Warning: Permanently added '10.128.1.120' (ED25519) to the list of known hosts.
2026/02/24 22:29:16 parsed 1 programs
[   54.145825][ T4188] cgroup: Unknown subsys name 'net'
[   54.280132][ T4188] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   55.504654][ T4188] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   57.720185][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.731952][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.749689][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   57.765126][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.772996][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.781613][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   58.683976][ T4252] chnl_net:caif_netlink_parms(): no params data found
[   58.756351][ T4252] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.767691][ T4252] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.775980][ T4252] device bridge_slave_0 entered promiscuous mode
[   58.803401][ T4252] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.810769][ T4252] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.819936][ T4252] device bridge_slave_1 entered promiscuous mode
[   58.844739][ T4252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.856477][ T4252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.896169][ T4252] team0: Port device team_slave_0 added
[   58.903928][ T4252] team0: Port device team_slave_1 added
[   58.920041][ T4252] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.927017][ T4252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.953177][ T4252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.966505][ T4252] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.973450][ T4252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.999493][ T4252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.025308][ T4252] device hsr_slave_0 entered promiscuous mode
[   59.031897][ T4252] device hsr_slave_1 entered promiscuous mode
[   59.108128][ T4252] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.118353][ T4252] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.128059][ T4252] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.136900][ T4252] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.156973][ T4252] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.164121][ T4252] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.200875][ T4252] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.218050][ T1171] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.227740][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   59.237771][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   59.246656][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.258047][ T4252] 8021q: adding VLAN 0 to HW filter on device team0
[   59.284569][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   59.293609][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.302436][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.309513][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.327177][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   59.336391][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.343450][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.357293][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   59.366673][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   59.381169][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   59.395102][ T4252] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   59.405892][ T4252] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   59.418610][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   59.428023][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   59.436697][ T1171] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   59.531630][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   59.539795][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   59.553795][ T4252] 8021q: adding VLAN 0 to HW filter on device batadv0
[   59.591727][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.609552][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   59.618109][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   59.627277][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   59.638247][ T4252] device veth0_vlan entered promiscuous mode
[   59.663008][ T4252] device veth1_vlan entered promiscuous mode
[   59.680387][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   59.689274][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   59.697926][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.708174][ T4252] device veth0_macvtap entered promiscuous mode
[   59.718999][ T4252] device veth1_macvtap entered promiscuous mode
[   59.748899][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   59.761235][ T4252] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.773022][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.782043][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.793926][ T4252] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.802550][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   59.811236][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.821901][ T4252] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.830885][ T4252] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.839635][ T4252] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.849319][ T4252] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.951507][ T4252] syz-executor (4252) used greatest stack depth: 21136 bytes left
2026/02/24 22:29:24 executed programs: 0
[   60.849847][ T4295] chnl_net:caif_netlink_parms(): no params data found
