Warning: Permanently added '10.128.0.117' (ED25519) to the list of known hosts.
2026/01/03 16:44:29 parsed 1 programs
[ 59.905199][ T4189] cgroup: Unknown subsys name 'net'
[ 60.065383][ T4189] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 61.548023][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 64.339497][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 64.352023][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 64.369427][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 64.388416][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 64.396836][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 64.406321][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 65.515059][ T4276] chnl_net:caif_netlink_parms(): no params data found
[ 65.554914][ T4276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 65.562956][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[ 65.571270][ T4276] device bridge_slave_0 entered promiscuous mode
[ 65.581421][ T4276] bridge0: port 2(bridge_slave_1) entered blocking state
[ 65.588505][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[ 65.596424][ T4276] device bridge_slave_1 entered promiscuous mode
[ 65.616724][ T4276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 65.627492][ T4276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 65.649715][ T4276] team0: Port device team_slave_0 added
[ 65.657475][ T4276] team0: Port device team_slave_1 added
[ 65.674388][ T4276] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 65.681427][ T4276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 65.707634][ T4276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 65.720328][ T4276] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 65.727298][ T4276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 65.753343][ T4276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 65.781707][ T4276] device hsr_slave_0 entered promiscuous mode
[ 65.788657][ T4276] device hsr_slave_1 entered promiscuous mode
[ 65.913696][ T4276] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 65.924131][ T4276] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 65.933746][ T4276] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 65.944587][ T4276] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 65.993676][ T4276] bridge0: port 2(bridge_slave_1) entered blocking state
[ 66.000861][ T4276] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 66.008634][ T4276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 66.015747][ T4276] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 66.080277][ T4276] 8021q: adding VLAN 0 to HW filter on device bond0
[ 66.093743][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 66.103058][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 66.111662][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 66.119451][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 66.132975][ T4276] 8021q: adding VLAN 0 to HW filter on device team0
[ 66.162209][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 66.170760][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 66.177804][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 66.188624][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 66.197171][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 66.204288][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 66.225021][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 66.233561][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 66.267455][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 66.279031][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 66.313923][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 66.325267][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 66.432230][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 66.440885][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 66.446447][ T4276] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 66.481745][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 66.502609][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 66.511985][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 66.521189][ T4276] device veth0_vlan entered promiscuous mode
[ 66.533795][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 66.544761][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 66.557514][ T4276] device veth1_vlan entered promiscuous mode
[ 66.582463][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 66.592489][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 66.600775][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 66.609115][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 66.621393][ T4276] device veth0_macvtap entered promiscuous mode
[ 66.631429][ T4276] device veth1_macvtap entered promiscuous mode
[ 66.677009][ T4276] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 66.685902][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 66.694336][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 66.703566][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 66.712400][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 66.724015][ T4276] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 66.732539][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 66.741557][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 66.752474][ T4276] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.762204][ T4276] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.772163][ T4276] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.781235][ T4276] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 66.889991][ T4276] syz-executor (4276) used greatest stack depth: 20128 bytes left
2026/01/03 16:44:38 executed programs: 0
[ 67.431418][ T4300] chnl_net:caif_netlink_parms(): no params data found
[ 67.498138][ T4300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 67.505369][ T4300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 67.513705][ T4300] device bridge_slave_0 entered promiscuous mode
[ 67.522208][ T4300] bridge0: port 2(bridge_slave_1) entered blocking state
[ 67.529265][ T4300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 67.537397][ T4300] device bridge_slave_1 entered promiscuous mode
[ 67.578931][ T4300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 67.592152][ T4300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 67.622749][ T4300] team0: Port device team_slave_0 added
[ 67.633182][ T4300] team0: Port device team_slave_1 added
