------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 17 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 17 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 17 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 17 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 17 Comm: rcu_preempt Not tainted 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1a00010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd3506b8 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : 7d14db3a7d4a4300 x8 : 7d14db3a7d4a4300 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P) _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (L) _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 (L) __debug_object_init+0x1ac/0x43c lib/debugobjects.c:755 debug_object_init_on_stack+0x20/0x2c lib/debugobjects.c:794 init_timer_on_stack_key+0x4c/0x148 kernel/time/timer.c:858 schedule_timeout+0x140/0x290 kernel/time/sleep_timeout.c:96 rcu_gp_fqs_loop+0x2cc/0x16e8 kernel/rcu/tree.c:2045 rcu_gp_kthread+0xc0/0x308 kernel/rcu/tree.c:2247 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 irq event stamp: 53850 hardirqs last enabled at (53849): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (53849): [] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 hardirqs last disabled at (53850): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (53850): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (45814): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (45814): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (45757): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd3d5b40 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 153362 hardirqs last enabled at (153361): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (153362): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (153362): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (153304): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (153304): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (153295): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6033 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6033 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6033 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6033 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6033 Comm: udevd Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c2031e50 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000078 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e0477df8 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010003 x10: 0000000000ff0100 x9 : bab1378302fd0100 x8 : bab1378302fd0100 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) __call_rcu_common kernel/rcu/tree.c:3108 [inline] (P) call_rcu+0x538/0xb00 kernel/rcu/tree.c:3190 (P) __call_rcu_common kernel/rcu/tree.c:3108 [inline] (L) call_rcu+0x640/0xb00 kernel/rcu/tree.c:3190 (L) slab_free_hook mm/slub.c:2302 [inline] slab_free mm/slub.c:4598 [inline] kmem_cache_free+0x37c/0x554 mm/slub.c:4700 file_free+0x150/0x210 __fput+0x4bc/0x75c fs/file_table.c:463 __fput_sync+0xc8/0x118 fs/file_table.c:535 __do_sys_close fs/open.c:1554 [inline] __se_sys_close fs/open.c:1539 [inline] __arm64_sys_close+0x154/0x1e0 fs/open.c:1539 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 980500 hardirqs last enabled at (980499): [] __call_rcu_common kernel/rcu/tree.c:3108 [inline] hardirqs last enabled at (980499): [] call_rcu+0x640/0xb00 kernel/rcu/tree.c:3190 hardirqs last disabled at (980500): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (980500): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (980472): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (980470): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6411 Comm: syz-executor331 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000d9740010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000078 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd3d3c28 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010003 x10: 0000000000ff0100 x9 : f5c7c3233e50b800 x8 : f5c7c3233e50b800 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore+0x8/0xc arch/arm64/include/asm/irqflags.h:195 (P) lock_is_held_type+0x150/0x1a8 kernel/locking/lockdep.c:5923 (L) mt_write_locked lib/maple_tree.c:790 [inline] mt_slot_locked lib/maple_tree.c:809 [inline] mas_slot_locked lib/maple_tree.c:822 [inline] mas_wr_walk lib/maple_tree.c:3545 [inline] mas_wr_store_type+0x2d0/0x1370 lib/maple_tree.c:4218 mas_store+0x3e0/0xb8c lib/maple_tree.c:5437 vma_iter_bulk_store include/linux/mm.h:1056 [inline] dup_mmap kernel/fork.c:727 [inline] dup_mm kernel/fork.c:1695 [inline] copy_mm+0xc88/0x1a80 kernel/fork.c:1744 copy_process+0x1568/0x3250 kernel/fork.c:2395 kernel_clone+0x1d8/0x82c kernel/fork.c:2807 __do_sys_clone kernel/fork.c:2950 [inline] __se_sys_clone kernel/fork.c:2918 [inline] __arm64_sys_clone+0x1f8/0x24c kernel/fork.c:2918 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 35538 hardirqs last enabled at (35537): [] ___slab_alloc+0x5e8/0xf4c mm/slub.c:3725 hardirqs last disabled at (35538): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (35538): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (35466): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (35464): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000058 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd396a58 