Warning: Permanently added '10.128.1.78' (ED25519) to the list of known hosts.
2026/01/08 01:23:02 parsed 1 programs
[ 62.823280][ T4188] cgroup: Unknown subsys name 'net'
[ 62.962524][ T4188] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 64.398697][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 67.577006][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 67.589536][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 67.607324][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 67.624029][ T3081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 67.632927][ T3081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 67.642194][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 67.900503][ T4268] chnl_net:caif_netlink_parms(): no params data found
[ 67.943655][ T4268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 67.951203][ T4268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 67.959099][ T4268] device bridge_slave_0 entered promiscuous mode
[ 67.968357][ T4268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 67.975452][ T4268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 67.983360][ T4268] device bridge_slave_1 entered promiscuous mode
[ 68.004518][ T4268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 68.015496][ T4268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 68.039556][ T4268] team0: Port device team_slave_0 added
[ 68.047596][ T4268] team0: Port device team_slave_1 added
[ 68.066276][ T4268] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 68.073272][ T4268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 68.099373][ T4268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 68.112118][ T4268] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 68.119093][ T4268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 68.145021][ T4268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 68.175926][ T4268] device hsr_slave_0 entered promiscuous mode
[ 68.182894][ T4268] device hsr_slave_1 entered promiscuous mode
[ 68.273030][ T4268] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 68.303075][ T4268] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 68.312516][ T4268] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 68.322478][ T4268] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 68.370814][ T4268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 68.378053][ T4268] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 68.386042][ T4268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 68.393137][ T4268] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 68.457671][ T4268] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.491673][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 68.500852][ T155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 68.509504][ T155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 68.522379][ T4268] 8021q: adding VLAN 0 to HW filter on device team0
[ 68.538330][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 68.547183][ T155] bridge0: port 1(bridge_slave_0) entered blocking state
[ 68.554292][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 68.564509][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 68.573840][ T155] bridge0: port 2(bridge_slave_1) entered blocking state
[ 68.580983][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 68.604738][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 68.616605][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 68.629209][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 68.638697][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 68.648008][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 68.659233][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 68.669170][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 68.680839][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 68.689861][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 68.721585][ T4268] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 68.733328][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 68.741606][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 68.750335][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 68.853212][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 68.860932][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 68.872936][ T4268] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 68.890739][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 68.899813][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 68.930370][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 68.939279][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 68.950814][ T4268] device veth0_vlan entered promiscuous mode
[ 68.964484][ T4268] device veth1_vlan entered promiscuous mode
[ 68.972090][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 68.980629][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 68.988673][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 69.027598][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 69.036076][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 69.044478][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 69.058055][ T4268] device veth0_macvtap entered promiscuous mode
[ 69.071527][ T4268] device veth1_macvtap entered promiscuous mode
[ 69.089458][ T4268] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 69.097261][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 69.105528][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 69.122364][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 69.133055][ T3081] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 69.147688][ T4268] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 69.157931][ T4268] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.166875][ T4268] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.176997][ T4268] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.186367][ T4268] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.197313][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 69.207667][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/01/08 01:23:11 executed programs: 0