[ 67.662005][ T4300] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 67.668995][ T4300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 67.698589][ T4300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 67.711924][ T4300] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 67.718885][ T4300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 67.748257][ T4300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 67.791558][ T4300] device hsr_slave_0 entered promiscuous mode
[ 67.798436][ T4300] device hsr_slave_1 entered promiscuous mode
[ 67.809627][ T4300] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 67.820192][ T4300] Cannot create hsr debugfs directory
[ 67.926741][ T4300] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 69.340633][ T13] Bluetooth: hci0: command 0x0409 tx timeout
[ 70.795411][ T4300] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.423368][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.424220][ T4269] Bluetooth: hci0: command 0x041b tx timeout
[ 71.430000][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.986596][ T4300] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.037393][ T4300] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.294270][ T4300] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 72.303774][ T4300] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 72.321881][ T4300] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 72.331052][ T4300] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 72.387687][ T4300] 8021q: adding VLAN 0 to HW filter on device bond0
[ 72.398939][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 72.407598][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 72.419075][ T4300] 8021q: adding VLAN 0 to HW filter on device team0
[ 72.433184][ T1236] device hsr_slave_0 left promiscuous mode
[ 72.439689][ T1236] device hsr_slave_1 left promiscuous mode
[ 72.447045][ T1236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 72.455065][ T1236] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 72.463856][ T1236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 72.471710][ T1236] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 72.479250][ T1236] device bridge_slave_1 left promiscuous mode
[ 72.486313][ T1236] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.498282][ T1236] device bridge_slave_0 left promiscuous mode
[ 72.505550][ T1236] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.521752][ T1236] device veth1_macvtap left promiscuous mode
[ 72.527939][ T1236] device veth0_macvtap left promiscuous mode
[ 72.534182][ T1236] device veth1_vlan left promiscuous mode
[ 72.540893][ T1236] device veth0_vlan left promiscuous mode
[ 72.671491][ T1236] team0 (unregistering): Port device team_slave_1 removed
[ 72.684649][ T1236] team0 (unregistering): Port device team_slave_0 removed
[ 72.698244][ T1236] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 72.713283][ T1236] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 72.764100][ T1236] bond0 (unregistering): Released all slaves
[ 72.807457][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 72.816388][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 72.826263][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.833343][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 72.843303][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 72.853776][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 72.865466][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 72.874505][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.881617][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 72.900023][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 72.909299][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 72.918262][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 72.934849][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 72.944167][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 72.954715][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 72.963686][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 72.974850][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 72.983611][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 72.996037][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 73.004639][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 73.019329][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 73.108086][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 73.115663][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 73.127519][ T4300] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 73.151113][ T3050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 73.161837][ T3050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 73.172729][ T3050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 73.181160][ T3050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 73.190130][ T3050] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 73.197895][ T3050] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 73.206454][ T4300] device veth0_vlan entered promiscuous mode
[ 73.227116][ T4300] device veth1_vlan entered promiscuous mode
[ 73.253526][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 73.262962][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 73.272265][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 73.281336][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 73.293311][ T4300] device veth0_macvtap entered promiscuous mode
[ 73.305269][ T4300] device veth1_macvtap entered promiscuous mode
[ 73.323943][ T4300] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 73.334852][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 73.344668][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 73.355083][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 73.364038][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 73.380756][ T4300] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 73.390944][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 73.399709][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 73.412580][ T4300] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.421869][ T4300] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.432658][ T4300] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.441707][ T4300] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.490947][ T13] Bluetooth: hci0: command 0x040f tx timeout
[ 73.518507][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.531387][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/01/03 16:44:44 executed programs: 2
