Warning: Permanently added '10.128.1.22' (ED25519) to the list of known hosts. 1970/01/01 00:01:02 parsed 1 programs [ 63.472934][ T4413] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 66.908274][ T216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.909715][ T216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.912683][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.922610][ T216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.923808][ T216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.925702][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 66.995774][ T4570] chnl_net:caif_netlink_parms(): no params data found [ 67.015235][ T4570] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.016481][ T4570] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.018112][ T4570] device bridge_slave_0 entered promiscuous mode [ 67.020189][ T4570] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.021337][ T4570] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.022791][ T4570] device bridge_slave_1 entered promiscuous mode [ 67.031471][ T4570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.033986][ T4570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.044806][ T4570] team0: Port device team_slave_0 added [ 67.046907][ T4570] team0: Port device team_slave_1 added [ 67.054392][ T4570] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.055471][ T4570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.059130][ T4570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.061945][ T4570] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.063017][ T4570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.066655][ T4570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.091611][ T4570] device hsr_slave_0 entered promiscuous mode [ 67.140279][ T4570] device hsr_slave_1 entered promiscuous mode [ 67.892467][ T4570] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.921681][ T4570] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.961482][ T4570] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.982162][ T4570] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 68.059456][ T4570] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.065091][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.066469][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.069397][ T4570] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.072416][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.073859][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.075511][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.076628][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.078158][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 68.082708][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.084315][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.085697][ T148] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.086760][ T148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.088966][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 68.094182][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 68.098336][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 68.101879][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 68.103434][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 68.109472][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 68.112197][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 68.120921][ T4570] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 68.122592][ T4570] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.125080][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 68.126655][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 68.128491][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 68.131041][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.135295][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 68.178688][ T4570] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.200040][ T4570] device veth0_vlan entered promiscuous mode [ 68.201944][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 68.203174][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 68.204316][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 68.206132][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 68.207689][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 68.209463][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 68.212135][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 68.213513][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 68.218114][ T4570] device veth1_vlan entered promiscuous mode [ 68.227673][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 68.229255][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 68.231165][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 68.232834][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 68.236101][ T4570] device veth0_macvtap entered promiscuous mode [ 68.238513][ T4570] device veth1_macvtap entered promiscuous mode [ 68.245916][ T4570] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.247082][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 68.248632][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 68.252025][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 68.253521][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.256844][ T4570] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.259285][ T4570] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.261785][ T4570] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.263076][ T4570] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.264407][ T4570] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.268157][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 68.269829][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 1970/01/01 00:01:08 executed programs: 0 [ 68.521458][ T4717] chnl_net:caif_netlink_parms(): no params data found [ 68.544669][ T4717] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.545885][ T4717] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.547356][ T4717] device bridge_slave_0 entered promiscuous mode [ 68.550869][ T4717] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.551997][ T4717] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.553443][ T4717] device bridge_slave_1 entered promiscuous mode [ 68.563504][ T4717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.565974][ T4717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.574853][ T4717] team0: Port device team_slave_0 added [ 68.576778][ T4717] team0: Port device team_slave_1 added [ 68.584674][ T4717] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.585827][ T4717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.589416][ T4717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.592958][ T4717] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.594033][ T4717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.597873][ T4717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.652207][ T4717] device hsr_slave_0 entered promiscuous mode [ 68.711728][ T4717] device hsr_slave_1 entered promiscuous mode [ 68.721180][ T4717] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.722408][ T4717] Cannot create hsr debugfs directory [ 68.763851][ T4717] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.621372][ T21] cfg80211: failed to load regulatory.db [ 69.631226][ T2066] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.632385][ T2066] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.500174][ T4657] Bluetooth: hci0: command 0x0409 tx timeout [ 71.234137][ T4717] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.581200][ T4179] Bluetooth: hci0: command 0x041b tx timeout [ 73.665297][ T4717] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.995163][ T4717] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.154462][ T4717] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.182844][ T4717] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.221387][ T4717] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.251470][ T4717] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.324189][ T4717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.328156][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 74.329681][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.334433][ T4717] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.336903][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.338407][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.339845][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.341004][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.343131][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.345866][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.347475][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.348882][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.350066][ T341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.354690][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.357388][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.362557][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 74.364732][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.366277][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.368858][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 74.371696][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.374355][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 74.375838][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.378423][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 74.379863][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.384209][ T4717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 74.427175][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.428483][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.437356][ T4717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.444417][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 74.446137][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.453115][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 74.454561][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.456116][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.457528][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.459821][ T4717] device veth0_vlan entered promiscuous mode [ 74.463618][ T4717] device veth1_vlan entered promiscuous mode [ 74.471981][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 74.473458][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 74.474851][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 74.476348][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.479086][ T4717] device veth0_macvtap entered promiscuous mode [ 74.481834][ T4717] device veth1_macvtap entered promiscuous mode [ 74.486676][ T4717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.488233][ T4717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.492037][ T4717] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.493491][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.495082][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 74.496514][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 74.498098][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.501858][ T4717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.503457][ T4717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.505433][ T4717] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.506533][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 74.508110][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.510966][ T4717] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.512270][ T4717] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.513603][ T4717] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.514906][ T4717] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.543252][ T341] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.544576][ T341] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.546344][ T1722] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 74.555713][ T341] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.556869][ T341] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.558589][ T216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:14 executed programs: 2 [ 74.582140][ T4962] loop0: detected capacity change from 0 to 128 [ 74.589499][ T4962] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.592700][ T4962] Bad inode number on dev loop0: 2 is out of range [ 74.593825][ T4962] SysV FS: get root inode failed [ 74.594515][ T4962] oldfs: cannot read superblock [ 74.597389][ C1] ------------[ cut here ]------------ [ 74.598272][ C1] VFS: brelse: Trying to free free buffer [ 74.599194][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.600522][ C1] Modules linked in: [ 74.601151][ C1] CPU: 1 PID: 4717 Comm: syz-executor Not tainted syzkaller #0 [ 74.602301][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.603862][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.605040][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 74.605831][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 74.606674][ C1] sp : ffff800008017de0 [ 74.607242][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 74.608480][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 74.609797][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5c9d10 [ 74.610924][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 74.612165][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.613354][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.614531][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 74.615689][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.616767][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.617954][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.619147][ C1] Call trace: [ 74.619629][ C1] invalidate_bh_lru+0x128/0x234 [ 74.620441][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.621398][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.622413][ C1] ipi_handler+0x10c/0x710 [ 74.623077][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 74.623872][ C1] handle_domain_irq+0x144/0x1fc [ 74.624578][ C1] gic_handle_irq+0x78/0x1c8 [ 74.625218][ C1] call_on_irq_stack+0x30/0x48 [ 74.625882][ C1] do_interrupt_handler+0x6c/0x88 [ 74.626637][ C1] el1_interrupt+0x30/0x58 [ 74.627310][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.628013][ C1] el1h_64_irq+0x78/0x7c [ 74.628616][ C1] seqcount_lockdep_reader_access+0x21c/0x2c4 [ 74.629469][ C1] ktime_get_coarse_real_ts64+0x44/0x134 [ 74.630269][ C1] current_time+0x90/0x294 [ 74.630878][ C1] file_update_time+0xc4/0x390 [ 74.631514][ C1] pipe_write+0x10bc/0x1930 [ 74.632143][ C1] vfs_write+0x7c8/0xa2c [ 74.632724][ C1] ksys_write+0x120/0x210 [ 74.633310][ C1] __arm64_sys_write+0x7c/0x90 [ 74.633975][ C1] invoke_syscall+0x98/0x2b8 [ 74.634595][ C1] el0_svc_common+0x138/0x258 [ 74.635244][ C1] do_el0_svc+0x58/0x14c [ 74.635836][ C1] el0_svc+0x78/0x1e0 [ 74.636383][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.637026][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.637675][ C1] irq event stamp: 161958 [ 74.638249][ C1] hardirqs last enabled at (161957): [] seqcount_lockdep_reader_access+0x1fc/0x2c4 [ 74.639992][ C1] hardirqs last disabled at (161958): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.641458][ C1] softirqs last enabled at (161874): [] local_bh_enable+0x10/0x34 [ 74.642817][ C1] softirqs last disabled at (161872): [] local_bh_disable+0x10/0x34 [ 74.644162][ C1] ---[ end trace 5519afa7f6d9eb40 ]--- [ 74.660437][ T4179] Bluetooth: hci0: command 0x040f tx timeout [ 74.690085][ T4964] loop0: detected capacity change from 0 to 128 [ 74.697037][ T4964] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.698289][ T4964] Bad inode number on dev loop0: 2 is out of range [ 74.699198][ T4964] SysV FS: get root inode failed [ 74.699915][ T4964] oldfs: cannot read superblock [ 74.710161][ T4580] ------------[ cut here ]------------ [ 74.711140][ T4580] VFS: brelse: Trying to free free buffer [ 74.712041][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.713305][ T4580] Modules linked in: [ 74.713868][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 74.715058][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.716482][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.717596][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 74.718322][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 74.719040][ T4580] sp : ffff80001fc377c0 [ 74.719618][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 74.720788][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 74.722011][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3154318 [ 74.723119][ T4580] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 74.724253][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.725358][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.726498][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 74.727664][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.728874][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.730052][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.731179][ T4580] Call trace: [ 74.731644][ T4580] invalidate_bh_lru+0x128/0x234 [ 74.732339][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 74.733219][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.733980][ T4580] invalidate_bh_lrus+0x34/0x40 [ 74.734693][ T4580] blkdev_flush_mapping+0x168/0x31c [ 74.735417][ T4580] blkdev_put+0x490/0x6ac [ 74.736026][ T4580] blkdev_close+0x74/0xb0 [ 74.736628][ T4580] __fput+0x1c0/0x7f8 [ 74.737167][ T4580] ____fput+0x20/0x30 [ 74.737760][ T4580] task_work_run+0x12c/0x1e0 [ 74.738451][ T4580] do_notify_resume+0x24b4/0x3128 [ 74.739180][ T4580] el0_svc+0xf0/0x1e0 [ 74.739775][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 74.740427][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 74.741053][ T4580] irq event stamp: 41490 [ 74.741646][ T4580] hardirqs last enabled at (41489): [] kasan_quarantine_put+0xc4/0x204 [ 74.743010][ T4580] hardirqs last disabled at (41490): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.744456][ T4580] softirqs last enabled at (41476): [] local_bh_enable+0x10/0x34 [ 74.745721][ T4580] softirqs last disabled at (41474): [] local_bh_disable+0x10/0x34 [ 74.747001][ T4580] ---[ end trace 5519afa7f6d9eb41 ]--- [ 74.768525][ T4966] loop0: detected capacity change from 0 to 128 [ 74.801573][ T4966] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.802688][ T4966] Bad inode number on dev loop0: 2 is out of range [ 74.803651][ T4966] SysV FS: get root inode failed [ 74.804356][ T4966] oldfs: cannot read superblock [ 74.805101][ T4966] ------------[ cut here ]------------ [ 74.805854][ T4966] VFS: brelse: Trying to free free buffer [ 74.806686][ T4966] WARNING: CPU: 0 PID: 4966 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.807905][ T4966] Modules linked in: [ 74.808438][ T4966] CPU: 0 PID: 4966 Comm: syz.0.17 Tainted: G W syzkaller #0 [ 74.809711][ T4966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.811249][ T4966] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.812397][ T4966] pc : invalidate_bh_lru+0x128/0x234 [ 74.813173][ T4966] lr : invalidate_bh_lru+0x128/0x234 [ 74.813925][ T4966] sp : ffff80001fa476e0 [ 74.814531][ T4966] x29: ffff80001fa476e0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 74.815664][ T4966] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 74.816765][ T4966] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debad060 [ 74.817874][ T4966] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 74.819041][ T4966] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.820176][ T4966] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.821331][ T4966] x11: 0000000000000002 x10: 0000000000000000 x9 : 42197828a7ceca00 [ 74.822485][ T4966] x8 : 42197828a7ceca00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.823678][ T4966] x5 : ffff80001fa46fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.824850][ T4966] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.826082][ T4966] Call trace: [ 74.826582][ T4966] invalidate_bh_lru+0x128/0x234 [ 74.827343][ T4966] smp_call_function_many_cond+0xa50/0xeb0 [ 74.828210][ T4966] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.828983][ T4966] invalidate_bh_lrus+0x34/0x40 [ 74.829618][ T4966] blkdev_flush_mapping+0x168/0x31c [ 74.830400][ T4966] blkdev_put+0x490/0x6ac [ 74.831063][ T4966] kill_block_super+0x98/0xdc [ 74.831808][ T4966] deactivate_locked_super+0xb8/0x13c [ 74.832625][ T4966] mount_bdev+0x284/0x358 [ 74.833236][ T4966] sysv_mount+0x44/0x58 [ 74.833842][ T4966] legacy_get_tree+0xd4/0x16c [ 74.834522][ T4966] vfs_get_tree+0x90/0x274 [ 74.835188][ T4966] do_new_mount+0x228/0x810 [ 74.835895][ T4966] path_mount+0x5b4/0x1000 [ 74.836470][ T4966] __arm64_sys_mount+0x514/0x5e4 [ 74.837152][ T4966] invoke_syscall+0x98/0x2b8 [ 74.837845][ T4966] el0_svc_common+0x138/0x258 [ 74.838596][ T4966] do_el0_svc+0x58/0x14c [ 74.839199][ T4966] el0_svc+0x78/0x1e0 [ 74.839799][ T4966] el0t_64_sync_handler+0xcc/0xe4 [ 74.840449][ T4966] el0t_64_sync+0x1a0/0x1a4 [ 74.841057][ T4966] irq event stamp: 1212 [ 74.841653][ T4966] hardirqs last enabled at (1211): [] kasan_quarantine_put+0xc4/0x204 [ 74.843130][ T4966] hardirqs last disabled at (1212): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.844607][ T4966] softirqs last enabled at (1004): [] local_bh_enable+0x10/0x34 [ 74.845999][ T4966] softirqs last disabled at (1002): [] local_bh_disable+0x10/0x34 [ 74.847453][ T4966] ---[ end trace 5519afa7f6d9eb42 ]--- [ 74.944247][ T4968] loop0: detected capacity change from 0 to 128 [ 75.047478][ T4968] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.048633][ T4968] Bad inode number on dev loop0: 2 is out of range [ 75.049852][ T4968] SysV FS: get root inode failed [ 75.050719][ T4968] oldfs: cannot read superblock [ 75.061722][ C1] ------------[ cut here ]------------ [ 75.062543][ C1] VFS: brelse: Trying to free free buffer [ 75.063416][ C1] WARNING: CPU: 1 PID: 4970 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.064717][ C1] Modules linked in: [ 75.065238][ C1] CPU: 1 PID: 4970 Comm: syz.0.19 Tainted: G W syzkaller #0 [ 75.066466][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.067927][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.069033][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.069845][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.070632][ C1] sp : ffff800008017de0 [ 75.071251][ C1] x29: ffff800008017de0 x28: ffff0000da2f3680 x27: 1fffe0003421a45c [ 75.072481][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.073624][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e330c148 [ 75.074850][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 75.075985][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.077221][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.078504][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 0d1c6391ae025b00 [ 75.079797][ C1] x8 : 0d1c6391ae025b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.080959][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.082100][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.083299][ C1] Call trace: [ 75.083773][ C1] invalidate_bh_lru+0x128/0x234 [ 75.084618][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.085485][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.086566][ C1] ipi_handler+0x10c/0x710 [ 75.087289][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.088119][ C1] handle_domain_irq+0x144/0x1fc [ 75.088843][ C1] gic_handle_irq+0x78/0x1c8 [ 75.089475][ C1] call_on_irq_stack+0x30/0x48 [ 75.090192][ C1] do_interrupt_handler+0x6c/0x88 [ 75.090913][ C1] el1_interrupt+0x30/0x58 [ 75.091640][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.092359][ C1] el1h_64_irq+0x78/0x7c [ 75.093035][ C1] get_page_from_freelist+0x2244/0x2aa8 [ 75.093837][ C1] __alloc_pages+0x1a0/0x470 [ 75.094477][ C1] alloc_pages_vma+0x284/0x7a8 [ 75.095236][ C1] alloc_zeroed_user_highpage_movable+0x9c/0xd8 [ 75.096213][ C1] handle_mm_fault+0x1908/0x2970 [ 75.096994][ C1] do_page_fault+0x694/0xad4 [ 75.097681][ C1] do_translation_fault+0xe0/0x130 [ 75.098442][ C1] do_mem_abort+0x6c/0x1ac [ 75.099140][ C1] el0_da+0x90/0x1fc [ 75.099739][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 75.100546][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.101173][ C1] irq event stamp: 268 [ 75.101854][ C1] hardirqs last enabled at (267): [] get_page_from_freelist+0x2234/0x2aa8 [ 75.103356][ C1] hardirqs last disabled at (268): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.104921][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 75.106221][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 75.107524][ C1] ---[ end trace 5519afa7f6d9eb43 ]--- [ 75.133326][ T4970] loop0: detected capacity change from 0 to 128 [ 75.175853][ T4970] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.177034][ T4970] Bad inode number on dev loop0: 2 is out of range [ 75.177998][ T4970] SysV FS: get root inode failed [ 75.178704][ T4970] oldfs: cannot read superblock [ 75.187992][ C1] ------------[ cut here ]------------ [ 75.188841][ C1] VFS: brelse: Trying to free free buffer [ 75.189719][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.191138][ C1] Modules linked in: [ 75.191768][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.193059][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.194726][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.195900][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.196641][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.197477][ C1] sp : ffff800008017de0 [ 75.198140][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 75.199284][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.200590][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e330c4e8 [ 75.201862][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 75.203066][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.204281][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.205501][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 75.206589][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.207721][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.208944][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.210192][ C1] Call trace: [ 75.210670][ C1] invalidate_bh_lru+0x128/0x234 [ 75.211475][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.212322][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.213356][ C1] ipi_handler+0x10c/0x710 [ 75.213991][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.214867][ C1] handle_domain_irq+0x144/0x1fc [ 75.215602][ C1] gic_handle_irq+0x78/0x1c8 [ 75.216230][ C1] call_on_irq_stack+0x30/0x48 [ 75.217016][ C1] do_interrupt_handler+0x6c/0x88 [ 75.217739][ C1] el1_interrupt+0x30/0x58 [ 75.218414][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.219161][ C1] el1h_64_irq+0x78/0x7c [ 75.219775][ C1] call_rcu+0x580/0x8fc [ 75.220389][ C1] dentry_free+0xa4/0x180 [ 75.221091][ C1] __dentry_kill+0x45c/0x598 [ 75.221780][ C1] dentry_kill+0xc8/0x248 [ 75.222347][ C1] dput+0x23c/0x458 [ 75.222899][ C1] do_unlinkat+0x328/0x600 [ 75.223558][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 75.224226][ C1] invoke_syscall+0x98/0x2b8 [ 75.224957][ C1] el0_svc_common+0x138/0x258 [ 75.225715][ C1] do_el0_svc+0x58/0x14c [ 75.226337][ C1] el0_svc+0x78/0x1e0 [ 75.226957][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.227691][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.228383][ C1] irq event stamp: 176104 [ 75.228952][ C1] hardirqs last enabled at (176103): [] call_rcu+0x570/0x8fc [ 75.230431][ C1] hardirqs last disabled at (176104): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.231912][ C1] softirqs last enabled at (175404): [] local_bh_enable+0x10/0x34 [ 75.233340][ C1] softirqs last disabled at (175402): [] local_bh_disable+0x10/0x34 [ 75.234781][ C1] ---[ end trace 5519afa7f6d9eb44 ]--- [ 75.275134][ T4972] loop0: detected capacity change from 0 to 128 [ 75.321854][ T4972] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.323060][ T4972] Bad inode number on dev loop0: 2 is out of range [ 75.324052][ T4972] SysV FS: get root inode failed [ 75.324773][ T4972] oldfs: cannot read superblock [ 75.325484][ T4972] ------------[ cut here ]------------ [ 75.326376][ T4972] VFS: brelse: Trying to free free buffer [ 75.327264][ T4972] WARNING: CPU: 1 PID: 4972 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.328574][ T4972] Modules linked in: [ 75.329098][ T4972] CPU: 1 PID: 4972 Comm: syz.0.20 Tainted: G W syzkaller #0 [ 75.330378][ T4972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.331867][ T4972] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.333106][ T4972] pc : invalidate_bh_lru+0x128/0x234 [ 75.333911][ T4972] lr : invalidate_bh_lru+0x128/0x234 [ 75.334727][ T4972] sp : ffff80001fa976e0 [ 75.335341][ T4972] x29: ffff80001fa976e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 75.336540][ T4972] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 75.337745][ T4972] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e330c888 [ 75.338939][ T4972] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 75.340112][ T4972] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.341383][ T4972] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.342574][ T4972] x11: 0000000000000002 x10: 0000000000000000 x9 : 701efc03dfda1200 [ 75.343795][ T4972] x8 : 701efc03dfda1200 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.345062][ T4972] x5 : ffff80001fa96fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.346389][ T4972] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.347652][ T4972] Call trace: [ 75.348154][ T4972] invalidate_bh_lru+0x128/0x234 [ 75.348848][ T4972] smp_call_function_many_cond+0xa50/0xeb0 [ 75.349720][ T4972] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.350493][ T4972] invalidate_bh_lrus+0x34/0x40 [ 75.351213][ T4972] blkdev_flush_mapping+0x168/0x31c [ 75.351981][ T4972] blkdev_put+0x490/0x6ac [ 75.352637][ T4972] kill_block_super+0x98/0xdc [ 75.353388][ T4972] deactivate_locked_super+0xb8/0x13c [ 75.354261][ T4972] mount_bdev+0x284/0x358 [ 75.354918][ T4972] sysv_mount+0x44/0x58 [ 75.355548][ T4972] legacy_get_tree+0xd4/0x16c [ 75.356220][ T4972] vfs_get_tree+0x90/0x274 [ 75.356965][ T4972] do_new_mount+0x228/0x810 [ 75.357699][ T4972] path_mount+0x5b4/0x1000 [ 75.358332][ T4972] __arm64_sys_mount+0x514/0x5e4 [ 75.359072][ T4972] invoke_syscall+0x98/0x2b8 [ 75.359822][ T4972] el0_svc_common+0x138/0x258 [ 75.360557][ T4972] do_el0_svc+0x58/0x14c [ 75.361207][ T4972] el0_svc+0x78/0x1e0 [ 75.361747][ T4972] el0t_64_sync_handler+0xcc/0xe4 [ 75.362522][ T4972] el0t_64_sync+0x1a0/0x1a4 [ 75.363225][ T4972] irq event stamp: 1092 [ 75.363835][ T4972] hardirqs last enabled at (1091): [] kasan_quarantine_put+0xc4/0x204 [ 75.365339][ T4972] hardirqs last disabled at (1092): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.367017][ T4972] softirqs last enabled at (864): [] local_bh_enable+0x10/0x34 [ 75.368302][ T4972] softirqs last disabled at (862): [] local_bh_disable+0x10/0x34 [ 75.369668][ T4972] ---[ end trace 5519afa7f6d9eb45 ]--- [ 75.480912][ T4974] loop0: detected capacity change from 0 to 128 [ 75.484267][ T4974] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.485496][ T4974] Bad inode number on dev loop0: 2 is out of range [ 75.486482][ T4974] SysV FS: get root inode failed [ 75.487244][ T4974] oldfs: cannot read superblock [ 75.493459][ T136] device hsr_slave_0 left promiscuous mode [ 75.500594][ T4580] ------------[ cut here ]------------ [ 75.501427][ T4580] VFS: brelse: Trying to free free buffer [ 75.502286][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.503566][ T4580] Modules linked in: [ 75.504081][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 75.505290][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.506729][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.507851][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 75.508610][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 75.509394][ T4580] sp : ffff80001fc377c0 [ 75.510016][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 75.511238][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.512350][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e319dc28 [ 75.513612][ T4580] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 75.514770][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.515923][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.517087][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 75.518370][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.519599][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.520787][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.522057][ T4580] Call trace: [ 75.522517][ T4580] invalidate_bh_lru+0x128/0x234 [ 75.523283][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 75.524163][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.524957][ T4580] invalidate_bh_lrus+0x34/0x40 [ 75.525672][ T4580] blkdev_flush_mapping+0x168/0x31c [ 75.526441][ T4580] blkdev_put+0x490/0x6ac [ 75.527116][ T4580] blkdev_close+0x74/0xb0 [ 75.527762][ T4580] __fput+0x1c0/0x7f8 [ 75.528304][ T4580] ____fput+0x20/0x30 [ 75.528885][ T4580] task_work_run+0x12c/0x1e0 [ 75.529624][ T4580] do_notify_resume+0x24b4/0x3128 [ 75.530440][ T4580] el0_svc+0xf0/0x1e0 [ 75.531014][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 75.531760][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 75.532370][ T4580] irq event stamp: 78338 [ 75.533018][ T4580] hardirqs last enabled at (78337): [] kasan_quarantine_put+0xc4/0x204 [ 75.534507][ T4580] hardirqs last disabled at (78338): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.536097][ T4580] softirqs last enabled at (78050): [] local_bh_enable+0x10/0x34 [ 75.537460][ T4580] softirqs last disabled at (78048): [] local_bh_disable+0x10/0x34 [ 75.538945][ T4580] ---[ end trace 5519afa7f6d9eb46 ]--- [ 75.580257][ T136] device hsr_slave_1 left promiscuous mode [ 75.609010][ T4978] loop0: detected capacity change from 0 to 128 [ 75.612845][ T4978] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.614032][ T4978] Bad inode number on dev loop0: 2 is out of range [ 75.615046][ T4978] SysV FS: get root inode failed [ 75.615864][ T4978] oldfs: cannot read superblock [ 75.619498][ C1] ------------[ cut here ]------------ [ 75.620413][ C1] VFS: brelse: Trying to free free buffer [ 75.621365][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.622729][ C1] Modules linked in: [ 75.623351][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.624726][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.626208][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.627376][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.628179][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.628979][ C1] sp : ffff800008017de0 [ 75.629621][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 75.630817][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.631984][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc7060 [ 75.633136][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 75.634384][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.635542][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.636680][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 75.637874][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.639044][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.640315][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.641610][ C1] Call trace: [ 75.642079][ C1] invalidate_bh_lru+0x128/0x234 [ 75.642862][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.643785][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.644830][ C1] ipi_handler+0x10c/0x710 [ 75.645512][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.646355][ C1] handle_domain_irq+0x144/0x1fc [ 75.647109][ C1] gic_handle_irq+0x78/0x1c8 [ 75.647803][ C1] call_on_irq_stack+0x30/0x48 [ 75.648487][ C1] do_interrupt_handler+0x6c/0x88 [ 75.649178][ C1] el1_interrupt+0x30/0x58 [ 75.649834][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.650590][ C1] el1h_64_irq+0x78/0x7c [ 75.651207][ C1] tomoyo_encode+0x118/0x4a4 [ 75.651861][ C1] tomoyo_realpath_from_path+0x4bc/0x510 [ 75.652773][ C1] tomoyo_path_perm+0x1b4/0x440 [ 75.653596][ C1] tomoyo_path_rmdir+0xa4/0xe8 [ 75.654307][ C1] security_path_rmdir+0xe4/0x134 [ 75.655099][ C1] do_rmdir+0x1d0/0x634 [ 75.655760][ C1] __arm64_sys_unlinkat+0xcc/0xfc [ 75.656452][ C1] invoke_syscall+0x98/0x2b8 [ 75.657178][ C1] el0_svc_common+0x138/0x258 [ 75.657893][ C1] do_el0_svc+0x58/0x14c [ 75.658465][ C1] el0_svc+0x78/0x1e0 [ 75.659026][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.659786][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.660410][ C1] irq event stamp: 188624 [ 75.660995][ C1] hardirqs last enabled at (188623): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 75.662567][ C1] hardirqs last disabled at (188624): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.663992][ C1] softirqs last enabled at (188374): [] local_bh_enable+0x10/0x34 [ 75.665352][ C1] softirqs last disabled at (188372): [] local_bh_disable+0x10/0x34 [ 75.666736][ C1] ---[ end trace 5519afa7f6d9eb47 ]--- [ 75.710299][ T136] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.711492][ T136] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.717303][ T136] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.718472][ T136] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.719913][ T136] device bridge_slave_1 left promiscuous mode [ 75.721240][ T136] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.721556][ T4980] loop0: detected capacity change from 0 to 128 [ 75.734892][ T4980] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.736000][ T4980] Bad inode number on dev loop0: 2 is out of range [ 75.736911][ T4980] SysV FS: get root inode failed [ 75.737703][ T4980] oldfs: cannot read superblock [ 75.749923][ T4982] ------------[ cut here ]------------ [ 75.750878][ T4982] VFS: brelse: Trying to free free buffer [ 75.751808][ T4982] WARNING: CPU: 0 PID: 4982 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.753188][ T4982] Modules linked in: [ 75.753775][ T4982] CPU: 0 PID: 4982 Comm: syz.0.25 Tainted: G W syzkaller #0 [ 75.755124][ T4982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.756607][ T4982] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.757785][ T4982] pc : invalidate_bh_lru+0x128/0x234 [ 75.758675][ T4982] lr : invalidate_bh_lru+0x128/0x234 [ 75.759513][ T4982] sp : ffff80001faa77c0 [ 75.760138][ T4982] x29: ffff80001faa77c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 75.761353][ T4982] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 75.762502][ T4982] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debad400 [ 75.763754][ T4982] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 75.764977][ T4982] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.766235][ T4982] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.767445][ T4982] x11: 0000000000000002 x10: 0000000000000000 x9 : b199195f095c4800 [ 75.768579][ T4982] x8 : b199195f095c4800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.769746][ T4982] x5 : ffff80001faa70b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.770952][ T4982] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.772258][ T4982] Call trace: [ 75.772784][ T4982] invalidate_bh_lru+0x128/0x234 [ 75.773521][ T4982] smp_call_function_many_cond+0xa50/0xeb0 [ 75.774394][ T4982] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.775131][ T4982] invalidate_bh_lrus+0x34/0x40 [ 75.775842][ T4982] blkdev_flush_mapping+0x168/0x31c [ 75.776640][ T4982] blkdev_put+0x490/0x6ac [ 75.777280][ T4982] blkdev_close+0x74/0xb0 [ 75.777962][ T4982] __fput+0x1c0/0x7f8 [ 75.778543][ T4982] ____fput+0x20/0x30 [ 75.779122][ T4982] task_work_run+0x12c/0x1e0 [ 75.779800][ T4982] do_notify_resume+0x24b4/0x3128 [ 75.780542][ T4982] el0_svc+0xf0/0x1e0 [ 75.781130][ T4982] el0t_64_sync_handler+0xcc/0xe4 [ 75.781948][ T4982] el0t_64_sync+0x1a0/0x1a4 [ 75.782558][ T4982] irq event stamp: 756 [ 75.783106][ T4982] hardirqs last enabled at (755): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 75.784592][ T4982] hardirqs last disabled at (756): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.786179][ T4982] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 75.787496][ T4982] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 75.788834][ T4982] ---[ end trace 5519afa7f6d9eb48 ]--- [ 75.790875][ T136] device bridge_slave_0 left promiscuous mode [ 75.791860][ T136] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.845105][ T4984] loop0: detected capacity change from 0 to 128 [ 75.847220][ T4984] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.848246][ T4984] Bad inode number on dev loop0: 2 is out of range [ 75.849389][ T4984] SysV FS: get root inode failed [ 75.850973][ T4984] oldfs: cannot read superblock [ 75.892574][ C1] ------------[ cut here ]------------ [ 75.893465][ C1] VFS: brelse: Trying to free free buffer [ 75.894375][ C1] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.895586][ C1] Modules linked in: [ 75.896105][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W syzkaller #0 [ 75.897308][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.898847][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.899978][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.900743][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.901529][ C1] sp : ffff800008017de0 [ 75.902151][ C1] x29: ffff800008017de0 x28: ffff0000c0a68000 x27: 1fffe0003421a45c [ 75.903410][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.904618][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc7400 [ 75.905907][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 75.907168][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.908356][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.909607][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 008fc90fb022b800 [ 75.910802][ C1] x8 : 008fc90fb022b800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.911976][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.913111][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.914307][ C1] Call trace: [ 75.914812][ C1] invalidate_bh_lru+0x128/0x234 [ 75.915622][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.916509][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.917472][ C1] ipi_handler+0x10c/0x710 [ 75.918155][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.918984][ C1] handle_domain_irq+0x144/0x1fc [ 75.919713][ C1] gic_handle_irq+0x78/0x1c8 [ 75.920400][ C1] call_on_irq_stack+0x30/0x48 [ 75.921157][ C1] do_interrupt_handler+0x6c/0x88 [ 75.921940][ C1] el1_interrupt+0x30/0x58 [ 75.922563][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.923231][ C1] el1h_64_irq+0x78/0x7c [ 75.923885][ C1] arch_local_irq_enable+0xc/0x18 [ 75.924634][ C1] default_idle_call+0xcc/0x418 [ 75.925389][ C1] do_idle+0x1c8/0x480 [ 75.926018][ C1] cpu_startup_entry+0x24/0x28 [ 75.926768][ C1] secondary_start_kernel+0x23c/0x294 [ 75.927563][ C1] __secondary_switched+0x94/0x98 [ 75.928333][ C1] irq event stamp: 520258 [ 75.929024][ C1] hardirqs last enabled at (520257): [] default_idle_call+0xb8/0x418 [ 75.930394][ C1] hardirqs last disabled at (520258): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.931860][ C1] softirqs last enabled at (520222): [] handle_softirqs+0xa4c/0xbf0 [ 75.933218][ C1] softirqs last disabled at (520175): [] __irq_exit_rcu+0x240/0x440 [ 75.934708][ C1] ---[ end trace 5519afa7f6d9eb49 ]--- [ 75.941805][ T4986] loop0: detected capacity change from 0 to 128 [ 75.950522][ T136] device veth1_macvtap left promiscuous mode [ 75.952006][ T136] device veth0_macvtap left promiscuous mode [ 75.953002][ T136] device veth1_vlan left promiscuous mode [ 75.953941][ T136] device veth0_vlan left promiscuous mode [ 75.991809][ T4986] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.992984][ T4986] Bad inode number on dev loop0: 2 is out of range [ 75.993987][ T4986] SysV FS: get root inode failed [ 75.994816][ T4986] oldfs: cannot read superblock [ 75.995549][ T4986] ------------[ cut here ]------------ [ 75.996360][ T4986] VFS: brelse: Trying to free free buffer [ 75.997241][ T4986] WARNING: CPU: 1 PID: 4986 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.998503][ T4986] Modules linked in: [ 75.999126][ T4986] CPU: 1 PID: 4986 Comm: syz.0.27 Tainted: G W syzkaller #0 [ 76.000406][ T4986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.001912][ T4986] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.003076][ T4986] pc : invalidate_bh_lru+0x128/0x234 [ 76.003832][ T4986] lr : invalidate_bh_lru+0x128/0x234 [ 76.004637][ T4986] sp : ffff80001faa76e0 [ 76.005340][ T4986] x29: ffff80001faa76e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 76.006599][ T4986] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 76.007787][ T4986] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc77a0 [ 76.008978][ T4986] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 76.010164][ T4986] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.011291][ T4986] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.012445][ T4986] x11: 0000000000000002 x10: 0000000000000000 x9 : 045f17ec6450ac00 [ 76.013576][ T4986] x8 : 045f17ec6450ac00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.014866][ T4986] x5 : ffff80001faa6fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.016103][ T4986] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.017310][ T4986] Call trace: [ 76.017828][ T4986] invalidate_bh_lru+0x128/0x234 [ 76.018595][ T4986] smp_call_function_many_cond+0xa50/0xeb0 [ 76.019456][ T4986] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.020200][ T4986] invalidate_bh_lrus+0x34/0x40 [ 76.020980][ T4986] blkdev_flush_mapping+0x168/0x31c [ 76.021789][ T4986] blkdev_put+0x490/0x6ac [ 76.022467][ T4986] kill_block_super+0x98/0xdc [ 76.023163][ T4986] deactivate_locked_super+0xb8/0x13c [ 76.024002][ T4986] mount_bdev+0x284/0x358 [ 76.024687][ T4986] sysv_mount+0x44/0x58 [ 76.025282][ T4986] legacy_get_tree+0xd4/0x16c [ 76.025925][ T4986] vfs_get_tree+0x90/0x274 [ 76.026576][ T4986] do_new_mount+0x228/0x810 [ 76.027236][ T4986] path_mount+0x5b4/0x1000 [ 76.027914][ T4986] __arm64_sys_mount+0x514/0x5e4 [ 76.028690][ T4986] invoke_syscall+0x98/0x2b8 [ 76.029390][ T4986] el0_svc_common+0x138/0x258 [ 76.030040][ T4986] do_el0_svc+0x58/0x14c [ 76.030690][ T4986] el0_svc+0x78/0x1e0 [ 76.031274][ T4986] el0t_64_sync_handler+0xcc/0xe4 [ 76.032048][ T4986] el0t_64_sync+0x1a0/0x1a4 [ 76.032710][ T4986] irq event stamp: 1574 [ 76.033378][ T4986] hardirqs last enabled at (1573): [] kasan_quarantine_put+0xc4/0x204 [ 76.034775][ T4986] hardirqs last disabled at (1574): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.036350][ T4986] softirqs last enabled at (1408): [] local_bh_enable+0x10/0x34 [ 76.037787][ T4986] softirqs last disabled at (1406): [] local_bh_disable+0x10/0x34 [ 76.039144][ T4986] ---[ end trace 5519afa7f6d9eb4a ]--- [ 76.117321][ T136] team0 (unregistering): Port device team_slave_1 removed [ 76.125109][ T136] team0 (unregistering): Port device team_slave_0 removed [ 76.129508][ T136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 76.137675][ T4989] loop0: detected capacity change from 0 to 128 [ 