c0
[ 116.416336][ T4778] do_syscall_64+0x3b/0xb0
[ 116.420744][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.426635][ T4778]
[ 116.428950][ T4778] Freed by task 14:
[ 116.432744][ T4778] kasan_set_track+0x4b/0x80
[ 116.437469][ T4778] kasan_set_free_info+0x1f/0x40
[ 116.442400][ T4778] ____kasan_slab_free+0xd8/0x120
[ 116.447454][ T4778] slab_free_freelist_hook+0xdd/0x160
[ 116.452819][ T4778] kmem_cache_free+0x91/0x1f0
[ 116.457485][ T4778] rcu_core+0xa15/0x1650
[ 116.461718][ T4778] handle_softirqs+0x3a7/0x930
[ 116.466477][ T4778] run_ksoftirqd+0xc6/0x120
[ 116.470981][ T4778] smpboot_thread_fn+0x51b/0x9d0
[ 116.475906][ T4778] kthread+0x3f6/0x4f0
[ 116.479965][ T4778] ret_from_fork+0x1f/0x30
[ 116.484394][ T4778]
[ 116.486702][ T4778] Last potentially related work creation:
[ 116.492401][ T4778] kasan_save_stack+0x36/0x60
[ 116.497063][ T4778] kasan_record_aux_stack+0xba/0x100
[ 116.502347][ T4778] call_rcu+0x1c4/0xa70
[ 116.506585][ T4778] gfs2_quota_cleanup+0x43e/0x6a0
[ 116.511598][ T4778] gfs2_make_fs_ro+0x23b/0x5f0
[ 116.516346][ T4778] gfs2_withdraw+0x5fb/0x14e0
[ 116.521006][ T4778] gfs2_inode_refresh+0xbd6/0x1070
[ 116.526100][ T4778] inode_go_lock+0x12c/0x470
[ 116.530678][ T4778] do_promote+0x74b/0xb10
[ 116.534990][ T4778] finish_xmote+0x50d/0xb60
[ 116.539479][ T4778] do_xmote+0x775/0x10b0
[ 116.543713][ T4778] gfs2_glock_nq+0xc32/0x15e0
[ 116.548389][ T4778] do_sync+0x47a/0xc60
[ 116.552453][ T4778] gfs2_quota_sync+0x379/0x810
[ 116.557317][ T4778] gfs2_sync_fs+0x49/0xb0
[ 116.561650][ T4778] sync_filesystem+0xe8/0x220
[ 116.566378][ T4778] generic_shutdown_super+0x6b/0x310
[ 116.571683][ T4778] kill_block_super+0x7a/0xe0
[ 116.576376][ T4778] deactivate_locked_super+0xa0/0x110
[ 116.581743][ T4778] cleanup_mnt+0x44e/0x500
[ 116.586149][ T4778] task_work_run+0x129/0x1a0
[ 116.590731][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 116.596089][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 116.601624][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 116.607159][ T4778] do_syscall_64+0x47/0xb0
[ 116.611565][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.617463][ T4778]
[ 116.619769][ T4778] The buggy address belongs to the object at ffff88807049d150
[ 116.619769][ T4778] which belongs to the cache gfs2_quotad of size 272
[ 116.633803][ T4778] The buggy address is located 144 bytes inside of
[ 116.633803][ T4778] 272-byte region [ffff88807049d150, ffff88807049d260)
[ 116.647075][ T4778] The buggy address belongs to the page:
[ 116.652717][ T4778] page:ffffea0001c12740 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7049d
[ 116.662862][ T4778] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 116.670418][ T4778] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888146701280
[ 116.678986][ T4778] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 116.687549][ T4778] page dumped because: kasan: bad access detected
[ 116.693953][ T4778] page_owner tracks the page as allocated
[ 116.699735][ T4778] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5057, ts 114075776435, free_ts 79214421544
[ 116.718821][ T4778] get_page_from_freelist+0x3b78/0x3d40
[ 116.724364][ T4778] __alloc_pages+0x272/0x700
[ 116.728963][ T4778] new_slab+0xbb/0x4b0
[ 116.733025][ T4778] ___slab_alloc+0x6f6/0xe10
[ 116.737617][ T4778] kmem_cache_alloc+0x18e/0x280
[ 116.742453][ T4778] qd_alloc+0x51/0x250
[ 116.746528][ T4778] gfs2_quota_init+0x7ea/0x1110
[ 116.751388][ T4778] gfs2_make_fs_rw+0x436/0x5b0
[ 116.756139][ T4778] gfs2_fill_super+0x23e8/0x2750
[ 116.761064][ T4778] get_tree_bdev+0x3fe/0x620
[ 116.765637][ T4778] gfs2_get_tree+0x50/0x210
[ 116.770123][ T4778] vfs_get_tree+0x88/0x270
[ 116.774527][ T4778] do_new_mount+0x2ba/0xb40
[ 116.779022][ T4778] __se_sys_mount+0x2d5/0x3c0
[ 116.783858][ T4778] do_syscall_64+0x3b/0xb0
[ 116.788277][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 116.794179][ T4778] page last free stack trace:
[ 116.798847][ T4778] free_unref_page_prepare+0xc34/0xcf0
[ 116.804294][ T4778] free_unref_page+0x95/0x2d0
[ 116.808958][ T4778] __unfreeze_partials+0x1b7/0x210
[ 116.814057][ T4778] put_cpu_partial+0x132/0x1a0