[ 73.550996][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 73.566529][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.575189][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.586578][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 73.983437][ T4318] loop0: detected capacity change from 0 to 32768
[ 74.006996][ T4318] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 74.025741][ T4318] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 74.057312][ T4318] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 74.079391][ T4240] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 74.092068][ T4240] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 74.155991][ T4240] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 63ms
[ 74.178427][ T4240] gfs2: fsid=syz:syz.0: jid=0: Done
[ 74.186072][ T4318] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 74.303448][ T4318] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 74.351643][ T4300] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 74.351643][ T4300] inode = 11 2339
[ 74.351643][ T4300] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 74.402303][ T4300] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 74.420249][ T4300] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 74.434581][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 74.442158][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 74.452230][ T4300] Call Trace:
[ 74.455523][ T4300]
[ 74.458464][ T4300] dump_stack_lvl+0x168/0x230
[ 74.463170][ T4300] ? show_regs_print_info+0x20/0x20
[ 74.468394][ T4300] ? load_image+0x3b0/0x3b0
[ 74.472940][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 74.478023][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 74.483258][ T4300] gfs2_assert_warn_i+0x18f/0x2c0
[ 74.488304][ T4300] gfs2_quota_cleanup+0x4b4/0x6a0
[ 74.493344][ T4300] gfs2_make_fs_ro+0x237/0x5d0
[ 74.498133][ T4300] ? gfs2_dinode_out+0xb00/0xb00
[ 74.503084][ T4300] ? _raw_spin_unlock+0x24/0x40
[ 74.507944][ T4300] ? gfs2_glock_nq+0xcb0/0x1550
[ 74.512808][ T4300] gfs2_withdraw+0x5f9/0x1460
[ 74.517493][ T4300] ? gfs2_lm+0x220/0x220
[ 74.521811][ T4300] ? __schedule+0x11c3/0x4390
[ 74.526482][ T4300] ? gfs2_freeze_lock+0x52/0xc0
[ 74.531336][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 74.536526][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 74.541559][ T4300] ? do_promote+0x71a/0xab0
[ 74.546099][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 74.551229][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 74.556269][ T4300] inode_go_lock+0x127/0x470
[ 74.560856][ T4300] do_promote+0x741/0xab0
[ 74.565198][ T4300] finish_xmote+0x514/0xb70
[ 74.569693][ T4300] do_xmote+0x7b6/0x1120
[ 74.573933][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 74.578610][ T4300] do_sync+0x486/0xc00
[ 74.582677][ T4300] ? slot_put+0x1e0/0x1e0
[ 74.587017][ T4300] ? do_sync+0x47e/0xc00
[ 74.591252][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 74.596445][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 74.601212][ T4300] gfs2_sync_fs+0x48/0xb0
[ 74.605533][ T4300] sync_filesystem+0xe6/0x220
[ 74.610200][ T4300] generic_shutdown_super+0x6b/0x300
[ 74.615483][ T4300] kill_block_super+0x7c/0xe0
[ 74.620176][ T4300] deactivate_locked_super+0x93/0xf0
[ 74.625455][ T4300] cleanup_mnt+0x418/0x4d0
[ 74.629865][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 74.635053][ T4300] task_work_run+0x125/0x1a0
[ 74.639633][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 74.645002][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 74.650559][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 74.656010][ T4300] do_syscall_64+0x58/0xa0
[ 74.660431][ T4300] ? clear_bhb_loop+0x30/0x80
[ 74.665103][ T4300] ? clear_bhb_loop+0x30/0x80
[ 74.669774][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 74.675661][ T4300] RIP: 0033:0x7f79a7988a77
[ 74.680070][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 74.699671][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 74.708097][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 74.716098][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 74.724071][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 74.732042][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 74.740100][ T4300] R13: 00007f79a7a0bd7d R14: 000000000001223c R15: 00007ffd0d74f970
[ 74.748091][ T4300]
[ 74.758255][ T4300] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 74.767100][ T4300] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 74.777897][ T4300] gfs2: fsid=syz:syz.0: File system withdrawn
[ 74.784161][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 74.791735][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 74.801819][ T4300] Call Trace:
[ 74.805102][ T4300]
[ 74.808031][ T4300] dump_stack_lvl+0x168/0x230
[ 74.812820][ T4300] ? kobject_uevent_env+0x371/0x890
[ 74.818010][ T4300] ? show_regs_print_info+0x20/0x20
[ 74.823203][ T4300] ? load_image+0x3b0/0x3b0
[ 74.827696][ T4300] ? kobject_uevent_env+0x371/0x890
[ 74.832882][ T4300] ? lockref_put_or_lock+0x6e/0xb0
[ 74.837984][ T4300] gfs2_withdraw+0x111b/0x1460
[ 74.842746][ T4300] ? gfs2_lm+0x220/0x220
[ 74.846982][ T4300] ? __schedule+0x11c3/0x4390
[ 74.851653][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 74.856842][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 74.861857][ T4300] ? do_promote+0x71a/0xab0
[ 74.866353][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 74.871451][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 74.876469][ T4300] inode_go_lock+0x127/0x470
[ 74.881052][ T4300] do_promote+0x741/0xab0
[ 74.885380][ T4300] finish_xmote+0x514/0xb70
[ 74.889890][ T4300] do_xmote+0x7b6/0x1120
[ 74.894160][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 74.898839][ T4300] do_sync+0x486/0xc00
[ 74.902900][ T4300] ? slot_put+0x1e0/0x1e0
[ 74.907223][ T4300] ? do_sync+0x47e/0xc00
[ 74.911458][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 74.916662][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 74.921450][ T4300] gfs2_sync_fs+0x48/0xb0
[ 74.925776][ T4300] sync_filesystem+0xe6/0x220
[ 74.930444][ T4300] generic_shutdown_super+0x6b/0x300
[ 74.935719][ T4300] kill_block_super+0x7c/0xe0
[ 74.940394][ T4300] deactivate_locked_super+0x93/0xf0
[ 74.945701][ T4300] cleanup_mnt+0x418/0x4d0
[ 74.950135][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 74.955332][ T4300] task_work_run+0x125/0x1a0
[ 74.960016][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 74.965381][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 74.970916][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 74.976389][ T4300] do_syscall_64+0x58/0xa0
[ 74.980792][ T4300] ? clear_bhb_loop+0x30/0x80
[ 74.985456][ T4300] ? clear_bhb_loop+0x30/0x80