[ 70.027343][ T4296] chnl_net:caif_netlink_parms(): no params data found
[ 70.083936][ T4296] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.091988][ T4296] bridge0: port 1(bridge_slave_0) entered disabled state
[ 70.101523][ T4296] device bridge_slave_0 entered promiscuous mode
[ 70.113705][ T4296] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.121250][ T4296] bridge0: port 2(bridge_slave_1) entered disabled state
[ 70.129545][ T4296] device bridge_slave_1 entered promiscuous mode
[ 70.161801][ T4296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 70.174376][ T4296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 70.208461][ T4296] team0: Port device team_slave_0 added
[ 70.216725][ T4296] team0: Port device team_slave_1 added
[ 70.238442][ T4296] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 70.245904][ T4296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 70.272745][ T4296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 70.285413][ T4296] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 70.293729][ T4296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 70.321057][ T4296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 70.360828][ T4296] device hsr_slave_0 entered promiscuous mode
[ 70.368987][ T4296] device hsr_slave_1 entered promiscuous mode
[ 70.376824][ T4296] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 70.384743][ T4296] Cannot create hsr debugfs directory
[ 70.467136][ T4296] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.208715][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.215229][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.916539][ T4262] Bluetooth: hci0: command 0x0409 tx timeout
[ 73.163279][ T4296] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.996075][ T4262] Bluetooth: hci0: command 0x041b tx timeout
[ 74.491696][ T4296] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 74.552077][ T4296] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 74.780410][ T4296] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 74.790547][ T4296] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 74.799825][ T4296] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 74.820065][ T4296] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 74.879497][ T4296] 8021q: adding VLAN 0 to HW filter on device bond0
[ 74.891830][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 74.899848][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 74.910107][ T4296] 8021q: adding VLAN 0 to HW filter on device team0
[ 74.934551][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 74.943533][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 74.952615][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.959723][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 74.968345][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 74.980973][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 74.989895][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 74.998471][ T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.005530][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.027298][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 75.038557][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 75.048011][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 75.057472][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 75.068046][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 75.085452][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 75.094798][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 75.106436][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 75.114693][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 75.134198][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 75.143190][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 75.155191][ T4296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 75.168505][ T9] device hsr_slave_0 left promiscuous mode
[ 75.175076][ T9] device hsr_slave_1 left promiscuous mode
[ 75.184517][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 75.192307][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 75.201223][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 75.209008][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 75.217037][ T9] device bridge_slave_1 left promiscuous mode
[ 75.223999][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.238761][ T9] device bridge_slave_0 left promiscuous mode
[ 75.245061][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.263272][ T9] device veth1_macvtap left promiscuous mode
[ 75.269561][ T9] device veth0_macvtap left promiscuous mode
[ 75.276694][ T9] device veth1_vlan left promiscuous mode
[ 75.282604][ T9] device veth0_vlan left promiscuous mode
[ 75.430563][ T9] team0 (unregistering): Port device team_slave_1 removed
[ 75.442757][ T9] team0 (unregistering): Port device team_slave_0 removed
[ 75.456127][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 75.470595][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 75.529016][ T9] bond0 (unregistering): Released all slaves
[ 75.711133][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 75.718786][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 75.734261][ T4296] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.761864][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 75.770815][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 75.789540][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 75.798230][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 75.810073][ T4296] device veth0_vlan entered promiscuous mode
[ 75.818103][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 75.831119][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 75.844860][ T4296] device veth1_vlan entered promiscuous mode
