loop0: rw=1, want=16778992, limit=32768
gfs2: fsid=syz:syz.0: Error 10 writing to journal, jid=0
gfs2: fsid=syz:syz.0: fatal: I/O error(s)
gfs2: fsid=syz:syz.0: about to withdraw this file system
BUG: sleeping function called from invalid context at fs/gfs2/glock.c:1281
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4908, name: syz.0.16
5 locks held by syz.0.16/4908:
 #0: ffff0000cf3c4460 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:377
 #1: ffff0000e2f20150 (&type->i_mutex_dir_key#8){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff0000e2f20150 (&type->i_mutex_dir_key#8){+.+.}-{3:3}, at: open_last_lookups fs/namei.c:3529 [inline]
 #1: ffff0000e2f20150 (&type->i_mutex_dir_key#8){+.+.}-{3:3}, at: path_openat+0x5f4/0x26e4 fs/namei.c:3739
 #2: ffff0000cf3c4650 (sb_internal#2){.+.+}-{0:0}, at: gfs2_trans_begin+0x120/0x1bc fs/gfs2/trans.c:118
 #3: ffff0000d94e90a8 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xb4/0x2078 fs/gfs2/log.c:1035
 #4: ffff0000d94e8ed0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
 #4: ffff0000d94e8ed0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline]
 #4: ffff0000d94e8ed0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x48/0x88 fs/gfs2/log.c:806
Preemption disabled at:
[<ffff80000a0a64c4>] spin_lock include/linux/spinlock.h:363 [inline]
[<ffff80000a0a64c4>] gfs2_log_lock fs/gfs2/log.h:32 [inline]
[<ffff80000a0a64c4>] gfs2_flush_revokes+0x48/0x88 fs/gfs2/log.c:806
CPU: 0 PID: 4908 Comm: syz.0.16 Not tainted 5.15.189-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call trace:
 dump_backtrace+0x0/0x43c arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 ___might_sleep+0x358/0x4d4 kernel/sched/core.c:9639
 __might_sleep+0x98/0x124 kernel/sched/core.c:9593
 gfs2_glock_wait fs/gfs2/glock.c:1281 [inline]
 gfs2_glock_nq+0x888/0x141c fs/gfs2/glock.c:1538
 gfs2_glock_nq_init fs/gfs2/glock.h:246 [inline]
 gfs2_freeze_lock+0x64/0xd8 fs/gfs2/util.c:107
 signal_our_withdraw fs/gfs2/util.c:160 [inline]
 gfs2_withdraw+0x490/0x129c fs/gfs2/util.c:343
 gfs2_ail1_empty+0x768/0x7f8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x54/0x88 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x608 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x8d0/0x2078 fs/gfs2/log.c:1094
 gfs2_trans_end+0x2f0/0x4bc fs/gfs2/trans.c:158
 alloc_dinode+0x2e8/0x3fc fs/gfs2/inode.c:419
 gfs2_create_inode+0x9e4/0x1058 fs/gfs2/inode.c:721
 gfs2_atomic_open+0xc8/0x1c4 fs/gfs2/inode.c:1296
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xb50/0x26e4 fs/namei.c:3739
 do_filp_open+0x164/0x330 fs/namei.c:3769
 do_sys_openat2+0x128/0x3d8 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x120/0x154 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x78/0x1e0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0xcc/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584

=============================
[ BUG: Invalid wait context ]
5.15.189-syzkaller #0 Tainted: G        W        
-----------------------------
syz.0.16/4908 is trying to lock:
ffff0000c6c6a088 (&wq->mutex){+.+.}-{3:3}, at: flush_workqueue+0x13c/0x1024 kernel/workqueue.c:2833
other info that might help us debug this:
context-{4:4}
5 locks held by syz.0.16/4908:
 #0: ffff0000cf3c4460 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:377
 #1: ffff0000e2f20150 (&type->i_mutex_dir_key#8){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff0000e2f20150 (&type->i_mutex_dir_key#8){+.+.}-{3:3}, at: open_last_lookups fs/namei.c:3529 [inline]
 #1: ffff0000e2f20150 (&type->i_mutex_dir_key#8){+.+.}-{3:3}, at: path_openat+0x5f4/0x26e4 fs/namei.c:3739
 #2: ffff0000cf3c4650 (sb_internal#2){.+.+}-{0:0}, at: gfs2_trans_begin+0x120/0x1bc fs/gfs2/trans.c:118
 #3: ffff0000d94e90a8 (&sdp->sd_log_flush_lock){++++}-{3:3}, at: gfs2_log_flush+0xb4/0x2078 fs/gfs2/log.c:1035
 #4: ffff0000d94e8ed0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
 #4: ffff0000d94e8ed0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_log_lock fs/gfs2/log.h:32 [inline]
 #4: ffff0000d94e8ed0 (&sdp->sd_log_lock){+.+.}-{2:2}, at: gfs2_flush_revokes+0x48/0x88 fs/gfs2/log.c:806
stack backtrace:
CPU: 0 PID: 4908 Comm: syz.0.16 Tainted: G        W         5.15.189-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call trace:
 dump_backtrace+0x0/0x43c arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4664 [inline]
 check_wait_context kernel/locking/lockdep.c:4725 [inline]
 __lock_acquire+0x1acc/0x651c kernel/locking/lockdep.c:4962
 lock_acquire+0x1f4/0x620 kernel/locking/lockdep.c:5623
 __mutex_lock_common+0x194/0x1edc kernel/locking/mutex.c:596
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0xac/0x11c kernel/locking/mutex.c:743
 flush_workqueue+0x13c/0x1024 kernel/workqueue.c:2833
 gfs2_flush_delete_work+0x34/0x44 fs/gfs2/glock.c:2108
 gfs2_make_fs_ro+0xb4/0x51c fs/gfs2/super.c:529
 signal_our_withdraw fs/gfs2/util.c:166 [inline]
 gfs2_withdraw+0x4cc/0x129c fs/gfs2/util.c:343
 gfs2_ail1_empty+0x768/0x7f8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x54/0x88 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x608 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x8d0/0x2078 fs/gfs2/log.c:1094
 gfs2_trans_end+0x2f0/0x4bc fs/gfs2/trans.c:158
 alloc_dinode+0x2e8/0x3fc fs/gfs2/inode.c:419
 gfs2_create_inode+0x9e4/0x1058 fs/gfs2/inode.c:721
 gfs2_atomic_open+0xc8/0x1c4 fs/gfs2/inode.c:1296
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xb50/0x26e4 fs/namei.c:3739
 do_filp_open+0x164/0x330 fs/namei.c:3769
 do_sys_openat2+0x128/0x3d8 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x120/0x154 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x78/0x1e0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0xcc/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
BUG: scheduling while atomic: syz.0.16/4908/0x00000002
INFO: lockdep is turned off.