[ 74.990132][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 74.996046][ T4300] RIP: 0033:0x7f79a7988a77
[ 75.000459][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 75.020058][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 75.028486][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 75.036470][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 75.044437][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 75.052421][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 75.060384][ T4300] R13: 00007f79a7a0bd7d R14: 000000000001223c R15: 00007ffd0d74f970
[ 75.068362][ T4300]
[ 75.412320][ T4322] loop0: detected capacity change from 0 to 32768
[ 75.460910][ T4322] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 75.469123][ T4322] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 75.505904][ T4322] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 75.515052][ T4240] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 75.522217][ T4240] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 75.555362][ T4240] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 33ms
[ 75.563667][ T4240] gfs2: fsid=syz:syz.0: jid=0: Done
[ 75.568939][ T4322] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 75.570412][ T4263] Bluetooth: hci0: command 0x0419 tx timeout
[ 75.661785][ T4322] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 75.675292][ T4300] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 75.675292][ T4300] inode = 11 2339
[ 75.675292][ T4300] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 75.695312][ T4300] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 75.713358][ T4300] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 75.727782][ T4300] CPU: 0 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 75.735362][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 75.745417][ T4300] Call Trace:
[ 75.748688][ T4300]
[ 75.751718][ T4300] dump_stack_lvl+0x168/0x230
[ 75.756392][ T4300] ? show_regs_print_info+0x20/0x20
[ 75.761630][ T4300] ? load_image+0x3b0/0x3b0
[ 75.766140][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 75.771183][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 75.776385][ T4300] gfs2_assert_warn_i+0x18f/0x2c0
[ 75.781413][ T4300] gfs2_quota_cleanup+0x4b4/0x6a0
[ 75.786436][ T4300] gfs2_make_fs_ro+0x237/0x5d0
[ 75.791190][ T4300] ? gfs2_dinode_out+0xb00/0xb00
[ 75.796115][ T4300] ? _raw_spin_unlock+0x24/0x40
[ 75.800958][ T4300] ? gfs2_glock_nq+0xcb0/0x1550
[ 75.805810][ T4300] gfs2_withdraw+0x5f9/0x1460
[ 75.810482][ T4300] ? gfs2_lm+0x220/0x220
[ 75.814711][ T4300] ? __schedule+0x11c3/0x4390
[ 75.819497][ T4300] ? gfs2_freeze_lock+0x52/0xc0
[ 75.824363][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 75.829573][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 75.834594][ T4300] ? do_promote+0x71a/0xab0
[ 75.839091][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 75.844190][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 75.849220][ T4300] inode_go_lock+0x127/0x470
[ 75.853807][ T4300] do_promote+0x741/0xab0
[ 75.858132][ T4300] finish_xmote+0x514/0xb70
[ 75.862627][ T4300] do_xmote+0x7b6/0x1120
[ 75.866873][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 75.871550][ T4300] do_sync+0x486/0xc00
[ 75.875614][ T4300] ? slot_put+0x1e0/0x1e0
[ 75.879938][ T4300] ? do_sync+0x47e/0xc00
[ 75.884174][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 75.889364][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 75.894123][ T4300] gfs2_sync_fs+0x48/0xb0
[ 75.898443][ T4300] sync_filesystem+0xe6/0x220
[ 75.903109][ T4300] generic_shutdown_super+0x6b/0x300
[ 75.908388][ T4300] kill_block_super+0x7c/0xe0
[ 75.913056][ T4300] deactivate_locked_super+0x93/0xf0
[ 75.918349][ T4300] cleanup_mnt+0x418/0x4d0
[ 75.922754][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 75.927945][ T4300] task_work_run+0x125/0x1a0
[ 75.932526][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 75.937889][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 75.943424][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 75.948874][ T4300] do_syscall_64+0x58/0xa0
[ 75.953282][ T4300] ? clear_bhb_loop+0x30/0x80
[ 75.957946][ T4300] ? clear_bhb_loop+0x30/0x80
[ 75.962629][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 75.968513][ T4300] RIP: 0033:0x7f79a7988a77
[ 75.972918][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 75.992513][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 76.000918][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 76.008877][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 76.016835][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 76.024795][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 76.032759][ T4300] R13: 00007f79a7a0bd7d R14: 00000000000125a9 R15: 00007ffd0d74f970
[ 76.040732][ T4300]
[ 76.049341][ T4300] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 76.060044][ T4300] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 76.066770][ T4300] gfs2: fsid=syz:syz.0: File system withdrawn
[ 76.073335][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 76.080909][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 76.090983][ T4300] Call Trace:
[ 76.094280][ T4300]
[ 76.097228][ T4300] dump_stack_lvl+0x168/0x230
[ 76.101924][ T4300] ? kobject_uevent_env+0x371/0x890
[ 76.107124][ T4300] ? show_regs_print_info+0x20/0x20
[ 76.112332][ T4300] ? load_image+0x3b0/0x3b0
[ 76.116829][ T4300] ? kobject_uevent_env+0x371/0x890
[ 76.122015][ T4300] ? lockref_put_or_lock+0x6e/0xb0
[ 76.127119][ T4300] gfs2_withdraw+0x111b/0x1460
[ 76.131895][ T4300] ? gfs2_lm+0x220/0x220
[ 76.136149][ T4300] ? __schedule+0x11c3/0x4390
[ 76.140821][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 76.146014][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 76.151140][ T4300] ? do_promote+0x71a/0xab0
[ 76.155663][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 76.160865][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 76.165912][ T4300] inode_go_lock+0x127/0x470
[ 76.170517][ T4300] do_promote+0x741/0xab0
[ 76.174902][ T4300] finish_xmote+0x514/0xb70
[ 76.179405][ T4300] do_xmote+0x7b6/0x1120
[ 76.183646][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 76.188325][ T4300] do_sync+0x486/0xc00
[ 76.192391][ T4300] ? slot_put+0x1e0/0x1e0
[ 76.196719][ T4300] ? do_sync+0x47e/0xc00
[ 76.200954][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 76.206145][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 76.210913][ T4300] gfs2_sync_fs+0x48/0xb0
[ 76.215232][ T4300] sync_filesystem+0xe6/0x220
[ 76.219900][ T4300] generic_shutdown_super+0x6b/0x300
