Warning: Permanently added '10.128.0.75' (ED25519) to the list of known hosts.
2025/11/25 20:16:42 parsed 1 programs
[   56.198820][ T4187] cgroup: Unknown subsys name 'net'
[   56.337721][ T4187] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   57.568615][ T4187] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   59.088188][ T1247] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.096714][ T1247] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.107385][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.127314][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.135321][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.144245][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.019505][ T4274] chnl_net:caif_netlink_parms(): no params data found
[   61.057255][ T4274] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.064994][ T4274] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.072887][ T4274] device bridge_slave_0 entered promiscuous mode
[   61.081621][ T4274] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.088784][ T4274] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.096495][ T4274] device bridge_slave_1 entered promiscuous mode
[   61.115881][ T4274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.126524][ T4274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.147864][ T4274] team0: Port device team_slave_0 added
[   61.154879][ T4274] team0: Port device team_slave_1 added
[   61.170963][ T4274] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.178099][ T4274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.204011][ T4274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.216261][ T4274] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.223345][ T4274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.249676][ T4274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.277486][ T4274] device hsr_slave_0 entered promiscuous mode
[   61.284718][ T4274] device hsr_slave_1 entered promiscuous mode
[   61.363272][ T4274] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.375188][ T4274] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.383867][ T4274] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.393561][ T4274] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.417002][ T4274] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.424181][ T4274] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.432288][ T4274] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.439363][ T4274] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.496020][ T4274] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.510929][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.519986][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.529232][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.545074][ T4274] 8021q: adding VLAN 0 to HW filter on device team0
[   61.573700][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.582938][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   61.591321][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.598398][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.609895][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.618869][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   61.627292][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.634349][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.661349][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   61.674209][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   61.685508][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   61.695067][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   61.703578][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   61.731624][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   61.741555][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   61.753674][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   61.763015][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   61.776532][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   61.785291][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   61.795667][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   61.894052][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   61.901526][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   61.914151][ T4274] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.929647][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   61.939050][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   61.971923][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   61.980509][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.989383][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.997524][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.008169][ T4274] device veth0_vlan entered promiscuous mode
[   62.030901][ T4274] device veth1_vlan entered promiscuous mode
[   62.049705][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   62.058234][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.067047][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.075589][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.087051][ T4274] device veth0_macvtap entered promiscuous mode
[   62.097888][ T4274] device veth1_macvtap entered promiscuous mode
