Warning: Permanently added '10.128.1.55' (ECDSA) to the list of known hosts.
2023/01/04 09:27:05 ignoring optional flag "sandboxArg"="0"
2023/01/04 09:27:06 parsed 1 programs
2023/01/04 09:27:06 executed programs: 0
[ 74.362860][ T5070] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 74.370969][ T5070] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 74.380036][ T5070] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 74.387906][ T5070] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 74.396392][ T5070] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 74.485248][ T5532] chnl_net:caif_netlink_parms(): no params data found
[ 74.521464][ T5532] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.528797][ T5532] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.537382][ T5532] device bridge_slave_0 entered promiscuous mode
[ 74.545699][ T5532] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.553508][ T5532] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.561451][ T5532] device bridge_slave_1 entered promiscuous mode
[ 74.579573][ T5532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.591173][ T5532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.611921][ T5532] team0: Port device team_slave_0 added
[ 74.619526][ T5532] team0: Port device team_slave_1 added
[ 74.637742][ T5532] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.645146][ T5532] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.671351][ T5532] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.683369][ T5532] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.690591][ T5532] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.716913][ T5532] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.745941][ T5532] device hsr_slave_0 entered promiscuous mode
[ 74.752521][ T5532] device hsr_slave_1 entered promiscuous mode
[ 75.337440][ T5532] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 75.348902][ T5532] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 75.358925][ T5532] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 75.373343][ T5532] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 75.397881][ T5532] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.405052][ T5532] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.412435][ T5532] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.419624][ T5532] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.475258][ T22] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.483286][ T22] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.500846][ T5532] 8021q: adding VLAN 0 to HW filter on device bond0
[ 75.514915][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 75.522835][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 75.536489][ T5532] 8021q: adding VLAN 0 to HW filter on device team0
[ 75.547382][ T5083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 75.559447][ T5083] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 75.568402][ T5083] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.576205][ T5083] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.610806][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 75.619719][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 75.628762][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.636046][ T5084] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.645039][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 75.653881][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 75.663285][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 75.672819][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 75.683623][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 75.692484][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 75.706345][ T5532] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 75.720079][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 75.730473][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 75.741075][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 75.750187][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 75.945245][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 75.952941][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 75.964485][ T5532] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.988614][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 75.999296][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 76.020665][ T5083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 76.030243][ T5083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 76.042871][ T5532] device veth0_vlan entered promiscuous mode