[ 76.225178][ T4300] kill_block_super+0x7c/0xe0
[ 76.229850][ T4300] deactivate_locked_super+0x93/0xf0
[ 76.235152][ T4300] cleanup_mnt+0x418/0x4d0
[ 76.239574][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 76.244784][ T4300] task_work_run+0x125/0x1a0
[ 76.249368][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 76.254734][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 76.260287][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 76.265775][ T4300] do_syscall_64+0x58/0xa0
[ 76.270190][ T4300] ? clear_bhb_loop+0x30/0x80
[ 76.274982][ T4300] ? clear_bhb_loop+0x30/0x80
[ 76.279650][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 76.285531][ T4300] RIP: 0033:0x7f79a7988a77
[ 76.289948][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 76.309661][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 76.318068][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 76.326030][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 76.334001][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 76.341983][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 76.349963][ T4300] R13: 00007f79a7a0bd7d R14: 00000000000125a9 R15: 00007ffd0d74f970
[ 76.357958][ T4300]
[ 76.938725][ T4325] loop0: detected capacity change from 0 to 32768
[ 77.034476][ T4325] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 77.043834][ T4325] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 77.061853][ T4325] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 77.078068][ T4240] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 77.086526][ T4240] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 77.136279][ T4240] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 49ms
[ 77.144764][ T4240] gfs2: fsid=syz:syz.0: jid=0: Done
[ 77.151899][ T4325] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 77.228699][ T4325] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 77.246427][ T4300] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 77.246427][ T4300] inode = 11 2339
[ 77.246427][ T4300] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 77.265615][ T4300] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 77.281709][ T4300] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 77.295793][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 77.303361][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 77.313436][ T4300] Call Trace:
[ 77.316711][ T4300]
[ 77.319629][ T4300] dump_stack_lvl+0x168/0x230
[ 77.324301][ T4300] ? show_regs_print_info+0x20/0x20
[ 77.329488][ T4300] ? load_image+0x3b0/0x3b0
[ 77.333979][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 77.338992][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 77.344177][ T4300] gfs2_assert_warn_i+0x18f/0x2c0
[ 77.349195][ T4300] gfs2_quota_cleanup+0x4b4/0x6a0
[ 77.354217][ T4300] gfs2_make_fs_ro+0x237/0x5d0
[ 77.358978][ T4300] ? gfs2_dinode_out+0xb00/0xb00
[ 77.363899][ T4300] ? _raw_spin_unlock+0x24/0x40
[ 77.368736][ T4300] ? gfs2_glock_nq+0xcb0/0x1550
[ 77.373585][ T4300] gfs2_withdraw+0x5f9/0x1460
[ 77.378258][ T4300] ? gfs2_lm+0x220/0x220
[ 77.382491][ T4300] ? __schedule+0x11c3/0x4390
[ 77.387158][ T4300] ? gfs2_freeze_lock+0x52/0xc0
[ 77.392002][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 77.397197][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 77.402215][ T4300] ? do_promote+0x71a/0xab0
[ 77.406711][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 77.411809][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 77.416826][ T4300] inode_go_lock+0x127/0x470
[ 77.421405][ T4300] do_promote+0x741/0xab0
[ 77.425728][ T4300] finish_xmote+0x514/0xb70
[ 77.430225][ T4300] do_xmote+0x7b6/0x1120
[ 77.434462][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 77.439137][ T4300] do_sync+0x486/0xc00
[ 77.443201][ T4300] ? slot_put+0x1e0/0x1e0
[ 77.447521][ T4300] ? do_sync+0x47e/0xc00
[ 77.451753][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 77.456944][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 77.461701][ T4300] gfs2_sync_fs+0x48/0xb0
[ 77.466017][ T4300] sync_filesystem+0xe6/0x220
[ 77.470709][ T4300] generic_shutdown_super+0x6b/0x300
[ 77.475982][ T4300] kill_block_super+0x7c/0xe0
[ 77.480650][ T4300] deactivate_locked_super+0x93/0xf0
[ 77.485928][ T4300] cleanup_mnt+0x418/0x4d0
[ 77.490332][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 77.495519][ T4300] task_work_run+0x125/0x1a0
[ 77.500114][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 77.505505][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 77.511040][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 77.516487][ T4300] do_syscall_64+0x58/0xa0
[ 77.520888][ T4300] ? clear_bhb_loop+0x30/0x80
[ 77.525570][ T4300] ? clear_bhb_loop+0x30/0x80
[ 77.530238][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 77.536119][ T4300] RIP: 0033:0x7f79a7988a77
[ 77.540523][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 77.560125][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 77.568543][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 77.576506][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 77.584469][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 77.592434][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 77.600402][ T4300] R13: 00007f79a7a0bd7d R14: 0000000000012aba R15: 00007ffd0d74f970
[ 77.608412][ T4300]
[ 77.612389][ T4300] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 77.621275][ T4300] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 77.627811][ T4300] gfs2: fsid=syz:syz.0: File system withdrawn
[ 77.633958][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 77.641515][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 77.651563][ T4300] Call Trace:
[ 77.654837][ T4300]
[ 77.657755][ T4300] dump_stack_lvl+0x168/0x230
[ 77.662421][ T4300] ? kobject_uevent_env+0x371/0x890
[ 77.667608][ T4300] ? show_regs_print_info+0x20/0x20
[ 77.672793][ T4300] ? load_image+0x3b0/0x3b0
[ 77.677326][ T4300] ? kobject_uevent_env+0x371/0x890
[ 77.682511][ T4300] ? lockref_put_or_lock+0x6e/0xb0
[ 77.687619][ T4300] gfs2_withdraw+0x111b/0x1460
[ 77.692387][ T4300] ? gfs2_lm+0x220/0x220
[ 77.696628][ T4300] ? __schedule+0x11c3/0x4390
[ 77.701301][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 77.706487][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 77.711501][ T4300] ? do_promote+0x71a/0xab0
[ 77.715992][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 77.721196][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 77.726218][ T4300] inode_go_lock+0x127/0x470
[ 77.730800][ T4300] do_promote+0x741/0xab0
[ 77.735123][ T4300] finish_xmote+0x514/0xb70