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 154812 hardirqs last enabled at (154811): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (154812): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (154812): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (154788): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (154788): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (154671): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6411 Comm: syz-executor331 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000d9740010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000070 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd2a17a0 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010003 x10: 0000000000ff0100 x9 : f5c7c3233e50b800 x8 : f5c7c3233e50b800 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __nr_to_section include/linux/mmzone.h:1886 [inline] (P) __pfn_to_section include/linux/mmzone.h:1994 [inline] (P) pfn_valid include/linux/mmzone.h:2047 [inline] (P) lowmem_page_address include/linux/mm.h:2249 [inline] (P) folio_address include/linux/mm.h:2260 [inline] (P) folio_set_bh+0x1e4/0x5f8 fs/buffer.c:1559 (P) pfn_valid include/linux/mmzone.h:2045 [inline] (L) lowmem_page_address include/linux/mm.h:2249 [inline] (L) folio_address include/linux/mm.h:2260 [inline] (L) folio_set_bh+0x168/0x5f8 fs/buffer.c:1559 (L) folio_alloc_buffers+0x46c/0x974 fs/buffer.c:935 grow_dev_folio fs/buffer.c:1064 [inline] grow_buffers fs/buffer.c:1105 [inline] __getblk_slow fs/buffer.c:1131 [inline] bdev_getblk+0x25c/0x62c fs/buffer.c:1431 getblk_unmovable include/linux/buffer_head.h:369 [inline] ext4_getblk+0x270/0x7a4 fs/ext4/inode.c:864 ext4_bread+0x3c/0x1b0 fs/ext4/inode.c:912 ext4_append+0x260/0x4cc fs/ext4/namei.c:83 ext4_init_new_dir+0x294/0x8e4 fs/ext4/namei.c:2988 ext4_mkdir+0x3d4/0xa64 fs/ext4/namei.c:3034 vfs_mkdir+0x27c/0x410 fs/namei.c:4311 do_mkdirat+0x248/0x574 fs/namei.c:4334 __do_sys_mkdirat fs/namei.c:4349 [inline] __se_sys_mkdirat fs/namei.c:4347 [inline] __arm64_sys_mkdirat+0x8c/0xa4 fs/namei.c:4347 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 41380 hardirqs last enabled at (41379): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline] hardirqs last enabled at (41379): [] _raw_spin_unlock_irq+0x30/0x80 kernel/locking/spinlock.c:202 hardirqs last disabled at (41380): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (41380): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (41356): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (41354): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000018 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd2cc5d0 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 155216 hardirqs last enabled at (155215): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (155216): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (155216): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (155120): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (155120): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (155015): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000db3e1400 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 156258 hardirqs last enabled at (156257): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (156258): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (156258): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (156174): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (156174): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (156059): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6411 Comm: syz-executor331 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000d9740010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000078 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd262df8 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010005 x10: 0000000000ff0100 x9 : f5c7c3233e50b800 x8 : f5c7c3233e50b800 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) lock_acquire+0x278/0x724 kernel/locking/lockdep.c:5852 (P) lockdep_recursion_finish kernel/locking/lockdep.c:467 [inline] (L) lock_acquire+0x248/0x724 kernel/locking/lockdep.c:5851 (L) rcu_lock_acquire+0x44/0x54 include/linux/rcupdate.h:337 rcu_read_lock include/linux/rcupdate.h:849 [inline] page_ext_get+0x2c/0x2d4 mm/page_ext.c:525 page_table_check_set+0xa0/0x408 mm/page_table_check.c:114 __page_table_check_ptes_set+0x2d0/0x398 mm/page_table_check.c:225 page_table_check_ptes_set include/linux/page_table_check.h:74 [inline] __set_ptes arch/arm64/include/asm/pgtable.h:427 [inline] set_ptes arch/arm64/include/asm/pgtable.h:1673 [inline] __copy_present_ptes mm/memory.c:967 [inline] copy_present_ptes mm/memory.c:1050 [inline] copy_pte_range mm/memory.c:1173 [inline] copy_pmd_range mm/memory.c:1261 [inline] copy_pud_range+0x641c/0x8068 mm/memory.c:1298 copy_p4d_range mm/memory.c:1322 [inline] copy_page_range+0x5fc/0xc4c mm/memory.c:1420 dup_mmap kernel/fork.c:751 [inline] dup_mm kernel/fork.c:1695 [inline] copy_mm+0xe50/0x1a80 kernel/fork.c:1744 copy_process+0x1568/0x3250 kernel/fork.c:2395 kernel_clone+0x1d8/0x82c kernel/fork.c:2807 __do_sys_clone kernel/fork.c:2950 [inline] __se_sys_clone kernel/fork.c:2918 [inline] __arm64_sys_clone+0x1f8/0x24c kernel/fork.c:2918 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 59134 hardirqs last enabled at (59133): [] lruvec_stat_mod_folio include/linux/vmstat.h:557 [inline] hardirqs