[ 76.051459][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 76.060462][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 76.073225][ T5532] device veth1_vlan entered promiscuous mode
[ 76.098285][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 76.108381][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 76.117170][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 76.126391][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 76.138140][ T5532] device veth0_macvtap entered promiscuous mode
[ 76.150442][ T5532] device veth1_macvtap entered promiscuous mode
[ 76.169951][ T5532] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 76.178726][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 76.187790][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 76.196800][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 76.205964][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 76.218360][ T5532] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 76.228340][ T5083] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 76.238381][ T5083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 76.249769][ T5532] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.260278][ T5532] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.270322][ T5532] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.280911][ T5532] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.340764][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.354554][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.364102][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 76.388471][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.397461][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.408472][ T5084] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 76.435602][ T5070] Bluetooth: hci0: command 0x0409 tx timeout
[ 76.436058][ T26] cfg80211: failed to load regulatory.db
[ 76.765140][ T5595] loop0: detected capacity change from 0 to 32768
[ 76.780513][ T5595] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 76.790275][ T5595] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 76.808626][ T5595] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 76.820020][ T26] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 76.829314][ T26] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 76.895751][ T26] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 66ms
[ 76.906541][ T26] gfs2: fsid=syz:syz.0: jid=0: Done
[ 76.912516][ T5595] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 77.076928][ T5595] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 77.107441][ T5532] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 77.107441][ T5532] inode = 11 2340
[ 77.107441][ T5532] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 460
[ 77.126717][ T5532] gfs2: fsid=syz:syz.0: G: s:EX n:2/924 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 77.136834][ T5532] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5532 [syz-executor.0] gfs2_quota_sync+0x3da/0x8b0
[ 77.147653][ T5532] gfs2: fsid=syz:syz.0: I: n:11/2340 t:8 f:0x00 d:0x00000201 s:176 p:0
[ 77.160842][ T5532] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 77.174315][ T5532] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1477
[ 77.189387][ T5532] CPU: 1 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 77.198531][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 77.208865][ T5532] Call Trace:
[ 77.212160][ T5532]
[ 77.215104][ T5532] dump_stack_lvl+0x1b1/0x290
[ 77.219814][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 77.225322][ T5532] ? panic+0x710/0x710
[ 77.229602][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 77.235202][ T5532] gfs2_assert_warn_i+0x19a/0x2e0
[ 77.240530][ T5532] gfs2_quota_cleanup+0x4c6/0x6b0
[ 77.245692][ T5532] gfs2_make_fs_ro+0x517/0x610
[ 77.251007][ T5532] ? __might_sleep+0xc0/0xc0