[   62.128798][ T4274] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.137198][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.146275][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.154272][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.163613][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.175813][ T4274] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.185427][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.194329][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.204892][ T4274] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.214683][ T4274] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.223589][ T4274] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.232927][ T4274] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.343434][ T4274] syz-executor (4274) used greatest stack depth: 20448 bytes left
2025/11/25 20:16:50 executed programs: 0
[   62.944112][ T4297] chnl_net:caif_netlink_parms(): no params data found
[   63.000195][ T4297] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.007425][ T4297] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.015872][ T4297] device bridge_slave_0 entered promiscuous mode
[   63.024925][ T4297] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.032497][ T4297] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.040570][ T4297] device bridge_slave_1 entered promiscuous mode
[   63.068810][ T4297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.082512][ T4297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.114052][ T4297] team0: Port device team_slave_0 added
[   63.121896][ T4297] team0: Port device team_slave_1 added
[   63.158942][ T4297] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.168181][ T4297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.197479][ T4297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.210354][ T4297] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.219993][ T4297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.248674][ T4297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.290978][ T4297] device hsr_slave_0 entered promiscuous mode
[   63.298151][ T4297] device hsr_slave_1 entered promiscuous mode
[   63.310160][ T4297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.318506][ T4297] Cannot create hsr debugfs directory
[   63.417140][ T4297] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.822660][ T4306] Bluetooth: hci0: command 0x0409 tx timeout
[   66.198646][ T4297] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.903337][ T4306] Bluetooth: hci0: command 0x041b tx timeout
[   67.377556][ T4297] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.428985][ T4297] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   67.567354][ T4297] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   67.576653][ T4297] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   67.592842][ T4297] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   67.601329][ T4297] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   67.654229][ T4297] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.667125][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.674960][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.686155][ T4297] 8021q: adding VLAN 0 to HW filter on device team0
[   67.704962][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   67.713850][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   67.723478][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.730528][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.739626][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   67.759079][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   67.768024][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   67.776828][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.783927][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.803879][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   67.812901][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   67.821403][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   67.830912][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   67.840346][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   67.849022][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   67.857609][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   67.866047][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   67.874803][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   67.886094][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   67.894697][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   67.911906][ T4297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   67.949039][ T1208] device hsr_slave_0 left promiscuous mode
[   67.956857][ T1208] device hsr_slave_1 left promiscuous mode
[   67.963879][ T1208] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   67.971298][ T1208] batman_adv: batadv0: Removing interface: batadv_slave_0
[   67.979971][ T1208] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.987685][ T1208] batman_adv: batadv0: Removing interface: batadv_slave_1
[   67.995681][ T1208] device bridge_slave_1 left promiscuous mode
[   68.002591][ T1208] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.016694][ T1208] device bridge_slave_0 left promiscuous mode
[   68.023146][ T1208] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.038630][ T1208] device veth1_macvtap left promiscuous mode
[   68.045112][ T1208] device veth0_macvtap left promiscuous mode
[   68.051164][ T1208] device veth1_vlan left promiscuous mode
[   68.058276][ T1208] device veth0_vlan left promiscuous mode
[   68.183246][ T1208] team0 (unregistering): Port device team_slave_1 removed
[   68.197977][ T1208] team0 (unregistering): Port device team_slave_0 removed