[ 75.865293][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 75.873875][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 75.882519][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 75.891821][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 75.903018][ T4296] device veth0_macvtap entered promiscuous mode
[ 75.915987][ T4296] device veth1_macvtap entered promiscuous mode
[ 75.933147][ T4296] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 75.941592][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 75.950545][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 75.962329][ T4296] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 75.972824][ T4296] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.981939][ T4296] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.990895][ T4296] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.999879][ T4296] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.011967][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 76.021423][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 76.074087][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.077061][ T4190] Bluetooth: hci0: command 0x040f tx timeout
[ 76.090157][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.109414][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 76.125532][ T4314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.133926][ T4314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.144272][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 76.518170][ T4315] loop0: detected capacity change from 0 to 32768
[ 76.546737][ T4315] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 76.555113][ T4315] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 76.597612][ T4315] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 76.616114][ T4190] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 76.623067][ T4190] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 76.674086][ T4190] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 51ms
[ 76.682843][ T4190] gfs2: fsid=syz:syz.0: jid=0: Done
[ 76.690584][ T4315] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 76.799497][ T4315] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 76.837523][ T4296] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 76.837523][ T4296] inode = 11 2339
[ 76.837523][ T4296] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 76.865457][ T4296] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 76.905882][ T4296] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 76.933994][ T4296] CPU: 1 PID: 4296 Comm: syz-executor Not tainted syzkaller #0
[ 76.941668][ T4296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 76.951782][ T4296] Call Trace:
[ 76.955079][ T4296]
[ 76.958025][ T4296] dump_stack_lvl+0x168/0x230
[ 76.962749][ T4296] ? show_regs_print_info+0x20/0x20
[ 76.967976][ T4296] ? load_image+0x3b0/0x3b0
[ 76.972492][ T4296] ? __lock_acquire+0x7c60/0x7c60
[ 76.977528][ T4296] ? do_raw_spin_unlock+0x11d/0x230
[ 76.982751][ T4296] gfs2_assert_warn_i+0x18f/0x2c0
[ 76.987812][ T4296] gfs2_quota_cleanup+0x4b4/0x6a0
[ 76.992873][ T4296] gfs2_make_fs_ro+0x237/0x5d0
[ 76.997665][ T4296] ? gfs2_dinode_out+0xb00/0xb00
[ 77.002616][ T4296] ? _raw_spin_unlock+0x24/0x40
[ 77.007497][ T4296] ? gfs2_glock_nq+0xcb0/0x1550
[ 77.012396][ T4296] gfs2_withdraw+0x5f9/0x1460
[ 77.017106][ T4296] ? gfs2_lm+0x220/0x220
[ 77.021359][ T4296] ? __schedule+0x11c3/0x4390
[ 77.026053][ T4296] ? gfs2_freeze_lock+0x52/0xc0
[ 77.030929][ T4296] ? gfs2_consist_inode_i+0xc0/0xe0
[ 77.036143][ T4296] gfs2_inode_refresh+0xb5e/0xfe0
[ 77.041200][ T4296] ? do_promote+0x71a/0xab0
[ 77.045735][ T4296] ? gfs2_inode_metasync+0xf0/0xf0
[ 77.050874][ T4296] ? __lock_acquire+0x7c60/0x7c60
[ 77.055922][ T4296] inode_go_lock+0x127/0x470
[ 77.060564][ T4296] do_promote+0x741/0xab0
[ 77.064943][ T4296] finish_xmote+0x514/0xb70
[ 77.069477][ T4296] do_xmote+0x7b6/0x1120
[ 77.073759][ T4296] gfs2_glock_nq+0xc7a/0x1550
[ 77.078478][ T4296] do_sync+0x486/0xc00
[ 77.082703][ T4296] ? slot_put+0x1e0/0x1e0
[ 77.087054][ T4296] ? __lock_acquire+0x7c60/0x7c60
[ 77.092192][ T4296] ? do_raw_spin_lock+0x11d/0x280
[ 77.097249][ T4296] ? do_sync+0x47e/0xc00
[ 77.101505][ T4296] ? do_raw_spin_unlock+0x11d/0x230
[ 77.106731][ T4296] gfs2_quota_sync+0x32c/0x6f0
[ 77.111525][ T4296] gfs2_sync_fs+0x48/0xb0
[ 77.115880][ T4296] sync_filesystem+0xe6/0x220
[ 77.120586][ T4296] generic_shutdown_super+0x6b/0x300
[ 77.125893][ T4296] kill_block_super+0x7c/0xe0
[ 77.130592][ T4296] deactivate_locked_super+0x93/0xf0
[ 77.135908][ T4296] cleanup_mnt+0x418/0x4d0
[ 77.140353][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 77.145581][ T4296] task_work_run+0x125/0x1a0
[ 77.150202][ T4296] do_exit+0x61e/0x20a0
[ 77.154498][ T4296] ? put_task_struct+0x80/0x80
[ 77.159338][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 77.165435][ T4296] ? lock_chain_count+0x20/0x20
[ 77.170317][ T4296] ? _raw_spin_lock_irq+0xab/0xe0
[ 77.175368][ T4296] do_group_exit+0x12e/0x300
[ 77.179981][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 77.185233][ T4296] get_signal+0x6ca/0x12c0
[ 77.189691][ T4296] arch_do_signal_or_restart+0xc1/0x1300
[ 77.195357][ T4296] ? slab_free_freelist_hook+0xea/0x170
[ 77.200930][ T4296] ? rcu_is_watching+0x11/0xa0
[ 77.205728][ T4296] ? kmem_cache_free+0x14c/0x210
[ 77.210727][ T4296] ? get_sigframe_size+0x10/0x10
[ 77.215739][ T4296] ? do_sys_openat2+0x207/0x4a0
[ 77.220648][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 77.226669][ T4296] ? exit_to_user_mode_loop+0x3b/0x130
[ 77.232174][ T4296] exit_to_user_mode_loop+0x9e/0x130
[ 77.237506][ T4296] exit_to_user_mode_prepare+0xee/0x180
[ 77.243097][ T4296] syscall_exit_to_user_mode+0x16/0x40
[ 77.248582][ T4296] do_syscall_64+0x58/0xa0
[ 77.253010][ T4296] ? clear_bhb_loop+0x30/0x80
[ 77.257722][ T4296] ? clear_bhb_loop+0x30/0x80
[ 77.262423][ T4296] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 77.268390][ T4296] RIP: 0033:0x7feb506ab041
[ 77.272833][ T4296] Code: Unable to access opcode bytes at RIP 0x7feb506ab017.
