syzbot

 sign-in | mailing list | source | docs
🐞 Open [914]
🐞 Fixed [143]
🐞 Invalid [1119]
Missing Backports [73]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

WARNING: locking bug in gfs2_quotad

Status: upstream: reported on 2026/01/30 04:46
Reported-by: syzbot+2f84a38870fecbe1ad2c@syzkaller.appspotmail.com
First crash: 117d, last: 34d
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 WARNING: locking bug in gfs2_quotad (2) 4 1 39d 39d 0/3 upstream: reported on 2026/04/18 05:34
linux-5.15 WARNING: locking bug in gfs2_quotad 4 1 156d 156d 0/3 auto-obsoleted due to no activity on 2026/04/01 14:07

Sample crash report:
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(!test_bit(class_idx, lock_classes_in_use))
WARNING: CPU: 0 PID: 4793 at kernel/locking/lockdep.c:5019 __lock_acquire+0x1954/0x6800 kernel/locking/lockdep.c:-1
Modules linked in:
CPU: 0 PID: 4793 Comm: gfs2_quotad Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : __lock_acquire+0x1954/0x6800 kernel/locking/lockdep.c:-1
lr : __lock_acquire+0x1950/0x6800 kernel/locking/lockdep.c:5019
sp : ffff800021097940
x29: ffff800021097b50 x28: dfff800000000000 x27: 0000000000000001
x26: ffff0000d457a638 x25: ffff0000d457a630 x24: ffffffffffffffff
x23: 0000000000000000 x22: ffff0000d457a658 x21: ffff0000d4579bc0
x20: 0000000000000000 x19: dfff800000000000 x18: ffff800011b9bf60
x17: 1fffe00033ea637e x16: ffff8000082eef80 x15: 0000000000000000
x14: 0000000000000001 x13: 1fffe00033ea63a3 x12: 0000000000ff0100
x11: ff00800008194250 x10: 0000000000000000 x9 : 4c0f9c3584e94e00
x8 : 4c0f9c3584e94e00 x7 : 4e5241575f534b43 x6 : ffff80000830e840
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000085388c8
x2 : 0000000000000001 x1 : 0000000100000001 x0 : 0000000000000000
Call trace:
 __lock_acquire+0x1954/0x6800 kernel/locking/lockdep.c:-1
 lock_acquire+0x20c/0x63c kernel/locking/lockdep.c:5662
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x6c/0xb0 kernel/locking/spinlock.c:162
 finish_wait+0xc8/0x1ac kernel/sched/wait.c:410
 gfs2_quotad+0x390/0x500 fs/gfs2/quota.c:1579
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850
irq event stamp: 4554
hardirqs last  enabled at (4553): [<ffff80000a8e2c88>] __free_object+0x1e0/0x894 lib/debugobjects.c:355
hardirqs last disabled at (4554): [<ffff800011b23c28>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (4554): [<ffff800011b23c28>] _raw_spin_lock_irqsave+0xa4/0xb0 kernel/locking/spinlock.c:162
softirqs last  enabled at (4502): [<ffff8000081ac394>] softirq_handle_end kernel/softirq.c:439 [inline]
softirqs last  enabled at (4502): [<ffff8000081ac394>] handle_softirqs+0xaec/0xc60 kernel/softirq.c:624
softirqs last disabled at (4327): [<ffff800008020164>] __do_softirq+0x14/0x20 kernel/softirq.c:630
---[ end trace 0000000000000000 ]---
================================================================================
UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:131:9
index 1826 is out of range for type 'unsigned long[8]'
CPU: 0 PID: 4793 Comm: gfs2_quotad Tainted: G        W          syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call trace:
 dump_backtrace+0x1c0/0x1ec arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf4/0x15c lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 ubsan_epilogue+0x14/0x48 lib/ubsan.c:151
 __ubsan_handle_out_of_bounds+0xd0/0xf8 lib/ubsan.c:282
 decode_tail kernel/locking/qspinlock.c:131 [inline]
 queued_spin_lock_slowpath+0x8a8/0xc18 kernel/locking/qspinlock.c:471
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x2f4/0x2f8 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x74/0xb0 kernel/locking/spinlock.c:162
 finish_wait+0xc8/0x1ac kernel/sched/wait.c:410
 gfs2_quotad+0x390/0x500 fs/gfs2/quota.c:1579
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850
================================================================================
Unable to handle kernel paging request at virtual address ffff800015189f80
KASAN: probably user-memory-access in range [0x00000000a8c4fc00-0x00000000a8c4fc07]
Mem abort info:
  ESR = 0x0000000096000047
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x07: level 3 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000047
  CM = 0, WnR = 1
swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000002229cd000
[ffff800015189f80] pgd=100000023ffff003, p4d=100000023ffff003, pud=100000023fffe003, pmd=100000023fffa003, pte=0000000000000000
Internal error: Oops: 0000000096000047 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 4793 Comm: gfs2_quotad Tainted: G        W          syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : queued_spin_lock_slowpath+0x598/0xc18 kernel/locking/qspinlock.c:474
lr : decode_tail kernel/locking/qspinlock.c:131 [inline]
lr : queued_spin_lock_slowpath+0x8a8/0xc18 kernel/locking/qspinlock.c:471
sp : ffff800021097a80
x29: ffff800021097b20 x28: ffff800015189f80 x27: 1fffe000192e0173
x26: ffff800015220f40 x25: 1fffe00033ea8bf0 x24: dfff800000000000
x23: ffff700004212f54 x22: ffff00019f545f88 x21: ffff800015189f80
x20: ffff00019f545f80 x19: ffff0000c9700b98 x18: ffff800011b9bf60
x17: 3d3d3d3d3d3d3d3d x16: ffff800008193848 x15: 3d3d3d3d3d3d3d3d
x14: ffff700002fc1cbc x13: 1ffff00002fc1cbc x12: 0000000000ff0100
x11: ff008000081938cc x10: ffff800015189f80 x9 : 0000000000000000
x8 : 0000000000000000 x7 : 3d3d3d3d3d3d3d3d x6 : ffff80000830e840
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800008193894
x2 : 0000000000000001 x1 : 0000000000000004 x0 : ffff00019f545f88
Call trace:
 queued_spin_lock_slowpath+0x598/0xc18 kernel/locking/qspinlock.c:477
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x2f4/0x2f8 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x74/0xb0 kernel/locking/spinlock.c:162
 finish_wait+0xc8/0x1ac kernel/sched/wait.c:410
 gfs2_quotad+0x390/0x500 fs/gfs2/quota.c:1579
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850
Code: aa1503e0 979340e9 aa1603e0 52800081 (f90002b4) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	aa1503e0 	mov	x0, x21
   4:	979340e9 	bl	0xfffffffffe4d03a8
   8:	aa1603e0 	mov	x0, x22
   c:	52800081 	mov	w1, #0x4                   	// #4
* 10:	f90002b4 	str	x20, [x21] <-- trapping instruction

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/23 17:24 linux-6.1.y 7c87defbd336 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: locking bug in gfs2_quotad
2026/04/23 03:40 linux-6.1.y 7c87defbd336 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: locking bug in gfs2_quotad
2026/03/06 16:33 linux-6.1.y f2ddafa93a25 41d8037d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: locking bug in gfs2_quotad
2026/01/30 04:46 linux-6.1.y cd9b81672742 bfa73b7b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING: locking bug in gfs2_quotad
* Struck through repros no longer work on HEAD.