[   68.210829][ T1208] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   68.224968][ T1208] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   68.274493][ T1208] bond0 (unregistering): Released all slaves
[   68.400847][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   68.408915][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   68.420303][ T4297] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.459063][ T4297] device veth0_vlan entered promiscuous mode
[   68.467550][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   68.476444][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.485183][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   68.493351][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.501780][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.511806][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.525464][ T4297] device veth1_vlan entered promiscuous mode
[   68.546844][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   68.555698][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   68.563952][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   68.572494][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   68.583152][ T4297] device veth0_macvtap entered promiscuous mode
[   68.599570][ T4297] device veth1_macvtap entered promiscuous mode
[   68.617199][ T4297] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.626487][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   68.634765][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   68.643062][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   68.651633][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   68.661192][ T4297] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.670147][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   68.678914][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   68.690179][ T4297] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.699483][ T4297] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.708251][ T4297] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.717428][ T4297] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.784771][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.803413][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.812452][ T1247] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   68.836092][ T1247] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.845991][ T1247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.856688][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   68.982727][ T4269] Bluetooth: hci0: command 0x040f tx timeout
[   69.211475][ T4319] loop0: detected capacity change from 0 to 32768
[   69.235309][ T4319] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   69.248496][ T4319] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   69.307688][ T4319] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   69.318991][ T4269] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   69.327627][ T4269] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   69.359163][ T4269] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 31ms
[   69.369002][ T4269] gfs2: fsid=syz:syz.0: jid=0: Done
[   69.375863][ T4319] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   69.505161][ T4319] gfs2: fsid=syz:syz.0: found 1 quota changes
[   69.535979][ T4297] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[   69.535979][ T4297]   inode = 11 2339
[   69.535979][ T4297]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[   69.573492][ T4297] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   69.599740][ T4297] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[   69.627573][ T4297] CPU: 0 PID: 4297 Comm: syz-executor Not tainted syzkaller #0
[   69.635170][ T4297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.645251][ T4297] Call Trace:
[   69.648535][ T4297]  <TASK>
[   69.651461][ T4297]  dump_stack_lvl+0x168/0x230
[   69.656155][ T4297]  ? show_regs_print_info+0x20/0x20
[   69.661369][ T4297]  ? load_image+0x3b0/0x3b0
[   69.665883][ T4297]  ? __lock_acquire+0x7c60/0x7c60
[   69.670912][ T4297]  ? do_raw_spin_unlock+0x11d/0x230
[   69.676116][ T4297]  gfs2_assert_warn_i+0x18f/0x2c0
[   69.681153][ T4297]  gfs2_quota_cleanup+0x4b4/0x6a0
[   69.686184][ T4297]  gfs2_make_fs_ro+0x237/0x5d0
[   69.690953][ T4297]  ? gfs2_dinode_out+0xb00/0xb00
[   69.695886][ T4297]  ? _raw_spin_unlock+0x24/0x40
[   69.700732][ T4297]  ? gfs2_glock_nq+0xcb0/0x1550
[   69.705604][ T4297]  gfs2_withdraw+0x5f9/0x1460
[   69.710299][ T4297]  ? gfs2_lm+0x220/0x220
[   69.714545][ T4297]  ? __schedule+0x11c3/0x4390
[   69.719224][ T4297]  ? gfs2_freeze_lock+0x52/0xc0
[   69.724072][ T4297]  ? gfs2_consist_inode_i+0xc0/0xe0
[   69.729274][ T4297]  gfs2_inode_refresh+0xb5e/0xfe0
[   69.734325][ T4297]  ? do_promote+0x71a/0xab0
[   69.738843][ T4297]  ? gfs2_inode_metasync+0xf0/0xf0
[   69.743951][ T4297]  ? __lock_acquire+0x7c60/0x7c60
[   69.748983][ T4297]  inode_go_lock+0x127/0x470
[   69.753573][ T4297]  do_promote+0x741/0xab0
[   69.757905][ T4297]  finish_xmote+0x514/0xb70
[   69.762396][ T4297]  do_xmote+0x7b6/0x1120
[   69.766632][ T4297]  gfs2_glock_nq+0xc7a/0x1550
[   69.771304][ T4297]  do_sync+0x486/0xc00
[   69.775456][ T4297]  ? slot_put+0x1e0/0x1e0
[   69.779776][ T4297]  ? do_sync+0x47e/0xc00
[   69.784007][ T4297]  ? do_raw_spin_unlock+0x11d/0x230
[   69.789192][ T4297]  gfs2_quota_sync+0x32c/0x6f0
[   69.793948][ T4297]  gfs2_sync_fs+0x48/0xb0
[   69.798262][ T4297]  sync_filesystem+0xe6/0x220
[   69.802928][ T4297]  generic_shutdown_super+0x6b/0x300
[   69.808285][ T4297]  kill_block_super+0x7c/0xe0