[ 77.280215][ T4296] RSP: 002b:00007ffd652b18c0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
[ 77.288649][ T4296] RAX: 0000000000000003 RBX: 00007feb5072fd7d RCX: 00007feb506ab041
[ 77.296640][ T4296] RDX: 0000000000090800 RSI: 00007ffd652b2a70 RDI: 00000000ffffff9c
[ 77.304643][ T4296] RBP: 00007ffd652b2a5c R08: 0000000000000000 R09: 0000000000000000
[ 77.312639][ T4296] R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffd652b2a70
[ 77.320644][ T4296] R13: 00007feb5072fd7d R14: 0000000000012971 R15: 00007ffd652b2ab0
[ 77.328657][ T4296]
[ 77.347536][ T4296] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 77.377551][ T4296] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 77.386770][ T4296] gfs2: fsid=syz:syz.0: File system withdrawn
[ 77.393227][ T4296] CPU: 0 PID: 4296 Comm: syz-executor Not tainted syzkaller #0
[ 77.400827][ T4296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 77.411008][ T4296] Call Trace:
[ 77.414307][ T4296]
[ 77.417266][ T4296] dump_stack_lvl+0x168/0x230
[ 77.421979][ T4296] ? kobject_uevent_env+0x371/0x890
[ 77.427237][ T4296] ? show_regs_print_info+0x20/0x20
[ 77.432471][ T4296] ? load_image+0x3b0/0x3b0
[ 77.437028][ T4296] ? kobject_uevent_env+0x371/0x890
[ 77.442276][ T4296] ? lockref_put_or_lock+0x6e/0xb0
[ 77.447420][ T4296] gfs2_withdraw+0x111b/0x1460
[ 77.452226][ T4296] ? gfs2_lm+0x220/0x220
[ 77.456498][ T4296] ? __schedule+0x11c3/0x4390
[ 77.461209][ T4296] ? gfs2_consist_inode_i+0xc0/0xe0
[ 77.466471][ T4296] gfs2_inode_refresh+0xb5e/0xfe0
[ 77.471530][ T4296] ? do_promote+0x71a/0xab0
[ 77.476050][ T4296] ? gfs2_inode_metasync+0xf0/0xf0
[ 77.481182][ T4296] ? __lock_acquire+0x7c60/0x7c60
[ 77.486283][ T4296] inode_go_lock+0x127/0x470
[ 77.490899][ T4296] do_promote+0x741/0xab0
[ 77.495269][ T4296] finish_xmote+0x514/0xb70
[ 77.499810][ T4296] do_xmote+0x7b6/0x1120
[ 77.504131][ T4296] gfs2_glock_nq+0xc7a/0x1550
[ 77.508861][ T4296] do_sync+0x486/0xc00
[ 77.512973][ T4296] ? slot_put+0x1e0/0x1e0
[ 77.517355][ T4296] ? __lock_acquire+0x7c60/0x7c60
[ 77.522421][ T4296] ? do_raw_spin_lock+0x11d/0x280
[ 77.527475][ T4296] ? do_sync+0x47e/0xc00
[ 77.531759][ T4296] ? do_raw_spin_unlock+0x11d/0x230
[ 77.536988][ T4296] gfs2_quota_sync+0x32c/0x6f0
[ 77.541788][ T4296] gfs2_sync_fs+0x48/0xb0
[ 77.546135][ T4296] sync_filesystem+0xe6/0x220
[ 77.550975][ T4296] generic_shutdown_super+0x6b/0x300
[ 77.556293][ T4296] kill_block_super+0x7c/0xe0
[ 77.561011][ T4296] deactivate_locked_super+0x93/0xf0
[ 77.566322][ T4296] cleanup_mnt+0x418/0x4d0
[ 77.570765][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 77.575993][ T4296] task_work_run+0x125/0x1a0
[ 77.580632][ T4296] do_exit+0x61e/0x20a0
[ 77.584827][ T4296] ? put_task_struct+0x80/0x80
[ 77.589617][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 77.595624][ T4296] ? lock_chain_count+0x20/0x20
[ 77.600512][ T4296] ? _raw_spin_lock_irq+0xab/0xe0
[ 77.605573][ T4296] do_group_exit+0x12e/0x300
[ 77.610185][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 77.615418][ T4296] get_signal+0x6ca/0x12c0
[ 77.619883][ T4296] arch_do_signal_or_restart+0xc1/0x1300
[ 77.625555][ T4296] ? slab_free_freelist_hook+0xea/0x170
[ 77.631154][ T4296] ? rcu_is_watching+0x11/0xa0
[ 77.635933][ T4296] ? kmem_cache_free+0x14c/0x210
[ 77.640884][ T4296] ? get_sigframe_size+0x10/0x10
[ 77.645841][ T4296] ? do_sys_openat2+0x207/0x4a0
[ 77.650722][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 77.656743][ T4296] ? exit_to_user_mode_loop+0x3b/0x130
[ 77.662231][ T4296] exit_to_user_mode_loop+0x9e/0x130
[ 77.667543][ T4296] exit_to_user_mode_prepare+0xee/0x180
[ 77.673128][ T4296] syscall_exit_to_user_mode+0x16/0x40
[ 77.678623][ T4296] do_syscall_64+0x58/0xa0
[ 77.683074][ T4296] ? clear_bhb_loop+0x30/0x80
[ 77.687780][ T4296] ? clear_bhb_loop+0x30/0x80
[ 77.692485][ T4296] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 77.698411][ T4296] RIP: 0033:0x7feb506ab041
[ 77.702853][ T4296] Code: Unable to access opcode bytes at RIP 0x7feb506ab017.