[   60.906633][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.913786][ T4295] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.923147][ T4295] device bridge_slave_0 entered promiscuous mode
[   60.931588][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.939351][ T4295] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.947565][ T4295] device bridge_slave_1 entered promiscuous mode
[   60.971949][ T4295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.984676][ T4295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.010292][ T4295] team0: Port device team_slave_0 added
[   61.018893][ T4295] team0: Port device team_slave_1 added
[   61.038903][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.046193][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.072157][ T4295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.090148][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.097257][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.123465][ T4295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.160064][ T4295] device hsr_slave_0 entered promiscuous mode
[   61.166998][ T4295] device hsr_slave_1 entered promiscuous mode
[   61.173655][ T4295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   61.184113][ T4295] Cannot create hsr debugfs directory
[   61.270016][ T4295] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.805898][ T4259] Bluetooth: hci0: command 0x0409 tx timeout
[   63.890925][ T4295] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.742369][ T4295] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.821943][ T4295] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.885011][ T4273] Bluetooth: hci0: command 0x041b tx timeout
[   64.972328][ T4295] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.982127][ T4295] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   64.992222][ T4295] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.000899][ T4295] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.049704][ T4295] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.074433][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.082266][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.092472][ T4295] 8021q: adding VLAN 0 to HW filter on device team0
[   65.114109][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.123014][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.132458][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.139559][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.147793][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.157940][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.167117][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.175674][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.182740][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.194467][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.215271][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.227683][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.236661][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.247471][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.257901][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.267579][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.285846][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.295012][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.307101][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.316558][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.330098][  T154] device hsr_slave_0 left promiscuous mode
[   65.337170][  T154] device hsr_slave_1 left promiscuous mode
[   65.344394][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.352062][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.360692][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.368377][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.376434][  T154] device bridge_slave_1 left promiscuous mode
[   65.383295][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.396415][  T154] device bridge_slave_0 left promiscuous mode
[   65.402611][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.419388][  T154] device veth1_macvtap left promiscuous mode
[   65.425746][  T154] device veth0_macvtap left promiscuous mode
[   65.431765][  T154] device veth1_vlan left promiscuous mode
[   65.437740][  T154] device veth0_vlan left promiscuous mode
[   65.564642][  T154] team0 (unregistering): Port device team_slave_1 removed
[   65.576388][  T154] team0 (unregistering): Port device team_slave_0 removed
[   65.589126][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   65.602494][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   65.652870][  T154] bond0 (unregistering): Released all slaves
[   65.698911][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.784540][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.792400][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.807506][ T4295] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.822091][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   65.832298][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   65.852894][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   65.862274][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   65.871121][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   65.879555][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   65.889171][ T4295] device veth0_vlan entered promiscuous mode
[   65.900105][ T4295] device veth1_vlan entered promiscuous mode
[   65.919872][ T4295] device veth0_macvtap entered promiscuous mode
