Warning: Permanently added '10.128.0.226' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs syzkaller login: [ 33.929321][ T4338] cgroup: Unknown subsys name 'net' [ 34.219965][ T4338] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 34.484622][ T4338] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 38.488281][ T4376] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 38.490084][ T4376] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.491452][ T4376] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.493030][ T4376] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.494503][ T4376] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 38.495764][ T4376] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.609329][ T432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.610717][ T432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.612476][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 38.622004][ T432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.623244][ T432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.624733][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 38.800784][ T4388] chnl_net:caif_netlink_parms(): no params data found [ 38.818393][ T4388] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.819511][ T4388] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.821016][ T4388] device bridge_slave_0 entered promiscuous mode [ 38.823381][ T4388] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.824550][ T4388] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.826003][ T4388] device bridge_slave_1 entered promiscuous mode [ 38.833515][ T4388] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.836067][ T4388] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.843060][ T4388] team0: Port device team_slave_0 added [ 38.844732][ T4388] team0: Port device team_slave_1 added [ 38.850862][ T4388] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.852070][ T4388] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.856523][ T4388] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.859682][ T4388] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.860810][ T4388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.865172][ T4388] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.918388][ T4388] device hsr_slave_0 entered promiscuous mode [ 38.957362][ T4388] device hsr_slave_1 entered promiscuous mode [ 39.046748][ T4388] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.088348][ T4388] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.129684][ T4388] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.166698][ T4388] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.222245][ T4388] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.223588][ T4388] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.225159][ T4388] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.226247][ T4388] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.244507][ T4388] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.248597][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.250818][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.252633][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.256658][ T4388] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.271864][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.273640][ T432] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.274821][ T432] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.278709][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.280523][ T432] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.281688][ T432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.288216][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.289849][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 39.292526][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.295197][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.299611][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.302099][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 39.356164][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 39.357648][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 39.361630][ T4388] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.369687][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.382523][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.384408][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 39.385908][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 39.388540][ T4388] device veth0_vlan entered promiscuous mode [ 39.391781][ T4388] device veth1_vlan entered promiscuous mode [ 39.398058][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 39.399603][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 39.401128][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.403502][ T4388] device veth0_macvtap entered promiscuous mode [ 39.405839][ T4388] device veth1_macvtap entered promiscuous mode [ 39.411935][ T4388] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.413269][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.415210][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 39.428625][ T4388] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.430004][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.433104][ T4388] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.434630][ T4388] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.436078][ T4388] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.438067][ T4388] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:40 