[ 9.384558][ T3991] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: [ 9.415371][ T1579] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.428087][ T1579] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.53' (ED25519) to the list of known hosts. 1970/01/01 00:00:26 parsed 1 programs syzkaller login: [ 27.613035][ T4325] cgroup: Unknown subsys name 'net' [ 27.839548][ T4325] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 28.134281][ T4325] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 34.515804][ T4360] chnl_net:caif_netlink_parms(): no params data found [ 34.533073][ T4360] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.534371][ T4360] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.535897][ T4360] device bridge_slave_0 entered promiscuous mode [ 34.538939][ T4360] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.540097][ T4360] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.541578][ T4360] device bridge_slave_1 entered promiscuous mode [ 34.549016][ T4360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 34.551416][ T4360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 34.558269][ T4360] team0: Port device team_slave_0 added [ 34.560094][ T4360] team0: Port device team_slave_1 added [ 34.565256][ T4360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.566381][ T4360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.570795][ T4360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.574104][ T4360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 34.575220][ T4360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.579429][ T4360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.627584][ T4360] device hsr_slave_0 entered promiscuous mode [ 34.676589][ T4360] device hsr_slave_1 entered promiscuous mode [ 34.752777][ T4360] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 34.809314][ T4360] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 34.858626][ T4360] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 34.908226][ T4360] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 34.965144][ T4360] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.966336][ T4360] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.967796][ T4360] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.968983][ T4360] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.988320][ T4360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.992923][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.995419][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.998119][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.002576][ T4360] 8021q: adding VLAN 0 to HW filter on device team0 [ 35.005521][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.007267][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.008405][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.067354][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.068978][ T1573] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.070146][ T1573] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.077995][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 35.079773][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 35.084188][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 35.087585][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 35.090375][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 35.093250][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 35.163796][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 35.165122][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 35.170419][ T4360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.177438][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 35.183120][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 35.184768][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 35.186182][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 35.189375][ T4360] device veth0_vlan entered promiscuous mode [ 35.192691][ T4360] device veth1_vlan entered promiscuous mode [ 35.200250][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 35.201782][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 35.203257][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.205792][ T4360] device veth0_macvtap entered promiscuous mode [ 35.208370][ T4360] device veth1_macvtap entered promiscuous mode [ 35.214834][ T4360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.216529][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.219307][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 35.223380][ T4360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 35.224692][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.229315][ T4360] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.230727][ T4360] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.232075][ T4360] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.233450][ T4360] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.776275][ T4405] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 35.778869][ T4405] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 35.780265][ T4405] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 35.781778][ T4405] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 35.783213][ T4405] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 