[ 116.818808][ T4778] ___cache_free+0xe3/0x100
[ 116.823310][ T4778] qlist_free_all+0x36/0x90
[ 116.827802][ T4778] kasan_quarantine_reduce+0x162/0x180
[ 116.833281][ T4778] __kasan_slab_alloc+0x2f/0xc0
[ 116.838123][ T4778] slab_post_alloc_hook+0x53/0x380
[ 116.843220][ T4778] kmem_cache_alloc+0xf3/0x280
[ 116.847973][ T4778] __kernfs_new_node+0xdb/0x750
[ 116.852813][ T4778] kernfs_new_node+0x136/0x230
[ 116.857564][ T4778] __kernfs_create_file+0x45/0x2e0
[ 116.862662][ T4778] sysfs_add_file_mode_ns+0x308/0x3e0
[ 116.868019][ T4778] internal_create_group+0x573/0xf00
[ 116.873294][ T4778] sysfs_create_groups+0x52/0x110
[ 116.878307][ T4778]
[ 116.880616][ T4778] Memory state around the buggy address:
[ 116.886229][ T4778] ffff88807049d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 116.894294][ T4778] ffff88807049d100: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb
[ 116.902337][ T4778] >ffff88807049d180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 116.910386][ T4778] ^
[ 116.917567][ T4778] ffff88807049d200: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 116.925725][ T4778] ffff88807049d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 116.933771][ T4778] ==================================================================
[ 116.941815][ T4778] Disabling lock debugging due to kernel taint
[ 116.950791][ T4778] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 116.957999][ T4778] CPU: 1 PID: 4778 Comm: syz-executor Tainted: G B 5.15.178-syzkaller #0
[ 116.967722][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 116.977766][ T4778] Call Trace:
[ 116.981035][ T4778]
[ 116.983968][ T4778] dump_stack_lvl+0x1e3/0x2d0
[ 116.988695][ T4778] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 116.994337][ T4778] ? panic+0x860/0x860
[ 116.998397][ T4778] ? rcu_is_watching+0x11/0xa0
[ 117.003159][ T4778] ? preempt_schedule_common+0xa6/0xd0
[ 117.008641][ T4778] panic+0x318/0x860
[ 117.012532][ T4778] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 117.018799][ T4778] ? check_panic_on_warn+0x1d/0xa0
[ 117.024028][ T4778] ? fb_is_primary_device+0xd0/0xd0
[ 117.029223][ T4778] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 117.035204][ T4778] ? _raw_spin_unlock+0x40/0x40
[ 117.040051][ T4778] check_panic_on_warn+0x7e/0xa0
[ 117.044980][ T4778] ? qd_unlock+0x30/0x2d0
[ 117.049296][ T4778] end_report+0x6d/0xf0
[ 117.053488][ T4778] kasan_report+0x18e/0x1c0
[ 117.057996][ T4778] ? qd_unlock+0x30/0x2d0
[ 117.062314][ T4778] kasan_check_range+0x27e/0x290
[ 117.067258][ T4778] qd_unlock+0x30/0x2d0
[ 117.071407][ T4778] gfs2_quota_sync+0x6e3/0x810
[ 117.076179][ T4778] gfs2_sync_fs+0x49/0xb0
[ 117.080523][ T4778] sync_filesystem+0xe8/0x220
[ 117.085192][ T4778] generic_shutdown_super+0x6b/0x310
[ 117.090471][ T4778] kill_block_super+0x7a/0xe0
[ 117.095135][ T4778] deactivate_locked_super+0xa0/0x110
[ 117.100518][ T4778] cleanup_mnt+0x44e/0x500
[ 117.104953][ T4778] ? lockdep_hardirqs_on+0x94/0x130
[ 117.110139][ T4778] task_work_run+0x129/0x1a0
[ 117.114729][ T4778] exit_to_user_mode_loop+0x106/0x130
[ 117.120145][ T4778] exit_to_user_mode_prepare+0xb1/0x140
[ 117.125682][ T4778] syscall_exit_to_user_mode+0x5d/0x240
[ 117.131214][ T4778] do_syscall_64+0x47/0xb0
[ 117.135614][ T4778] ? clear_bhb_loop+0x15/0x70
[ 117.140407][ T4778] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 117.146332][ T4778] RIP: 0033:0x7f01c56430d7
[ 117.150737][ T4778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 117.170332][ T4778] RSP: 002b:00007ffe602f2a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 117.178868][ T4778] RAX: 0000000000000000 RBX: 00007f01c56c308c RCX: 00007f01c56430d7
[ 117.186836][ T4778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe602f2af0
[ 117.194821][ T4778] RBP: 00007ffe602f2af0 R08: 0000000000000000 R09: 0000000000000000
[ 117.202782][ T4778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe602f3b80
[ 117.210741][ T4778] R13: 00007f01c56c308c R14: 000000000001c0eb R15: 00007ffe602f3bc0
[ 117.218889][ T4778]
[ 117.222270][ T4778] Kernel Offset: disabled
[ 117.226593][ T4778] Rebooting in 86400 seconds..