Warning: Permanently added '10.128.1.139' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs syzkaller login: [ 33.746282][ T4323] cgroup: Unknown subsys name 'net' [ 33.970545][ T4323] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 34.285241][ T4323] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 38.192992][ T4347] chnl_net:caif_netlink_parms(): no params data found [ 38.213757][ T4347] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.214898][ T4347] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.216358][ T4347] device bridge_slave_0 entered promiscuous mode [ 38.219100][ T4347] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.220272][ T4347] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.221796][ T4347] device bridge_slave_1 entered promiscuous mode [ 38.228927][ T4347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.231405][ T4347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.238113][ T4347] team0: Port device team_slave_0 added [ 38.239858][ T4347] team0: Port device team_slave_1 added [ 38.245338][ T4347] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.246367][ T4347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.250561][ T4347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.253698][ T4347] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.254712][ T4347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.258537][ T4347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.329264][ T4347] device hsr_slave_0 entered promiscuous mode [ 38.388053][ T4347] device hsr_slave_1 entered promiscuous mode [ 38.474360][ T4347] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.511381][ T4347] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.570835][ T4347] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.619797][ T4347] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.676401][ T4347] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.677571][ T4347] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.679069][ T4347] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.680130][ T4347] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.698806][ T4347] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.702615][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.705334][ T90] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.707062][ T90] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.709142][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 38.713279][ T4347] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.716517][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.719499][ T90] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.720657][ T90] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.724426][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.726033][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.727142][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.735903][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.737596][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.741742][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.744464][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.747381][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.751256][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.817455][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 38.818822][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 38.823519][ T4347] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.830562][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.836471][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.839258][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.840685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.850219][ T4347] device veth0_vlan entered promiscuous mode [ 38.854178][ T4347] device veth1_vlan entered promiscuous mode [ 38.862268][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 38.863702][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 38.865426][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.867411][ T4347] device veth0_macvtap entered promiscuous mode [ 38.869991][ T4347] device veth1_macvtap entered promiscuous mode [ 38.875185][ T4347] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.876391][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.879051][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 38.881996][ T4347] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.883325][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.885828][ T4347] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.887092][ T4347] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.889399][ T4347] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.890618][ T4347] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.146186][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.147505][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.149864][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 39.157617][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.159484][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.160968][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 39.225112][ T4380] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.226764][ T4380] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.231361][ T4382] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.233018][ T4382] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.234392][ T4382] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 39.235669][ T4382] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 40.191881][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:40 executed programs: 0 [ 40.319686][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 40.321426][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 40.322800][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 40.324160][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 40.325481][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 40.326722][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 40.377075][ T4420] chnl_net:caif_netlink_parms(): no params data found [ 40.391851][ T4420] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.392979][ T4420] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.394519][ T4420] device bridge_slave_0 entered promiscuous mode [ 40.396488][ T4420] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.397636][ T4420] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.399288][ T4420] device bridge_slave_1 entered promiscuous mode [ 40.407463][ T4420] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.410133][ T4420] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.416575][ T4420] team0: Port device team_slave_0 added [ 40.419144][ T4420] team0: Port device team_slave_1 added [ 40.424789][ T4420] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.425916][ T4420] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.430367][ T4420] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.432748][ T4420] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.433735][ T4420] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.438297][ T4420] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.468934][ T4420] device hsr_slave_0 entered promiscuous mode [ 40.508050][ T4420] device hsr_slave_1 entered promiscuous mode [ 40.547969][ T4420] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.549218][ T4420] Cannot create hsr debugfs directory [ 42.408045][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 42.459262][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.477880][ T4382] Bluetooth: hci0: command 0x041b tx timeout [ 44.480490][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.570424][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.680563][ T4420] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.819636][ T4420] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.910843][ T4420] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.939024][ T4420] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.109600][ T4420] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.113040][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.114531][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.116810][ T4420] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.119467][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.121045][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.122425][ T4427] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.123569][ T4427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.169787][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.172574][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.174119][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.175523][ T4427] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.176764][ T4427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.180145][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.182849][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.185369][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.187044][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.188704][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.191426][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.193082][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.195493][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.196932][ T4427] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.201529][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.203021][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.205671][ T4420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 46.304718][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.305919][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.309059][ T4420] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.314033][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 46.315711][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.322542][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.324380][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.325904][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.327308][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.380222][ T4420] device veth0_vlan entered promiscuous mode [ 46.383225][ T4420] device veth1_vlan entered promiscuous mode [ 46.389647][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 46.391205][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 