executed programs: 0 [ 40.846905][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 40.849380][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 40.850925][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 40.852690][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 40.854046][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 40.855264][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.140222][ T4448] chnl_net:caif_netlink_parms(): no params data found [ 41.155555][ T4448] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.156906][ T4448] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.159006][ T4448] device bridge_slave_0 entered promiscuous mode [ 41.160910][ T4448] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.162044][ T4448] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.163458][ T4448] device bridge_slave_1 entered promiscuous mode [ 41.171351][ T4448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.173783][ T4448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.182158][ T4448] team0: Port device team_slave_0 added [ 41.183823][ T4448] team0: Port device team_slave_1 added [ 41.189449][ T4448] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.190639][ T4448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.195402][ T4448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.198393][ T4448] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.199431][ T4448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.203743][ T4448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.249038][ T4448] device hsr_slave_0 entered promiscuous mode [ 41.288307][ T4448] device hsr_slave_1 entered promiscuous mode [ 41.347243][ T4448] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.348582][ T4448] Cannot create hsr debugfs directory [ 41.649984][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.877726][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 44.967831][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 45.228456][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.309674][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.399075][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.309509][ T4448] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.410542][ T4448] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.528786][ T4448] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.678918][ T4448] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.779294][ T4448] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.782827][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.784316][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.786541][ T4448] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.829827][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.831418][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.832968][ T247] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.834187][ T247] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.835794][ T247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.840035][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.841678][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.843218][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.844422][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.847948][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.850606][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.853163][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.855307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.856854][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.920174][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.921912][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.924547][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.926076][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.928917][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.930374][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.932482][ T4448] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 47.001950][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 47.003276][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 47.006559][ T4448] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.013196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.014751][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.021332][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 47.022973][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.024503][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 47.026025][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 47.037281][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 47.059262][ T4448] device veth0_vlan entered promiscuous mode [ 47.062990][ T4448] device veth1_vlan entered promiscuous mode [ 47.069076][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 47.070626][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 47.072045][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 47.073571][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.075921][ T4448] device veth0_macvtap entered promiscuous mode [ 47.078700][ T4448] device veth1_macvtap entered promiscuous mode [ 47.083448][ T4448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.085307][ T4448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.088067][ T4448] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.089278][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 47.090831][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 