[ 9.526404][ T3989] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: [ 9.555519][ T115] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.562531][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.10.14' (ED25519) to the list of known hosts. 1970/01/01 00:00:28 parsed 1 programs syzkaller login: [ 29.141659][ T4321] cgroup: Unknown subsys name 'net' [ 29.397565][ T4321] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 29.670310][ T4321] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 34.474884][ T4339] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 34.476412][ T4339] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 34.477770][ T4339] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 34.479159][ T4339] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 34.480535][ T4339] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 34.481721][ T4339] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.187072][ T4378] chnl_net:caif_netlink_parms(): no params data found [ 35.204065][ T4378] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.206382][ T4378] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.207936][ T4378] device bridge_slave_0 entered promiscuous mode [ 35.210277][ T4378] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.211285][ T4378] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.212777][ T4378] device bridge_slave_1 entered promiscuous mode [ 35.220591][ T4378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.222981][ T4378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.231024][ T4378] team0: Port device team_slave_0 added [ 35.232751][ T4378] team0: Port device team_slave_1 added [ 35.239660][ T4378] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.240778][ T4378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.244974][ T4378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.247619][ T4378] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.248618][ T4378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.252423][ T4378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 35.275888][ T4378] device hsr_slave_0 entered promiscuous mode [ 35.304701][ T4378] device hsr_slave_1 entered promiscuous mode [ 35.367847][ T4378] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 35.386608][ T4378] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 35.444994][ T4378] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 35.524988][ T4378] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 35.583444][ T4378] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.584629][ T4378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.585982][ T4378] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.587125][ T4378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.604100][ T4378] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.617908][ T4378] 8021q: adding VLAN 0 to HW filter on device team0 [ 35.626199][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.628337][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.629958][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.631830][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 35.633342][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 35.636790][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 35.641802][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 35.645443][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 35.648031][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 35.650506][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 35.708095][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 35.709394][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 35.712610][ T4378] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.719205][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 35.725973][ T1700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 35.727558][ T1700] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 35.728764][ T1700] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 35.730892][ T4378] device veth0_vlan entered promiscuous mode [ 35.733905][ T4378] device veth1_vlan entered promiscuous mode [ 35.751280][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 35.752763][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 35.755460][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.759093][ T4378] device veth0_macvtap entered promiscuous mode [ 35.761672][ T4378] device veth1_macvtap entered promiscuous mode [ 35.767774][ T4378] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.768959][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.770933][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 35.774516][ T4378] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 35.776568][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.788799][ T4378] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.790044][ T4378] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.791270][ T4378] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.792547][ T4378] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 35.886874][ T1700] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 35.888134][ T1700] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.890112][ T1700] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 35.909657][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 35.910853][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.912597][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 36.716989][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:37 executed programs: 0 [ 37.087010][ T4339] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.088906][ T4339] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.090133][ T4339] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.091626][ T4339] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.092972][ T4339] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 37.094187][ T4339] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 37.139681][ T4429] chnl_net:caif_netlink_parms(): no params data found [ 37.154529][ T4429] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.155865][ T4429] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.157379][ T4429] device bridge_slave_0 entered promiscuous mode [ 37.159544][ T4429] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.160540][ T4429] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.161839][ T4429] device bridge_slave_1 entered promiscuous mode [ 37.168794][ T4429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.171125][ T4429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.177960][ T4429] team0: Port device team_slave_0 added [ 37.179636][ T4429] team0: Port device team_slave_1 added [ 37.186265][ T4429] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.187396][ T4429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.191394][ T4429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.193666][ T4429] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.195436][ T4429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.199400][ T4429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.255716][ T4429] device hsr_slave_0 entered promiscuous mode [ 37.295780][ T4429] device hsr_slave_1 entered promiscuous mode [ 37.334704][ T4429] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 37.335958][ T4429] Cannot create hsr debugfs directory [ 38.716713][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.114786][ T47] Bluetooth: hci0: command 0x0409 tx timeout [ 40.965826][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.046701][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.195251][ T47] Bluetooth: hci0: command 0x041b tx timeout [ 42.087989][ T4429] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 42.176356][ T4429] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 42.205706][ T4429] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 42.286810][ T4429] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 42.409338][ T4429] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.413781][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.415862][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.477930][ T4429] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.480330][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.481867][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.483761][ T4415] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.485068][ T4415] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.486845][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.490289][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.491730][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.493550][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.494706][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.497498][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.500111][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.502826][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.504934][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.506523][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 42.547660][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.549285][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.551802][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.553197][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.556472][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.558154][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.560913][ T4429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 42.611057][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 42.612332][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 42.616639][ T4429] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.622091][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.623707][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.913807][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.916386][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.919946][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.921335][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.923184][ T4429] device veth0_vlan entered promiscuous mode [ 42.926554][ T4429] device veth1_vlan entered promiscuous mode [ 42.932409][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.933996][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.936525][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.937972][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.940961][ T4429] device veth0_macvtap entered promiscuous mode [ 42.943156][ T4429] device veth1_macvtap entered promiscuous mode [ 42.987420][ T4429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.990113][ T4429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.992333][ T4429] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.994146][ T4429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.996172][ T4429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.998816][ T4429] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.999948][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 43.001624][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 