[ 77.739638][ T4300] do_xmote+0x7b6/0x1120
[ 77.743903][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 77.748621][ T4300] do_sync+0x486/0xc00
[ 77.752691][ T4300] ? slot_put+0x1e0/0x1e0
[ 77.757018][ T4300] ? do_sync+0x47e/0xc00
[ 77.761254][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 77.766448][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 77.771205][ T4300] gfs2_sync_fs+0x48/0xb0
[ 77.775524][ T4300] sync_filesystem+0xe6/0x220
[ 77.780190][ T4300] generic_shutdown_super+0x6b/0x300
[ 77.785467][ T4300] kill_block_super+0x7c/0xe0
[ 77.790147][ T4300] deactivate_locked_super+0x93/0xf0
[ 77.795449][ T4300] cleanup_mnt+0x418/0x4d0
[ 77.799857][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 77.805047][ T4300] task_work_run+0x125/0x1a0
[ 77.809628][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 77.814994][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 77.820616][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 77.826064][ T4300] do_syscall_64+0x58/0xa0
[ 77.830496][ T4300] ? clear_bhb_loop+0x30/0x80
[ 77.835160][ T4300] ? clear_bhb_loop+0x30/0x80
[ 77.839835][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 77.845740][ T4300] RIP: 0033:0x7f79a7988a77
[ 77.850157][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 77.869759][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 77.878175][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 77.886154][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 77.894122][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 77.902088][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 77.910048][ T4300] R13: 00007f79a7a0bd7d R14: 0000000000012aba R15: 00007ffd0d74f970
[ 77.918039][ T4300]
[ 78.267766][ T4328] loop0: detected capacity change from 0 to 32768
[ 78.320923][ T4328] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 78.329143][ T4328] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 78.345114][ T4328] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 78.354608][ T4240] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 78.361589][ T4240] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 78.385204][ T4240] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 23ms
[ 78.393183][ T4240] gfs2: fsid=syz:syz.0: jid=0: Done
[ 78.398433][ T4328] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 78.477757][ T4328] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 78.491332][ T4300] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 78.491332][ T4300] inode = 11 2339
[ 78.491332][ T4300] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[ 78.511523][ T4300] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 78.525705][ T4300] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[ 78.540785][ T4300] CPU: 0 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 78.548356][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 78.558419][ T4300] Call Trace:
[ 78.561696][ T4300]
[ 78.564620][ T4300] dump_stack_lvl+0x168/0x230
[ 78.569289][ T4300] ? show_regs_print_info+0x20/0x20
[ 78.574521][ T4300] ? load_image+0x3b0/0x3b0
[ 78.579022][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 78.584036][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 78.589226][ T4300] gfs2_assert_warn_i+0x18f/0x2c0
[ 78.594248][ T4300] gfs2_quota_cleanup+0x4b4/0x6a0
[ 78.599271][ T4300] gfs2_make_fs_ro+0x237/0x5d0
[ 78.604021][ T4300] ? gfs2_dinode_out+0xb00/0xb00
[ 78.608963][ T4300] ? _raw_spin_unlock+0x24/0x40
[ 78.613812][ T4300] ? gfs2_glock_nq+0xcb0/0x1550
[ 78.618663][ T4300] gfs2_withdraw+0x5f9/0x1460
[ 78.623340][ T4300] ? gfs2_lm+0x220/0x220
[ 78.627571][ T4300] ? __schedule+0x11c3/0x4390
[ 78.632238][ T4300] ? gfs2_freeze_lock+0x52/0xc0
[ 78.637079][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 78.642268][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 78.647283][ T4300] ? do_promote+0x71a/0xab0
[ 78.651773][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 78.656873][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 78.661894][ T4300] inode_go_lock+0x127/0x470
[ 78.666478][ T4300] do_promote+0x741/0xab0
[ 78.670813][ T4300] finish_xmote+0x514/0xb70
[ 78.675322][ T4300] do_xmote+0x7b6/0x1120
[ 78.679555][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 78.684228][ T4300] do_sync+0x486/0xc00
[ 78.688291][ T4300] ? slot_put+0x1e0/0x1e0
[ 78.692611][ T4300] ? do_sync+0x47e/0xc00
[ 78.696845][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 78.702036][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 78.706795][ T4300] gfs2_sync_fs+0x48/0xb0
[ 78.711109][ T4300] sync_filesystem+0xe6/0x220
[ 78.715784][ T4300] generic_shutdown_super+0x6b/0x300
[ 78.721057][ T4300] kill_block_super+0x7c/0xe0
[ 78.725722][ T4300] deactivate_locked_super+0x93/0xf0
[ 78.730992][ T4300] cleanup_mnt+0x418/0x4d0
[ 78.735397][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 78.740583][ T4300] task_work_run+0x125/0x1a0
[ 78.745162][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 78.750534][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 78.756096][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 78.761550][ T4300] do_syscall_64+0x58/0xa0
[ 78.765953][ T4300] ? clear_bhb_loop+0x30/0x80
[ 78.770625][ T4300] ? clear_bhb_loop+0x30/0x80
[ 78.775329][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 78.781212][ T4300] RIP: 0033:0x7f79a7988a77
[ 78.785617][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 78.805211][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 78.813638][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 78.821601][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 78.829578][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 78.837559][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 78.845531][ T4300] R13: 00007f79a7a0bd7d R14: 000000000001326f R15: 00007ffd0d74f970
[ 78.853561][ T4300]
[ 78.859332][ T4300] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 78.868188][ T4300] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 78.875043][ T4300] gfs2: fsid=syz:syz.0: File system withdrawn
[ 78.881452][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 78.889016][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 78.899061][ T4300] Call Trace:
[ 78.902335][ T4300]
[ 78.905256][ T4300] dump_stack_lvl+0x168/0x230
[ 78.909927][ T4300] ? kobject_uevent_env+0x371/0x890
[ 78.915119][ T4300] ? show_regs_print_info+0x20/0x20
[ 78.920326][ T4300] ? load_image+0x3b0/0x3b0
[ 78.924819][ T4300] ? kobject_uevent_env+0x371/0x890
[ 78.930014][ T4300] ? lockref_put_or_lock+0x6e/0xb0
[ 78.935121][ T4300] gfs2_withdraw+0x111b/0x1460
