Warning: Permanently added '10.128.0.240' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs syzkaller login: [ 33.355666][ T4324] cgroup: Unknown subsys name 'net' [ 33.632023][ T4324] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.903863][ T4324] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 38.032675][ T4353] chnl_net:caif_netlink_parms(): no params data found [ 38.049750][ T4353] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.050853][ T4353] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.052317][ T4353] device bridge_slave_0 entered promiscuous mode [ 38.056231][ T4353] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.057364][ T4353] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.058841][ T4353] device bridge_slave_1 entered promiscuous mode [ 38.067422][ T4353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.069926][ T4353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.077014][ T4353] team0: Port device team_slave_0 added [ 38.079193][ T4353] team0: Port device team_slave_1 added [ 38.085028][ T4353] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.086113][ T4353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.090060][ T4353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.092502][ T4353] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.093602][ T4353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.097256][ T4353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.130518][ T4353] device hsr_slave_0 entered promiscuous mode [ 38.189667][ T4353] device hsr_slave_1 entered promiscuous mode [ 38.263425][ T4353] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.292333][ T4353] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.362574][ T4353] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.390709][ T4353] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.438930][ T4353] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.440113][ T4353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.441470][ T4353] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.442580][ T4353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.460630][ T4353] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.464810][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.467138][ T468] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.469055][ T468] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.475188][ T4353] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.478615][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.480275][ T468] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.481451][ T468] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.490344][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.491802][ T216] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.492885][ T216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.494672][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.497534][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.499006][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.504477][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.507190][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.510879][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.587912][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 38.589243][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 38.591767][ T4353] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.597522][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.604394][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.605979][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.607270][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.610272][ T4353] device veth0_vlan entered promiscuous mode [ 38.613708][ T4353] device veth1_vlan entered promiscuous mode [ 38.620983][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 38.622586][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 38.624341][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.626549][ T4353] device veth0_macvtap entered promiscuous mode [ 38.628784][ T4353] device veth1_macvtap entered promiscuous mode [ 38.635502][ T4353] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.638036][ T4353] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.639592][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.641227][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.642727][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 38.646559][ T4353] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.647856][ T4353] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.649172][ T4353] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.651367][ T4353] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.736871][ T4377] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 38.738342][ T4377] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.748243][ T4377] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.750254][ T4377] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.751729][ T4377] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 38.753311][ T4377] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.981946][ T468] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.983205][ T468] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.985731][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 38.994133][ T468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.995355][ T468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.997071][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:00:39 executed programs: 0 [ 39.647433][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.648908][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.651306][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.654971][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.656444][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 39.657682][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 39.711584][ T4423] chnl_net:caif_netlink_parms(): no params data found [ 39.729764][ T4423] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.730963][ T4423] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.732569][ T4423] device bridge_slave_0 entered promiscuous mode [ 39.734707][ T4423] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.735860][ T4423] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.737452][ T4423] device bridge_slave_1 entered promiscuous mode [ 39.746427][ T4423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.748910][ T4423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.759848][ T4423] team0: Port device team_slave_0 added [ 39.762397][ T4423] team0: Port device team_slave_1 added [ 39.768777][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.770103][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.773700][ T4423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.776299][ T4423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.777303][ T4423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.781394][ T4423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.840569][ T4423] device hsr_slave_0 entered promiscuous mode [ 39.879645][ T4423] device hsr_slave_1 entered promiscuous mode [ 39.919495][ T4423] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.920808][ T4423] Cannot create hsr debugfs directory [ 40.110690][ T4423] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.679722][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 42.560769][ T4423] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.759399][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 44.150605][ T4423] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.241430][ T4423] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.473373][ T4423] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 44.581204][ T4423] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 44.620466][ T4423] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 44.740961][ T4423] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 44.860942][ T4423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.864289][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.865798][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.868238][ T4423] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.870982][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.872645][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.874131][ T468] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.875202][ T468] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.876816][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.911941][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.913594][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.915122][ T468] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.916249][ T468] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.918668][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.922892][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.925461][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.927320][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.928766][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.931540][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.933037][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.935472][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.936864][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.939247][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.940744][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.942959][ T4423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.044078][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 45.045403][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 45.048678][ T4423] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.054464][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 45.056067][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.061829][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 45.063281][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 45.064847][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 45.066172][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 45.068235][ T4423] device veth0_vlan entered promiscuous mode [ 45.113074][ T4423] device veth1_vlan entered promiscuous mode [ 45.119343][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 45.120971][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 45.122429][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 