Warning: Permanently added '10.128.1.206' (ED25519) to the list of known hosts. 1970/01/01 00:01:05 parsed 1 programs [ 66.383990][ T4511] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 69.623531][ T1968] cfg80211: failed to load regulatory.db [ 69.628771][ T2063] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.629973][ T2063] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.362805][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.364219][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.371062][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 70.376368][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.377594][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.379538][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 70.645233][ T4544] chnl_net:caif_netlink_parms(): no params data found [ 70.667615][ T4544] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.668847][ T4544] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.670420][ T4544] device bridge_slave_0 entered promiscuous mode [ 70.672694][ T4544] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.673966][ T4544] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.675618][ T4544] device bridge_slave_1 entered promiscuous mode [ 70.684716][ T4544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.687228][ T4544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.695574][ T4544] team0: Port device team_slave_0 added [ 70.698143][ T4544] team0: Port device team_slave_1 added [ 70.705390][ T4544] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.706572][ T4544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.710707][ T4544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.713621][ T4544] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.714771][ T4544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.719149][ T4544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.773601][ T4544] device hsr_slave_0 entered promiscuous mode [ 70.811814][ T4544] device hsr_slave_1 entered promiscuous mode [ 71.411646][ T4544] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.452793][ T4544] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.493106][ T4544] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.541985][ T4544] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.629310][ T4544] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.636462][ T4544] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.641776][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.643295][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.644678][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.646220][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.647616][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.648684][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.650103][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.661763][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.663377][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.664535][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.667130][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.668576][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.680904][ T4544] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.684416][ T4544] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.686865][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.688535][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.690219][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.693882][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.701556][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.708095][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.709700][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.711240][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.714716][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.716288][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.717858][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.761500][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 71.763141][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 71.765440][ T4544] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.776566][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 71.778309][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 71.785441][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 71.786914][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 71.788568][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 71.789994][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 71.792828][ T4544] device veth0_vlan entered promiscuous mode [ 71.796629][ T4544] device veth1_vlan entered promiscuous mode [ 71.806792][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 71.808392][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 71.809854][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 71.811475][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 71.816236][ T4544] device veth0_macvtap entered promiscuous mode [ 71.818715][ T4544] device veth1_macvtap entered promiscuous mode [ 71.824794][ T4544] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.825887][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.827463][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.828816][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.830450][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.837016][ T4544] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.839119][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.840700][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.842798][ T4544] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.844115][ T4544] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.845438][ T4544] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.846734][ T4544] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:12 executed programs: 0 [ 72.799252][ T4770] chnl_net:caif_netlink_parms(): no params data found [ 72.823782][ T4770] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.824965][ T4770] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.826901][ T4770] device bridge_slave_0 entered promiscuous mode [ 72.830041][ T4770] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.831140][ T4770] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.836010][ T4770] device bridge_slave_1 entered promiscuous mode [ 72.847728][ T4770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.850638][ T4770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.863283][ T4770] team0: Port device team_slave_0 added [ 72.865426][ T4770] team0: Port device team_slave_1 added [ 72.873087][ T4770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.874128][ T4770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.878106][ T4770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.880595][ T4770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.882920][ T4770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.886679][ T4770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.914560][ T4770] device hsr_slave_0 entered promiscuous mode [ 72.961958][ T4770] device hsr_slave_1 entered promiscuous mode [ 73.001835][ T4770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.003135][ T4770] Cannot create hsr debugfs directory [ 73.047315][ T4770] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.741637][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 75.776251][ T4770] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.821653][ T4169] Bluetooth: hci0: command 0x041b tx timeout [ 77.506389][ T4770] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.546788][ T4770] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.709594][ T4770] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.743302][ T4770] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.792883][ T4770] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.833102][ T4770] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.907156][ T4770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.913813][ T4770] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.915023][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.916487][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.919481][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.921077][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.922897][ T390] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.924036][ T390] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.925498][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.928597][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.930115][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.931669][ T390] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.932785][ T390] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.935919][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 77.938670][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 77.941447][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 77.945015][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 77.950086][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 77.951720][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 77.953466][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 77.955031][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.957233][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.959504][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.961100][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.980596][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.020739][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.022733][ T390] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.043144][ T4770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.049633][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 78.051409][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.058719][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 78.060310][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.062550][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 78.064646][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 78.067018][ T4770] device veth0_vlan entered promiscuous mode [ 78.070581][ T4770] device veth1_vlan entered promiscuous mode [ 78.082958][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 78.084563][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 78.086005][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.087498][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.089971][ T4770] device veth0_macvtap entered promiscuous mode [ 78.092719][ T4770] device veth1_macvtap entered promiscuous mode [ 78.098270][ T4770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.099968][ T4770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.103510][ T4770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.115785][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.117446][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.118994][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.120528][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.123969][ T4770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.125611][ T4770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.127593][ T4770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.128832][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.130462][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.133777][ T4770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.135229][ T4770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.136539][ T4770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.137992][ T4770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.160997][ T390] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.163612][ T390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.166038][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.173324][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.174694][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.176379][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:18 executed programs: 2 [ 78.194398][ T4957] loop0: detected capacity change from 0 to 128 [ 78.200036][ T4957] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.201413][ T4957] Bad inode number on dev loop0: 2 is out of range [ 78.203440][ T4957] SysV FS: get root inode failed [ 78.204205][ T4957] oldfs: cannot read superblock [ 78.209025][ C0] ------------[ cut here ]------------ [ 78.210004][ C0] VFS: brelse: Trying to free free buffer [ 78.210976][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.212320][ C0] Modules linked in: [ 78.212946][ C0] CPU: 0 PID: 4770 Comm: syz-executor Not tainted syzkaller #0 [ 78.214014][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 78.215561][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.216722][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.217510][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.218383][ C0] sp : ffff800008007de0 [ 78.219086][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 78.220388][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 78.221729][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df77f5d0 [ 78.223034][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 78.224345][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 78.225660][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.226988][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 78.228260][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.229601][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 78.230853][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.232098][ C0] Call trace: [ 78.232606][ C0] invalidate_bh_lru+0x128/0x234 [ 78.233447][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.234413][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.235508][ C0] ipi_handler+0x10c/0x710 [ 78.236220][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.237088][ C0] handle_domain_irq+0x144/0x1fc [ 78.237839][ C0] gic_handle_irq+0x78/0x1c8 [ 78.238536][ C0] call_on_irq_stack+0x30/0x48 [ 78.239281][ C0] do_interrupt_handler+0x6c/0x88 [ 78.240066][ C0] el1_interrupt+0x30/0x58 [ 78.240786][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.241508][ C0] el1h_64_irq+0x78/0x7c [ 78.242253][ C0] __local_bh_enable_ip+0x200/0x380 [ 78.243121][ C0] _raw_spin_unlock_bh+0xec/0x174 [ 78.243976][ C0] lock_sock_nested+0x14c/0x1d4 [ 78.244759][ C0] ip_getsockopt+0x310/0x158c [ 78.245550][ C0] tcp_getsockopt+0x208/0x2e78 [ 78.246383][ C0] sock_common_getsockopt+0xa8/0xc4 [ 78.247187][ C0] __sys_getsockopt+0x1b8/0x250 [ 78.247919][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 78.248664][ C0] invoke_syscall+0x98/0x2b8 [ 78.249316][ C0] el0_svc_common+0x138/0x258 [ 78.250077][ C0] do_el0_svc+0x58/0x14c [ 78.250776][ C0] el0_svc+0x78/0x1e0 [ 78.251388][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.252255][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.252959][ C0] irq event stamp: 165780 [ 78.253623][ C0] hardirqs last enabled at (165779): [] __local_bh_enable_ip+0x1f8/0x380 [ 78.255225][ C0] hardirqs last disabled at (165780): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.256847][ C0] softirqs last enabled at (165778): [] lock_sock_nested+0x14c/0x1d4 [ 78.258471][ C0] softirqs last disabled at (165776): [] lock_sock_nested+0xf4/0x1d4 [ 78.260055][ C0] ---[ end trace 2e88ad39bf836a0a ]--- [ 78.306761][ T4959] loop0: detected capacity change from 0 to 128 [ 78.353645][ T4959] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.354851][ T4959] Bad inode number on dev loop0: 2 is out of range [ 78.355945][ T4959] SysV FS: get root inode failed [ 78.356747][ T4959] oldfs: cannot read superblock [ 78.363281][ C1] ------------[ cut here ]------------ [ 78.364221][ C1] VFS: brelse: Trying to free free buffer [ 78.365118][ C1] WARNING: CPU: 1 PID: 4959 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.366554][ C1] Modules linked in: [ 78.367186][ C1] CPU: 1 PID: 4959 Comm: syz.0.17 Tainted: G W syzkaller #0 [ 78.368615][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 78.370233][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.371568][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.372464][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.373357][ C1] sp : ffff800008017de0 [ 78.374003][ C1] x29: ffff800008017de0 x28: ffff0000c86251c0 x27: 1fffe0003421c65b [ 78.375328][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 78.376602][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcdeaa58 [ 78.377788][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 78.379019][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 78.380312][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.381707][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 8809986f7a79ce00 [ 78.383058][ C1] x8 : 8809986f7a79ce00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.384527][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 78.385834][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.387087][ C1] Call trace: [ 78.387616][ C1] invalidate_bh_lru+0x128/0x234 [ 78.388475][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.389466][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.390619][ C1] ipi_handler+0x10c/0x710 [ 78.391370][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.392239][ C1] handle_domain_irq+0x144/0x1fc [ 78.393048][ C1] gic_handle_irq+0x78/0x1c8 [ 78.393808][ C1] call_on_irq_stack+0x30/0x48 [ 78.394641][ C1] do_interrupt_handler+0x6c/0x88 [ 78.395415][ C1] el1_interrupt+0x30/0x58 [ 78.396116][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.396920][ C1] el1h_64_irq+0x78/0x7c [ 78.397617][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 78.398542][ C1] debug_check_no_obj_freed+0x450/0x46c [ 78.399443][ C1] free_unref_page_prepare+0x2fc/0xaa0 [ 78.400291][ C1] free_unref_page_list+0xdc/0x754 [ 78.401168][ C1] release_pages+0x13c8/0x16e0 [ 78.401887][ C1] free_pages_and_swap_cache+0xa0/0xb8 [ 78.402762][ C1] tlb_finish_mmu+0x170/0x324 [ 78.403536][ C1] exit_mmap+0x2c4/0x4e0 [ 78.404228][ C1] __mmput+0xec/0x3b8 [ 78.404869][ C1] mmput+0x80/0xc8 [ 78.405458][ C1] exit_mm+0x4a0/0x684 [ 78.406159][ C1] do_exit+0x4ec/0x1f58 [ 78.406844][ C1] do_group_exit+0x100/0x268 [ 78.407575][ C1] get_signal+0x73c/0x1340 [ 78.408216][ C1] do_notify_resume+0x35c/0x3128 [ 78.408988][ C1] el0_svc+0xf0/0x1e0 [ 78.409585][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.410324][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.411061][ C1] irq event stamp: 2760 [ 78.411646][ C1] hardirqs last enabled at (2759): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 78.413188][ C1] hardirqs last disabled at (2760): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.414632][ C1] softirqs last enabled at (1252): [] local_bh_enable+0x10/0x34 [ 78.416027][ C1] softirqs last disabled at (1250): [] local_bh_disable+0x10/0x34 [ 78.417399][ C1] ---[ end trace 2e88ad39bf836a0b ]--- [ 78.456970][ T4961] loop0: detected capacity change from 0 to 128 [ 78.503261][ T4961] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.504466][ T4961] Bad inode number on dev loop0: 2 is out of range [ 78.505584][ T4961] SysV FS: get root inode failed [ 78.506294][ T4961] oldfs: cannot read superblock [ 78.536160][ T4517] ------------[ cut here ]------------ [ 78.537153][ T4517] VFS: brelse: Trying to free free buffer [ 78.538016][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.539342][ T4517] Modules linked in: [ 78.539896][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 78.541109][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 78.542557][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.543692][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 78.544532][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 78.545367][ T4517] sp : ffff80001f6877c0 [ 78.545970][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 78.547167][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 78.548463][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df77f970 [ 78.549704][ T4517] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 78.550929][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 78.552111][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.553322][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 78.554501][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.555687][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 78.556845][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.558293][ T4517] Call trace: [ 78.558809][ T4517] invalidate_bh_lru+0x128/0x234 [ 78.559668][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 78.560658][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.561514][ T4517] invalidate_bh_lrus+0x34/0x40 [ 78.562320][ T4517] blkdev_flush_mapping+0x168/0x31c [ 78.563198][ T4517] blkdev_put+0x490/0x6ac [ 78.563867][ T4517] blkdev_close+0x74/0xb0 [ 78.564572][ T4517] __fput+0x1c0/0x7f8 [ 78.565185][ T4517] ____fput+0x20/0x30 [ 78.565814][ T4517] task_work_run+0x12c/0x1e0 [ 78.566563][ T4517] do_notify_resume+0x24b4/0x3128 [ 78.567359][ T4517] el0_svc+0xf0/0x1e0 [ 78.568033][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 78.568781][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 78.569548][ T4517] irq event stamp: 99726 [ 78.570242][ T4517] hardirqs last enabled at (99725): [] kasan_quarantine_put+0xc4/0x204 [ 78.571788][ T4517] hardirqs last disabled at (99726): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.573534][ T4517] softirqs last enabled at (99468): [] local_bh_enable+0x10/0x34 [ 78.575053][ T4517] softirqs last disabled at (99466): [] local_bh_disable+0x10/0x34 [ 78.576621][ T4517] ---[ end trace 2e88ad39bf836a0c ]--- [ 78.590038][ T4967] loop0: detected capacity change from 0 to 128 [ 78.662807][ T4967] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.663967][ T4967] Bad inode number on dev loop0: 2 is out of range [ 78.665216][ T4967] SysV FS: get root inode failed [ 78.665969][ T4967] oldfs: cannot read superblock [ 78.666731][ T4967] ------------[ cut here ]------------ [ 78.667514][ T4967] VFS: brelse: Trying to free free buffer [ 78.668368][ T4967] WARNING: CPU: 0 PID: 4967 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.669683][ T4967] Modules linked in: [ 78.670366][ T4967] CPU: 0 PID: 4967 Comm: syz.0.21 Tainted: G W syzkaller #0 [ 78.671732][ T4967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 78.673364][ T4967] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.674649][ T4967] pc : invalidate_bh_lru+0x128/0x234 [ 78.675488][ T4967] lr : invalidate_bh_lru+0x128/0x234 [ 78.676316][ T4967] sp : ffff80001fb076e0 [ 78.676987][ T4967] x29: ffff80001fb076e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 78.678322][ T4967] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 78.679596][ T4967] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df77fd10 [ 78.680907][ T4967] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 78.682286][ T4967] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 78.683668][ T4967] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.684971][ T4967] x11: 0000000000000002 x10: 0000000000000000 x9 : 0d395e55ce16aa00 [ 78.686309][ T4967] x8 : 0d395e55ce16aa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.687596][ T4967] x5 : ffff80001fb06fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 78.688955][ T4967] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.690298][ T4967] Call trace: [ 78.690828][ T4967] invalidate_bh_lru+0x128/0x234 [ 78.691682][ T4967] smp_call_function_many_cond+0xa50/0xeb0 [ 78.692609][ T4967] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.693470][ T4967] invalidate_bh_lrus+0x34/0x40 [ 78.694268][ T4967] blkdev_flush_mapping+0x168/0x31c [ 78.695176][ T4967] blkdev_put+0x490/0x6ac [ 78.695898][ T4967] kill_block_super+0x98/0xdc [ 78.696678][ T4967] deactivate_locked_super+0xb8/0x13c [ 78.697541][ T4967] mount_bdev+0x284/0x358 [ 78.698222][ T4967] sysv_mount+0x44/0x58 [ 78.699002][ T4967] legacy_get_tree+0xd4/0x16c [ 78.699682][ T4967] vfs_get_tree+0x90/0x274 [ 78.700342][ T4967] do_new_mount+0x228/0x810 [ 78.701105][ T4967] path_mount+0x5b4/0x1000 [ 78.701856][ T4967] __arm64_sys_mount+0x514/0x5e4 [ 78.702719][ T4967] invoke_syscall+0x98/0x2b8 [ 78.703485][ T4967] el0_svc_common+0x138/0x258 [ 78.704308][ T4967] do_el0_svc+0x58/0x14c [ 78.704954][ T4967] el0_svc+0x78/0x1e0 [ 78.705564][ T4967] el0t_64_sync_handler+0xcc/0xe4 [ 78.706337][ T4967] el0t_64_sync+0x1a0/0x1a4 [ 78.707056][ T4967] irq event stamp: 1374 [ 78.707651][ T4967] hardirqs last enabled at (1373): [] kasan_quarantine_put+0xc4/0x204 [ 78.709155][ T4967] hardirqs last disabled at (1374): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.710726][ T4967] softirqs last enabled at (1350): [] handle_softirqs+0xa4c/0xbf0 [ 78.712242][ T4967] softirqs last disabled at (1249): [] __irq_exit_rcu+0x240/0x440 [ 78.713654][ T4967] ---[ end trace 2e88ad39bf836a0d ]--- [ 78.807381][ T4969] loop0: detected capacity change from 0 to 128 [ 78.809732][ T4969] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.810932][ T4969] Bad inode number on dev loop0: 2 is out of range [ 78.812107][ T4969] SysV FS: get root inode failed [ 78.812872][ T4969] oldfs: cannot read superblock [ 78.820680][ C0] ------------[ cut here ]------------ [ 78.821663][ C0] VFS: brelse: Trying to free free buffer [ 78.822654][ C0] WARNING: CPU: 0 PID: 4970 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.824082][ C0] Modules linked in: [ 78.824657][ C0] CPU: 0 PID: 4970 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.826145][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 78.827800][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.829045][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.829876][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.830736][ C0] sp : ffff800008007de0 [ 78.831362][ C0] x29: ffff800008007de0 x28: ffff0000cc06d1c0 x27: 1fffe0003421845c [ 78.832688][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 78.834028][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6c6318 [ 78.835299][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 78.836580][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 78.837857][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.839034][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 3d0688dcd044d200 [ 78.840290][ C0] x8 : 3d0688dcd044d200 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.841586][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 78.842865][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.844066][ C0] Call trace: [ 78.844577][ C0] invalidate_bh_lru+0x128/0x234 [ 78.845314][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.846333][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.847427][ C0] ipi_handler+0x10c/0x710 [ 78.848180][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.849090][ C0] handle_domain_irq+0x144/0x1fc [ 78.849888][ C0] gic_handle_irq+0x78/0x1c8 [ 78.850604][ C0] call_on_irq_stack+0x30/0x48 [ 78.851373][ C0] do_interrupt_handler+0x6c/0x88 [ 78.852217][ C0] el1_interrupt+0x30/0x58 [ 78.852867][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.853621][ C0] el1h_64_irq+0x78/0x7c [ 78.854291][ C0] seqcount_lockdep_reader_access+0x214/0x2bc [ 78.855190][ C0] path_init+0x6e4/0xed8 [ 78.855864][ C0] __filename_parentat+0x1a8/0x510 [ 78.856751][ C0] filename_create+0xd0/0x39c [ 78.857519][ C0] do_symlinkat+0xc4/0x5a8 [ 78.858221][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 78.858977][ C0] invoke_syscall+0x98/0x2b8 [ 78.859679][ C0] el0_svc_common+0x138/0x258 [ 78.860451][ C0] do_el0_svc+0x58/0x14c [ 78.861061][ C0] el0_svc+0x78/0x1e0 [ 78.861747][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.862651][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.863361][ C0] irq event stamp: 762 [ 78.863976][ C0] hardirqs last enabled at (761): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 78.865619][ C0] hardirqs last disabled at (762): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.867097][ C0] softirqs last enabled at (532): [] local_bh_enable+0x10/0x34 [ 78.868476][ C0] softirqs last disabled at (530): [] local_bh_disable+0x10/0x34 [ 78.870034][ C0] ---[ end trace 2e88ad39bf836a0e ]--- [ 78.902030][ T4172] Bluetooth: hci0: command 0x040f tx timeout [ 78.914628][ T4971] loop0: detected capacity change from 0 to 128 [ 78.917698][ T4971] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.918932][ T4971] Bad inode number on dev loop0: 2 is out of range [ 78.920096][ T4971] SysV FS: get root inode failed [ 78.920931][ T4971] oldfs: cannot read superblock [ 78.928902][ T4517] ------------[ cut here ]------------ [ 78.929822][ T4517] VFS: brelse: Trying to free free buffer [ 78.930707][ T4517] WARNING: CPU: 1 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.932064][ T4517] Modules linked in: [ 78.932645][ T4517] CPU: 1 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 78.933990][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 78.935419][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.936533][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 78.937300][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 78.938084][ T4517] sp : ffff80001f6877c0 [ 78.938676][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 78.939896][ T4517] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 78.941091][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcdeadf8 [ 78.942322][ T4517] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 78.943561][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 78.944708][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.946042][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 78.947408][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.948794][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 78.950076][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.951300][ T4517] Call trace: [ 78.951800][ T4517] invalidate_bh_lru+0x128/0x234 [ 78.952530][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 78.953494][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.954330][ T4517] invalidate_bh_lrus+0x34/0x40 [ 78.955028][ T4517] blkdev_flush_mapping+0x168/0x31c [ 78.955749][ T4517] blkdev_put+0x490/0x6ac [ 78.956336][ T4517] blkdev_close+0x74/0xb0 [ 78.957005][ T4517] __fput+0x1c0/0x7f8 [ 78.957613][ T4517] ____fput+0x20/0x30 [ 78.958256][ T4517] task_work_run+0x12c/0x1e0 [ 78.958971][ T4517] do_notify_resume+0x24b4/0x3128 [ 78.959749][ T4517] el0_svc+0xf0/0x1e0 [ 78.960464][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 78.961274][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 78.961968][ T4517] irq event stamp: 117768 [ 78.962619][ T4517] hardirqs last enabled at (117767): [] kasan_quarantine_put+0xc4/0x204 [ 78.964348][ T4517] hardirqs last disabled at (117768): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.965945][ T4517] softirqs last enabled at (117520): [] local_bh_enable+0x10/0x34 [ 78.967315][ T4517] softirqs last disabled at (117518): [] local_bh_disable+0x10/0x34 [ 78.968723][ T4517] ---[ end trace 2e88ad39bf836a0f ]--- [ 79.004150][ T4973] loop0: detected capacity change from 0 to 128 [ 79.008177][ T4973] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.009401][ T4973] Bad inode number on dev loop0: 2 is out of range [ 79.010445][ T4973] SysV FS: get root inode failed [ 79.011149][ T4973] oldfs: cannot read superblock [ 79.036294][ T4975] ------------[ cut here ]------------ [ 79.037230][ T4975] VFS: brelse: Trying to free free buffer [ 79.038321][ T4975] WARNING: CPU: 1 PID: 4975 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.039740][ T4975] Modules linked in: [ 79.040345][ T4975] CPU: 