loop3: rw=1, want=16778992, limit=32768
gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
gfs2: fsid=syz:syz.0: fatal: I/O error(s)
gfs2: fsid=syz:syz.0: about to withdraw this file system
BUG: sleeping function called from invalid context at fs/gfs2/glock.c:1281
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4295, name: syz.3.21
5 locks held by syz.3.21/4295:
 #0: ffff0000d7f34460 (sb_writers#16){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:377
 #1: ffff0000de388150 (&type->i_mutex_dir_key#11){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff0000de388150 (&type->i_mutex_dir_key#11){+.+.}-{3:3}, at: open_last_lookups fs/namei.c:3529 [inline]
 #1: ffff0000de388150 (&type->i_mutex_dir_key#11){+.+.}-{3:3}, at: path_openat+0x640/0x26cc fs/namei.c:3739
 #2: ffff0000d7f34650 (sb_internal#4){.+.+}-{0:0}, at: gfs2_trans_begin+0x128/0x1cc fs/gfs2/trans.c:118
 #3: ffff0000d7ced0a8 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xbc/0x21d4 fs/gfs2/log.c:1035
 #4: ffff0000d7ceced0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
 #4: ffff0000d7ceced0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline]
 #4: ffff0000d7ceced0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:806
Preemption disabled at:
[<ffff80000a336f28>] spin_lock include/linux/spinlock.h:363 [inline]
[<ffff80000a336f28>] gfs2_log_lock fs/gfs2/log.h:32 [inline]
[<ffff80000a336f28>] gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:806
CPU: 1 PID: 4295 Comm: syz.3.21 Not tainted 5.15.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 ___might_sleep+0x380/0x4dc kernel/sched/core.c:9638
 __might_sleep+0x98/0xf0 kernel/sched/core.c:9592
 gfs2_glock_wait fs/gfs2/glock.c:1281 [inline]
 gfs2_glock_nq+0xac8/0x144c fs/gfs2/glock.c:1538
 gfs2_glock_nq_init fs/gfs2/glock.h:246 [inline]
 gfs2_freeze_lock+0x64/0xd8 fs/gfs2/util.c:107
 signal_our_withdraw fs/gfs2/util.c:160 [inline]
 gfs2_withdraw+0x4b0/0x12a4 fs/gfs2/util.c:343
 gfs2_ail1_empty+0x758/0x7e8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x958/0x21d4 fs/gfs2/log.c:1094
 gfs2_trans_end+0x300/0x4cc fs/gfs2/trans.c:158
 alloc_dinode+0x33c/0x478 fs/gfs2/inode.c:419
 gfs2_create_inode+0xbe0/0x14c4 fs/gfs2/inode.c:720
 gfs2_atomic_open+0xd8/0x1c4 fs/gfs2/inode.c:1295
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xc54/0x26cc fs/namei.c:3739
 do_filp_open+0x1a8/0x3b4 fs/namei.c:3769
 do_sys_openat2+0x128/0x3e0 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584

=============================
[ BUG: Invalid wait context ]
5.15.179-syzkaller #0 Tainted: G        W        
-----------------------------
syz.3.21/4295 is trying to lock:
ffff0000c682b488 (&wq->mutex){+.+.}-{3:3}, at: flush_workqueue+0x170/0x11c4 kernel/workqueue.c:2833
other info that might help us debug this:
context-{4:4}
5 locks held by syz.3.21/4295:
 #0: ffff0000d7f34460 (sb_writers#16){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:377
 #1: ffff0000de388150 (&type->i_mutex_dir_key#11){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff0000de388150 (&type->i_mutex_dir_key#11){+.+.}-{3:3}, at: open_last_lookups fs/namei.c:3529 [inline]
 #1: ffff0000de388150 (&type->i_mutex_dir_key#11){+.+.}-{3:3}, at: path_openat+0x640/0x26cc fs/namei.c:3739
 #2: ffff0000d7f34650 (sb_internal#4){.+.+}-{0:0}, at: gfs2_trans_begin+0x128/0x1cc fs/gfs2/trans.c:118
 #3: ffff0000d7ced0a8 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xbc/0x21d4 fs/gfs2/log.c:1035
 #4: ffff0000d7ceced0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
 #4: ffff0000d7ceced0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline]
 #4: ffff0000d7ceced0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:806