45.123845][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 45.126392][ T4423] device veth0_macvtap entered promiscuous mode [ 45.128475][ T4423] device veth1_macvtap entered promiscuous mode [ 45.133480][ T4423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.135031][ T4423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.136893][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.137980][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 45.140597][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 45.141964][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 45.143579][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.145868][ T4423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.147552][ T4423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.151174][ T4423] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.152371][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 45.153963][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.156304][ T4423] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.157741][ T4423] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.159259][ T4423] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.161113][ T4423] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.179714][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.180984][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.182977][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 45.187970][ T468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.189108][ T468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.191263][ T468] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 45.360052][ T4457] loop0: detected capacity change from 0 to 32768 [ 45.365313][ T4457] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 45.366548][ T4457] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 45.377203][ T4457] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 45.380619][ T14] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 45.381727][ T14] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 45.400262][ T14] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 18ms [ 45.401885][ T14] gfs2: fsid=syz:syz.0: jid=0: Done [ 45.402893][ T4457] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 45.506933][ T4423] ------------[ cut here ]------------ [ 45.507905][ T4423] WARNING: CPU: 0 PID: 4423 at include/linux/backing-dev.h:247 __folio_mark_dirty+0x8a0/0xce0 [ 45.509387][ T4423] Modules linked in: [ 45.509904][ T4423] CPU: 0 PID: 4423 Comm: syz-executor Not tainted syzkaller #0 [ 45.511028][ T4423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 45.512432][ T4423] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 45.513601][ T4423] pc : __folio_mark_dirty+0x8a0/0xce0 [ 45.514376][ T4423] lr : __folio_mark_dirty+0x8a0/0xce0 [ 45.515232][ T4423] sp : ffff8000211c75e0 [ 45.515923][ T4423] x29: ffff8000211c7600 x28: 1fffff80006aec68 x27: dfff800000000000 [ 45.517241][ T4423] x26: 0000000000000000 x25: ffff0000c049c990 x24: 0000000000000001 [ 45.518441][ T4423] x23: 0000000000000000 x22: fffffc0003576348 x21: 1fffe00018093932 [ 45.519680][ T4423] x20: ffff0000dba7e250 x19: fffffc0003576340 x18: ffff800011abbcc0 [ 45.520817][ T4423] x17: ffff8000181f9000 x16: ffff8000082d10fc x15: ffff800017cda000 [ 45.522115][ T4423] x14: ffff0000d6f48a98 x13: ffff0000d6f48b10 x12: 0000000000ff0100 [ 45.523231][ T4423] x11: ff008000086fbd44 x10: 0000000000000000 x9 : ffff8000086fbd44 [ 45.524469][ T4423] x8 : ffff0000d6f48000 x7 : 0000000000000000 x6 : 0000000000000000 [ 45.525680][ T4423] x5 : 0000000000000020 x4 : 0000000000000000 x3 : ffff800008a46b60 [ 45.526919][ T4423] x2 : ffff0000cee54060 x1 : 0000000000000000 x0 : 0000000000000000 [ 45.528120][ T4423] Call trace: [ 45.528627][ T4423] __folio_mark_dirty+0x8a0/0xce0 [ 45.529332][ T4423] mark_buffer_dirty+0x2b8/0x5cc [ 45.530072][ T4423] gfs2_unpin+0x120/0x914 [ 45.530749][ T4423] buf_lo_after_commit+0x140/0x188 [ 45.531473][ T4423] gfs2_log_flush+0xbc8/0x1aa0 [ 45.532200][ T4423] gfs2_kill_sb+0x5c/0xd4 [ 45.532825][ T4423] deactivate_locked_super+0xac/0x124 [ 45.533706][ T4423] deactivate_super+0xe8/0x108 [ 45.534495][ T4423] cleanup_mnt+0x37c/0x404 [ 45.535202][ T4423] __cleanup_mnt+0x20/0x30 [ 45.535889][ T4423] task_work_run+0x1ec/0x270 [ 45.536630][ T4423] get_signal+0x1120/0x1310 [ 45.537343][ T4423] do_notify_resume+0x34c/0x2b28 [ 45.538111][ T4423] el0_svc+0x98/0x138 [ 45.538838][ T4423] el0t_64_sync_handler+0x84/0xf0 [ 45.539728][ T4423] el0t_64_sync+0x18c/0x190 [ 45.540489][ T4423] irq event stamp: 168370 [ 45.541191][ T4423] hardirqs last enabled at (168369): [] folio_memcg_lock+0xe8/0x1fc [ 45.542670][ T4423] hardirqs last disabled at (168370): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 45.544240][ T4423] softirqs last enabled at (168118): [] local_bh_enable+0x10/0x34 [ 45.545786][ T4423] softirqs last disabled at (168116): [] local_bh_disable+0x10/0x34 [ 45.547257][ T4423] ---[ end trace 0000000000000000 ]--- [ 45.550490][ T4423] ------------[ cut here ]------------ [ 45.551328][ T4423] WARNING: CPU: 1 PID: 4423 at include/linux/backing-dev.h:247 __folio_start_writeback+0x868/0xa68 [ 45.552855][ T4423] Modules linked in: [ 45.553408][ T4423] CPU: 1 PID: 4423 Comm: syz-executor Tainted: G W syzkaller #0 [ 45.554852][ T4423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 45.556485][ T4423] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 45.557718][ T4423] pc : __folio_start_writeback+0x868/0xa68 [ 45.558688][ T4423] lr : __folio_start_writeback+0x868/0xa68 [ 45.559604][ T4423] sp : ffff8000211c7080 [ 45.560244][ T4423] x29: ffff8000211c7160 x28: dfff800000000000 x27: 0000000000000000 [ 45.561592][ T4423] x26: ffff700004238e18 x25: 0000000000000000 x24: ffff0000dba7e250 [ 45.562885][ T4423] x23: ffff8000211c70e0 x22: ffff0000c049c7e8 x21: 0000000000000001 [ 45.564173][ T4423] x20: fffffc0003576348 x19: fffffc0003576340 x18: ffff800011abbcc0 [ 45.565310][ T4423] x17: ffff8000181f9000 x16: ffff8000082d10fc x15: 0000000000000000 [ 45.566560][ T4423] x14: 0000000000000406 x13: 1ffff00002a180b1 x12: 0000000000ff0100 [ 45.567797][ T4423] x11: ff008000086fe25c x10: 0000000000000000 x9 : ffff8000086fe25c [ 45.568995][ T4423] x8 : ffff0000d6f48000 x7 : ffff8000086fdcdc x6 : 0000000000000000 [ 45.570200][ T4423] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff8000086fdd1c [ 45.571482][ T4423] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 45.572839][ T4423] Call trace: [ 45.573386][ T4423] __folio_start_writeback+0x868/0xa68 [ 45.574308][ T4423] set_page_writeback+0x5c/0x7c [ 45.575112][ T4423] gfs2_aspace_writepage+0x520/0x6e8 [ 45.576011][ T4423] __gfs2_writepage+0x70/0x18c [ 45.576801][ T4423] write_cache_pages+0x73c/0xdd4 [ 45.577524][ T4423] gfs2_ail1_flush+0x7c0/0xa00 [ 45.578227][ T4423] empty_ail1_list+0x110/0x1ec [ 45.578920][ T4423] gfs2_log_flush+0x1258/0x1aa0 [ 45.579668][ T4423] gfs2_kill_sb+0x5c/0xd4 [ 45.580268][ T4423] deactivate_locked_super+0xac/0x124 [ 45.581137][ T4423] deactivate_super+0xe8/0x108 [ 45.581828][ T4423] cleanup_mnt+0x37c/0x404 [ 45.582459][ T4423] __cleanup_mnt+0x20/0x30 [ 45.583134][ T4423] task_work_run+0x1ec/0x270 [ 45.583770][ T4423] get_signal+0x1120/0x1310 [ 45.584491][ T4423] do_notify_resume+0x34c/0x2b28 [ 45.585290][ T4423] el0_svc+0x98/0x138 [ 45.585961][ T4423] el0t_64_sync_handler+0x84/0xf0 [ 45.586713][ T4423] el0t_64_sync+0x18c/0x190 [ 45.587419][ T4423] irq event stamp: 168444 [ 45.588046][ T4423] hardirqs last enabled at (168443): [] folio_memcg_lock+0xe8/0x1fc [ 45.589523][ T4423] hardirqs last disabled at (168444): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 45.591016][ T4423] softirqs last enabled at (168400): [] handle_softirqs+0xaf8/0xc6c [ 45.592417][ T4423] softirqs last disabled at (168373): [] __do_softirq+0x14/0x20 [ 45.593734][ T4423] ---[ end trace 0000000000000000 ]--- [ 45.598958][ C1] ------------[ cut here ]------------ [ 45.599872][ C1] WARNING: CPU: 1 PID: 21 at include/linux/backing-dev.h:247 __folio_end_writeback+0x7d4/0x9e0 [ 45.601231][ C1] Modules linked in: [ 45.601777][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Tainted: G W syzkaller #0 [ 45.603002][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 45.604534][ C1] pstate: 424000c5 (nZcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 45.605708][ C1] pc : __folio_end_writeback+0x7d4/0x9e0 [ 45.606517][ C1] lr : __folio_end_writeback+0x7d4/0x9e0 [ 45.607359][ C1] sp : ffff80001c937960 [ 45.607908][ C1] x29: ffff80001c937980 x28: dfff800000000000 x27: ffff0000c049c7e8 [ 45.609150][ C1] x26: 0000000000000000 x25: 05ffd60000002052 x24: 1fffff8000653a48 [ 45.610376][ C1] x23: 0000000000000001 x22: ffff0000dba7c2a0 x21: ffff0000dba7c2a8 [ 45.611520][ C1] x20: 0000000000000001 x19: fffffc000329d240 x18: ffff800011abbcc0 [ 45.612662][ C1] x17: 1fffe00033edbb7e x16: ffff8000082d10fc x15: 0000000000000000 [ 45.613836][ C1] x14: 0000000000000002 x13: 1ffff00002a180b1 x12: 0000000000ff0100 [ 45.615043][ C1] x11: ff008000086fd7e8 x10: 0000000000000000 x9 : ffff8000086fd7e8 [ 45.616236][ C1] x8 : ffff0000c0a51bc0 x7 : 0000000000000000 x6 : 0000000000000000 [ 45.617406][ C1] x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000010 [ 45.618606][ C1] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 [ 45.619767][ C1] Call trace: [ 45.620263][ C1] __folio_end_writeback+0x7d4/0x9e0 [ 45.621065][ C1] folio_end_writeback+0x12c/0x41c [ 45.621810][ C1] end_page_writeback+0x58/0x74 [ 45.622589][ C1] end_buffer_async_write+0x32c/0x508 [ 45.623361][ C1] end_bio_bh_io_sync+0xb0/0x1e0 [ 45.624080][ C1] bio_endio+0x770/0x7b4 [ 45.624734][ C1] blk_update_request+0x49c/0xbec [ 45.625520][ C1] blk_mq_end_request+0x54/0x88 [ 45.626297][ C1] lo_complete_rq+0x1ec/0x250 [ 45.627039][ C1] blk_done_softirq+0x11c/0x168 [ 45.627840][ C1] handle_softirqs+0x318/0xc6c [ 45.628720][ C1] run_ksoftirqd+0x7c/0x2a0 [ 45.629501][ C1] smpboot_thread_fn+0x4b0/0x964 [ 45.630290][ C1] kthread+0x250/0x2d8 [ 45.630927][ C1] ret_from_fork+0x10/0x20 [ 45.631643][ C1] irq event stamp: 360103 [ 45.632351][ C1] hardirqs last enabled at (360102): [] folio_memcg_lock+0xe8/0x1fc [ 45.633816][ C1] hardirqs last disabled at (360103): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 45.635218][ C1] softirqs last enabled at (360092): [] handle_softirqs+0xaf8/0xc6c [ 45.636603][ C1] softirqs last disabled at (360097): [] run_ksoftirqd+0x7c/0x2a0 [ 45.637999][ C1] ---[ end trace 0000000000000000 ]---