loop0: rw=1, sector=131324, nr_sectors = 4 limit=32768 gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0 gfs2: fsid=syz:syz.0: fatal: I/O error(s) gfs2: fsid=syz:syz.0: about to withdraw this file system BUG: sleeping function called from invalid context at kernel/sched/completion.c:101 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 6350, name: syz-executor.0 preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 5 locks held by syz-executor.0/6350: #0: ffff0000d0b720e0 (&type->s_umount_key#50){+.+.}-{3:3}, at: deactivate_super+0xd8/0x100 fs/super.c:360 #1: ffff0000c1f5cb78 (&sdp->sd_quota_sync_mutex){+.+.}-{3:3}, at: gfs2_quota_sync+0x9c/0x4b8 fs/gfs2/quota.c:1304 #2: ffff0000c1f5d060 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xc0/0x2054 fs/gfs2/log.c:1042 #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline] #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814 #4: ffff0000c1f5d248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: signal_our_withdraw fs/gfs2/util.c:151 [inline] #4: ffff0000c1f5d248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: gfs2_withdraw+0x394/0x1140 fs/gfs2/util.c:334 Preemption disabled at: [] spin_lock include/linux/spinlock.h:351 [inline] [] gfs2_log_lock fs/gfs2/log.h:32 [inline] [] gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814 CPU: 0 PID: 6350 Comm: syz-executor.0 Not tainted 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 __might_resched+0x374/0x4d0 kernel/sched/core.c:10189 __might_sleep+0x90/0xe4 kernel/sched/core.c:10118 __wait_for_common kernel/sched/completion.c:101 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x24/0x60 kernel/sched/completion.c:138 kthread_stop+0x1b4/0x790 kernel/kthread.c:710 gfs2_make_fs_ro+0x154/0x5d4 fs/gfs2/super.c:555 signal_our_withdraw fs/gfs2/util.c:153 [inline] gfs2_withdraw+0x3ac/0x1140 fs/gfs2/util.c:334 gfs2_ail1_empty+0x734/0x7c4 fs/gfs2/log.c:377 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:868 lops_before_commit fs/gfs2/lops.h:40 [inline] gfs2_log_flush+0x90c/0x2054 fs/gfs2/log.c:1101 do_sync+0x8e4/0xaf8 fs/gfs2/quota.c:977 gfs2_quota_sync+0x2a8/0x4b8 fs/gfs2/quota.c:1320 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 BUG: scheduling while atomic: syz-executor.0/6350/0x00000002 5 locks held by syz-executor.0/6350: #0: ffff0000d0b720e0 (&type->s_umount_key#50){+.+.}-{3:3}, at: deactivate_super+0xd8/0x100 fs/super.c:360 #1: ffff0000c1f5cb78 (&sdp->sd_quota_sync_mutex){+.+.}-{3:3}, at: gfs2_quota_sync+0x9c/0x4b8 fs/gfs2/quota.c:1304 #2: ffff0000c1f5d060 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xc0/0x2054 fs/gfs2/log.c:1042 #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline] #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814 #4: ffff0000c1f5d248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: signal_our_withdraw fs/gfs2/util.c:151 [inline] #4: ffff0000c1f5d248 (&sdp->sd_freeze_mutex){+.+.}-{3:3}, at: gfs2_withdraw+0x394/0x1140 fs/gfs2/util.c:334 Modules linked in: Preemption disabled at: [] spin_lock include/linux/spinlock.h:351 [inline] [] gfs2_log_lock fs/gfs2/log.h:32 [inline] [] gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814 CPU: 0 PID: 6350 Comm: syz-executor.0 Tainted: G W 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 __schedule_bug+0x128/0x1dc kernel/sched/core.c:5935 schedule_debug kernel/sched/core.c:5962 [inline] __schedule+0x1408/0x23b4 kernel/sched/core.c:6604 schedule+0xc4/0x170 kernel/sched/core.c:6786 schedule_timeout+0xb8/0x348 kernel/time/timer.c:2143 do_wait_for_common+0x30c/0x468 kernel/sched/completion.c:85 __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x48/0x60 kernel/sched/completion.c:138 kthread_stop+0x1b4/0x790 kernel/kthread.c:710 gfs2_make_fs_ro+0x33c/0x5d4 fs/gfs2/super.c:561 signal_our_withdraw fs/gfs2/util.c:153 [inline] gfs2_withdraw+0x3ac/0x1140 fs/gfs2/util.c:334 gfs2_ail1_empty+0x734/0x7c4 fs/gfs2/log.c:377 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:868 lops_before_commit fs/gfs2/lops.h:40 [inline] gfs2_log_flush+0x90c/0x2054 