76.171664][ T4989] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.172821][ T4989] Bad inode number on dev loop0: 2 is out of range [ 76.173749][ T4989] SysV FS: get root inode failed [ 76.174457][ T4989] oldfs: cannot read superblock [ 76.176485][ T136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 76.184438][ T4580] ------------[ cut here ]------------ [ 76.185312][ T4580] VFS: brelse: Trying to free free buffer [ 76.186139][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.187377][ T4580] Modules linked in: [ 76.187927][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 76.189052][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.190480][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.191677][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 76.192434][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 76.193161][ T4580] sp : ffff80001fc377c0 [ 76.193791][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 76.195043][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 76.196132][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debad7a0 [ 76.197347][ T4580] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 76.198495][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.199740][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.200914][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 76.202184][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.203381][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.204571][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.205706][ T4580] Call trace: [ 76.206176][ T4580] invalidate_bh_lru+0x128/0x234 [ 76.206942][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 76.207797][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.208556][ T4580] invalidate_bh_lrus+0x34/0x40 [ 76.209339][ T4580] blkdev_flush_mapping+0x168/0x31c [ 76.210148][ T4580] blkdev_put+0x490/0x6ac [ 76.210802][ T4580] blkdev_close+0x74/0xb0 [ 76.211486][ T4580] __fput+0x1c0/0x7f8 [ 76.212002][ T4580] ____fput+0x20/0x30 [ 76.212600][ T4580] task_work_run+0x12c/0x1e0 [ 76.213269][ T4580] do_notify_resume+0x24b4/0x3128 [ 76.214068][ T4580] el0_svc+0xf0/0x1e0 [ 76.214644][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 76.215472][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 76.216165][ T4580] irq event stamp: 113286 [ 76.216793][ T4580] hardirqs last enabled at (113285): [] kasan_quarantine_put+0xc4/0x204 [ 76.218340][ T4580] hardirqs last disabled at (113286): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.219871][ T4580] softirqs last enabled at (113020): [] local_bh_enable+0x10/0x34 [ 76.221195][ T4580] softirqs last disabled at (113018): [] local_bh_disable+0x10/0x34 [ 76.222511][ T4580] ---[ end trace 5519afa7f6d9eb4b ]--- [ 76.259273][ T4991] loop0: detected capacity change from 0 to 128 [ 76.291465][ T4991] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.292667][ T4991] Bad inode number on dev loop0: 2 is out of range [ 76.293584][ T4991] SysV FS: get root inode failed [ 76.294249][ T4991] oldfs: cannot read superblock [ 76.304446][ C0] ------------[ cut here ]------------ [ 76.305351][ C0] VFS: brelse: Trying to free free buffer [ 76.306210][ C0] WARNING: CPU: 0 PID: 4992 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.307439][ C0] Modules linked in: [ 76.307967][ C0] CPU: 0 PID: 4992 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.309551][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.311078][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.312236][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 76.313069][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 76.313806][ C0] sp : ffff800008007de0 [ 76.314428][ C0] x29: ffff800008007de0 x28: ffff0000d3f89b40 x27: 1fffe0003421625c [ 76.315605][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 76.316737][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debadb40 [ 76.317999][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 76.319261][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.320612][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.321882][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : ab248f49a9219700 [ 76.323064][ C0] x8 : ab248f49a9219700 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.324234][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.325454][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.326625][ C0] Call trace: [ 76.327098][ C0] invalidate_bh_lru+0x128/0x234 [ 76.327866][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.328713][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.329717][ C0] ipi_handler+0x10c/0x710 [ 76.330392][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 76.331198][ C0] handle_domain_irq+0x144/0x1fc [ 76.331922][ C0] gic_handle_irq+0x78/0x1c8 [ 76.332591][ C0] call_on_irq_stack+0x30/0x48 [ 76.333301][ C0] do_interrupt_handler+0x6c/0x88 [ 76.334066][ C0] el1_interrupt+0x30/0x58 [ 76.334661][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.335348][ C0] el1h_64_irq+0x78/0x7c [ 76.335964][ C0] lock_page_memcg+0x120/0x234 [ 76.336692][ C0] page_add_file_rmap+0x148/0x8e4 [ 76.337456][ C0] do_set_pte+0x390/0x4dc [ 76.338079][ C0] filemap_map_pages+0x9c4/0xc50 [ 76.338862][ C0] handle_mm_fault+0x19c4/0x2970 [ 76.339606][ C0] do_page_fault+0x694/0xad4 [ 76.340318][ C0] do_translation_fault+0xe0/0x130 [ 76.341066][ C0] do_mem_abort+0x6c/0x1ac [ 76.341697][ C0] el0_ia+0xe0/0x2d0 [ 76.342247][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 76.343018][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.343686][ C0] irq event stamp: 438 [ 76.344232][ C0] hardirqs last enabled at (437): [] lock_page_memcg+0x110/0x234 [ 76.345588][ C0] hardirqs last disabled at (438): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.347046][ C0] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 76.348387][ C0] softirqs last disabled at (12): [] local_bh_disable+0x10/0x34 [ 76.349776][ C0] ---[ end trace 5519afa7f6d9eb4c ]--- [ 76.358136][ T136] bond0 (unregistering): Released all slaves [ 76.392837][ T4993] loop0: detected capacity change from 0 to 128 [ 76.395145][ T4993] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.396241][ T4993] Bad inode number on dev loop0: 2 is out of range [ 76.397193][ T4993] SysV FS: get root inode failed [ 76.397892][ T4993] oldfs: cannot read superblock [ 76.402741][ T4580] ------------[ cut here ]------------ [ 76.403578][ T4580] VFS: brelse: Trying to free free buffer [ 76.404458][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.405704][ T4580] Modules linked in: [ 76.406221][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 76.407392][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.408878][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.409995][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 76.410792][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 76.411533][ T4580] sp : ffff80001fc377c0 [ 76.412137][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 76.413328][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 76.414502][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc7b40 [ 76.415622][ T4580] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 76.416806][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.417983][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.419172][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 76.420420][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.421620][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.422723][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.423899][ T4580] Call trace: [ 76.424390][ T4580] invalidate_bh_lru+0x128/0x234 [ 76.425176][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 76.426022][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.426750][ T4580] invalidate_bh_lrus+0x34/0x40 [ 76.427468][ T4580] blkdev_flush_mapping+0x168/0x31c [ 76.428236][ T4580] blkdev_put+0x490/0x6ac [ 76.428868][ T4580] blkdev_close+0x74/0xb0 [ 76.429527][ T4580] __fput+0x1c0/0x7f8 [ 76.430109][ T4580] ____fput+0x20/0x30 [ 76.430688][ T4580] task_work_run+0x12c/0x1e0 [ 76.431335][ T4580] do_notify_resume+0x24b4/0x3128 [ 76.432065][ T4580] el0_svc+0xf0/0x1e0 [ 76.432628][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 76.433376][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 76.434003][ T4580] irq event stamp: 121648 [ 76.434652][ T4580] hardirqs last enabled at (121647): [] kasan_quarantine_put+0xc4/0x204 [ 76.436328][ T4580] hardirqs last disabled at (121648): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.437963][ T4580] softirqs last enabled at (121384): [] local_bh_enable+0x10/0x34 [ 76.439353][ T4580] softirqs last disabled at (121382): [] local_bh_disable+0x10/0x34 [ 76.440780][ T4580] ---[ end trace 5519afa7f6d9eb4d ]--- [ 76.483669][ T4995] loop0: detected capacity change from 0 to 128 [ 76.486158][ T4995] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.490729][ T4995] Bad inode number on dev loop0: 2 is out of range [ 76.491780][ T4995] SysV FS: get root inode failed [ 76.492545][ T4995] oldfs: cannot read superblock [ 76.516632][ C1] ------------[ cut here ]------------ [ 76.517518][ C1] VFS: brelse: Trying to free free buffer [ 76.518411][ C1] WARNING: CPU: 1 PID: 3663 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.519722][ C1] Modules linked in: [ 76.520317][ C1] CPU: 1 PID: 3663 Comm: udevd Tainted: G W syzkaller #0 [ 76.521588][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.522990][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.524108][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.524901][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.525726][ C1] sp : ffff800008017de0 [ 76.526327][ C1] x29: ffff800008017de0 x28: ffff0000d73c0000 x27: 1fffe0003421a45c [ 76.527553][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 76.528748][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e88a8ee0 [ 76.529930][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 76.531084][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.532365][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.533486][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 60ebf182a8fe0600 [ 76.534688][ C1] x8 : 60ebf182a8fe0600 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.535914][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.537171][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.538370][ C1] Call trace: [ 76.538815][ C1] invalidate_bh_lru+0x128/0x234 [ 76.539578][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.540432][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.541502][ C1] ipi_handler+0x10c/0x710 [ 76.542170][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.543001][ C1] handle_domain_irq+0x144/0x1fc [ 76.543768][ C1] gic_handle_irq+0x78/0x1c8 [ 76.544477][ C1] call_on_irq_stack+0x30/0x48 [ 76.545140][ C1] do_interrupt_handler+0x6c/0x88 [ 76.545935][ C1] el1_interrupt+0x30/0x58 [ 76.546594][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.547288][ C1] el1h_64_irq+0x78/0x7c [ 76.547978][ C1] kasan_check_range+0x4c/0x2b0 [ 76.548748][ C1] memset+0x58/0x88 [ 76.549320][ C1] unwind_frame+0x124/0x668 [ 76.550012][ C1] walk_stackframe+0x6c/0xa8 [ 76.550639][ C1] return_address+0xd0/0x144 [ 76.551337][ C1] preempt_count_add+0x13c/0x3bc [ 76.552052][ C1] _raw_spin_lock+0x24/0x10c [ 76.552685][ C1] kernfs_iop_permission+0x6c/0x2e0 [ 76.553412][ C1] inode_permission+0x1d0/0x3c0 [ 76.554157][ C1] link_path_walk+0x268/0xb8c [ 76.554856][ C1] path_openat+0x1c0/0x26e4 [ 76.555491][ C1] do_filp_open+0x164/0x330 [ 76.556213][ C1] do_sys_openat2+0x128/0x3d8 [ 76.556895][ C1] __arm64_sys_openat+0x120/0x154 [ 76.557652][ C1] invoke_syscall+0x98/0x2b8 [ 76.558365][ C1] el0_svc_common+0x138/0x258 [ 76.559103][ C1] do_el0_svc+0x58/0x14c [ 76.559733][ C1] el0_svc+0x78/0x1e0 [ 76.560392][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.561113][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.561762][ C1] irq event stamp: 1172016 [ 76.562475][ C1] hardirqs last enabled at (1172015): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 76.564052][ C1] hardirqs last disabled at (1172016): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.565507][ C1] softirqs last enabled at (1171992): [] local_bh_enable+0x10/0x34 [ 76.566856][ C1] softirqs last disabled at (1171990): [] local_bh_disable+0x10/0x34 [ 76.568242][ C1] ---[ end trace 5519afa7f6d9eb4e ]--- [ 76.617677][ T4999] loop0: detected capacity change from 0 to 128 [ 76.620413][ T4999] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.621528][ T4999] Bad inode number on dev loop0: 2 is out of range [ 76.622483][ T4999] SysV FS: get root inode failed [ 76.623231][ T4999] oldfs: cannot read superblock [ 76.627764][ C1] ------------[ cut here ]------------ [ 76.628628][ C1] VFS: brelse: Trying to free free buffer [ 76.629590][ C1] WARNING: CPU: 1 PID: 3663 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.630897][ C1] Modules linked in: [ 76.631442][ C1] CPU: 1 PID: 3663 Comm: udevd Tainted: G W syzkaller #0 [ 76.632659][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.634117][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.635301][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.636106][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.636911][ C1] sp : ffff800008017de0 [ 76.637480][ C1] x29: ffff800008017de0 x28: ffff0000d73c0000 x27: 1fffe0003421a45c [ 76.638632][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 76.639904][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5c2318 [ 76.641095][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 76.642295][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.643453][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.644647][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 60ebf182a8fe0600 [ 76.645823][ C1] x8 : 60ebf182a8fe0600 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.647097][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.648373][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.649547][ C1] Call trace: [ 76.650040][ C1] invalidate_bh_lru+0x128/0x234 [ 76.650811][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.651715][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.652831][ C1] ipi_handler+0x10c/0x710 [ 76.653508][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.654354][ C1] handle_domain_irq+0x144/0x1fc [ 76.655105][ C1] gic_handle_irq+0x78/0x1c8 [ 76.655879][ C1] call_on_irq_stack+0x30/0x48 [ 76.656587][ C1] do_interrupt_handler+0x6c/0x88 [ 76.657366][ C1] el1_interrupt+0x30/0x58 [ 76.657988][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.658640][ C1] el1h_64_irq+0x78/0x7c [ 76.659270][ C1] qlist_free_all+0x38/0xa8 [ 76.659924][ C1] kasan_quarantine_reduce+0x124/0x130 [ 76.660773][ C1] __kasan_slab_alloc+0x34/0xcc [ 76.661495][ C1] slab_post_alloc_hook+0x74/0x408 [ 76.662279][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 76.663009][ C1] getname_flags+0xb8/0x450 [ 76.663746][ C1] user_path_at_empty+0x40/0x1a0 [ 76.664501][ C1] vfs_statx+0xf4/0x458 [ 76.665151][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 76.665937][ C1] invoke_syscall+0x98/0x2b8 [ 76.666653][ C1] el0_svc_common+0x138/0x258 [ 76.667374][ C1] do_el0_svc+0x58/0x14c [ 76.668022][ C1] el0_svc+0x78/0x1e0 [ 76.668589][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.669291][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.669929][ C1] irq event stamp: 1179026 [ 76.670552][ C1] hardirqs last enabled at (1179025): [] put_cpu_partial+0x188/0x218 [ 76.671926][ C1] hardirqs last disabled at (1179026): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.673382][ C1] softirqs last enabled at (1178924): [] local_bh_enable+0x10/0x34 [ 76.674725][ C1] softirqs last disabled at (1178922): [] local_bh_disable+0x10/0x34 [ 76.676202][ C1] ---[ end trace 5519afa7f6d9eb4f ]--- [ 76.719439][ T5001] loop0: detected capacity change from 0 to 128 [ 76.750174][ T4173] Bluetooth: hci0: command 0x0419 tx timeout [ 76.754637][ T5001] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.755716][ T5001] Bad inode number on dev loop0: 2 is out of range [ 76.757199][ T5001] SysV FS: get root inode failed [ 76.757938][ T5001] oldfs: cannot read superblock [ 76.766413][ C0] ------------[ cut here ]------------ [ 76.767292][ C0] VFS: brelse: Trying to free free buffer [ 76.768157][ C0] WARNING: CPU: 0 PID: 5002 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.769371][ C0] Modules linked in: [ 76.769980][ C0] CPU: 0 PID: 5002 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.771335][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.772726][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.773884][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 76.774706][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 76.775513][ C0] sp : ffff800008007de0 [ 76.776124][ C0] x29: ffff800008007de0 x28: ffff0000cb089b40 x27: 1fffe0003421625c [ 76.777352][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 76.778532][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debadee0 [ 76.779703][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 76.780839][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.781889][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.783056][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 522dde88dbeea200 [ 76.784161][ C0] x8 : 522dde88dbeea200 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.785288][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.786433][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.787563][ C0] Call trace: [ 76.788008][ C0] invalidate_bh_lru+0x128/0x234 [ 76.788719][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.789584][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.790630][ C0] ipi_handler+0x10c/0x710 [ 76.791275][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 76.792065][ C0] handle_domain_irq+0x144/0x1fc [ 76.792862][ C0] gic_handle_irq+0x78/0x1c8 [ 76.793541][ C0] call_on_irq_stack+0x30/0x48 [ 76.794254][ C0] do_interrupt_handler+0x6c/0x88 [ 76.795087][ C0] el0_interrupt+0x94/0x260 [ 76.795775][ C0] __el0_irq_handler_common+0x18/0x24 [ 76.796638][ C0] el0t_64_irq_handler+0x10/0x1c [ 76.797301][ C0] el0t_64_irq+0x1a0/0x1a4 [ 76.797946][ C0] irq event stamp: 818 [ 76.798595][ C0] hardirqs last enabled at (817): [] el0t_64_sync_handler+0xcc/0xe4 [ 76.800127][ C0] hardirqs last disabled at (818): [] __el0_irq_handler_common+0x18/0x24 [ 76.801612][ C0] softirqs last enabled at (462): [] local_bh_enable+0x10/0x34 [ 76.803039][ C0] softirqs last disabled at (460): [] local_bh_disable+0x10/0x34 [ 76.804398][ C0] ---[ end trace 5519afa7f6d9eb50 ]--- [ 76.843708][ T5003] loop0: detected capacity change from 0 to 128 [ 76.883111][ T5003] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.884337][ T5003] Bad inode number on dev loop0: 2 is out of range [ 76.885340][ T5003] SysV FS: get root inode failed [ 76.886038][ T5003] oldfs: cannot read superblock [ 76.894820][ C1] ------------[ cut here ]------------ [ 76.895687][ C1] VFS: brelse: Trying to free free buffer [ 76.896668][ C1] WARNING: CPU: 1 PID: 5004 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.898020][ C1] Modules linked in: [ 76.898564][ C1] CPU: 1 PID: 5004 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.899915][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.901400][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.902572][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.903370][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.904143][ C1] sp : ffff800008017de0 [ 76.904742][ C1] x29: ffff800008017de0 x28: ffff0000dcff8000 x27: 1fffe0003421a45b [ 76.905946][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 76.907111][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5c26b8 [ 76.908357][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010003 [ 76.909520][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.910751][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.911931][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : d4712972c192b000 [ 76.913100][ C1] x8 : d4712972c192b000 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.914313][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.915537][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.916678][ C1] Call trace: [ 76.917165][ C1] invalidate_bh_lru+0x128/0x234 [ 76.917937][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.918830][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.919820][ C1] ipi_handler+0x10c/0x710 [ 76.920490][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.921264][ C1] handle_domain_irq+0x144/0x1fc [ 76.921937][ C1] gic_handle_irq+0x78/0x1c8 [ 76.922578][ C1] call_on_irq_stack+0x30/0x48 [ 76.923277][ C1] do_interrupt_handler+0x6c/0x88 [ 76.923990][ C1] el1_interrupt+0x30/0x58 [ 76.924651][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.925302][ C1] el1h_64_irq+0x78/0x7c [ 76.926033][ C1] arch_local_irq_restore+0x8/0x10 [ 76.926850][ C1] xas_next_entry+0x1b0/0x394 [ 76.927504][ C1] filemap_map_pages+0x958/0xc50 [ 76.928231][ C1] handle_mm_fault+0x19c4/0x2970 [ 76.928973][ C1] do_page_fault+0x694/0xad4 [ 76.929658][ C1] do_translation_fault+0xe0/0x130 [ 76.930474][ C1] do_mem_abort+0x6c/0x1ac [ 76.931094][ C1] el0_ia+0xe0/0x2d0 [ 76.931660][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 76.932416][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.933048][ C1] irq event stamp: 378 [ 76.933652][ C1] hardirqs last enabled at (377): [] lock_page_memcg+0x110/0x234 [ 76.934988][ C1] hardirqs last disabled at (378): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.936460][ C1] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 76.937832][ C1] softirqs last disabled at (12): [] local_bh_disable+0x10/0x34 [ 76.939182][ C1] ---[ end trace 5519afa7f6d9eb51 ]--- [ 76.983702][ T5005] loop0: detected capacity change from 0 to 128 [ 77.022309][ T5005] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.023491][ T5005] Bad inode number on dev loop0: 2 is out of range [ 77.024526][ T5005] SysV FS: get root inode failed [ 77.025383][ T5005] oldfs: cannot read superblock [ 77.037807][ T5007] ------------[ cut here ]------------ [ 77.038750][ T5007] VFS: brelse: Trying to free free buffer [ 77.039558][ T5007] WARNING: CPU: 1 PID: 5007 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.040896][ T5007] Modules linked in: [ 77.041473][ T5007] CPU: 1 PID: 5007 Comm: syz.0.37 Tainted: G W syzkaller #0 [ 77.042710][ T5007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.044265][ T5007] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.045431][ T5007] pc : invalidate_bh_lru+0x128/0x234 [ 77.046243][ T5007] lr : invalidate_bh_lru+0x128/0x234 [ 77.047046][ T5007] sp : ffff80001faa77c0 [ 77.047728][ T5007] x29: ffff80001faa77c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 77.048995][ T5007] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 77.050154][ T5007] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5c2a58 [ 77.051310][ T5007] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 77.052518][ T5007] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.053803][ T5007] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.054991][ T5007] x11: 0000000000000002 x10: 0000000000000000 x9 : c26e191a8d422000 [ 77.056163][ T5007] x8 : c26e191a8d422000 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.057401][ T5007] x5 : ffff80001faa70b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.058586][ T5007] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.059808][ T5007] Call trace: [ 77.060264][ T5007] invalidate_bh_lru+0x128/0x234 [ 77.060967][ T5007] smp_call_function_many_cond+0xa50/0xeb0 [ 77.061901][ T5007] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.062649][ T5007] invalidate_bh_lrus+0x34/0x40 [ 77.063432][ T5007] blkdev_flush_mapping+0x168/0x31c [ 77.064248][ T5007] blkdev_put+0x490/0x6ac [ 77.064841][ T5007] blkdev_close+0x74/0xb0 [ 77.065515][ T5007] __fput+0x1c0/0x7f8 [ 77.066111][ T5007] ____fput+0x20/0x30 [ 77.066706][ T5007] task_work_run+0x12c/0x1e0 [ 77.067374][ T5007] do_notify_resume+0x24b4/0x3128 [ 77.068114][ T5007] el0_svc+0xf0/0x1e0 [ 77.068712][ T5007] el0t_64_sync_handler+0xcc/0xe4 [ 77.069450][ T5007] el0t_64_sync+0x1a0/0x1a4 [ 77.070151][ T5007] irq event stamp: 786 [ 77.070779][ T5007] hardirqs last enabled at (785): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 77.072395][ T5007] hardirqs last disabled at (786): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.073889][ T5007] softirqs last enabled at (742): [] local_bh_enable+0x10/0x34 [ 77.075340][ T5007] softirqs last disabled at (740): [] local_bh_disable+0x10/0x34 [ 77.076841][ T5007] ---[ end trace 5519afa7f6d9eb52 ]--- [ 77.103004][ T5009] loop0: detected capacity change from 0 to 128 [ 77.158180][ T5009] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.159320][ T5009] Bad inode number on dev loop0: 2 is out of range [ 77.160660][ T5009] SysV FS: get root inode failed [ 77.161350][ T5009] oldfs: cannot read superblock [ 77.162059][ T5009] ------------[ cut here ]------------ [ 77.162833][ T5009] VFS: brelse: Trying to free free buffer [ 77.163746][ T5009] WARNING: CPU: 0 PID: 5009 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.165052][ T5009] Modules linked in: [ 77.165665][ T5009] CPU: 0 PID: 5009 Comm: syz.0.38 Tainted: G W syzkaller #0 [ 77.166871][ T5009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.168278][ T5009] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.169437][ T5009] pc : invalidate_bh_lru+0x128/0x234 [ 77.170248][ T5009] lr : invalidate_bh_lru+0x128/0x234 [ 77.170995][ T5009] sp : ffff80001faa76e0 [ 77.171632][ T5009] x29: ffff80001faa76e0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 77.172912][ T5009] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 77.174053][ T5009] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debaa318 [ 77.175147][ T5009] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 77.176289][ T5009] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.177523][ T5009] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.178760][ T5009] x11: 0000000000000002 x10: 0000000000000000 x9 : fa1c0db04302da00 [ 77.179932][ T5009] x8 : fa1c0db04302da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.181063][ T5009] x5 : ffff80001faa6fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.182298][ T5009] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.183504][ T5009] Call trace: [ 77.183956][ T5009] invalidate_bh_lru+0x128/0x234 [ 77.184649][ T5009] smp_call_function_many_cond+0xa50/0xeb0 [ 77.185529][ T5009] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.186299][ T5009] invalidate_bh_lrus+0x34/0x40 [ 77.186994][ T5009] blkdev_flush_mapping+0x168/0x31c [ 77.187744][ T5009] blkdev_put+0x490/0x6ac [ 77.188297][ T5009] kill_block_super+0x98/0xdc [ 77.188910][ T5009] deactivate_locked_super+0xb8/0x13c [ 77.189670][ T5009] mount_bdev+0x284/0x358 [ 77.190268][ T5009] sysv_mount+0x44/0x58 [ 77.190856][ T5009] legacy_get_tree+0xd4/0x16c [ 77.191489][ T5009] vfs_get_tree+0x90/0x274 [ 77.192089][ T5009] do_new_mount+0x228/0x810 [ 77.192679][ T5009] path_mount+0x5b4/0x1000 [ 77.193265][ T5009] __arm64_sys_mount+0x514/0x5e4 [ 77.193993][ T5009] invoke_syscall+0x98/0x2b8 [ 77.194632][ T5009] el0_svc_common+0x138/0x258 [ 77.195309][ T5009] do_el0_svc+0x58/0x14c [ 77.195961][ T5009] el0_svc+0x78/0x1e0 [ 77.196540][ T5009] el0t_64_sync_handler+0xcc/0xe4 [ 77.197282][ T5009] el0t_64_sync+0x1a0/0x1a4 [ 77.197949][ T5009] irq event stamp: 1182 [ 77.198585][ T5009] hardirqs last enabled at (1181): [] kasan_quarantine_put+0xc4/0x204 [ 77.199997][ T5009] hardirqs last disabled at (1182): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.201461][ T5009] softirqs last enabled at (1156): [] handle_softirqs+0xa4c/0xbf0 [ 77.202783][ T5009] softirqs last disabled at (1049): [] __irq_exit_rcu+0x240/0x440 [ 77.204112][ T5009] ---[ end trace 5519afa7f6d9eb53 ]--- [ 77.293794][ T5013] loop0: detected capacity change from 0 to 128 [ 77.342453][ T5013] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.343676][ T5013] Bad inode number on dev loop0: 2 is out of range [ 77.344698][ T5013] SysV FS: get root inode failed [ 77.345435][ T5013] oldfs: cannot read superblock [ 77.354202][ C1] ------------[ cut here ]------------ [ 77.355165][ C1] VFS: brelse: Trying to free free buffer [ 77.356049][ C1] WARNING: CPU: 1 PID: 5014 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.357378][ C1] Modules linked in: [ 77.357965][ C1] CPU: 1 PID: 5014 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.359243][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.360775][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.361921][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 77.362680][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 77.363403][ C1] sp : ffff800008017de0 [ 77.363980][ C1] x29: ffff800008017de0 x28: ffff0000c6cbd1c0 x27: 1fffe0003421a45c [ 77.365164][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 77.366347][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5c2df8 [ 77.367579][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 77.368819][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.370085][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.371350][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 8cfadf9ad8b5db00 [ 77.372479][ C1] x8 : 8cfadf9ad8b5db00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.373681][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.374874][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.376061][ C1] Call trace: [ 77.376583][ C1] invalidate_bh_lru+0x128/0x234 [ 77.377335][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.378163][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.379175][ C1] ipi_handler+0x10c/0x710 [ 77.379880][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 77.380713][ C1] handle_domain_irq+0x144/0x1fc [ 77.381507][ C1] gic_handle_irq+0x78/0x1c8 [ 77.382242][ C1] call_on_irq_stack+0x30/0x48 [ 77.382977][ C1] do_interrupt_handler+0x6c/0x88 [ 77.383776][ C1] el1_interrupt+0x30/0x58 [ 77.384480][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.385226][ C1] el1h_64_irq+0x78/0x7c [ 77.385868][ C1] __sanitizer_cov_trace_pc+0xa8/0xac [ 77.386640][ C1] unwind_frame+0x3a0/0x668 [ 77.387360][ C1] arch_stack_walk+0x200/0x2b4 [ 77.388010][ C1] stack_trace_save+0x94/0xd8 [ 77.388699][ C1] __kasan_slab_alloc+0x8c/0xcc [ 77.389375][ C1] slab_post_alloc_hook+0x74/0x408 [ 77.390060][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 77.390786][ C1] getname_flags+0xb8/0x450 [ 77.391487][ C1] __arm64_sys_symlinkat+0x94/0xbc [ 77.392219][ C1] invoke_syscall+0x98/0x2b8 [ 77.392930][ C1] el0_svc_common+0x138/0x258 [ 77.393658][ C1] do_el0_svc+0x58/0x14c [ 77.394260][ C1] el0_svc+0x78/0x1e0 [ 77.394855][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.395606][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.396274][ C1] irq event stamp: 752 [ 77.396850][ C1] hardirqs last enabled at (751): [] el0_svc_common+0x9c/0x258 [ 77.398289][ C1] hardirqs last disabled at (752): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.399701][ C1] softirqs last enabled at (508): [] local_bh_enable+0x10/0x34 [ 77.400971][ C1] softirqs last disabled at (506): [] local_bh_disable+0x10/0x34 [ 77.402299][ C1] ---[ end trace 5519afa7f6d9eb54 ]--- [ 77.434287][ T5015] loop0: detected capacity change from 0 to 128 [ 77.447072][ T5015] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.448300][ T5015] Bad inode number on dev loop0: 2 is out of range [ 77.449408][ T5015] SysV FS: get root inode failed [ 77.450330][ T5015] oldfs: cannot read superblock [ 77.458263][ T4580] ------------[ cut here ]------------ [ 77.459256][ T4580] VFS: brelse: Trying to free free buffer [ 77.460159][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.461437][ T4580] Modules linked in: [ 77.462022][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 77.463251][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.464734][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.465957][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 77.466833][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 77.467650][ T4580] sp : ffff80001fc377c0 [ 77.468267][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 77.469438][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 77.470725][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debaa6b8 [ 77.472077][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 77.473408][ T4580] x17: 0000000000000000 x16: ffff800008302164 x15: 00000000ffffffff [ 77.474726][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.476037][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 77.477234][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.478432][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff800008302274 [ 77.479630][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.480838][ T4580] Call trace: [ 77.481353][ T4580] invalidate_bh_lru+0x128/0x234 [ 77.482171][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 77.483038][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.483821][ T4580] invalidate_bh_lrus+0x34/0x40 [ 77.484527][ T4580] blkdev_flush_mapping+0x168/0x31c [ 77.485323][ T4580] blkdev_put+0x490/0x6ac [ 77.485968][ T4580] blkdev_close+0x74/0xb0 [ 77.486646][ T4580] __fput+0x1c0/0x7f8 [ 77.487245][ T4580] ____fput+0x20/0x30 [ 77.487846][ T4580] task_work_run+0x12c/0x1e0 [ 77.488559][ T4580] do_notify_resume+0x24b4/0x3128 [ 77.489350][ T4580] el0_svc+0xf0/0x1e0 [ 77.489981][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 77.490671][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 77.491366][ T4580] irq event stamp: 166320 [ 77.492039][ T4580] hardirqs last enabled at (166319): [] kasan_quarantine_put+0xc4/0x204 [ 77.493466][ T4580] hardirqs last disabled at (166320): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.494964][ T4580] softirqs last enabled at (166046): [] local_bh_enable+0x10/0x34 [ 77.496455][ T4580] softirqs last disabled at (166044): [] local_bh_disable+0x10/0x34 [ 77.497828][ T4580] ---[ end trace 5519afa7f6d9eb55 ]--- [ 77.535923][ T5017] loop0: detected capacity change from 0 to 128 [ 77.581488][ T5017] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.582632][ T5017] Bad inode number on dev loop0: 2 is out of range [ 77.583524][ T5017] SysV FS: get root inode failed [ 77.584281][ T5017] oldfs: cannot read superblock [ 77.598380][ C0] ------------[ cut here ]------------ [ 77.599283][ C0] VFS: brelse: Trying to free free buffer [ 77.600200][ C0] WARNING: CPU: 0 PID: 5019 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.601463][ C0] Modules linked in: [ 77.602021][ C0] CPU: 0 PID: 5019 Comm: syz.0.43 Tainted: G W syzkaller #0 [ 77.603302][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.604840][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.606059][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 77.606875][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 77.607661][ C0] sp : ffff800008007de0 [ 77.608312][ C0] x29: ffff800008007de0 x28: ffff0000db7fd1c0 x27: 1fffe0003421625c [ 77.609552][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 77.610729][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debaaa58 [ 77.611970][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 77.613257][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.614620][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.615933][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 9ed3e4fbbdd00700 [ 77.617151][ C0] x8 : 9ed3e4fbbdd00700 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.618366][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.619732][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.621023][ C0] Call trace: [ 77.621550][ C0] invalidate_bh_lru+0x128/0x234 [ 77.622334][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.623273][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.624333][ C0] ipi_handler+0x10c/0x710 [ 77.625005][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 77.625788][ C0] handle_domain_irq+0x144/0x1fc [ 77.626461][ C0] gic_handle_irq+0x78/0x1c8 [ 77.627107][ C0] call_on_irq_stack+0x30/0x48 [ 77.627821][ C0] do_interrupt_handler+0x6c/0x88 [ 77.628528][ C0] el1_interrupt+0x30/0x58 [ 77.629196][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.629900][ C0] el1h_64_irq+0x78/0x7c [ 77.630538][ C0] lock_page_memcg+0x120/0x234 [ 77.631168][ C0] page_remove_rmap+0x3c/0xfd0 [ 77.631857][ C0] unmap_page_range+0xbb4/0x1958 [ 77.632627][ C0] unmap_single_vma+0x13c/0x1e4 [ 77.633332][ C0] unmap_vmas+0x104/0x200 [ 77.633921][ C0] exit_mmap+0x2a8/0x4e0 [ 77.634575][ C0] __mmput+0xec/0x3b8 [ 77.635160][ C0] mmput+0x80/0xc8 [ 77.635626][ C0] exit_mm+0x4a0/0x684 [ 77.636180][ C0] do_exit+0x4ec/0x1f58 [ 77.636767][ C0] do_group_exit+0x100/0x268 [ 77.637438][ C0] get_signal+0x73c/0x1340 [ 77.638116][ C0] do_notify_resume+0x35c/0x3128 [ 77.638788][ C0] el0_svc+0xf0/0x1e0 [ 77.639356][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.640134][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.640778][ C0] irq event stamp: 1440 [ 77.641424][ C0] hardirqs last enabled at (1439): [] lock_page_memcg+0x110/0x234 [ 77.642864][ C0] hardirqs last disabled at (1440): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.644298][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 77.645534][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 77.646933][ C0] ---[ end trace 5519afa7f6d9eb56 ]--- [ 77.689558][ T5021] loop0: detected capacity change from 0 to 128 [ 77.693174][ T5021] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.694318][ T5021] Bad inode number on dev loop0: 2 is out of range [ 77.695297][ T5021] SysV FS: get root inode failed [ 77.696059][ T5021] oldfs: cannot read superblock [ 77.702885][ T4580] ------------[ cut here ]------------ [ 77.703828][ T4580] VFS: brelse: Trying to free free buffer [ 77.704768][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.706079][ T4580] Modules linked in: [ 77.706656][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 77.707861][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.709372][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.710581][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 77.711440][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 77.712243][ T4580] sp : ffff80001fc377c0 [ 77.712884][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 77.714104][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 77.715270][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd720400 [ 77.716491][ T4580] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 77.717779][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.719021][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.720191][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 77.721392][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.722595][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.723814][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.725042][ T4580] Call trace: [ 77.725595][ T4580] invalidate_bh_lru+0x128/0x234 [ 77.726396][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 77.727283][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.728094][ T4580] invalidate_bh_lrus+0x34/0x40 [ 77.728906][ T4580] blkdev_flush_mapping+0x168/0x31c [ 77.729700][ T4580] blkdev_put+0x490/0x6ac [ 77.730319][ T4580] blkdev_close+0x74/0xb0 [ 77.730954][ T4580] __fput+0x1c0/0x7f8 [ 77.731525][ T4580] ____fput+0x20/0x30 [ 77.732133][ T4580] task_work_run+0x12c/0x1e0 [ 77.732896][ T4580] do_notify_resume+0x24b4/0x3128 [ 77.733703][ T4580] el0_svc+0xf0/0x1e0 [ 77.734342][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 77.735131][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 77.735780][ T4580] irq event stamp: 176834 [ 77.736454][ T4580] hardirqs last enabled at (176833): [] kasan_quarantine_put+0xc4/0x204 [ 77.737926][ T4580] hardirqs last disabled at (176834): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.739564][ T4580] softirqs last enabled at (176556): [] local_bh_enable+0x10/0x34 [ 77.740978][ T4580] softirqs last disabled at (176554): [] local_bh_disable+0x10/0x34 [ 77.742485][ T4580] ---[ end trace 5519afa7f6d9eb57 ]--- [ 77.790198][ T5023] loop0: detected capacity change from 0 to 128 [ 77.792889][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.793979][ T5023] Bad inode number on dev loop0: 2 is out of range [ 77.794924][ T5023] SysV FS: get root inode failed [ 77.795668][ T5023] oldfs: cannot read superblock [ 77.802561][ C0] ------------[ cut here ]------------ [ 77.803446][ C0] VFS: brelse: Trying to free free buffer [ 77.804374][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.805791][ C0] Modules linked in: [ 77.806380][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.807664][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.809156][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.810298][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 77.811100][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 77.811883][ C0] sp : ffff800008007de0 [ 77.812544][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 77.813833][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 77.815025][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debaadf8 [ 77.816261][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 77.817480][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.818707][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.819928][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 77.821159][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.822387][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.823535][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.824764][ C0] Call trace: [ 77.825239][ C0] invalidate_bh_lru+0x128/0x234 [ 77.825997][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.826867][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.827891][ C0] ipi_handler+0x10c/0x710 [ 77.828588][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 77.829404][ C0] handle_domain_irq+0x144/0x1fc [ 77.830158][ C0] gic_handle_irq+0x78/0x1c8 [ 77.830800][ C0] call_on_irq_stack+0x30/0x48 [ 77.831474][ C0] do_interrupt_handler+0x6c/0x88 [ 77.832244][ C0] el1_interrupt+0x30/0x58 [ 77.832894][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.833614][ C0] el1h_64_irq+0x78/0x7c [ 77.834217][ C0] __sanitizer_cov_trace_pc+0x74/0xac [ 77.835011][ C0] walk_stackframe+0x5c/0xa8 [ 77.835699][ C0] return_address+0xd0/0x144 [ 77.836387][ C0] preempt_count_add+0x13c/0x3bc [ 77.837097][ C0] _raw_spin_lock+0x24/0x10c [ 77.837732][ C0] alloc_vmap_area+0x14d0/0x1698 [ 77.838421][ C0] __get_vm_area_node+0x17c/0x2e8 [ 77.839138][ C0] __vmalloc_node_range+0xe8/0x8d8 [ 77.839914][ C0] vzalloc+0x118/0x190 [ 77.840524][ C0] alloc_counters+0x84/0x7a4 [ 77.841214][ C0] do_ipt_get_ctl+0xaf4/0x13a8 [ 77.841916][ C0] nf_getsockopt+0x264/0x284 [ 77.842618][ C0] ip_getsockopt+0xffc/0x158c [ 77.843326][ C0] tcp_getsockopt+0x208/0x2e78 [ 77.844052][ C0] sock_common_getsockopt+0xa8/0xc4 [ 77.844861][ C0] __sys_getsockopt+0x1b8/0x250 [ 77.845588][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 77.846502][ C0] invoke_syscall+0x98/0x2b8 [ 77.847199][ C0] el0_svc_common+0x138/0x258 [ 77.847949][ C0] do_el0_svc+0x58/0x14c [ 77.848608][ C0] el0_svc+0x78/0x1e0 [ 77.849210][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.850016][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.850689][ C0] irq event stamp: 256244 [ 77.851302][ C0] hardirqs last enabled at (256243): [] __local_bh_enable_ip+0x1f8/0x380 [ 77.852786][ C0] hardirqs last disabled at (256244): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.854288][ C0] softirqs last enabled at (256242): [] release_sock+0x1d0/0x258 [ 77.855695][ C0] softirqs last disabled at (256240): [] release_sock+0x34/0x258 [ 77.857137][ C0] ---[ end trace 5519afa7f6d9eb58 ]--- [ 77.900367][ T5025] loop0: detected capacity change from 0 to 128 [ 77.904917][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.906173][ T5025] Bad inode number on dev loop0: 2 is out of range [ 77.907130][ T5025] SysV FS: get root inode failed [ 77.907831][ T5025] oldfs: cannot read superblock [ 77.916104][ T4580] ------------[ cut here ]------------ [ 77.916951][ T4580] VFS: brelse: Trying to free free buffer [ 77.917822][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.919134][ T4580] Modules linked in: [ 77.919728][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 77.920905][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.922345][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.923525][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 77.924331][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 77.925205][ T4580] sp : ffff80001fc377c0 [ 77.925824][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 77.927118][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 77.928340][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba6230 [ 77.929461][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 77.930626][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.931820][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.932922][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 77.934087][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.935302][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.936490][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.937656][ T4580] Call trace: [ 77.938151][ T4580] invalidate_bh_lru+0x128/0x234 [ 77.938946][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 77.939793][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.940542][ T4580] invalidate_bh_lrus+0x34/0x40 [ 77.941253][ T4580] blkdev_flush_mapping+0x168/0x31c [ 77.941938][ T4580] blkdev_put+0x490/0x6ac [ 77.942577][ T4580] blkdev_close+0x74/0xb0 [ 77.943246][ T4580] __fput+0x1c0/0x7f8 [ 77.943837][ T4580] ____fput+0x20/0x30 [ 77.944442][ T4580] task_work_run+0x12c/0x1e0 [ 77.945134][ T4580] do_notify_resume+0x24b4/0x3128 [ 77.945882][ T4580] el0_svc+0xf0/0x1e0 [ 77.946461][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 77.947214][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 77.947897][ T4580] irq event stamp: 187538 [ 77.948518][ T4580] hardirqs last enabled at (187537): [] kasan_quarantine_put+0xc4/0x204 [ 77.949962][ T4580] hardirqs last disabled at (187538): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.951450][ T4580] softirqs last enabled at (187270): [] local_bh_enable+0x10/0x34 [ 77.952837][ T4580] softirqs last disabled at (187268): [] local_bh_disable+0x10/0x34 [ 77.954217][ T4580] ---[ end trace 5519afa7f6d9eb59 ]--- [ 78.001218][ T5027] loop0: detected capacity change from 0 to 128 [ 78.125400][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.126604][ T5027] Bad inode number on dev loop0: 2 is out of range [ 78.127538][ T5027] SysV FS: get root inode failed [ 78.128299][ T5027] oldfs: cannot read superblock [ 78.145572][ T4580] ------------[ cut here ]------------ [ 78.146449][ T4580] VFS: brelse: Trying to free free buffer [ 78.147404][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.148808][ T4580] Modules linked in: [ 78.149389][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 78.150713][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.152220][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.153334][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 