last enabled at (59133): [] lruvec_stat_add_folio include/linux/vmstat.h:615 [inline] hardirqs last enabled at (59133): [] pagetable_pte_ctor include/linux/mm.h:3000 [inline] hardirqs last enabled at (59133): [] __pte_alloc_one_noprof include/asm-generic/pgalloc.h:73 [inline] hardirqs last enabled at (59133): [] pte_alloc_one_noprof+0x1f8/0x324 include/asm-generic/pgalloc.h:93 hardirqs last disabled at (59134): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (59134): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (59066): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (59064): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000018 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd372400 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 157648 hardirqs last enabled at (157647): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (157648): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (157648): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (157602): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (157602): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (157219): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6437 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6437 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6437 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6437 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6437 Comm: syz-executor331 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000ca640010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000078 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000c1762230 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010005 x10: 0000000000ff0100 x9 : 575e995ce63de200 x8 : 575e995ce63de200 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P) _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (L) _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 (L) spin_unlock_irqrestore include/linux/spinlock.h:406 [inline] get_partial_node+0x38c/0x410 mm/slub.c:2857 get_partial mm/slub.c:2937 [inline] ___slab_alloc+0x6f0/0xf4c mm/slub.c:3795 __slab_alloc+0x74/0xd0 mm/slub.c:3905 __slab_alloc_node mm/slub.c:3980 [inline] slab_alloc_node mm/slub.c:4141 [inline] kmem_cache_alloc_lru_noprof+0x304/0x414 mm/slub.c:4172 __d_alloc+0x40/0x658 fs/dcache.c:1646 d_alloc fs/dcache.c:1726 [inline] d_alloc_parallel+0xc8/0x1184 fs/dcache.c:2490 __lookup_slow+0x108/0x374 fs/namei.c:1776 lookup_slow+0x60/0x84 fs/namei.c:1808 walk_component+0x280/0x36c fs/namei.c:2112 link_path_walk+0x5d4/0xc44 fs/namei.c:2474 path_openat+0x1d0/0x2b14 fs/namei.c:3983 do_filp_open+0x1e8/0x404 fs/namei.c:4014 do_sys_openat2+0x124/0x1b8 fs/open.c:1402 do_sys_open fs/open.c:1417 [inline] __do_sys_openat fs/open.c:1433 [inline] __se_sys_openat fs/open.c:1428 [inline] __arm64_sys_openat+0x1f0/0x240 fs/open.c:1428 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 136 hardirqs last enabled at (135): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (135): [] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 hardirqs last disabled at (136): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (136): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (18): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (16): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd331970 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 158758 hardirqs last enabled at (158757): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (158758): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (158758): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (158734): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (158734): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (158729): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000000 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e045b7a0 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 159162 hardirqs last enabled at (159161): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (159162): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (159162): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (159090): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (159090): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (158977): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e045d888 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 159950 hardirqs last enabled at (159949): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (159950): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (159950): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (159680): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (159680): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (159659): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000008 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd3427a0 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 160134 hardirqs last enabled at (160133): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (160134): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (160134): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (160062): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (160062): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (160051): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e0448c28 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 160366 hardirqs last enabled at (160365): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (160366): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (160366): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (160330): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (160330): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (160317): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6411 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6411 Comm: syz-executor331 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000d9740010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000078 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e0452148 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : f5c7c3233e50b800 x8 : f5c7c3233e50b800 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 i_user_ns include/linux/fs.h:1399 [inline] (P) i_uid_read include/linux/fs.h:1409 [inline] (P) ext4_fill_raw_inode+0x298/0x1fc8 fs/ext4/inode.c:4314 (P) arch_atomic64_andnot arch/arm64/include/asm/atomic.h:64 [inline] (L) raw_atomic64_andnot include/linux/atomic/atomic-arch-fallback.h:3675 [inline] (L) raw_atomic_long_andnot include/linux/atomic/atomic-long.h:964 [inline] (L) arch_clear_bit include/asm-generic/bitops/atomic.h:25 [inline] (L) clear_bit include/asm-generic/bitops/instrumented-atomic.h:42 [inline] (L) ext4_clear_inode_flag fs/ext4/ext4.h:1935 [inline] (L) ext4_inode_blocks_set fs/ext4/inode.c:4272 [inline] (L) ext4_fill_raw_inode+0xa8/0x1fc8 fs/ext4/inode.c:4311 (L) ext4_do_update_inode fs/ext4/inode.c:5150 [inline] ext4_mark_iloc_dirty+0x3f4/0x1940 fs/ext4/inode.c:5808 __ext4_mark_inode_dirty+0x4bc/0x868 fs/ext4/inode.c:6012 ext4_append+0x2fc/0x4cc fs/ext4/namei.c:88 ext4_init_new_dir+0x294/0x8e4 fs/ext4/namei.c:2988 ext4_mkdir+0x3d4/0xa64 fs/ext4/namei.c:3034 vfs_mkdir+0x27c/0x410 fs/namei.c:4311 do_mkdirat+0x248/0x574 fs/namei.c:4334 __do_sys_mkdirat fs/namei.c:4349 [inline] __se_sys_mkdirat fs/namei.c:4347 [inline] __arm64_sys_mkdirat+0x8c/0xa4 fs/namei.c:4347 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 86644 hardirqs last enabled at (86643): [] lookup_bh_lru fs/buffer.c:1382 [inline] hardirqs last enabled at (86643): [] __find_get_block+0x3a4/0xd84 fs/buffer.c:1394 hardirqs last disabled at (86644): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (86644): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (86614): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (86612): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd2fe970 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 166236 hardirqs last enabled at (166235): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (166236): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (166236): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (166164): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (166164): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (166001): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6413 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6413 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6413 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6413 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6413 Comm: udevd Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000d9741e50 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e0409318 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010003 x10: 0000000000ff0100 x9 : 11863914d5a9b100 x8 : 11863914d5a9b100 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 smk_of_task security/smack/smack.h:393 [inline] (P) smk_of_current security/smack/smack.h:425 [inline] (P) smack_file_alloc_security+0xb8/0xe8 security/smack/smack_lsm.c:1692 (P) smk_of_current security/smack/smack.h:425 [inline] (L) smack_file_alloc_security+0x50/0xe8 security/smack/smack_lsm.c:1692 (L) security_file_alloc+0x144/0x328 security/security.c:2857 init_file+0x90/0x264 fs/file_table.c:156 alloc_empty_file+0xc0/0x1d4 fs/file_table.c:232 path_openat+0xd4/0x2b14 fs/namei.c:3973 do_filp_open+0x1e8/0x404 fs/namei.c:4014 do_sys_openat2+0x124/0x1b8 fs/open.c:1402 do_sys_open fs/open.c:1417 [inline] __do_sys_openat fs/open.c:1433 [inline] __se_sys_openat fs/open.c:1428 [inline] __arm64_sys_openat+0x1f0/0x240 fs/open.c:1428 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 328954 hardirqs last enabled at (328953): [] local_daif_restore+0x1c/0x3c arch/arm64/include/asm/daifflags.h:75 hardirqs last disabled at (328954): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (328954): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (326996): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (326996): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (326825): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000018 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd1fbee0 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008b5e791c x15: ffff700011f3fa3c x14: 1ffff00011f3fa3c x13: 0000000000000004 x12: ffffffffffffffff x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008049e63c x2 : 0000000000000000 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 167426 hardirqs last enabled at (167425): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (167426): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (167426): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (166666): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (166666): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (166547): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 