[ 77.255642][ T5532] ? gfs2_dinode_out+0xad0/0xad0
[ 77.261219][ T5532] ? gfs2_glock_nq+0xdaa/0x1700
[ 77.266114][ T5532] ? gfs2_instantiate+0x207/0x220
[ 77.271181][ T5532] ? gfs2_glock_wait+0x213/0x2a0
[ 77.276290][ T5532] gfs2_withdraw+0x609/0x1540
[ 77.281200][ T5532] ? gfs2_lm+0x220/0x220
[ 77.285465][ T5532] ? make_kgid+0x1fe/0x710
[ 77.290089][ T5532] ? gfs2_withdraw+0x5cc/0x1540
[ 77.294979][ T5532] ? gfs2_consist_inode_i+0xf3/0x110
[ 77.301003][ T5532] gfs2_inode_refresh+0xb2d/0xf60
[ 77.306076][ T5532] ? gfs2_inode_metasync+0xf0/0xf0
[ 77.311398][ T5532] ? _raw_spin_unlock+0x24/0x40
[ 77.316455][ T5532] ? gfs2_glock_nq+0xdaa/0x1700
[ 77.321437][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 77.326864][ T5532] gfs2_instantiate+0x15e/0x220
[ 77.331927][ T5532] gfs2_glock_wait+0x1d9/0x2a0
[ 77.336941][ T5532] do_sync+0x47d/0xcd0
[ 77.341070][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 77.346057][ T5532] ? slot_put+0x1f0/0x1f0
[ 77.350413][ T5532] ? do_raw_spin_lock+0x147/0x3a0
[ 77.355459][ T5532] ? __lock_acquire+0x1f60/0x1f60
[ 77.360511][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 77.365474][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 77.370705][ T5532] ? qd_check_sync+0xba/0x3f0
[ 77.375871][ T5532] gfs2_quota_sync+0x3da/0x8b0
[ 77.380687][ T5532] gfs2_sync_fs+0x49/0xb0
[ 77.385226][ T5532] sync_filesystem+0xe8/0x220
[ 77.390113][ T5532] generic_shutdown_super+0x6b/0x310
[ 77.395493][ T5532] kill_block_super+0x79/0xd0
[ 77.400205][ T5532] deactivate_locked_super+0xa7/0xf0
[ 77.405517][ T5532] cleanup_mnt+0x494/0x520
[ 77.409976][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 77.415470][ T5532] task_work_run+0x243/0x300
[ 77.420624][ T5532] ? task_work_cancel+0x290/0x290
[ 77.425692][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 77.431550][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 77.436966][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 77.442644][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 77.448151][ T5532] do_syscall_64+0x49/0xb0
[ 77.452858][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 77.458795][ T5532] RIP: 0033:0x7f585868d517
[ 77.463497][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 77.483226][ T5532] RSP: 002b:00007ffe1dbeec28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 77.491671][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f585868d517
[ 77.500204][ T5532] RDX: 00007ffe1dbeecf9 RSI: 000000000000000a RDI: 00007ffe1dbeecf0
[ 77.508466][ T5532] RBP: 00007ffe1dbeecf0 R08: 00000000ffffffff R09: 00007ffe1dbeeac0
[ 77.516557][ T5532] R10: 000055555704d8b3 R11: 0000000000000246 R12: 00007f58586e6b24
[ 77.525081][ T5532] R13: 00007ffe1dbefdb0 R14: 000055555704d810 R15: 00007ffe1dbefdf0
[ 77.533377][ T5532]
[ 77.551295][ T5532] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 77.563354][ T5532] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 77.575245][ T5532] gfs2: fsid=syz:syz.0: File system withdrawn
[ 77.581453][ T5532] CPU: 0 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 77.590772][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 77.600948][ T5532] Call Trace:
[ 77.604248][ T5532]
[ 77.607294][ T5532] dump_stack_lvl+0x1b1/0x290
[ 77.612088][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 77.617600][ T5532] ? panic+0x710/0x710
[ 77.621704][ T5532] ? kobject_uevent_env+0x46b/0x8e0
[ 77.627028][ T5532] gfs2_withdraw+0xf33/0x1540
[ 77.631746][ T5532] ? gfs2_lm+0x220/0x220
[ 77.636102][ T5532] ? make_kgid+0x1fe/0x710
[ 77.640569][ T5532] ? gfs2_consist_inode_i+0xf3/0x110
[ 77.645888][ T5532] gfs2_inode_refresh+0xb2d/0xf60
[ 77.650980][ T5532] ? gfs2_inode_metasync+0xf0/0xf0
[ 77.656170][ T5532] ? _raw_spin_unlock+0x24/0x40
[ 77.661055][ T5532] ? gfs2_glock_nq+0xdaa/0x1700
[ 77.666469][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 77.671800][ T5532] gfs2_instantiate+0x15e/0x220
[ 77.676684][ T5532] gfs2_glock_wait+0x1d9/0x2a0
[ 77.681479][ T5532] do_sync+0x47d/0xcd0
[ 77.685576][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 77.690559][ T5532] ? slot_put+0x1f0/0x1f0
[ 77.694935][ T5532] ? do_raw_spin_lock+0x147/0x3a0
[ 77.699988][ T5532] ? __lock_acquire+0x1f60/0x1f60
[ 77.705052][ T5532] ? gfs2_quota_sync+0x3da/0x8b0