78.154085][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 78.154828][ T4580] sp : ffff80001fc377c0 [ 78.155473][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 78.156739][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.157910][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd7207a0 [ 78.159211][ T4580] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 78.160386][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.161580][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.162792][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 78.164026][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.165336][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.166544][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.167747][ T4580] Call trace: [ 78.168216][ T4580] invalidate_bh_lru+0x128/0x234 [ 78.168912][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 78.169749][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.170474][ T4580] invalidate_bh_lrus+0x34/0x40 [ 78.171172][ T4580] blkdev_flush_mapping+0x168/0x31c [ 78.171981][ T4580] blkdev_put+0x490/0x6ac [ 78.172588][ T4580] blkdev_close+0x74/0xb0 [ 78.173196][ T4580] __fput+0x1c0/0x7f8 [ 78.173760][ T4580] ____fput+0x20/0x30 [ 78.174317][ T4580] task_work_run+0x12c/0x1e0 [ 78.174977][ T4580] do_notify_resume+0x24b4/0x3128 [ 78.175729][ T4580] el0_svc+0xf0/0x1e0 [ 78.176329][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 78.177081][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 78.177792][ T4580] irq event stamp: 196736 [ 78.178389][ T4580] hardirqs last enabled at (196735): [] kasan_quarantine_put+0xc4/0x204 [ 78.179925][ T4580] hardirqs last disabled at (196736): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.181453][ T4580] softirqs last enabled at (195922): [] local_bh_enable+0x10/0x34 [ 78.182813][ T4580] softirqs last disabled at (195920): [] local_bh_disable+0x10/0x34 [ 78.184127][ T4580] ---[ end trace 5519afa7f6d9eb5a ]--- [ 78.223279][ T5029] loop0: detected capacity change from 0 to 128 [ 78.261978][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.263191][ T5029] Bad inode number on dev loop0: 2 is out of range [ 78.264152][ T5029] SysV FS: get root inode failed [ 78.264899][ T5029] oldfs: cannot read superblock [ 78.274963][ C1] ------------[ cut here ]------------ [ 78.275854][ C1] VFS: brelse: Trying to free free buffer [ 78.276761][ C1] WARNING: CPU: 1 PID: 5030 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.278030][ C1] Modules linked in: [ 78.278524][ C1] CPU: 1 PID: 5030 Comm: syz.0.49 Tainted: G W syzkaller #0 [ 78.279757][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.281328][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.282524][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.283350][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.284171][ C1] sp : ffff800008017de0 [ 78.284827][ C1] x29: ffff800008017de0 x28: ffff0000cc473680 x27: 1fffe0003421a45c [ 78.286060][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.287305][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd720b40 [ 78.288539][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 78.289752][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.290956][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.292134][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : c786f7763ae3a300 [ 78.293297][ C1] x8 : c786f7763ae3a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.294542][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.295741][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.296917][ C1] Call trace: [ 78.297386][ C1] invalidate_bh_lru+0x128/0x234 [ 78.298122][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.298988][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.299956][ C1] ipi_handler+0x10c/0x710 [ 78.300557][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.301349][ C1] handle_domain_irq+0x144/0x1fc [ 78.302046][ C1] gic_handle_irq+0x78/0x1c8 [ 78.302744][ C1] call_on_irq_stack+0x30/0x48 [ 78.303469][ C1] do_interrupt_handler+0x6c/0x88 [ 78.304250][ C1] el1_interrupt+0x30/0x58 [ 78.304961][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.305706][ C1] el1h_64_irq+0x78/0x7c [ 78.306307][ C1] lock_page_memcg+0x120/0x234 [ 78.307012][ C1] page_add_file_rmap+0x148/0x8e4 [ 78.307690][ C1] do_set_pte+0x390/0x4dc [ 78.308358][ C1] filemap_map_pages+0x9c4/0xc50 [ 78.309076][ C1] handle_mm_fault+0x19c4/0x2970 [ 78.309786][ C1] do_page_fault+0x694/0xad4 [ 78.310416][ C1] do_translation_fault+0xe0/0x130 [ 78.311225][ C1] do_mem_abort+0x6c/0x1ac [ 78.311892][ C1] el0_ia+0xe0/0x2d0 [ 78.312478][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 78.313201][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.313864][ C1] irq event stamp: 1102 [ 78.314467][ C1] hardirqs last enabled at (1101): [] lock_page_memcg+0x110/0x234 [ 78.315811][ C1] hardirqs last disabled at (1102): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.317227][ C1] softirqs last enabled at (460): [] local_bh_enable+0x10/0x34 [ 78.318537][ C1] softirqs last disabled at (458): [] local_bh_disable+0x10/0x34 [ 78.319946][ C1] ---[ end trace 5519afa7f6d9eb5b ]--- [ 78.363217][ T5031] loop0: detected capacity change from 0 to 128 [ 78.402622][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.403847][ T5031] Bad inode number on dev loop0: 2 is out of range [ 78.404744][ T5031] SysV FS: get root inode failed [ 78.405890][ T5031] oldfs: cannot read superblock [ 78.417761][ T4580] ------------[ cut here ]------------ [ 78.418651][ T4580] VFS: brelse: Trying to free free buffer [ 78.419471][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.420752][ T4580] Modules linked in: [ 78.421311][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 78.422512][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.423975][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.425085][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 78.425839][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 78.426595][ T4580] sp : ffff80001fc377c0 [ 78.427176][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 78.428324][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 78.429473][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba65d0 [ 78.430623][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 78.431754][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.432868][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.433995][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 78.435119][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.436277][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.437457][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.438569][ T4580] Call trace: [ 78.439042][ T4580] invalidate_bh_lru+0x128/0x234 [ 78.439722][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 78.440625][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.441415][ T4580] invalidate_bh_lrus+0x34/0x40 [ 78.442177][ T4580] blkdev_flush_mapping+0x168/0x31c [ 78.442963][ T4580] blkdev_put+0x490/0x6ac [ 78.443619][ T4580] blkdev_close+0x74/0xb0 [ 78.444243][ T4580] __fput+0x1c0/0x7f8 [ 78.444800][ T4580] ____fput+0x20/0x30 [ 78.445408][ T4580] task_work_run+0x12c/0x1e0 [ 78.446128][ T4580] do_notify_resume+0x24b4/0x3128 [ 78.446829][ T4580] el0_svc+0xf0/0x1e0 [ 78.447375][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 78.448108][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 78.448747][ T4580] irq event stamp: 204742 [ 78.449354][ T4580] hardirqs last enabled at (204741): [] kasan_quarantine_put+0xc4/0x204 [ 78.450851][ T4580] hardirqs last disabled at (204742): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.452494][ T4580] softirqs last enabled at (204586): [] local_bh_enable+0x10/0x34 [ 78.453932][ T4580] softirqs last disabled at (204584): [] local_bh_disable+0x10/0x34 [ 78.455358][ T4580] ---[ end trace 5519afa7f6d9eb5c ]--- [ 78.474213][ T5033] loop0: detected capacity change from 0 to 128 [ 78.504253][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.505412][ T5033] Bad inode number on dev loop0: 2 is out of range [ 78.506506][ T5033] SysV FS: get root inode failed [ 78.507208][ T5033] oldfs: cannot read superblock [ 78.515186][ C0] ------------[ cut here ]------------ [ 78.516062][ C0] VFS: brelse: Trying to free free buffer [ 78.516956][ C0] WARNING: CPU: 0 PID: 5034 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.518223][ C0] Modules linked in: [ 78.518834][ C0] CPU: 0 PID: 5034 Comm: syz.0.51 Tainted: G W syzkaller #0 [ 78.520119][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.521610][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.522757][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.523570][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.524372][ C0] sp : ffff800008007de0 [ 78.524944][ C0] x29: ffff800008007de0 x28: ffff0000cf9b0000 x27: 1fffe0003421625c [ 78.526162][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 78.527365][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba6970 [ 78.528549][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.529689][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.530800][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.531966][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 15fca593a9c68c00 [ 78.533114][ C0] x8 : 15fca593a9c68c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.534341][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.535524][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.536715][ C0] Call trace: [ 78.537189][ C0] invalidate_bh_lru+0x128/0x234 [ 78.537883][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.538742][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.539748][ C0] ipi_handler+0x10c/0x710 [ 78.540410][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.541198][ C0] handle_domain_irq+0x144/0x1fc [ 78.541925][ C0] gic_handle_irq+0x78/0x1c8 [ 78.542578][ C0] call_on_irq_stack+0x30/0x48 [ 78.543209][ C0] do_interrupt_handler+0x6c/0x88 [ 78.543897][ C0] el1_interrupt+0x30/0x58 [ 78.544536][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.545245][ C0] el1h_64_irq+0x78/0x7c [ 78.545879][ C0] arch_local_irq_restore+0x8/0x10 [ 78.546670][ C0] ___might_sleep+0x48/0x4d4 [ 78.547342][ C0] __might_sleep+0x98/0x124 [ 78.548009][ C0] down_read+0x3c/0x390 [ 78.548569][ C0] validate_mm+0x94/0x86c [ 78.549165][ C0] __vma_adjust+0x1504/0x18a8 [ 78.549822][ C0] __split_vma+0x310/0x3f0 [ 78.550439][ C0] split_vma+0x9c/0xf4 [ 78.551046][ C0] mprotect_fixup+0x3cc/0x5c4 [ 78.551725][ C0] __arm64_sys_mprotect+0x4c4/0x8f4 [ 78.552495][ C0] invoke_syscall+0x98/0x2b8 [ 78.553080][ C0] el0_svc_common+0x138/0x258 [ 78.553759][ C0] do_el0_svc+0x58/0x14c [ 78.554358][ C0] el0_svc+0x78/0x1e0 [ 78.554913][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.555647][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.556302][ C0] irq event stamp: 1356 [ 78.556893][ C0] hardirqs last enabled at (1355): [] el0_svc_common+0x9c/0x258 [ 78.558209][ C0] hardirqs last disabled at (1356): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.559644][ C0] softirqs last enabled at (1120): [] local_bh_enable+0x10/0x34 [ 78.560930][ C0] softirqs last disabled at (1118): [] local_bh_disable+0x10/0x34 [ 78.562337][ C0] ---[ end trace 5519afa7f6d9eb5d ]--- [ 78.613208][ T5035] loop0: detected capacity change from 0 to 128 [ 78.615337][ T5035] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.616575][ T5035] Bad inode number on dev loop0: 2 is out of range [ 78.617511][ T5035] SysV FS: get root inode failed [ 78.618235][ T5035] oldfs: cannot read superblock [ 78.622973][ C1] ------------[ cut here ]------------ [ 78.623819][ C1] VFS: brelse: Trying to free free buffer [ 78.624704][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.625981][ C1] Modules linked in: [ 78.626586][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.627899][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.629393][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.630562][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.631293][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.632070][ C1] sp : ffff800008017de0 [ 78.632698][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 78.633843][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.635003][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd720ee0 [ 78.636189][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 78.637303][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.638491][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.639681][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 78.640874][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.642107][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.643333][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.644625][ C1] Call trace: [ 78.645130][ C1] invalidate_bh_lru+0x128/0x234 [ 78.645901][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.646754][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.647791][ C1] ipi_handler+0x10c/0x710 [ 78.648438][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.649210][ C1] handle_domain_irq+0x144/0x1fc [ 78.649882][ C1] gic_handle_irq+0x78/0x1c8 [ 78.650554][ C1] call_on_irq_stack+0x30/0x48 [ 78.651195][ C1] do_interrupt_handler+0x6c/0x88 [ 78.651960][ C1] el1_interrupt+0x30/0x58 [ 78.652568][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.653323][ C1] el1h_64_irq+0x78/0x7c [ 78.654030][ C1] __d_lookup+0x508/0x6a8 [ 78.654655][ C1] d_lookup+0x38/0x80 [ 78.655222][ C1] lookup_one_qstr_excl+0x3c/0x230 [ 78.655970][ C1] do_rmdir+0x18c/0x634 [ 78.656627][ C1] __arm64_sys_unlinkat+0xcc/0xfc [ 78.657436][ C1] invoke_syscall+0x98/0x2b8 [ 78.658134][ C1] el0_svc_common+0x138/0x258 [ 78.658841][ C1] do_el0_svc+0x58/0x14c [ 78.659473][ C1] el0_svc+0x78/0x1e0 [ 78.660056][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.660832][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.661502][ C1] irq event stamp: 273968 [ 78.662152][ C1] hardirqs last enabled at (273967): [] read_seqbegin+0x1fc/0x304 [ 78.663546][ C1] hardirqs last disabled at (273968): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.664940][ C1] softirqs last enabled at (273168): [] local_bh_enable+0x10/0x34 [ 78.666316][ C1] softirqs last disabled at (273166): [] local_bh_disable+0x10/0x34 [ 78.667707][ C1] ---[ end trace 5519afa7f6d9eb5e ]--- [ 78.707148][ T5037] loop0: detected capacity change from 0 to 128 [ 78.711097][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.712212][ T5037] Bad inode number on dev loop0: 2 is out of range [ 78.713100][ T5037] SysV FS: get root inode failed [ 78.714145][ T5037] oldfs: cannot read superblock [ 78.722462][ C0] ------------[ cut here ]------------ [ 78.723335][ C0] VFS: brelse: Trying to free free buffer [ 78.724224][ C0] WARNING: CPU: 0 PID: 5038 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.725512][ C0] Modules linked in: [ 78.726077][ C0] CPU: 0 PID: 5038 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.727426][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.728966][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.730058][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.730817][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.731601][ C0] sp : ffff800008007de0 [ 78.732243][ C0] x29: ffff800008007de0 x28: ffff0000eaf49b40 x27: 1fffe0003421625c [ 78.733499][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 78.734697][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba6d10 [ 78.735877][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.737047][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.738192][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.739438][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 1897bc94e7c9ad00 [ 78.740685][ C0] x8 : 1897bc94e7c9ad00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.741877][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.743046][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.744207][ C0] Call trace: [ 78.744686][ C0] invalidate_bh_lru+0x128/0x234 [ 78.745393][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.746233][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.747230][ C0] ipi_handler+0x10c/0x710 [ 78.747902][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.748728][ C0] handle_domain_irq+0x144/0x1fc [ 78.749439][ C0] gic_handle_irq+0x78/0x1c8 [ 78.750131][ C0] call_on_irq_stack+0x30/0x48 [ 78.750831][ C0] do_interrupt_handler+0x6c/0x88 [ 78.751560][ C0] el1_interrupt+0x30/0x58 [ 78.752193][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.752940][ C0] el1h_64_irq+0x78/0x7c [ 78.753541][ C0] pick_link+0x400/0xbc8 [ 78.754169][ C0] step_into+0x874/0xa24 [ 78.754818][ C0] walk_component+0x1f0/0x3a8 [ 78.755521][ C0] link_path_walk+0x590/0xb8c [ 78.756215][ C0] path_openat+0x1c0/0x26e4 [ 78.756870][ C0] do_filp_open+0x164/0x330 [ 78.757506][ C0] do_sys_openat2+0x128/0x3d8 [ 78.758210][ C0] __arm64_sys_openat+0x120/0x154 [ 78.758915][ C0] invoke_syscall+0x98/0x2b8 [ 78.759603][ C0] el0_svc_common+0x138/0x258 [ 78.760313][ C0] do_el0_svc+0x58/0x14c [ 78.760901][ C0] el0_svc+0x78/0x1e0 [ 78.761510][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.762297][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.762920][ C0] irq event stamp: 782 [ 78.763495][ C0] hardirqs last enabled at (781): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 78.765066][ C0] hardirqs last disabled at (782): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.766455][ C0] softirqs last enabled at (508): [] local_bh_enable+0x10/0x34 [ 78.767769][ C0] softirqs last disabled at (506): [] local_bh_disable+0x10/0x34 [ 78.769039][ C0] ---[ end trace 5519afa7f6d9eb5f ]--- [ 78.803016][ T5039] loop0: detected capacity change from 0 to 128 [ 78.805662][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.806775][ T5039] Bad inode number on dev loop0: 2 is out of range [ 78.807751][ T5039] SysV FS: get root inode failed [ 78.808479][ T5039] oldfs: cannot read superblock [ 78.814065][ C1] ------------[ cut here ]------------ [ 78.814888][ C1] VFS: brelse: Trying to free free buffer [ 78.815747][ C1] WARNING: CPU: 1 PID: 3663 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.817076][ C1] Modules linked in: [ 78.817680][ C1] CPU: 1 PID: 3663 Comm: udevd Tainted: G W syzkaller #0 [ 78.818836][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.820319][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.821546][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.822335][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.823170][ C1] sp : ffff800008017de0 [ 78.823775][ C1] x29: ffff800008017de0 x28: ffff0000d73c0000 x27: 1fffe0003421a45c [ 78.824965][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.826142][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e319f400 [ 78.827274][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.828408][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.829539][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.830695][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 60ebf182a8fe0600 [ 78.831926][ C1] x8 : 60ebf182a8fe0600 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.833205][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.834536][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.835907][ C1] Call trace: [ 78.836459][ C1] invalidate_bh_lru+0x128/0x234 [ 78.837259][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.838180][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.839270][ C1] ipi_handler+0x10c/0x710 [ 78.839933][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.840754][ C1] handle_domain_irq+0x144/0x1fc [ 78.841479][ C1] gic_handle_irq+0x78/0x1c8 [ 78.842118][ C1] call_on_irq_stack+0x30/0x48 [ 78.842806][ C1] do_interrupt_handler+0x6c/0x88 [ 78.843535][ C1] el1_interrupt+0x30/0x58 [ 78.844136][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.844857][ C1] el1h_64_irq+0x78/0x7c [ 78.845410][ C1] __sanitizer_cov_trace_pc+0x1c/0xac [ 78.846200][ C1] tomoyo_check_path_acl+0x11c/0x1c8 [ 78.846965][ C1] tomoyo_check_acl+0x11c/0x378 [ 78.847687][ C1] tomoyo_path_permission+0x164/0x310 [ 78.848467][ C1] tomoyo_check_open_permission+0x1d0/0x2fc [ 78.849343][ C1] tomoyo_file_open+0x130/0x1b0 [ 78.850043][ C1] security_file_open+0x6c/0xac [ 78.850744][ C1] do_dentry_open+0x29c/0xebc [ 78.851425][ C1] vfs_open+0x7c/0x90 [ 78.851982][ C1] path_openat+0x1f80/0x26e4 [ 78.852649][ C1] do_filp_open+0x164/0x330 [ 78.853322][ C1] do_sys_openat2+0x128/0x3d8 [ 78.854015][ C1] __arm64_sys_openat+0x120/0x154 [ 78.854764][ C1] invoke_syscall+0x98/0x2b8 [ 78.855395][ C1] el0_svc_common+0x138/0x258 [ 78.856061][ C1] do_el0_svc+0x58/0x14c [ 78.856719][ C1] el0_svc+0x78/0x1e0 [ 78.857288][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.857955][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.858658][ C1] irq event stamp: 1254786 [ 78.859371][ C1] hardirqs last enabled at (1254785): [] kasan_quarantine_put+0xc4/0x204 [ 78.860891][ C1] hardirqs last disabled at (1254786): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.862271][ C1] softirqs last enabled at (1254728): [] local_bh_enable+0x10/0x34 [ 78.863624][ C1] softirqs last disabled at (1254726): [] local_bh_disable+0x10/0x34 [ 78.864952][ C1] ---[ end trace 5519afa7f6d9eb60 ]--- [ 78.919360][ T5041] loop0: detected capacity change from 0 to 128 [ 78.922759][ T5041] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.924229][ T5041] Bad inode number on dev loop0: 2 is out of range [ 78.925250][ T5041] SysV FS: get root inode failed [ 78.926045][ T5041] oldfs: cannot read superblock [ 78.932035][ C0] ------------[ cut here ]------------ [ 78.932973][ C0] VFS: brelse: Trying to free free buffer [ 78.933828][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.935140][ C0] Modules linked in: [ 78.935775][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.937069][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.938476][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.939484][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.940288][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.941109][ C0] sp : ffff800008007de0 [ 78.941706][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 78.942894][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 78.944060][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba2148 [ 78.945213][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.946371][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.947524][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.948640][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 78.949810][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.951034][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.952204][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.953349][ C0] Call trace: [ 78.953827][ C0] invalidate_bh_lru+0x128/0x234 [ 78.954532][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.955393][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.956401][ C0] ipi_handler+0x10c/0x710 [ 78.957040][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.957834][ C0] handle_domain_irq+0x144/0x1fc [ 78.958529][ C0] gic_handle_irq+0x78/0x1c8 [ 78.959205][ C0] call_on_irq_stack+0x30/0x48 [ 78.959894][ C0] do_interrupt_handler+0x6c/0x88 [ 78.960622][ C0] el1_interrupt+0x30/0x58 [ 78.961272][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.961990][ C0] el1h_64_irq+0x78/0x7c [ 78.962615][ C0] __sanitizer_cov_trace_const_cmp8+0xb8/0xc0 [ 78.963422][ C0] arch_stack_walk+0x200/0x2b4 [ 78.964056][ C0] stack_trace_save+0x94/0xd8 [ 78.964766][ C0] __kasan_slab_alloc+0x8c/0xcc [ 78.965465][ C0] slab_post_alloc_hook+0x74/0x408 [ 78.966214][ C0] kmem_cache_alloc_node+0x204/0x41c [ 78.966986][ C0] alloc_vmap_area+0x134/0x1698 [ 78.967688][ C0] __get_vm_area_node+0x17c/0x2e8 [ 78.968382][ C0] __vmalloc_node_range+0xe8/0x8d8 [ 78.969094][ C0] vzalloc+0x118/0x190 [ 78.969668][ C0] alloc_counters+0x84/0x7a4 [ 78.970334][ C0] do_ipt_get_ctl+0xaf4/0x13a8 [ 78.971027][ C0] nf_getsockopt+0x264/0x284 [ 78.971696][ C0] ip_getsockopt+0xffc/0x158c [ 78.972386][ C0] tcp_getsockopt+0x208/0x2e78 [ 78.973042][ C0] sock_common_getsockopt+0xa8/0xc4 [ 78.973752][ C0] __sys_getsockopt+0x1b8/0x250 [ 78.974514][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 78.975299][ C0] invoke_syscall+0x98/0x2b8 [ 78.975951][ C0] el0_svc_common+0x138/0x258 [ 78.976600][ C0] do_el0_svc+0x58/0x14c [ 78.977181][ C0] el0_svc+0x78/0x1e0 [ 78.977719][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.978434][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.979057][ C0] irq event stamp: 284562 [ 78.979693][ C0] hardirqs last enabled at (284561): [] ___slab_alloc+0xc34/0xda8 [ 78.981029][ C0] hardirqs last disabled at (284562): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.982471][ C0] softirqs last enabled at (284554): [] release_sock+0x1d0/0x258 [ 78.983825][ C0] softirqs last disabled at (284552): [] release_sock+0x34/0x258 [ 78.985415][ C0] ---[ end trace 5519afa7f6d9eb61 ]--- [ 79.013665][ T5043] loop0: detected capacity change from 0 to 128 [ 79.053978][ T5043] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.055154][ T5043] Bad inode number on dev loop0: 2 is out of range [ 79.056117][ T5043] SysV FS: get root inode failed [ 79.056849][ T5043] oldfs: cannot read superblock [ 79.063382][ C1] ------------[ cut here ]------------ [ 79.064220][ C1] VFS: brelse: Trying to free free buffer [ 79.065076][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.066277][ C1] Modules linked in: [ 79.066783][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.067996][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.069402][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.070504][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 79.071261][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 79.072000][ C1] sp : ffff800008017de0 [ 79.072608][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 79.073792][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 79.074983][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e319f7a0 [ 79.076101][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.077239][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.078401][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.079598][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 79.080833][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.082031][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.083342][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.084531][ C1] Call trace: [ 79.085024][ C1] invalidate_bh_lru+0x128/0x234 [ 79.085746][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.086723][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.087918][ C1] ipi_handler+0x10c/0x710 [ 79.088626][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 79.089448][ C1] handle_domain_irq+0x144/0x1fc [ 79.090219][ C1] gic_handle_irq+0x78/0x1c8 [ 79.090953][ C1] call_on_irq_stack+0x30/0x48 [ 79.091736][ C1] do_interrupt_handler+0x6c/0x88 [ 79.092578][ C1] el1_interrupt+0x30/0x58 [ 79.093301][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.094006][ C1] el1h_64_irq+0x78/0x7c [ 79.094677][ C1] stack_depot_save+0x180/0x49c [ 79.095401][ C1] __kasan_slab_alloc+0xa8/0xcc [ 79.096146][ C1] slab_post_alloc_hook+0x74/0x408 [ 79.096863][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 79.097676][ C1] prepare_creds+0x44/0x71c [ 79.098469][ C1] copy_creds+0x114/0xc9c [ 79.099156][ C1] copy_process+0x858/0x34ac [ 79.099894][ C1] kernel_clone+0x1d8/0x9d4 [ 79.100644][ C1] __arm64_sys_clone+0x138/0x190 [ 79.101448][ C1] invoke_syscall+0x98/0x2b8 [ 79.102152][ C1] el0_svc_common+0x138/0x258 [ 79.102835][ C1] do_el0_svc+0x58/0x14c [ 79.103432][ C1] el0_svc+0x78/0x1e0 [ 79.104031][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.104798][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.105442][ C1] irq event stamp: 288050 [ 79.106129][ C1] hardirqs last enabled at (288049): [] ___slab_alloc+0xc34/0xda8 [ 79.107550][ C1] hardirqs last disabled at (288050): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.109053][ C1] softirqs last enabled at (288024): [] local_bh_enable+0x10/0x34 [ 79.110467][ C1] softirqs last disabled at (288022): [] local_bh_disable+0x10/0x34 [ 79.111848][ C1] ---[ end trace 5519afa7f6d9eb62 ]--- [ 79.153240][ T5045] loop0: detected capacity change from 0 to 128 [ 79.155529][ T5045] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.156700][ T5045] Bad inode number on dev loop0: 2 is out of range [ 79.157694][ T5045] SysV FS: get root inode failed [ 79.158433][ T5045] oldfs: cannot read superblock [ 79.163987][ C0] ------------[ cut here ]------------ [ 79.164852][ C0] VFS: brelse: Trying to free free buffer [ 79.165740][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.167053][ C0] Modules linked in: [ 79.167666][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.169022][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.170440][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.171590][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.172346][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.173155][ C0] sp : ffff800008007de0 [ 79.173749][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 79.174921][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.176146][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba24e8 [ 79.177395][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.178584][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.179785][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.180955][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 79.182117][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.183256][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.184354][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.185461][ C0] Call trace: [ 79.185922][ C0] invalidate_bh_lru+0x128/0x234 [ 79.186571][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.187369][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.188372][ C0] ipi_handler+0x10c/0x710 [ 79.189022][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.189820][ C0] handle_domain_irq+0x144/0x1fc [ 79.190542][ C0] gic_handle_irq+0x78/0x1c8 [ 79.191238][ C0] call_on_irq_stack+0x30/0x48 [ 79.191894][ C0] do_interrupt_handler+0x6c/0x88 [ 79.192651][ C0] el1_interrupt+0x30/0x58 [ 79.193287][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.194045][ C0] el1h_64_irq+0x78/0x7c [ 79.194614][ C0] kasan_quarantine_put+0xd4/0x204 [ 79.195366][ C0] ____kasan_slab_free+0x124/0x164 [ 79.196111][ C0] __kasan_slab_free+0x18/0x28 [ 79.196858][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 79.197623][ C0] kfree+0x170/0x40c [ 79.198227][ C0] kvfree+0x40/0x50 [ 79.198763][ C0] __vunmap+0x8e4/0x9bc [ 79.199339][ C0] vfree+0xbc/0x154 [ 79.199927][ C0] do_ip6t_get_ctl+0x10ec/0x13a8 [ 79.200615][ C0] nf_getsockopt+0x264/0x284 [ 79.201275][ C0] ipv6_getsockopt+0x52c/0x2584 [ 79.202027][ C0] tcp_getsockopt+0x208/0x2e78 [ 79.202740][ C0] sock_common_getsockopt+0xa8/0xc4 [ 79.203442][ C0] __sys_getsockopt+0x1b8/0x250 [ 79.204120][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 79.204814][ C0] invoke_syscall+0x98/0x2b8 [ 79.205456][ C0] el0_svc_common+0x138/0x258 [ 79.206195][ C0] do_el0_svc+0x58/0x14c [ 79.206778][ C0] el0_svc+0x78/0x1e0 [ 79.207312][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.208024][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.208727][ C0] irq event stamp: 290430 [ 79.209400][ C0] hardirqs last enabled at (290429): [] kasan_quarantine_put+0xc4/0x204 [ 79.210871][ C0] hardirqs last disabled at (290430): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.212404][ C0] softirqs last enabled at (290322): [] release_sock+0x1d0/0x258 [ 79.213744][ C0] softirqs last disabled at (290320): [] release_sock+0x34/0x258 [ 79.215137][ C0] ---[ end trace 5519afa7f6d9eb63 ]--- [ 79.272449][ T5047] loop0: detected capacity change from 0 to 128 [ 79.280068][ T5047] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.281114][ T5047] Bad inode number on dev loop0: 2 is out of range [ 79.282010][ T5047] SysV FS: get root inode failed [ 79.282732][ T5047] oldfs: cannot read superblock [ 79.283531][ T5047] ------------[ cut here ]------------ [ 79.284389][ T5047] VFS: brelse: Trying to free free buffer [ 79.285293][ T5047] WARNING: CPU: 1 PID: 5047 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.286518][ T5047] Modules linked in: [ 79.287052][ T5047] CPU: 1 PID: 5047 Comm: syz.0.57 Tainted: G W syzkaller #0 [ 79.288363][ T5047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.289902][ T5047] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.291057][ T5047] pc : invalidate_bh_lru+0x128/0x234 [ 79.291870][ T5047] lr : invalidate_bh_lru+0x128/0x234 [ 79.292626][ T5047] sp : ffff80001fb876e0 [ 79.293226][ T5047] x29: ffff80001fb876e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 79.294389][ T5047] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 79.295635][ T5047] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e319fb40 [ 79.296796][ T5047] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 79.297981][ T5047] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.299247][ T5047] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.300400][ T5047] x11: 0000000000000002 x10: 0000000000000000 x9 : 101cecc124e66400 [ 79.301622][ T5047] x8 : 101cecc124e66400 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.302807][ T5047] x5 : ffff80001fb86fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.304089][ T5047] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.305244][ T5047] Call trace: [ 79.305731][ T5047] invalidate_bh_lru+0x128/0x234 [ 79.306501][ T5047] smp_call_function_many_cond+0xa50/0xeb0 [ 79.307360][ T5047] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.308164][ T5047] invalidate_bh_lrus+0x34/0x40 [ 79.308886][ T5047] blkdev_flush_mapping+0x168/0x31c [ 79.309636][ T5047] blkdev_put+0x490/0x6ac [ 79.310290][ T5047] kill_block_super+0x98/0xdc [ 79.310964][ T5047] deactivate_locked_super+0xb8/0x13c [ 79.311737][ T5047] mount_bdev+0x284/0x358 [ 79.312367][ T5047] sysv_mount+0x44/0x58 [ 79.312950][ T5047] legacy_get_tree+0xd4/0x16c [ 79.313613][ T5047] vfs_get_tree+0x90/0x274 [ 79.314292][ T5047] do_new_mount+0x228/0x810 [ 79.314946][ T5047] path_mount+0x5b4/0x1000 [ 79.315658][ T5047] __arm64_sys_mount+0x514/0x5e4 [ 79.316340][ T5047] invoke_syscall+0x98/0x2b8 [ 79.316983][ T5047] el0_svc_common+0x138/0x258 [ 79.317657][ T5047] do_el0_svc+0x58/0x14c [ 79.318266][ T5047] el0_svc+0x78/0x1e0 [ 79.318832][ T5047] el0t_64_sync_handler+0xcc/0xe4 [ 79.319515][ T5047] el0t_64_sync+0x1a0/0x1a4 [ 79.320135][ T5047] irq event stamp: 1036 [ 79.320699][ T5047] hardirqs last enabled at (1035): [] kasan_quarantine_put+0xc4/0x204 [ 79.322120][ T5047] hardirqs last disabled at (1036): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.323645][ T5047] softirqs last enabled at (844): [] local_bh_enable+0x10/0x34 [ 79.325026][ T5047] softirqs last disabled at (842): [] local_bh_disable+0x10/0x34 [ 79.326402][ T5047] ---[ end trace 5519afa7f6d9eb64 ]--- [ 79.419092][ T5049] loop0: detected capacity change from 0 to 128 [ 79.421386][ T5049] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.422607][ T5049] Bad inode number on dev loop0: 2 is out of range [ 79.423621][ T5049] SysV FS: get root inode failed [ 79.424376][ T5049] oldfs: cannot read superblock [ 79.425146][ C1] ------------[ cut here ]------------ [ 79.425967][ C1] VFS: brelse: Trying to free free buffer [ 79.426854][ C1] WARNING: CPU: 1 PID: 3663 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.428211][ C1] Modules linked in: [ 79.428824][ C1] CPU: 1 PID: 3663 Comm: udevd Tainted: G W syzkaller #0 [ 79.430093][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.431635][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.432822][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 79.433629][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 79.434391][ C1] sp : ffff800008017de0 [ 79.434984][ C1] x29: ffff800008017de0 x28: ffff0000d73c0000 x27: 1fffe0003421a45b [ 79.436195][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 79.437448][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e302adf8 [ 79.438689][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010002 [ 79.439804][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.440954][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.442135][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 60ebf182a8fe0600 [ 79.443351][ C1] x8 : 60ebf182a8fe0600 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.444545][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.445773][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.446994][ C1] Call trace: [ 79.447420][ C1] invalidate_bh_lru+0x128/0x234 [ 79.448124][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.449053][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.450070][ C1] ipi_handler+0x10c/0x710 [ 79.450704][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 79.451527][ C1] handle_domain_irq+0x144/0x1fc [ 79.452226][ C1] gic_handle_irq+0x78/0x1c8 [ 79.452939][ C1] call_on_irq_stack+0x30/0x48 [ 79.453681][ C1] do_interrupt_handler+0x6c/0x88 [ 79.454444][ C1] el1_interrupt+0x30/0x58 [ 79.455102][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.455815][ C1] el1h_64_irq+0x78/0x7c [ 79.456451][ C1] __sanitizer_cov_trace_pc+0x8/0xac [ 79.457211][ C1] unwind_frame+0x3c4/0x668 [ 79.457869][ C1] arch_stack_walk+0x200/0x2b4 [ 79.458544][ C1] stack_trace_save+0x94/0xd8 [ 79.459258][ C1] kasan_set_track+0x4c/0x84 [ 79.459963][ C1] kasan_set_free_info+0x28/0x4c [ 79.460720][ C1] ____kasan_slab_free+0x118/0x164 [ 79.461490][ C1] __kasan_slab_free+0x18/0x28 [ 79.462196][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 79.463008][ C1] kfree+0x170/0x40c [ 79.463581][ C1] tomoyo_path_perm+0x334/0x440 [ 79.464274][ C1] tomoyo_inode_getattr+0x28/0x38 [ 79.465016][ C1] security_inode_getattr+0xd8/0x124 [ 79.465817][ C1] __arm64_sys_newfstat+0xe8/0x1d0 [ 79.466504][ C1] invoke_syscall+0x98/0x2b8 [ 79.467160][ C1] el0_svc_common+0x138/0x258 [ 79.467878][ C1] do_el0_svc+0x58/0x14c [ 79.468503][ C1] el0_svc+0x78/0x1e0 [ 79.469108][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.469776][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.470370][ C1] irq event stamp: 1273504 [ 79.471030][ C1] hardirqs last enabled at (1273503): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 79.472492][ C1] hardirqs last disabled at (1273504): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.473950][ C1] softirqs last enabled at (1273438): [] local_bh_enable+0x10/0x34 [ 79.475295][ C1] softirqs last disabled at (1273436): [] local_bh_disable+0x10/0x34 [ 79.476625][ C1] ---[ end trace 5519afa7f6d9eb65 ]--- [ 79.562824][ T5051] loop0: detected capacity change from 0 to 128 [ 79.564988][ T5051] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.566188][ T5051] Bad inode number on dev loop0: 2 is out of range [ 79.567209][ T5051] SysV FS: get root inode failed [ 79.567928][ T5051] oldfs: cannot read superblock [ 79.577766][ C0] ------------[ cut here ]------------ [ 79.578614][ C0] VFS: brelse: Trying to free free buffer [ 79.579498][ C0] WARNING: CPU: 0 PID: 5053 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.580923][ C0] Modules linked in: [ 79.581472][ C0] CPU: 0 PID: 5053 Comm: syz.0.60 Tainted: G W syzkaller #0 [ 79.582760][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.584174][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.585337][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.586137][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.586941][ C0] sp : ffff800008007de0 [ 79.587571][ C0] x29: ffff800008007de0 x28: ffff0000ced23680 x27: 1fffe0003421625c [ 79.588836][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.590027][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba2888 [ 79.591204][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.592421][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.593612][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.594789][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : aa2a41cbec43de00 [ 79.596000][ C0] x8 : aa2a41cbec43de00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.597192][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.598459][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.599609][ C0] Call trace: [ 79.600071][ C0] invalidate_bh_lru+0x128/0x234 [ 79.600799][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.601662][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.602611][ C0] ipi_handler+0x10c/0x710 [ 79.603236][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.604102][ C0] handle_domain_irq+0x144/0x1fc [ 79.604829][ C0] gic_handle_irq+0x78/0x1c8 [ 79.605513][ C0] call_on_irq_stack+0x30/0x48 [ 79.606230][ C0] do_interrupt_handler+0x6c/0x88 [ 79.606956][ C0] el0_interrupt+0x94/0x260 [ 79.607650][ C0] __el0_irq_handler_common+0x18/0x24 [ 79.608509][ C0] el0t_64_irq_handler+0x10/0x1c [ 79.609236][ C0] el0t_64_irq+0x1a0/0x1a4 [ 79.609872][ C0] irq event stamp: 134 [ 79.610463][ C0] hardirqs last enabled at (133): [] el0t_64_sync_handler+0xd8/0xe4 [ 79.611951][ C0] hardirqs last disabled at (134): [] __el0_irq_handler_common+0x18/0x24 [ 79.613458][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 79.614736][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 79.615972][ C0] ---[ end trace 5519afa7f6d9eb66 ]--- 1970/01/01 00:01:19 executed programs: 47 [ 79.653236][ T5053] loop0: detected capacity change from 0 to 128 [ 79.715328][ T5053] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.716471][ T5053] Bad inode number on dev loop0: 2 is out of range [ 79.717417][ T5053] SysV FS: get root inode failed [ 79.718113][ T5053] oldfs: cannot read superblock [ 79.725914][ T4580] ------------[ cut here ]------------ [ 79.726766][ T4580] VFS: brelse: Trying to free free buffer [ 79.727740][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.729141][ T4580] Modules linked in: [ 79.729761][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 79.731019][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.732398][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.733531][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 79.734353][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 79.735136][ T4580] sp : ffff80001fc377c0 [ 79.735804][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 79.736972][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 79.738133][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e302b230 [ 79.739265][ T4580] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 79.740485][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.741704][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.742927][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 79.744078][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.745254][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.746527][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.747829][ T4580] Call trace: [ 79.748304][ T4580] invalidate_bh_lru+0x128/0x234 [ 79.748998][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 79.749868][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.750623][ T4580] invalidate_bh_lrus+0x34/0x40 [ 79.751326][ T4580] blkdev_flush_mapping+0x168/0x31c [ 79.752126][ T4580] blkdev_put+0x490/0x6ac [ 79.752762][ T4580] blkdev_close+0x74/0xb0 [ 79.753408][ T4580] __fput+0x1c0/0x7f8 [ 79.754023][ T4580] ____fput+0x20/0x30 [ 79.754607][ T4580] task_work_run+0x12c/0x1e0 [ 79.755302][ T4580] do_notify_resume+0x24b4/0x3128 [ 79.756096][ T4580] el0_svc+0xf0/0x1e0 [ 79.756688][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 79.757494][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 79.758212][ T4580] irq event stamp: 253584 [ 79.758859][ T4580] hardirqs last enabled at (253583): [] kasan_quarantine_put+0xc4/0x204 [ 79.760284][ T4580] hardirqs last disabled at (253584): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.761813][ T4580] softirqs last enabled at (253328): [] local_bh_enable+0x10/0x34 [ 79.763191][ T4580] softirqs last disabled at (253326): [] local_bh_disable+0x10/0x34 [ 79.764630][ T4580] ---[ end trace 5519afa7f6d9eb67 ]--- [ 79.793001][ T5055] loop0: detected capacity change from 0 to 128 [ 79.795151][ T5055] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.796304][ T5055] Bad inode number on dev loop0: 2 is out of range [ 79.797457][ T5055] SysV FS: get root inode failed [ 79.798232][ T5055] oldfs: cannot read superblock [ 79.804328][ T4580] ------------[ cut here ]------------ [ 79.805134][ T4580] VFS: brelse: Trying to free free buffer [ 79.806007][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.807367][ T4580] Modules linked in: [ 79.807934][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 79.809172][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.810611][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.811734][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 79.812490][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 79.813255][ T4580] sp : ffff80001fc377c0 [ 79.813827][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 79.815005][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 79.816283][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e302b5d0 [ 79.817515][ T4580] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 79.818743][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.819959][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.821199][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 79.822415][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.823594][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.824731][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.825951][ T4580] Call trace: [ 79.826445][ T4580] invalidate_bh_lru+0x128/0x234 [ 79.827193][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 79.828024][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.828752][ T4580] invalidate_bh_lrus+0x34/0x40 [ 79.829476][ T4580] blkdev_flush_mapping+0x168/0x31c [ 79.830275][ T4580] blkdev_put+0x490/0x6ac [ 79.830925][ T4580] blkdev_close+0x74/0xb0 [ 79.831565][ T4580] __fput+0x1c0/0x7f8 [ 79.832138][ T4580] ____fput+0x20/0x30 [ 79.832741][ T4580] task_work_run+0x12c/0x1e0 [ 79.833411][ T4580] do_notify_resume+0x24b4/0x3128 [ 79.834163][ T4580] el0_svc+0xf0/0x1e0 [ 79.834747][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 79.835416][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 79.836066][ T4580] irq event stamp: 257154 [ 79.836663][ T4580] hardirqs last enabled at (257153): [] kasan_quarantine_put+0xc4/0x204 [ 79.838024][ T4580] hardirqs last disabled at (257154): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.839619][ T4580] softirqs last enabled at (256894): [] local_bh_enable+0x10/0x34 [ 79.841009][ T4580] softirqs last disabled at (256892): [] local_bh_disable+0x10/0x34 [ 79.842417][ T4580] ---[ end trace 5519afa7f6d9eb68 ]--- [ 79.893145][ T5057] loop0: detected capacity change from 0 to 128 [ 79.947288][ T5057] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.948537][ T5057] Bad inode number on dev loop0: 2 is out of range [ 79.949462][ T5057] SysV FS: get root inode failed [ 79.950299][ T5057] oldfs: cannot read superblock [ 79.955586][ C0] ------------[ cut here ]------------ [ 79.956433][ C0] VFS: brelse: Trying to free free buffer [ 79.957343][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.958595][ C0] Modules linked in: [ 79.959154][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.960531][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.961981][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.963166][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.963976][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.964770][ C0] sp : ffff800008007de0 [ 79.965351][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 79.966523][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.967662][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deba2c28 [ 79.968963][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.970231][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.971471][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.972631][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 79.973890][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.975145][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.976354][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.977551][ C0] Call trace: [ 79.978008][ C0] invalidate_bh_lru+0x128/0x234 [ 79.978786][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.979787][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.980997][ C0] ipi_handler+0x10c/0x710 [ 79.981715][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.982581][ C0] handle_domain_irq+0x144/0x1fc [ 79.983302][ C0] gic_handle_irq+0x78/0x1c8 [ 79.983990][ C0] call_on_irq_stack+0x30/0x48 [ 79.984773][ C0] do_interrupt_handler+0x6c/0x88 [ 79.985631][ C0] el1_interrupt+0x30/0x58 [ 79.986341][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.987169][ C0] el1h_64_irq+0x78/0x7c [ 79.987881][ C0] __sanitizer_cov_trace_pc+0x30/0xac [ 79.988757][ C0] nf_getsockopt+0x264/0x284 [ 79.989419][ C0] ipv6_getsockopt+0x52c/0x2584 [ 79.990135][ C0] tcp_getsockopt+0x208/0x2e78 [ 79.990804][ C0] sock_common_getsockopt+0xa8/0xc4 [ 79.991550][ C0] __sys_getsockopt+0x1b8/0x250 [ 79.992289][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 79.993045][ C0] invoke_syscall+0x98/0x2b8 [ 79.993740][ C0] el0_svc_common+0x138/0x258 [ 79.994414][ C0] do_el0_svc+0x58/0x14c [ 79.995076][ C0] el0_svc+0x78/0x1e0 [ 79.995639][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.996350][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.997013][ C0] irq event stamp: 308410 [ 79.997670][ C0] hardirqs last enabled at (308409): [] el0_svc_common+0x9c/0x258 [ 79.998972][ C0] hardirqs last disabled at (308410): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.000499][ C0] softirqs last enabled at (308250): [] release_sock+0x1d0/0x258 [ 80.001923][ C0] softirqs last disabled at (308248): [] release_sock+0x34/0x258 [ 80.003271][ C0] ---[ end trace 5519afa7f6d9eb69 ]--- [ 80.033316][ T5059] loop0: detected capacity change from 0 to 128 [ 80.111000][ T5059] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.112187][ T5059] Bad inode number on dev loop0: 2 is out of range [ 80.113165][ T5059] SysV FS: get root inode failed [ 80.113922][ T5059] oldfs: cannot read superblock [ 80.114647][ T5059] ------------[ cut here ]------------ [ 80.115483][ T5059] VFS: brelse: Trying to free free buffer [ 80.116386][ T5059] WARNING: CPU: 1 PID: 5059 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.117622][ T5059] Modules linked in: [ 80.118158][ T5059] CPU: 1 PID: 5059 Comm: syz.0.63 Tainted: G W syzkaller #0 [ 80.119385][ T5059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.120837][ T5059] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.122072][ T5059] pc : invalidate_bh_lru+0x128/0x234 [ 80.122861][ T5059] lr : invalidate_bh_lru+0x128/0x234 [ 80.123716][ T5059] sp : ffff80001fb976e0 [ 80.124318][ T5059] x29: ffff80001fb976e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 80.125630][ T5059] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 80.126827][ T5059] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e302b970 [ 80.128001][ T5059] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 80.129150][ T5059] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.130324][ T5059] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.131564][ T5059] x11: 0000000000000002 x10: 0000000000000000 x9 : 47a89d09d56b1200 [ 80.132739][ T5059] x8 : 47a89d09d56b1200 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.133870][ T5059] x5 : ffff80001fb96fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.135032][ T5059] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.136272][ T5059] Call trace: [ 80.136768][ T5059] invalidate_bh_lru+0x128/0x234 [ 80.137509][ T5059] smp_call_function_many_cond+0xa50/0xeb0 [ 80.138401][ T5059] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.139205][ T5059] invalidate_bh_lrus+0x34/0x40 [ 80.139933][ T5059] blkdev_flush_mapping+0x168/0x31c [ 80.140742][ T5059] blkdev_put+0x490/0x6ac [ 80.141368][ T5059] kill_block_super+0x98/0xdc [ 80.142111][ T5059] deactivate_locked_super+0xb8/0x13c [ 80.142945][ T5059] mount_bdev+0x284/0x358 [ 80.143616][ T5059] sysv_mount+0x44/0x58 [ 80.144234][ T5059] legacy_get_tree+0xd4/0x16c [ 80.144921][ T5059] vfs_get_tree+0x90/0x274 [ 80.145567][ T5059] do_new_mount+0x228/0x810 [ 80.146247][ T5059] path_mount+0x5b4/0x1000 [ 80.146975][ T5059] __arm64_sys_mount+0x514/0x5e4 [ 80.147691][ T5059] invoke_syscall+0x98/0x2b8 [ 80.148358][ T5059] el0_svc_common+0x138/0x258 [ 80.149081][ T5059] do_el0_svc+0x58/0x14c [ 80.149709][ T5059] el0_svc+0x78/0x1e0 [ 80.150351][ T5059] el0t_64_sync_handler+0xcc/0xe4 [ 80.151057][ T5059] el0t_64_sync+0x1a0/0x1a4 [ 80.151702][ T5059] irq event stamp: 1510 [ 80.152293][ T5059] hardirqs last enabled at (1509): [] kasan_quarantine_put+0xc4/0x204 [ 80.153871][ T5059] hardirqs last disabled at (1510): [] smp_call_function_many_cond+0xa44/0xeb0 [ 80.155418][ T5059] softirqs last enabled at (1328): [] local_bh_enable+0x10/0x34 [ 80.156745][ T5059] softirqs last disabled at (1326): [] local_bh_disable+0x10/0x34 [ 80.158053][ T5059] ---[ end trace 5519afa7f6d9eb6a ]--- [ 80.243244][ T5061] loop0: detected capacity change from 0 to 128 [ 80.252325][ T5061] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.253626][ T5061] Bad inode number on dev loop0: 2 is out of range [ 80.254578][ T5061] SysV FS: get root inode failed [ 80.255289][ T5061] oldfs: cannot read superblock [ 80.257423][ C1] ------------[ cut here ]------------ [ 80.258250][ C1] VFS: brelse: Trying to free free buffer [ 80.259127][ C1] WARNING: CPU: 1 PID: 5061 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.260433][ C1] Modules linked in: [ 80.261042][ C1] CPU: 1 PID: 5061 Comm: syz.0.64 Tainted: G W syzkaller #0 [ 80.262355][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.263829][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.264985][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.265740][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.266565][ C1] sp : ffff800008017de0 [ 80.267185][ C1] x29: ffff800008017de0 x28: ffff0000d69851c0 x27: 1fffe0003421a45c [ 80.268332][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 80.269446][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e302bd10 [ 80.270691][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 80.271907][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.273153][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.274357][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 9eb1405f88ace600 [ 80.275567][ C1] x8 : 9eb1405f88ace600 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.276830][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.278012][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.279272][ C1] Call trace: [ 80.279790][ C1] invalidate_bh_lru+0x128/0x234 [ 80.280484][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.281379][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.282416][ C1] ipi_handler+0x10c/0x710 [ 80.283031][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.283807][ C1] handle_domain_irq+0x144/0x1fc [ 80.284483][ C1] gic_handle_irq+0x78/0x1c8 [ 80.285136][ C1] call_on_irq_stack+0x30/0x48 [ 80.285864][ C1] do_interrupt_handler+0x6c/0x88 [ 80.286619][ C1] el1_interrupt+0x30/0x58 [ 80.287301][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.288071][ C1] el1h_64_irq+0x78/0x7c [ 80.288696][ C1] free_pgd_range+0x9d0/0xc04 [ 80.289511][ C1] free_pgtables+0x23c/0x278 [ 80.290296][ C1] exit_mmap+0x2bc/0x4e0 [ 80.291005][ C1] __mmput+0xec/0x3b8 [ 80.291669][ C1] mmput+0x80/0xc8 [ 80.292295][ C1] exit_mm+0x4a0/0x684 [ 80.292940][ C1] do_exit+0x4ec/0x1f58 [ 80.293606][ C1] do_group_exit+0x100/0x268 [ 80.294403][ C1] get_signal+0x73c/0x1340 [ 80.295095][ C1] do_notify_resume+0x35c/0x3128 [ 80.295831][ C1] el0_svc+0xf0/0x1e0 [ 80.296411][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.297170][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.297836][ C1] irq event stamp: 2406 [ 80.298467][ C1] hardirqs last enabled at (2405): [] pgtable_pmd_page_dtor+0x140/0x200 [ 80.299962][ C1] hardirqs last disabled at (2406): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.301382][ C1] softirqs last enabled at (1278): [] local_bh_enable+0x10/0x34 [ 80.302736][ C1] softirqs last disabled at (1276): [] local_bh_disable+0x10/0x34 [ 80.304111][ C1] ---[ end trace 5519afa7f6d9eb6b ]--- [ 80.376524][ T5063] loop0: detected capacity change from 0 to 128 [ 80.471537][ T5063] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.472669][ T5063] Bad inode number on dev loop0: 2 is out of range [ 80.473566][ T5063] SysV FS: get root inode failed [ 80.474231][ T5063] oldfs: cannot read superblock [ 80.483576][ T4580] ------------[ cut here ]------------ [ 80.484504][ T4580] VFS: brelse: Trying to free free buffer [ 80.485366][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.486629][ T4580] Modules linked in: [ 80.487227][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 80.488516][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.489929][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.491079][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 80.491873][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 80.492656][ T4580] sp : ffff80001fc377c0 [ 80.493289][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 80.494404][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 80.495604][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30e1060 [ 80.496747][ T4580] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 80.497892][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.499022][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.500136][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 80.501212][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.502407][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.503542][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.504733][ T4580] Call trace: [ 80.505248][ T4580] invalidate_bh_lru+0x128/0x234 [ 80.505990][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 80.506901][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.507697][ T4580] invalidate_bh_lrus+0x34/0x40 [ 80.508390][ T4580] blkdev_flush_mapping+0x168/0x31c [ 80.509145][ T4580] blkdev_put+0x490/0x6ac [ 80.509804][ T4580] blkdev_close+0x74/0xb0 [ 80.510438][ T4580] __fput+0x1c0/0x7f8 [ 80.511005][ T4580] ____fput+0x20/0x30 [ 80.511554][ T4580] task_work_run+0x12c/0x1e0 [ 80.512215][ T4580] do_notify_resume+0x24b4/0x3128 [ 80.512945][ T4580] el0_svc+0xf0/0x1e0 [ 80.513545][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 80.514296][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 80.514952][ T4580] irq event stamp: 276768 [ 80.515634][ T4580] hardirqs last enabled at (276767): [] kasan_quarantine_put+0xc4/0x204 [ 80.517092][ T4580] hardirqs last disabled at (276768): [] smp_call_function_many_cond+0xa44/0xeb0 [ 80.518587][ T4580] softirqs last enabled at (276482): [] local_bh_enable+0x10/0x34 [ 80.520039][ T4580] softirqs last disabled at (276480): [] local_bh_disable+0x10/0x34 [ 80.521401][ T4580] ---[ end trace 5519afa7f6d9eb6c ]--- [ 80.553870][ T5065] loop0: detected capacity change from 0 to 128 [ 80.592127][ T5065] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.593289][ T5065] Bad inode number on dev loop0: 2 is out of range [ 80.594260][ T5065] SysV FS: get root inode failed [ 80.594963][ T5065] oldfs: cannot read superblock [ 80.599604][ C0] ------------[ cut here ]------------ [ 80.600519][ C0] VFS: brelse: Trying to free free buffer [ 80.601434][ C0] WARNING: CPU: 0 PID: 5065 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.602773][ C0] Modules linked in: [ 80.603343][ C0] CPU: 0 PID: 5065 Comm: syz.0.66 Tainted: G W syzkaller #0 [ 80.604814][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.606255][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.607493][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.608244][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.609092][ C0] sp : ffff800008007de0 [ 80.609689][ C0] x29: ffff800008007de0 x28: ffff0000dc220000 x27: 1fffe0003421625c [ 80.610843][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 80.612026][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30e1400 [ 80.613198][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 80.614478][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.615679][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.616877][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 3c887d156918a400 [ 80.618125][ C0] x8 : 3c887d156918a400 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.619361][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.620592][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.621815][ C0] Call trace: [ 80.622255][ C0] invalidate_bh_lru+0x128/0x234 [ 80.622962][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.623854][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.624871][ C0] ipi_handler+0x10c/0x710 [ 80.625550][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.626335][ C0] handle_domain_irq+0x144/0x1fc [ 80.627052][ C0] gic_handle_irq+0x78/0x1c8 [ 80.627751][ C0] call_on_irq_stack+0x30/0x48 [ 80.628396][ C0] do_interrupt_handler+0x6c/0x88 [ 80.629180][ C0] el1_interrupt+0x30/0x58 [ 80.629806][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.630564][ C0] el1h_64_irq+0x78/0x7c [ 80.631194][ C0] lock_page_memcg+0x120/0x234 [ 80.631894][ C0] page_remove_rmap+0x3c/0xfd0 [ 80.632605][ C0] unmap_page_range+0xbb4/0x1958 [ 80.633351][ C0] unmap_single_vma+0x13c/0x1e4 [ 80.634053][ C0] unmap_vmas+0x104/0x200 [ 80.634696][ C0] exit_mmap+0x2a8/0x4e0 [ 80.635297][ C0] __mmput+0xec/0x3b8 [ 80.635807][ C0] mmput+0x80/0xc8 [ 80.636321][ C0] exit_mm+0x4a0/0x684 [ 80.636932][ C0] do_exit+0x4ec/0x1f58 [ 80.637557][ C0] do_group_exit+0x100/0x268 [ 80.638240][ C0] get_signal+0x73c/0x1340 [ 80.638930][ C0] do_notify_resume+0x35c/0x3128 [ 80.639625][ C0] el0_svc+0xf0/0x1e0 [ 80.640187][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.640911][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.641707][ C0] irq event stamp: 1782 [ 80.642342][ C0] hardirqs last enabled at (1781): [] lock_page_memcg+0x110/0x234 [ 80.643901][ C0] hardirqs last disabled at (1782): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.645478][ C0] softirqs last enabled at (1164): [] local_bh_enable+0x10/0x34 [ 80.646834][ C0] softirqs last disabled at (1162): [] local_bh_disable+0x10/0x34 [ 80.648286][ C0] ---[ end trace 5519afa7f6d9eb6d ]--- [ 80.690920][ T5067] loop0: detected capacity change from 0 to 128 [ 80.693397][ T5067] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.694548][ T5067] Bad inode number on dev loop0: 2 is out of range [ 80.695610][ T5067] SysV FS: get root inode failed [ 80.696344][ T5067] oldfs: cannot read superblock [ 80.702947][ T4580] ------------[ cut here ]------------ [ 80.703862][ T4580] VFS: brelse: Trying to free free buffer [ 80.704811][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.706078][ T4580] Modules linked in: [ 80.706668][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 80.707874][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.709303][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.710641][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 80.711488][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 80.712286][ T4580] sp : ffff80001fc377c0 [ 80.712886][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 80.714028][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 80.715221][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30e17a0 [ 80.716408][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 80.717554][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.718691][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.719841][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 80.720999][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.722131][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.723419][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.724649][ T4580] Call trace: [ 80.725124][ T4580] invalidate_bh_lru+0x128/0x234 [ 80.725838][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 80.726715][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.727453][ T4580] invalidate_bh_lrus+0x34/0x40 [ 80.728234][ T4580] blkdev_flush_mapping+0x168/0x31c [ 80.729062][ T4580] blkdev_put+0x490/0x6ac [ 80.729772][ T4580] blkdev_close+0x74/0xb0 [ 80.730433][ T4580] __fput+0x1c0/0x7f8 [ 80.731056][ T4580] ____fput+0x20/0x30 [ 80.731686][ T4580] task_work_run+0x12c/0x1e0 [ 80.732410][ T4580] do_notify_resume+0x24b4/0x3128 [ 80.733176][ T4580] el0_svc+0xf0/0x1e0 [ 80.733806][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 80.734505][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 80.735199][ T4580] irq event stamp: 288478 [ 80.735838][ T4580] hardirqs last enabled at (288477): [] kasan_quarantine_put+0xc4/0x204 [ 80.737310][ T4580] hardirqs last disabled at (288478): [] smp_call_function_many_cond+0xa44/0xeb0 [ 80.738923][ T4580] softirqs last enabled at (288210): [] local_bh_enable+0x10/0x34 [ 80.740227][ T4580] softirqs last disabled at (288208): [] local_bh_disable+0x10/0x34 [ 80.741566][ T4580] ---[ end trace 5519afa7f6d9eb6e ]--- [ 80.763677][ T5069] loop0: detected capacity change from 0 to 128 [ 80.767838][ T5069] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.769081][ T5069] Bad inode number on dev loop0: 2 is out of range [ 80.770139][ T5069] SysV FS: get root inode failed [ 80.770869][ T5069] oldfs: cannot read superblock [ 80.775177][ C0] ------------[ cut here ]------------ [ 80.776124][ C0] VFS: brelse: Trying to free free buffer [ 80.777024][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.778305][ C0] Modules linked in: [ 80.778867][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.780195][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.781654][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.782811][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.783630][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.784405][ C0] sp : ffff800008007de0 [ 80.785016][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 80.786214][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 80.787403][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30e1b40 [ 80.788534][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 80.789729][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.790996][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.792181][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 80.793379][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.794514][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.795755][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.797022][ C0] Call trace: [ 80.797540][ C0] invalidate_bh_lru+0x128/0x234 [ 80.798272][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.799136][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.800213][ C0] ipi_handler+0x10c/0x710 [ 80.800865][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.801611][ C0] handle_domain_irq+0x144/0x1fc [ 80.802285][ C0] gic_handle_irq+0x78/0x1c8 [ 80.802912][ C0] call_on_irq_stack+0x30/0x48 [ 80.803637][ C0] do_interrupt_handler+0x6c/0x88 [ 80.804360][ C0] el1_interrupt+0x30/0x58 [ 80.804963][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.805771][ C0] el1h_64_irq+0x78/0x7c [ 80.806409][ C0] __sanitizer_cov_trace_pc+0x30/0xac [ 80.807196][ C0] __check_object_size+0x180/0x4f4 [ 80.807981][ C0] strncpy_from_user+0xbc/0x598 [ 80.808729][ C0] getname_flags+0xec/0x450 [ 80.809472][ C0] user_path_at_empty+0x40/0x1a0 [ 80.810160][ C0] vfs_statx+0xf4/0x458 [ 80.810810][ C0] __arm64_sys_newfstatat+0x10c/0x190 [ 80.811648][ C0] invoke_syscall+0x98/0x2b8 [ 80.812409][ C0] el0_svc_common+0x138/0x258 [ 80.813099][ C0] do_el0_svc+0x58/0x14c [ 80.813707][ C0] el0_svc+0x78/0x1e0 [ 80.814248][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.814996][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.815682][ C0] irq event stamp: 325786 [ 80.816250][ C0] hardirqs last enabled at (325785): [] el0_svc_common+0x9c/0x258 [ 80.817682][ C0] hardirqs last disabled at (325786): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.819249][ C0] softirqs last enabled at (325136): [] local_bh_enable+0x10/0x34 [ 80.820719][ C0] softirqs last disabled at (325134): [] local_bh_disable+0x10/0x34 [ 80.822144][ C0] ---[ end trace 5519afa7f6d9eb6f ]--- [ 80.868728][ T5071] loop0: detected capacity change from 0 to 128 [ 80.872032][ T5071] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.873164][ T5071] Bad inode number on dev loop0: 2 is out of range [ 80.874184][ T5071] SysV FS: get root inode failed [ 80.874891][ T5071] oldfs: cannot read superblock [ 80.883758][ C1] ------------[ cut here ]------------ [ 80.884751][ C1] VFS: brelse: Trying to free free buffer [ 80.885729][ C1] WARNING: CPU: 1 PID: 5072 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.887116][ C1] Modules linked in: [ 80.887690][ C1] CPU: 1 PID: 5072 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.888919][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.890360][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.891485][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.892234][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.893001][ C1] sp : ffff800008017de0 [ 80.893603][ C1] x29: ffff800008017de0 x28: ffff0000d594b680 x27: 1fffe0003421a45c [ 80.894836][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 80.895983][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5cab40 [ 80.897154][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 80.898324][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.899564][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.900771][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 488405472c109b00 [ 80.901946][ C1] x8 : 488405472c109b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.903155][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.904389][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.905604][ C1] Call trace: [ 80.906081][ C1] invalidate_bh_lru+0x128/0x234 [ 80.906835][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.907736][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.908999][ C1] ipi_handler+0x10c/0x710 [ 80.909689][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.910527][ C1] handle_domain_irq+0x144/0x1fc [ 80.911203][ C1] gic_handle_irq+0x78/0x1c8 [ 80.911894][ C1] call_on_irq_stack+0x30/0x48 [ 80.912636][ C1] do_interrupt_handler+0x6c/0x88 [ 80.913372][ C1] el1_interrupt+0x30/0x58 [ 