13 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 13 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 13 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 13 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: ext4-rsv-conversion ext4_end_io_rsv_work pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c19e8010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e040d4e8 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : aecade3ffe618100 x8 : aecade3ffe618100 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P) _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (L) _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 (L) spin_unlock_irqrestore include/linux/spinlock.h:406 [inline] __folio_end_writeback+0x55c/0x8f0 mm/page-writeback.c:3108 folio_end_writeback+0x128/0x3ac mm/filemap.c:1633 ext4_finish_bio+0x77c/0xe48 fs/ext4/page-io.c:144 ext4_release_io_end+0xdc/0x298 fs/ext4/page-io.c:159 ext4_end_io_end fs/ext4/page-io.c:193 [inline] ext4_do_flush_completed_IO fs/ext4/page-io.c:258 [inline] ext4_end_io_rsv_work+0x458/0x598 fs/ext4/page-io.c:272 process_one_work+0x7a8/0x15cc kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x97c/0xeec kernel/workqueue.c:3391 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 irq event stamp: 83424 hardirqs last enabled at (83423): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (83423): [] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 hardirqs last disabled at (83424): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (83424): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (82688): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (82688): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (82585): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e050a230 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 168814 hardirqs last enabled at (168813): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (168814): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (168814): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (168778): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (168778): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (168761): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000058 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000e0509df8 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 169256 hardirqs last enabled at (169255): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (169256): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (169256): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (169172): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (169172): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (169151): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd390148 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 173208 hardirqs last enabled at (173207): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (173208): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (173208): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (173136): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (173136): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (173121): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 6493 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 6493 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 6493 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 6493 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 6493 Comm: syz-executor331 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c55b3c90 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000078 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd3e2318 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : bd6057c8ff3c4e00 x8 : bd6057c8ff3c4e00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 generic_test_bit include/asm-generic/bitops/generic-non-atomic.h:128 [inline] (P) __sync_icache_dcache+0xd4/0x2c0 arch/arm64/mm/flush.c:56 (P) _compound_head include/linux/page-flags.h:246 [inline] (L) __sync_icache_dcache+0xcc/0x2c0 arch/arm64/mm/flush.c:54 (L) __sync_cache_and_tags arch/arm64/include/asm/pgtable.h:392 [inline] __set_ptes arch/arm64/include/asm/pgtable.h:428 [inline] set_ptes arch/arm64/include/asm/pgtable.h:1673 [inline] set_pte_range+0x3d8/0x644 mm/memory.c:5067 filemap_map_order0_folio mm/filemap.c:3624 [inline] filemap_map_pages+0xe1c/0x1718 mm/filemap.c:3678 do_fault_around mm/memory.c:5280 [inline] do_read_fault mm/memory.c:5313 [inline] do_fault mm/memory.c:5456 [inline] do_pte_missing mm/memory.c:3979 [inline] handle_pte_fault+0x2d0c/0x5890 mm/memory.c:5801 __handle_mm_fault mm/memory.c:5944 [inline] handle_mm_fault+0xf0c/0x17b0 mm/memory.c:6112 do_page_fault+0x404/0x10a8 arch/arm64/mm/fault.c:647 do_translation_fault+0xc4/0x114 arch/arm64/mm/fault.c:783 do_mem_abort+0x74/0x200 arch/arm64/mm/fault.c:919 el0_ia+0xa8/0x248 arch/arm64/kernel/entry-common.c:622 el0t_64_sync_handler+0xb4/0x108 arch/arm64/kernel/entry-common.c:768 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 irq event stamp: 342 hardirqs last enabled at (341): [] local_daif_restore+0x1c/0x3c arch/arm64/include/asm/daifflags.h:75 hardirqs last disabled at (342): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (342): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (300): [] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32 