[   65.927480][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   65.937006][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   65.945313][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   65.953789][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   65.963874][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   65.972866][ T4295] device veth1_macvtap entered promiscuous mode
[   65.989290][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.997872][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   66.006365][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.016540][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.027582][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.035285][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.043824][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   66.054996][ T4295] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.063982][ T4295] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.073086][ T4295] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.082034][ T4295] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.132292][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.146603][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.156551][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.180753][ T1544] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.190229][ T1544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.199031][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   66.546531][ T4308] loop0: detected capacity change from 0 to 32768
[   66.574680][ T4308] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   66.595547][ T4308] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   66.624221][ T4308] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   66.636603][ T4275] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   66.643519][ T4275] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   66.673699][ T4275] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 30ms
[   66.684246][ T4275] gfs2: fsid=syz:syz.0: jid=0: Done
[   66.691417][ T4308] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   66.796346][ T4308] gfs2: fsid=syz:syz.0: found 1 quota changes
[   66.827734][ T4295] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[   66.827734][ T4295]   inode = 11 2339
[   66.827734][ T4295]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 465
[   66.856061][ T4295] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   66.881643][ T4295] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[   66.906653][ T4295] CPU: 0 PID: 4295 Comm: syz-executor Not tainted syzkaller #0
[   66.914232][ T4295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   66.924352][ T4295] Call Trace:
[   66.927654][ T4295]  <TASK>
[   66.930588][ T4295]  dump_stack_lvl+0x188/0x250
[   66.935294][ T4295]  ? show_regs_print_info+0x20/0x20
[   66.940515][ T4295]  ? load_image+0x400/0x400
[   66.945042][ T4295]  ? do_raw_spin_unlock+0x11d/0x230
[   66.950250][ T4295]  gfs2_assert_warn_i+0x18f/0x2c0
[   66.955290][ T4295]  gfs2_quota_cleanup+0x4b4/0x6a0
[   66.960325][ T4295]  gfs2_make_fs_ro+0x440/0x620
[   66.965094][ T4295]  ? __might_sleep+0xf0/0xf0
[   66.965575][ T4275] Bluetooth: hci0: command 0x040f tx timeout
[   66.969686][ T4295]  ? gfs2_dinode_out+0xb00/0xb00
[   66.980575][ T4295]  ? _raw_spin_unlock+0x24/0x40
[   66.985601][ T4295]  ? gfs2_glock_nq+0xcb0/0x1550
[   66.990470][ T4295]  gfs2_withdraw+0x610/0x1490
[   66.995160][ T4295]  ? gfs2_lm+0x240/0x240
[   66.999400][ T4295]  ? __schedule+0x11f7/0x43c0
[   67.004084][ T4295]  ? gfs2_freeze_lock+0x52/0xc0
[   67.008945][ T4295]  ? gfs2_consist_inode_i+0xc0/0xe0
[   67.014151][ T4295]  gfs2_inode_refresh+0xb64/0xff0
[   67.019181][ T4295]  ? do_promote+0x71a/0xab0
[   67.023685][ T4295]  ? gfs2_inode_metasync+0xf0/0xf0
[   67.028795][ T4295]  ? __lock_acquire+0x7d10/0x7d10
[   67.033833][ T4295]  inode_go_lock+0x127/0x470
[   67.038469][ T4295]  do_promote+0x741/0xab0
[   67.042816][ T4295]  finish_xmote+0x4df/0xb00
[   67.047330][ T4295]  do_xmote+0x7b6/0x1120
[   67.051619][ T4295]  gfs2_glock_nq+0xc7a/0x1550
[   67.056327][ T4295]  do_sync+0x4ab/0xc40
[   67.060418][ T4295]  ? slot_put+0x1e0/0x1e0
[   67.064750][ T4295]  ? __lock_acquire+0x7d10/0x7d10
[   67.069785][ T4295]  ? do_raw_spin_lock+0x128/0x2f0
[   67.074816][ T4295]  ? do_sync+0x4a3/0xc40
[   67.079062][ T4295]  ? do_raw_spin_unlock+0x11d/0x230
[   67.084270][ T4295]  gfs2_quota_sync+0x32c/0x700
[   67.089044][ T4295]  gfs2_sync_fs+0x48/0xb0
[   67.093383][ T4295]  sync_filesystem+0xe6/0x220
[   67.098068][ T4295]  generic_shutdown_super+0x6b/0x300
[   67.103614][ T4295]  kill_block_super+0x7c/0xe0
[   67.108317][ T4295]  deactivate_locked_super+0x93/0xf0
[   67.113616][ T4295]  cleanup_mnt+0x42d/0x4e0
[   67.118042][ T4295]  ? lockdep_hardirqs_on+0x94/0x140
[   67.123248][ T4295]  task_work_run+0x125/0x1a0
[   67.127853][ T4295]  exit_to_user_mode_loop+0x10f/0x130
[   67.133236][ T4295]  exit_to_user_mode_prepare+0xee/0x180
[   67.138787][ T4295]  syscall_exit_to_user_mode+0x16/0x40
[   67.144250][ T4295]  do_syscall_64+0x58/0xa0
[   67.148769][ T4295]  ? clear_bhb_loop+0x30/0x80
[   67.153457][ T4295]  ? clear_bhb_loop+0x30/0x80
[   67.158150][ T4295]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.164064][ T4295] RIP: 0033:0x7f22e5825897
[   67.168483][ T4295] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   67.188095][ T4295] RSP: 002b:00007ffea0aae908 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   67.196520][ T4295] RAX: 0000000000000000 RBX: 00007f22e58b9ef0 RCX: 00007f22e5825897
[   67.204496][ T4295] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea0aae9c0