46.392609][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 46.393966][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.397157][ T4420] device veth0_macvtap entered promiscuous mode [ 46.399732][ T4420] device veth1_macvtap entered promiscuous mode [ 46.404019][ T4420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.405650][ T4420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.407528][ T4420] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.408910][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 46.410333][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 46.411786][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 46.413237][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.415518][ T4420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.417135][ T4420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.420431][ T4420] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.450815][ T497] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 46.452363][ T497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.454817][ T4420] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.456166][ T4420] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.457590][ T4420] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.459944][ T4420] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.477615][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.480600][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.482115][ T497] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 46.487556][ T497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.490775][ T497] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.510552][ T497] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 46.558106][ T4382] Bluetooth: hci0: command 0x040f tx timeout [ 46.670138][ T4503] loop0: detected capacity change from 0 to 32768 [ 46.676451][ T4503] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 46.677919][ T4503] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 46.687603][ T4503] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 46.690223][ T14] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 46.691343][ T14] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 46.704729][ T14] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 13ms [ 46.706479][ T14] gfs2: fsid=syz:syz.0: jid=0: Done [ 46.707464][ T4503] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 46.825492][ T4420] ------------[ cut here ]------------ [ 46.826458][ T4420] WARNING: CPU: 1 PID: 4420 at include/linux/backing-dev.h:247 __folio_mark_dirty+0x8a0/0xcd8 [ 46.828040][ T4420] Modules linked in: [ 46.828713][ T4420] CPU: 1 PID: 4420 Comm: syz-executor Not tainted syzkaller #0 [ 46.829933][ T4420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 46.831638][ T4420] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 46.833007][ T4420] pc : __folio_mark_dirty+0x8a0/0xcd8 [ 46.833905][ T4420] lr : __folio_mark_dirty+0x8a0/0xcd8 [ 46.834764][ T4420] sp : ffff800020c276e0 [ 46.835425][ T4420] x29: ffff800020c27700 x28: 1fffff8000656158 x27: dfff800000000000 [ 46.836704][ T4420] x26: 0000000000000000 x25: ffff0000c049c990 x24: 0000000000000001 [ 46.838064][ T4420] x23: 0000000000000000 x22: fffffc00032b0ac8 x21: 1fffe00018093932 [ 46.839299][ T4420] x20: ffff0000db0a6250 x19: fffffc00032b0ac0 x18: 0000000000000000 [ 46.840724][ T4420] x17: ffff800018349000 x16: ffff8000082d7ca0 x15: ffff800017e2a000 [ 46.842088][ T4420] x14: 0000000000000001 x13: 1fffe00018093932 x12: 0000000000ff0100 [ 46.843438][ T4420] x11: ff00800008708b70 x10: 0000000000000000 x9 : ffff800008708b70 [ 46.844761][ T4420] x8 : ffff0000cb24d340 x7 : 0000000000000000 x6 : 0000000000000000 [ 46.846102][ T4420] x5 : 0000000000000020 x4 : 0000000000000000 x3 : ffff800008a56aa8 [ 46.847446][ T4420] x2 : ffff0000cee86060 x1 : 0000000000000000 x0 : 0000000000000000 [ 46.848773][ T4420] Call trace: [ 46.849297][ T4420] __folio_mark_dirty+0x8a0/0xcd8 [ 46.850028][ T4420] mark_buffer_dirty+0x2b8/0x5c0 [ 46.850808][ T4420] gfs2_unpin+0x120/0x8fc [ 46.851497][ T4420] buf_lo_after_commit+0x140/0x188 [ 46.852287][ T4420] gfs2_log_flush+0xc00/0x1b20 [ 46.853003][ T4420] gfs2_kill_sb+0x5c/0xd4 [ 46.853692][ T4420] deactivate_locked_super+0xac/0x120 [ 46.854621][ T4420] deactivate_super+0xe4/0x104 [ 46.855394][ T4420] cleanup_mnt+0x390/0x418 [ 46.856075][ T4420] __cleanup_mnt+0x20/0x30 [ 46.856767][ T4420] task_work_run+0x1ec/0x278 [ 46.857536][ T4420] do_notify_resume+0x1fa0/0x2aa4 [ 46.858368][ T4420] el0_svc+0x98/0x128 [ 46.859020][ T4420] el0t_64_sync_handler+0x84/0xf0 [ 46.859907][ T4420] el0t_64_sync+0x18c/0x190 [ 46.860653][ T4420] irq event stamp: 157430 [ 46.861403][ T4420] hardirqs last enabled at (157429): [] folio_memcg_lock+0xe8/0x1f4 [ 46.862974][ T4420] hardirqs last disabled at (157430): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 46.864662][ T4420] softirqs last enabled at (157312): [] local_bh_enable+0x10/0x34 [ 46.866126][ T4420] softirqs last disabled at (157310): [] local_bh_disable+0x10/0x34 [ 46.867702][ T4420] ---[ end trace 0000000000000000 ]--- [ 46.871413][ T4420] ------------[ cut here ]------------ [ 46.872224][ T4420] WARNING: CPU: 1 PID: 4420 at include/linux/backing-dev.h:247 __folio_start_writeback+0x88c/0xa7c [ 