[ 77.710106][ T5532] ? do_raw_spin_unlock+0x134/0x8a0
[ 77.715342][ T5532] ? qd_check_sync+0xba/0x3f0
[ 77.720052][ T5532] gfs2_quota_sync+0x3da/0x8b0
[ 77.724851][ T5532] gfs2_sync_fs+0x49/0xb0
[ 77.729379][ T5532] sync_filesystem+0xe8/0x220
[ 77.734082][ T5532] generic_shutdown_super+0x6b/0x310
[ 77.739397][ T5532] kill_block_super+0x79/0xd0
[ 77.744193][ T5532] deactivate_locked_super+0xa7/0xf0
[ 77.750654][ T5532] cleanup_mnt+0x494/0x520
[ 77.755291][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 77.760612][ T5532] task_work_run+0x243/0x300
[ 77.765336][ T5532] ? task_work_cancel+0x290/0x290
[ 77.770406][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 77.776079][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 77.781612][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 77.787552][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 77.793395][ T5532] do_syscall_64+0x49/0xb0
[ 77.797848][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 77.803872][ T5532] RIP: 0033:0x7f585868d517
[ 77.808315][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 77.830817][ T5532] RSP: 002b:00007ffe1dbeec28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 77.839438][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f585868d517
[ 77.848048][ T5532] RDX: 00007ffe1dbeecf9 RSI: 000000000000000a RDI: 00007ffe1dbeecf0
[ 77.856061][ T5532] RBP: 00007ffe1dbeecf0 R08: 00000000ffffffff R09: 00007ffe1dbeeac0
[ 77.864144][ T5532] R10: 000055555704d8b3 R11: 0000000000000246 R12: 00007f58586e6b24
[ 77.872311][ T5532] R13: 00007ffe1dbefdb0 R14: 000055555704d810 R15: 00007ffe1dbefdf0
[ 77.880336][ T5532]
[ 77.893945][ T5532] ==================================================================
[ 77.902056][ T5532] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[ 77.908840][ T5532] Read of size 8 at addr ffff888076f49090 by task syz-executor.0/5532
[ 77.917004][ T5532]
[ 77.919703][ T5532] CPU: 0 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 77.930067][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 77.940234][ T5532] Call Trace:
[ 77.943670][ T5532]
[ 77.946647][ T5532] dump_stack_lvl+0x1b1/0x290
[ 77.951714][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 77.957986][ T5532] ? __wake_up_klogd+0xcd/0x100
[ 77.962970][ T5532] ? panic+0x710/0x710
[ 77.967060][ T5532] ? _printk+0xc0/0x100
[ 77.971402][ T5532] ? _raw_spin_lock_irqsave+0x8e/0x100
[ 77.977326][ T5532] print_address_description+0x74/0x340
[ 77.982893][ T5532] print_report+0x107/0x1f0
[ 77.987513][ T5532] ? __virt_addr_valid+0x21b/0x2d0
[ 77.995087][ T5532] ? __phys_addr+0xb5/0x160
[ 77.999886][ T5532] ? qd_unlock+0x30/0x2d0
[ 78.004223][ T5532] kasan_report+0xcd/0x100
[ 78.008639][ T5532] ? qd_unlock+0x30/0x2d0
[ 78.012967][ T5532] kasan_check_range+0x2a7/0x2e0
[ 78.018708][ T5532] qd_unlock+0x30/0x2d0
[ 78.023400][ T5532] gfs2_quota_sync+0x768/0x8b0
[ 78.028339][ T5532] gfs2_sync_fs+0x49/0xb0
[ 78.032660][ T5532] sync_filesystem+0xe8/0x220
[ 78.037345][ T5532] generic_shutdown_super+0x6b/0x310
[ 78.042814][ T5532] kill_block_super+0x79/0xd0
[ 78.047483][ T5532] deactivate_locked_super+0xa7/0xf0
[ 78.052770][ T5532] cleanup_mnt+0x494/0x520
[ 78.057375][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 78.062679][ T5532] task_work_run+0x243/0x300
[ 78.067284][ T5532] ? task_work_cancel+0x290/0x290
[ 78.072394][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 78.078025][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 78.083480][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 78.089018][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 78.094559][ T5532] do_syscall_64+0x49/0xb0
[ 78.099154][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 78.105080][ T5532] RIP: 0033:0x7f585868d517
[ 78.109504][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 78.129382][ T5532] RSP: 002b:00007ffe1dbeec28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 78.137985][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f585868d517
[ 78.146076][ T5532] RDX: 00007ffe1dbeecf9 RSI: 000000000000000a RDI: 00007ffe1dbeecf0
[ 78.154473][ T5532] RBP: 00007ffe1dbeecf0 R08: 00000000ffffffff R09: 00007ffe1dbeeac0
[ 78.162530][ T5532] R10: 000055555704d8b3 R11: 0000000000000246 R12: 00007f58586e6b24