47.092335][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.093960][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.096263][ T4448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.101182][ T4448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.103888][ T4448] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.105172][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.106780][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.111363][ T11] device hsr_slave_0 left promiscuous mode [ 47.147727][ T11] device hsr_slave_1 left promiscuous mode [ 47.237284][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 47.238539][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 47.241152][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 47.242317][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 47.243727][ T11] device bridge_slave_1 left promiscuous mode [ 47.245214][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.308946][ T11] device bridge_slave_0 left promiscuous mode [ 47.310054][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.427670][ T11] device veth1_macvtap left promiscuous mode [ 47.428883][ T11] device veth0_macvtap left promiscuous mode [ 47.430011][ T11] device veth1_vlan left promiscuous mode [ 47.431037][ T11] device veth0_vlan left promiscuous mode [ 49.117825][ T4376] Bluetooth: hci0: command 0x0419 tx timeout [ 49.608219][ T11] team0 (unregistering): Port device team_slave_1 removed [ 49.778404][ T11] team0 (unregistering): Port device team_slave_0 removed [ 49.937556][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 50.137731][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 51.729223][ T11] bond0 (unregistering): Released all slaves [ 52.020322][ T4448] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.021798][ T4448] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.023301][ T4448] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.024697][ T4448] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.051027][ T1699] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.052327][ T1699] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.054298][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 52.063029][ T1699] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.064283][ T1699] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.065602][ T432] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 52.234841][ T4509] loop0: detected capacity change from 0 to 32768 [ 52.239135][ T4509] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 52.240471][ T4509] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 52.251502][ T4509] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 52.253759][ T4412] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 52.254975][ T4412] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 52.266022][ T4412] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 11ms [ 52.268249][ T4412] gfs2: fsid=syz:syz.0: jid=0: Done [ 52.269304][ T4509] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 52.367979][ T4448] ------------[ cut here ]------------ [ 52.369047][ T4448] WARNING: CPU: 1 PID: 4448 at include/linux/backing-dev.h:247 __folio_mark_dirty+0x8a0/0xcd8 [ 52.370759][ T4448] Modules linked in: [ 52.371397][ T4448] CPU: 1 PID: 4448 Comm: syz-executor Not tainted syzkaller #0 [ 52.372571][ T4448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 52.374191][ T4448] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 52.375460][ T4448] pc : __folio_mark_dirty+0x8a0/0xcd8 [ 52.376379][ T4448] lr : __folio_mark_dirty+0x8a0/0xcd8 [ 52.377342][ T4448] sp : ffff8000209e76e0 [ 52.378060][ T4448] x29: ffff8000209e7700 x28: 1fffff80006b1fe0 x27: dfff800000000000 [ 52.379464][ T4448] x26: 0000000000000000 x25: ffff0000c51c3e90 x24: 0000000000000001 [ 52.380877][ T4448] x23: 0000000000000000 x22: fffffc000358ff08 x21: 1fffe00018a387d2 [ 52.382278][ T4448] x20: ffff0000d23ea250 x19: fffffc000358ff00 x18: ffff800011b9bf60 [ 52.383605][ T4448] x17: ffff80001835b000 x16: ffff8000082d7db8 x15: ffff800017e3c000 [ 52.384950][ T4448] x14: 0000000000000001 x13: 1fffe00018a387d2 x12: 0000000000ff0100 [ 52.386294][ T4448] x11: ff0080000870a0f8 x10: 0000000000000000 x9 : ffff80000870a0f8 [ 52.387664][ T4448] x8 : ffff0000ce3f3780 x7 : 0000000000000000 x6 : 0000000000000000 [ 52.388991][ T4448] x5 : 0000000000000020 x4 : 0000000000000000 x3 : ffff800008a58a88 [ 52.390278][ T4448] x2 : ffff0000cf156060 x1 : 0000000000000000 x0 : 0000000000000000 [ 52.391564][ T4448] Call trace: [ 52.392089][ T4448] __folio_mark_dirty+0x8a0/0xcd8 [ 52.392981][ T4448] mark_buffer_dirty+0x2b8/0x5c0 [ 52.393810][ T4448] gfs2_unpin+0x120/0x8fc [ 52.394594][ T4448] buf_lo_after_commit+0x140/0x188 [ 52.395432][ T4448] gfs2_log_flush+0xc00/0x1b20 [ 52.396273][ T4448] gfs2_kill_sb+0x5c/0xd4 [ 52.397023][ T4448] deactivate_locked_super+0xac/0x120 [ 52.397946][ T4448] deactivate_super+0xe4/0x104 [ 52.398746][ T4448] cleanup_mnt+0x390/0x418 [ 52.399517][ T4448] __cleanup_mnt+0x20/0x30 [ 52.400297][ T4448] task_work_run+0x1ec/0x278 [ 52.401066][ T4448] do_notify_resume+0x1fa0/0x2aa4 [ 52.401946][ T4448] el0_svc+0x98/0x128 [ 52.402618][ T4448] el0t_64_sync_handler+0x84/0xf0 [ 52.403469][ T4448] el0t_64_sync+0x18c/0x190 [ 52.404195][ T4448] irq event stamp: 157180 [ 52.404932][ T4448] hardirqs last enabled at (157179): [] exit_to_kernel_mode+0xcc/0xfc [ 52.406565][ T4448] hardirqs last disabled at (157180): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 52.408339][ T4448] softirqs last enabled at (157062): [] local_bh_enable+0x10/0x34 [ 52.409954][ T4448] softirqs last disabled at (157060): [] local_bh_disable+0x10/0x34 [ 52.411588][ T4448] ---[ end trace 0000000000000000 ]--- [ 52.437762][ T4448] ------------[ cut here ]------------ [ 52.438728][ T4448] WARNING: CPU: 0 PID: 4448 at include/linux/backing-dev.h:247 __folio_start_writeback+0x88c/0xa7c [ 52.440458][ T4448] Modules linked in: [ 52.441072][ T4448] CPU: 0 PID: 4448 Comm: syz-executor Tainted: G W syzkaller #0 [ 52.442496][ T4448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 52.444228][ T4448] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 52.445501][ T4448] pc : __folio_start_writeback+0x88c/0xa7c [ 52.446425][ T4448] lr : __folio_start_writeback+0x88c/0xa7c [ 52.447354][ T4448] sp : ffff8000209e7180 [ 52.448016][ T4448] x29: ffff8000209e7260 x28: dfff800000000000 x27: 0000000000000000 [ 52.449338][ T4448] x26: ffff70000413ce38 x25: 0000000000000000 x24: ffff0000d23ea250 [ 52.450659][ T4448] x23: ffff8000209e71e0 x22: ffff0000c51c3ce8 x21: 0000000000000001 [ 52.452009][ T4448] x20: fffffc000358ff08 x19: fffffc000358ff00 x18: ffff800011b9bf60 [ 52.453458][ T4448] x17: ffff80001835b000 x16: ffff8000082d7db8 x15: 0000000000000000 [ 52.454730][ T4448] x14: 0000000000000001 x13: 1fffff80006b1fe0 x12: 0000000000ff0100 [ 52.456059][ T4448] x11: ff0080000870c604 x10: 0000000000000000 x9 : ffff80000870c604 [ 52.457408][ T4448] x8 : ffff0000ce3f3780 x7 : ffff80000870c070 x6 : 0000000000000000 [ 52.458752][ T4448] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff80000870c0b0 [ 52.460088][ T4448] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 52.461442][ T4448] Call trace: [ 52.462014][ T4448] __folio_start_writeback+0x88c/0xa7c [ 52.462958][ T4448] set_page_writeback+0x5c/0x7c [ 52.463819][ T4448] gfs2_aspace_writepage+0x514/0x6dc [ 52.464665][ T4448] __gfs2_writepage+0x70/0x184 [ 52.465473][ T4448] write_cache_pages+0x74c/0xde8 [ 52.466329][ T4448] gfs2_ail1_flush+0x7c4/0xa14 [ 52.467113][ T4448] empty_ail1_list+0x130/0x214 [ 52.467899][ T4448] gfs2_log_flush+0x12b4/0x1b20 [ 52.468695][ T4448] gfs2_kill_sb+0x5c/0xd4 [ 52.469373][ T4448] deactivate_locked_super+0xac/0x120 [ 52.470309][ T4448] deactivate_super+0xe4/0x104 [ 52.471069][ T4448] cleanup_mnt+0x390/0x418 [ 52.471809][ T4448] __cleanup_mnt+0x20/0x30 [ 52.472546][ T4448] task_work_run+0x1ec/0x278 [ 52.473325][ T4448] do_notify_resume+0x1fa0/0x2aa4 [ 52.474171][ T4448] el0_svc+0x98/0x128 [ 52.474874][ T4448] el0t_64_sync_handler+0x84/0xf0 [ 52.475756][ T4448] el0t_64_sync+0x18c/0x190 [ 52.476509][ T4448] irq event stamp: 157316 [ 52.477256][ T4448] hardirqs last enabled at (157315): [] folio_memcg_lock+0xe8/0x1f4 [ 52.478900][ T4448] hardirqs last disabled at (157316): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 52.480661][ T4448] softirqs last enabled at (157292): [] handle_softirqs+0xaec/0xc60 [ 52.482276][ T4448] softirqs last disabled at (157183): [] __do_softirq+0x14/0x20 [ 52.483813][ T4448] ---[ end trace 0000000000000000 ]--- [ 52.488490][ C0] ------------[ cut here ]------------ [ 52.489594][ C0] WARNING: CPU: 0 PID: 15 at include/linux/backing-dev.h:247 __folio_end_writeback+0x7d0/0x9cc [ 52.491275][ C0] Modules linked in: [ 52.491945][ C0] CPU: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G W syzkaller #0 [ 52.493385][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 52.495033][ C0] pstate: 424000c5 (nZcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 52.496286][ C0] pc : __folio_end_writeback+0x7d0/0x9cc [ 52.497218][ C0] lr : __folio_end_writeback+0x7d0/0x9cc [ 52.498156][ C0] sp : ffff80001ca27970 [ 52.498847][ C0] x29: ffff80001ca27990 x28: dfff800000000000 x27: ffff0000c51c3ce8 [ 52.500221][ C0] x26: 0000000000000000 x25: 05ffd60000002052 x24: 1fffff80006a51f0 [ 52.501629][ C0] x23: 0000000000000001 x22: ffff0000d23e82a0 x21: ffff0000d23e82a8 [ 52.503028][ C0] x20: 0000000000000001 x19: fffffc0003528f80 x18: ffff800011b9bf60 [ 52.504428][ C0] x17: 1fffe00033ea637e x16: ffff8000082d7db8 x15: 0000000000000000 [ 52.505763][ C0] x14: 0000000000000003 x13: 1ffff00003944f20 x12: 0000000000ff0100 [ 52.507142][ C0] x11: ff0080000870bb7c x10: 0000000000000000 x9 : ffff80000870bb7c [ 52.508509][ C0] x8 : ffff0000c09b3780 x7 : 0000000000000000 x6 : 0000000000000000 [ 52.509851][ C0] x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000010 [ 52.511260][ C0] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 [ 52.512608][ C0] Call trace: [ 52.513160][ C0] __folio_end_writeback+0x7d0/0x9cc [ 52.514005][ C0] folio_end_writeback+0x12c/0x410 [ 52.514917][ C0] end_page_writeback+0x58/0x74 [ 52.515770][ C0] end_buffer_async_write+0x32c/0x4f4 [ 52.516729][ C0] end_bio_bh_io_sync+0xb0/0x1dc [ 52.517588][ C0] bio_endio+0x750/0x794 [ 52.518346][ C0] blk_update_request+0x49c/0xbec [ 52.519209][ C0] blk_mq_end_request+0x54/0x88 [ 52.520058][ C0] lo_complete_rq+0x1ec/0x250 [ 52.520862][ C0] blk_done_softirq+0x11c/0x168 [ 52.521678][ C0] handle_softirqs+0x318/0xc60 [ 52.522478][ C0] run_ksoftirqd+0x7c/0x2ac [ 52.523197][ C0] smpboot_thread_fn+0x4b0/0x964 [ 52.523989][ C0] kthread+0x250/0x2d8 [ 52.524646][ C0] ret_from_fork+0x10/0x20 [ 52.525392][ C0] irq event stamp: 402273 [ 52.526129][ C0] hardirqs last enabled at (402272): [] folio_memcg_lock+0xe8/0x1f4 [ 52.527697][ C0] hardirqs last disabled at (402273): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 52.529384][ C0] softirqs last enabled at (402262): [] handle_softirqs+0xaec/0xc60 [ 52.530933][ C0] softirqs last disabled at (402267): [] run_ksoftirqd+0x7c/0x2ac [ 52.532520][ C0] ---[ end trace 0000000000000000 ]---