35.784555][ T4405] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.901902][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 35.903247][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.905090][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 35.919748][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 35.920935][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.922281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:00:36 executed programs: 0 [ 36.124177][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 36.125861][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 36.128566][ T4403] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 36.130313][ T4403] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 36.131758][ T4403] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 36.132985][ T4403] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 36.272925][ T4418] chnl_net:caif_netlink_parms(): no params data found [ 36.289382][ T4418] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.290625][ T4418] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.292144][ T4418] device bridge_slave_0 entered promiscuous mode [ 36.294396][ T4418] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.295598][ T4418] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.297277][ T4418] device bridge_slave_1 entered promiscuous mode [ 36.304042][ T4418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.306785][ T4418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.314199][ T4418] team0: Port device team_slave_0 added [ 36.316098][ T4418] team0: Port device team_slave_1 added [ 36.323094][ T4418] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.324198][ T4418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.328710][ T4418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.331262][ T4418] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.332349][ T4418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.336330][ T4418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.397666][ T4418] device hsr_slave_0 entered promiscuous mode [ 36.436700][ T4418] device hsr_slave_1 entered promiscuous mode [ 36.476541][ T4418] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.477867][ T4418] Cannot create hsr debugfs directory [ 36.807918][ T1579] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.156748][ T4405] Bluetooth: hci0: command 0x0409 tx timeout [ 39.747594][ T1579] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.236966][ T4405] Bluetooth: hci0: command 0x041b tx timeout [ 40.597760][ T1579] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.718549][ T1579] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.619285][ T4418] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 41.738200][ T4418] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 41.828719][ T4418] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 41.989165][ T4418] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 42.135316][ T4418] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.138894][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.140381][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.142768][ T4418] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.145086][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.146760][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.148210][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.149307][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.150822][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.229415][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.231003][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.232503][ T1573] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.233641][ T1573] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.236517][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.239430][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.242733][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.244694][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.246320][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 42.250327][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.251932][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.254400][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.255736][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.259062][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.260522][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.262847][ T4418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 42.326909][ T4405] Bluetooth: hci0: command 0x040f tx timeout [ 42.347598][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 42.348904][ T1573] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 42.351627][ T4418] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.357262][ T4426] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.358734][ T4426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.365882][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.368867][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.370326][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.371656][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.409477][ T4418] device veth0_vlan entered promiscuous mode [ 