[ 77.710227][ T4296] RSP: 002b:00007ffd652b18c0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
[ 77.718666][ T4296] RAX: 0000000000000003 RBX: 00007feb5072fd7d RCX: 00007feb506ab041
[ 77.726662][ T4296] RDX: 0000000000090800 RSI: 00007ffd652b2a70 RDI: 00000000ffffff9c
[ 77.734654][ T4296] RBP: 00007ffd652b2a5c R08: 0000000000000000 R09: 0000000000000000
[ 77.742648][ T4296] R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffd652b2a70
[ 77.750641][ T4296] R13: 00007feb5072fd7d R14: 0000000000012971 R15: 00007ffd652b2ab0
[ 77.758661][ T4296]
[ 77.776706][ T4296] ==================================================================
[ 77.785014][ T4296] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[ 77.791730][ T4296] Read of size 8 at addr ffff88806e5bb090 by task syz-executor/4296
[ 77.799732][ T4296]
[ 77.802076][ T4296] CPU: 0 PID: 4296 Comm: syz-executor Not tainted syzkaller #0
[ 77.809643][ T4296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 77.819850][ T4296] Call Trace:
[ 77.823149][ T4296]
[ 77.826104][ T4296] dump_stack_lvl+0x168/0x230
[ 77.830809][ T4296] ? show_regs_print_info+0x20/0x20
[ 77.836022][ T4296] ? _printk+0xcc/0x110
[ 77.840210][ T4296] ? qd_unlock+0x30/0x2d0
[ 77.844582][ T4296] ? load_image+0x3b0/0x3b0
[ 77.849127][ T4296] print_address_description+0x60/0x2d0
[ 77.854892][ T4296] ? qd_unlock+0x30/0x2d0
[ 77.859251][ T4296] kasan_report+0xdf/0x130
[ 77.863731][ T4296] ? qd_unlock+0x30/0x2d0
[ 77.868092][ T4296] kasan_check_range+0x27b/0x290
[ 77.873050][ T4296] qd_unlock+0x30/0x2d0
[ 77.877226][ T4296] gfs2_quota_sync+0x5bf/0x6f0
[ 77.882029][ T4296] gfs2_sync_fs+0x48/0xb0
[ 77.886379][ T4296] sync_filesystem+0xe6/0x220
[ 77.891074][ T4296] generic_shutdown_super+0x6b/0x300
[ 77.896382][ T4296] kill_block_super+0x7c/0xe0
[ 77.901084][ T4296] deactivate_locked_super+0x93/0xf0
[ 77.906388][ T4296] cleanup_mnt+0x418/0x4d0
[ 77.910819][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 77.916032][ T4296] task_work_run+0x125/0x1a0
[ 77.920644][ T4296] do_exit+0x61e/0x20a0
[ 77.924831][ T4296] ? put_task_struct+0x80/0x80
[ 77.929621][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 77.935622][ T4296] ? lock_chain_count+0x20/0x20
[ 77.940500][ T4296] ? _raw_spin_lock_irq+0xab/0xe0
[ 77.945551][ T4296] do_group_exit+0x12e/0x300
[ 77.950164][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 77.955388][ T4296] get_signal+0x6ca/0x12c0
[ 77.959849][ T4296] arch_do_signal_or_restart+0xc1/0x1300
[ 77.965522][ T4296] ? slab_free_freelist_hook+0xea/0x170
[ 77.971091][ T4296] ? rcu_is_watching+0x11/0xa0
[ 77.975864][ T4296] ? kmem_cache_free+0x14c/0x210
[ 77.980820][ T4296] ? get_sigframe_size+0x10/0x10
[ 77.985783][ T4296] ? do_sys_openat2+0x207/0x4a0
[ 77.990672][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 77.996673][ T4296] ? exit_to_user_mode_loop+0x3b/0x130
[ 78.002159][ T4296] exit_to_user_mode_loop+0x9e/0x130
[ 78.007477][ T4296] exit_to_user_mode_prepare+0xee/0x180
[ 78.013073][ T4296] syscall_exit_to_user_mode+0x16/0x40
[ 78.018553][ T4296] do_syscall_64+0x58/0xa0
[ 78.023005][ T4296] ? clear_bhb_loop+0x30/0x80
[ 78.027703][ T4296] ? clear_bhb_loop+0x30/0x80
[ 78.032404][ T4296] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 78.038311][ T4296] RIP: 0033:0x7feb506ab041
[ 78.042737][ T4296] Code: Unable to access opcode bytes at RIP 0x7feb506ab017.