Modules linked in:
Preemption disabled at:
[<ffff80000a0a64c4>] spin_lock include/linux/spinlock.h:363 [inline]
[<ffff80000a0a64c4>] gfs2_log_lock fs/gfs2/log.h:32 [inline]
[<ffff80000a0a64c4>] gfs2_flush_revokes+0x48/0x88 fs/gfs2/log.c:806
CPU: 0 PID: 4908 Comm: syz.0.16 Tainted: G        W         5.15.189-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call trace:
 dump_backtrace+0x0/0x43c arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 __schedule_bug+0x124/0x1c8 kernel/sched/core.c:5572
 schedule_debug kernel/sched/core.c:5599 [inline]
 __schedule+0xe8c/0x1c0c kernel/sched/core.c:6267
 schedule+0x11c/0x1c8 kernel/sched/core.c:6459
 schedule_timeout+0xb4/0x2c8 kernel/time/timer.c:1890
 do_wait_for_common+0x1fc/0x35c kernel/sched/completion.c:85
 __wait_for_common kernel/sched/completion.c:106 [inline]
 wait_for_common kernel/sched/completion.c:117 [inline]
 wait_for_completion+0x48/0x60 kernel/sched/completion.c:138
 kthread_stop+0x1a0/0x6f8 kernel/kthread.c:666
 gfs2_make_fs_ro+0x12c/0x51c fs/gfs2/super.c:533
 signal_our_withdraw fs/gfs2/util.c:166 [inline]
 gfs2_withdraw+0x4cc/0x129c fs/gfs2/util.c:343
 gfs2_ail1_empty+0x768/0x7f8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x54/0x88 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x608 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x8d0/0x2078 fs/gfs2/log.c:1094
 gfs2_trans_end+0x2f0/0x4bc fs/gfs2/trans.c:158
 alloc_dinode+0x2e8/0x3fc fs/gfs2/inode.c:419
 gfs2_create_inode+0x9e4/0x1058 fs/gfs2/inode.c:721
 gfs2_atomic_open+0xc8/0x1c4 fs/gfs2/inode.c:1296
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xb50/0x26e4 fs/namei.c:3739
 do_filp_open+0x164/0x330 fs/namei.c:3769
 do_sys_openat2+0x128/0x3d8 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x120/0x154 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x78/0x1e0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0xcc/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
gfs2: fsid=syz:syz.0: File system withdrawn
CPU: 0 PID: 4908 Comm: syz.0.16 Tainted: G        W         5.15.189-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call trace:
 dump_backtrace+0x0/0x43c arch/arm64/kernel/stacktrace.c:152
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 gfs2_withdraw+0xc60/0x129c fs/gfs2/util.c:355
 gfs2_ail1_empty+0x768/0x7f8 fs/gfs2/log.c:369
 gfs2_flush_revokes+0x54/0x88 fs/gfs2/log.c:807
 revoke_lo_before_commit+0x3c/0x608 fs/gfs2/lops.c:872
 lops_before_commit fs/gfs2/lops.h:40 [inline]
 gfs2_log_flush+0x8d0/0x2078 fs/gfs2/log.c:1094
 gfs2_trans_end+0x2f0/0x4bc fs/gfs2/trans.c:158
 alloc_dinode+0x2e8/0x3fc fs/gfs2/inode.c:419
 gfs2_create_inode+0x9e4/0x1058 fs/gfs2/inode.c:721
 gfs2_atomic_open+0xc8/0x1c4 fs/gfs2/inode.c:1296
 atomic_open fs/namei.c:3325 [inline]
 lookup_open fs/namei.c:3433 [inline]
 open_last_lookups fs/namei.c:3532 [inline]
 path_openat+0xb50/0x26e4 fs/namei.c:3739
 do_filp_open+0x164/0x330 fs/namei.c:3769
 do_sys_openat2+0x128/0x3d8 fs/open.c:1253
 do_sys_open fs/open.c:1269 [inline]
 __do_sys_openat fs/open.c:1285 [inline]
 __se_sys_openat fs/open.c:1280 [inline]
 __arm64_sys_openat+0x120/0x154 fs/open.c:1280
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x78/0x1e0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0xcc/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584