42.412380][ T4418] device veth1_vlan entered promiscuous mode [ 42.419015][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.420583][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.421933][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.423398][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.425605][ T4418] device veth0_macvtap entered promiscuous mode [ 42.428092][ T4418] device veth1_macvtap entered promiscuous mode [ 42.433485][ T4418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.435120][ T4418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.437448][ T4418] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.438815][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.440374][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.441803][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.443250][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.445424][ T4418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.447999][ T4418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.450145][ T4418] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.498381][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.499891][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.502516][ T4418] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.503928][ T4418] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.505214][ T4418] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.506552][ T4418] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.525152][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.528255][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.529801][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.535068][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.536303][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.539149][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.697157][ T4521] loop0: detected capacity change from 0 to 32768 [ 42.709345][ T4521] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 42.710597][ T4521] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 42.715073][ T4521] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 42.718458][ T4467] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 42.719501][ T4467] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 42.732080][ T4467] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 12ms [ 42.734729][ T4467] gfs2: fsid=syz:syz.0: jid=0: Done [ 42.735673][ T4521] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 42.794663][ T4418] ------------[ cut here ]------------ [ 42.795643][ T4418] WARNING: CPU: 1 PID: 4418 at include/linux/backing-dev.h:247 __folio_mark_dirty+0x8a0/0xcd8 [ 42.797232][ T4418] Modules linked in: [ 42.797889][ T4418] CPU: 1 PID: 4418 Comm: syz-executor Not tainted syzkaller #0 [ 42.799162][ T4418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 42.800757][ T4418] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 42.802043][ T4418] pc : __folio_mark_dirty+0x8a0/0xcd8 [ 42.802885][ T4418] lr : __folio_mark_dirty+0x8a0/0xcd8 [ 42.803764][ T4418] sp : ffff8000209c76e0 [ 42.804423][ T4418] x29: ffff8000209c7700 x28: 1fffff80006e4668 x27: dfff800000000000 [ 42.805798][ T4418] x26: 0000000000000000 x25: ffff0000c58ebe90 x24: 0000000000000001 [ 42.807245][ T4418] x23: 0000000000000000 x22: fffffc0003723348 x21: 1fffe00018b1d7d2 [ 42.808643][ T4418] x20: ffff0000da972250 x19: fffffc0003723340 x18: ffff800011b8bf60 [ 42.809952][ T4418] x17: ffff800018349000 x16: ffff8000082d7ca0 x15: ffff800017e2a000 [ 42.811189][ T4418] x14: 0000000000000001 x13: 1fffe00018b1d7d2 x12: 0000000000ff0100 [ 42.812445][ T4418] x11: ff00800008708b70 x10: 0000000000000000 x9 : ffff800008708b70 [ 42.813789][ T4418] x8 : ffff0000cf878000 x7 : 0000000000000000 x6 : 0000000000000000 [ 42.815142][ T4418] x5 : 0000000000000020 x4 : 0000000000000000 x3 : ffff800008a56aa8 [ 42.816498][ T4418] x2 : ffff0000cea6a060 x1 : 0000000000000000 x0 : 0000000000000000 [ 42.817739][ T4418] Call trace: [ 42.818290][ T4418] __folio_mark_dirty+0x8a0/0xcd8 [ 42.819185][ T4418] mark_buffer_dirty+0x2b8/0x5c0 [ 42.819956][ T4418] gfs2_unpin+0x120/0x8fc [ 42.820622][ T4418] buf_lo_after_commit+0x140/0x188 [ 42.821391][ T4418] gfs2_log_flush+0xc00/0x1b20 [ 42.822115][ T4418] gfs2_kill_sb+0x5c/0xd4 [ 42.822756][ T4418] deactivate_locked_super+0xac/0x120 [ 42.823545][ T4418] deactivate_super+0xe4/0x104 [ 42.824314][ T4418] cleanup_mnt+0x390/0x418 [ 42.824982][ T4418] __cleanup_mnt+0x20/0x30 [ 42.825671][ T4418] task_work_run+0x1ec/0x278 [ 42.826368][ T4418] do_notify_resume+0x1fa0/0x2aa4 [ 42.827262][ T4418] el0_svc+0x98/0x128 [ 42.827937][ T4418] el0t_64_sync_handler+0x84/0xf0 [ 42.828717][ T4418] el0t_64_sync+0x18c/0x190 [ 42.829542][ T4418] irq event stamp: 158810 [ 42.830286][ T4418] hardirqs last enabled at (158809): [] folio_memcg_lock+0xe8/0x1f4 [ 42.831827][ T4418] hardirqs last disabled at (158810): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 42.833556][ T4418] softirqs last enabled at (158692): [] local_bh_enable+0x10/0x34 [ 42.835113][ T4418] softirqs last disabled at (158690): [] local_bh_disable+0x10/0x34 [ 42.836674][ T4418] ---[ end trace 0000000000000000 ]--- [ 42.842066][ T4418] ------------[ cut here ]------------ [ 42.842986][ T4418] WARNING: CPU: 1 PID: 4418 at include/linux/backing-dev.h:247 __folio_start_writeback+0x88c/0xa7c [ 42.844663][ T4418] Modules linked in: [ 42.845359][ T4418] CPU: 1 PID: 4418 Comm: syz-executor Tainted: G W syzkaller #0 [ 42.846877][ T4418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 42.848563][ T4418] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 42.849870][ T4418] pc : __folio_start_writeback+0x88c/0xa7c [ 42.850774][ T4418] lr : __folio_start_writeback+0x88c/0xa7c [ 42.851730][ T4418] sp : ffff8000209c7180 [ 42.852433][ T4418] x29: ffff8000209c7260 x28: dfff800000000000 x27: 0000000000000000 [ 42.853783][ T4418] x26: ffff700004138e38 x25: 0000000000000000 x24: ffff0000da972250 [ 42.855150][ T4418] x23: ffff8000209c71e0 x22: ffff0000c58ebce8 x21: 0000000000000001 [ 42.856453][ T4418] x20: fffffc0003723348 x19: fffffc0003723340 x18: ffff800011b8bf60 [ 42.857776][ T4418] x17: ffff800018349000 x16: ffff8000082d7ca0 x15: 0000000000000000 [ 42.859085][ T4418] x14: 0000000000000001 x13: 1fffff80006e4668 x12: 0000000000ff0100 [ 42.860394][ T4418] x11: ff0080000870b07c x10: 0000000000000000 x9 : ffff80000870b07c [ 42.861679][ T4418] x8 : ffff0000cf878000 x7 : ffff80000870aae8 x6 : 0000000000000000 [ 42.862991][ T4418] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff80000870ab28 [ 42.864245][ T4418] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 42.865632][ T4418] Call trace: [ 42.866202][ T4418] __folio_start_writeback+0x88c/0xa7c [ 42.867132][ T4418] set_page_writeback+0x5c/0x7c [ 42.867972][ T4418] gfs2_aspace_writepage+0x514/0x6dc [ 42.868842][ T4418] __gfs2_writepage+0x70/0x184 [ 42.869633][ T4418] write_cache_pages+0x74c/0xde8 [ 42.870454][ T4418] gfs2_ail1_flush+0x7c4/0xa14 [ 42.871241][ T4418] empty_ail1_list+0x130/0x214 [ 42.872021][ T4418] gfs2_log_flush+0x12b4/0x1b20 [ 42.872840][ T4418] gfs2_kill_sb+0x5c/0xd4 [ 42.873557][ T4418] deactivate_locked_super+0xac/0x120 [ 42.874404][ T4418] deactivate_super+0xe4/0x104 [ 42.875213][ T4418] cleanup_mnt+0x390/0x418 [ 42.875914][ T4418] __cleanup_mnt+0x20/0x30 [ 42.876641][ T4418] task_work_run+0x1ec/0x278 [ 42.877364][ T4418] do_notify_resume+0x1fa0/0x2aa4 [ 42.878265][ T4418] el0_svc+0x98/0x128 [ 42.878977][ T4418] el0t_64_sync_handler+0x84/0xf0 [ 42.879842][ T4418] el0t_64_sync+0x18c/0x190 [ 42.880646][ T4418] irq event stamp: 159046 [ 42.881387][ T4418] hardirqs last enabled at (159045): [] folio_memcg_lock+0xe8/0x1f4 [ 42.882917][ T4418] hardirqs last disabled at (159046): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 42.884481][ T4418] softirqs last enabled at (159024): [] handle_softirqs+0xaec/0xc60 [ 42.885982][ T4418] softirqs last disabled at (158813): [] __do_softirq+0x14/0x20 [ 42.887417][ T4418] ---[ end trace 0000000000000000 ]--- [ 42.895498][ C1] ------------[ cut here ]------------ [ 42.896543][ C1] WARNING: CPU: 1 PID: 21 at include/linux/backing-dev.h:247 __folio_end_writeback+0x7d0/0x9cc [ 42.898204][ C1] Modules linked in: [ 42.898893][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Tainted: G W syzkaller #0 [ 42.900307][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 42.901891][ C1] pstate: 424000c5 (nZcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 42.903175][ C1] pc : __folio_end_writeback+0x7d0/0x9cc [ 42.904076][ C1] lr : __folio_end_writeback+0x7d0/0x9cc [ 42.904923][ C1] sp : ffff80001ca87970 [ 42.905554][ C1] x29: ffff80001ca87990 x28: dfff800000000000 x27: ffff0000c58ebce8 [ 42.906721][ C1] x26: 0000000000000000 x25: 05ffd60000002052 x24: 1fffff80006d3120 [ 42.908070][ C1] x23: 0000000000000001 x22: ffff0000da9702a0 x21: ffff0000da9702a8 [ 42.909289][ C1] x20: 0000000000000001 x19: fffffc0003698900 x18: ffff800011b8bf60 [ 42.910675][ C1] x17: 1fffe00033eac97e x16: ffff8000082d7ca0 x15: 0000000000000000 [ 42.911972][ C1] x14: 0000000000000003 x13: 1ffff00003950f20 x12: 0000000000ff0100 [ 42.913271][ C1] x11: ff0080000870a5f4 x10: 0000000000000000 x9 : ffff80000870a5f4 [ 42.914551][ C1] x8 : ffff0000c0a51bc0 x7 : 0000000000000000 x6 : 0000000000000000 [ 42.915841][ C1] x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000010 [ 42.917198][ C1] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 [ 42.918569][ C1] Call trace: [ 42.919139][ C1] __folio_end_writeback+0x7d0/0x9cc [ 42.920038][ C1] folio_end_writeback+0x12c/0x410 [ 42.920891][ C1] end_page_writeback+0x58/0x74 [ 42.921743][ C1] end_buffer_async_write+0x32c/0x4f4 [ 42.922684][ C1] end_bio_bh_io_sync+0xb0/0x1dc [ 42.923493][ C1] bio_endio+0x750/0x794 [ 42.924196][ C1] blk_update_request+0x49c/0xbec [ 42.925044][ C1] blk_mq_end_request+0x54/0x88 [ 42.925854][ C1] lo_complete_rq+0x1ec/0x250 [ 42.926632][ C1] blk_done_softirq+0x11c/0x168 [ 42.927433][ C1] handle_softirqs+0x318/0xc60 [ 42.928174][ C1] run_ksoftirqd+0x7c/0x2ac [ 42.928879][ C1] smpboot_thread_fn+0x4b0/0x964 [ 42.929711][ C1] kthread+0x250/0x2d8 [ 42.930377][ C1] ret_from_fork+0x10/0x20 [ 42.931092][ C1] irq event stamp: 457999 [ 42.931780][ C1] hardirqs last enabled at (457998): [] folio_memcg_lock+0xe8/0x1f4 [ 42.933352][ C1] hardirqs last disabled at (457999): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 42.934958][ C1] softirqs last enabled at (457988): [] handle_softirqs+0xaec/0xc60 [ 42.936415][ C1] softirqs last disabled at (457993): [] run_ksoftirqd+0x7c/0x2ac [ 42.937884][ C1] ---[ end trace 0000000000000000 ]---