stack backtrace:
CPU: 1 PID: 4295 Comm: syz.3.21 Tainted: G        W         5.15.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4664 [inline]
 check_wait_context kernel/locking/lockdep.c:4725 [inline]
 __lock_acquire+0x1af0/0x7638 kernel/locking/lockdep.c:4962
 lock_acquire+0x240/0x77c kernel/locking/lockdep.c:5623
 __mutex_lock_common+0x194/0x2154 kernel/locking/mutex.c:596
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743
 flush_workqueue+0x170/0x11c4 kernel/workqueue.c:2833
 gfs2_flush_delete_work+0x34/0x44 fs/gfs2/glock.c:2108
 gfs2_make_fs_ro+0xb4/0x554 fs/gfs2/super.c:529
 signal_our_withdraw fs/gfs2/util.c:166 [inline]
 gfs2_withdraw+0x4ec/0x12a4 fs/gfs2/util.c:343
 gfs2_ail1_empty+0x758/0x7e8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x958/0x21d4 fs/gfs2/log.c:1094
 gfs2_trans_end+0x300/0x4cc fs/gfs2/trans.c:158
 alloc_dinode+0x33c/0x478 fs/gfs2/inode.c:419
 gfs2_create_inode+0xbe0/0x14c4 fs/gfs2/inode.c:720
 gfs2_atomic_open+0xd8/0x1c4 fs/gfs2/inode.c:1295
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xc54/0x26cc fs/namei.c:3739
 do_filp_open+0x1a8/0x3b4 fs/namei.c:3769
 do_sys_openat2+0x128/0x3e0 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
BUG: scheduling while atomic: syz.3.21/4295/0x00000002
INFO: lockdep is turned off.
Modules linked in:
Preemption disabled at:
[<ffff80000a336f28>] spin_lock include/linux/spinlock.h:363 [inline]
[<ffff80000a336f28>] gfs2_log_lock fs/gfs2/log.h:32 [inline]
[<ffff80000a336f28>] gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:806
CPU: 1 PID: 4295 Comm: syz.3.21 Tainted: G        W         5.15.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 __schedule_bug+0x12c/0x1e0 kernel/sched/core.c:5571
 schedule_debug kernel/sched/core.c:5598 [inline]
 __schedule+0xfa8/0x1e48 kernel/sched/core.c:6266
 schedule+0x11c/0x1c8 kernel/sched/core.c:6458
 schedule_timeout+0xb8/0x344 kernel/time/timer.c:1890
 do_wait_for_common+0x214/0x388 kernel/sched/completion.c:85
 __wait_for_common kernel/sched/completion.c:106 [inline]
 wait_for_common kernel/sched/completion.c:117 [inline]
 wait_for_completion+0x4c/0x64 kernel/sched/completion.c:138
 kthread_stop+0x1a0/0x788 kernel/kthread.c:666
 gfs2_make_fs_ro+0x12c/0x554 fs/gfs2/super.c:533
 signal_our_withdraw fs/gfs2/util.c:166 [inline]
 gfs2_withdraw+0x4ec/0x12a4 fs/gfs2/util.c:343
 gfs2_ail1_empty+0x758/0x7e8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x958/0x21d4 fs/gfs2/log.c:1094
 gfs2_trans_end+0x300/0x4cc fs/gfs2/trans.c:158
 alloc_dinode+0x33c/0x478 fs/gfs2/inode.c:419
 gfs2_create_inode+0xbe0/0x14c4 fs/gfs2/inode.c:720
 gfs2_atomic_open+0xd8/0x1c4 fs/gfs2/inode.c:1295
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xc54/0x26cc fs/namei.c:3739
 do_filp_open+0x1a8/0x3b4 fs/namei.c:3769
 do_sys_openat2+0x128/0x3e0 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
gfs2: fsid=syz:syz.0: File system withdrawn
CPU: 0 PID: 4295 Comm: syz.3.21 Tainted: G        W         5.15.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call trace:
 dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 gfs2_withdraw+0xeac/0x12a4 fs/gfs2/util.c:355
 gfs2_ail1_empty+0x758/0x7e8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x958/0x21d4 fs/gfs2/log.c:1094
 gfs2_trans_end+0x300/0x4cc fs/gfs2/trans.c:158
 alloc_dinode+0x33c/0x478 fs/gfs2/inode.c:419
 gfs2_create_inode+0xbe0/0x14c4 fs/gfs2/inode.c:720
 gfs2_atomic_open+0xd8/0x1c4 fs/gfs2/inode.c:1295
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xc54/0x26cc fs/namei.c:3739
 do_filp_open+0x1a8/0x3b4 fs/namei.c:3769
 do_sys_openat2+0x128/0x3e0 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584