43.003111][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 43.004721][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.006140][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 43.007686][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 43.010635][ T4429] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.011851][ T4429] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.013047][ T4429] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.014324][ T4429] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.274612][ T47] Bluetooth: hci0: command 0x040f tx timeout [ 43.356824][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.358102][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.359996][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 43.368277][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.369450][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.371288][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 43.425662][ T9] device hsr_slave_0 left promiscuous mode [ 43.465813][ T9] device hsr_slave_1 left promiscuous mode [ 43.518941][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 43.520128][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 43.521781][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.522942][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 43.524437][ T9] device bridge_slave_1 left promiscuous mode [ 43.526624][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.530274][ T4501] loop0: detected capacity change from 0 to 32768 [ 43.536558][ T4501] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 43.537892][ T4501] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 43.542985][ T4501] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 43.547050][ T4394] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 43.548078][ T4394] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 43.557766][ T4394] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 9ms [ 43.559343][ T4394] gfs2: fsid=syz:syz.0: jid=0: Done [ 43.560323][ T4501] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 43.580372][ T9] device bridge_slave_0 left promiscuous mode [ 43.581501][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.602378][ T4501] gfs2: fsid=syz:syz.0: found 1 quota changes [ 43.613964][ T4429] ------------[ cut here ]------------ [ 43.614953][ T4429] WARNING: CPU: 0 PID: 4429 at include/linux/backing-dev.h:247 __folio_mark_dirty+0x8a0/0xcd8 [ 43.616548][ T4429] Modules linked in: [ 43.617153][ T4429] CPU: 0 PID: 4429 Comm: syz-executor Not tainted syzkaller #0 [ 43.618358][ T4429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 43.620010][ T4429] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 43.621179][ T4429] pc : __folio_mark_dirty+0x8a0/0xcd8 [ 43.622110][ T4429] lr : __folio_mark_dirty+0x8a0/0xcd8 [ 43.622906][ T4429] sp : ffff800020cc76e0 [ 43.623524][ T4429] x29: ffff800020cc7700 x28: 1fffff80006a8938 x27: dfff800000000000 [ 43.624761][ T4429] x26: 0000000000000000 x25: ffff0000c049c990 x24: 0000000000000001 [ 43.626047][ T4429] x23: 0000000000000000 x22: fffffc00035449c8 x21: 1fffe00018093932 [ 43.627312][ T4429] x20: ffff0000d47d0c40 x19: fffffc00035449c0 x18: ffff800011b7bf60 [ 43.628583][ T4429] x17: ffff800018338000 x16: ffff8000082d7e60 x15: ffff800017e19000 [ 43.629892][ T4429] x14: 0000000000000001 x13: 1fffe00018093932 x12: 0000000000ff0100 [ 43.631177][ T4429] x11: ff00800008708680 x10: 0000000000000000 x9 : ffff800008708680 [ 43.632519][ T4429] x8 : ffff0000da163780 x7 : 0000000000000000 x6 : 0000000000000000 [ 43.633768][ T4429] x5 : 0000000000000020 x4 : 0000000000000000 x3 : ffff800008a560e8 [ 43.635077][ T4429] x2 : ffff0000ce590060 x1 : 0000000000000000 x0 : 0000000000000000 [ 43.636312][ T4429] Call trace: [ 43.636775][ T4429] __folio_mark_dirty+0x8a0/0xcd8 [ 43.637568][ T4429] mark_buffer_dirty+0x2b8/0x5c0 [ 43.638285][ T4429] gfs2_unpin+0x120/0x8fc [ 43.638901][ T4429] buf_lo_after_commit+0x140/0x188 [ 43.639695][ T4429] gfs2_log_flush+0xbf0/0x1b10 [ 43.640402][ T4429] gfs2_kill_sb+0x5c/0xd4 [ 43.640984][ T4429] deactivate_locked_super+0xac/0x120 [ 43.641762][ T4429] deactivate_super+0xe4/0x104 [ 43.642455][ T4429] cleanup_mnt+0x390/0x418 [ 43.643133][ T4429] __cleanup_mnt+0x20/0x30 [ 43.643803][ T4429] task_work_run+0x1ec/0x278 [ 43.644476][ T4429] do_notify_resume+0x1fa0/0x2aa4 [ 43.645243][ T4429] el0_svc+0x98/0x128 [ 43.645906][ T4429] el0t_64_sync_handler+0x84/0xf0 [ 43.646675][ T4429] el0t_64_sync+0x18c/0x190 [ 43.647400][ T4429] irq event stamp: 157472 [ 43.648037][ T4429] hardirqs last enabled at (157471): [] folio_memcg_lock+0xe8/0x1f4 [ 43.649583][ T4429] hardirqs last disabled at (157472): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 43.651149][ T4429] softirqs last enabled at (157344): [] local_bh_enable+0x10/0x34 [ 43.652639][ T4429] softirqs last disabled at (157342): [] local_bh_disable+0x10/0x34 [ 43.654136][ T4429] ---[ end trace 0000000000000000 ]--- [ 43.657807][ T4429] ------------[ cut here ]------------ [ 43.658691][ T4429] WARNING: CPU: 0 PID: 4429 at include/linux/backing-dev.h:247 __folio_start_writeback+0x88c/0xa7c [ 43.660338][ T4429] Modules linked in: [ 43.660975][ T4429] CPU: 0 PID: 4429 Comm: syz-executor Tainted: G W syzkaller #0 [ 43.662332][ T4429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 43.663867][ T4429] pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 43.665097][ T4429] pc : __folio_start_writeback+0x88c/0xa7c [ 43.666002][ T4429] lr : __folio_start_writeback+0x88c/0xa7c [ 43.666878][ T4429] sp : ffff800020cc7180 [ 43.667555][ T4429] x29: ffff800020cc7260 x28: dfff800000000000 x27: 0000000000000000 [ 43.668873][ T4429] x26: ffff700004198e38 x25: 0000000000000000 x24: ffff0000d47d0c40 [ 43.670117][ T4429] x23: ffff800020cc71e0 x22: ffff0000c049c7e8 x21: 0000000000000001 [ 43.671401][ T4429] x20: fffffc00035449c8 x19: fffffc00035449c0 x18: ffff800011b7bf60 [ 43.672616][ T4429] x17: ffff800018338000 x16: ffff8000082d7e60 x15: 0000000000000000 [ 43.673927][ T4429] x14: 0000000000000001 x13: 1fffff80006a8938 x12: 0000000000ff0100 [ 43.675181][ T4429] x11: ff0080000870ab8c x10: 0000000000000000 x9 : ffff80000870ab8c [ 43.676411][ T4429] x8 : ffff0000da163780 x7 : ffff80000870a5f8 x6 : 0000000000000000 [ 43.677585][ T4429] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff80000870a638 [ 43.678901][ T4429] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000 [ 43.680210][ T4429] Call trace: [ 43.680728][ T4429] __folio_start_writeback+0x88c/0xa7c [ 43.681536][ T4429] set_page_writeback+0x5c/0x7c [ 43.682293][ T4429] gfs2_aspace_writepage+0x514/0x6dc [ 43.683132][ T4429] __gfs2_writepage+0x70/0x184 [ 43.683905][ T4429] write_cache_pages+0x74c/0xde8 [ 43.684674][ T4429] gfs2_ail1_flush+0x7c4/0xa14 [ 43.685406][ T4429] empty_ail1_list+0x130/0x214 [ 43.686163][ T4429] gfs2_log_flush+0x12a4/0x1b10 [ 43.686956][ T4429] gfs2_kill_sb+0x5c/0xd4 [ 43.687659][ T4429] deactivate_locked_super+0xac/0x120 [ 43.688558][ T4429] deactivate_super+0xe4/0x104 [ 43.689313][ T4429] cleanup_mnt+0x390/0x418 [ 43.689968][ T4429] __cleanup_mnt+0x20/0x30 [ 43.690713][ T4429] task_work_run+0x1ec/0x278 [ 43.691483][ T4429] do_notify_resume+0x1fa0/0x2aa4 [ 43.692319][ T4429] el0_svc+0x98/0x128 [ 43.692957][ T4429] el0t_64_sync_handler+0x84/0xf0 [ 43.693772][ T4429] el0t_64_sync+0x18c/0x190 [ 43.694469][ T4429] irq event stamp: 157580 [ 43.695133][ T4429] hardirqs last enabled at (157579): [] folio_memcg_lock+0xe8/0x1f4 [ 43.696641][ T4429] hardirqs last disabled at (157580): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 43.698233][ T4429] softirqs last enabled at (157558): [] handle_softirqs+0xaec/0xc60 [ 43.699734][ T4429] softirqs last disabled at (157475): [] __do_softirq+0x14/0x20 [ 43.701161][ T4429] ---[ end trace 0000000000000000 ]--- [ 43.705650][ C1] ------------[ cut here ]------------ [ 43.706542][ C1] WARNING: CPU: 1 PID: 21 at include/linux/backing-dev.h:247 __folio_end_writeback+0x7d0/0x9cc [ 43.708033][ C1] Modules linked in: [ 43.708618][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Tainted: G W syzkaller #0 [ 43.709879][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 43.711306][ C1] pstate: 424000c5 (nZcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 43.712449][ C1] pc : __folio_end_writeback+0x7d0/0x9cc [ 43.713299][ C1] lr : __folio_end_writeback+0x7d0/0x9cc [ 43.714082][ C1] sp : ffff80001ca77970 [ 43.714761][ C1] x29: ffff80001ca77990 x28: dfff800000000000 x27: ffff0000c049c7e8 [ 43.715974][ C1] x26: 0000000000000000 x25: 05ffd60000002052 x24: 1fffff80006a8930 [ 43.717231][ C1] x23: 0000000000000001 x22: ffff0000ce4682a0 x21: ffff0000ce4682a8 [ 43.718454][ C1] x20: 0000000000000001 x19: fffffc0003544980 x18: ffff800011b7bf60 [ 43.719663][ C1] x17: 1fffe00033eaed7e x16: ffff8000082d7e60 x15: 0000000000000000 [ 43.720834][ C1] x14: 0000000000000003 x13: 1ffff0000394ef20 x12: 0000000000ff0100 [ 43.722099][ C1] x11: ff0080000870a104 x10: 0000000000000000 x9 : ffff80000870a104 [ 43.723350][ C1] x8 : ffff0000c0a51bc0 x7 : 0000000000000000 x6 : 0000000000000000 [ 43.724510][ C1] x5 : 0000000000000080 x4 : 0000000000000000 x3 : 0000000000000010 [ 43.725680][ C1] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000 [ 43.726949][ C1] Call trace: [ 43.727427][ C1] __folio_end_writeback+0x7d0/0x9cc [ 43.728249][ C1] folio_end_writeback+0x12c/0x410 [ 43.728967][ C1] end_page_writeback+0x58/0x74 [ 43.729705][ C1] end_buffer_async_write+0x32c/0x4f4 [ 43.730512][ C1] end_bio_bh_io_sync+0xb0/0x1dc [ 43.731241][ C1] bio_endio+0x750/0x794 [ 43.731882][ C1] blk_update_request+0x49c/0xbec [ 43.732612][ C1] blk_mq_end_request+0x54/0x88 [ 43.733397][ C1] lo_complete_rq+0x1ec/0x250 [ 43.734070][ C1] blk_done_softirq+0x11c/0x168 [ 43.734812][ C1] handle_softirqs+0x318/0xc60 [ 43.735582][ C1] run_ksoftirqd+0x7c/0x2ac [ 43.736234][ C1] smpboot_thread_fn+0x4b0/0x964 [ 43.736986][ C1] kthread+0x250/0x2d8 [ 43.737637][ C1] ret_from_fork+0x10/0x20 [ 43.738298][ C1] irq event stamp: 379749 [ 43.738890][ C1] hardirqs last enabled at (379748): [] folio_memcg_lock+0xe8/0x1f4 [ 43.740388][ C1] hardirqs last disabled at (379749): [] _raw_spin_lock_irqsave+0xa4/0xb0 [ 43.742009][ C1] softirqs last enabled at (379738): [] handle_softirqs+0xaec/0xc60 [ 43.743445][ C1] softirqs last disabled at (379743): [] run_ksoftirqd+0x7c/0x2ac [ 43.744821][ C1] ---[ end trace 0000000000000000 ]--- [ 43.750280][ T4429] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 43.750280][ T4429] inode = 11 2339 [ 43.750280][ T4429] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 464 [ 43.753342][ T4429] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 43.764627][ T4429] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:4429 [syz-executor] gfs2_quota_sync+0x2cc/0x500 [ 43.766193][ T4429] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 43.767351][ T4429] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 43.795791][ T9] device veth1_macvtap left promiscuous mode [ 43.796894][ T9] device veth0_macvtap left promiscuous mode [ 43.798064][ T9] device veth1_vlan left promiscuous mode [ 43.799025][ T9] device veth0_vlan left promiscuous mode