fs/gfs2/log.c:1101 do_sync+0x8e4/0xaf8 fs/gfs2/quota.c:977 gfs2_quota_sync+0x2a8/0x4b8 fs/gfs2/quota.c:1320 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_slot_count" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1477 CPU: 0 PID: 6350 Comm: syz-executor.0 Tainted: G W 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 gfs2_assert_warn_i+0x16c/0x278 fs/gfs2/util.c:408 gfs2_quota_cleanup+0x488/0x664 fs/gfs2/quota.c:1477 gfs2_make_fs_ro+0x4dc/0x5d4 fs/gfs2/super.c:588 signal_our_withdraw fs/gfs2/util.c:153 [inline] gfs2_withdraw+0x3ac/0x1140 fs/gfs2/util.c:334 gfs2_ail1_empty+0x734/0x7c4 fs/gfs2/log.c:377 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:868 lops_before_commit fs/gfs2/lops.h:40 [inline] gfs2_log_flush+0x90c/0x2054 fs/gfs2/log.c:1101 do_sync+0x8e4/0xaf8 fs/gfs2/quota.c:977 gfs2_quota_sync+0x2a8/0x4b8 fs/gfs2/quota.c:1320 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 ============================= [ BUG: Invalid wait context ] 6.5.0-rc3-syzkaller #0 Tainted: G W ----------------------------- syz-executor.0/6350 is trying to lock: ffff800090cf1f08 (uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_env+0x4d0/0x874 lib/kobject_uevent.c:586 other info that might help us debug this: context-{4:4} 4 locks held by syz-executor.0/6350: #0: ffff0000d0b720e0 (&type->s_umount_key#50){+.+.}-{3:3}, at: deactivate_super+0xd8/0x100 fs/super.c:360 #1: ffff0000c1f5cb78 (&sdp->sd_quota_sync_mutex){+.+.}-{3:3}, at: gfs2_quota_sync+0x9c/0x4b8 fs/gfs2/quota.c:1304 #2: ffff0000c1f5d060 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xc0/0x2054 fs/gfs2/log.c:1042 #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline] #3: ffff0000c1f5ce88 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x50/0x94 fs/gfs2/log.c:814 stack backtrace: CPU: 0 PID: 6350 Comm: syz-executor.0 Tainted: G W 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 print_lock_invalid_wait_context kernel/locking/lockdep.c:4758 [inline] check_wait_context kernel/locking/lockdep.c:4828 [inline] __lock_acquire+0x1bec/0x75e8 kernel/locking/lockdep.c:5094 lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5761 __mutex_lock_common+0x190/0x21a0 kernel/locking/mutex.c:603 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:799 kobject_uevent_env+0x4d0/0x874 lib/kobject_uevent.c:586 kobject_uevent+0x2c/0x3c lib/kobject_uevent.c:642 gfs2_withdraw+0xc64/0x1140 fs/gfs2/util.c:336 gfs2_ail1_empty+0x734/0x7c4 fs/gfs2/log.c:377 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:868 lops_before_commit fs/gfs2/lops.h:40 [inline] gfs2_log_flush+0x90c/0x2054 fs/gfs2/log.c:1101 do_sync+0x8e4/0xaf8 fs/gfs2/quota.c:977 gfs2_quota_sync+0x2a8/0x4b8 fs/gfs2/quota.c:1320 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 gfs2: fsid=syz:syz.0: File system withdrawn CPU: 0 PID: 6350 Comm: syz-executor.0 Tainted: G W 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 gfs2_withdraw+0xd4c/0x1140 fs/gfs2/util.c:347 gfs2_ail1_empty+0x734/0x7c4 fs/gfs2/log.c:377 gfs2_flush_revokes+0x5c/0x94 fs/gfs2/log.c:815 revoke_lo_before_commit+0x3c/0x640 fs/gfs2/lops.c:868 lops_before_commit fs/gfs2/lops.h:40 [inline] gfs2_log_flush+0x90c/0x2054 fs/gfs2/log.c:1101 do_sync+0x8e4/0xaf8 fs/gfs2/quota.c:977 gfs2_quota_sync+0x2a8/0x4b8 fs/gfs2/quota.c:1320 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================== BUG: KASAN: user-memory-access in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: user-memory-access in test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:85 [inline] BUG: KASAN: user-memory-access in slot_put+0xdc/0x1f4 fs/gfs2/quota.c:362 Write of size 8 at addr 0000000000001998 by task syz-executor.0/6350 CPU: 0 PID: 6350 Comm: syz-executor.0 Tainted: G W 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 print_report+0xe4/0x514 mm/kasan/report.c:478 kasan_report+0xd8/0x138 mm/kasan/report.c:588 kasan_check_range+0x254/0x294 mm/kasan/generic.c:187 __kasan_check_write+0x20/0x30 mm/kasan/shadow.c:37 instrument_atomic_read_write include/linux/instrumented.h:96 [inline] test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:85 [inline] slot_put+0xdc/0x1f4 fs/gfs2/quota.c:362 qd_unlock+0x160/0x2b8 fs/gfs2/quota.c:496 gfs2_quota_sync+0x38c/0x4b8 fs/gfs2/quota.c:1327 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================== Unable to handle kernel paging request at virtual address 0000000000001998 Mem abort info: ESR = 0x0000000096000005 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: level 1 translation fault Data abort info: ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=0000000123d3c000 [0000000000001998] pgd=08000001130d4003, p4d=08000001130d4003, pud=0000000000000000 Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP Modules linked in: CPU: 0 PID: 6350 Comm: syz-executor.0 Tainted: G B W 6.5.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __lse_atomic64_fetch_andnot arch/arm64/include/asm/atomic_lse.h:166 [inline] pc : arch_atomic64_fetch_andnot arch/arm64/include/asm/atomic.h:85 [inline] pc : raw_atomic64_fetch_andnot include/linux/atomic/atomic-arch-fallback.h:3677 [inline] pc : raw_atomic_long_fetch_andnot include/linux/atomic/atomic-long.h:985 [inline] pc : arch_test_and_clear_bit include/asm-generic/bitops/atomic.h:53 [inline] pc : test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:86 [inline] pc : slot_put+0xf4/0x1f4 fs/gfs2/quota.c:362 lr : arch_atomic64_fetch_andnot arch/arm64/include/asm/atomic.h:85 [inline] lr : raw_atomic64_fetch_andnot include/linux/atomic/atomic-arch-fallback.h:3677 [inline] lr : raw_atomic_long_fetch_andnot include/linux/atomic/atomic-long.h:985 [inline] lr : arch_test_and_clear_bit include/asm-generic/bitops/atomic.h:53 [inline] lr : test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:86 [inline] lr : slot_put+0xf0/0x1f4 fs/gfs2/quota.c:362 sp : ffff800097237640 x29: ffff800097237640 x28: ffff0000c837e800 x27: ffff0000dfd8a0f0 x26: ffff0000c837e800 x25: 0000000000000333 x24: dfff800000000000 x23: 0000000000000000 x22: 1fffe0001bfb1415 x21: 0000000000000004 x20: ffff0000dfd8a0a8 x19: ffff0000c1f5cc00 x18: 1fffe0003683b5c6 x17: 3d3d3d3d3d3d3d3d x16: ffff80008026fd9c x15: 0000000000000001 x14: 1ffff000121ec744 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000001 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000000001998 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800097236e58 x4 : ffff80008e15ef00 x3 : ffff8000801bcf34 x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: __lse_atomic64_fetch_andnot arch/arm64/include/asm/atomic_lse.h:166 [inline] arch_atomic64_fetch_andnot arch/arm64/include/asm/atomic.h:85 [inline] raw_atomic64_fetch_andnot include/linux/atomic/atomic-arch-fallback.h:3677 [inline] raw_atomic_long_fetch_andnot include/linux/atomic/atomic-long.h:985 [inline] arch_test_and_clear_bit include/asm-generic/bitops/atomic.h:53 [inline] test_and_clear_bit include/asm-generic/bitops/instrumented-atomic.h:86 [inline] slot_put+0xf4/0x1f4 fs/gfs2/quota.c:362 qd_unlock+0x160/0x2b8 fs/gfs2/quota.c:496 gfs2_quota_sync+0x38c/0x4b8 fs/gfs2/quota.c:1327 gfs2_sync_fs+0x4c/0xc4 fs/gfs2/super.c:680 sync_filesystem+0xe8/0x218 fs/sync.c:56 generic_shutdown_super+0x70/0x328 fs/super.c:472 kill_block_super+0x60/0xa0 fs/super.c:1417 gfs2_kill_sb+0x2cc/0x330 deactivate_locked_super+0xac/0x124 fs/super.c:330 deactivate_super+0xe0/0x100 fs/super.c:361 cleanup_mnt+0x34c/0x3dc fs/namespace.c:1254 __cleanup_mnt+0x20/0x30 fs/namespace.c:1261 task_work_run+0x230/0x2e0 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] do_notify_resume+0x2180/0x3c90 arch/arm64/kernel/signal.c:1305 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline] el0_svc+0x94/0x160 arch/arm64/kernel/entry-common.c:648 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 Code: d346ff39 d503201f 97837d9d 8b190ee8 (f8f51108) ---[ end trace 0000000000000000 ]--- ---------------- Code disassembly (best guess): 0: d346ff39 lsr x25, x25, #6 4: d503201f nop 8: 97837d9d bl 0xfffffffffe0df67c c: 8b190ee8 add x8, x23, x25, lsl #3 * 10: f8f51108 ldclral x21, x8, [x8] <-- trapping instruction