[ 78.050121][ T4296] RSP: 002b:00007ffd652b18c0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
[ 78.058554][ T4296] RAX: 0000000000000003 RBX: 00007feb5072fd7d RCX: 00007feb506ab041
[ 78.066550][ T4296] RDX: 0000000000090800 RSI: 00007ffd652b2a70 RDI: 00000000ffffff9c
[ 78.074540][ T4296] RBP: 00007ffd652b2a5c R08: 0000000000000000 R09: 0000000000000000
[ 78.082546][ T4296] R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffd652b2a70
[ 78.090532][ T4296] R13: 00007feb5072fd7d R14: 0000000000012971 R15: 00007ffd652b2ab0
[ 78.098531][ T4296]
[ 78.101557][ T4296]
[ 78.103886][ T4296] Allocated by task 4315:
[ 78.108219][ T4296] __kasan_slab_alloc+0x9c/0xd0
[ 78.113087][ T4296] slab_post_alloc_hook+0x4c/0x380
[ 78.118219][ T4296] kmem_cache_alloc+0x100/0x290
[ 78.123087][ T4296] qd_alloc+0x50/0x260
[ 78.127176][ T4296] gfs2_quota_init+0x730/0xe80
[ 78.131960][ T4296] gfs2_make_fs_rw+0x3f5/0x560
[ 78.136750][ T4296] gfs2_fill_super+0x188a/0x1f50
[ 78.141718][ T4296] get_tree_bdev+0x3f1/0x610
[ 78.146318][ T4296] gfs2_get_tree+0x4d/0x1e0
[ 78.150835][ T4296] vfs_get_tree+0x88/0x270
[ 78.155300][ T4296] do_new_mount+0x24a/0xa40
[ 78.157079][ T4190] Bluetooth: hci0: command 0x0419 tx timeout
[ 78.159842][ T4296] __se_sys_mount+0x2d6/0x3c0
[ 78.170513][ T4296] do_syscall_64+0x4c/0xa0
[ 78.174957][ T4296] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 78.180876][ T4296]
[ 78.183215][ T4296] Freed by task 3560:
[ 78.187202][ T4296] kasan_set_track+0x4b/0x70
[ 78.191815][ T4296] kasan_set_free_info+0x1f/0x40
[ 78.196779][ T4296] ____kasan_slab_free+0xd5/0x110
[ 78.201824][ T4296] slab_free_freelist_hook+0xea/0x170
[ 78.207212][ T4296] kmem_cache_free+0x8f/0x210
[ 78.211904][ T4296] rcu_core+0x962/0x15d0
[ 78.216169][ T4296] handle_softirqs+0x328/0x820
[ 78.220954][ T4296] __irq_exit_rcu+0x12f/0x220
[ 78.225647][ T4296] irq_exit_rcu+0x5/0x20
[ 78.229918][ T4296] sysvec_apic_timer_interrupt+0x52/0xc0
[ 78.235573][ T4296] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 78.241575][ T4296]
[ 78.243917][ T4296] Last potentially related work creation:
[ 78.249651][ T4296] kasan_save_stack+0x35/0x60
[ 78.254367][ T4296] kasan_record_aux_stack+0xb8/0x100
[ 78.259686][ T4296] call_rcu+0x182/0x930
[ 78.263859][ T4296] gfs2_quota_cleanup+0x43c/0x6a0
[ 78.268919][ T4296] gfs2_make_fs_ro+0x237/0x5d0
[ 78.273733][ T4296] gfs2_withdraw+0x5f9/0x1460
[ 78.278432][ T4296] gfs2_inode_refresh+0xb5e/0xfe0
[ 78.283507][ T4296] inode_go_lock+0x127/0x470
[ 78.288113][ T4296] do_promote+0x741/0xab0
[ 78.292472][ T4296] finish_xmote+0x514/0xb70
[ 78.296993][ T4296] do_xmote+0x7b6/0x1120
[ 78.301249][ T4296] gfs2_glock_nq+0xc7a/0x1550
[ 78.305941][ T4296] do_sync+0x486/0xc00
[ 78.310022][ T4296] gfs2_quota_sync+0x32c/0x6f0
[ 78.314802][ T4296] gfs2_sync_fs+0x48/0xb0
[ 78.319152][ T4296] sync_filesystem+0xe6/0x220
[ 78.323866][ T4296] generic_shutdown_super+0x6b/0x300
[ 78.329169][ T4296] kill_block_super+0x7c/0xe0
[ 78.333870][ T4296] deactivate_locked_super+0x93/0xf0
[ 78.339206][ T4296] cleanup_mnt+0x418/0x4d0