[ 78.939888][ T4300] ? gfs2_lm+0x220/0x220
[ 78.944140][ T4300] ? __schedule+0x11c3/0x4390
[ 78.948812][ T4300] ? gfs2_consist_inode_i+0xc0/0xe0
[ 78.954002][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 78.959042][ T4300] ? do_promote+0x71a/0xab0
[ 78.963532][ T4300] ? gfs2_inode_metasync+0xf0/0xf0
[ 78.968634][ T4300] ? __lock_acquire+0x7c60/0x7c60
[ 78.973654][ T4300] inode_go_lock+0x127/0x470
[ 78.978236][ T4300] do_promote+0x741/0xab0
[ 78.982586][ T4300] finish_xmote+0x514/0xb70
[ 78.987090][ T4300] do_xmote+0x7b6/0x1120
[ 78.991331][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 78.996007][ T4300] do_sync+0x486/0xc00
[ 79.000069][ T4300] ? slot_put+0x1e0/0x1e0
[ 79.004401][ T4300] ? do_sync+0x47e/0xc00
[ 79.008635][ T4300] ? do_raw_spin_unlock+0x11d/0x230
[ 79.013831][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 79.018595][ T4300] gfs2_sync_fs+0x48/0xb0
[ 79.022922][ T4300] sync_filesystem+0xe6/0x220
[ 79.027594][ T4300] generic_shutdown_super+0x6b/0x300
[ 79.032877][ T4300] kill_block_super+0x7c/0xe0
[ 79.037548][ T4300] deactivate_locked_super+0x93/0xf0
[ 79.042821][ T4300] cleanup_mnt+0x418/0x4d0
[ 79.047228][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 79.052421][ T4300] task_work_run+0x125/0x1a0
[ 79.057005][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 79.062368][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 79.067903][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 79.073352][ T4300] do_syscall_64+0x58/0xa0
[ 79.077755][ T4300] ? clear_bhb_loop+0x30/0x80
[ 79.082418][ T4300] ? clear_bhb_loop+0x30/0x80
[ 79.087086][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.092973][ T4300] RIP: 0033:0x7f79a7988a77
[ 79.097378][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 79.116970][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 79.125378][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 79.133346][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 79.141320][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 79.149329][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 79.157296][ T4300] R13: 00007f79a7a0bd7d R14: 000000000001326f R15: 00007ffd0d74f970
[ 79.165318][ T4300]
[ 79.171652][ T4300] ==================================================================
[ 79.179949][ T4300] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[ 79.186654][ T4300] Read of size 8 at addr ffff8880742ce330 by task syz-executor/4300
[ 79.194708][ T4300]
[ 79.197022][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Not tainted syzkaller #0
[ 79.204552][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 79.214594][ T4300] Call Trace:
[ 79.217864][ T4300]
[ 79.220784][ T4300] dump_stack_lvl+0x168/0x230
[ 79.225482][ T4300] ? show_regs_print_info+0x20/0x20
[ 79.230682][ T4300] ? _printk+0xcc/0x110
[ 79.234853][ T4300] ? load_image+0x3b0/0x3b0
[ 79.239343][ T4300] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 79.244707][ T4300] print_address_description+0x60/0x2d0
[ 79.250241][ T4300] ? qd_unlock+0x30/0x2d0
[ 79.254557][ T4300] kasan_report+0xdf/0x130
[ 79.258981][ T4300] ? qd_unlock+0x30/0x2d0
[ 79.263300][ T4300] kasan_check_range+0x27b/0x290
[ 79.268226][ T4300] qd_unlock+0x30/0x2d0
[ 79.272371][ T4300] gfs2_quota_sync+0x5bf/0x6f0
[ 79.277132][ T4300] gfs2_sync_fs+0x48/0xb0
[ 79.281460][ T4300] sync_filesystem+0xe6/0x220
[ 79.286150][ T4300] generic_shutdown_super+0x6b/0x300
[ 79.291428][ T4300] kill_block_super+0x7c/0xe0
[ 79.296095][ T4300] deactivate_locked_super+0x93/0xf0
[ 79.301375][ T4300] cleanup_mnt+0x418/0x4d0
[ 79.305783][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 79.310971][ T4300] task_work_run+0x125/0x1a0
[ 79.315552][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 79.321046][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 79.326603][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 79.332127][ T4300] do_syscall_64+0x58/0xa0
[ 79.336545][ T4300] ? clear_bhb_loop+0x30/0x80
[ 79.341214][ T4300] ? clear_bhb_loop+0x30/0x80
[ 79.345879][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.351761][ T4300] RIP: 0033:0x7f79a7988a77
[ 79.356195][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 79.375788][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 79.384195][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 79.392164][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 79.400126][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 79.408090][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 79.416049][ T4300] R13: 00007f79a7a0bd7d R14: 000000000001326f R15: 00007ffd0d74f970
[ 79.424017][ T4300]
[ 79.427028][ T4300]
[ 79.429343][ T4300] Allocated by task 4328:
[ 79.433659][ T4300] __kasan_slab_alloc+0x9c/0xd0
[ 79.438502][ T4300] slab_post_alloc_hook+0x4c/0x380
[ 79.443597][ T4300] kmem_cache_alloc+0x100/0x290
[ 79.448433][ T4300] qd_alloc+0x50/0x260
[ 79.452488][ T4300] gfs2_quota_init+0x730/0xe80
[ 79.457239][ T4300] gfs2_make_fs_rw+0x3f5/0x560
[ 79.461987][ T4300] gfs2_fill_super+0x188a/0x1f50
[ 79.466912][ T4300] get_tree_bdev+0x3f1/0x610
[ 79.471497][ T4300] gfs2_get_tree+0x4d/0x1e0
[ 79.475984][ T4300] vfs_get_tree+0x88/0x270
[ 79.480392][ T4300] do_new_mount+0x24a/0xa40
[ 79.484902][ T4300] __se_sys_mount+0x2d6/0x3c0
[ 79.489565][ T4300] do_syscall_64+0x4c/0xa0
[ 79.493964][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.499874][ T4300]
[ 79.502186][ T4300] Freed by task 0:
[ 79.505889][ T4300] kasan_set_track+0x4b/0x70
[ 79.510463][ T4300] kasan_set_free_info+0x1f/0x40
[ 79.515394][ T4300] ____kasan_slab_free+0xd5/0x110
[ 79.520407][ T4300] slab_free_freelist_hook+0xea/0x170
[ 79.525765][ T4300] kmem_cache_free+0x8f/0x210
[ 79.530443][ T4300] rcu_core+0x962/0x15d0
[ 79.534723][ T4300] handle_softirqs+0x328/0x820
[ 79.539494][ T4300] __irq_exit_rcu+0x12f/0x220
[ 79.544161][ T4300] irq_exit_rcu+0x5/0x20
[ 79.548406][ T4300] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 79.554046][ T4300] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 79.560026][ T4300]
[ 79.562341][ T4300] Last potentially related work creation:
[ 79.568038][ T4300] kasan_save_stack+0x35/0x60
[ 79.572704][ T4300] kasan_record_aux_stack+0xb8/0x100
[ 79.577975][ T4300] call_rcu+0x182/0x930
[ 79.582116][ T4300] gfs2_quota_cleanup+0x43c/0x6a0
[ 79.587143][ T4300] gfs2_make_fs_ro+0x237/0x5d0
[ 79.591890][ T4300] gfs2_withdraw+0x5f9/0x1460
[ 79.596555][ T4300] gfs2_inode_refresh+0xb5e/0xfe0
[ 79.601566][ T4300] inode_go_lock+0x127/0x470
[ 79.606148][ T4300] do_promote+0x741/0xab0
[ 79.610462][ T4300] finish_xmote+0x514/0xb70
[ 79.614954][ T4300] do_xmote+0x7b6/0x1120
[ 79.619182][ T4300] gfs2_glock_nq+0xc7a/0x1550