[ 78.170489][ T5532] R13: 00007ffe1dbefdb0 R14: 000055555704d810 R15: 00007ffe1dbefdf0
[ 78.178454][ T5532]
[ 78.181460][ T5532]
[ 78.184042][ T5532] Allocated by task 5595:
[ 78.188372][ T5532] kasan_set_track+0x3d/0x60
[ 78.192961][ T5532] __kasan_slab_alloc+0x65/0x70
[ 78.197898][ T5532] kmem_cache_alloc+0x1b3/0x350
[ 78.202740][ T5532] qd_alloc+0x51/0x250
[ 78.206799][ T5532] gfs2_quota_init+0x7c4/0x10e0
[ 78.211640][ T5532] gfs2_make_fs_rw+0x48e/0x590
[ 78.216501][ T5532] gfs2_fill_super+0x2357/0x2700
[ 78.221529][ T5532] get_tree_bdev+0x400/0x620
[ 78.226129][ T5532] gfs2_get_tree+0x50/0x210
[ 78.230632][ T5532] vfs_get_tree+0x88/0x270
[ 78.235036][ T5532] do_new_mount+0x289/0xad0
[ 78.239523][ T5532] __se_sys_mount+0x2d3/0x3c0
[ 78.244184][ T5532] do_syscall_64+0x3d/0xb0
[ 78.248590][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 78.254475][ T5532]
[ 78.256794][ T5532] Freed by task 15:
[ 78.260676][ T5532] kasan_set_track+0x3d/0x60
[ 78.265261][ T5532] kasan_save_free_info+0x27/0x40
[ 78.270268][ T5532] ____kasan_slab_free+0xd6/0x120
[ 78.275302][ T5532] slab_free_freelist_hook+0x12e/0x1a0
[ 78.280758][ T5532] kmem_cache_free+0x94/0x1d0
[ 78.285421][ T5532] rcu_core+0x9c1/0x1690
[ 78.289654][ T5532] __do_softirq+0x277/0x738
[ 78.294150][ T5532]
[ 78.296461][ T5532] Last potentially related work creation:
[ 78.302169][ T5532] kasan_save_stack+0x2b/0x50
[ 78.306836][ T5532] __kasan_record_aux_stack+0xb0/0xc0
[ 78.312193][ T5532] call_rcu+0x163/0xa70
[ 78.316342][ T5532] gfs2_quota_cleanup+0x457/0x6b0
[ 78.321368][ T5532] gfs2_make_fs_ro+0x517/0x610
[ 78.326120][ T5532] gfs2_withdraw+0x609/0x1540
[ 78.330806][ T5532] gfs2_inode_refresh+0xb2d/0xf60
[ 78.335854][ T5532] gfs2_instantiate+0x15e/0x220
[ 78.340815][ T5532] gfs2_glock_wait+0x1d9/0x2a0
[ 78.345599][ T5532] do_sync+0x47d/0xcd0
[ 78.349657][ T5532] gfs2_quota_sync+0x3da/0x8b0
[ 78.354441][ T5532] gfs2_sync_fs+0x49/0xb0
[ 78.358937][ T5532] sync_filesystem+0xe8/0x220
[ 78.363693][ T5532] generic_shutdown_super+0x6b/0x310
[ 78.369074][ T5532] kill_block_super+0x79/0xd0
[ 78.373733][ T5532] deactivate_locked_super+0xa7/0xf0
[ 78.379274][ T5532] cleanup_mnt+0x494/0x520
[ 78.383761][ T5532] task_work_run+0x243/0x300
[ 78.388428][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 78.393874][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 78.399496][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 78.404967][ T5532] do_syscall_64+0x49/0xb0
[ 78.409392][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 78.415623][ T5532]
[ 78.418013][ T5532] The buggy address belongs to the object at ffff888076f49000
[ 78.418013][ T5532] which belongs to the cache gfs2_quotad of size 272
[ 78.432125][ T5532] The buggy address is located 144 bytes inside of
[ 78.432125][ T5532] 272-byte region [ffff888076f49000, ffff888076f49110)
[ 78.445478][ T5532]
[ 78.447807][ T5532] The buggy address belongs to the physical page:
[ 78.454643][ T5532] page:ffffea0001dbd240 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76f49
[ 78.464995][ T5532] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 78.472552][ T5532] raw: 00fff00000000200 ffff88801935d000 dead000000000122 0000000000000000
[ 78.481335][ T5532] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 78.489940][ T5532] page dumped because: kasan: bad access detected
[ 78.496871][ T5532] page_owner tracks the page as allocated
[ 78.502656][ T5532] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5595, tgid 5594 (syz-executor.0), ts 77041741936, free_ts 76776536365
[ 78.524191][ T5532] get_page_from_freelist+0x742/0x7c0
[ 78.529557][ T5532] __alloc_pages+0x259/0x560
[ 78.534150][ T5532] alloc_slab_page+0xbd/0x190
[ 78.538913][ T5532] allocate_slab+0x5e/0x3c0
[ 78.543407][ T5532] ___slab_alloc+0x782/0xe20
[ 78.548074][ T5532] kmem_cache_alloc+0x268/0x350
[ 78.553368][ T5532] qd_alloc+0x51/0x250
[ 78.557429][ T5532] gfs2_quota_init+0x7c4/0x10e0
[ 78.562623][ T5532] gfs2_make_fs_rw+0x48e/0x590
[ 78.567382][ T5532] gfs2_fill_super+0x2357/0x2700
[ 78.572312][ T5532] get_tree_bdev+0x400/0x620
[ 78.576982][ T5532] gfs2_get_tree+0x50/0x210
[ 78.581472][ T5532] vfs_get_tree+0x88/0x270
[ 78.585874][ T5532] do_new_mount+0x289/0xad0
[ 78.590370][ T5532] __se_sys_mount+0x2d3/0x3c0