1 PID: 4975 Comm: syz.0.25 Tainted: G W syzkaller #0 [ 79.041731][ T4975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.043234][ T4975] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.044431][ T4975] pc : invalidate_bh_lru+0x128/0x234 [ 79.045224][ T4975] lr : invalidate_bh_lru+0x128/0x234 [ 79.046027][ T4975] sp : ffff80001fb077c0 [ 79.046661][ T4975] x29: ffff80001fb077c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 79.047989][ T4975] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 79.049318][ T4975] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcdeb230 [ 79.050584][ T4975] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 79.051888][ T4975] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.053202][ T4975] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.054504][ T4975] x11: 0000000000000002 x10: 0000000000000000 x9 : 71301c096d2e1300 [ 79.055845][ T4975] x8 : 71301c096d2e1300 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.057136][ T4975] x5 : ffff80001fb070b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.058481][ T4975] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.059867][ T4975] Call trace: [ 79.060363][ T4975] invalidate_bh_lru+0x128/0x234 [ 79.061122][ T4975] smp_call_function_many_cond+0xa50/0xeb0 [ 79.062058][ T4975] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.062858][ T4975] invalidate_bh_lrus+0x34/0x40 [ 79.063701][ T4975] blkdev_flush_mapping+0x168/0x31c [ 79.064583][ T4975] blkdev_put+0x490/0x6ac [ 79.065296][ T4975] blkdev_close+0x74/0xb0 [ 79.066004][ T4975] __fput+0x1c0/0x7f8 [ 79.066643][ T4975] ____fput+0x20/0x30 [ 79.067322][ T4975] task_work_run+0x12c/0x1e0 [ 79.068073][ T4975] do_notify_resume+0x24b4/0x3128 [ 79.068877][ T4975] el0_svc+0xf0/0x1e0 [ 79.069509][ T4975] el0t_64_sync_handler+0xcc/0xe4 [ 79.070278][ T4975] el0t_64_sync+0x1a0/0x1a4 [ 79.070950][ T4975] irq event stamp: 820 [ 79.071566][ T4975] hardirqs last enabled at (819): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 79.073128][ T4975] hardirqs last disabled at (820): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.074798][ T4975] softirqs last enabled at (792): [] local_bh_enable+0x10/0x34 [ 79.076234][ T4975] softirqs last disabled at (790): [] local_bh_disable+0x10/0x34 [ 79.077652][ T4975] ---[ end trace 2e88ad39bf836a10 ]--- [ 79.133488][ T4977] loop0: detected capacity change from 0 to 128 [ 79.183153][ T4977] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.184382][ T4977] Bad inode number on dev loop0: 2 is out of range [ 79.185448][ T4977] SysV FS: get root inode failed [ 79.186217][ T4977] oldfs: cannot read superblock [ 79.195535][ C0] ------------[ cut here ]------------ [ 79.196471][ C0] VFS: brelse: Trying to free free buffer [ 79.197455][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.198930][ C0] Modules linked in: [ 79.199548][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.200902][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.202493][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.203776][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.204566][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.205390][ C0] sp : ffff800008007de0 [ 79.206084][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 79.207255][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 79.208469][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6c66b8 [ 79.209693][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 79.210851][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.212021][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.213247][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 188fe7a40ddbb300 [ 79.214437][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.215618][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.216794][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.217953][ C0] Call trace: [ 79.218504][ C0] invalidate_bh_lru+0x128/0x234 [ 79.219344][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.220242][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.221370][ C0] ipi_handler+0x10c/0x710 [ 79.222086][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.222929][ C0] handle_domain_irq+0x144/0x1fc [ 79.223604][ C0] gic_handle_irq+0x78/0x1c8 [ 79.224322][ C0] call_on_irq_stack+0x30/0x48 [ 79.225020][ C0] do_interrupt_handler+0x6c/0x88 [ 79.225720][ C0] el1_interrupt+0x30/0x58 [ 79.226377][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.227129][ C0] el1h_64_irq+0x78/0x7c [ 79.227717][ C0] ___slab_alloc+0x7e8/0xda8 [ 79.228467][ C0] __slab_alloc+0x68/0xc0 [ 79.229072][ C0] __kmalloc_node+0x310/0x520 [ 79.229700][ C0] kvmalloc_node+0x88/0x200 [ 79.230333][ C0] xt_replace_table+0x194/0x75c [ 79.231205][ C0] __do_replace+0x12c/0x988 [ 79.231935][ C0] do_ip6t_set_ctl+0xa94/0xe00 [ 79.232678][ C0] nf_setsockopt+0x270/0x290 [ 79.233386][ C0] ipv6_setsockopt+0x1a18/0x36dc [ 79.234177][ C0] tcp_setsockopt+0x1d4/0x1bf4 [ 79.234938][ C0] sock_common_setsockopt+0xb0/0xcc [ 79.235818][ C0] __sys_setsockopt+0x260/0x36c [ 79.236639][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 79.237551][ C0] invoke_syscall+0x98/0x2b8 [ 79.238290][ C0] el0_svc_common+0x138/0x258 [ 79.239037][ C0] do_el0_svc+0x58/0x14c [ 79.239720][ C0] el0_svc+0x78/0x1e0 [ 79.240390][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.241229][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.241956][ C0] irq event stamp: 197438 [ 79.242667][ C0] hardirqs last enabled at (197437): [] ___slab_alloc+0x7d8/0xda8 [ 79.244169][ C0] hardirqs last disabled at (197438): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.245754][ C0] softirqs last enabled at (197412): [] release_sock+0x1d0/0x258 [ 79.247292][ C0] softirqs last disabled at (197410): [] release_sock+0x34/0x258 [ 79.248798][ C0] ---[ end trace 2e88ad39bf836a11 ]--- [ 79.285611][ T4979] loop0: detected capacity change from 0 to 128 [ 79.288967][ T4979] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.290157][ T4979] Bad inode number on dev loop0: 2 is out of range [ 79.291214][ T4979] SysV FS: get root inode failed [ 79.293279][ T4979] oldfs: cannot read superblock [ 79.300815][ T4517] ------------[ cut here ]------------ [ 79.301731][ T4517] VFS: brelse: Trying to free free buffer [ 79.302633][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.303960][ T4517] Modules linked in: [ 79.304568][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 79.305784][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.307257][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.308451][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 79.309216][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 79.310017][ T4517] sp : ffff80001f6877c0 [ 79.310726][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 79.311910][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 79.313041][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6c6a58 [ 79.314284][ T4517] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 79.315663][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.316957][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.318298][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 79.319588][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.320779][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000a7281cc [ 79.322128][ T4517] x2 : ffff0001a10b3d50 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.323470][ T4517] Call trace: [ 79.323986][ T4517] invalidate_bh_lru+0x128/0x234 [ 79.324741][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 79.325622][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.326410][ T4517] invalidate_bh_lrus+0x34/0x40 [ 79.327123][ T4517] blkdev_flush_mapping+0x168/0x31c [ 79.327883][ T4517] blkdev_put+0x490/0x6ac [ 79.328513][ T4517] blkdev_close+0x74/0xb0 [ 79.329131][ T4517] __fput+0x1c0/0x7f8 [ 79.329669][ T4517] ____fput+0x20/0x30 [ 79.330227][ T4517] task_work_run+0x12c/0x1e0 [ 79.330870][ T4517] do_notify_resume+0x24b4/0x3128 [ 79.331567][ T4517] el0_svc+0xf0/0x1e0 [ 79.332212][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 79.332982][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 79.333673][ T4517] irq event stamp: 136470 [ 79.334321][ T4517] hardirqs last enabled at (136469): [] kasan_quarantine_put+0xc4/0x204 [ 79.335900][ T4517] hardirqs last disabled at (136470): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.337594][ T4517] softirqs last enabled at (136194): [] local_bh_enable+0x10/0x34 [ 79.339156][ T4517] softirqs last disabled at (136192): [] local_bh_disable+0x10/0x34 [ 79.340750][ T4517] ---[ end trace 2e88ad39bf836a12 ]--- [ 79.375964][ T4981] loop0: detected capacity change from 0 to 128 [ 79.378653][ T4981] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.379870][ T4981] Bad inode number on dev loop0: 2 is out of range [ 79.380890][ T4981] SysV FS: get root inode failed [ 79.382509][ T4981] oldfs: cannot read superblock [ 79.388813][ C0] ------------[ cut here ]------------ [ 79.389677][ C0] VFS: brelse: Trying to free free buffer [ 79.390503][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.392008][ C0] Modules linked in: [ 79.392700][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.394151][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.395752][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.396991][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.397870][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.398676][ C0] sp : ffff800008007de0 [ 79.399323][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 79.400608][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 79.401910][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0ca15d0 [ 79.403137][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 79.404304][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.405454][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.406726][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 79.408026][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.409305][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.410671][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.411973][ C0] Call trace: [ 79.412524][ C0] invalidate_bh_lru+0x128/0x234 [ 79.413337][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.414262][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.415307][ C0] ipi_handler+0x10c/0x710 [ 79.415980][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.416820][ C0] handle_domain_irq+0x144/0x1fc [ 79.417552][ C0] gic_handle_irq+0x78/0x1c8 [ 79.418354][ C0] call_on_irq_stack+0x30/0x48 [ 79.419111][ C0] do_interrupt_handler+0x6c/0x88 [ 79.419951][ C0] el1_interrupt+0x30/0x58 [ 79.420649][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.421454][ C0] el1h_64_irq+0x78/0x7c [ 79.422152][ C0] get_page_from_freelist+0x2244/0x2aa8 [ 79.422964][ C0] __alloc_pages+0x1a0/0x470 [ 79.423679][ C0] alloc_pages+0x34c/0x5c0 [ 79.424374][ C0] __vmalloc_node_range+0x514/0x8d8 [ 79.425157][ C0] vzalloc+0x118/0x190 [ 79.425733][ C0] xt_counters_alloc+0x50/0x60 [ 79.426456][ C0] __do_replace+0xa0/0x988 [ 79.427076][ C0] do_ip6t_set_ctl+0xa94/0xe00 [ 79.427765][ C0] nf_setsockopt+0x270/0x290 [ 79.428390][ C0] ipv6_setsockopt+0x1a18/0x36dc [ 79.429146][ C0] tcp_setsockopt+0x1d4/0x1bf4 [ 79.429914][ C0] sock_common_setsockopt+0xb0/0xcc [ 79.430753][ C0] __sys_setsockopt+0x260/0x36c [ 79.431498][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 79.432279][ C0] invoke_syscall+0x98/0x2b8 [ 79.432985][ C0] el0_svc_common+0x138/0x258 [ 79.433777][ C0] do_el0_svc+0x58/0x14c [ 79.434448][ C0] el0_svc+0x78/0x1e0 [ 79.435040][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.435817][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.436528][ C0] irq event stamp: 203254 [ 79.437153][ C0] hardirqs last enabled at (203253): [] get_page_from_freelist+0x2234/0x2aa8 [ 79.438718][ C0] hardirqs last disabled at (203254): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.440174][ C0] softirqs last enabled at (203242): [] release_sock+0x1d0/0x258 [ 79.441542][ C0] softirqs last disabled at (203240): [] release_sock+0x34/0x258 [ 79.442953][ C0] ---[ end trace 2e88ad39bf836a13 ]--- [ 79.476753][ T4983] loop0: detected capacity change from 0 to 128 [ 79.480524][ T4983] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.483135][ T4983] Bad inode number on dev loop0: 2 is out of range [ 79.484642][ T4983] SysV FS: get root inode failed [ 79.485894][ T4983] oldfs: cannot read superblock [ 79.496212][ T4517] ------------[ cut here ]------------ [ 79.497136][ T4517] VFS: brelse: Trying to free free buffer [ 79.498123][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.499529][ T4517] Modules linked in: [ 79.500162][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 79.501450][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.503022][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.504213][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 79.504980][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 79.505780][ T4517] sp : ffff80001f6877c0 [ 79.506383][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 79.507546][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 79.508710][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0ca1148 [ 79.509971][ T4517] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 79.511228][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.512446][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.513611][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 79.514838][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.515996][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.517121][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.518270][ T4517] Call trace: [ 79.518754][ T4517] invalidate_bh_lru+0x128/0x234 [ 79.519506][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 79.520322][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.521100][ T4517] invalidate_bh_lrus+0x34/0x40 [ 79.521812][ T4517] blkdev_flush_mapping+0x168/0x31c [ 79.522633][ T4517] blkdev_put+0x490/0x6ac [ 79.523288][ T4517] blkdev_close+0x74/0xb0 [ 79.523900][ T4517] __fput+0x1c0/0x7f8 [ 79.524449][ T4517] ____fput+0x20/0x30 [ 79.524997][ T4517] task_work_run+0x12c/0x1e0 [ 79.525695][ T4517] do_notify_resume+0x24b4/0x3128 [ 79.526429][ T4517] el0_svc+0xf0/0x1e0 [ 79.527032][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 79.527781][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 79.528407][ T4517] irq event stamp: 144964 [ 79.529008][ T4517] hardirqs last enabled at (144963): [] kasan_quarantine_put+0xc4/0x204 [ 79.530482][ T4517] hardirqs last disabled at (144964): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.532110][ T4517] softirqs last enabled at (144706): [] local_bh_enable+0x10/0x34 [ 79.533683][ T4517] softirqs last disabled at (144704): [] local_bh_disable+0x10/0x34 [ 79.535214][ T4517] ---[ end trace 2e88ad39bf836a14 ]--- [ 79.573733][ T4985] loop0: detected capacity change from 0 to 128 [ 79.578602][ T4985] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.579685][ T4985] Bad inode number on dev loop0: 2 is out of range [ 79.580619][ T4985] SysV FS: get root inode failed [ 79.581334][ T4985] oldfs: cannot read superblock [ 79.589547][ C0] ------------[ cut here ]------------ [ 79.590439][ C0] VFS: brelse: Trying to free free buffer [ 79.591375][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.592794][ C0] Modules linked in: [ 79.593413][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.594656][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.596074][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.597320][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.598192][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.599091][ C0] sp : ffff800008007de0 [ 79.599763][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 79.601039][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 79.602398][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7097888 [ 79.603675][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 79.604887][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.606298][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.607693][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 79.609015][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.610458][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.611790][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.613093][ C0] Call trace: [ 79.613638][ C0] invalidate_bh_lru+0x128/0x234 [ 79.614457][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.615424][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.616576][ C0] ipi_handler+0x10c/0x710 [ 79.617284][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.618187][ C0] handle_domain_irq+0x144/0x1fc [ 79.619023][ C0] gic_handle_irq+0x78/0x1c8 [ 79.619761][ C0] call_on_irq_stack+0x30/0x48 [ 79.620535][ C0] do_interrupt_handler+0x6c/0x88 [ 79.621307][ C0] el1_interrupt+0x30/0x58 [ 79.622063][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.622858][ C0] el1h_64_irq+0x78/0x7c [ 79.623545][ C0] try_charge_memcg+0x1e8/0x11bc [ 79.624387][ C0] obj_cgroup_charge_pages+0x8c/0x1a0 [ 79.625233][ C0] obj_cgroup_charge+0x18c/0x2d0 [ 79.625961][ C0] slab_pre_alloc_hook+0xcc/0xec [ 79.626716][ C0] kmem_cache_alloc+0x94/0x3e4 [ 79.627511][ C0] anon_vma_fork+0xdc/0x49c [ 79.628267][ C0] copy_mm+0x7bc/0x1090 [ 79.628962][ C0] copy_process+0x14d8/0x34ac [ 79.629712][ C0] kernel_clone+0x1d8/0x9d4 [ 79.630422][ C0] __arm64_sys_clone+0x138/0x190 [ 79.631240][ C0] invoke_syscall+0x98/0x2b8 [ 79.632066][ C0] el0_svc_common+0x138/0x258 [ 79.632746][ C0] do_el0_svc+0x58/0x14c [ 79.633455][ C0] el0_svc+0x78/0x1e0 [ 79.634110][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.634934][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.635628][ C0] irq event stamp: 211528 [ 79.636367][ C0] hardirqs last enabled at (211527): [] try_charge_memcg+0x1d8/0x11bc [ 79.638000][ C0] hardirqs last disabled at (211528): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.639665][ C0] softirqs last enabled at (210900): [] local_bh_enable+0x10/0x34 [ 79.641223][ C0] softirqs last disabled at (210898): [] local_bh_disable+0x10/0x34 [ 79.642754][ C0] ---[ end trace 2e88ad39bf836a15 ]--- [ 79.695123][ T4987] loop0: detected capacity change from 0 to 128 [ 79.698126][ T4987] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.699302][ T4987] Bad inode number on dev loop0: 2 is out of range [ 79.700306][ T4987] SysV FS: get root inode failed [ 79.701171][ T4987] oldfs: cannot read superblock [ 79.713965][ C0] ------------[ cut here ]------------ [ 79.714887][ C0] VFS: brelse: Trying to free free buffer [ 79.715771][ C0] WARNING: CPU: 0 PID: 4989 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.717137][ C0] Modules linked in: [ 79.717770][ C0] CPU: 0 PID: 4989 Comm: syz.0.32 Tainted: G W syzkaller #0 [ 79.719192][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.720741][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.722043][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.722886][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.723785][ C0] sp : ffff800008007de0 [ 79.724374][ C0] x29: ffff800008007de0 x28: ffff0000c10a0000 x27: 1fffe0003421845c [ 79.725678][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 79.726991][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7097c28 [ 79.728331][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 79.729684][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.730962][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.732259][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 9ef23e42a7715c00 [ 79.733401][ C0] x8 : 9ef23e42a7715c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.734701][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.736001][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.737332][ C0] Call trace: [ 79.737849][ C0] invalidate_bh_lru+0x128/0x234 [ 79.738641][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.739574][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.740581][ C0] ipi_handler+0x10c/0x710 [ 79.741252][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.742050][ C0] handle_domain_irq+0x144/0x1fc [ 79.742767][ C0] gic_handle_irq+0x78/0x1c8 [ 79.743422][ C0] call_on_irq_stack+0x30/0x48 [ 79.744204][ C0] do_interrupt_handler+0x6c/0x88 [ 79.745042][ C0] el1_interrupt+0x30/0x58 [ 79.745772][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.746517][ C0] el1h_64_irq+0x78/0x7c [ 79.747211][ C0] __sanitizer_cov_trace_pc+0x3c/0xac [ 79.748083][ C0] unwind_frame+0x3a0/0x668 [ 79.748787][ C0] arch_stack_walk+0x200/0x2b4 [ 79.749513][ C0] stack_trace_save+0x94/0xd8 [ 79.750247][ C0] kasan_set_track+0x4c/0x84 [ 79.750964][ C0] kasan_set_free_info+0x28/0x4c [ 79.751726][ C0] ____kasan_slab_free+0x118/0x164 [ 79.752484][ C0] __kasan_slab_free+0x18/0x28 [ 79.753236][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 79.754181][ C0] kfree+0x170/0x40c [ 79.754822][ C0] tomoyo_realpath_from_path+0x4c8/0x510 [ 79.755750][ C0] tomoyo_check_open_permission+0x168/0x2fc [ 79.756691][ C0] tomoyo_file_open+0x130/0x1b0 [ 79.757466][ C0] security_file_open+0x6c/0xac [ 79.758300][ C0] do_dentry_open+0x29c/0xebc [ 79.759017][ C0] vfs_open+0x7c/0x90 [ 79.759604][ C0] path_openat+0x1f80/0x26e4 [ 79.760351][ C0] do_filp_open+0x164/0x330 [ 79.761025][ C0] do_sys_openat2+0x128/0x3d8 [ 79.761726][ C0] __arm64_sys_openat+0x120/0x154 [ 79.762531][ C0] invoke_syscall+0x98/0x2b8 [ 79.763267][ C0] el0_svc_common+0x138/0x258 [ 79.763994][ C0] do_el0_svc+0x58/0x14c [ 79.764646][ C0] el0_svc+0x78/0x1e0 [ 79.765273][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.766081][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.766790][ C0] irq event stamp: 736 [ 79.767456][ C0] hardirqs last enabled at (735): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 79.769144][ C0] hardirqs last disabled at (736): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.770661][ C0] softirqs last enabled at (116): [] handle_softirqs+0xa4c/0xbf0 [ 79.772165][ C0] softirqs last disabled at (103): [] __irq_exit_rcu+0x240/0x440 [ 79.773593][ C0] ---[ end trace 2e88ad39bf836a16 ]--- [ 79.784745][ T4989] loop0: detected capacity change from 0 to 128 [ 79.842853][ T4989] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.844219][ T4989] Bad inode number on dev loop0: 2 is out of range [ 79.845253][ T4989] SysV FS: get root inode failed [ 79.846009][ T4989] oldfs: cannot read superblock [ 79.856514][ C0] ------------[ cut here ]------------ [ 79.857525][ C0] VFS: brelse: Trying to free free buffer [ 79.858539][ C0] WARNING: CPU: 0 PID: 4991 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.859937][ C0] Modules linked in: [ 79.860571][ C0] CPU: 0 PID: 4991 Comm: syz.0.33 Tainted: G W syzkaller #0 [ 79.862219][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.863781][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.864968][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.865830][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.866683][ C0] sp : ffff800008007de0 [ 79.867374][ C0] x29: ffff800008007de0 x28: ffff0000c10a51c0 x27: 1fffe0003421845b [ 79.868676][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 79.869937][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72eb060 [ 79.871279][ C0] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 79.872600][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.873931][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.875218][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 89c8d7816884a100 [ 79.876561][ C0] x8 : 89c8d7816884a100 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.877904][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.879272][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.880628][ C0] Call trace: [ 79.881220][ C0] invalidate_bh_lru+0x128/0x234 [ 79.881977][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.882956][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.884103][ C0] ipi_handler+0x10c/0x710 [ 79.884825][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.885779][ C0] handle_domain_irq+0x144/0x1fc [ 79.886571][ C0] gic_handle_irq+0x78/0x1c8 [ 79.887280][ C0] call_on_irq_stack+0x30/0x48 [ 79.888062][ C0] do_interrupt_handler+0x6c/0x88 [ 79.888823][ C0] el0_interrupt+0x94/0x260 [ 79.889495][ C0] __el0_irq_handler_common+0x18/0x24 [ 79.890281][ C0] el0t_64_irq_handler+0x10/0x1c [ 79.891059][ C0] el0t_64_irq+0x1a0/0x1a4 [ 79.891763][ C0] irq event stamp: 358 [ 79.892478][ C0] hardirqs last enabled at (357): [] el0t_64_sync_handler+0xd8/0xe4 [ 79.894146][ C0] hardirqs last disabled at (358): [] __el0_irq_handler_common+0x18/0x24 [ 79.895923][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 79.897441][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 79.898997][ C0] ---[ end trace 2e88ad39bf836a17 ]--- [ 79.935028][ T4991] loop0: detected capacity change from 0 to 128 [ 79.938037][ T4991] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.939244][ T4991] Bad inode number on dev loop0: 2 is out of range [ 79.940343][ T4991] SysV FS: get root inode failed [ 79.941122][ T4991] oldfs: cannot read superblock [ 79.952078][ C1] ------------[ cut here ]------------ [ 79.953049][ C1] VFS: brelse: Trying to free free buffer [ 79.953983][ C1] WARNING: CPU: 1 PID: 4992 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.955372][ C1] Modules linked in: [ 79.956000][ C1] CPU: 1 PID: 4992 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.957571][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 79.959268][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.960597][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 79.961504][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 79.962369][ C1] sp : ffff800008017de0 [ 79.962996][ C1] x29: ffff800008017de0 x28: ffff0000c10a3680 x27: 1fffe0003421c65c [ 79.964385][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 79.965750][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcdeb5d0 [ 79.967115][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 79.968415][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 79.969729][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.971023][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 17b66be2a7c30d00 [ 79.972386][ C1] x8 : 17b66be2a7c30d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.973767][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 79.975099][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.976430][ C1] Call trace: [ 79.976953][ C1] invalidate_bh_lru+0x128/0x234 [ 79.977759][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.978758][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.979867][ C1] ipi_handler+0x10c/0x710 [ 79.980591][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 79.981482][ C1] handle_domain_irq+0x144/0x1fc [ 79.982303][ C1] gic_handle_irq+0x78/0x1c8 [ 79.983077][ C1] call_on_irq_stack+0x30/0x48 [ 79.983889][ C1] do_interrupt_handler+0x6c/0x88 [ 79.984677][ C1] el1_interrupt+0x30/0x58 [ 79.985337][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.986112][ C1] el1h_64_irq+0x78/0x7c [ 79.986713][ C1] lock_page_memcg+0x120/0x234 [ 79.987424][ C1] page_add_file_rmap+0x148/0x8e4 [ 79.988228][ C1] do_set_pte+0x394/0x4e0 [ 79.988929][ C1] filemap_map_pages+0x9c4/0xc50 [ 79.989695][ C1] handle_mm_fault+0x19c0/0x2950 [ 79.990458][ C1] do_page_fault+0x694/0xad4 [ 79.991221][ C1] do_translation_fault+0xe0/0x130 [ 79.992011][ C1] do_mem_abort+0x6c/0x1ac [ 79.992830][ C1] el0_ia+0xe0/0x2d0 [ 79.993443][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 79.994283][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.994984][ C1] irq event stamp: 990 [ 79.995592][ C1] hardirqs last enabled at (989): [] lock_page_memcg+0x110/0x234 [ 79.997177][ C1] hardirqs last disabled at (990): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.998788][ C1] softirqs last enabled at (746): [] handle_softirqs+0xa4c/0xbf0 [ 80.000262][ C1] softirqs last disabled at (729): [] __irq_exit_rcu+0x240/0x440 [ 80.001758][ C1] ---[ end trace 2e88ad39bf836a18 ]--- [ 80.035403][ T4993] loop0: detected capacity change from 0 to 128 [ 80.038447][ T4993] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.039596][ T4993] Bad inode number on dev loop0: 2 is out of range [ 80.040636][ T4993] SysV FS: get root inode failed [ 80.041415][ T4993] oldfs: cannot read superblock [ 80.051101][ T4517] ------------[ cut here ]------------ [ 80.052069][ T4517] VFS: brelse: Trying to free free buffer [ 80.052950][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.054285][ T4517] Modules linked in: [ 80.054848][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 80.056121][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.057582][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.058694][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 80.059498][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 80.060302][ T4517] sp : ffff80001f6877c0 [ 80.060905][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 80.062090][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 80.063325][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72eb400 [ 80.064572][ T4517] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 80.065847][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.067148][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.068416][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 80.069674][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.071042][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.072391][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.073700][ T4517] Call trace: [ 80.074235][ T4517] invalidate_bh_lru+0x128/0x234 [ 80.075068][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 80.076055][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.076921][ T4517] invalidate_bh_lrus+0x34/0x40 [ 80.077745][ T4517] blkdev_flush_mapping+0x168/0x31c [ 80.078591][ T4517] blkdev_put+0x490/0x6ac [ 80.079360][ T4517] blkdev_close+0x74/0xb0 [ 80.080096][ T4517] __fput+0x1c0/0x7f8 [ 80.080810][ T4517] ____fput+0x20/0x30 [ 80.081555][ T4517] task_work_run+0x12c/0x1e0 [ 80.082354][ T4517] do_notify_resume+0x24b4/0x3128 [ 80.083216][ T4517] el0_svc+0xf0/0x1e0 [ 80.083904][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 80.084698][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 80.085407][ T4517] irq event stamp: 170098 [ 80.086099][ T4517] hardirqs last enabled at (170097): [] kasan_quarantine_put+0xc4/0x204 [ 80.087757][ T4517] hardirqs last disabled at (170098): [] smp_call_function_many_cond+0xa44/0xeb0 [ 80.089398][ T4517] softirqs last enabled at (169826): [] local_bh_enable+0x10/0x34 [ 80.091034][ T4517] softirqs last disabled at (169824): [] local_bh_disable+0x10/0x34 [ 80.092609][ T4517] ---[ end trace 2e88ad39bf836a19 ]--- [ 80.125719][ T4995] loop0: detected capacity change from 0 to 128 [ 80.128060][ T4995] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.129181][ T4995] Bad inode number on dev loop0: 2 is out of range [ 80.130171][ T4995] SysV FS: get root inode failed [ 80.130904][ T4995] oldfs: cannot read superblock [ 80.135134][ C0] ------------[ cut here ]------------ [ 80.136028][ C0] VFS: brelse: Trying to free free buffer [ 80.136923][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.138313][ C0] Modules linked in: [ 80.138895][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.140228][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.141762][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.142969][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.143799][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.144606][ C0] sp : ffff800008007de0 [ 80.145237][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 