[ 78.343638][ T4296] task_work_run+0x125/0x1a0
[ 78.348250][ T4296] do_exit+0x61e/0x20a0
[ 78.352479][ T4296] do_group_exit+0x12e/0x300
[ 78.357088][ T4296] get_signal+0x6ca/0x12c0
[ 78.361520][ T4296] arch_do_signal_or_restart+0xc1/0x1300
[ 78.367189][ T4296] exit_to_user_mode_loop+0x9e/0x130
[ 78.372530][ T4296] exit_to_user_mode_prepare+0xee/0x180
[ 78.378090][ T4296] syscall_exit_to_user_mode+0x16/0x40
[ 78.383559][ T4296] do_syscall_64+0x58/0xa0
[ 78.387979][ T4296] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 78.393884][ T4296]
[ 78.396214][ T4296] The buggy address belongs to the object at ffff88806e5bb000
[ 78.396214][ T4296] which belongs to the cache gfs2_quotad of size 272
[ 78.410287][ T4296] The buggy address is located 144 bytes inside of
[ 78.410287][ T4296] 272-byte region [ffff88806e5bb000, ffff88806e5bb110)
[ 78.423673][ T4296] The buggy address belongs to the page:
[ 78.429332][ T4296] page:ffffea0001b96ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6e5bb
[ 78.439495][ T4296] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 78.447066][ T4296] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801d8d5dc0
[ 78.455653][ T4296] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 78.464240][ T4296] page dumped because: kasan: bad access detected
[ 78.470662][ T4296] page_owner tracks the page as allocated
[ 78.476374][ T4296] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4315, ts 76782755599, free_ts 19743276643
[ 78.495570][ T4296] get_page_from_freelist+0x1b77/0x1c60
[ 78.501148][ T4296] __alloc_pages+0x1e1/0x470
[ 78.505752][ T4296] new_slab+0xc0/0x4b0
[ 78.509847][ T4296] ___slab_alloc+0x81e/0xdf0
[ 78.514445][ T4296] kmem_cache_alloc+0x195/0x290
[ 78.519297][ T4296] qd_alloc+0x50/0x260
[ 78.523368][ T4296] gfs2_quota_init+0x730/0xe80
[ 78.528148][ T4296] gfs2_make_fs_rw+0x3f5/0x560
[ 78.532926][ T4296] gfs2_fill_super+0x188a/0x1f50
[ 78.537884][ T4296] get_tree_bdev+0x3f1/0x610
[ 78.542499][ T4296] gfs2_get_tree+0x4d/0x1e0
[ 78.547044][ T4296] vfs_get_tree+0x88/0x270
[ 78.551485][ T4296] do_new_mount+0x24a/0xa40
[ 78.555999][ T4296] __se_sys_mount+0x2d6/0x3c0
[ 78.560691][ T4296] do_syscall_64+0x4c/0xa0
[ 78.565118][ T4296] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 78.571019][ T4296] page last free stack trace:
[ 78.575694][ T4296] free_unref_page_prepare+0x637/0x6c0
[ 78.581190][ T4296] free_unref_page+0x94/0x280
[ 78.585897][ T4296] free_contig_range+0x96/0xf0
[ 78.590678][ T4296] destroy_args+0x100/0xa20
[ 78.595189][ T4296] debug_vm_pgtable+0x318/0x370
[ 78.600046][ T4296] do_one_initcall+0x1ee/0x680
[ 78.604827][ T4296] do_initcall_level+0x137/0x1f0
[ 78.609787][ T4296] do_initcalls+0x4b/0x90
[ 78.614129][ T4296] kernel_init_freeable+0x3ce/0x560
[ 78.619440][ T4296] kernel_init+0x19/0x1b0
[ 78.623784][ T4296] ret_from_fork+0x1f/0x30
[ 78.628225][ T4296]
[ 78.630562][ T4296] Memory state around the buggy address:
[ 78.636201][ T4296] ffff88806e5baf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.644291][ T4296] ffff88806e5bb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 78.652378][ T4296] >ffff88806e5bb080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 78.660445][ T4296] ^
[ 78.665038][ T4296] ffff88806e5bb100: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.673104][ T4296] ffff88806e5bb180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 78.681174][ T4296] ==================================================================
[ 78.689239][ T4296] Disabling lock debugging due to kernel taint
[ 78.751065][ T4296] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 78.758412][ T4296] CPU: 0 PID: 4296 Comm: syz-executor Tainted: G B syzkaller #0
[ 78.767377][ T4296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 78.777452][ T4296] Call Trace:
[ 78.780777][ T4296]
[ 78.783725][ T4296] dump_stack_lvl+0x168/0x230
[ 78.788433][ T4296] ? show_regs_print_info+0x20/0x20
[ 78.793669][ T4296] ? load_image+0x3b0/0x3b0
[ 78.798196][ T4296] panic+0x2c9/0x7f0
[ 78.802112][ T4296] ? bpf_jit_dump+0xd0/0xd0
[ 78.806629][ T4296] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 78.812545][ T4296] ? _raw_spin_unlock+0x40/0x40
[ 78.817409][ T4296] ? print_memory_metadata+0x314/0x400
[ 78.822891][ T4296] ? qd_unlock+0x30/0x2d0
[ 78.827269][ T4296] check_panic_on_warn+0x80/0xa0
[ 78.832232][ T4296] ? qd_unlock+0x30/0x2d0
[ 78.836583][ T4296] end_report+0x6d/0xf0
[ 78.840769][ T4296] kasan_report+0x102/0x130
[ 78.845294][ T4296] ? qd_unlock+0x30/0x2d0
[ 78.849665][ T4296] kasan_check_range+0x27b/0x290
[ 78.854626][ T4296] qd_unlock+0x30/0x2d0
[ 78.858811][ T4296] gfs2_quota_sync+0x5bf/0x6f0
[ 78.863601][ T4296] gfs2_sync_fs+0x48/0xb0
[ 78.867954][ T4296] sync_filesystem+0xe6/0x220
[ 78.872656][ T4296] generic_shutdown_super+0x6b/0x300
[ 78.877962][ T4296] kill_block_super+0x7c/0xe0
[ 78.882665][ T4296] deactivate_locked_super+0x93/0xf0
[ 78.887977][ T4296] cleanup_mnt+0x418/0x4d0
[ 78.892442][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 78.897682][ T4296] task_work_run+0x125/0x1a0
[ 78.902303][ T4296] do_exit+0x61e/0x20a0
[ 78.906506][ T4296] ? put_task_struct+0x80/0x80
[ 78.911298][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 78.917301][ T4296] ? lock_chain_count+0x20/0x20
[ 78.922174][ T4296] ? _raw_spin_lock_irq+0xab/0xe0
[ 78.927222][ T4296] do_group_exit+0x12e/0x300
[ 78.931831][ T4296] ? lockdep_hardirqs_on+0x94/0x140
[ 78.937050][ T4296] get_signal+0x6ca/0x12c0
[ 78.941492][ T4296] arch_do_signal_or_restart+0xc1/0x1300
[ 78.947144][ T4296] ? slab_free_freelist_hook+0xea/0x170
[ 78.952716][ T4296] ? rcu_is_watching+0x11/0xa0
[ 78.957509][ T4296] ? kmem_cache_free+0x14c/0x210
[ 78.962476][ T4296] ? get_sigframe_size+0x10/0x10
[ 78.967446][ T4296] ? do_sys_openat2+0x207/0x4a0
[ 78.972328][ T4296] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 78.978332][ T4296] ? exit_to_user_mode_loop+0x3b/0x130
[ 78.983827][ T4296] exit_to_user_mode_loop+0x9e/0x130
[ 78.989160][ T4296] exit_to_user_mode_prepare+0xee/0x180
[ 78.994737][ T4296] syscall_exit_to_user_mode+0x16/0x40
[ 79.000216][ T4296]