[ 78.595027][ T5532] do_syscall_64+0x3d/0xb0
[ 78.599527][ T5532] page last free stack trace:
[ 78.604180][ T5532] free_pcp_prepare+0x751/0x780
[ 78.609020][ T5532] free_unref_page+0x19/0x4c0
[ 78.613769][ T5532] __unfreeze_partials+0x1a5/0x1e0
[ 78.619060][ T5532] put_cpu_partial+0x106/0x170
[ 78.623852][ T5532] qlist_free_all+0x2b/0x70
[ 78.628354][ T5532] kasan_quarantine_reduce+0x156/0x170
[ 78.634344][ T5532] __kasan_slab_alloc+0x1f/0x70
[ 78.640495][ T5532] kmem_cache_alloc+0x1b3/0x350
[ 78.645332][ T5532] getname_flags+0xb8/0x4e0
[ 78.649820][ T5532] do_sys_openat2+0xba/0x4e0
[ 78.654410][ T5532] __x64_sys_openat+0x243/0x290
[ 78.659598][ T5532] do_syscall_64+0x3d/0xb0
[ 78.664001][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 78.669885][ T5532]
[ 78.672214][ T5532] Memory state around the buggy address:
[ 78.677839][ T5532] ffff888076f48f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.685929][ T5532] ffff888076f49000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 78.694081][ T5532] >ffff888076f49080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 78.702148][ T5532] ^
[ 78.706726][ T5532] ffff888076f49100: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.715215][ T5532] ffff888076f49180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.723477][ T5532] ==================================================================
[ 78.735986][ T5070] Bluetooth: hci0: command 0x041b tx timeout
[ 78.742311][ T5532] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 78.749694][ T5532] CPU: 1 PID: 5532 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
[ 78.759087][ T5532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 78.770117][ T5532] Call Trace:
[ 78.773497][ T5532]
[ 78.776524][ T5532] dump_stack_lvl+0x1b1/0x290
[ 78.781491][ T5532] ? nf_tcp_handle_invalid+0x630/0x630
[ 78.786961][ T5532] ? panic+0x710/0x710
[ 78.791058][ T5532] ? lock_release+0x81/0x820
[ 78.795748][ T5532] ? vscnprintf+0x59/0x80
[ 78.800266][ T5532] panic+0x2d6/0x710
[ 78.804183][ T5532] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 78.810362][ T5532] ? check_panic_on_warn+0x1d/0xa0
[ 78.815849][ T5532] ? memcpy_page_flushcache+0x100/0x100
[ 78.821603][ T5532] ? _raw_spin_unlock_irqrestore+0x110/0x120
[ 78.827631][ T5532] ? _raw_spin_unlock+0x40/0x40
[ 78.832854][ T5532] ? print_report+0x1b4/0x1f0
[ 78.837564][ T5532] check_panic_on_warn+0x80/0xa0
[ 78.842622][ T5532] ? qd_unlock+0x30/0x2d0
[ 78.847495][ T5532] end_report+0x47/0x90
[ 78.851670][ T5532] kasan_report+0xda/0x100
[ 78.856452][ T5532] ? qd_unlock+0x30/0x2d0
[ 78.860896][ T5532] kasan_check_range+0x2a7/0x2e0
[ 78.865867][ T5532] qd_unlock+0x30/0x2d0
[ 78.870050][ T5532] gfs2_quota_sync+0x768/0x8b0
[ 78.874843][ T5532] gfs2_sync_fs+0x49/0xb0
[ 78.879194][ T5532] sync_filesystem+0xe8/0x220
[ 78.884010][ T5532] generic_shutdown_super+0x6b/0x310
[ 78.889419][ T5532] kill_block_super+0x79/0xd0
[ 78.894436][ T5532] deactivate_locked_super+0xa7/0xf0
[ 78.899782][ T5532] cleanup_mnt+0x494/0x520
[ 78.904218][ T5532] ? lockdep_hardirqs_on+0x8d/0x130
[ 78.909434][ T5532] task_work_run+0x243/0x300
[ 78.914078][ T5532] ? task_work_cancel+0x290/0x290
[ 78.919375][ T5532] ? exit_to_user_mode_loop+0x42/0x150
[ 78.924869][ T5532] exit_to_user_mode_loop+0x124/0x150
[ 78.930271][ T5532] exit_to_user_mode_prepare+0xb2/0x140
[ 78.935931][ T5532] syscall_exit_to_user_mode+0x26/0x60
[ 78.941870][ T5532] do_syscall_64+0x49/0xb0
[ 78.946324][ T5532] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 78.952411][ T5532] RIP: 0033:0x7f585868d517
[ 78.956934][ T5532] Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 78.976993][ T5532] RSP: 002b:00007ffe1dbeec28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 78.986131][ T5532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f585868d517
[ 78.994118][ T5532] RDX: 00007ffe1dbeecf9 RSI: 000000000000000a RDI: 00007ffe1dbeecf0
[ 79.002278][ T5532] RBP: 00007ffe1dbeecf0 R08: 00000000ffffffff R09: 00007ffe1dbeeac0
[ 79.010262][ T5532] R10: 000055555704d8b3 R11: 0000000000000246 R12: 00007f58586e6b24
[ 79.018336][ T5532] R13: 00007ffe1dbefdb0 R14: 000055555704d810 R15: 00007ffe1dbefdf0
[ 79.026424][ T5532]
[ 79.029850][ T5532] Kernel Offset: disabled
[ 79.034179][ T5532] Rebooting in 86400 seconds..