80.146519][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 80.147879][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72eb7a0 [ 80.149213][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.150528][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.151896][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.153201][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 80.154569][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.155942][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.157255][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.158713][ C0] Call trace: [ 80.159282][ C0] invalidate_bh_lru+0x128/0x234 [ 80.160072][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.161001][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.162073][ C0] ipi_handler+0x10c/0x710 [ 80.162778][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.163648][ C0] handle_domain_irq+0x144/0x1fc [ 80.164382][ C0] gic_handle_irq+0x78/0x1c8 [ 80.165018][ C0] call_on_irq_stack+0x30/0x48 [ 80.165746][ C0] do_interrupt_handler+0x6c/0x88 [ 80.166546][ C0] el1_interrupt+0x30/0x58 [ 80.167184][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.167991][ C0] el1h_64_irq+0x78/0x7c [ 80.168725][ C0] putname+0x44/0x15c [ 80.169369][ C0] do_sys_openat2+0x1c0/0x3d8 [ 80.170148][ C0] __arm64_sys_openat+0x120/0x154 [ 80.170939][ C0] invoke_syscall+0x98/0x2b8 [ 80.171653][ C0] el0_svc_common+0x138/0x258 [ 80.172377][ C0] do_el0_svc+0x58/0x14c [ 80.173049][ C0] el0_svc+0x78/0x1e0 [ 80.173692][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.174544][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.175311][ C0] irq event stamp: 223974 [ 80.176003][ C0] hardirqs last enabled at (223973): [] mod_objcg_mlstate+0x13c/0x228 [ 80.177642][ C0] hardirqs last disabled at (223974): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.179267][ C0] softirqs last enabled at (223932): [] local_bh_enable+0x10/0x34 [ 80.180842][ C0] softirqs last disabled at (223930): [] local_bh_disable+0x10/0x34 [ 80.182309][ C0] ---[ end trace 2e88ad39bf836a1a ]--- [ 80.229443][ T4997] loop0: detected capacity change from 0 to 128 [ 80.233322][ T4997] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.234437][ T4997] Bad inode number on dev loop0: 2 is out of range [ 80.235427][ T4997] SysV FS: get root inode failed [ 80.236359][ T4997] oldfs: cannot read superblock [ 80.239288][ C1] ------------[ cut here ]------------ [ 80.240182][ C1] VFS: brelse: Trying to free free buffer [ 80.241106][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.242521][ C1] Modules linked in: [ 80.243199][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.244728][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.246416][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.247696][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.248603][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.249477][ C1] sp : ffff800008017de0 [ 80.250056][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 80.251214][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 80.252397][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcdeb970 [ 80.253594][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.255008][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.256318][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.257662][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 80.258987][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.260321][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.261573][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.262870][ C1] Call trace: [ 80.263406][ C1] invalidate_bh_lru+0x128/0x234 [ 80.264236][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.265205][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.266441][ C1] ipi_handler+0x10c/0x710 [ 80.267153][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.267997][ C1] handle_domain_irq+0x144/0x1fc [ 80.268799][ C1] gic_handle_irq+0x78/0x1c8 [ 80.269585][ C1] call_on_irq_stack+0x30/0x48 [ 80.270298][ C1] do_interrupt_handler+0x6c/0x88 [ 80.271083][ C1] el1_interrupt+0x30/0x58 [ 80.271761][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.272613][ C1] el1h_64_irq+0x78/0x7c [ 80.273314][ C1] call_rcu+0x580/0x8fc [ 80.273967][ C1] release_task+0x15a0/0x16a0 [ 80.274671][ C1] wait_consider_task+0x1508/0x27cc [ 80.275496][ C1] do_wait+0x2f8/0xa98 [ 80.276188][ C1] kernel_wait4+0x1d0/0x318 [ 80.276915][ C1] __arm64_sys_wait4+0x120/0x2d0 [ 80.277741][ C1] invoke_syscall+0x98/0x2b8 [ 80.278532][ C1] el0_svc_common+0x138/0x258 [ 80.279376][ C1] do_el0_svc+0x58/0x14c [ 80.280131][ C1] el0_svc+0x78/0x1e0 [ 80.280790][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.281619][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.282352][ C1] irq event stamp: 227644 [ 80.283037][ C1] hardirqs last enabled at (227643): [] call_rcu+0x570/0x8fc [ 80.284570][ C1] hardirqs last disabled at (227644): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.286230][ C1] softirqs last enabled at (227572): [] local_bh_enable+0x10/0x34 [ 80.287864][ C1] softirqs last disabled at (227570): [] local_bh_disable+0x10/0x34 [ 80.289428][ C1] ---[ end trace 2e88ad39bf836a1b ]--- [ 80.342894][ T4999] loop0: detected capacity change from 0 to 128 [ 80.346087][ T4999] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.347418][ T4999] Bad inode number on dev loop0: 2 is out of range [ 80.348390][ T4999] SysV FS: get root inode failed [ 80.349238][ T4999] oldfs: cannot read superblock [ 80.358891][ C1] ------------[ cut here ]------------ [ 80.359700][ C1] VFS: brelse: Trying to free free buffer [ 80.360650][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.361993][ C1] Modules linked in: [ 80.362573][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.363937][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.365517][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.366851][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.367717][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.368590][ C1] sp : ffff800008017de0 [ 80.369261][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 80.370681][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 80.371958][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df44d318 [ 80.373425][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.374652][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.376019][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.377186][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 80.378477][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.379803][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.381066][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.382415][ C1] Call trace: [ 80.382915][ C1] invalidate_bh_lru+0x128/0x234 [ 80.383653][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.384677][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.385741][ C1] ipi_handler+0x10c/0x710 [ 80.386447][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.387278][ C1] handle_domain_irq+0x144/0x1fc [ 80.388084][ C1] gic_handle_irq+0x78/0x1c8 [ 80.388857][ C1] call_on_irq_stack+0x30/0x48 [ 80.389595][ C1] do_interrupt_handler+0x6c/0x88 [ 80.390421][ C1] el1_interrupt+0x30/0x58 [ 80.391185][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.392027][ C1] el1h_64_irq+0x78/0x7c [ 80.392743][ C1] __local_bh_enable_ip+0x200/0x380 [ 80.393592][ C1] local_bh_enable+0x28/0x34 [ 80.394349][ C1] fpsimd_preserve_current_state+0xa8/0x16c [ 80.395388][ C1] arch_dup_task_struct+0x54/0x174 [ 80.396238][ C1] dup_task_struct+0x358/0xc44 [ 80.397052][ C1] copy_process+0x4c8/0x34ac [ 80.397823][ C1] kernel_clone+0x1d8/0x9d4 [ 80.398531][ C1] __arm64_sys_clone+0x138/0x190 [ 80.399331][ C1] invoke_syscall+0x98/0x2b8 [ 80.400056][ C1] el0_svc_common+0x138/0x258 [ 80.400783][ C1] do_el0_svc+0x58/0x14c [ 80.401391][ C1] el0_svc+0x78/0x1e0 [ 80.402083][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.402901][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.403599][ C1] irq event stamp: 233688 [ 80.404279][ C1] hardirqs last enabled at (233687): [] __local_bh_enable_ip+0x1f8/0x380 [ 80.405943][ C1] hardirqs last disabled at (233688): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.407557][ C1] softirqs last enabled at (233686): [] local_bh_enable+0x10/0x34 [ 80.409025][ C1] softirqs last disabled at (233684): [] local_bh_disable+0x10/0x34 [ 80.410600][ C1] ---[ end trace 2e88ad39bf836a1c ]--- [ 80.445083][ T5001] loop0: detected capacity change from 0 to 128 [ 80.449244][ T5001] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.450793][ T5001] Bad inode number on dev loop0: 2 is out of range [ 80.452510][ T5001] SysV FS: get root inode failed [ 80.453240][ T5001] oldfs: cannot read superblock [ 80.458903][ C1] ------------[ cut here ]------------ [ 80.459798][ C1] VFS: brelse: Trying to free free buffer [ 80.460828][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.462296][ C1] Modules linked in: [ 80.462917][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.464360][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.465872][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.467087][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.467890][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.468663][ C1] sp : ffff800008017de0 [ 80.469268][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 80.470506][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 80.471714][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df44d6b8 [ 80.472846][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.474097][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.475361][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.476543][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 80.477706][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.479016][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.480403][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.481794][ C1] Call trace: [ 80.482347][ C1] invalidate_bh_lru+0x128/0x234 [ 80.483211][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.484205][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.485331][ C1] ipi_handler+0x10c/0x710 [ 80.486141][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.487034][ C1] handle_domain_irq+0x144/0x1fc [ 80.487823][ C1] gic_handle_irq+0x78/0x1c8 [ 80.488615][ C1] call_on_irq_stack+0x30/0x48 [ 80.489397][ C1] do_interrupt_handler+0x6c/0x88 [ 80.490145][ C1] el1_interrupt+0x30/0x58 [ 80.490838][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.491578][ C1] el1h_64_irq+0x78/0x7c [ 80.492222][ C1] unwind_frame+0x170/0x668 [ 80.492917][ C1] arch_stack_walk+0x200/0x2b4 [ 80.493661][ C1] stack_trace_save+0x94/0xd8 [ 80.494446][ C1] __kasan_kmalloc+0xb0/0xf0 [ 80.495117][ C1] kmem_cache_alloc_node_trace+0x29c/0x438 [ 80.496049][ C1] __get_vm_area_node+0x14c/0x2e8 [ 80.496880][ C1] __vmalloc_node_range+0xe8/0x8d8 [ 80.497765][ C1] vzalloc+0x118/0x190 [ 80.498389][ C1] alloc_counters+0x84/0x7a4 [ 80.499113][ C1] do_ipt_get_ctl+0xaf4/0x13a8 [ 80.499944][ C1] nf_getsockopt+0x264/0x284 [ 80.500679][ C1] ip_getsockopt+0xffc/0x158c [ 80.501401][ C1] tcp_getsockopt+0x208/0x2e78 [ 80.502132][ C1] sock_common_getsockopt+0xa8/0xc4 [ 80.503059][ C1] __sys_getsockopt+0x1b8/0x250 [ 80.503886][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 80.504720][ C1] invoke_syscall+0x98/0x2b8 [ 80.505510][ C1] el0_svc_common+0x138/0x258 [ 80.506280][ C1] do_el0_svc+0x58/0x14c [ 80.507040][ C1] el0_svc+0x78/0x1e0 [ 80.507777][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.508612][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.509349][ C1] irq event stamp: 235836 [ 80.510046][ C1] hardirqs last enabled at (235835): [] __local_bh_enable_ip+0x1f8/0x380 [ 80.511823][ C1] hardirqs last disabled at (235836): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.513534][ C1] softirqs last enabled at (235834): [] release_sock+0x1d0/0x258 [ 80.515124][ C1] softirqs last disabled at (235832): [] release_sock+0x34/0x258 [ 80.516761][ C1] ---[ end trace 2e88ad39bf836a1d ]--- [ 80.555209][ T5003] loop0: detected capacity change from 0 to 128 [ 80.557624][ T5003] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.558878][ T5003] Bad inode number on dev loop0: 2 is out of range [ 80.559866][ T5003] SysV FS: get root inode failed [ 80.560671][ T5003] oldfs: cannot read superblock [ 80.565637][ C0] ------------[ cut here ]------------ [ 80.566506][ C0] VFS: brelse: Trying to free free buffer [ 80.567494][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.568827][ C0] Modules linked in: [ 80.569412][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.570742][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.572217][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.573429][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.574235][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.575038][ C0] sp : ffff800008007de0 [ 80.575654][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 80.576908][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 80.578179][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72ebb40 [ 80.579481][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.580820][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.582191][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.583535][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 80.584836][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.586170][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.587544][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.588880][ C0] Call trace: [ 80.589415][ C0] invalidate_bh_lru+0x128/0x234 [ 80.590265][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.591237][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.592368][ C0] ipi_handler+0x10c/0x710 [ 80.593070][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.593931][ C0] handle_domain_irq+0x144/0x1fc [ 80.594724][ C0] gic_handle_irq+0x78/0x1c8 [ 80.595442][ C0] call_on_irq_stack+0x30/0x48 [ 80.596197][ C0] do_interrupt_handler+0x6c/0x88 [ 80.597092][ C0] el1_interrupt+0x30/0x58 [ 80.597846][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.598645][ C0] el1h_64_irq+0x78/0x7c [ 80.599268][ C0] lock_acquire+0x234/0x620 [ 80.599961][ C0] __might_fault+0xc8/0x128 [ 80.600661][ C0] strncpy_from_user+0x194/0x598 [ 80.601479][ C0] getname_flags+0xec/0x450 [ 80.602235][ C0] user_path_at_empty+0x40/0x1a0 [ 80.603010][ C0] __arm64_sys_umount+0xf4/0x178 [ 80.603783][ C0] invoke_syscall+0x98/0x2b8 [ 80.604498][ C0] el0_svc_common+0x138/0x258 [ 80.605185][ C0] do_el0_svc+0x58/0x14c [ 80.605811][ C0] el0_svc+0x78/0x1e0 [ 80.606434][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.607227][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.607840][ C0] irq event stamp: 237732 [ 80.608480][ C0] hardirqs last enabled at (237731): [] el0_svc_common+0x9c/0x258 [ 80.609815][ C0] hardirqs last disabled at (237732): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.611265][ C0] softirqs last enabled at (237320): [] local_bh_enable+0x10/0x34 [ 80.612643][ C0] softirqs last disabled at (237318): [] local_bh_disable+0x10/0x34 [ 80.614058][ C0] ---[ end trace 2e88ad39bf836a1e ]--- [ 80.648610][ T5005] loop0: detected capacity change from 0 to 128 [ 80.655367][ T5005] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.656534][ T5005] Bad inode number on dev loop0: 2 is out of range [ 80.657623][ T5005] SysV FS: get root inode failed [ 80.658491][ T5005] oldfs: cannot read superblock [ 80.660904][ C1] ------------[ cut here ]------------ [ 80.661789][ C1] VFS: brelse: Trying to free free buffer [ 80.662707][ C1] WARNING: CPU: 1 PID: 5005 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.664111][ C1] Modules linked in: [ 80.664752][ C1] CPU: 1 PID: 5005 Comm: syz.0.40 Tainted: G W syzkaller #0 [ 80.666035][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.667621][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.668834][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.669612][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.670381][ C1] sp : ffff800008017de0 [ 80.670937][ C1] x29: ffff800008017de0 x28: ffff0000cd3e51c0 x27: 1fffe0003421c65c [ 80.672116][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 80.673324][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df44da58 [ 80.674470][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.675630][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.676774][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.678104][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 73fe92e7f941f000 [ 80.679429][ C1] x8 : 73fe92e7f941f000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.680710][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.682117][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.683368][ C1] Call trace: [ 80.683898][ C1] invalidate_bh_lru+0x128/0x234 [ 80.684722][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.685686][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.686785][ C1] ipi_handler+0x10c/0x710 [ 80.687490][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.688396][ C1] handle_domain_irq+0x144/0x1fc [ 80.689213][ C1] gic_handle_irq+0x78/0x1c8 [ 80.689965][ C1] call_on_irq_stack+0x30/0x48 [ 80.690691][ C1] do_interrupt_handler+0x6c/0x88 [ 80.691478][ C1] el1_interrupt+0x30/0x58 [ 80.692129][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.693031][ C1] el1h_64_irq+0x78/0x7c [ 80.693692][ C1] kasan_quarantine_put+0xd4/0x204 [ 80.694424][ C1] ____kasan_slab_free+0x124/0x164 [ 80.695190][ C1] __kasan_slab_free+0x18/0x28 [ 80.695886][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 80.696705][ C1] kmem_cache_free+0xdc/0x3b4 [ 80.697452][ C1] unlink_anon_vmas+0x224/0x53c [ 80.698243][ C1] free_pgtables+0x14c/0x278 [ 80.699017][ C1] exit_mmap+0x2bc/0x4e0 [ 80.699698][ C1] __mmput+0xec/0x3b8 [ 80.700343][ C1] mmput+0x80/0xc8 [ 80.700879][ C1] exit_mm+0x4a0/0x684 [ 80.701445][ C1] do_exit+0x4ec/0x1f58 [ 80.702085][ C1] do_group_exit+0x100/0x268 [ 80.702852][ C1] get_signal+0x73c/0x1340 [ 80.703576][ C1] do_notify_resume+0x35c/0x3128 [ 80.704402][ C1] el0_svc+0xf0/0x1e0 [ 80.705044][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.705822][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.706560][ C1] irq event stamp: 2662 [ 80.707224][ C1] hardirqs last enabled at (2661): [] kasan_quarantine_put+0xc4/0x204 [ 80.708712][ C1] hardirqs last disabled at (2662): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.710281][ C1] softirqs last enabled at (1226): [] local_bh_enable+0x10/0x34 [ 80.711855][ C1] softirqs last disabled at (1224): [] local_bh_disable+0x10/0x34 [ 80.713455][ C1] ---[ end trace 2e88ad39bf836a1f ]--- [ 80.762725][ T5007] loop0: detected capacity change from 0 to 128 [ 80.764793][ T5007] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.766090][ T5007] Bad inode number on dev loop0: 2 is out of range [ 80.767152][ T5007] SysV FS: get root inode failed [ 80.767903][ T5007] oldfs: cannot read superblock [ 80.776008][ C0] ------------[ cut here ]------------ [ 80.776890][ C0] VFS: brelse: Trying to free free buffer [ 80.777794][ C0] WARNING: CPU: 0 PID: 5008 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.779210][ C0] Modules linked in: [ 80.779872][ C0] CPU: 0 PID: 5008 Comm: syz.0.42 Tainted: G W syzkaller #0 [ 80.781251][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.782780][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.784090][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.784964][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.785830][ C0] sp : ffff800008007de0 [ 80.786512][ C0] x29: ffff800008007de0 x28: ffff0000d16e51c0 x27: 1fffe0003421845c [ 80.787659][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 80.788933][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72ebee0 [ 80.790179][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 80.791592][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.793001][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.794414][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 41ebc37e340a3100 [ 80.795691][ C0] x8 : 41ebc37e340a3100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.797024][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.798332][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.799629][ C0] Call trace: [ 80.800138][ C0] invalidate_bh_lru+0x128/0x234 [ 80.800986][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.801957][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.803060][ C0] ipi_handler+0x10c/0x710 [ 80.803787][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.804665][ C0] handle_domain_irq+0x144/0x1fc [ 80.805425][ C0] gic_handle_irq+0x78/0x1c8 [ 80.806155][ C0] call_on_irq_stack+0x30/0x48 [ 80.806902][ C0] do_interrupt_handler+0x6c/0x88 [ 80.807662][ C0] el0_interrupt+0x94/0x260 [ 80.808369][ C0] __el0_irq_handler_common+0x18/0x24 [ 80.809119][ C0] el0t_64_irq_handler+0x10/0x1c [ 80.809846][ C0] el0t_64_irq+0x1a0/0x1a4 [ 80.810555][ C0] irq event stamp: 1410 [ 80.811102][ C0] hardirqs last enabled at (1409): [] el0t_64_sync_handler+0xd8/0xe4 [ 80.812581][ C0] hardirqs last disabled at (1410): [] __el0_irq_handler_common+0x18/0x24 [ 80.814240][ C0] softirqs last enabled at (1156): [] local_bh_enable+0x10/0x34 [ 80.815791][ C0] softirqs last disabled at (1154): [] local_bh_disable+0x10/0x34 [ 80.817348][ C0] ---[ end trace 2e88ad39bf836a20 ]--- [ 80.844799][ T5009] loop0: detected capacity change from 0 to 128 [ 80.847358][ T5009] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.848896][ T5009] Bad inode number on dev loop0: 2 is out of range [ 80.849869][ T5009] SysV FS: get root inode failed [ 80.850653][ T5009] oldfs: cannot read superblock [ 80.855269][ C1] ------------[ cut here ]------------ [ 80.856180][ C1] VFS: brelse: Trying to free free buffer [ 80.857131][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.858514][ C1] Modules linked in: [ 80.859129][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.860631][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 80.862244][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.863575][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.864459][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.865312][ C1] sp : ffff800008017de0 [ 80.865986][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 80.867258][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 80.868615][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df44ddf8 [ 80.870039][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 80.871400][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 80.872726][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.874024][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 188fe7a40ddbb300 [ 80.875338][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.876563][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 80.877881][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.879195][ C1] Call trace: [ 80.879730][ C1] invalidate_bh_lru+0x128/0x234 [ 80.880508][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.881461][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.882599][ C1] ipi_handler+0x10c/0x710 [ 80.883335][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.884273][ C1] handle_domain_irq+0x144/0x1fc [ 80.885026][ C1] gic_handle_irq+0x78/0x1c8 [ 80.885746][ C1] call_on_irq_stack+0x30/0x48 [ 80.886418][ C1] do_interrupt_handler+0x6c/0x88 [ 80.887195][ C1] el1_interrupt+0x30/0x58 [ 80.887861][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.888581][ C1] el1h_64_irq+0x78/0x7c [ 80.889200][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 80.890024][ C1] debug_check_no_obj_freed+0x450/0x46c [ 80.890879][ C1] slab_free_freelist_hook+0x9c/0x1e8 [ 80.891701][ C1] kmem_cache_free+0xdc/0x3b4 [ 80.892386][ C1] user_path_at_empty+0x144/0x1a0 [ 80.893147][ C1] vfs_statx+0xf4/0x458 [ 80.893766][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 80.894584][ C1] invoke_syscall+0x98/0x2b8 [ 80.895231][ C1] el0_svc_common+0x138/0x258 [ 80.895976][ C1] do_el0_svc+0x58/0x14c [ 80.896595][ C1] el0_svc+0x78/0x1e0 [ 80.897196][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.897957][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.898605][ C1] irq event stamp: 246312 [ 80.899290][ C1] hardirqs last enabled at (246311): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.901080][ C1] hardirqs last disabled at (246312): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.902739][ C1] softirqs last enabled at (245870): [] local_bh_enable+0x10/0x34 [ 80.904265][ C1] softirqs last disabled at (245868): [] local_bh_disable+0x10/0x34 [ 80.905903][ C1] ---[ end trace 2e88ad39bf836a21 ]--- [ 80.912700][ T3281] device hsr_slave_0 left promiscuous mode [ 80.965888][ T3281] device hsr_slave_1 left promiscuous mode [ 80.972984][ T5011] loop0: detected capacity change from 0 to 128 [ 80.981690][ T4169] Bluetooth: hci0: command 0x0419 tx timeout [ 81.030673][ T5011] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.031962][ T5011] Bad inode number on dev loop0: 2 is out of range [ 81.032959][ T5011] SysV FS: get root inode failed [ 81.033779][ T5011] oldfs: cannot read superblock [ 81.034694][ C0] ------------[ cut here ]------------ [ 81.035529][ C0] VFS: brelse: Trying to free free buffer [ 81.036398][ C0] WARNING: CPU: 0 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.037609][ C0] Modules linked in: [ 81.038238][ C0] CPU: 0 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 81.039587][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.041067][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.042233][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.043051][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.043857][ C0] sp : ffff800008007de0 [ 81.044506][ C0] x29: ffff800008007de0 x28: ffff0000d6a89b40 x27: 1fffe0003421845b [ 81.045700][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 81.047075][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7136060 [ 81.048495][ C0] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 81.049894][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.051254][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.052483][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : faf9201995291400 [ 81.053908][ C0] x8 : faf9201995291400 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.055284][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.056556][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.057934][ C0] Call trace: [ 81.058486][ C0] invalidate_bh_lru+0x128/0x234 [ 81.059314][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.060234][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.061320][ C0] ipi_handler+0x10c/0x710 [ 81.062004][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.062866][ C0] handle_domain_irq+0x144/0x1fc [ 81.063650][ C0] gic_handle_irq+0x78/0x1c8 [ 81.064386][ C0] call_on_irq_stack+0x30/0x48 [ 81.065238][ C0] do_interrupt_handler+0x6c/0x88 [ 81.066103][ C0] el1_interrupt+0x30/0x58 [ 81.066756][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.067506][ C0] el1h_64_irq+0x78/0x7c [ 81.068241][ C0] arch_local_irq_restore+0x8/0x10 [ 81.069004][ C0] ___might_sleep+0x48/0x4d4 [ 81.069698][ C0] __might_sleep+0x98/0x124 [ 81.070431][ C0] dput+0x70/0x458 [ 81.070995][ C0] step_into+0x27c/0xa24 [ 81.071688][ C0] walk_component+0x1f0/0x3a8 [ 81.072399][ C0] link_path_walk+0x590/0xb8c [ 81.073147][ C0] path_lookupat+0x90/0x3d0 [ 81.073874][ C0] filename_lookup+0x180/0x414 [ 81.074635][ C0] user_path_at_empty+0x5c/0x1a0 [ 81.075402][ C0] do_readlinkat+0xd4/0x3e0 [ 81.076160][ C0] __arm64_sys_readlinkat+0x9c/0xb8 [ 81.076988][ C0] invoke_syscall+0x98/0x2b8 [ 81.077726][ C0] el0_svc_common+0x138/0x258 [ 81.078446][ C0] do_el0_svc+0x58/0x14c [ 81.079069][ C0] el0_svc+0x78/0x1e0 [ 81.079661][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.080423][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.081108][ C0] irq event stamp: 1173880 [ 81.081838][ C0] hardirqs last enabled at (1173879): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 81.083573][ C0] hardirqs last disabled at (1173880): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.085097][ C0] softirqs last enabled at (1173870): [] local_bh_enable+0x10/0x34 [ 81.086512][ C0] softirqs last disabled at (1173868): [] local_bh_disable+0x10/0x34 [ 81.087970][ C0] ---[ end trace 2e88ad39bf836a22 ]--- [ 81.111752][ T3281] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 81.112994][ T3281] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 81.114592][ T3281] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 81.115754][ T3281] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.117180][ T3281] device bridge_slave_1 left promiscuous mode [ 81.118429][ T3281] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.152232][ T3281] device bridge_slave_0 left promiscuous mode [ 81.153330][ T3281] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.184608][ T5013] loop0: detected capacity change from 0 to 128 [ 81.187059][ T5013] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.188267][ T5013] Bad inode number on dev loop0: 2 is out of range [ 81.189376][ T5013] SysV FS: get root inode failed [ 81.190225][ T5013] oldfs: cannot read superblock [ 81.194825][ C0] ------------[ cut here ]------------ [ 81.195786][ C0] VFS: brelse: Trying to free free buffer [ 81.196729][ C0] WARNING: CPU: 0 PID: 3281 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.198031][ C0] Modules linked in: [ 81.198651][ C0] CPU: 0 PID: 3281 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 81.199977][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.201492][ C0] Workqueue: netns cleanup_net [ 81.202254][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.203408][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.204211][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.204951][ C0] sp : ffff800008007de0 [ 81.205536][ C0] x29: ffff800008007de0 x28: ffff0000d19c9b40 x27: 1fffe0003421845b [ 81.206791][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 81.208121][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7136400 [ 81.209528][ C0] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 81.210916][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.212223][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.213542][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 038d08800e408900 [ 81.214784][ C0] x8 : 038d08800e408900 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.216019][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.217423][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.218814][ C0] Call trace: [ 81.219359][ C0] invalidate_bh_lru+0x128/0x234 [ 81.220134][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.221129][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.222208][ C0] ipi_handler+0x10c/0x710 [ 81.222886][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.223772][ C0] handle_domain_irq+0x144/0x1fc [ 81.224587][ C0] gic_handle_irq+0x78/0x1c8 [ 81.225317][ C0] call_on_irq_stack+0x30/0x48 [ 81.226100][ C0] do_interrupt_handler+0x6c/0x88 [ 81.226875][ C0] el1_interrupt+0x30/0x58 [ 81.227595][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.228359][ C0] el1h_64_irq+0x78/0x7c [ 81.229032][ C0] dev_deactivate_queue+0x144/0x1a0 [ 81.229872][ C0] dev_deactivate_many+0xc8/0xbac [ 81.230722][ C0] __dev_close_many+0x250/0x3a8 [ 81.231550][ C0] dev_close_many+0x1e8/0x440 [ 81.232300][ C0] unregister_netdevice_many+0x3d4/0x17d0 [ 81.233209][ C0] default_device_exit_batch+0x444/0x4a4 [ 81.234095][ C0] cleanup_net+0x644/0xa98 [ 81.234820][ C0] process_one_work+0x79c/0x1140 [ 81.235580][ C0] worker_thread+0x8f4/0x101c [ 81.236271][ C0] kthread+0x374/0x454 [ 81.236874][ C0] ret_from_fork+0x10/0x20 [ 81.237533][ C0] irq event stamp: 2784620 [ 81.238261][ C0] hardirqs last enabled at (2784619): [] __local_bh_enable_ip+0x1f8/0x380 [ 81.239833][ C0] hardirqs last disabled at (2784620): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.241456][ C0] softirqs last enabled at (2784618): [] handle_softirqs+0xa4c/0xbf0 [ 81.242923][ C0] softirqs last disabled at (2784613): [] do_softirq+0xfc/0x1b0 [ 81.244245][ C0] ---[ end trace 2e88ad39bf836a23 ]--- [ 81.294820][ T5015] loop0: detected capacity change from 0 to 128 [ 81.342159][ T3281] device veth1_macvtap left promiscuous mode [ 81.343293][ T3281] device veth0_macvtap left promiscuous mode [ 81.344318][ T3281] device veth1_vlan left promiscuous mode [ 81.345219][ T3281] device veth0_vlan left promiscuous mode [ 81.347173][ T5015] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.348358][ T5015] Bad inode number on dev loop0: 2 is out of range [ 81.349631][ T5015] SysV FS: get root inode failed [ 81.350419][ T5015] oldfs: cannot read superblock [ 81.360999][ C1] ------------[ cut here ]------------ [ 81.361935][ C1] VFS: brelse: Trying to free free buffer [ 81.362905][ C1] WARNING: CPU: 1 PID: 3281 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.364275][ C1] Modules linked in: [ 81.364833][ C1] CPU: 1 PID: 3281 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 81.366140][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.367599][ C1] Workqueue: netns cleanup_net [ 81.368357][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.369695][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.370584][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.371432][ C1] sp : ffff800008017de0 [ 81.372115][ C1] x29: ffff800008017de0 x28: ffff0000d19c9b40 x27: 1fffe0003421c65c [ 81.373540][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 81.374912][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df449230 [ 81.376288][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 81.377506][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.378813][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.380147][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 038d08800e408900 [ 81.381507][ C1] x8 : 038d08800e408900 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.382777][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.384107][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.385321][ C1] Call trace: [ 81.385820][ C1] invalidate_bh_lru+0x128/0x234 [ 81.386589][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.387622][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.388781][ C1] ipi_handler+0x10c/0x710 [ 81.389519][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.390389][ C1] handle_domain_irq+0x144/0x1fc [ 81.391155][ C1] gic_handle_irq+0x78/0x1c8 [ 81.391888][ C1] call_on_irq_stack+0x30/0x48 [ 81.392615][ C1] do_interrupt_handler+0x6c/0x88 [ 81.393368][ C1] el1_interrupt+0x30/0x58 [ 81.394073][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.394871][ C1] el1h_64_irq+0x78/0x7c [ 81.395616][ C1] __local_bh_enable_ip+0x200/0x380 [ 81.396471][ C1] _raw_spin_unlock_bh+0xec/0x174 [ 81.397259][ C1] addrconf_ifdown+0x5b4/0x1688 [ 81.397986][ C1] addrconf_notify+0x2f4/0xc6c [ 81.398814][ C1] raw_notifier_call_chain+0xd4/0x164 [ 81.399709][ C1] dev_close_many+0x2cc/0x440 [ 81.400449][ C1] unregister_netdevice_many+0x3d4/0x17d0 [ 81.401271][ C1] default_device_exit_batch+0x444/0x4a4 [ 81.402107][ C1] cleanup_net+0x644/0xa98 [ 81.402761][ C1] process_one_work+0x79c/0x1140 [ 81.403469][ C1] worker_thread+0x8f4/0x101c [ 81.404197][ C1] kthread+0x374/0x454 [ 81.404821][ C1] ret_from_fork+0x10/0x20 [ 81.405508][ C1] irq event stamp: 2796794 [ 81.406168][ C1] hardirqs last enabled at (2796793): [] __local_bh_enable_ip+0x1f8/0x380 [ 81.407629][ C1] hardirqs last disabled at (2796794): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.409121][ C1] softirqs last enabled at (2796792): [] addrconf_ifdown+0x5b4/0x1688 [ 81.410473][ C1] softirqs last disabled at (2796790): [] addrconf_ifdown+0x31c/0x1688 [ 81.411829][ C1] ---[ end trace 2e88ad39bf836a24 ]--- [ 81.471709][ T5017] loop0: detected capacity change from 0 to 128 [ 81.474686][ T5017] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.475958][ T5017] Bad inode number on dev loop0: 2 is out of range [ 81.476985][ T5017] SysV FS: get root inode failed [ 81.477753][ T5017] oldfs: cannot read superblock [ 81.489517][ C1] ------------[ cut here ]------------ [ 81.490510][ C1] VFS: brelse: Trying to free free buffer [ 81.491424][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.492824][ C1] Modules linked in: [ 81.493377][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 81.494571][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.496020][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.497121][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.497956][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.498785][ C1] sp : ffff800008017de0 [ 81.499459][ C1] x29: ffff800008017de0 x28: ffff0000d6a89b40 x27: 1fffe0003421c65c [ 81.500699][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 81.501963][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df4495d0 [ 81.503263][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 81.504687][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.506080][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.507477][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : faf9201995291400 [ 81.508905][ C1] x8 : faf9201995291400 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.510286][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.511576][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.512834][ C1] Call trace: [ 81.513283][ C1] invalidate_bh_lru+0x128/0x234 [ 81.514093][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.514953][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.516081][ C1] ipi_handler+0x10c/0x710 [ 81.516800][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.517733][ C1] handle_domain_irq+0x144/0x1fc [ 81.518535][ C1] gic_handle_irq+0x78/0x1c8 [ 81.519254][ C1] call_on_irq_stack+0x30/0x48 [ 81.520005][ C1] do_interrupt_handler+0x6c/0x88 [ 81.520842][ C1] el1_interrupt+0x30/0x58 [ 81.521557][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.522400][ C1] el1h_64_irq+0x78/0x7c [ 81.523088][ C1] __should_failslab+0xb0/0x10c [ 81.523872][ C1] should_failslab+0x10/0x28 [ 81.524608][ C1] slab_pre_alloc_hook+0x64/0xec [ 81.525383][ C1] kmem_cache_alloc+0x94/0x3e4 [ 81.526143][ C1] getname_flags+0xb8/0x450 [ 81.526835][ C1] getname+0x28/0x38 [ 81.527447][ C1] do_sys_openat2+0xd0/0x3d8 [ 81.528169][ C1] __arm64_sys_openat+0x120/0x154 [ 81.528916][ C1] invoke_syscall+0x98/0x2b8 [ 81.529599][ C1] el0_svc_common+0x138/0x258 [ 81.530435][ C1] do_el0_svc+0x58/0x14c [ 81.531130][ C1] el0_svc+0x78/0x1e0 [ 81.531792][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.532651][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.533318][ C1] irq event stamp: 1186518 [ 81.533981][ C1] hardirqs last enabled at (1186517): [] el0_svc_common+0x9c/0x258 [ 81.535538][ C1] hardirqs last disabled at (1186518): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.537025][ C1] softirqs last enabled at (1186504): [] local_bh_enable+0x10/0x34 [ 81.538495][ C1] softirqs last disabled at (1186502): [] local_bh_disable+0x10/0x34 [ 81.540059][ C1] ---[ end trace 2e88ad39bf836a25 ]--- [ 81.586802][ T5021] loop0: detected capacity change from 0 to 128 [ 81.618086][ T5021] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.619326][ T5021] Bad inode number on dev loop0: 2 is out of range [ 81.620497][ T5021] SysV FS: get root inode failed [ 81.621159][ T3281] team0 (unregistering): Port device team_slave_1 removed [ 81.621335][ T5021] oldfs: cannot read superblock [ 81.629611][ C1] ------------[ cut here ]------------ [ 81.630506][ C1] VFS: brelse: Trying to free free buffer [ 81.631413][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.632918][ C1] Modules linked in: [ 81.633608][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.635125][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.636879][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.638032][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.638797][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.639621][ C1] sp : ffff800008017de0 [ 81.640229][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 81.641441][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 81.642668][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df449970 [ 81.643890][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 81.645135][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.646367][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.647641][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 81.648949][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.650353][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.651684][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.652945][ C1] Call trace: [ 81.653484][ C1] invalidate_bh_lru+0x128/0x234 [ 81.654275][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.655269][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.656363][ C1] ipi_handler+0x10c/0x710 [ 81.657033][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.657824][ C1] handle_domain_irq+0x144/0x1fc [ 81.658592][ C1] gic_handle_irq+0x78/0x1c8 [ 81.659274][ C1] call_on_irq_stack+0x30/0x48 [ 81.660008][ C1] do_interrupt_handler+0x6c/0x88 [ 81.660870][ C1] el1_interrupt+0x30/0x58 [ 81.661588][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.662393][ C1] el1h_64_irq+0x78/0x7c [ 81.663169][ C1] lock_acquire+0x234/0x620 [ 81.663953][ C1] fs_reclaim_acquire+0x118/0x1c4 [ 81.664823][ C1] slab_pre_alloc_hook+0x38/0xec [ 81.665628][ C1] kmem_cache_alloc+0x94/0x3e4 [ 81.666411][ C1] anon_vma_fork+0x190/0x49c [ 81.667171][ C1] copy_mm+0x7bc/0x1090 [ 81.667875][ C1] copy_process+0x14d8/0x34ac [ 81.668695][ C1] kernel_clone+0x1d8/0x9d4 [ 81.669475][ C1] __arm64_sys_clone+0x138/0x190 [ 81.670285][ C1] invoke_syscall+0x98/0x2b8 [ 81.671074][ C1] el0_svc_common+0x138/0x258 [ 81.671858][ C1] do_el0_svc+0x58/0x14c [ 81.672563][ C1] el0_svc+0x78/0x1e0 [ 81.673275][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.674099][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.674828][ C1] irq event stamp: 265662 [ 81.675591][ C1] hardirqs last enabled at (265661): [] mod_objcg_mlstate+0x13c/0x228 [ 81.677038][ C1] hardirqs last disabled at (265662): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.678695][ C1] softirqs last enabled at (265568): [] local_bh_enable+0x10/0x34 [ 81.680222][ C1] softirqs last disabled at (265566): [] local_bh_disable+0x10/0x34 [ 81.681822][ C1] ---[ end trace 2e88ad39bf836a26 ]--- [ 81.690140][ T3281] team0 (unregistering): Port device team_slave_0 removed [ 81.694786][ T3281] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 81.725574][ T3281] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 81.735083][ T5023] loop0: detected capacity change from 0 to 128 [ 81.737890][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.739042][ T5023] Bad inode number on dev loop0: 2 is out of range [ 81.740087][ T5023] SysV FS: get root inode failed [ 81.740947][ T5023] oldfs: cannot read superblock [ 81.745359][ T4517] ------------[ cut here ]------------ [ 81.746226][ T4517] VFS: brelse: Trying to free free buffer [ 81.747104][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.748383][ T4517] Modules linked in: [ 81.748953][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 81.750239][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.751776][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.753012][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 81.753842][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 81.754666][ T4517] sp : ffff80001f6877c0 [ 81.755296][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 81.756608][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 81.757838][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e71367a0 [ 81.758967][ T4517] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 81.760379][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.761598][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.762876][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 81.764193][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.765550][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.766843][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.768106][ T4517] Call trace: [ 81.768641][ T4517] invalidate_bh_lru+0x128/0x234 [ 81.769382][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 81.770298][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.771102][ T4517] invalidate_bh_lrus+0x34/0x40 [ 81.771881][ T4517] blkdev_flush_mapping+0x168/0x31c [ 81.772758][ T4517] blkdev_put+0x490/0x6ac [ 81.773454][ T4517] blkdev_close+0x74/0xb0 [ 81.774161][ T4517] __fput+0x1c0/0x7f8 [ 81.774799][ T4517] ____fput+0x20/0x30 [ 81.775434][ T4517] task_work_run+0x12c/0x1e0 [ 81.776148][ T4517] do_notify_resume+0x24b4/0x3128 [ 81.776912][ T4517] el0_svc+0xf0/0x1e0 [ 81.777561][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 81.778394][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 81.779183][ T4517] irq event stamp: 257690 [ 81.779894][ T4517] hardirqs last enabled at (257689): [] kasan_quarantine_put+0xc4/0x204 [ 81.781561][ T4517] hardirqs last disabled at (257690): [] smp_call_function_many_cond+0xa44/0xeb0 [ 81.783177][ T4517] softirqs last enabled at (257430): [] local_bh_enable+0x10/0x34 [ 81.784736][ T4517] softirqs last disabled at (257428): [] local_bh_disable+0x10/0x34 [ 81.786329][ T4517] ---[ end trace 2e88ad39bf836a27 ]--- [ 81.834245][ T5025] loop0: detected capacity change from 0 to 128 [ 81.838371][ T3281] bond0 (unregistering): Released all slaves [ 81.863481][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.864668][ T5025] Bad inode number on dev loop0: 2 is out of range [ 81.865740][ T5025] SysV FS: get root inode failed [ 81.866511][ T5025] oldfs: cannot read superblock [ 81.877850][ C0] ------------[ cut here ]------------ [ 81.878814][ C0] VFS: brelse: Trying to free free buffer [ 81.879694][ C0] WARNING: CPU: 0 PID: 5026 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.880960][ C0] Modules linked in: [ 81.881479][ C0] CPU: 0 PID: 5026 Comm: syz.0.51 Tainted: G W syzkaller #0 [ 81.882766][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.884272][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.885395][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.886163][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.886987][ C0] sp : ffff800008007de0 [ 81.887571][ C0] x29: ffff800008007de0 x28: ffff0000c55a9b40 x27: 1fffe0003421845c [ 81.888826][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 81.890181][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df579230 [ 81.891392][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 81.892737][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.894139][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.895459][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 518d9a3e1d38c000 [ 81.896683][ C0] x8 : 518d9a3e1d38c000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.898041][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 81.899428][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.900723][ C0] Call trace: [ 81.901240][ C0] invalidate_bh_lru+0x128/0x234 [ 81.901964][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.902914][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.903945][ C0] ipi_handler+0x10c/0x710 [ 81.904604][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.905431][ C0] handle_domain_irq+0x144/0x1fc [ 81.906220][ C0] gic_handle_irq+0x78/0x1c8 [ 81.906911][ C0] call_on_irq_stack+0x30/0x48 [ 81.907586][ C0] do_interrupt_handler+0x6c/0x88 [ 81.908342][ C0] el1_interrupt+0x30/0x58 [ 81.909119][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.909970][ C0] el1h_64_irq+0x78/0x7c [ 81.910666][ C0] lock_acquire+0x234/0x620 [ 81.911341][ C0] _raw_spin_lock+0xb0/0x10c [ 81.912015][ C0] validate_mm+0x2c8/0x86c [ 81.912763][ C0] __vma_adjust+0x1504/0x18a8 [ 81.913540][ C0] __split_vma+0x310/0x3f0 [ 81.914290][ C0] split_vma+0x9c/0xf4 [ 81.914917][ C0] mprotect_fixup+0x328/0x5c4 [ 81.915666][ C0] __arm64_sys_mprotect+0x4c4/0x8f4 [ 81.916432][ C0] invoke_syscall+0x98/0x2b8 [ 81.917105][ C0] el0_svc_common+0x138/0x258 [ 81.917794][ C0] do_el0_svc+0x58/0x14c [ 81.918392][ C0] el0_svc+0x78/0x1e0 [ 81.919070][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.919847][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.920524][ C0] irq event stamp: 1388 [ 81.921257][ C0] hardirqs last enabled at (1387): [] el0_svc_common+0x9c/0x258 [ 81.922757][ C0] hardirqs last disabled at (1388): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.924255][ C0] softirqs last enabled at (1160): [] local_bh_enable+0x10/0x34 [ 81.925698][ C0] softirqs last disabled at (1158): [] local_bh_disable+0x10/0x34 [ 81.927190][ C0] ---[ end trace 2e88ad39bf836a28 ]--- [ 81.964937][ T5027] loop0: detected capacity change from 0 to 128 [ 81.967479][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.969170][ T5027] Bad inode number on dev loop0: 2 is out of range [ 81.970175][ T5027] SysV FS: get root inode failed [ 81.970993][ T5027] oldfs: cannot read superblock [ 81.977188][ T4517] ------------[ cut here ]------------ [ 81.978155][ T4517] VFS: brelse: Trying to free free buffer [ 81.979117][ T4517] WARNING: CPU: 1 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.980638][ T4517] Modules linked in: [ 81.981311][ T4517] CPU: 1 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 81.982755][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 81.984434][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.985793][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 81.986657][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 81.987551][ T4517] sp : ffff80001f6877c0 [ 81.988243][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 81.989584][ T4517] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 81.990892][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df449d10 [ 81.992262][ T4517] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 81.993547][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 81.994888][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.996294][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 81.997645][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.999026][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.000434][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.001870][ T4517] Call trace: [ 82.002399][ T4517] invalidate_bh_lru+0x128/0x234 [ 82.003171][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 82.004024][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.004844][ T4517] invalidate_bh_lrus+0x34/0x40 [ 82.005658][ T4517] blkdev_flush_mapping+0x168/0x31c [ 82.006490][ T4517] blkdev_put+0x490/0x6ac [ 82.007168][ T4517] blkdev_close+0x74/0xb0 [ 82.007896][ T4517] __fput+0x1c0/0x7f8 [ 82.008508][ T4517] ____fput+0x20/0x30 [ 82.009168][ T4517] task_work_run+0x12c/0x1e0 [ 82.009957][ T4517] do_notify_resume+0x24b4/0x3128 [ 82.010837][ T4517] el0_svc+0xf0/0x1e0 [ 82.011513][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 82.012313][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 82.012996][ T4517] irq event stamp: 267790 [ 82.013630][ T4517] hardirqs last enabled at (267789): [] kasan_quarantine_put+0xc4/0x204 [ 82.015037][ T4517] hardirqs last disabled at (267790): [] smp_call_function_many_cond+0xa44/0xeb0 [ 82.016741][ T4517] softirqs last enabled at (267534): [] local_bh_enable+0x10/0x34 [ 82.018237][ T4517] softirqs last disabled at (267532): [] local_bh_disable+0x10/0x34 [ 82.019826][ T4517] ---[ end trace 2e88ad39bf836a29 ]--- [ 82.046290][ T5029] loop0: detected capacity change from 0 to 128 [ 82.050308][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.051464][ T5029] Bad inode number on dev loop0: 2 is out of range [ 82.052679][ T5029] SysV FS: get root inode failed [ 82.053498][ T5029] oldfs: cannot read superblock [ 82.058095][ C1] ------------[ cut here ]------------ [ 82.058922][ C1] VFS: brelse: Trying to free free buffer [ 82.059794][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.061264][ C1] Modules linked in: [ 82.061881][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.063353][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.064954][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.066258][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 82.067092][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 82.067909][ C1] sp : ffff800008017de0 [ 82.068523][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 82.069684][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 82.071040][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df445148 [ 82.072454][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 82.073704][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.074989][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.076249][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 188fe7a40ddbb300 [ 82.077494][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.078905][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.080228][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.081398][ C1] Call trace: [ 82.081892][ C1] invalidate_bh_lru+0x128/0x234 [ 82.082716][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.083750][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.084919][ C1] ipi_handler+0x10c/0x710 [ 82.085630][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 82.086503][ C1] handle_domain_irq+0x144/0x1fc [ 82.087320][ C1] gic_handle_irq+0x78/0x1c8 [ 82.088097][ C1] call_on_irq_stack+0x30/0x48 [ 82.088866][ C1] do_interrupt_handler+0x6c/0x88 [ 82.089620][ C1] el1_interrupt+0x30/0x58 [ 82.090328][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.091059][ C1] el1h_64_irq+0x78/0x7c [ 82.091714][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 82.092635][ C1] debug_object_activate+0x248/0x464 [ 82.093517][ C1] call_rcu+0x54/0x8fc [ 82.094226][ C1] __fput+0x51c/0x7f8 [ 82.094906][ C1] ____fput+0x20/0x30 [ 82.095587][ C1] task_work_run+0x12c/0x1e0 [ 82.096388][ C1] do_notify_resume+0x24b4/0x3128 [ 82.097266][ C1] el0_svc+0xf0/0x1e0 [ 82.097901][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.098699][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.099446][ C1] irq event stamp: 277782 [ 82.100147][ C1] hardirqs last enabled at (277781): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 82.101804][ C1] hardirqs last disabled at (277782): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.103414][ C1] softirqs last enabled at (277088): [] local_bh_enable+0x10/0x34 [ 82.104879][ C1] softirqs last disabled at (277086): [] local_bh_disable+0x10/0x34 [ 82.106468][ C1] ---[ end trace 2e88ad39bf836a2a ]--- [ 82.150629][ T5031] loop0: detected capacity change from 0 to 128 [ 82.154038][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.155495][ T5031] Bad inode number on dev loop0: 2 is out of range [ 82.156961][ T5031] SysV FS: get root inode failed [ 82.158406][ T5031] oldfs: cannot read superblock [ 82.165205][ C0] ------------[ cut here ]------------ [ 82.166091][ C0] VFS: brelse: Trying to free free buffer [ 82.167041][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.168353][ C0] Modules linked in: [ 82.168963][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.170207][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.171609][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.172754][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 82.173535][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 82.174334][ C0] sp : ffff800008007de0 [ 82.174957][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 82.176115][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 82.177259][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df5795d0 [ 82.178480][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010004 [ 82.179674][ C0] x17: 0000000000010004 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.180795][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.181895][ C0] x11: 0000000000010003 x10: 0000000000010003 x9 : 188fe7a40ddbb300 [ 82.183054][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.184252][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.185555][ C0] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 82.186820][ C0] Call trace: [ 82.187378][ C0] invalidate_bh_lru+0x128/0x234 [ 82.188213][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.189162][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.190271][ C0] ipi_handler+0x10c/0x710 [ 82.190970][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 82.191852][ C0] handle_domain_irq+0x144/0x1fc [ 82.192605][ C0] gic_handle_irq+0x78/0x1c8 [ 82.193325][ C0] call_on_irq_stack+0x30/0x48 [ 82.194104][ C0] do_interrupt_handler+0x6c/0x88 [ 82.194889][ C0] el1_interrupt+0x30/0x58 [ 82.195615][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.196338][ C0] el1h_64_irq+0x78/0x7c [ 82.197006][ C0] rcu_is_watching+0x64/0x134 [ 82.197721][ C0] lock_release+0xb4/0x8e8 [ 82.198374][ C0] _raw_spin_unlock+0x8c/0x11c [ 82.199029][ C0] alloc_vmap_area+0x14e0/0x1698 [ 82.199684][ C0] __get_vm_area_node+0x17c/0x2e8 [ 82.200422][ C0] __vmalloc_node_range+0xe8/0x8d8 [ 82.201172][ C0] vzalloc+0x118/0x190 [ 82.201728][ C0] alloc_counters+0x84/0x7a4 [ 82.202474][ C0] do_ip6t_get_ctl+0xaf4/0x13a8 [ 82.203243][ C0] nf_getsockopt+0x264/0x284 [ 82.203981][ C0] ipv6_getsockopt+0x52c/0x2584 [ 82.204793][ C0] tcp_getsockopt+0x208/0x2e78 [ 82.205570][ C0] sock_common_getsockopt+0xa8/0xc4 [ 82.206414][ C0] __sys_getsockopt+0x1b8/0x250 [ 82.207171][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 82.207970][ C0] invoke_syscall+0x98/0x2b8 [ 82.208706][ C0] el0_svc_common+0x138/0x258 [ 82.209448][ C0] do_el0_svc+0x58/0x14c [ 82.210148][ C0] el0_svc+0x78/0x1e0 [ 82.210804][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.211616][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.212289][ C0] irq event stamp: 282646 [ 82.212959][ C0] hardirqs last enabled at (282645): [] el0_svc_common+0x9c/0x258 [ 82.214367][ C0] hardirqs last disabled at (282646): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.215783][ C0] softirqs last enabled at (282366): [] release_sock+0x1d0/0x258 [ 82.217152][ C0] softirqs last disabled at (282364): [] release_sock+0x34/0x258 [ 82.218716][ C0] ---[ end trace 2e88ad39bf836a2b ]--- [ 82.247284][ T5033] loop0: detected capacity change from 0 to 128 [ 82.249559][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.250797][ T5033] Bad inode number on dev loop0: 2 is out of range [ 82.252215][ T5033] SysV FS: get root inode failed [ 82.253151][ T5033] oldfs: cannot read superblock [ 82.273474][ C1] ------------[ cut here ]------------ [ 82.274404][ C1] VFS: brelse: Trying to free free buffer [ 82.275416][ C1] WARNING: CPU: 1 PID: 5036 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.276900][ C1] Modules linked in: [ 82.277530][ C1] CPU: 1 PID: 5036 Comm: syz.0.56 Tainted: G W syzkaller #0 [ 82.278782][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.280471][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.281734][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 82.282625][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 82.283456][ C1] sp : ffff800008017de0 [ 82.284101][ C1] x29: ffff800008017de0 x28: ffff0000ccd351c0 x27: 1fffe0003421c65c [ 82.285358][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 82.286722][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df4454e8 [ 82.288039][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 82.289359][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.290754][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.292027][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 78102dd3ec1a3200 [ 82.293309][ C1] x8 : 78102dd3ec1a3200 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.294651][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.295935][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.297342][ C1] Call trace: [ 82.297897][ C1] invalidate_bh_lru+0x128/0x234 [ 82.298691][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.299608][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.300630][ C1] ipi_handler+0x10c/0x710 [ 82.301285][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 82.302110][ C1] handle_domain_irq+0x144/0x1fc [ 82.302923][ C1] gic_handle_irq+0x78/0x1c8 [ 82.303703][ C1] call_on_irq_stack+0x30/0x48 [ 82.304449][ C1] do_interrupt_handler+0x6c/0x88 [ 82.305294][ C1] el1_interrupt+0x30/0x58 [ 82.306004][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.306775][ C1] el1h_64_irq+0x78/0x7c [ 82.307389][ C1] el0_svc_common+0xa8/0x258 [ 82.308091][ C1] do_el0_svc+0x58/0x14c [ 82.308717][ C1] el0_svc+0x78/0x1e0 [ 82.309432][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.310251][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.310949][ C1] irq event stamp: 1456 [ 82.311661][ C1] hardirqs last enabled at (1455): [] el0_svc_common+0x9c/0x258 [ 82.313152][ C1] hardirqs last disabled at (1456): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.314773][ C1] softirqs last enabled at (1174): [] local_bh_enable+0x10/0x34 [ 82.316296][ C1] softirqs last disabled at (1172): [] local_bh_disable+0x10/0x34 [ 82.317773][ C1] ---[ end trace 2e88ad39bf836a2c ]--- [ 82.354844][ T5037] loop0: detected capacity change from 0 to 128 [ 82.357849][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.359038][ T5037] Bad inode number on dev loop0: 2 is out of range [ 82.360291][ T5037] SysV FS: get root inode failed [ 82.361086][ T5037] oldfs: cannot read superblock [ 82.370726][ C0] ------------[ cut here ]------------ [ 82.371603][ C0] VFS: brelse: Trying to free free buffer [ 82.372479][ C0] WARNING: CPU: 0 PID: 5039 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.373875][ C0] Modules linked in: [ 82.374517][ C0] CPU: 0 PID: 5039 Comm: syz.0.57 Tainted: G W syzkaller #0 [ 82.375861][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.377397][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.378663][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 82.379507][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 82.380344][ C0] sp : ffff800008007de0 [ 82.380966][ C0] x29: ffff800008007de0 x28: ffff0000cc833680 x27: 1fffe0003421845c [ 82.382228][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 82.383556][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df579970 [ 82.384879][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 82.386148][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.387503][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.388789][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 827a7a356755f000 [ 82.390051][ C0] x8 : 827a7a356755f000 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.391437][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.392786][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.394144][ C0] Call trace: [ 82.394683][ C0] invalidate_bh_lru+0x128/0x234 [ 82.395478][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.396469][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.397630][ C0] ipi_handler+0x10c/0x710 [ 82.398348][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 82.399215][ C0] handle_domain_irq+0x144/0x1fc [ 82.399981][ C0] gic_handle_irq+0x78/0x1c8 [ 82.400616][ C0] call_on_irq_stack+0x30/0x48 [ 82.401336][ C0] do_interrupt_handler+0x6c/0x88 [ 