[ 79.623843][ T4300] do_sync+0x486/0xc00
[ 79.627901][ T4300] gfs2_quota_sync+0x32c/0x6f0
[ 79.632651][ T4300] gfs2_sync_fs+0x48/0xb0
[ 79.636985][ T4300] sync_filesystem+0xe6/0x220
[ 79.641647][ T4300] generic_shutdown_super+0x6b/0x300
[ 79.646921][ T4300] kill_block_super+0x7c/0xe0
[ 79.651597][ T4300] deactivate_locked_super+0x93/0xf0
[ 79.656869][ T4300] cleanup_mnt+0x418/0x4d0
[ 79.661273][ T4300] task_work_run+0x125/0x1a0
[ 79.665850][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 79.671211][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 79.676741][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 79.682190][ T4300] do_syscall_64+0x58/0xa0
[ 79.686597][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.692479][ T4300]
[ 79.694798][ T4300] The buggy address belongs to the object at ffff8880742ce2a0
[ 79.694798][ T4300] which belongs to the cache gfs2_quotad of size 272
[ 79.708836][ T4300] The buggy address is located 144 bytes inside of
[ 79.708836][ T4300] 272-byte region [ffff8880742ce2a0, ffff8880742ce3b0)
[ 79.722096][ T4300] The buggy address belongs to the page:
[ 79.727718][ T4300] page:ffffea0001d0b380 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x742ce
[ 79.737862][ T4300] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 79.745406][ T4300] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801dbeddc0
[ 79.753981][ T4300] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
[ 79.762547][ T4300] page dumped because: kasan: bad access detected
[ 79.768941][ T4300] page_owner tracks the page as allocated
[ 79.774636][ T4300] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4322, ts 75656999617, free_ts 75454909364
[ 79.793641][ T4300] get_page_from_freelist+0x1b77/0x1c60
[ 79.799195][ T4300] __alloc_pages+0x1e1/0x470
[ 79.803779][ T4300] new_slab+0xc0/0x4b0
[ 79.807839][ T4300] ___slab_alloc+0x81e/0xdf0
[ 79.812416][ T4300] kmem_cache_alloc+0x195/0x290
[ 79.817256][ T4300] qd_alloc+0x50/0x260
[ 79.821398][ T4300] gfs2_quota_init+0x730/0xe80
[ 79.826151][ T4300] gfs2_make_fs_rw+0x3f5/0x560
[ 79.830913][ T4300] gfs2_fill_super+0x188a/0x1f50
[ 79.835863][ T4300] get_tree_bdev+0x3f1/0x610
[ 79.840449][ T4300] gfs2_get_tree+0x4d/0x1e0
[ 79.844938][ T4300] vfs_get_tree+0x88/0x270
[ 79.849351][ T4300] do_new_mount+0x24a/0xa40
[ 79.853893][ T4300] __se_sys_mount+0x2d6/0x3c0
[ 79.858570][ T4300] do_syscall_64+0x4c/0xa0
[ 79.862976][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.868860][ T4300] page last free stack trace:
[ 79.873536][ T4300] free_unref_page_prepare+0x637/0x6c0
[ 79.878986][ T4300] free_unref_page+0x94/0x280
[ 79.883675][ T4300] __unfreeze_partials+0x1a5/0x200
[ 79.888777][ T4300] put_cpu_partial+0x12d/0x190
[ 79.893527][ T4300] qlist_free_all+0x35/0x90
[ 79.898015][ T4300] kasan_quarantine_reduce+0x150/0x160
[ 79.903466][ T4300] __kasan_slab_alloc+0x2f/0xd0
[ 79.908304][ T4300] slab_post_alloc_hook+0x4c/0x380
[ 79.913400][ T4300] kmem_cache_alloc+0x100/0x290
[ 79.918237][ T4300] getname_flags+0xb5/0x500
[ 79.922724][ T4300] user_path_at_empty+0x2a/0x190
[ 79.927646][ T4300] vfs_statx+0x102/0x4d0
[ 79.931875][ T4300] __x64_sys_newfstatat+0x12c/0x1b0
[ 79.937076][ T4300] do_syscall_64+0x4c/0xa0
[ 79.941505][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.947392][ T4300]
[ 79.949702][ T4300] Memory state around the buggy address:
[ 79.955317][ T4300] ffff8880742ce200: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 79.963362][ T4300] ffff8880742ce280: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
[ 79.971418][ T4300] >ffff8880742ce300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 79.979464][ T4300] ^
[ 79.985080][ T4300] ffff8880742ce380: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 79.993150][ T4300] ffff8880742ce400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 80.001194][ T4300] ==================================================================
[ 80.009234][ T4300] Disabling lock debugging due to kernel taint
[ 80.016547][ T4300] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 80.023773][ T4300] CPU: 1 PID: 4300 Comm: syz-executor Tainted: G B syzkaller #0
[ 80.032724][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 80.042769][ T4300] Call Trace:
[ 80.046040][ T4300]
[ 80.048982][ T4300] dump_stack_lvl+0x168/0x230
[ 80.053652][ T4300] ? show_regs_print_info+0x20/0x20
[ 80.058834][ T4300] ? load_image+0x3b0/0x3b0
[ 80.063325][ T4300] panic+0x2c9/0x7f0
[ 80.067203][ T4300] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 80.073346][ T4300] ? bpf_jit_dump+0xd0/0xd0
[ 80.077836][ T4300] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 80.083711][ T4300] ? _raw_spin_unlock+0x40/0x40
[ 80.088565][ T4300] ? qd_unlock+0x30/0x2d0
[ 80.092880][ T4300] check_panic_on_warn+0x80/0xa0
[ 80.097804][ T4300] ? qd_unlock+0x30/0x2d0
[ 80.102140][ T4300] end_report+0x6d/0xf0
[ 80.106281][ T4300] kasan_report+0x102/0x130
[ 80.110769][ T4300] ? qd_unlock+0x30/0x2d0
[ 80.115087][ T4300] kasan_check_range+0x27b/0x290
[ 80.120021][ T4300] qd_unlock+0x30/0x2d0
[ 80.124204][ T4300] gfs2_quota_sync+0x5bf/0x6f0
[ 80.128954][ T4300] gfs2_sync_fs+0x48/0xb0
[ 80.133267][ T4300] sync_filesystem+0xe6/0x220
[ 80.137929][ T4300] generic_shutdown_super+0x6b/0x300
[ 80.143203][ T4300] kill_block_super+0x7c/0xe0
[ 80.147964][ T4300] deactivate_locked_super+0x93/0xf0
[ 80.153281][ T4300] cleanup_mnt+0x418/0x4d0
[ 80.157702][ T4300] ? lockdep_hardirqs_on+0x94/0x140
[ 80.162913][ T4300] task_work_run+0x125/0x1a0
[ 80.167512][ T4300] exit_to_user_mode_loop+0x10f/0x130
[ 80.172894][ T4300] exit_to_user_mode_prepare+0xee/0x180
[ 80.178442][ T4300] syscall_exit_to_user_mode+0x16/0x40
[ 80.183888][ T4300] do_syscall_64+0x58/0xa0
[ 80.188301][ T4300] ? clear_bhb_loop+0x30/0x80
[ 80.192965][ T4300] ? clear_bhb_loop+0x30/0x80
[ 80.197625][ T4300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 80.203502][ T4300] RIP: 0033:0x7f79a7988a77
[ 80.207903][ T4300] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 80.227495][ T4300] RSP: 002b:00007ffd0d74e7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 80.235897][ T4300] RAX: 0000000000000000 RBX: 00007f79a7a0bd7d RCX: 00007f79a7988a77
[ 80.243859][ T4300] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0d74e8a0
[ 80.251834][ T4300] RBP: 00007ffd0d74e8a0 R08: 0000000000000000 R09: 0000000000000000
[ 80.259814][ T4300] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0d74f930
[ 80.267771][ T4300] R13: 00007f79a7a0bd7d R14: 000000000001326f R15: 00007ffd0d74f970
[ 80.275732][ T4300]
[ 80.279029][ T4300] Kernel Offset: disabled
[ 80.283344][ T4300] Rebooting in 86400 seconds..