[   67.212467][ T4295] RBP: 00007ffea0aae9c0 R08: 00007ffea0aaf9c0 R09: 00000000ffffffff
[   67.220447][ T4295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea0aafa50
[   67.228523][ T4295] R13: 00007f22e58b9ef0 R14: 00000000000102ac R15: 00007ffea0aafa90
[   67.236618][ T4295]  </TASK>
[   67.263827][ T4295] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   67.272691][ T4295] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   67.284446][ T4295] gfs2: fsid=syz:syz.0: File system withdrawn
[   67.292836][ T4295] CPU: 0 PID: 4295 Comm: syz-executor Not tainted syzkaller #0
[   67.300410][ T4295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   67.310469][ T4295] Call Trace:
[   67.313751][ T4295]  <TASK>
[   67.316671][ T4295]  dump_stack_lvl+0x188/0x250
[   67.321342][ T4295]  ? kobject_uevent_env+0x371/0x890
[   67.326528][ T4295]  ? show_regs_print_info+0x20/0x20
[   67.331718][ T4295]  ? load_image+0x400/0x400
[   67.336218][ T4295]  ? kobject_uevent_env+0x371/0x890
[   67.341458][ T4295]  ? lockref_put_or_lock+0x6e/0xb0
[   67.346562][ T4295]  gfs2_withdraw+0x1149/0x1490
[   67.351364][ T4295]  ? gfs2_lm+0x240/0x240
[   67.355596][ T4295]  ? __schedule+0x11f7/0x43c0
[   67.360263][ T4295]  ? gfs2_consist_inode_i+0xc0/0xe0
[   67.365455][ T4295]  gfs2_inode_refresh+0xb64/0xff0
[   67.370469][ T4295]  ? do_promote+0x71a/0xab0
[   67.374955][ T4295]  ? gfs2_inode_metasync+0xf0/0xf0
[   67.380051][ T4295]  ? __lock_acquire+0x7d10/0x7d10
[   67.385065][ T4295]  inode_go_lock+0x127/0x470
[   67.389658][ T4295]  do_promote+0x741/0xab0
[   67.394004][ T4295]  finish_xmote+0x4df/0xb00
[   67.398516][ T4295]  do_xmote+0x7b6/0x1120
[   67.402762][ T4295]  gfs2_glock_nq+0xc7a/0x1550
[   67.407437][ T4295]  do_sync+0x4ab/0xc40
[   67.411510][ T4295]  ? slot_put+0x1e0/0x1e0
[   67.415826][ T4295]  ? __lock_acquire+0x7d10/0x7d10
[   67.420836][ T4295]  ? do_raw_spin_lock+0x128/0x2f0
[   67.425873][ T4295]  ? do_sync+0x4a3/0xc40
[   67.430104][ T4295]  ? do_raw_spin_unlock+0x11d/0x230
[   67.435291][ T4295]  gfs2_quota_sync+0x32c/0x700
[   67.440051][ T4295]  gfs2_sync_fs+0x48/0xb0
[   67.444370][ T4295]  sync_filesystem+0xe6/0x220
[   67.449036][ T4295]  generic_shutdown_super+0x6b/0x300
[   67.454447][ T4295]  kill_block_super+0x7c/0xe0
[   67.459211][ T4295]  deactivate_locked_super+0x93/0xf0
[   67.464492][ T4295]  cleanup_mnt+0x42d/0x4e0
[   67.468897][ T4295]  ? lockdep_hardirqs_on+0x94/0x140
[   67.474085][ T4295]  task_work_run+0x125/0x1a0
[   67.478677][ T4295]  exit_to_user_mode_loop+0x10f/0x130
[   67.484038][ T4295]  exit_to_user_mode_prepare+0xee/0x180
[   67.489572][ T4295]  syscall_exit_to_user_mode+0x16/0x40
[   67.495020][ T4295]  do_syscall_64+0x58/0xa0
[   67.499425][ T4295]  ? clear_bhb_loop+0x30/0x80
[   67.504093][ T4295]  ? clear_bhb_loop+0x30/0x80
[   67.508758][ T4295]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.514636][ T4295] RIP: 0033:0x7f22e5825897
[   67.519172][ T4295] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   67.538866][ T4295] RSP: 002b:00007ffea0aae908 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   67.547276][ T4295] RAX: 0000000000000000 RBX: 00007f22e58b9ef0 RCX: 00007f22e5825897
[   67.555237][ T4295] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea0aae9c0
[   67.563198][ T4295] RBP: 00007ffea0aae9c0 R08: 00007ffea0aaf9c0 R09: 00000000ffffffff
[   67.571246][ T4295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea0aafa50
[   67.579205][ T4295] R13: 00007f22e58b9ef0 R14: 00000000000102ac R15: 00007ffea0aafa90
[   67.587182][ T4295]  </TASK>
[   67.603362][ T4295] ==================================================================
[   67.611654][ T4295] BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0
[   67.618344][ T4295] Read of size 8 at addr ffff8880683f3090 by task syz-executor/4295
[   67.626322][ T4295] 
[   67.628644][ T4295] CPU: 0 PID: 4295 Comm: syz-executor Not tainted syzkaller #0
[   67.636181][ T4295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   67.646255][ T4295] Call Trace:
[   67.649545][ T4295]  <TASK>
[   67.652476][ T4295]  dump_stack_lvl+0x188/0x250
[   67.657170][ T4295]  ? show_regs_print_info+0x20/0x20
[   67.662382][ T4295]  ? _printk+0xda/0x130
[   67.666545][ T4295]  ? qd_unlock+0x30/0x2d0
[   67.670901][ T4295]  ? load_image+0x400/0x400
[   67.675520][ T4295]  ? _raw_spin_lock_irqsave+0xbc/0x100
[   67.681019][ T4295]  print_address_description+0x60/0x2d0
[   67.686579][ T4295]  ? qd_unlock+0x30/0x2d0
[   67.690930][ T4295]  kasan_report+0xdf/0x130
[   67.695355][ T4295]  ? qd_unlock+0x30/0x2d0
[   67.699697][ T4295]  kasan_check_range+0x235/0x290
[   67.704640][ T4295]  qd_unlock+0x30/0x2d0
[   67.708799][ T4295]  gfs2_quota_sync+0x5cf/0x700
[   67.713580][ T4295]  gfs2_sync_fs+0x48/0xb0
[   67.717919][ T4295]  sync_filesystem+0xe6/0x220
[   67.722707][ T4295]  generic_shutdown_super+0x6b/0x300
[   67.728006][ T4295]  kill_block_super+0x7c/0xe0
[   67.732687][ T4295]  deactivate_locked_super+0x93/0xf0
[   67.738063][ T4295]  cleanup_mnt+0x42d/0x4e0
[   67.742500][ T4295]  ? lockdep_hardirqs_on+0x94/0x140
[   67.747715][ T4295]  task_work_run+0x125/0x1a0
[   67.752337][ T4295]  exit_to_user_mode_loop+0x10f/0x130
[   67.757715][ T4295]  exit_to_user_mode_prepare+0xee/0x180
[   67.763268][ T4295]  syscall_exit_to_user_mode+0x16/0x40
[   67.768737][ T4295]  do_syscall_64+0x58/0xa0
[   67.773158][ T4295]  ? clear_bhb_loop+0x30/0x80
[   67.777834][ T4295]  ? clear_bhb_loop+0x30/0x80
[   67.782692][ T4295]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.788588][ T4295] RIP: 0033:0x7f22e5825897
[   67.793008][ T4295] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   67.812621][ T4295] RSP: 002b:00007ffea0a