softirqs last disabled at (298): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000058 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd392b40 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 174682 hardirqs last enabled at (174681): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (174682): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (174682): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (174610): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (174610): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (174013): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000008 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd2a6ee0 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 174742 hardirqs last enabled at (174741): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (174742): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (174742): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (174712): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (174712): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (174687): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000058 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd3fa970 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 175150 hardirqs last enabled at (175149): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (175150): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (175150): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (175066): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (175066): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (175053): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ VFS: brelse: Trying to free free buffer WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __brelse fs/buffer.c:1229 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 brelse include/linux/buffer_head.h:324 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 __invalidate_bh_lrus fs/buffer.c:1498 [inline] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1229 invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 Modules linked in: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.13.0-rc2-syzkaller-g2e7aff49b5da #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __brelse fs/buffer.c:1229 [inline] pc : brelse include/linux/buffer_head.h:324 [inline] pc : __invalidate_bh_lrus fs/buffer.c:1498 [inline] pc : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 lr : __brelse fs/buffer.c:1229 [inline] lr : brelse include/linux/buffer_head.h:324 [inline] lr : __invalidate_bh_lrus fs/buffer.c:1498 [inline] lr : invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 sp : ffff800080017e10 x29: ffff800080017e10 x28: 0000000000000001 x27: ffff0000c1b88010 x26: 0000000000000001 x25: 00000000ffffffff x24: ffff0001b363f998 x23: 0000000000000040 x22: dfff800000000000 x21: 0000000000000000 x20: ffff0000dd258888 x19: ffff80008b81fda0 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008326d65c x15: 0000000000000001 x14: 1fffe000366c5eea x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000010004 x10: 0000000000ff0100 x9 : fbd50f5c26badf00 x8 : fbd50f5c26badf00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800080017538 x4 : ffff80008fa6f860 x3 : ffff80008073b194 x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000000 Call trace: __brelse fs/buffer.c:1229 [inline] (P) brelse include/linux/buffer_head.h:324 [inline] (P) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (P) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (P) __brelse fs/buffer.c:1229 [inline] (L) brelse include/linux/buffer_head.h:324 [inline] (L) __invalidate_bh_lrus fs/buffer.c:1498 [inline] (L) invalidate_bh_lru+0x128/0x200 fs/buffer.c:1511 (L) csd_do_func kernel/smp.c:134 [inline] __flush_smp_call_function_queue+0x520/0x20b4 kernel/smp.c:540 generic_smp_call_function_single_interrupt+0x18/0x24 kernel/smp.c:457 do_handle_IPI arch/arm64/kernel/smp.c:968 [inline] ipi_handler+0x1d8/0x7d4 arch/arm64/kernel/smp.c:1016 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:714 [inline] generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:850 [inline] __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:901 [inline] gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:945 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline] el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P) arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P) default_idle_call+0xf8/0x128 kernel/sched/idle.c:124 (L) cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1ec/0x4e0 kernel/sched/idle.c:325 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423 secondary_start_kernel+0x1bc/0x1e4 arch/arm64/kernel/smp.c:279 __secondary_switched+0xc0/0xc4 arch/arm64/kernel/head.S:417 irq event stamp: 179132 hardirqs last enabled at (179131): [] default_idle_call+0xf4/0x128 kernel/sched/idle.c:124 hardirqs last disabled at (179132): [] __el1_irq arch/arm64/kernel/entry-common.c:557 [inline] hardirqs last disabled at (179132): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:575 softirqs last enabled at (179072): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (179072): [] handle_softirqs+0xb44/0xd34 kernel/softirq.c:582 softirqs last disabled at (178951): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]---