82.402183][ C0] el1_interrupt+0x30/0x58 [ 82.402878][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.403609][ C0] el1h_64_irq+0x78/0x7c [ 82.404277][ C0] finish_lock_switch+0xb8/0x1c4 [ 82.405102][ C0] finish_task_switch+0x120/0x6b0 [ 82.405913][ C0] schedule_tail+0x20/0x150 [ 82.406699][ C0] ret_from_fork+0x4/0x20 [ 82.407412][ C0] irq event stamp: 2 [ 82.408065][ C0] hardirqs last enabled at (1): [] finish_lock_switch+0xb0/0x1c4 [ 82.409641][ C0] hardirqs last disabled at (2): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.411160][ C0] softirqs last enabled at (0): [] copy_process+0x111c/0x34ac [ 82.412480][ C0] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.413530][ C0] ---[ end trace 2e88ad39bf836a2d ]--- [ 82.454667][ T5039] loop0: detected capacity change from 0 to 128 [ 82.457645][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.458779][ T5039] Bad inode number on dev loop0: 2 is out of range [ 82.459798][ T5039] SysV FS: get root inode failed [ 82.460603][ T5039] oldfs: cannot read superblock [ 82.469545][ C0] ------------[ cut here ]------------ [ 82.470491][ C0] VFS: brelse: Trying to free free buffer [ 82.471450][ C0] WARNING: CPU: 0 PID: 5040 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.472738][ C0] Modules linked in: [ 82.473297][ C0] CPU: 0 PID: 5040 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.474580][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.476215][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.477446][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 82.478283][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 82.479192][ C0] sp : ffff800008007de0 [ 82.479861][ C0] x29: ffff800008007de0 x28: ffff0000d47251c0 x27: 1fffe0003421845c [ 82.481213][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 82.482483][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df579d10 [ 82.483791][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 82.485054][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.486314][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.487598][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 35624dda4ac27d00 [ 82.489001][ C0] x8 : 35624dda4ac27d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.490244][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.491520][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.492689][ C0] Call trace: [ 82.493202][ C0] invalidate_bh_lru+0x128/0x234 [ 82.493999][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.495046][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.496175][ C0] ipi_handler+0x10c/0x710 [ 82.496953][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 82.497847][ C0] handle_domain_irq+0x144/0x1fc [ 82.498588][ C0] gic_handle_irq+0x78/0x1c8 [ 82.499372][ C0] call_on_irq_stack+0x30/0x48 [ 82.500178][ C0] do_interrupt_handler+0x6c/0x88 [ 82.500961][ C0] el1_interrupt+0x30/0x58 [ 82.501711][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.502501][ C0] el1h_64_irq+0x78/0x7c [ 82.503163][ C0] arch_local_irq_restore+0x8/0x10 [ 82.504041][ C0] ___might_sleep+0x98/0x4d4 [ 82.504805][ C0] __might_sleep+0x98/0x124 [ 82.505525][ C0] __might_fault+0x80/0x128 [ 82.506200][ C0] strncpy_from_user+0x194/0x598 [ 82.507063][ C0] getname_flags+0xec/0x450 [ 82.507831][ C0] __arm64_sys_symlinkat+0x80/0xbc [ 82.508676][ C0] invoke_syscall+0x98/0x2b8 [ 82.509480][ C0] el0_svc_common+0x138/0x258 [ 82.510241][ C0] do_el0_svc+0x58/0x14c [ 82.510874][ C0] el0_svc+0x78/0x1e0 [ 82.511492][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.512277][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.512987][ C0] irq event stamp: 702 [ 82.513582][ C0] hardirqs last enabled at (701): [] el0_svc_common+0x9c/0x258 [ 82.515027][ C0] hardirqs last disabled at (702): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.516550][ C0] softirqs last enabled at (540): [] local_bh_enable+0x10/0x34 [ 82.518142][ C0] softirqs last disabled at (538): [] local_bh_disable+0x10/0x34 [ 82.519625][ C0] ---[ end trace 2e88ad39bf836a2e ]--- [ 82.564734][ T5041] loop0: detected capacity change from 0 to 128 [ 82.568004][ T5041] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.569216][ T5041] Bad inode number on dev loop0: 2 is out of range [ 82.570312][ T5041] SysV FS: get root inode failed [ 82.571192][ T5041] oldfs: cannot read superblock [ 82.580575][ T4517] ------------[ cut here ]------------ [ 82.581447][ T4517] VFS: brelse: Trying to free free buffer [ 82.582379][ T4517] WARNING: CPU: 1 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.583804][ T4517] Modules linked in: [ 82.584401][ T4517] CPU: 1 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 82.585641][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.587174][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.588457][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 82.589316][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 82.590191][ T4517] sp : ffff80001f6877c0 [ 82.590859][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 82.592180][ T4517] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 82.593543][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df445888 [ 82.594911][ T4517] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 82.596129][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.597486][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.598761][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 82.600089][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.601439][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.602805][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.604204][ T4517] Call trace: [ 82.604779][ T4517] invalidate_bh_lru+0x128/0x234 [ 82.605590][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 82.606570][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.607390][ T4517] invalidate_bh_lrus+0x34/0x40 [ 82.608114][ T4517] blkdev_flush_mapping+0x168/0x31c [ 82.608935][ T4517] blkdev_put+0x490/0x6ac [ 82.609596][ T4517] blkdev_close+0x74/0xb0 [ 82.610329][ T4517] __fput+0x1c0/0x7f8 [ 82.610998][ T4517] ____fput+0x20/0x30 [ 82.611622][ T4517] task_work_run+0x12c/0x1e0 [ 82.612322][ T4517] do_notify_resume+0x24b4/0x3128 [ 82.613059][ T4517] el0_svc+0xf0/0x1e0 [ 82.613652][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 82.614336][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 82.614989][ T4517] irq event stamp: 300840 [ 82.615604][ T4517] hardirqs last enabled at (300839): [] kasan_quarantine_put+0xc4/0x204 [ 82.616982][ T4517] hardirqs last disabled at (300840): [] smp_call_function_many_cond+0xa44/0xeb0 [ 82.618517][ T4517] softirqs last enabled at (300580): [] local_bh_enable+0x10/0x34 [ 82.619844][ T4517] softirqs last disabled at (300578): [] local_bh_disable+0x10/0x34 [ 82.621351][ T4517] ---[ end trace 2e88ad39bf836a2f ]--- [ 82.653691][ T5043] loop0: detected capacity change from 0 to 128 [ 82.655890][ T5043] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.657087][ T5043] Bad inode number on dev loop0: 2 is out of range [ 82.658117][ T5043] SysV FS: get root inode failed [ 82.658857][ T5043] oldfs: cannot read superblock [ 82.667478][ C1] ------------[ cut here ]------------ [ 82.668428][ C1] VFS: brelse: Trying to free free buffer [ 82.669402][ C1] WARNING: CPU: 1 PID: 5044 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.670759][ C1] Modules linked in: [ 82.671337][ C1] CPU: 1 PID: 5044 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.672715][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.674353][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.675687][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 82.676495][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 82.677336][ C1] sp : ffff800008017de0 [ 82.677997][ C1] x29: ffff800008017de0 x28: ffff0000cd623680 x27: 1fffe0003421c65c [ 82.679342][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 82.680625][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df445c28 [ 82.681912][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 82.683219][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.684504][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.685673][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 55a633d6534a5800 [ 82.686984][ C1] x8 : 55a633d6534a5800 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.688414][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.689832][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.691195][ C1] Call trace: [ 82.691711][ C1] invalidate_bh_lru+0x128/0x234 [ 82.692500][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.693523][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.694587][ C1] ipi_handler+0x10c/0x710 [ 82.695286][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 82.696137][ C1] handle_domain_irq+0x144/0x1fc [ 82.696900][ C1] gic_handle_irq+0x78/0x1c8 [ 82.697642][ C1] call_on_irq_stack+0x30/0x48 [ 82.698437][ C1] do_interrupt_handler+0x6c/0x88 [ 82.699235][ C1] el1_interrupt+0x30/0x58 [ 82.699934][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.700737][ C1] el1h_64_irq+0x78/0x7c [ 82.701408][ C1] next_uptodate_page+0xd4/0x734 [ 82.702238][ C1] filemap_map_pages+0x968/0xc50 [ 82.702981][ C1] handle_mm_fault+0x19c0/0x2950 [ 82.703777][ C1] do_page_fault+0x694/0xad4 [ 82.704525][ C1] do_translation_fault+0xe0/0x130 [ 82.705335][ C1] do_mem_abort+0x6c/0x1ac [ 82.705992][ C1] el0_ia+0xe0/0x2d0 [ 82.706601][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 82.707397][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.708120][ C1] irq event stamp: 382 [ 82.708802][ C1] hardirqs last enabled at (381): [] lock_page_memcg+0x110/0x234 [ 82.710435][ C1] hardirqs last disabled at (382): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.711904][ C1] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 82.713336][ C1] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 82.714822][ C1] ---[ end trace 2e88ad39bf836a30 ]--- [ 82.753057][ T5045] loop0: detected capacity change from 0 to 128 [ 82.792887][ T5045] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.794101][ T5045] Bad inode number on dev loop0: 2 is out of range [ 82.795073][ T5045] SysV FS: get root inode failed [ 82.795816][ T5045] oldfs: cannot read superblock [ 82.796550][ T5045] ------------[ cut here ]------------ [ 82.797337][ T5045] VFS: brelse: Trying to free free buffer [ 82.798292][ T5045] WARNING: CPU: 0 PID: 5045 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.799735][ T5045] Modules linked in: [ 82.800402][ T5045] CPU: 0 PID: 5045 Comm: syz.0.60 Tainted: G W syzkaller #0 [ 82.801772][ T5045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.803508][ T5045] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.804762][ T5045] pc : invalidate_bh_lru+0x128/0x234 [ 82.805692][ T5045] lr : invalidate_bh_lru+0x128/0x234 [ 82.806616][ T5045] sp : ffff80001fdc76e0 [ 82.807314][ T5045] x29: ffff80001fdc76e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 82.808630][ T5045] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 82.810003][ T5045] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df629148 [ 82.811306][ T5045] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 82.812756][ T5045] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.814121][ T5045] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.815441][ T5045] x11: 0000000000000002 x10: 0000000000000000 x9 : 6c85bad0e8f4f100 [ 82.816884][ T5045] x8 : 6c85bad0e8f4f100 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.818203][ T5045] x5 : ffff80001fdc6fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.819462][ T5045] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.820739][ T5045] Call trace: [ 82.821254][ T5045] invalidate_bh_lru+0x128/0x234 [ 82.822008][ T5045] smp_call_function_many_cond+0xa50/0xeb0 [ 82.822902][ T5045] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.823767][ T5045] invalidate_bh_lrus+0x34/0x40 [ 82.824547][ T5045] blkdev_flush_mapping+0x168/0x31c [ 82.825305][ T5045] blkdev_put+0x490/0x6ac [ 82.825972][ T5045] kill_block_super+0x98/0xdc [ 82.826674][ T5045] deactivate_locked_super+0xb8/0x13c [ 82.827472][ T5045] mount_bdev+0x284/0x358 [ 82.828165][ T5045] sysv_mount+0x44/0x58 [ 82.828795][ T5045] legacy_get_tree+0xd4/0x16c [ 82.829524][ T5045] vfs_get_tree+0x90/0x274 [ 82.830244][ T5045] do_new_mount+0x228/0x810 [ 82.830967][ T5045] path_mount+0x5b4/0x1000 [ 82.831619][ T5045] __arm64_sys_mount+0x514/0x5e4 [ 82.832392][ T5045] invoke_syscall+0x98/0x2b8 [ 82.833175][ T5045] el0_svc_common+0x138/0x258 [ 82.833934][ T5045] do_el0_svc+0x58/0x14c [ 82.834602][ T5045] el0_svc+0x78/0x1e0 [ 82.835180][ T5045] el0t_64_sync_handler+0xcc/0xe4 [ 82.835933][ T5045] el0t_64_sync+0x1a0/0x1a4 [ 82.836602][ T5045] irq event stamp: 1180 [ 82.837259][ T5045] hardirqs last enabled at (1179): [] kasan_quarantine_put+0xc4/0x204 [ 82.838842][ T5045] hardirqs last disabled at (1180): [] smp_call_function_many_cond+0xa44/0xeb0 [ 82.840437][ T5045] softirqs last enabled at (970): [] local_bh_enable+0x10/0x34 [ 82.841859][ T5045] softirqs last disabled at (968): [] local_bh_disable+0x10/0x34 [ 82.843234][ T5045] ---[ end trace 2e88ad39bf836a31 ]--- [ 82.924364][ T5047] loop0: detected capacity change from 0 to 128 [ 82.963218][ T5047] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.964586][ T5047] Bad inode number on dev loop0: 2 is out of range [ 82.965639][ T5047] SysV FS: get root inode failed [ 82.966636][ T5047] oldfs: cannot read superblock [ 82.974252][ T4517] ------------[ cut here ]------------ [ 82.975110][ T4517] VFS: brelse: Trying to free free buffer [ 82.975982][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.977305][ T4517] Modules linked in: [ 82.977838][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 82.979214][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 82.980772][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.981992][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 82.982796][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 82.983631][ T4517] sp : ffff80001f6877c0 [ 82.984320][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 82.985602][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 82.986903][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6294e8 [ 82.988305][ T4517] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 82.989659][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 82.990941][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.992162][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 82.993439][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.994711][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 82.996029][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.997455][ T4517] Call trace: [ 82.998011][ T4517] invalidate_bh_lru+0x128/0x234 [ 82.998797][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 82.999811][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.000595][ T4517] invalidate_bh_lrus+0x34/0x40 [ 83.001427][ T4517] blkdev_flush_mapping+0x168/0x31c [ 83.002316][ T4517] blkdev_put+0x490/0x6ac [ 83.003033][ T4517] blkdev_close+0x74/0xb0 [ 83.003756][ T4517] __fput+0x1c0/0x7f8 [ 83.004385][ T4517] ____fput+0x20/0x30 [ 83.005018][ T4517] task_work_run+0x12c/0x1e0 [ 83.005736][ T4517] do_notify_resume+0x24b4/0x3128 [ 83.006580][ T4517] el0_svc+0xf0/0x1e0 [ 83.007202][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 83.008020][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 83.008727][ T4517] irq event stamp: 309748 [ 83.009413][ T4517] hardirqs last enabled at (309747): [] kasan_quarantine_put+0xc4/0x204 [ 83.010883][ T4517] hardirqs last disabled at (309748): [] smp_call_function_many_cond+0xa44/0xeb0 [ 83.012626][ T4517] softirqs last enabled at (309484): [] local_bh_enable+0x10/0x34 [ 83.014123][ T4517] softirqs last disabled at (309482): [] local_bh_disable+0x10/0x34 [ 83.015738][ T4517] ---[ end trace 2e88ad39bf836a32 ]--- [ 83.055786][ T5049] loop0: detected capacity change from 0 to 128 [ 83.102845][ T5049] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.104074][ T5049] Bad inode number on dev loop0: 2 is out of range [ 83.105126][ T5049] SysV FS: get root inode failed [ 83.106002][ T5049] oldfs: cannot read superblock [ 83.127712][ C0] ------------[ cut here ]------------ [ 83.128657][ C0] VFS: brelse: Trying to free free buffer [ 83.129576][ C0] WARNING: CPU: 0 PID: 5052 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.131035][ C0] Modules linked in: [ 83.131542][ C0] CPU: 0 PID: 5052 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.132955][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 83.134434][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.135549][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 83.136386][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 83.137165][ C0] sp : ffff800008007de0 [ 83.137742][ C0] x29: ffff800008007de0 x28: ffff0000ccdbd1c0 x27: 1fffe0003421845c [ 83.138952][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 83.140221][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6257a0 [ 83.141545][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 83.142869][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 83.144201][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.145433][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 9b29bbe1a79afa00 [ 83.146731][ C0] x8 : 9b29bbe1a79afa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.148019][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 83.149443][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.150772][ C0] Call trace: [ 83.151331][ C0] invalidate_bh_lru+0x128/0x234 [ 83.152154][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.153201][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.154472][ C0] ipi_handler+0x10c/0x710 [ 83.155246][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 83.156178][ C0] handle_domain_irq+0x144/0x1fc [ 83.157049][ C0] gic_handle_irq+0x78/0x1c8 [ 83.157833][ C0] call_on_irq_stack+0x30/0x48 [ 83.158602][ C0] do_interrupt_handler+0x6c/0x88 [ 83.159422][ C0] el1_interrupt+0x30/0x58 [ 83.160160][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.160960][ C0] el1h_64_irq+0x78/0x7c [ 83.161692][ C0] lock_page_memcg+0x120/0x234 [ 83.162565][ C0] page_add_file_rmap+0x148/0x8e4 [ 83.163379][ C0] do_set_pte+0x394/0x4e0 [ 83.164044][ C0] filemap_map_pages+0x9c4/0xc50 [ 83.164914][ C0] handle_mm_fault+0x19c0/0x2950 [ 83.165755][ C0] do_page_fault+0x694/0xad4 [ 83.166617][ C0] do_translation_fault+0xe0/0x130 [ 83.167543][ C0] do_mem_abort+0x6c/0x1ac [ 83.168238][ C0] el0_da+0x90/0x1fc [ 83.168880][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 83.169737][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.170470][ C0] irq event stamp: 570 [ 83.171141][ C0] hardirqs last enabled at (569): [] lock_page_memcg+0x110/0x234 [ 83.172733][ C0] hardirqs last disabled at (570): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.174329][ C0] softirqs last enabled at (538): [] local_bh_enable+0x10/0x34 [ 83.175949][ C0] softirqs last disabled at (536): [] local_bh_disable+0x10/0x34 [ 83.177535][ C0] ---[ end trace 2e88ad39bf836a33 ]--- [ 83.199331][ T5053] loop0: detected capacity change from 0 to 128 [ 83.242714][ T5053] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.243990][ T5053] Bad inode number on dev loop0: 2 is out of range [ 83.245043][ T5053] SysV FS: get root inode failed [ 83.245824][ T5053] oldfs: cannot read superblock [ 83.246618][ T5053] ------------[ cut here ]------------ [ 83.247554][ T5053] VFS: brelse: Trying to free free buffer [ 83.248468][ T5053] WARNING: CPU: 1 PID: 5053 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.249936][ T5053] Modules linked in: [ 83.250537][ T5053] CPU: 1 PID: 5053 Comm: syz.0.64 Tainted: G W syzkaller #0 [ 83.251919][ T5053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 83.253490][ T5053] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.254732][ T5053] pc : invalidate_bh_lru+0x128/0x234 [ 83.255523][ T5053] lr : invalidate_bh_lru+0x128/0x234 [ 83.256277][ T5053] sp : ffff80001f6e76e0 [ 83.256862][ T5053] x29: ffff80001f6e76e0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 83.258146][ T5053] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 83.259515][ T5053] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df775060 [ 83.260744][ T5053] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 83.262036][ T5053] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 83.263378][ T5053] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.264745][ T5053] x11: 0000000000000002 x10: 0000000000000000 x9 : 3a038fa3fc9b4f00 [ 83.266055][ T5053] x8 : 3a038fa3fc9b4f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.267433][ T5053] x5 : ffff80001f6e6fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 83.268795][ T5053] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.270157][ T5053] Call trace: [ 83.270696][ T5053] invalidate_bh_lru+0x128/0x234 [ 83.271466][ T5053] smp_call_function_many_cond+0xa50/0xeb0 [ 83.272451][ T5053] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.273241][ T5053] invalidate_bh_lrus+0x34/0x40 [ 83.274023][ T5053] blkdev_flush_mapping+0x168/0x31c [ 83.274823][ T5053] blkdev_put+0x490/0x6ac [ 83.275570][ T5053] kill_block_super+0x98/0xdc [ 83.276252][ T5053] deactivate_locked_super+0xb8/0x13c [ 83.277143][ T5053] mount_bdev+0x284/0x358 [ 83.277854][ T5053] sysv_mount+0x44/0x58 [ 83.278569][ T5053] legacy_get_tree+0xd4/0x16c [ 83.279293][ T5053] vfs_get_tree+0x90/0x274 [ 83.280020][ T5053] do_new_mount+0x228/0x810 [ 83.280761][ T5053] path_mount+0x5b4/0x1000 [ 83.281481][ T5053] __arm64_sys_mount+0x514/0x5e4 [ 83.282276][ T5053] invoke_syscall+0x98/0x2b8 [ 83.283016][ T5053] el0_svc_common+0x138/0x258 [ 83.283764][ T5053] do_el0_svc+0x58/0x14c [ 83.284415][ T5053] el0_svc+0x78/0x1e0 [ 83.285020][ T5053] el0t_64_sync_handler+0xcc/0xe4 [ 83.285835][ T5053] el0t_64_sync+0x1a0/0x1a4 [ 83.286522][ T5053] irq event stamp: 1282 [ 83.287191][ T5053] hardirqs last enabled at (1281): [] kasan_quarantine_put+0xc4/0x204 [ 83.288766][ T5053] hardirqs last disabled at (1282): [] smp_call_function_many_cond+0xa44/0xeb0 [ 83.290528][ T5053] softirqs last enabled at (1076): [] local_bh_enable+0x10/0x34 [ 83.292048][ T5053] softirqs last disabled at (1074): [] local_bh_disable+0x10/0x34 [ 83.293627][ T5053] ---[ end trace 2e88ad39bf836a34 ]--- [ 83.394797][ T5055] loop0: detected capacity change from 0 to 128 [ 83.397360][ T5055] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.398445][ T5055] Bad inode number on dev loop0: 2 is out of range [ 83.399546][ T5055] SysV FS: get root inode failed [ 83.400343][ T5055] oldfs: cannot read superblock 1970/01/01 00:01:23 executed programs: 51 [ 83.445313][ C0] ------------[ cut here ]------------ [ 83.446238][ C0] VFS: brelse: Trying to free free buffer [ 83.447106][ C0] WARNING: CPU: 0 PID: 4074 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.448515][ C0] Modules linked in: [ 83.449190][ C0] CPU: 0 PID: 4074 Comm: kworker/0:3 Tainted: G W syzkaller #0 [ 83.450615][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 83.452251][ C0] Workqueue: events pwq_unbound_release_workfn [ 83.453274][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.454650][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 83.455616][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 83.456474][ C0] sp : ffff800008007a60 [ 83.457164][ C0] x29: ffff800008007a60 x28: ffff0000c93bb680 x27: 1fffe0003421845c [ 83.458441][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 83.459719][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df625b40 [ 83.460972][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010102 [ 83.462170][ C0] x17: 0000000000010102 x16: ffff8000111c8944 x15: 00000000ffffffff [ 83.463353][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.464662][ C0] x11: 0000000000010101 x10: 0000000000010101 x9 : 7602d29d8db95f00 [ 83.465931][ C0] x8 : 7602d29d8db95f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.467148][ C0] x5 : ffff800008007358 x4 : ffff80001425f420 x3 : ffff80000850471c [ 83.468458][ C0] x2 : 0000000000000001 x1 : 0000000100010101 x0 : 0000000000000027 [ 83.469751][ C0] Call trace: [ 83.470345][ C0] invalidate_bh_lru+0x128/0x234 [ 83.471112][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.472111][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.473222][ C0] ipi_handler+0x10c/0x710 [ 83.473886][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 83.474749][ C0] handle_domain_irq+0x144/0x1fc [ 83.475523][ C0] gic_handle_irq+0x78/0x1c8 [ 83.476260][ C0] do_interrupt_handler+0x74/0x88 [ 83.476997][ C0] el1_interrupt+0x30/0x58 [ 83.477713][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.478536][ C0] el1h_64_irq+0x78/0x7c [ 83.479213][ C0] handle_softirqs+0x228/0xbf0 [ 83.479891][ C0] __irq_exit_rcu+0x240/0x440 [ 83.480647][ C0] irq_exit+0x14/0x88 [ 83.481233][ C0] handle_domain_irq+0x14c/0x1fc [ 83.481941][ C0] gic_handle_irq+0x78/0x1c8 [ 83.482571][ C0] call_on_irq_stack+0x30/0x48 [ 83.483338][ C0] do_interrupt_handler+0x6c/0x88 [ 83.484086][ C0] el1_interrupt+0x30/0x58 [ 83.484756][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.485473][ C0] el1h_64_irq+0x78/0x7c [ 83.486112][ C0] lockdep_unregister_key+0x30c/0x38c [ 83.486864][ C0] pwq_unbound_release_workfn+0x200/0x254 [ 83.487672][ C0] process_one_work+0x79c/0x1140 [ 83.488366][ C0] worker_thread+0x8f4/0x101c [ 83.489107][ C0] kthread+0x374/0x454 [ 83.489811][ C0] ret_from_fork+0x10/0x20 [ 83.490531][ C0] irq event stamp: 53739 [ 83.491169][ C0] hardirqs last enabled at (53738): [] handle_softirqs+0x220/0xbf0 [ 83.492735][ C0] hardirqs last disabled at (53739): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.494349][ C0] softirqs last enabled at (53442): [] nsim_dev_trap_report_work+0x5fc/0x938 [ 83.495910][ C0] softirqs last disabled at (53737): [] __irq_exit_rcu+0x240/0x440 [ 83.497378][ C0] ---[ end trace 2e88ad39bf836a35 ]--- [ 83.503886][ T5057] loop0: detected capacity change from 0 to 128 [ 83.512410][ T5057] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.513677][ T5057] Bad inode number on dev loop0: 2 is out of range [ 83.514704][ T5057] SysV FS: get root inode failed [ 83.515528][ T5057] oldfs: cannot read superblock [ 83.521259][ C0] ------------[ cut here ]------------ [ 83.522179][ C0] VFS: brelse: Trying to free free buffer [ 83.523121][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.524449][ C0] Modules linked in: [ 83.525089][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.526612][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 83.528341][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.529603][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 83.530494][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 83.531319][ C0] sp : ffff800008007de0 [ 83.531971][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 83.533406][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 83.534789][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df625ee0 [ 83.536079][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 83.537395][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 83.538645][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.539966][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 83.541263][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.542542][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 83.543826][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.545116][ C0] Call trace: [ 83.545635][ C0] invalidate_bh_lru+0x128/0x234 [ 83.546403][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.547366][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.548482][ C0] ipi_handler+0x10c/0x710 [ 83.549203][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 83.550081][ C0] handle_domain_irq+0x144/0x1fc [ 83.550844][ C0] gic_handle_irq+0x78/0x1c8 [ 83.551619][ C0] call_on_irq_stack+0x30/0x48 [ 83.552427][ C0] do_interrupt_handler+0x6c/0x88 [ 83.553202][ C0] el1_interrupt+0x30/0x58 [ 83.553917][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.554767][ C0] el1h_64_irq+0x78/0x7c [ 83.555404][ C0] alloc_counters+0x3f8/0x7a4 [ 83.556189][ C0] do_ip6t_get_ctl+0xaf4/0x13a8 [ 83.557025][ C0] nf_getsockopt+0x264/0x284 [ 83.557776][ C0] ipv6_getsockopt+0x52c/0x2584 [ 83.558553][ C0] tcp_getsockopt+0x208/0x2e78 [ 83.559309][ C0] sock_common_getsockopt+0xa8/0xc4 [ 83.560211][ C0] __sys_getsockopt+0x1b8/0x250 [ 83.561061][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 83.561909][ C0] invoke_syscall+0x98/0x2b8 [ 83.562639][ C0] el0_svc_common+0x138/0x258 [ 83.563386][ C0] do_el0_svc+0x58/0x14c [ 83.564021][ C0] el0_svc+0x78/0x1e0 [ 83.564623][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.565351][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.566000][ C0] irq event stamp: 322074 [ 83.566662][ C0] hardirqs last enabled at (322073): [] alloc_counters+0x3d4/0x7a4 [ 83.568031][ C0] hardirqs last disabled at (322074): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.569494][ C0] softirqs last enabled at (322014): [] local_bh_enable+0x10/0x34 [ 83.570850][ C0] softirqs last disabled at (322012): [] local_bh_disable+0x10/0x34 [ 83.572238][ C0] ---[ end trace 2e88ad39bf836a36 ]--- [ 83.634647][ T5059] loop0: detected capacity change from 0 to 128 [ 83.637098][ T5059] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.638342][ T5059] Bad inode number on dev loop0: 2 is out of range [ 83.639377][ T5059] SysV FS: get root inode failed [ 83.640132][ T5059] oldfs: cannot read superblock [ 83.643553][ C1] ------------[ cut here ]------------ [ 83.644392][ C1] VFS: brelse: Trying to free free buffer [ 83.645295][ C1] WARNING: CPU: 1 PID: 4513 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.646611][ C1] Modules linked in: [ 83.647179][ C1] CPU: 1 PID: 4513 Comm: syz-execprog Tainted: G W syzkaller #0 [ 83.648587][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 83.650161][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.651411][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 83.652232][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 83.653104][ C1] sp : ffff800008017de0 [ 83.653742][ C1] x29: ffff800008017de0 x28: ffff0000d61f1b40 x27: 1fffe0003421c65c [ 83.655032][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 83.656419][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df775400 [ 83.657683][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 83.658982][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 83.660378][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.661754][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 2e2d8fc379a0ff00 [ 83.662978][ C1] x8 : 2e2d8fc379a0ff00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.664236][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 83.665568][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.666793][ C1] Call trace: [ 83.667337][ C1] invalidate_bh_lru+0x128/0x234 [ 83.668149][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.669135][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.670318][ C1] ipi_handler+0x10c/0x710 [ 83.670932][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 83.671808][ C1] handle_domain_irq+0x144/0x1fc [ 83.672597][ C1] gic_handle_irq+0x78/0x1c8 [ 83.673304][ C1] call_on_irq_stack+0x30/0x48 [ 83.674037][ C1] do_interrupt_handler+0x6c/0x88 [ 83.674794][ C1] el0_interrupt+0x94/0x260 [ 83.675493][ C1] __el0_irq_handler_common+0x18/0x24 [ 83.676365][ C1] el0t_64_irq_handler+0x10/0x1c [ 83.677133][ C1] el0t_64_irq+0x1a0/0x1a4 [ 83.677810][ C1] irq event stamp: 2576018 [ 83.678442][ C1] hardirqs last enabled at (2576017): [] el0t_64_sync_handler+0xcc/0xe4 [ 83.680028][ C1] hardirqs last disabled at (2576018): [] __el0_irq_handler_common+0x18/0x24 [ 83.681714][ C1] softirqs last enabled at (2576014): [] local_bh_enable+0x10/0x34 [ 83.683196][ C1] softirqs last disabled at (2576012): [] local_bh_disable+0x10/0x34 [ 83.684799][ C1] ---[ end trace 2e88ad39bf836a37 ]--- [ 83.721493][ T5061] loop0: detected capacity change from 0 to 128 [ 83.767044][ T5061] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.768342][ T5061] Bad inode number on dev loop0: 2 is out of range [ 83.769302][ T5061] SysV FS: get root inode failed [ 83.770078][ T5061] oldfs: cannot read superblock [ 83.770827][ T5061] ------------[ cut here ]------------ [ 83.771658][ T5061] VFS: brelse: Trying to free free buffer [ 83.772521][ T5061] WARNING: CPU: 0 PID: 5061 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.773855][ T5061] Modules linked in: [ 83.774461][ T5061] CPU: 0 PID: 5061 Comm: syz.0.68 Tainted: G W syzkaller #0 [ 83.775793][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 83.777264][ T5061] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.778543][ T5061] pc : invalidate_bh_lru+0x128/0x234 [ 83.779427][ T5061] lr : invalidate_bh_lru+0x128/0x234 [ 83.780292][ T5061] sp : ffff80001fdf76e0 [ 83.781034][ T5061] x29: ffff80001fdf76e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 83.782374][ T5061] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 83.783769][ T5061] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df621318 [ 83.785186][ T5061] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 83.786516][ T5061] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 83.787861][ T5061] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.789056][ T5061] x11: 0000000000000002 x10: 0000000000000000 x9 : 01886fec47b99500 [ 83.790254][ T5061] x8 : 01886fec47b99500 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.791449][ T5061] x5 : ffff80001fdf6fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 83.792716][ T5061] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.793872][ T5061] Call trace: [ 83.794365][ T5061] invalidate_bh_lru+0x128/0x234 [ 83.795158][ T5061] smp_call_function_many_cond+0xa50/0xeb0 [ 83.796019][ T5061] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.796857][ T5061] invalidate_bh_lrus+0x34/0x40 [ 83.797576][ T5061] blkdev_flush_mapping+0x168/0x31c [ 83.798437][ T5061] blkdev_put+0x490/0x6ac [ 83.799145][ T5061] kill_block_super+0x98/0xdc [ 83.799929][ T5061] deactivate_locked_super+0xb8/0x13c [ 83.800826][ T5061] mount_bdev+0x284/0x358 [ 83.801495][ T5061] sysv_mount+0x44/0x58 [ 83.802129][ T5061] legacy_get_tree+0xd4/0x16c [ 83.802822][ T5061] vfs_get_tree+0x90/0x274 [ 83.803551][ T5061] do_new_mount+0x228/0x810 [ 83.804285][ T5061] path_mount+0x5b4/0x1000 [ 83.805106][ T5061] __arm64_sys_mount+0x514/0x5e4 [ 83.805957][ T5061] invoke_syscall+0x98/0x2b8 [ 83.806751][ T5061] el0_svc_common+0x138/0x258 [ 83.807509][ T5061] do_el0_svc+0x58/0x14c [ 83.808158][ T5061] el0_svc+0x78/0x1e0 [ 83.808780][ T5061] el0t_64_sync_handler+0xcc/0xe4 [ 83.809645][ T5061] el0t_64_sync+0x1a0/0x1a4 [ 83.810398][ T5061] irq event stamp: 2274 [ 83.811056][ T5061] hardirqs last enabled at (2273): [] kasan_quarantine_put+0xc4/0x204 [ 83.812638][ T5061] hardirqs last disabled at (2274): [] smp_call_function_many_cond+0xa44/0xeb0 [ 83.814272][ T5061] softirqs last enabled at (2070): [] local_bh_enable+0x10/0x34 [ 83.815738][ T5061] softirqs last disabled at (2068): [] local_bh_disable+0x10/0x34 [ 83.817283][ T5061] ---[ end trace 2e88ad39bf836a38 ]--- [ 83.967899][ T5063] loop0: detected capacity change from 0 to 128 [ 84.032734][ T5063] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.033946][ T5063] Bad inode number on dev loop0: 2 is out of range [ 84.034905][ T5063] SysV FS: get root inode failed [ 84.035750][ T5063] oldfs: cannot read superblock [ 84.068209][ C1] ------------[ cut here ]------------ [ 84.069126][ C1] VFS: brelse: Trying to free free buffer [ 84.070088][ C1] WARNING: CPU: 1 PID: 5066 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.071572][ C1] Modules linked in: [ 84.072189][ C1] CPU: 1 PID: 5066 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.073519][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 84.075178][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.076327][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 84.077180][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 84.078029][ C1] sp : ffff800008017de0 [ 84.078691][ C1] x29: ffff800008017de0 x28: ffff0000d152d1c0 x27: 1fffe0003421c65b [ 84.079972][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 84.081353][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7757a0 [ 84.082712][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 84.083973][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 84.085210][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.086450][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : b80ee7ce9c694900 [ 84.087676][ C1] x8 : b80ee7ce9c694900 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.088791][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 84.090090][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.091353][ C1] Call trace: [ 84.091919][ C1] invalidate_bh_lru+0x128/0x234 [ 84.092753][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.093774][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.094980][ C1] ipi_handler+0x10c/0x710 [ 84.095686][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 84.096570][ C1] handle_domain_irq+0x144/0x1fc [ 84.097298][ C1] gic_handle_irq+0x78/0x1c8 [ 84.098012][ C1] call_on_irq_stack+0x30/0x48 [ 84.098738][ C1] do_interrupt_handler+0x6c/0x88 [ 84.099491][ C1] el1_interrupt+0x30/0x58 [ 84.100196][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.101039][ C1] el1h_64_irq+0x78/0x7c [ 84.101702][ C1] copy_page+0x68/0xe8 [ 84.102365][ C1] copy_user_highpage+0x28/0x40 [ 84.103130][ C1] wp_page_copy+0x22c/0x11ec [ 84.103780][ C1] do_wp_page+0x6c0/0x994 [ 84.104435][ C1] handle_mm_fault+0x1770/0x2950 [ 84.105217][ C1] do_page_fault+0x694/0xad4 [ 84.105894][ C1] do_mem_abort+0x6c/0x1ac [ 84.106588][ C1] el0_da+0x90/0x1fc [ 84.107144][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 84.107907][ C1] el0t_64_sync+0x1a0/0x1a4 [ 84.108652][ C1] irq event stamp: 1044 [ 84.109305][ C1] hardirqs last enabled at (1043): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 84.110933][ C1] hardirqs last disabled at (1044): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.112433][ C1] softirqs last enabled at (512): [] local_bh_enable+0x10/0x34 [ 84.113974][ C1] softirqs last disabled at (510): [] local_bh_disable+0x10/0x34 [ 84.115477][ C1] ---[ end trace 2e88ad39bf836a39 ]--- [ 84.177245][ T5067] loop0: detected capacity change from 0 to 128 [ 84.233648][ T5067] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.234861][ T5067] Bad inode number on dev loop0: 2 is out of range [ 84.235827][ T5067] SysV FS: get root inode failed [ 84.236620][ T5067] oldfs: cannot read superblock [ 84.237373][ T5067] ------------[ cut here ]------------ [ 84.238150][ T5067] VFS: brelse: Trying to free free buffer [ 84.239084][ T5067] WARNING: CPU: 0 PID: 5067 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.240376][ T5067] Modules linked in: [ 84.240929][ T5067] CPU: 0 PID: 5067 Comm: syz.0.71 Tainted: G W syzkaller #0 [ 84.242311][ T5067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 84.243965][ T5067] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.245252][ T5067] pc : invalidate_bh_lru+0x128/0x234 [ 84.246156][ T5067] lr : invalidate_bh_lru+0x128/0x234 [ 84.247006][ T5067] sp : ffff80001f4b76e0 [ 84.247666][ T5067] x29: ffff80001f4b76e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 84.249004][ T5067] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 84.250247][ T5067] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6216b8 [ 84.251502][ T5067] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 84.252785][ T5067] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 84.253970][ T5067] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.255313][ T5067] x11: 0000000000000002 x10: 0000000000000000 x9 : 6ffe8b318cb05800 [ 84.256405][ T5067] x8 : 6ffe8b318cb05800 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.257620][ T5067] x5 : ffff80001f4b6fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 84.258738][ T5067] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.259878][ T5067] Call trace: [ 84.260369][ T5067] invalidate_bh_lru+0x128/0x234 [ 84.261211][ T5067] smp_call_function_many_cond+0xa50/0xeb0 [ 84.262232][ T5067] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.263133][ T5067] invalidate_bh_lrus+0x34/0x40 [ 84.263903][ T5067] blkdev_flush_mapping+0x168/0x31c [ 84.264798][ T5067] blkdev_put+0x490/0x6ac [ 84.265557][ T5067] kill_block_super+0x98/0xdc [ 84.266373][ T5067] deactivate_locked_super+0xb8/0x13c [ 84.267273][ T5067] mount_bdev+0x284/0x358 [ 84.268004][ T5067] sysv_mount+0x44/0x58 [ 84.268693][ T5067] legacy_get_tree+0xd4/0x16c [ 84.269462][ T5067] vfs_get_tree+0x90/0x274 [ 84.270202][ T5067] do_new_mount+0x228/0x810 [ 84.270953][ T5067] path_mount+0x5b4/0x1000 [ 84.271622][ T5067] __arm64_sys_mount+0x514/0x5e4 [ 84.272421][ T5067] invoke_syscall+0x98/0x2b8 [ 84.273104][ T5067] el0_svc_common+0x138/0x258 [ 84.273808][ T5067] do_el0_svc+0x58/0x14c [ 84.274466][ T5067] el0_svc+0x78/0x1e0 [ 84.275095][ T5067] el0t_64_sync_handler+0xcc/0xe4 [ 84.275817][ T5067] el0t_64_sync+0x1a0/0x1a4 [ 84.276465][ T5067] irq event stamp: 1924 [ 84.277058][ T5067] hardirqs last enabled at (1923): [] kasan_quarantine_put+0xc4/0x204 [ 84.278522][ T5067] hardirqs last disabled at (1924): [] smp_call_function_many_cond+0xa44/0xeb0 [ 84.280059][ T5067] softirqs last enabled at (1738): [] local_bh_enable+0x10/0x34 [ 84.281370][ T5067] softirqs last disabled at (1736): [] local_bh_disable+0x10/0x34 [ 84.282760][ T5067] ---[ end trace 2e88ad39bf836a3a ]--- [ 84.401346][ T5071] loop0: detected capacity change from 0 to 128 [ 84.411345][ T5071] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.413826][ T5071] Bad inode number on dev loop0: 2 is out of range [ 84.414758][ T5071] SysV FS: get root inode failed [ 84.415558][ T5071] oldfs: cannot read superblock [ 84.419830][ C1] ------------[ cut here ]------------ [ 84.420667][ C1] VFS: brelse: Trying to free free buffer [ 84.421468][ C1] WARNING: CPU: 1 PID: 4511 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.422836][ C1] Modules linked in: [ 84.423548][ C1] CPU: 1 PID: 4511 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.425094][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 84.426581][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.427781][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 84.428607][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 84.429330][ C1] sp : ffff800008017de0 [ 84.429994][ C1] x29: ffff800008017de0 x28: ffff0000d60bd1c0 x27: 1fffe0003421c65c [ 84.431290][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 84.432669][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df775b40 [ 84.434002][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 84.435347][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 84.436735][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.437907][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 577735d7f8c03400 [ 84.439307][ C1] x8 : 577735d7f8c03400 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.440610][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 84.442002][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.443304][ C1] Call trace: [ 84.443864][ C1] invalidate_bh_lru+0x128/0x234 [ 84.444697][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.445676][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.446722][ C1] ipi_handler+0x10c/0x710 [ 84.447407][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 84.448235][ C1] handle_domain_irq+0x144/0x1fc [ 84.448982][ C1] gic_handle_irq+0x78/0x1c8 [ 84.449687][ C1] call_on_irq_stack+0x30/0x48 [ 84.450453][ C1] do_interrupt_handler+0x6c/0x88 [ 84.451213][ C1] el0_interrupt+0x94/0x260 [ 84.451891][ C1] __el0_irq_handler_common+0x18/0x24 [ 84.452711][ C1] el0t_64_irq_handler+0x10/0x1c [ 84.453509][ C1] el0t_64_irq+0x1a0/0x1a4 [ 84.454226][ C1] irq event stamp: 684724 [ 84.454846][ C1] hardirqs last enabled at (684723): [] __el0_irq_handler_common+0x18/0x24 [ 84.456408][ C1] hardirqs last disabled at (684724): [] __el0_irq_handler_common+0x18/0x24 [ 84.457919][ C1] softirqs last enabled at (684720): [] local_bh_enable+0x10/0x34 [ 84.459266][ C1] softirqs last disabled at (684718): [] local_bh_disable+0x10/0x34 [ 84.460691][ C1] ---[ end trace 2e88ad39bf836a3b ]--- [ 84.514448][ T5073] loop0: detected capacity change from 0 to 128 [ 84.602888][ T5073] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.603993][ T5073] Bad inode number on dev loop0: 2 is out of range [ 84.605120][ T5073] SysV FS: get root inode failed [ 84.605892][ T5073] oldfs: cannot read superblock [ 84.615683][ C0] ------------[ cut here ]------------ [ 84.616633][ C0] VFS: brelse: Trying to free free buffer [ 84.617658][ C0] WARNING: CPU: 0 PID: 5074 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.618990][ C0] Modules linked in: [ 84.619629][ C0] CPU: 0 PID: 5074 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.620976][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 84.622430][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.623735][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 84.624567][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 84.625488][ C0] sp : ffff800008007de0 [ 84.626144][ C0] x29: ffff800008007de0 x28: ffff0000d1b41b40 x27: 1fffe0003421845c [ 84.627451][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 84.628777][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df621a58 [ 84.630100][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 84.631374][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 84.632701][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.634044][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : f961426e1a242a00 [ 84.635338][ C0] x8 : f961426e1a242a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.636688][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 84.638084][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 84.639336][ C0] Call trace: [ 84.639876][ C0] invalidate_bh_lru+0x128/0x234 [ 84.640637][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.641661][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.642888][ C0] ipi_handler+0x10c/0x710 [ 84.643683][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 84.644567][ C0] handle_domain_irq+0x144/0x1fc [ 84.645342][ C0] gic_handle_irq+0x78/0x1c8 [ 84.646103][ C0] call_on_irq_stack+0x30/0x48 [ 84.646861][ C0] do_interrupt_handler+0x6c/0x88 [ 84.647721][ C0] el1_interrupt+0x30/0x58 [ 84.648422][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.649210][ C0] el1h_64_irq+0x78/0x7c [ 84.649881][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 84.650810][ C0] debug_check_no_obj_freed+0x450/0x46c [ 84.651758][ C0] slab_free_freelist_hook+0x9c/0x1e8 [ 84.652608][ C0] kfree+0x170/0x40c [ 84.653264][ C0] tomoyo_realpath_from_path+0x4c8/0x510 [ 84.654201][ C0] tomoyo_check_open_permission+0x168/0x2fc [ 84.655047][ C0] tomoyo_file_open+0x130/0x1b0 [ 84.655787][ C0] security_file_open+0x6c/0xac [ 84.656596][ C0] do_dentry_open+0x29c/0xebc [ 84.657295][ C0] vfs_open+0x7c/0x90 [ 84.657899][ C0] path_openat+0x1f80/0x26e4 [ 84.658637][ C0] do_filp_open+0x164/0x330 [ 84.659288][ C0] do_sys_openat2+0x128/0x3d8 [ 84.660038][ C0] __arm64_sys_openat+0x120/0x154 [ 84.660852][ C0] invoke_syscall+0x98/0x2b8 [ 84.661600][ C0] el0_svc_common+0x138/0x258 [ 84.662296][ C0] do_el0_svc+0x58/0x14c [ 84.662969][ C0] el0_svc+0x78/0x1e0 [ 84.663637][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 84.664487][ C0] el0t_64_sync+0x1a0/0x1a4 [ 84.665195][ C0] irq event stamp: 1548 [ 84.665845][ C0] hardirqs last enabled at (1547): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 84.667413][ C0] hardirqs last disabled at (1548): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.668815][ C0] softirqs last enabled at (1188): [] local_bh_enable+0x10/0x34 [ 84.670103][ C0] softirqs last disabled at (1186): [] local_bh_disable+0x10/0x34 [ 84.671399][ C0] ---[ end trace 2e88ad39bf836a3c ]--- [ 84.715217][ T5075] loop0: detected capacity change from 0 to 128 [ 84.763298][ T5075] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.764509][ T5075] Bad inode number on dev loop0: 2 is out of range [ 84.765564][ T5075] SysV FS: get root inode failed [ 84.766380][ T5075] oldfs: cannot read superblock [ 84.776670][ C0] ------------[ cut here ]------------ [ 84.777647][ C0] VFS: brelse: Trying to free free buffer [ 84.778544][ C0] WARNING: CPU: 0 PID: 5077 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.780013][ C0] Modules linked in: [ 84.780604][ C0] CPU: 0 PID: 5077 Comm: syz.0.76 Tainted: G W syzkaller #0 [ 84.782018][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 84.783721][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.785023][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 84.785908][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 84.786841][ C0] sp : ffff800008007de0 [ 84.787499][ C0] x29: ffff800008007de0 x28: ffff0000ed8e51c0 x27: 1fffe0003421845c [ 84.788837][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 84.790130][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df621df8 [ 84.791408][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 84.792693][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 84.793961][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.795273][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 626d286fa6145200 [ 84.796531][ C0] x8 : 626d286fa6145200 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.797787][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 84.799061][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.800344][ C0] Call trace: [ 84.800857][ C0] invalidate_bh_lru+0x128/0x234 [ 84.801717][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.802707][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.803854][ C0] ipi_handler+0x10c/0x710 [ 84.804562][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 84.805441][ C0] handle_domain_irq+0x144/0x1fc [ 84.806329][ C0] gic_handle_irq+0x78/0x1c8 [ 84.807171][ C0] call_on_irq_stack+0x30/0x48 [ 84.807963][ C0] do_interrupt_handler+0x6c/0x88 [ 84.808803][ C0] el0_interrupt+0x94/0x260 [ 84.809500][ C0] __el0_irq_handler_common+0x18/0x24 [ 84.810397][ C0] el0t_64_irq_handler+0x10/0x1c [ 84.811243][ C0] el0t_64_irq+0x1a0/0x1a4 [ 84.811920][ C0] irq event stamp: 320 [ 84.812544][ C0] hardirqs last enabled at (319): [] el0t_64_sync_handler+0xd8/0xe4 [ 84.814020][ C0] hardirqs last disabled at (320): [] __el0_irq_handler_common+0x18/0x24 [ 84.815703][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 84.817232][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 84.818807][ C0] ---[ end trace 2e88ad39bf836a3d ]--- [ 84.844653][ T5077] loop0: detected capacity change from 0 to 128 [ 84.897459][ T5077] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.898752][ T5077] Bad inode number on dev loop0: 2 is out of range [ 84.899837][ T5077] SysV FS: get root inode failed [ 84.900641][ T5077] oldfs: cannot read superblock [ 84.910243][ C0] ------------[ cut here ]------------ [ 84.911119][ C0] VFS: brelse: Trying to free free buffer [ 84.912081][ C0] WARNING: CPU: 0 PID: 5079 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.913477][ C0] Modules linked in: [ 84.914049][ C0] CPU: 0 PID: 5079 Comm: syz.0.77 Tainted: G W syzkaller #0 [ 84.915325][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 84.916874][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.918126][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 84.919031][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 84.919793][ C0] sp : ffff800008007de0 [ 84.920493][ C0] x29: ffff800008007de0 x28: ffff0000cd260000 x27: 1fffe0003421845c [ 84.921809][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 84.923128][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dce4c230 [ 84.924534][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 84.925919][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 84.927197][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.928506][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : d3d33d4e8f1b6e00 [ 84.929817][ C0] x8 : d3d33d4e8f1b6e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.931183][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 84.932456][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.933841][ C0] Call trace: [ 84.934338][ C0] invalidate_bh_lru+0x128/0x234 [ 84.935184][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.936199][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.937370][ C0] ipi_handler+0x10c/0x710 [ 84.938104][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 84.938997][ C0] handle_domain_irq+0x144/0x1fc [ 84.939790][ C0] gic_handle_irq+0x78/0x1c8 [ 84.940533][ C0] call_on_irq_stack+0x30/0x48 [ 84.941237][ C0] do_interrupt_handler+0x6c/0x88 [ 84.942047][ C0] el1_interrupt+0x30/0x58 [ 84.942802][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.943572][ C0] el1h_64_irq+0x78/0x7c [ 84.944319][ C0] try_charge_memcg+0x1e8/0x11bc [ 84.945140][ C0] charge_memcg+0xac/0x220 [ 84.945894][ C0] __mem_cgroup_charge+0x38/0xb0 [ 84.946699][ C0] handle_mm_fault+0x193c/0x2950 [ 84.947512][ C0] do_page_fault+0x694/0xad4 [ 84.948218][ C0] do_translation_fault+0xe0/0x130 [ 84.949056][ C0] do_mem_abort+0x6c/0x1ac [ 84.949764][ C0] el0_da+0x90/0x1fc [ 84.950371][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 84.951211][ C0] el0t_64_sync+0x1a0/0x1a4 [ 84.951938][ C0] irq event stamp: 344 [ 84.952593][ C0] hardirqs last enabled at (343): [] try_charge_memcg+0x1d8/0x11bc [ 84.954249][ C0] hardirqs last disabled at (344): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.955799][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 84.957185][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 84.958633][ C0] ---[ end trace 2e88ad39bf836a3e ]--- [ 84.994501][ T5079] loop0: detected capacity change from 0 to 128 [ 85.033443][ T5079] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.034767][ T5079] Bad inode number on dev loop0: 2 is out of range [ 85.035848][ T5079] SysV FS: get root inode failed [ 85.037837][ T5079] oldfs: cannot read superblock [ 85.044678][ T4517] ------------[ cut here ]------------ [ 85.045609][ T4517] VFS: brelse: Trying to free free buffer [ 85.046556][ T4517] WARNING: CPU: 1 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.047990][ T4517] Modules linked in: [ 85.048618][ T4517] CPU: 1 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 85.050001][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.051561][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.052862][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 85.053643][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 85.054376][ T4517] sp : ffff80001f6877c0 [ 85.055019][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 85.056246][ T4517] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 85.057629][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df760318 [ 85.059008][ T4517] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 85.060396][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.061638][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.062980][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 85.064305][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.065663][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.067014][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.068275][ T4517] Call trace: [ 85.068806][ T4517] invalidate_bh_lru+0x128/0x234 [ 85.069587][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 85.070477][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.071291][ T4517] invalidate_bh_lrus+0x34/0x40 [ 85.072062][ T4517] blkdev_flush_mapping+0x168/0x31c [ 85.072914][ T4517] blkdev_put+0x490/0x6ac [ 85.073695][ T4517] blkdev_close+0x74/0xb0 [ 85.074496][ T4517] __fput+0x1c0/0x7f8 [ 85.075177][ T4517] ____fput+0x20/0x30 [ 85.075749][ T4517] task_work_run+0x12c/0x1e0 [ 85.076501][ T4517] do_notify_resume+0x24b4/0x3128 [ 85.077324][ T4517] el0_svc+0xf0/0x1e0 [ 85.078013][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 85.078766][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 85.079540][ T4517] irq event stamp: 393264 [ 85.080238][ T4517] hardirqs last enabled at (393263): [] kasan_quarantine_put+0xc4/0x204 [ 85.081902][ T4517] hardirqs last disabled at (393264): [] smp_call_function_many_cond+0xa44/0xeb0 [ 85.083650][ T4517] softirqs last enabled at (392996): [] local_bh_enable+0x10/0x34 [ 85.085335][ T4517] softirqs last disabled at (392994): [] local_bh_disable+0x10/0x34 [ 85.086948][ T4517] ---[ end trace 2e88ad39bf836a3f ]--- [ 85.125275][ T5081] loop0: detected capacity change from 0 to 128 [ 85.127627][ T5081] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.128787][ T5081] Bad inode number on dev loop0: 2 is out of range [ 85.129859][ T5081] SysV FS: get root inode failed [ 85.130650][ T5081] oldfs: cannot read superblock [ 85.136415][ C1] ------------[ cut here ]------------ [ 85.137232][ C1] VFS: brelse: Trying to free free buffer [ 85.138207][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.139565][ C1] Modules linked in: [ 85.140170][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.141570][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.143188][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.144535][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 85.145398][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 85.146270][ C1] sp : ffff800008017de0 [ 85.147011][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 85.148307][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 85.149682][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7606b8 [ 85.150988][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 85.152420][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.153721][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.155088][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 188fe7a40ddbb300 [ 85.156445][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.157811][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.159127][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 85.160572][ C1] Call trace: [ 85.161143][ C1] invalidate_bh_lru+0x128/0x234 [ 85.161907][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.162862][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.164083][ C1] ipi_handler+0x10c/0x710 [ 85.164871][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 85.165752][ C1] handle_domain_irq+0x144/0x1fc [ 85.166603][ C1] gic_handle_irq+0x78/0x1c8 [ 85.167387][ C1] call_on_irq_stack+0x30/0x48 [ 85.168194][ C1] do_interrupt_handler+0x6c/0x88 [ 85.169078][ C1] el1_interrupt+0x30/0x58 [ 85.169753][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.170554][ C1] el1h_64_irq+0x78/0x7c [ 85.171245][ C1] rcu_is_watching+0x7c/0x134 [ 85.172005][ C1] lock_release+0xb4/0x8e8 [ 85.172749][ C1] __might_fault+0xf4/0x128 [ 85.173457][ C1] xt_obj_to_user+0x58/0x3c8 [ 85.174244][ C1] xt_target_to_user+0x88/0x1a8 [ 85.175093][ C1] do_ip6t_get_ctl+0xfc0/0x13a8 [ 85.175846][ C1] nf_getsockopt+0x264/0x284 [ 85.176636][ C1] ipv6_getsockopt+0x52c/0x2584 [ 85.177465][ C1] tcp_getsockopt+0x208/0x2e78 [ 85.178256][ C1] sock_common_getsockopt+0xa8/0xc4 [ 85.179149][ C1] __sys_getsockopt+0x1b8/0x250 [ 85.179893][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 85.180674][ C1] invoke_syscall+0x98/0x2b8 [ 85.181362][ C1] el0_svc_common+0x138/0x258 [ 85.182157][ C1] do_el0_svc+0x58/0x14c [ 85.182803][ C1] el0_svc+0x78/0x1e0 [ 85.183448][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.184262][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.185011][ C1] irq event stamp: 360190 [ 85.185706][ C1] hardirqs last enabled at (360189): [] alloc_counters+0x3d4/0x7a4 [ 85.187375][ C1] hardirqs last disabled at (360190): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.189102][ C1] softirqs last enabled at (360054): [] local_bh_enable+0x10/0x34 [ 85.190764][ C1] softirqs last disabled at (360052): [] local_bh_disable+0x10/0x34 [ 85.192421][ C1] ---[ end trace 2e88ad39bf836a40 ]--- [ 85.215628][ T5083] loop0: detected capacity change from 0 to 128 [ 85.277717][ T5083] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.278898][ T5083] Bad inode number on dev loop0: 2 is out of range [ 85.279872][ T5083] SysV FS: get root inode failed [ 85.280661][ T5083] oldfs: cannot read superblock [ 85.281469][ T5083] ------------[ cut here ]------------ [ 85.282269][ T5083] VFS: brelse: Trying to free free buffer [ 85.283174][ T5083] WARNING: CPU: 1 PID: 5083 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.284496][ T5083] Modules linked in: [ 85.285180][ T5083] CPU: 1 PID: 5083 Comm: syz.0.79 Tainted: G W syzkaller #0 [ 85.286551][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.288219][ T5083] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.289528][ T5083] pc : invalidate_bh_lru+0x128/0x234 [ 85.290376][ T5083] lr : invalidate_bh_lru+0x128/0x234 [ 85.291153][ T5083] sp : ffff80001fef76e0 [ 85.291823][ T5083] x29: ffff80001fef76e0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 85.293153][ T5083] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 85.294510][ T5083] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df760a58 [ 85.295902][ T5083] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 85.297217][ T5083] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.298601][ T5083] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.299926][ T5083] x11: 0000000000000002 x10: 0000000000000000 x9 : a8f46933af6f1d00 [ 85.301263][ T5083] x8 : a8f46933af6f1d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.302614][ T5083] x5 : ffff80001fef6fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.303790][ T5083] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.305007][ T5083] Call trace: [ 85.305476][ T5083] invalidate_bh_lru+0x128/0x234 [ 85.306262][ T5083] smp_call_function_many_cond+0xa50/0xeb0 [ 85.307132][ T5083] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.307964][ T5083] invalidate_bh_lrus+0x34/0x40 [ 85.308734][ T5083] blkdev_flush_mapping+0x168/0x31c [ 85.309586][ T5083] blkdev_put+0x490/0x6ac [ 85.310279][ T5083] kill_block_super+0x98/0xdc [ 85.311038][ T5083] deactivate_locked_super+0xb8/0x13c [ 85.311918][ T5083] mount_bdev+0x284/0x358 [ 85.312609][ T5083] sysv_mount+0x44/0x58 [ 85.313241][ T5083] legacy_get_tree+0xd4/0x16c [ 85.313986][ T5083] vfs_get_tree+0x90/0x274 [ 85.314609][ T5083] do_new_mount+0x228/0x810 [ 85.315308][ T5083] path_mount+0x5b4/0x1000 [ 85.316046][ T5083] __arm64_sys_mount+0x514/0x5e4 [ 85.316867][ T5083] invoke_syscall+0x98/0x2b8 [ 85.317650][ T5083] el0_svc_common+0x138/0x258 [ 85.318407][ T5083] do_el0_svc+0x58/0x14c [ 85.319101][ T5083] el0_svc+0x78/0x1e0 [ 85.319768][ T5083] el0t_64_sync_handler+0xcc/0xe4 [ 85.320583][ T5083] el0t_64_sync+0x1a0/0x1a4 [ 85.321317][ T5083] irq event stamp: 1132 [ 85.321963][ T5083] hardirqs last enabled at (1131): [] kasan_quarantine_put+0xc4/0x204 [ 85.323502][ T5083] hardirqs last disabled at (1132): [] smp_call_function_many_cond+0xa44/0xeb0 [ 85.325057][ T5083] softirqs last enabled at (952): [] local_bh_enable+0x10/0x34 [ 85.326603][ T5083] softirqs last disabled at (950): [] local_bh_disable+0x10/0x34 [ 85.328061][ T5083] ---[ end trace 2e88ad39bf836a41 ]--- [ 85.424755][ T5087] loop0: detected capacity change from 0 to 128 [ 85.463022][ T5087] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.464220][ T5087] Bad inode number on dev loop0: 2 is out of range [ 85.465292][ T5087] SysV FS: get root inode failed [ 85.466057][ T5087] oldfs: cannot read superblock [ 85.471489][ C1] ------------[ cut here ]------------ [ 85.472395][ C1] VFS: brelse: Trying to free free buffer [ 85.473329][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.474831][ C1] Modules linked in: [ 85.475486][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 85.476936][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.478532][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.479852][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 85.480787][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 85.481761][ C1] sp : ffff800008017de0 [ 85.482438][ C1] x29: ffff800008017de0 x28: ffff0000d6a89b40 x27: 1fffe0003421c65b [ 85.483769][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 85.485179][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df760df8 [ 85.486583][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 85.487954][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.489394][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.490743][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : faf9201995291400 [ 85.491954][ C1] x8 : faf9201995291400 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.493338][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.494655][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 85.496073][ C1] Call trace: [ 85.496612][ C1] invalidate_bh_lru+0x128/0x234 [ 85.497450][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.498417][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.499560][ C1] ipi_handler+0x10c/0x710 [ 85.500279][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 85.501175][ C1] handle_domain_irq+0x144/0x1fc [ 85.501987][ C1] gic_handle_irq+0x78/0x1c8 [ 85.502721][ C1] call_on_irq_stack+0x30/0x48 [ 85.503494][ C1] do_interrupt_handler+0x6c/0x88 [ 85.504264][ C1] el1_interrupt+0x30/0x58 [ 85.505020][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.505801][ C1] el1h_64_irq+0x78/0x7c [ 85.506474][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 85.507358][ C1] debug_check_no_obj_freed+0x450/0x46c [ 85.508266][ C1] slab_free_freelist_hook+0x9c/0x1e8 [ 85.509110][ C1] kmem_cache_free+0xdc/0x3b4 [ 85.509796][ C1] putname+0x104/0x15c [ 85.510503][ C1] do_sys_openat2+0x1c0/0x3d8 [ 85.511183][ C1] __arm64_sys_openat+0x120/0x154 [ 85.511992][ C1] invoke_syscall+0x98/0x2b8 [ 85.512762][ C1] el0_svc_common+0x138/0x258 [ 85.513519][ C1] do_el0_svc+0x58/0x14c [ 85.514181][ C1] el0_svc+0x78/0x1e0 [ 85.514801][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.515557][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.516254][ C1] irq event stamp: 1307978 [ 85.516918][ C1] hardirqs last enabled at (1307977): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 85.518517][ C1] hardirqs last disabled at (1307978): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.520025][ C1] softirqs last enabled at (1307946): [] local_bh_enable+0x10/0x34 [ 85.521566][ C1] softirqs last disabled at (1307944): [] local_bh_disable+0x10/0x34 [ 85.523215][ C1] ---[ end trace 2e88ad39bf836a42 ]--- [ 85.573916][ T5089] loop0: detected capacity change from 0 to 128 [ 85.576191][ T5089] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.577370][ T5089] Bad inode number on dev loop0: 2 is out of range [ 85.578349][ T5089] SysV FS: get root inode failed [ 85.579168][ T5089] oldfs: cannot read superblock [ 85.584072][ T4517] ------------[ cut here ]------------ [ 85.585063][ T4517] VFS: brelse: Trying to free free buffer [ 85.586107][ T4517] WARNING: CPU: 1 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.587538][ T4517] Modules linked in: [ 85.588216][ T4517] CPU: 1 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 85.589615][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.591355][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.592638][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 85.593473][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 85.594335][ T4517] sp : ffff80001f6877c0 [ 85.595010][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 85.596268][ T4517] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 85.597619][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df735230 [ 85.598915][ T4517] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 85.600265][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.601527][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.602907][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 85.604220][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.605634][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.607047][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.608383][ T4517] Call trace: [ 85.608909][ T4517] invalidate_bh_lru+0x128/0x234 [ 85.609685][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 85.610585][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.611447][ T4517] invalidate_bh_lrus+0x34/0x40 [ 85.612234][ T4517] blkdev_flush_mapping+0x168/0x31c [ 85.613053][ T4517] blkdev_put+0x490/0x6ac [ 85.613752][ T4517] blkdev_close+0x74/0xb0 [ 85.614558][ T4517] __fput+0x1c0/0x7f8 [ 85.615242][ T4517] ____fput+0x20/0x30 [ 85.615891][ T4517] task_work_run+0x12c/0x1e0 [ 85.616637][ T4517] do_notify_resume+0x24b4/0x3128 [ 85.617387][ T4517] el0_svc+0xf0/0x1e0 [ 85.618082][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 85.618863][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 85.619609][ T4517] irq event stamp: 415692 [ 85.620342][ T4517] hardirqs last enabled at (415691): [] kasan_quarantine_put+0xc4/0x204 [ 85.621908][ T4517] hardirqs last disabled at (415692): [] smp_call_function_many_cond+0xa44/0xeb0 [ 85.623711][ T4517] softirqs last enabled at (415412): [] local_bh_enable+0x10/0x34 [ 85.625242][ T4517] softirqs last disabled at (415410): [] local_bh_disable+0x10/0x34 [ 85.626831][ T4517] ---[ end trace 2e88ad39bf836a43 ]--- [ 85.654693][ T5091] loop0: detected capacity change from 0 to 128 [ 85.697164][ T5091] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.698520][ T5091] Bad inode number on dev loop0: 2 is out of range [ 85.699532][ T5091] SysV FS: get root inode failed [ 85.700315][ T5091] oldfs: cannot read superblock [ 85.708747][ C0] ------------[ cut here ]------------ [ 85.709683][ C0] VFS: brelse: Trying to free free buffer [ 85.710571][ C0] WARNING: CPU: 0 PID: 5092 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.711879][ C0] Modules linked in: [ 85.712508][ C0] CPU: 0 PID: 5092 Comm: syz.0.84 Tainted: G W syzkaller #0 [ 85.714120][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.715719][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.716994][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 85.717933][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 85.718835][ C0] sp : ffff800008007de0 [ 85.719491][ C0] x29: ffff800008007de0 x28: ffff0000d67051c0 x27: 1fffe0003421845c [ 85.720931][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 85.722309][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dce4c5d0 [ 85.723581][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 85.724837][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.726072][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.727235][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 154ac91d4bbc8b00 [ 85.728478][ C0] x8 : 154ac91d4bbc8b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.729631][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.730772][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 85.731971][ C0] Call trace: [ 85.732539][ C0] invalidate_bh_lru+0x128/0x234 [ 85.733272][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.734118][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.735126][ C0] ipi_handler+0x10c/0x710 [ 85.735786][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 85.736584][ C0] handle_domain_irq+0x144/0x1fc [ 85.737377][ C0] gic_handle_irq+0x78/0x1c8 [ 85.738094][ C0] call_on_irq_stack+0x30/0x48 [ 85.738811][ C0] do_interrupt_handler+0x6c/0x88 [ 85.739504][ C0] el1_interrupt+0x30/0x58 [ 85.740154][ C0] el1h_64_irq_handler+0x18/0x24 [ 85.740869][ C0] el1h_64_irq+0x78/0x7c [ 85.741571][ C0] lock_acquire+0x234/0x620 [ 85.742316][ C0] _raw_spin_lock+0xb0/0x10c [ 85.743096][ C0] ext4_mark_iloc_dirty+0x1bc/0x3834 [ 85.743966][ C0] __ext4_mark_inode_dirty+0x490/0x7b0 [ 85.744856][ C0] ext4_dirty_inode+0xd0/0x100 [ 85.745568][ C0] __mark_inode_dirty+0x2b0/0xfac [ 85.746347][ C0] generic_update_time+0x210/0x238 [ 85.747199][ C0] file_update_time+0x318/0x390 [ 85.747924][ C0] ext4_page_mkwrite+0x16c/0x10c8 [ 85.748743][ C0] do_page_mkwrite+0x13c/0x358 [ 85.749535][ C0] handle_mm_fault+0x1618/0x2950 [ 85.750341][ C0] do_page_fault+0x694/0xad4 [ 85.751082][ C0] do_translation_fault+0xe0/0x130 [ 85.751946][ C0] do_mem_abort+0x6c/0x1ac [ 85.752667][ C0] el0_da+0x90/0x1fc [ 85.753315][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 85.754083][ C0] el0t_64_sync+0x1a0/0x1a4 [ 85.754851][ C0] irq event stamp: 1096 [ 85.755544][ C0] hardirqs last enabled at (1095): [] __find_get_block+0x1c8/0xcd8 [ 85.757177][ C0] hardirqs last disabled at (1096): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.758765][ C0] softirqs last enabled at (536): [] local_bh_enable+0x10/0x34 [ 85.760314][ C0] softirqs last disabled at (534): [] local_bh_disable+0x10/0x34 [ 85.761865][ C0] ---[ end trace 2e88ad39bf836a44 ]--- [ 85.824412][ T5093] loop0: detected capacity change from 0 to 128 [ 85.865368][ T5093] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.866544][ T5093] Bad inode number on dev loop0: 2 is out of range [ 85.867698][ T5093] SysV FS: get root inode failed [ 85.868852][ T5093] oldfs: cannot read superblock [ 85.876749][ C1] ------------[ cut here ]------------ [ 85.877665][ C1] VFS: brelse: Trying to free free buffer [ 85.878641][ C1] WARNING: CPU: 1 PID: 5094 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.879961][ C1] Modules linked in: [ 85.880616][ C1] CPU: 1 PID: 5094 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.882109][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.883729][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.885068][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 85.886014][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 85.886867][ C1] sp : ffff800008017de0 [ 85.887539][ C1] x29: ffff800008017de0 x28: ffff0000db318000 x27: 1fffe0003421c65c [ 85.888776][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 85.890048][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7355d0 [ 85.891468][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 85.892767][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.894000][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.895159][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 09e5bf0fe4df7600 [ 85.896351][ C1] x8 : 09e5bf0fe4df7600 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.897597][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.898830][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 85.900048][ C1] Call trace: [ 85.900528][ C1] invalidate_bh_lru+0x128/0x234 [ 85.901340][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.902289][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.903398][ C1] ipi_handler+0x10c/0x710 [ 85.904053][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 85.904897][ C1] handle_domain_irq+0x144/0x1fc [ 85.905594][ C1] gic_handle_irq+0x78/0x1c8 [ 85.906276][ C1] call_on_irq_stack+0x30/0x48 [ 85.906956][ C1] do_interrupt_handler+0x6c/0x88 [ 85.907689][ C1] el1_interrupt+0x30/0x58 [ 85.908423][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.909171][ C1] el1h_64_irq+0x78/0x7c [ 85.909794][ C1] down_read_trylock+0x13c/0x414 [ 85.910567][ C1] do_page_fault+0x364/0xad4 [ 85.911355][ C1] do_translation_fault+0xe0/0x130 [ 85.912266][ C1] do_mem_abort+0x6c/0x1ac [ 85.913000][ C1] el0_ia+0xe0/0x2d0 [ 85.913598][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 85.914413][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.915101][ C1] irq event stamp: 418 [ 85.915738][ C1] hardirqs last enabled at (417): [] local_daif_restore+0x1c/0x3c [ 85.917280][ C1] hardirqs last disabled at (418): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.918855][ C1] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 85.920407][ C1] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 85.921866][ C1] ---[ end trace 2e88ad39bf836a45 ]--- [ 85.956240][ T5095] loop0: detected capacity change from 0 to 128 [ 85.958736][ T5095] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.959938][ T5095] Bad inode number on dev loop0: 2 is out of range [ 85.960807][ T5095] SysV FS: get root inode failed [ 85.961488][ T5095] oldfs: cannot read superblock [ 85.966412][ C0] ------------[ cut here ]------------ [ 85.967305][ C0] VFS: brelse: Trying to free free buffer [ 85.968204][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 85.969552][ C0] Modules linked in: [ 85.970145][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.971614][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 85.973251][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.974538][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 85.975389][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 85.976205][ C0] sp : ffff800008007de0 [ 85.976827][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 85.978165][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 85.979440][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dce4c970 [ 85.980727][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 85.982088][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 85.983425][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 85.984837][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 85.986238][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.987602][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 85.988932][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.990235][ C0] Call trace: [ 85.990779][ C0] invalidate_bh_lru+0x128/0x234 [ 85.991644][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.992628][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.993816][ C0] ipi_handler+0x10c/0x710 [ 85.994518][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 85.995430][ C0] handle_domain_irq+0x144/0x1fc [ 85.996257][ C0] gic_handle_irq+0x78/0x1c8 [ 85.997041][ C0] call_on_irq_stack+0x30/0x48 [ 85.997792][ C0] do_interrupt_handler+0x6c/0x88 [ 85.998594][ C0] el1_interrupt+0x30/0x58 [ 85.999294][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.000066][ C0] el1h_64_irq+0x78/0x7c [ 86.000758][ C0] lock_release+0x4a0/0x8e8 [ 86.001507][ C0] rcu_lock_release+0x2c/0x38 [ 86.002280][ C0] try_to_unlazy+0x344/0x600 [ 86.003006][ C0] complete_walk+0xe4/0x308 [ 86.003685][ C0] path_lookupat+0x1ec/0x3d0 [ 86.004443][ C0] filename_lookup+0x180/0x414 [ 86.005202][ C0] user_path_at_empty+0x5c/0x1a0 [ 86.006021][ C0] vfs_statx+0xf4/0x458 [ 86.006700][ C0] __arm64_sys_newfstatat+0x10c/0x190 [ 86.007596][ C0] invoke_syscall+0x98/0x2b8 [ 86.008344][ C0] el0_svc_common+0x138/0x258 [ 86.009129][ C0] do_el0_svc+0x58/0x14c [ 86.009735][ C0] el0_svc+0x78/0x1e0 [ 86.010381][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 86.011166][ C0] el0t_64_sync+0x1a0/0x1a4 [ 86.011854][ C0] irq event stamp: 378332 [ 86.012484][ C0] hardirqs last enabled at (378331): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 86.014249][ C0] hardirqs last disabled at (378332): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.015803][ C0] softirqs last enabled at (377744): [] local_bh_enable+0x10/0x34 [ 86.017340][ C0] softirqs last disabled at (377742): [] local_bh_disable+0x10/0x34 [ 86.018887][ C0] ---[ end trace 2e88ad39bf836a46 ]--- [ 86.068273][ T5097] loop0: detected capacity change from 0 to 128 [ 86.072458][ T5097] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.073735][ T5097] Bad inode number on dev loop0: 2 is out of range [ 86.074844][ T5097] SysV FS: get root inode failed [ 86.075699][ T5097] oldfs: cannot read superblock [ 86.081532][ T4517] ------------[ cut here ]------------ [ 86.082495][ T4517] VFS: brelse: Trying to free free buffer [ 86.083388][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.084692][ T4517] Modules linked in: [ 86.085331][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 86.086683][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.088306][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.089600][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 86.090457][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 86.091344][ T4517] sp : ffff80001f6877c0 [ 86.091997][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 86.093205][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 86.094468][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dce4cd10 [ 86.095653][ T4517] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 86.096839][ T4517] x17: 0000000000000000 x16: ffff800008302168 x15: 00000000ffffffff [ 86.097990][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 86.099339][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 86.100592][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.101879][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff800008302278 [ 86.103015][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 86.104240][ T4517] Call trace: [ 86.104708][ T4517] invalidate_bh_lru+0x128/0x234 [ 86.105453][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 86.106384][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 86.107149][ T4517] invalidate_bh_lrus+0x34/0x40 [ 86.107956][ T4517] blkdev_flush_mapping+0x168/0x31c [ 86.108839][ T4517] blkdev_put+0x490/0x6ac [ 86.109481][ T4517] blkdev_close+0x74/0xb0 [ 86.110167][ T4517] __fput+0x1c0/0x7f8 [ 86.110774][ T4517] ____fput+0x20/0x30 [ 86.111443][ T4517] task_work_run+0x12c/0x1e0 [ 86.112179][ T4517] do_notify_resume+0x24b4/0x3128 [ 86.112959][ T4517] el0_svc+0xf0/0x1e0 [ 86.113594][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 86.114437][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 86.115194][ T4517] irq event stamp: 438070 [ 86.115905][ T4517] hardirqs last enabled at (438069): [] kasan_quarantine_put+0xc4/0x204 [ 86.117605][ T4517] hardirqs last disabled at (438070): [] smp_call_function_many_cond+0xa44/0xeb0 [ 86.119258][ T4517] softirqs last enabled at (437784): [] local_bh_enable+0x10/0x34 [ 86.120730][ T4517] softirqs last disabled at (437782): [] local_bh_disable+0x10/0x34 [ 86.122241][ T4517] ---[ end trace 2e88ad39bf836a47 ]--- [ 86.164893][ T5099] loop0: detected capacity change from 0 to 128 [ 86.167242][ T5099] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.168719][ T5099] Bad inode number on dev loop0: 2 is out of range [ 86.169856][ T5099] SysV FS: get root inode failed [ 86.170722][ T5099] oldfs: cannot read superblock [ 86.176859][ T4517] ------------[ cut here ]------------ [ 86.177703][ T4517] VFS: brelse: Trying to free free buffer [ 86.178594][ T4517] WARNING: CPU: 0 PID: 4517 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.179946][ T4517] Modules linked in: [ 86.180569][ T4517] CPU: 0 PID: 4517 Comm: udevd Tainted: G W syzkaller #0 [ 86.181975][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.183749][ T4517] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.184985][ T4517] pc : invalidate_bh_lru+0x128/0x234 [ 86.185824][ T4517] lr : invalidate_bh_lru+0x128/0x234 [ 86.186715][ T4517] sp : ffff80001f6877c0 [ 86.187430][ T4517] x29: ffff80001f6877c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 86.188740][ T4517] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 86.190081][ T4517] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0d7e148 [ 86.191430][ T4517] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 86.192814][ T4517] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 86.194202][ T4517] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 86.195547][ T4517] x11: 0000000000000002 x10: 0000000000000000 x9 : af12ce7923952700 [ 86.196788][ T4517] x8 : af12ce7923952700 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.198016][ T4517] x5 : ffff80001f6870b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 86.199403][ T4517] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 86.200724][ T4517] Call trace: [ 86.201246][ T4517] invalidate_bh_lru+0x128/0x234 [ 86.202029][ T4517] smp_call_function_many_cond+0xa50/0xeb0 [ 86.202974][ T4517] on_each_cpu_cond_mask+0x5c/0xc4 [ 86.203831][ T4517] invalidate_bh_lrus+0x34/0x40 [ 86.204619][ T4517] blkdev_flush_mapping+0x168/0x31c [ 86.205403][ T4517] blkdev_put+0x490/0x6ac [ 86.206088][ T4517] blkdev_close+0x74/0xb0 [ 86.206777][ T4517] __fput+0x1c0/0x7f8 [ 86.207406][ T4517] ____fput+0x20/0x30 [ 86.208049][ T4517] task_work_run+0x12c/0x1e0 [ 86.208797][ T4517] do_notify_resume+0x24b4/0x3128 [ 86.209620][ T4517] el0_svc+0xf0/0x1e0 [ 86.210233][ T4517] el0t_64_sync_handler+0xcc/0xe4 [ 86.211150][ T4517] el0t_64_sync+0x1a0/0x1a4 [ 86.211903][ T4517] irq event stamp: 441636 [ 86.212640][ T4517] hardirqs last enabled at (441635): [] kasan_quarantine_put+0xc4/0x204 [ 86.214263][ T4517] hardirqs last disabled at (441636): [] smp_call_function_many_cond+0xa44/0xeb0 [ 86.215859][ T4517] softirqs last enabled at (441382): [] local_bh_enable+0x10/0x34 [ 86.217280][ T4517] softirqs last disabled at (441380): [] local_bh_disable+0x10/0x34 [ 86.218610][ T4517] ---[ end trace 2e88ad39bf836a48 ]--- [ 86.261275][ T5101] loop0: detected capacity change from 0 to 128 [ 86.322923][ T5101] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.324255][ T5101] Bad inode number on dev loop0: 2 is out of range [ 86.325349][ T5101] SysV FS: get root inode failed [ 86.326175][ T5101] oldfs: cannot read superblock [ 86.327021][ C1] ------------[ cut here ]------------ [ 86.327949][ C1] VFS: brelse: Trying to free free buffer [ 86.328913][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.330365][ C1] Modules linked in: [ 86.330980][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 86.332366][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.334004][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.335238][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 86.336059][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 86.336952][ C1] sp : ffff800008017de0 [ 86.337602][ C1] x29: ffff800008017de0 x28: ffff0000d6a89b40 x27: 1fffe0003421c65b [ 86.338991][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 86.340364][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df735970 [ 86.341699][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 86.342935][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 86.344215][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 86.345544][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : faf9201995291400 [ 86.346810][ C1] x8 : faf9201995291400 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.348125][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 86.349369][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 86.350586][ C1] Call trace: [ 86.351057][ C1] invalidate_bh_lru+0x128/0x234 [ 86.351826][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.352703][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.353759][ C1] ipi_handler+0x10c/0x710 [ 86.354425][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 86.355288][ C1] handle_domain_irq+0x144/0x1fc [ 86.356055][ C1] gic_handle_irq+0x78/0x1c8 [ 86.356718][ C1] call_on_irq_stack+0x30/0x48 [ 86.357441][ C1] do_interrupt_handler+0x6c/0x88 [ 86.358236][ C1] el1_interrupt+0x30/0x58 [ 86.358930][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.359706][ C1] el1h_64_irq+0x78/0x7c [ 86.360409][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 86.361283][ C1] debug_check_no_obj_freed+0x450/0x46c [ 86.362226][ C1] slab_free_freelist_hook+0x9c/0x1e8 [ 86.363102][ C1] kmem_cache_free+0xdc/0x3b4 [ 86.363852][ C1] kfree_skbmem+0x114/0x1b0 [ 86.364542][ C1] consume_skb+0x140/0x33c [ 86.365215][ C1] skb_free_datagram+0x30/0xe4 [ 86.365988][ C1] __unix_dgram_recvmsg+0x7e4/0xb28 [ 86.366870][ C1] unix_dgram_recvmsg+0xd4/0xec [ 86.367666][ C1] ____sys_recvmsg+0x254/0x794 [ 86.368428][ C1] ___sys_recvmsg+0x1ac/0x220 [ 86.369124][ C1] __arm64_sys_recvmsg+0x1a4/0x250 [ 86.369960][ C1] invoke_syscall+0x98/0x2b8 [ 86.370713][ C1] el0_svc_common+0x138/0x258 [ 86.371483][ C1] do_el0_svc+0x58/0x14c [ 86.372131][ C1] el0_svc+0x78/0x1e0 [ 86.372725][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.373492][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.374167][ C1] irq event stamp: 1332006 [ 86.374789][ C1] hardirqs last enabled at (1332005): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 86.376531][ C1] hardirqs last disabled at (1332006): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.378093][ C1] softirqs last enabled at (1331852): [] local_bh_enable+0x10/0x34 [ 86.379629][ C1] softirqs last disabled at (1331850): [] local_bh_disable+0x10/0x34 [ 86.381178][ C1] ---[ end trace 2e88ad39bf836a49 ]--- [ 86.494090][ T5103] loop0: detected capacity change from 0 to 128 [ 86.496867][ T5103] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.498145][ T5103] Bad inode number on dev loop0: 2 is out of range [ 86.499263][ T5103] SysV FS: get root inode failed [ 86.500131][ T5103] oldfs: cannot read superblock [ 86.507130][ C1] ------------[ cut here ]------------ [ 86.507930][ C1] VFS: brelse: Trying to free free buffer [ 86.508925][ C1] WARNING: CPU: 1 PID: 4165 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.510372][ C1] Modules linked in: [ 86.511040][ C1] CPU: 1 PID: 4165 Comm: kworker/1:9 Tainted: G W syzkaller #0 [ 86.512542][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.514132][ C1] Workqueue: rcu_gp process_srcu [ 86.514909][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.516201][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 86.516995][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 86.517778][ C1] sp : ffff800008017de0 [ 86.518438][ C1] x29: ffff800008017de0 x28: ffff0000c2253680 x27: 1fffe0003421c65b [ 86.519689][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 86.520911][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df735d10 [ 86.522199][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 86.523575][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 86.524754][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 86.526046][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : df3efd170ea2de00 [ 86.527319][ C1] x8 : df3efd170ea2de00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.528634][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 86.529968][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.531269][ C1] Call trace: [ 86.531767][ C1] invalidate_bh_lru+0x128/0x234 [ 86.532615][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.533603][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.534804][ C1] ipi_handler+0x10c/0x710 [ 86.535490][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 86.536343][ C1] handle_domain_irq+0x144/0x1fc [ 86.537162][ C1] gic_handle_irq+0x78/0x1c8 [ 86.537824][ C1] call_on_irq_stack+0x30/0x48 [ 86.538648][ C1] do_interrupt_handler+0x6c/0x88 [ 86.539529][ C1] el1_interrupt+0x30/0x58 [ 86.540318][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.541186][ C1] el1h_64_irq+0x78/0x7c [ 86.541915][ C1] arch_counter_get_cntvct+0x18/0x30 [ 86.542843][ C1] __const_udelay+0x1ac/0x1d8 [ 86.543608][ C1] try_check_zero+0x2cc/0x354 [ 86.544429][ C1] process_srcu+0x170/0xc30 [ 86.545160][ C1] process_one_work+0x79c/0x1140 [ 86.545960][ C1] worker_thread+0x8f4/0x101c [ 86.546714][ C1] kthread+0x374/0x454 [ 86.547398][ C1] ret_from_fork+0x10/0x20 [ 86.548053][ C1] irq event stamp: 9114 [ 86.548717][ C1] hardirqs last enabled at (9113): [] _raw_spin_unlock_irq+0x98/0x128 [ 86.550254][ C1] hardirqs last disabled at (9114): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.551809][ C1] softirqs last enabled at (7074): [] local_bh_enable+0xc/0x2c [ 86.553226][ C1] softirqs last disabled at (7070): [] local_bh_disable+0xc/0x2c [ 86.554657][ C1] ---[ end trace 2e88ad39bf836a4a ]--- [ 86.630321][ T5105] loop0: detected capacity change from 0 to 128 [ 86.713728][ T5105] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.715102][ T5105] Bad inode number on dev loop0: 2 is out of range [ 86.716161][ T5105] SysV FS: get root inode failed [ 86.716925][ T5105] oldfs: cannot read superblock [ 86.721292][ C1] ------------[ cut here ]------------ [ 86.722171][ C1] VFS: brelse: Trying to free free buffer [ 86.723135][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.724460][ C1] Modules linked in: [ 86.725090][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 86.726378][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.727827][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.729018][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 86.729696][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 86.730492][ C1] sp : ffff800008017de0 [ 86.731084][ C1] x29: ffff800008017de0 x28: ffff0000d6a89b40 x27: 1fffe0003421c65b [ 86.732383][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 86.733707][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72645d0 [ 86.734968][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 86.736281][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 86.737647][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 86.738927][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : faf9201995291400 [ 86.740107][ C1] x8 : faf9201995291400 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.741309][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 86.742634][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.743972][ C1] Call trace: [ 86.744469][ C1] invalidate_bh_lru+0x128/0x234 [ 86.745322][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.746385][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.747529][ C1] ipi_handler+0x10c/0x710 [ 86.748232][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 86.749222][ C1] handle_domain_irq+0x144/0x1fc [ 86.750046][ C1] gic_handle_irq+0x78/0x1c8 [ 86.750834][ C1] call_on_irq_stack+0x30/0x48 [ 86.751641][ C1] do_interrupt_handler+0x6c/0x88 [ 86.752530][ C1] el1_interrupt+0x30/0x58 [ 86.753286][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.754103][ C1] el1h_64_irq+0x78/0x7c [ 86.754804][ C1] memcg_slab_free_hook+0x144/0x1f8 [ 86.755637][ C1] ___cache_free+0x78/0x1bc [ 86.756339][ C1] qlink_free+0x5c/0xa4 [ 86.757010][ C1] qlist_free_all+0x40/0xa8 [ 86.757691][ C1] kasan_quarantine_reduce+0x124/0x130 [ 86.758528][ C1] __kasan_slab_alloc+0x34/0xcc [ 86.759241][ C1] slab_post_alloc_hook+0x74/0x408 [ 86.760040][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 86.760788][ C1] getname_flags+0xb8/0x450 [ 86.761420][ C1] user_path_at_empty+0x40/0x1a0 [ 86.762109][ C1] vfs_statx+0xf4/0x458 [ 86.762684][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 86.763493][ C1] invoke_syscall+0x98/0x2b8 [ 86.764173][ C1] el0_svc_common+0x138/0x258 [ 86.764871][ C1] do_el0_svc+0x58/0x14c [ 86.765534][ C1] el0_svc+0x78/0x1e0 [ 86.766199][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.767047][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.767758][ C1] irq event stamp: 1346036 [ 86.768467][ C1] hardirqs last enabled at (1346035): [] put_cpu_partial+0x188/0x218 [ 86.770202][ C1] hardirqs last disabled at (1346036): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.771833][ C1] softirqs last enabled at (1345770): [] local_bh_enable+0x10/0x34 [ 86.773275][ C1] softirqs last disabled at (1345768): [] local_bh_disable+0x10/0x34 [ 86.774766][ C1] ---[ end trace 2e88ad39bf836a4b ]--- [ 86.830303][ T5107] loop0: detected capacity change from 0 to 128 [ 86.874807][ T5107] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.875953][ T5107] Bad inode number on dev loop0: 2 is out of range [ 86.876987][ T5107] SysV FS: get root inode failed [ 86.877981][ T5107] oldfs: cannot read superblock [ 86.887768][ C1] ------------[ cut here ]------------ [ 86.888690][ C1] VFS: brelse: Trying to free free buffer [ 86.889703][ C1] WARNING: CPU: 1 PID: 5109 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.891102][ C1] Modules linked in: [ 86.891669][ C1] CPU: 1 PID: 5109 Comm: syz.0.92 Tainted: G W syzkaller #0 [ 86.892908][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.894416][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.895581][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 86.896409][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 86.897211][ C1] sp : ffff800008017de0 [ 86.897818][ C1] x29: ffff800008017de0 x28: ffff0000ee0751c0 x27: 1fffe0003421c65c [ 86.899024][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 86.900257][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7264970 [ 86.901376][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 86.902640][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 86.904034][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 86.905431][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 8e5b119980858500 [ 86.906758][ C1] x8 : 8e5b119980858500 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.908047][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 86.909320][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.910576][ C1] Call trace: [ 86.911099][ C1] invalidate_bh_lru+0x128/0x234 [ 86.911852][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.912810][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.913894][ C1] ipi_handler+0x10c/0x710 [ 86.914513][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 86.915310][ C1] handle_domain_irq+0x144/0x1fc [ 86.916073][ C1] gic_handle_irq+0x78/0x1c8 [ 86.916854][ C1] call_on_irq_stack+0x30/0x48 [ 86.917630][ C1] do_interrupt_handler+0x6c/0x88 [ 86.918405][ C1] el0_interrupt+0x94/0x260 [ 86.919134][ C1] __el0_irq_handler_common+0x18/0x24 [ 86.920011][ C1] el0t_64_irq_handler+0x10/0x1c [ 86.920757][ C1] el0t_64_irq+0x1a0/0x1a4 [ 86.921467][ C1] irq event stamp: 298 [ 86.922132][ C1] hardirqs last enabled at (297): [] el0t_64_sync_handler+0xd8/0xe4 [ 86.923674][ C1] hardirqs last disabled at (298): [] __el0_irq_handler_common+0x18/0x24 [ 86.925270][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 86.926703][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 86.928188][ C1] ---[ end trace 2e88ad39bf836a4c ]--- [ 86.963848][ T5109] loop0: detected capacity change from 0 to 128 [ 86.966042][ T5109] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.967236][ T5109] Bad inode number on dev loop0: 2 is out of range [ 86.968258][ T5109] SysV FS: get root inode failed [ 86.969044][ T5109] oldfs: cannot read superblock [ 86.988086][ C0] ------------[ cut here ]------------ [ 86.988988][ C0] VFS: brelse: Trying to free free buffer [ 86.989857][ C0] WARNING: CPU: 0 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 86.991087][ C0] Modules linked in: [ 86.991675][ C0] CPU: 0 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.993001][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 86.994529][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.995753][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 86.996603][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 86.997356][ C0] sp : ffff800008007de0 [ 86.997937][ C0] x29: ffff800008007de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421845c [ 86.999129][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 87.000363][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0d7e4e8 [ 87.001660][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 87.002969][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.004133][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.005319][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 87.006529][ C0] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.007662][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.008838][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.010005][ C0] Call trace: [ 87.010488][ C0] invalidate_bh_lru+0x128/0x234 [ 87.011246][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.012068][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.013041][ C0] ipi_handler+0x10c/0x710 [ 87.013678][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 87.014496][ C0] handle_domain_irq+0x144/0x1fc [ 87.015188][ C0] gic_handle_irq+0x78/0x1c8 [ 87.015802][ C0] call_on_irq_stack+0x30/0x48 [ 87.016475][ C0] do_interrupt_handler+0x6c/0x88 [ 87.017216][ C0] el1_interrupt+0x30/0x58 [ 87.017884][ C0] el1h_64_irq_handler+0x18/0x24 [ 87.018583][ C0] el1h_64_irq+0x78/0x7c [ 87.019187][ C0] seqcount_lockdep_reader_access+0x214/0x2bc [ 87.020060][ C0] prepend_path+0xe0/0xad4 [ 87.020689][ C0] d_absolute_path+0xa0/0x148 [ 87.021401][ C0] tomoyo_realpath_from_path+0x2a0/0x510 [ 87.022200][ C0] tomoyo_path_perm+0x1b4/0x440 [ 87.022905][ C0] tomoyo_inode_getattr+0x28/0x38 [ 87.023674][ C0] security_inode_getattr+0xd8/0x124 [ 87.024382][ C0] vfs_statx+0x118/0x458 [ 87.024994][ C0] __arm64_sys_newfstatat+0x10c/0x190 [ 87.025775][ C0] invoke_syscall+0x98/0x2b8 [ 87.026459][ C0] el0_svc_common+0x138/0x258 [ 87.027062][ C0] do_el0_svc+0x58/0x14c [ 87.027684][ C0] el0_svc+0x78/0x1e0 [ 87.028379][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 87.029167][ C0] el0t_64_sync+0x1a0/0x1a4 [ 87.029843][ C0] irq event stamp: 400676 [ 87.030463][ C0] hardirqs last enabled at (400675): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 87.032070][ C0] hardirqs last disabled at (400676): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.033591][ C0] softirqs last enabled at (400344): [] local_bh_enable+0x10/0x34 [ 87.035021][ C0] softirqs last disabled at (400342): [] local_bh_disable+0x10/0x34 [ 87.036448][ C0] ---[ end trace 2e88ad39bf836a4d ]--- [ 87.090554][ T5113] loop0: detected capacity change from 0 to 128 [ 87.183088][ T5113] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.184355][ T5113] Bad inode number on dev loop0: 2 is out of range [ 87.185322][ T5113] SysV FS: get root inode failed [ 87.186066][ T5113] oldfs: cannot read superblock [ 87.186849][ T5113] ------------[ cut here ]------------ [ 87.187746][ T5113] VFS: brelse: Trying to free free buffer [ 87.188665][ T5113] WARNING: CPU: 0 PID: 5113 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.189967][ T5113] Modules linked in: [ 87.190568][ T5113] CPU: 0 PID: 5113 Comm: syz.0.94 Tainted: G W syzkaller #0 [ 87.191967][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.193600][ T5113] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.194834][ T5113] pc : invalidate_bh_lru+0x128/0x234 [ 87.195675][ T5113] lr : invalidate_bh_lru+0x128/0x234 [ 87.196545][ T5113] sp : ffff8000200876e0 [ 87.197233][ T5113] x29: ffff8000200876e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 87.198560][ T5113] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 87.199832][ T5113] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0d7e888 [ 87.201059][ T5113] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 87.202310][ T5113] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.203597][ T5113] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.204892][ T5113] x11: 0000000000000002 x10: 0000000000000000 x9 : c65a37cf9e3eca00 [ 87.206101][ T5113] x8 : c65a37cf9e3eca00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.207396][ T5113] x5 : ffff800020086fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.208653][ T5113] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.209968][ T5113] Call trace: [ 87.210546][ T5113] invalidate_bh_lru+0x128/0x234 [ 87.211370][ T5113] smp_call_function_many_cond+0xa50/0xeb0 [ 87.212355][ T5113] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.213209][ T5113] invalidate_bh_lrus+0x34/0x40 [ 87.214017][ T5113] blkdev_flush_mapping+0x168/0x31c [ 87.214902][ T5113] blkdev_put+0x490/0x6ac [ 87.215613][ T5113] kill_block_super+0x98/0xdc [ 87.216380][ T5113] deactivate_locked_super+0xb8/0x13c [ 87.217244][ T5113] mount_bdev+0x284/0x358 [ 87.217912][ T5113] sysv_mount+0x44/0x58 [ 87.218585][ T5113] legacy_get_tree+0xd4/0x16c [ 87.219254][ T5113] vfs_get_tree+0x90/0x274 [ 87.219941][ T5113] do_new_mount+0x228/0x810 [ 87.220678][ T5113] path_mount+0x5b4/0x1000 [ 87.221418][ T5113] __arm64_sys_mount+0x514/0x5e4 [ 87.222189][ T5113] invoke_syscall+0x98/0x2b8 [ 87.222872][ T5113] el0_svc_common+0x138/0x258 [ 87.223599][ T5113] do_el0_svc+0x58/0x14c [ 87.224311][ T5113] el0_svc+0x78/0x1e0 [ 87.224946][ T5113] el0t_64_sync_handler+0xcc/0xe4 [ 87.225724][ T5113] el0t_64_sync+0x1a0/0x1a4 [ 87.226389][ T5113] irq event stamp: 1158 [ 87.227054][ T5113] hardirqs last enabled at (1157): [] kasan_quarantine_put+0xc4/0x204 [ 87.228558][ T5113] hardirqs last disabled at (1158): [] smp_call_function_many_cond+0xa44/0xeb0 [ 87.230331][ T5113] softirqs last enabled at (950): [] local_bh_enable+0x10/0x34 [ 87.231877][ T5113] softirqs last disabled at (948): [] local_bh_disable+0x10/0x34 [ 87.233321][ T5113] ---[ end trace 2e88ad39bf836a4e ]--- [ 87.335015][ T5117] loop0: detected capacity change from 0 to 128 [ 87.403187][ T5117] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.404441][ T5117] Bad inode number on dev loop0: 2 is out of range [ 87.405627][ T5117] SysV FS: get root inode failed [ 87.406468][ T5117] oldfs: cannot read superblock [ 87.414701][ C1] ------------[ cut here ]------------ [ 87.415635][ C1] VFS: brelse: Trying to free free buffer [ 87.416588][ C1] WARNING: CPU: 1 PID: 4770 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.417976][ C1] Modules linked in: [ 87.418641][ C1] CPU: 1 PID: 4770 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.420123][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.421775][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.423046][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 87.423892][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 87.424786][ C1] sp : ffff800008017de0 [ 87.425453][ C1] x29: ffff800008017de0 x28: ffff0000cc9a51c0 x27: 1fffe0003421c65c [ 87.426818][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 87.428143][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7264d10 [ 87.429481][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 87.430785][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.432093][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.433373][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 188fe7a40ddbb300 [ 87.434722][ C1] x8 : 188fe7a40ddbb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.436039][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.437329][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.438647][ C1] Call trace: [ 87.439173][ C1] invalidate_bh_lru+0x128/0x234 [ 87.440016][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.441083][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.442281][ C1] ipi_handler+0x10c/0x710 [ 87.442987][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 87.443895][ C1] handle_domain_irq+0x144/0x1fc [ 87.444670][ C1] gic_handle_irq+0x78/0x1c8 [ 87.445435][ C1] call_on_irq_stack+0x30/0x48 [ 87.446178][ C1] do_interrupt_handler+0x6c/0x88 [ 87.447022][ C1] el1_interrupt+0x30/0x58 [ 87.447733][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.448572][ C1] el1h_64_irq+0x78/0x7c [ 87.449253][ C1] __sanitizer_cov_trace_pc+0x38/0xac [ 87.450107][ C1] ___cache_free+0x48/0x1bc [ 87.450853][ C1] qlink_free+0x5c/0xa4 [ 87.451537][ C1] qlist_free_all+0x40/0xa8 [ 87.452230][ C1] kasan_quarantine_reduce+0x124/0x130 [ 87.453126][ C1] __kasan_slab_alloc+0x34/0xcc [ 87.453899][ C1] slab_post_alloc_hook+0x74/0x408 [ 87.454691][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 87.455437][ C1] copy_mm+0x130/0x1090 [ 87.456130][ C1] copy_process+0x14d8/0x34ac [ 87.456862][ C1] kernel_clone+0x1d8/0x9d4 [ 87.457578][ C1] __arm64_sys_clone+0x138/0x190 [ 87.458328][ C1] invoke_syscall+0x98/0x2b8 [ 87.459002][ C1] el0_svc_common+0x138/0x258 [ 87.459719][ C1] do_el0_svc+0x58/0x14c [ 87.460421][ C1] el0_svc+0x78/0x1e0 [ 87.461100][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 87.461956][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.462630][ C1] irq event stamp: 411810 [ 87.463303][ C1] hardirqs last enabled at (411809): [] put_cpu_partial+0x188/0x218 [ 87.464826][ C1] hardirqs last disabled at (411810): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.466416][ C1] softirqs last enabled at (411152): [] local_bh_enable+0x10/0x34 [ 87.467900][ C1] softirqs last disabled at (411150): [] local_bh_disable+0x10/0x34 [ 87.469431][ C1] ---[ end trace 2e88ad39bf836a4f ]--- [ 87.494743][ T5119] loop0: detected capacity change from 0 to 128 [ 87.497344][ T5119] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.498501][ T5119] Bad inode number on dev loop0: 2 is out of range [ 87.499591][ T5119] SysV FS: get root inode failed [ 87.500392][ T5119] oldfs: cannot read superblock [ 87.511092][ C0] ------------[ cut here ]------------ [ 87.512157][ C0] VFS: brelse: Trying to free free buffer [ 87.513147][ C0] WARNING: CPU: 0 PID: 5121 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.514551][ C0] Modules linked in: [ 87.515137][ C0] CPU: 0 PID: 5121 Comm: syz.0.98 Tainted: G W syzkaller #0 [ 87.516609][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.518228][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.519515][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 87.520335][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 87.521083][ C0] sp : ffff800008007de0 [ 87.521686][ C0] x29: ffff800008007de0 x28: ffff0000d1661b40 x27: 1fffe0003421845c [ 87.522876][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 87.524109][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0d7ec28 [ 87.525473][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 87.526825][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.528122][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.529493][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 973ad52e93943700 [ 87.530737][ C0] x8 : 973ad52e93943700 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.532038][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.533302][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.534578][ C0] Call trace: [ 87.535057][ C0] invalidate_bh_lru+0x128/0x234 [ 87.535808][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.536806][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.537949][ C0] ipi_handler+0x10c/0x710 [ 87.538699][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 87.539676][ C0] handle_domain_irq+0x144/0x1fc [ 87.540483][ C0] gic_handle_irq+0x78/0x1c8 [ 87.541199][ C0] call_on_irq_stack+0x30/0x48 [ 87.541967][ C0] do_interrupt_handler+0x6c/0x88 [ 87.542814][ C0] el0_interrupt+0x94/0x260 [ 87.543584][ C0] __el0_irq_handler_common+0x18/0x24 [ 87.544402][ C0] el0t_64_irq_handler+0x10/0x1c [ 87.545163][ C0] el0t_64_irq+0x1a0/0x1a4 [ 87.545817][ C0] irq event stamp: 278 [ 87.546428][ C0] hardirqs last enabled at (277): [] el0t_64_sync_handler+0xd8/0xe4 [ 87.547954][ C0] hardirqs last disabled at (278): [] __el0_irq_handler_common+0x18/0x24 [ 87.549421][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 87.550624][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 87.552042][ C0] ---[ end trace 2e88ad39bf836a50 ]--- [ 87.594358][ T5121] loop0: detected capacity change from 0 to 128 [ 87.597343][ T5121] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.598532][ T5121] Bad inode number on dev loop0: 2 is out of range [ 87.599681][ T5121] SysV FS: get root inode failed [ 87.600511][ T5121] oldfs: cannot read superblock [ 87.620294][ C1] ------------[ cut here ]------------ [ 87.621169][ C1] VFS: brelse: Trying to free free buffer [ 87.622161][ C1] WARNING: CPU: 1 PID: 5125 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.623490][ C1] Modules linked in: [ 87.624149][ C1] CPU: 1 PID: 5125 Comm: syz.0.100 Tainted: G W syzkaller #0 [ 87.625404][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.626860][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.628166][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 87.629028][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 87.629900][ C1] sp : ffff800008017de0 [ 87.630604][ C1] x29: ffff800008017de0 x28: ffff0000d5983680 x27: 1fffe0003421c65c [ 87.631814][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 87.633076][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6c45d0 [ 87.634347][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 87.635621][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.636985][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.638285][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 301c4d6c7711b600 [ 87.639532][ C1] x8 : 301c4d6c7711b600 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.640798][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.642066][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 87.643374][ C1] Call trace: [ 87.643929][ C1] invalidate_bh_lru+0x128/0x234 [ 87.644785][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.645863][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.647010][ C1] ipi_handler+0x10c/0x710 [ 87.647740][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 87.648628][ C1] handle_domain_irq+0x144/0x1fc [ 87.649410][ C1] gic_handle_irq+0x78/0x1c8 [ 87.650168][ C1] call_on_irq_stack+0x30/0x48 [ 87.650893][ C1] do_interrupt_handler+0x6c/0x88 [ 87.651654][ C1] el1_interrupt+0x30/0x58 [ 87.652347][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.653181][ C1] el1h_64_irq+0x78/0x7c [ 87.653874][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 87.654692][ C1] release_pages+0x139c/0x16e0 [ 87.655347][ C1] free_pages_and_swap_cache+0xa0/0xb8 [ 87.656174][ C1] tlb_finish_mmu+0x170/0x324 [ 87.656881][ C1] unmap_region+0x2b0/0x300 [ 87.657523][ C1] __do_munmap+0x870/0xc04 [ 87.658133][ C1] __vm_munmap+0x12c/0x238 [ 87.658759][ C1] __arm64_sys_munmap+0x74/0x8c [ 87.659503][ C1] invoke_syscall+0x98/0x2b8 [ 87.660197][ C1] el0_svc_common+0x138/0x258 [ 87.660977][ C1] do_el0_svc+0x58/0x14c [ 87.661638][ C1] el0_svc+0x78/0x1e0 [ 87.662288][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 87.663075][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.663744][ C1] irq event stamp: 688 [ 87.664344][ C1] hardirqs last enabled at (687): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 87.665808][ C1] hardirqs last disabled at (688): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.667241][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 87.668685][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 87.670147][ C1] ---[ end trace 2e88ad39bf836a51 ]--- [ 87.695167][ T5125] loop0: detected capacity change from 0 to 128 [ 87.698075][ T5125] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.699157][ T5125] Bad inode number on dev loop0: 2 is out of range [ 87.700214][ T5125] SysV FS: get root inode failed [ 87.700928][ T5125] oldfs: cannot read superblock [ 87.710740][ C1] ------------[ cut here ]------------ [ 87.711662][ C1] VFS: brelse: Trying to free free buffer [ 87.712602][ C1] WARNING: CPU: 1 PID: 5126 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.714056][ C1] Modules linked in: [ 87.714636][ C1] CPU: 1 PID: 5126 Comm: syz.0.101 Tainted: G W syzkaller #0 [ 87.715981][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.717662][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.718909][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 87.719723][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 87.720569][ C1] sp : ffff800008017de0 [ 87.721255][ C1] x29: ffff800008017de0 x28: ffff0000d5980000 x27: 1fffe0003421c65c [ 87.722538][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 87.723874][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6c4970 [ 87.725239][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 87.726619][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.727954][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.729236][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : cd26e830e96cdc00 [ 87.730660][ C1] x8 : cd26e830e96cdc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.731990][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.733258][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.734562][ C1] Call trace: [ 87.735133][ C1] invalidate_bh_lru+0x128/0x234 [ 87.735993][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.737017][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.738200][ C1] ipi_handler+0x10c/0x710 [ 87.738911][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 87.739828][ C1] handle_domain_irq+0x144/0x1fc [ 87.740642][ C1] gic_handle_irq+0x78/0x1c8 [ 87.741369][ C1] call_on_irq_stack+0x30/0x48 [ 87.742216][ C1] do_interrupt_handler+0x6c/0x88 [ 87.743079][ C1] el1_interrupt+0x30/0x58 [ 87.743838][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.744642][ C1] el1h_64_irq+0x78/0x7c [ 87.745345][ C1] try_charge_memcg+0x1e8/0x11bc [ 87.746155][ C1] obj_cgroup_charge_pages+0x8c/0x1a0 [ 87.747032][ C1] __memcg_kmem_charge_page+0x3c0/0x59c [ 87.747918][ C1] __alloc_pages+0x1d0/0x470 [ 87.748642][ C1] alloc_pages+0x34c/0x5c0 [ 87.749312][ C1] __pmd_alloc+0x54/0x498 [ 87.750037][ C1] handle_mm_fault+0x1e04/0x2950 [ 87.750832][ C1] do_page_fault+0x694/0xad4 [ 87.751569][ C1] do_translation_fault+0xe0/0x130 [ 87.752381][ C1] do_mem_abort+0x6c/0x1ac [ 87.753072][ C1] el0_da+0x90/0x1fc [ 87.753679][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 87.754466][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.755180][ C1] irq event stamp: 1064 [ 87.755859][ C1] hardirqs last enabled at (1063): [] try_charge_memcg+0x1d8/0x11bc [ 87.757273][ C1] hardirqs last disabled at (1064): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.758662][ C1] softirqs last enabled at (492): [] local_bh_enable+0x10/0x34 [ 87.759951][ C1] softirqs last disabled at (490): [] local_bh_disable+0x10/0x34 [ 87.761526][ C1] ---[ end trace 2e88ad39bf836a52 ]--- [ 87.795296][ T5127] loop0: detected capacity change from 0 to 128 [ 87.832958][ T5127] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.834126][ T5127] Bad inode number on dev loop0: 2 is out of range [ 87.835127][ T5127] SysV FS: get root inode failed [ 87.835863][ T5127] oldfs: cannot read superblock [ 87.857941][ T5131] ------------[ cut here ]------------ [ 87.858960][ T5131] VFS: brelse: Trying to free free buffer [ 87.859917][ T5131] WARNING: CPU: 1 PID: 5131 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.861271][ T5131] Modules linked in: [ 87.861909][ T5131] CPU: 1 PID: 5131 Comm: syz.0.103 Tainted: G W syzkaller #0 [ 87.863328][ T5131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.865044][ T5131] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.866353][ T5131] pc : invalidate_bh_lru+0x128/0x234 [ 87.867212][ T5131] lr : invalidate_bh_lru+0x128/0x234 [ 87.868109][ T5131] sp : ffff8000201b77c0 [ 87.868768][ T5131] x29: ffff8000201b77c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 87.870059][ T5131] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 87.871276][ T5131] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6c4d10 [ 87.872562][ T5131] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 87.873877][ T5131] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.875201][ T5131] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.876530][ T5131] x11: 0000000000000002 x10: 0000000000000000 x9 : 20259ba68abdd500 [ 87.877801][ T5131] x8 : 20259ba68abdd500 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.879190][ T5131] x5 : ffff8000201b70b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.880568][ T5131] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.881920][ T5131] Call trace: [ 87.882470][ T5131] invalidate_bh_lru+0x128/0x234 [ 87.883305][ T5131] smp_call_function_many_cond+0xa50/0xeb0 [ 87.884237][ T5131] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.885038][ T5131] invalidate_bh_lrus+0x34/0x40 [ 87.885791][ T5131] blkdev_flush_mapping+0x168/0x31c [ 87.886602][ T5131] blkdev_put+0x490/0x6ac [ 87.887248][ T5131] blkdev_close+0x74/0xb0 [ 87.887893][ T5131] __fput+0x1c0/0x7f8 [ 87.888478][ T5131] ____fput+0x20/0x30 [ 87.889107][ T5131] task_work_run+0x12c/0x1e0 [ 87.889793][ T5131] do_notify_resume+0x24b4/0x3128 [ 87.890619][ T5131] el0_svc+0xf0/0x1e0 [ 87.891251][ T5131] el0t_64_sync_handler+0xcc/0xe4 [ 87.892095][ T5131] el0t_64_sync+0x1a0/0x1a4 [ 87.892836][ T5131] irq event stamp: 840 [ 87.893507][ T5131] hardirqs last enabled at (839): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 87.895152][ T5131] hardirqs last disabled at (840): [] smp_call_function_many_cond+0xa44/0xeb0 [ 87.896816][ T5131] softirqs last enabled at (806): [] local_bh_enable+0x10/0x34 [ 87.898414][ T5131] softirqs last disabled at (804): [] local_bh_disable+0x10/0x34 [ 87.899851][ T5131] ---[ end trace 2e88ad39bf836a53 ]--- [ 87.965222][ T5133] loop0: detected capacity change from 0 to 128 [ 87.967366][ T5133] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.968508][ T5133] Bad inode number on dev loop0: 2 is out of range [ 87.969568][ T5133] SysV FS: get root inode failed [ 87.970433][ T5133] oldfs: cannot read superblock [ 87.971223][ T5133] ------------[ cut here ]------------ [ 87.972134][ T5133] VFS: brelse: Trying to free free buffer [ 87.973146][ T5133] WARNING: CPU: 1 PID: 5133 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 87.974611][ T5133] Modules linked in: [ 87.975236][ T5133] CPU: 1 PID: 5133 Comm: syz.0.104 Tainted: G W syzkaller #0 [ 87.976741][ T5133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 87.978475][ T5133] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.979803][ T5133] pc : invalidate_bh_lru+0x128/0x234 [ 87.980659][ T5133] lr : invalidate_bh_lru+0x128/0x234 [ 87.981521][ T5133] sp : ffff8000201076e0 [ 87.982198][ T5133] x29: ffff8000201076e0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 87.983578][ T5133] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 87.984908][ T5133] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6f8400 [ 87.986270][ T5133] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 87.987549][ T5133] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 87.988924][ T5133] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 87.990320][ T5133] x11: 0000000000000002 x10: 0000000000000000 x9 : e50f2dbbda85e700 [ 87.991697][ T5133] x8 : e50f2dbbda85e700 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.993085][ T5133] x5 : ffff800020106fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 87.994401][ T5133] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.995748][ T5133] Call trace: [ 87.996265][ T5133] invalidate_bh_lru+0x128/0x234 [ 87.997049][ T5133] smp_call_function_many_cond+0xa50/0xeb0 [ 87.997954][ T5133] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.998696][ T5133] invalidate_bh_lrus+0x34/0x40 [ 87.999483][ T5133] blkdev_flush_mapping+0x168/0x31c [ 88.000310][ T5133] blkdev_put+0x490/0x6ac [ 88.001001][ T5133] kill_block_super+0x98/0xdc [ 88.001688][ T5133] deactivate_locked_super+0xb8/0x13c [ 88.002557][ T5133] mount_bdev+0x284/0x358 [ 88.003240][ T5133] sysv_mount+0x44/0x58 [ 88.003977][ T5133] legacy_get_tree+0xd4/0x16c [ 88.004730][ T5133] vfs_get_tree+0x90/0x274 [ 88.005438][ T5133] do_new_mount+0x228/0x810 [ 88.006103][ T5133] path_mount+0x5b4/0x1000 [ 88.006766][ T5133] __arm64_sys_mount+0x514/0x5e4 [ 88.007554][ T5133] invoke_syscall+0x98/0x2b8 [ 88.008303][ T5133] el0_svc_common+0x138/0x258 [ 88.008988][ T5133] do_el0_svc+0x58/0x14c [ 88.009719][ T5133] el0_svc+0x78/0x1e0 [ 88.010338][ T5133] el0t_64_sync_handler+0xcc/0xe4 [ 88.011094][ T5133] el0t_64_sync+0x1a0/0x1a4 [ 88.011887][ T5133] irq event stamp: 1648 [ 88.012567][ T5133] hardirqs last enabled at (1647): [] kasan_quarantine_put+0xc4/0x204 [ 88.014243][ T5133] hardirqs last disabled at (1648): [] smp_call_function_many_cond+0xa44/0xeb0 [ 88.016081][ T5133] softirqs last enabled at (1444): [] local_bh_enable+0x10/0x34 [ 88.017563][ T5133] softirqs last disabled at (1442): [] local_bh_disable+0x10/0x34 [ 88.019053][ T5133] ---[ end trace 2e88ad39bf836a54 ]--- [ 88.105336][ T5135] loop0: detected capacity change from 0 to 128 [ 88.147306][ T5135] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.148360][ T5135] Bad inode number on dev loop0: 2 is out of range [ 88.149409][ T5135] SysV FS: get root inode failed [ 88.150245][ T5135] oldfs: cannot read superblock [ 88.161228][ C1] ------------[ cut here ]------------ [ 88.162152][ C1] VFS: brelse: Trying to free free buffer [ 88.163095][ C1] WARNING: CPU: 1 PID: 5137 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 88.164599][ C1] Modules linked in: [ 88.165258][ C1] CPU: 1 PID: 5137 Comm: syz.0.106 Tainted: G W syzkaller #0 [ 88.166712][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 88.168369][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.169655][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 88.170550][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 88.171345][ C1] sp : ffff800008017de0 [ 88.172008][ C1] x29: ffff800008017de0 x28: ffff0000c1879b40 x27: 1fffe0003421c65e [ 88.173232][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000003 [ 88.174541][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6f8970 [ 88.175856][ C1] x20: ffff0001a10e32f0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 88.177154][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 88.178507][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 88.179826][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : f40e968f052b6100 [ 88.181120][ C1] x8 : f40e968f052b6100 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.182445][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 88.183747][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 88.185120][ C1] Call trace: [ 88.185665][ C1] invalidate_bh_lru+0x128/0x234 [ 88.186483][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 88.187447][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.188513][ C1] ipi_handler+0x10c/0x710 [ 88.189208][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 88.190118][ C1] handle_domain_irq+0x144/0x1fc [ 88.190914][ C1] gic_handle_irq+0x78/0x1c8 [ 88.191641][ C1] call_on_irq_stack+0x30/0x48 [ 88.192439][ C1] do_interrupt_handler+0x6c/0x88 [ 88.193276][ C1] el1_interrupt+0x30/0x58 [ 88.194006][ C1] el1h_64_irq_handler+0x18/0x24 [ 88.194794][ C1] el1h_64_irq+0x78/0x7c [ 88.195461][ C1] free_unref_page_prepare+0x3a8/0xaa0 [ 88.196270][ C1] free_unref_page+0x78/0x1fc [ 88.197011][ C1] __free_pages+0x180/0x1d4 [ 88.197689][ C1] __free_slab+0x178/0x398 [ 88.198386][ C1] discard_slab+0x64/0xe0 [ 88.199095][ C1] __unfreeze_partials+0x150/0x190 [ 88.199963][ C1] put_cpu_partial+0x1a8/0x218 [ 88.200788][ C1] __slab_free+0x184/0x254 [ 88.201517][ C1] ___cache_free+0x178/0x1bc [ 88.202285][ C1] qlink_free+0x5c/0xa4 [ 88.202966][ C1] qlist_free_all+0x40/0xa8 [ 88.203727][ C1] kasan_quarantine_reduce+0x124/0x130 [ 88.204666][ C1] __kasan_slab_alloc+0x34/0xcc [ 88.205457][ C1] slab_post_alloc_hook+0x74/0x408 [ 88.206298][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 88.207043][ C1] __anon_vma_prepare+0x70/0x374 [ 88.207845][ C1] handle_mm_fault+0x2740/0x2950 [ 88.208618][ C1] do_page_fault+0x694/0xad4 [ 88.209423][ C1] do_translation_fault+0xe0/0x130 [ 88.210270][ C1] do_mem_abort+0x6c/0x1ac [ 88.211003][ C1] el0_da+0x90/0x1fc [ 88.211636][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 88.212482][ C1] el0t_64_sync+0x1a0/0x1a4