[   69.812952][ T4297]  deactivate_locked_super+0x93/0xf0
[   69.818246][ T4297]  cleanup_mnt+0x418/0x4d0
[   69.822656][ T4297]  ? lockdep_hardirqs_on+0x94/0x140
[   69.827839][ T4297]  task_work_run+0x125/0x1a0
[   69.832418][ T4297]  exit_to_user_mode_loop+0x10f/0x130
[   69.837776][ T4297]  exit_to_user_mode_prepare+0xee/0x180
[   69.843340][ T4297]  syscall_exit_to_user_mode+0x16/0x40
[   69.848784][ T4297]  do_syscall_64+0x58/0xa0
[   69.853184][ T4297]  ? clear_bhb_loop+0x30/0x80
[   69.857934][ T4297]  ? clear_bhb_loop+0x30/0x80
[   69.862594][ T4297]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   69.868480][ T4297] RIP: 0033:0x7f1bf35c2a77
[   69.872878][ T4297] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   69.892821][ T4297] RSP: 002b:00007ffc572a1788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   69.901220][ T4297] RAX: 0000000000000000 RBX: 00007f1bf3645d7d RCX: 00007f1bf35c2a77
[   69.909186][ T4297] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc572a1840
[   69.917139][ T4297] RBP: 00007ffc572a1840 R08: 0000000000000000 R09: 0000000000000000
[   69.925094][ T4297] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc572a28d0
[   69.933047][ T4297] R13: 00007f1bf3645d7d R14: 0000000000010d15 R15: 00007ffc572a2910
[   69.941012][ T4297]  </TASK>
[   69.956367][ T4297] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   69.965967][ T4297] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   69.976406][ T4297] gfs2: fsid=syz:syz.0: File system withdrawn
[   69.983315][ T4297] CPU: 1 PID: 4297 Comm: syz-executor Not tainted syzkaller #0
[   69.990873][ T4297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   70.000937][ T4297] Call Trace:
[   70.004482][ T4297]  <TASK>
[   70.007417][ T4297]  dump_stack_lvl+0x168/0x230
[   70.012104][ T4297]  ? kobject_uevent_env+0x371/0x890
[   70.017309][ T4297]  ? show_regs_print_info+0x20/0x20
[   70.022507][ T4297]  ? load_image+0x3b0/0x3b0
[   70.027007][ T4297]  ? kobject_uevent_env+0x371/0x890
[   70.032206][ T4297]  ? lockref_put_or_lock+0x6e/0xb0
[   70.037323][ T4297]  gfs2_withdraw+0x111b/0x1460
[   70.042095][ T4297]  ? gfs2_lm+0x220/0x220
[   70.046335][ T4297]  ? __schedule+0x11c3/0x4390
[   70.051027][ T4297]  ? gfs2_consist_inode_i+0xc0/0xe0
[   70.056234][ T4297]  gfs2_inode_refresh+0xb5e/0xfe0
[   70.061264][ T4297]  ? do_promote+0x71a/0xab0
[   70.065771][ T4297]  ? gfs2_inode_metasync+0xf0/0xf0
[   70.070890][ T4297]  ? __lock_acquire+0x7c60/0x7c60
[   70.075930][ T4297]  inode_go_lock+0x127/0x470
[   70.080534][ T4297]  do_promote+0x741/0xab0
[   70.084876][ T4297]  finish_xmote+0x514/0xb70
[   70.089390][ T4297]  do_xmote+0x7b6/0x1120
[   70.093648][ T4297]  gfs2_glock_nq+0xc7a/0x1550
[   70.098344][ T4297]  do_sync+0x486/0xc00
[   70.102427][ T4297]  ? slot_put+0x1e0/0x1e0
[   70.106763][ T4297]  ? do_sync+0x47e/0xc00
[   70.111017][ T4297]  ? do_raw_spin_unlock+0x11d/0x230
[   70.116221][ T4297]  gfs2_quota_sync+0x32c/0x6f0
[   70.121001][ T4297]  gfs2_sync_fs+0x48/0xb0
[   70.125330][ T4297]  sync_filesystem+0xe6/0x220
[   70.130007][ T4297]  generic_shutdown_super+0x6b/0x300
[   70.135294][ T4297]  kill_block_super+0x7c/0xe0
[   70.139973][ T4297]  deactivate_locked_super+0x93/0xf0
[   70.145260][ T4297]  cleanup_mnt+0x418/0x4d0
[   70.149685][ T4297]  ? lockdep_hardirqs_on+0x94/0x140
[   70.154888][ T4297]  task_work_run+0x125/0x1a0
[   70.159486][ T4297]  exit_to_user_mode_loop+0x10f/0x130
[   70.164865][ T4297]  exit_to_user_mode_prepare+0xee/0x180
[   70.170414][ T4297]  syscall_exit_to_user_mode+0x16/0x40
[   70.175878][ T4297]  do_syscall_64+0x58/0xa0
[   70.180304][ T4297]  ? clear_bhb_loop+0x30/0x80
[   70.184997][ T4297]  ? clear_bhb_loop+0x30/0x80
[   70.189682][ T4297]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   70.195582][ T4297] RIP: 0033:0x7f1bf35c2a77
[   70.200004][ T4297] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   70.219615][ T4297] RSP: 002b:00007ffc572a1788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   70.228130][ T4297] RAX: 0000000000000000 RBX: 00007f1bf3645d7d RCX: 00007f1bf35c2a77
[   70.236108][ T4297] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc572a1840
[   70.244094][ T4297] RBP: 00007ffc572a1840 R08: 0000000000000000 R09: 0000000000000000
[   70.252069][ T4297] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc572a28d0
[   70.260044][ T4297] R13: 00007f1bf3645d7d R14: 0000000000010d15 R15: 00007ffc572a2910
[   70.268037][ T4297]  </TASK>
[   70.282796][ T4297] ==================================================================
[   70.291093][ T4297] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[   70.297792][ T4297] Read of size 8 at addr ffff88806ef5b090 by task syz-executor/4297
[   70.305777][ T4297] 
[   70.308109][ T4297] CPU: 1 PID: 4297 Comm: syz-executor Not tainted syzkaller #0
[   70.315667][ T4297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   70.325725][ T4297] Call Trace:
[   70.329004][ T4297]  <TASK>
[   70.331939][ T4297]  dump_stack_lvl+0x168/0x230
[   70.336631][ T4297]  ? show_regs_print_info+0x20/0x20
[   70.341826][ T4297]  ? _printk+0xcc/0x110
[   70.346078][ T4297]  ? load_image+0x3b0/0x3b0
[   70.350593][ T4297]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[   70.355985][ T4297]  print_address_description+0x60/0x2d0
[   70.361536][ T4297]  ? qd_unlock+0x30/0x2d0
[   70.365869][ T4297]  kasan_report+0xdf/0x130
[   70.370300][ T4297]  ? qd_unlock+0x30/0x2d0
[   70.374649][ T4297]  kasan_check_range+0x27b/0x290
[   70.379612][ T4297]  qd_unlock+0x30/0x2d0