gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
gfs2: fsid=syz:syz.0: fatal: I/O error(s)
gfs2: fsid=syz:syz.0: about to withdraw this file system
BUG: sleeping function called from invalid context at kernel/sched/completion.c:101
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 17595, name: syz.4.3003
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
6 locks held by syz.4.3003/17595:
 #0: ffff0000eb34e460 (sb_writers#22){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e2d11578 (&type->i_mutex_dir_key#18){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:758 [inline]
 #1: ffff0000e2d11578 (&type->i_mutex_dir_key#18){+.+.}-{3:3}, at: open_last_lookups fs/namei.c:3547 [inline]
 #1: ffff0000e2d11578 (&type->i_mutex_dir_key#18){+.+.}-{3:3}, at: path_openat+0x5ec/0x2548 fs/namei.c:3780
 #2: ffff0000eb34e650 (sb_internal#4){.+.+}-{0:0}, at: gfs2_trans_begin+0xa8/0x11c fs/gfs2/trans.c:118
 #3: ffff0000d26b5058 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xb4/0x1b20 fs/gfs2/log.c:1043
 #4: ffff0000d26b4e80 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline]
 #4: ffff0000d26b4e80 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline]
 #4: ffff0000d26b4e80 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814
 #5: ffff0000d26b5248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: signal_our_withdraw fs/gfs2/util.c:155 [inline]
 #5: ffff0000d26b5248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: gfs2_withdraw+0x430/0x140c fs/gfs2/util.c:354
Preemption disabled at:
[<ffff80000a4375ac>] spin_lock include/linux/spinlock.h:351 [inline]
[<ffff80000a4375ac>] gfs2_log_lock fs/gfs2/log.h:32 [inline]
[<ffff80000a4375ac>] gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814
CPU: 0 PID: 17595 Comm: syz.4.3003 Not tainted 6.1.131-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call trace:
 dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 __might_resched+0x37c/0x4d8 kernel/sched/core.c:9957
 __might_sleep+0x90/0xe4 kernel/sched/core.c:9886
 __wait_for_common kernel/sched/completion.c:101 [inline]
 wait_for_common kernel/sched/completion.c:117 [inline]
 wait_for_completion+0x24/0x60 kernel/sched/completion.c:138
 kthread_stop+0x1d8/0x8c0 kernel/kthread.c:711
 signal_our_withdraw fs/gfs2/util.c:159 [inline]
 gfs2_withdraw+0x49c/0x140c fs/gfs2/util.c:354
 gfs2_ail1_empty+0x744/0x7d4 fs/gfs2/log.c:377
 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815
 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:869
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x884/0x1b20 fs/gfs2/log.c:1102
 gfs2_trans_end+0x2f8/0x4c4 fs/gfs2/trans.c:158
 alloc_dinode+0x33c/0x478 fs/gfs2/inode.c:410
 gfs2_create_inode+0xc58/0x1548 fs/gfs2/inode.c:711
 gfs2_atomic_open+0xd8/0x1c4 fs/gfs2/inode.c:1292
 atomic_open fs/namei.c:3345 [inline]
 lookup_open fs/namei.c:3453 [inline]
 open_last_lookups fs/namei.c:3550 [inline]
 path_openat+0xbf8/0x2548 fs/namei.c:3780
 do_filp_open+0x1bc/0x3cc fs/namei.c:3810
 do_sys_openat2+0x128/0x3e0 fs/open.c:1318
 do_sys_open fs/open.c:1334 [inline]
 __do_sys_openat fs/open.c:1350 [inline]
 __se_sys_openat fs/open.c:1345 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1345
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
BUG: scheduling while atomic: syz.4.3003/17595/0x00000002
6 locks held by syz.4.3003/17595:
 #0: ffff0000eb34e460 (sb_writers#22){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e2d11578 (&type->i_mutex_dir_key#18){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:758 [inline]
 #1: ffff0000e2d11578 (&type->i_mutex_dir_key#18){+.+.}-{3:3}, at: open_last_lookups fs/namei.c:3547 [inline]
 #1: ffff0000e2d11578 (&type->i_mutex_dir_key#18){+.+.}-{3:3}, at: path_openat+0x5ec/0x2548 fs/namei.c:3780
 #2: ffff0000eb34e650 (sb_internal#4){.+.+}-{0:0}, at: gfs2_trans_begin+0xa8/0x11c fs/gfs2/trans.c:118
 #3: ffff0000d26b5058 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xb4/0x1b20 fs/gfs2/log.c:1043
 #4: ffff0000d26b4e80 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline]
 #4: ffff0000d26b4e80 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline]
 #4: ffff0000d26b4e80 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814
 #5: ffff0000d26b5248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: signal_our_withdraw fs/gfs2/util.c:155 [inline]
 #5: ffff0000d26b5248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: gfs2_withdraw+0x430/0x140c fs/gfs2/util.c:354
Modules linked in:
Preemption disabled at:
[<ffff80000a4375ac>] spin_lock include/linux/spinlock.h:351 [inline]
[<ffff80000a4375ac>] gfs2_log_lock fs/gfs2/log.h:32 [inline]
[<ffff80000a4375ac>] gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814
CPU: 0 PID: 17595 Comm: syz.4.3003 Tainted: G        W          6.1.131-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call trace:
 dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 __schedule_bug+0x12c/0x1e0 kernel/sched/core.c:5791
 schedule_debug kernel/sched/core.c:5818 [inline]
 __schedule+0xf8c/0x1d44 kernel/sched/core.c:6453
 schedule+0xc4/0x170 kernel/sched/core.c:6636
 schedule_timeout+0xb8/0x344 kernel/time/timer.c:1941
 do_wait_for_common+0x30c/0x468 kernel/sched/completion.c:85
 __wait_for_common kernel/sched/completion.c:106 [inline]
 wait_for_common kernel/sched/completion.c:117 [inline]
 wait_for_completion+0x48/0x60 kernel/sched/completion.c:138
 kthread_stop+0x1d8/0x8c0 kernel/kthread.c:711
 signal_our_withdraw fs/gfs2/util.c:165 [inline]
 gfs2_withdraw+0x508/0x140c fs/gfs2/util.c:354
 gfs2_ail1_empty+0x744/0x7d4 fs/gfs2/log.c:377
 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815
 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:869
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x884/0x1b20 fs/gfs2/log.c:1102
 gfs2_trans_end+0x2f8/0x4c4 fs/gfs2/trans.c:158
 alloc_dinode+0x33c/0x478 fs/gfs2/inode.c:410
 gfs2_create_inode+0xc58/0x1548 fs/gfs2/inode.c:711
 gfs2_atomic_open+0xd8/0x1c4 fs/gfs2/inode.c:1292
 atomic_open fs/namei.c:3345 [inline]
 lookup_open fs/namei.c:3453 [inline]
 open_last_lookups fs/namei.c:3550 [inline]
 path_openat+0xbf8/0x2548 fs/namei.c:3780
 do_filp_open+0x1bc/0x3cc fs/namei.c:3810
 do_sys_openat2+0x128/0x3e0 fs/open.c:1318
 do_sys_open fs/open.c:1334 [inline]
 __do_sys_openat fs/open.c:1350 [inline]
 __se_sys_openat fs/open.c:1345 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1345
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585