46.873859][ T4420] Modules linked in: [ 46.874507][ T4420] CPU: 1 PID: 4420 Comm: syz-executor Tainted: G W syzkaller #0 [ 46.875867][ T4420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 46.877472][ T4420] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 46.878814][ T4420] pc : __folio_start_writeback+0x88c/0xa7c [ 46.879817][ T4420] lr : __folio_start_writeback+0x88c/0xa7c [ 46.880749][ T4420] sp : ffff800020c27180 [ 46.881413][ T4420] x29: ffff800020c27260 x28: dfff800000000000 x27: 0000000000000000 [ 46.882728][ T4420] x26: ffff700004184e38 x25: 0000000000000000 x24: ffff0000db0a6250 [ 46.884046][ T4420] x23: ffff800020c271e0 x22: ffff0000c049c7e8 x21: 0000000000000001 [ 46.885377][ T4420] x20: fffffc00032b0ac8 x19: fffffc00032b0ac0 x18: ffff800011b8bf60 [ 46.886722][ T4420] x17: ffff800018349000 x16: ffff8000082d7ca0 x15: 0000000000000000 [ 46.888055][ T4420] x14: 0000000000000001 x13: 1fffff8000656158 x12: 0000000000ff0100 [ 46.889382][ T4420] x11: ff0080000870b07c x10: 0000000000000000 x9 : ffff80000870b07c [ 46.890688][ T4420] x8 : ffff0000cb24d340 x7 : ffff80000870aae8 x6 : 0000000000000000 [ 46.892018][ T4420] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff80000870ab28 [ 46.893254][ T4420] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 46.894576][ T4420] Call trace: [ 46.895109][ T4420] __folio_start_writeback+0x88c/0xa7c [ 46.895997][ T4420] set_page_writeback+0x5c/0x7c [ 46.896766][ T4420] gfs2_aspace_writepage+0x514/0x6dc [ 46.897673][ T4420] __gfs2_writepage+0x70/0x184 [ 46.898436][ T4420] write_cache_pages+0x74c/0xde8 [ 46.899307][ T4420] gfs2_ail1_flush+0x7c4/0xa14 [ 46.900128][ T4420] empty_ail1_list+0x130/0x214 [ 46.900906][ T4420] gfs2_log_flush+0x12b4/0x1b20 [ 46.901674][ T4420] gfs2_kill_sb+0x5c/0xd4 [ 46.902375][ T4420] deactivate_locked_super+0xac/0x120 [ 46.903300][ T4420] deactivate_super+0xe4/0x104 [ 46.904140][ T4420] cleanup_mnt+0x390/0x418 [ 46.904917][ T4420] __cleanup_mnt+0x20/0x30 [ 46.905687][ T4420] task_work_run+0x1ec/0x278 [ 46.906467][ T4420] do_notify_resume+0x1fa0/0x2aa4 [ 46.907231][ T4420] el0_svc+0x98/0x128 [ 46.907906][ T4420] el0t_64_sync_handler+0x84/0xf0 [ 46.908692][ T4420] el0t_64_sync+0x18c/0x190 [ 46.909450][ T4420] irq event stamp: 157486 [ 46.910106][ T4420] hardirqs last enabled at (157485): [] folio_memcg_lock+0xe8/0x1f4 [ 46.911668][ T4420] hardirqs last disabled at (157486): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 46.913240][ T4420] softirqs last enabled at (157464): [] handle_softirqs+0xaec/0xc60 [ 46.914811][ T4420] softirqs last disabled at (157433): [] __do_softirq+0x14/0x20 [ 46.916292][ T4420] ---[ end trace 0000000000000000 ]--- [ 46.920026][ C1] ------------[ cut here ]------------ [ 46.920998][ C1] WARNING: CPU: 1 PID: 21 at include/linux/backing-dev.h:247 __folio_end_writeback+0x7d0/0x9cc [ 46.922532][ C1] Modules linked in: [ 46.923150][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Tainted: G W syzkaller #0 [ 46.924412][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 46.925803][ C1] pstate: 424000c5 (nZcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 46.926943][ C1] pc : __folio_end_writeback+0x7d0/0x9cc [ 46.927766][ C1] lr : __folio_end_writeback+0x7d0/0x9cc [ 46.928622][ C1] sp : ffff80001ca87970 [ 46.929351][ C1] x29: ffff80001ca87990 x28: dfff800000000000 x27: ffff0000c049c7e8 [ 46.930669][ C1] x26: 0000000000000000 x25: 05ffd60000002052 x24: 1fffff80006d6600 [ 46.931919][ C1] x23: 0000000000000001 x22: ffff0000db0a42a0 x21: ffff0000db0a42a8 [ 46.933101][ C1] x20: 0000000000000001 x19: fffffc00036b3000 x18: ffff800011b8bf60 [ 46.934384][ C1] x17: 1fffe00033eac97e x16: ffff8000082d7ca0 x15: 0000000000000000 [ 46.935643][ C1] x14: 0000000000000003 x13: 1ffff00003950f20 x12: 0000000000ff0100 [ 46.936894][ C1] x11: ff0080000870a5f4 x10: 0000000000000000 x9 : ffff80000870a5f4 [ 46.938169][ C1] x8 : ffff0000c0a51bc0 x7 : 0000000000000000 x6 : 0000000000000000 [ 46.939501][ C1] x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000010 [ 46.940828][ C1] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 [ 46.942168][ C1] Call trace: [ 46.942711][ C1] __folio_end_writeback+0x7d0/0x9cc [ 46.943550][ C1] folio_end_writeback+0x12c/0x410 [ 46.944391][ C1] end_page_writeback+0x58/0x74 [ 46.945154][ C1] end_buffer_async_write+0x32c/0x4f4 [ 46.946049][ C1] end_bio_bh_io_sync+0xb0/0x1dc [ 46.946848][ C1] bio_endio+0x750/0x794 [ 46.947575][ C1] blk_update_request+0x49c/0xbec [ 46.948432][ C1] blk_mq_end_request+0x54/0x88 [ 46.949269][ C1] lo_complete_rq+0x1ec/0x250 [ 46.949997][ C1] blk_done_softirq+0x11c/0x168 [ 46.950779][ C1] handle_softirqs+0x318/0xc60 [ 46.951517][ C1] run_ksoftirqd+0x7c/0x2ac [ 46.952245][ C1] smpboot_thread_fn+0x4b0/0x964 [ 46.953087][ C1] kthread+0x250/0x2d8 [ 46.953753][ C1] ret_from_fork+0x10/0x20 [ 46.954484][ C1] irq event stamp: 390743 [ 46.955156][ C1] hardirqs last enabled at (390742): [] folio_memcg_lock+0xe8/0x1f4 [ 46.956850][ C1] hardirqs last disabled at (390743): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 46.958534][ C1] softirqs last enabled at (390730): [] handle_softirqs+0xaec/0xc60 [ 46.960084][ C1] softirqs last disabled at (390737): [] run_ksoftirqd+0x7c/0x2ac [ 46.961648][ C1] ---[ end trace 0000000000000000 ]---