80.914067][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.914787][ C1] el1h_64_irq+0x78/0x7c [ 80.915416][ C1] __sanitizer_cov_trace_pc+0x4/0xac [ 80.916207][ C1] do_page_fault+0x694/0xad4 [ 80.916892][ C1] do_mem_abort+0x6c/0x1ac [ 80.917535][ C1] el0_da+0x90/0x1fc [ 80.918117][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 80.918833][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.919518][ C1] irq event stamp: 110 [ 80.920080][ C1] hardirqs last enabled at (109): [] count_memcg_event_mm+0x1b0/0x308 [ 80.921575][ C1] hardirqs last disabled at (110): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.923223][ C1] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 80.924581][ C1] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 80.925965][ C1] ---[ end trace 5519afa7f6d9eb70 ]--- [ 80.963471][ T5073] loop0: detected capacity change from 0 to 128 [ 80.993292][ T5073] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.994484][ T5073] Bad inode number on dev loop0: 2 is out of range [ 80.995542][ T5073] SysV FS: get root inode failed [ 80.996305][ T5073] oldfs: cannot read superblock [ 81.004153][ C0] ------------[ cut here ]------------ [ 81.004964][ C0] VFS: brelse: Trying to free free buffer [ 81.005844][ C0] WARNING: CPU: 0 PID: 5074 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.007247][ C0] Modules linked in: [ 81.007784][ C0] CPU: 0 PID: 5074 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.009089][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.010533][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.011644][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.012462][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.013243][ C0] sp : ffff800008007de0 [ 81.013854][ C0] x29: ffff800008007de0 x28: ffff0000dc5b0000 x27: 1fffe0003421625b [ 81.015014][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 81.016215][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30e1ee0 [ 81.017377][ C0] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000010003 [ 81.018711][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.019915][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.021018][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 595bb22cb245c100 [ 81.022160][ C0] x8 : 595bb22cb245c100 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.023444][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.024587][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.025758][ C0] Call trace: [ 81.026271][ C0] invalidate_bh_lru+0x128/0x234 [ 81.026964][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.027850][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.028855][ C0] ipi_handler+0x10c/0x710 [ 81.029492][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.030310][ C0] handle_domain_irq+0x144/0x1fc [ 81.031063][ C0] gic_handle_irq+0x78/0x1c8 [ 81.031737][ C0] call_on_irq_stack+0x30/0x48 [ 81.032478][ C0] do_interrupt_handler+0x6c/0x88 [ 81.033222][ C0] el1_interrupt+0x30/0x58 [ 81.033888][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.034596][ C0] el1h_64_irq+0x78/0x7c [ 81.035224][ C0] next_uptodate_page+0x10/0x734 [ 81.035918][ C0] handle_mm_fault+0x19c4/0x2970 [ 81.036694][ C0] do_page_fault+0x694/0xad4 [ 81.037392][ C0] do_translation_fault+0xe0/0x130 [ 81.038171][ C0] do_mem_abort+0x6c/0x1ac [ 81.038806][ C0] el0_ia+0xe0/0x2d0 [ 81.039382][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 81.040172][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.040830][ C0] irq event stamp: 444 [ 81.041363][ C0] hardirqs last enabled at (443): [] lock_page_memcg+0x110/0x234 [ 81.042713][ C0] hardirqs last disabled at (444): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.044088][ C0] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 81.045354][ C0] softirqs last disabled at (12): [] local_bh_disable+0x10/0x34 [ 81.046680][ C0] ---[ end trace 5519afa7f6d9eb71 ]--- [ 81.081317][ T5075] loop0: detected capacity change from 0 to 128 [ 81.143730][ T5075] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.144947][ T5075] Bad inode number on dev loop0: 2 is out of range [ 81.145922][ T5075] SysV FS: get root inode failed [ 81.146713][ T5075] oldfs: cannot read superblock [ 81.153475][ C1] ------------[ cut here ]------------ [ 81.154370][ C1] VFS: brelse: Trying to free free buffer [ 81.155249][ C1] WARNING: CPU: 1 PID: 5076 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.156539][ C1] Modules linked in: [ 81.157085][ C1] CPU: 1 PID: 5076 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.158345][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.159876][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.161014][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.161765][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.162563][ C1] sp : ffff800008017de0 [ 81.163186][ C1] x29: ffff800008017de0 x28: ffff0000d5948000 x27: 1fffe0003421a45c [ 81.164419][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 81.165613][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5caee0 [ 81.166829][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 81.168042][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.169234][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.170420][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : d9049bef981bdd00 [ 81.171630][ C1] x8 : d9049bef981bdd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.172926][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.174150][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.175427][ C1] Call trace: [ 81.175954][ C1] invalidate_bh_lru+0x128/0x234 [ 81.176685][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.177537][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.178611][ C1] ipi_handler+0x10c/0x710 [ 81.179238][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.180075][ C1] handle_domain_irq+0x144/0x1fc [ 81.180837][ C1] gic_handle_irq+0x78/0x1c8 [ 81.181491][ C1] call_on_irq_stack+0x30/0x48 [ 81.182166][ C1] do_interrupt_handler+0x6c/0x88 [ 81.182893][ C1] el1_interrupt+0x30/0x58 [ 81.183589][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.184358][ C1] el1h_64_irq+0x78/0x7c [ 81.184984][ C1] ___slab_alloc+0x2e8/0xda8 [ 81.185598][ C1] __slab_alloc+0x68/0xc0 [ 81.186204][ C1] kmem_cache_alloc+0x2ac/0x3e4 [ 81.186886][ C1] shmem_alloc_inode+0x20/0x38 [ 81.187558][ C1] new_inode_pseudo+0x68/0x1fc [ 81.188274][ C1] new_inode+0x38/0x174 [ 81.188832][ C1] shmem_get_inode+0x2d8/0x96c [ 81.189476][ C1] shmem_symlink+0xa4/0x4a0 [ 81.190116][ C1] vfs_symlink+0x238/0x3b0 [ 81.190715][ C1] do_symlinkat+0x184/0x5a8 [ 81.191361][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 81.192067][ C1] invoke_syscall+0x98/0x2b8 [ 81.192704][ C1] el0_svc_common+0x138/0x258 [ 81.193380][ C1] do_el0_svc+0x58/0x14c [ 81.193979][ C1] el0_svc+0x78/0x1e0 [ 81.194538][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.195204][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.195823][ C1] irq event stamp: 718 [ 81.196379][ C1] hardirqs last enabled at (717): [] ___slab_alloc+0x2d8/0xda8 [ 81.197993][ C1] hardirqs last disabled at (718): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.199688][ C1] softirqs last enabled at (508): [] local_bh_enable+0x10/0x34 [ 81.201217][ C1] softirqs last disabled at (506): [] local_bh_disable+0x10/0x34 [ 81.202722][ C1] ---[ end trace 5519afa7f6d9eb72 ]--- [ 81.243218][ T5077] loop0: detected capacity change from 0 to 128 [ 81.245502][ T5077] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.246695][ T5077] Bad inode number on dev loop0: 2 is out of range [ 81.247641][ T5077] SysV FS: get root inode failed [ 81.248371][ T5077] oldfs: cannot read superblock [ 81.252840][ C0] ------------[ cut here ]------------ [ 81.253629][ C0] VFS: brelse: Trying to free free buffer [ 81.254506][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.255847][ C0] Modules linked in: [ 81.256464][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.257792][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.259231][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.260327][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.261072][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.261873][ C0] sp : ffff800008007de0 [ 81.262495][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 81.263660][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 81.264809][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3055318 [ 81.266030][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 81.267236][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.268439][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.269612][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 81.270853][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.271998][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.273130][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.274277][ C0] Call trace: [ 81.274747][ C0] invalidate_bh_lru+0x128/0x234 [ 81.275390][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.276252][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.277236][ C0] ipi_handler+0x10c/0x710 [ 81.277866][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.278678][ C0] handle_domain_irq+0x144/0x1fc [ 81.279423][ C0] gic_handle_irq+0x78/0x1c8 [ 81.280109][ C0] call_on_irq_stack+0x30/0x48 [ 81.280853][ C0] do_interrupt_handler+0x6c/0x88 [ 81.281529][ C0] el1_interrupt+0x30/0x58 [ 81.282159][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.282902][ C0] el1h_64_irq+0x78/0x7c [ 81.283573][ C0] __sanitizer_cov_trace_pc+0xa8/0xac [ 81.284382][ C0] check_preemption_disabled+0x38/0x164 [ 81.285171][ C0] debug_smp_processor_id+0x20/0x2c [ 81.285956][ C0] rcu_is_watching+0x50/0x134 [ 81.286627][ C0] lock_release+0xb4/0x8e8 [ 81.287299][ C0] rcu_lock_release+0x2c/0x38 [ 81.287983][ C0] mntput_no_expire+0x2a4/0x73c [ 81.288690][ C0] path_umount+0x1e0/0x1108 [ 81.289379][ C0] __arm64_sys_umount+0x12c/0x178 [ 81.290097][ C0] invoke_syscall+0x98/0x2b8 [ 81.290754][ C0] el0_svc_common+0x138/0x258 [ 81.291449][ C0] do_el0_svc+0x58/0x14c [ 81.292080][ C0] el0_svc+0x78/0x1e0 [ 81.292713][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.293440][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.294045][ C0] irq event stamp: 338306 [ 81.294685][ C0] hardirqs last enabled at (338305): [] kasan_quarantine_put+0xc4/0x204 [ 81.296238][ C0] hardirqs last disabled at (338306): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.297722][ C0] softirqs last enabled at (337816): [] local_bh_enable+0x10/0x34 [ 81.299066][ C0] softirqs last disabled at (337814): [] local_bh_disable+0x10/0x34 [ 81.300474][ C0] ---[ end trace 5519afa7f6d9eb73 ]--- [ 81.348647][ T5079] loop0: detected capacity change from 0 to 128 [ 81.352087][ T5079] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.353249][ T5079] Bad inode number on dev loop0: 2 is out of range [ 81.354301][ T5079] SysV FS: get root inode failed [ 81.355236][ T5079] oldfs: cannot read superblock [ 81.362199][ C1] ------------[ cut here ]------------ [ 81.363053][ C1] VFS: brelse: Trying to free free buffer [ 81.363866][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.365001][ C1] Modules linked in: [ 81.365513][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.366726][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.368094][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.369147][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.369906][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.370654][ C1] sp : ffff800008017de0 [ 81.371327][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 81.372568][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 81.373796][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd6060 [ 81.375010][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 81.376200][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.377464][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.378609][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 81.379870][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.381110][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.382332][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.383598][ C1] Call trace: [ 81.384101][ C1] invalidate_bh_lru+0x128/0x234 [ 81.384808][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.385724][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.386765][ C1] ipi_handler+0x10c/0x710 [ 81.387439][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.388426][ C1] handle_domain_irq+0x144/0x1fc [ 81.389291][ C1] gic_handle_irq+0x78/0x1c8 [ 81.389990][ C1] call_on_irq_stack+0x30/0x48 [ 81.390717][ C1] do_interrupt_handler+0x6c/0x88 [ 81.391487][ C1] el1_interrupt+0x30/0x58 [ 81.392179][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.392921][ C1] el1h_64_irq+0x78/0x7c [ 81.393548][ C1] lock_acquire+0x234/0x620 [ 81.394232][ C1] rcu_lock_acquire+0x38/0x44 [ 81.394936][ C1] get_obj_cgroup_from_current+0x17c/0x524 [ 81.395742][ C1] slab_pre_alloc_hook+0xa8/0xec [ 81.396517][ C1] kmem_cache_alloc+0x94/0x3e4 [ 81.397213][ C1] anon_vma_clone+0x90/0x470 [ 81.397871][ C1] anon_vma_fork+0x80/0x49c [ 81.398520][ C1] copy_mm+0x7bc/0x1090 [ 81.399125][ C1] copy_process+0x14d8/0x34ac [ 81.399812][ C1] kernel_clone+0x1d8/0x9d4 [ 81.400466][ C1] __arm64_sys_clone+0x138/0x190 [ 81.401206][ C1] invoke_syscall+0x98/0x2b8 [ 81.401914][ C1] el0_svc_common+0x138/0x258 [ 81.402609][ C1] do_el0_svc+0x58/0x14c [ 81.403257][ C1] el0_svc+0x78/0x1e0 [ 81.403852][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.404583][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.405225][ C1] irq event stamp: 343126 [ 81.405848][ C1] hardirqs last enabled at (343125): [] mod_objcg_mlstate+0x13c/0x228 [ 81.407211][ C1] hardirqs last disabled at (343126): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.408705][ C1] softirqs last enabled at (343050): [] local_bh_enable+0x10/0x34 [ 81.410168][ C1] softirqs last disabled at (343048): [] local_bh_disable+0x10/0x34 [ 81.411698][ C1] ---[ end trace 5519afa7f6d9eb74 ]--- [ 81.433966][ T5081] loop0: detected capacity change from 0 to 128 [ 81.436799][ T5081] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.437937][ T5081] Bad inode number on dev loop0: 2 is out of range [ 81.438925][ T5081] SysV FS: get root inode failed [ 81.439715][ T5081] oldfs: cannot read superblock [ 81.450844][ T4580] ------------[ cut here ]------------ [ 81.451717][ T4580] VFS: brelse: Trying to free free buffer [ 81.452588][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.453897][ T4580] Modules linked in: [ 81.454464][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 81.455637][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.457258][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.458457][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 81.459236][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 81.459980][ T4580] sp : ffff80001fc377c0 [ 81.460553][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 81.461805][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 81.463043][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd6400 [ 81.464225][ T4580] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 81.465432][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.466687][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.467975][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 81.469219][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.470352][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.471544][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.472759][ T4580] Call trace: [ 81.473249][ T4580] invalidate_bh_lru+0x128/0x234 [ 81.473979][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 81.474810][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.475549][ T4580] invalidate_bh_lrus+0x34/0x40 [ 81.476258][ T4580] blkdev_flush_mapping+0x168/0x31c [ 81.477033][ T4580] blkdev_put+0x490/0x6ac [ 81.477677][ T4580] blkdev_close+0x74/0xb0 [ 81.478327][ T4580] __fput+0x1c0/0x7f8 [ 81.478939][ T4580] ____fput+0x20/0x30 [ 81.479512][ T4580] task_work_run+0x12c/0x1e0 [ 81.480266][ T4580] do_notify_resume+0x24b4/0x3128 [ 81.481075][ T4580] el0_svc+0xf0/0x1e0 [ 81.481702][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 81.482521][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 81.483235][ T4580] irq event stamp: 319096 [ 81.483895][ T4580] hardirqs last enabled at (319095): [] kasan_quarantine_put+0xc4/0x204 [ 81.485416][ T4580] hardirqs last disabled at (319096): [] smp_call_function_many_cond+0xa44/0xeb0 [ 81.487014][ T4580] softirqs last enabled at (318842): [] local_bh_enable+0x10/0x34 [ 81.488449][ T4580] softirqs last disabled at (318840): [] local_bh_disable+0x10/0x34 [ 81.489912][ T4580] ---[ end trace 5519afa7f6d9eb75 ]--- [ 81.523448][ T5083] loop0: detected capacity change from 0 to 128 [ 81.563000][ T5083] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.564114][ T5083] Bad inode number on dev loop0: 2 is out of range [ 81.565051][ T5083] SysV FS: get root inode failed [ 81.565804][ T5083] oldfs: cannot read superblock [ 81.569857][ C1] ------------[ cut here ]------------ [ 81.570751][ C1] VFS: brelse: Trying to free free buffer [ 81.571653][ C1] WARNING: CPU: 1 PID: 5083 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.572965][ C1] Modules linked in: [ 81.573535][ C1] CPU: 1 PID: 5083 Comm: syz.0.75 Tainted: G W syzkaller #0 [ 81.574851][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.576398][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.577587][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.578407][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.579124][ C1] sp : ffff800008017de0 [ 81.579714][ C1] x29: ffff800008017de0 x28: ffff0000cc4c3680 x27: 1fffe0003421a45b [ 81.580887][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 81.582065][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd67a0 [ 81.583405][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010002 [ 81.584598][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.585765][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.586952][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : bc11f4eab627dc00 [ 81.588148][ C1] x8 : bc11f4eab627dc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.589301][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.590429][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.591591][ C1] Call trace: [ 81.592083][ C1] invalidate_bh_lru+0x128/0x234 [ 81.592773][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.593608][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.594608][ C1] ipi_handler+0x10c/0x710 [ 81.595245][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.596008][ C1] handle_domain_irq+0x144/0x1fc [ 81.596678][ C1] gic_handle_irq+0x78/0x1c8 [ 81.597309][ C1] call_on_irq_stack+0x30/0x48 [ 81.597994][ C1] do_interrupt_handler+0x6c/0x88 [ 81.598694][ C1] el1_interrupt+0x30/0x58 [ 81.599328][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.600041][ C1] el1h_64_irq+0x78/0x7c [ 81.600622][ C1] free_pgtables+0x4c/0x278 [ 81.601245][ C1] exit_mmap+0x2bc/0x4e0 [ 81.601827][ C1] __mmput+0xec/0x3b8 [ 81.602357][ C1] mmput+0x80/0xc8 [ 81.602879][ C1] exit_mm+0x4a0/0x684 [ 81.603446][ C1] do_exit+0x4ec/0x1f58 [ 81.604021][ C1] do_group_exit+0x100/0x268 [ 81.604709][ C1] get_signal+0x73c/0x1340 [ 81.605369][ C1] do_notify_resume+0x35c/0x3128 [ 81.606090][ C1] el0_svc+0xf0/0x1e0 [ 81.606660][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.607385][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.608016][ C1] irq event stamp: 2198 [ 81.608586][ C1] hardirqs last enabled at (2197): [] lock_page_memcg+0x110/0x234 [ 81.609856][ C1] hardirqs last disabled at (2198): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.611263][ C1] softirqs last enabled at (1130): [] local_bh_enable+0x10/0x34 [ 81.612618][ C1] softirqs last disabled at (1128): [] local_bh_disable+0x10/0x34 [ 81.613987][ C1] ---[ end trace 5519afa7f6d9eb76 ]--- [ 81.647964][ T5085] loop0: detected capacity change from 0 to 128 [ 81.681407][ T5085] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.690046][ T5085] Bad inode number on dev loop0: 2 is out of range [ 81.691112][ T5085] SysV FS: get root inode failed [ 81.691856][ T5085] oldfs: cannot read superblock [ 81.694155][ C0] ------------[ cut here ]------------ [ 81.695041][ C0] VFS: brelse: Trying to free free buffer [ 81.695919][ C0] WARNING: CPU: 0 PID: 5085 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.697192][ C0] Modules linked in: [ 81.697747][ C0] CPU: 0 PID: 5085 Comm: syz.0.76 Tainted: G W syzkaller #0 [ 81.698997][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.700472][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.701701][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.702500][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.703342][ C0] sp : ffff800008007de0 [ 81.703927][ C0] x29: ffff800008007de0 x28: ffff0000cd569b40 x27: 1fffe0003421625c [ 81.705124][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 81.706310][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30556b8 [ 81.707530][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 81.708736][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.709915][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.711048][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : abf142e033133c00 [ 81.712254][ C0] x8 : abf142e033133c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.713387][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.714553][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.715709][ C0] Call trace: [ 81.716187][ C0] invalidate_bh_lru+0x128/0x234 [ 81.716878][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.717727][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.718694][ C0] ipi_handler+0x10c/0x710 [ 81.719311][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.720135][ C0] handle_domain_irq+0x144/0x1fc [ 81.720842][ C0] gic_handle_irq+0x78/0x1c8 [ 81.721558][ C0] call_on_irq_stack+0x30/0x48 [ 81.722283][ C0] do_interrupt_handler+0x6c/0x88 [ 81.723081][ C0] el1_interrupt+0x30/0x58 [ 81.723688][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.724386][ C0] el1h_64_irq+0x78/0x7c [ 81.725008][ C0] uncharge_batch+0x1dc/0x330 [ 81.725689][ C0] __mem_cgroup_uncharge_list+0xa4/0xd4 [ 81.726462][ C0] release_pages+0x13c0/0x16e0 [ 81.727098][ C0] free_pages_and_swap_cache+0xa0/0xb8 [ 81.727829][ C0] tlb_finish_mmu+0x170/0x324 [ 81.728487][ C0] exit_mmap+0x2c4/0x4e0 [ 81.729112][ C0] __mmput+0xec/0x3b8 [ 81.729653][ C0] mmput+0x80/0xc8 [ 81.730129][ C0] exit_mm+0x4a0/0x684 [ 81.730664][ C0] do_exit+0x4ec/0x1f58 [ 81.731219][ C0] do_group_exit+0x100/0x268 [ 81.731901][ C0] get_signal+0x73c/0x1340 [ 81.732606][ C0] do_notify_resume+0x35c/0x3128 [ 81.733321][ C0] el0_svc+0xf0/0x1e0 [ 81.733955][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.734741][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.735362][ C0] irq event stamp: 2462 [ 81.735989][ C0] hardirqs last enabled at (2461): [] uncharge_batch+0x1cc/0x330 [ 81.737333][ C0] hardirqs last disabled at (2462): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.738678][ C0] softirqs last enabled at (862): [] local_bh_enable+0x10/0x34 [ 81.740112][ C0] softirqs last disabled at (860): [] local_bh_disable+0x10/0x34 [ 81.741419][ C0] ---[ end trace 5519afa7f6d9eb77 ]--- [ 81.819550][ T5087] loop0: detected capacity change from 0 to 128 [ 81.821892][ T5087] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.823146][ T5087] Bad inode number on dev loop0: 2 is out of range [ 81.824052][ T5087] SysV FS: get root inode failed [ 81.824796][ T5087] oldfs: cannot read superblock [ 81.834424][ C1] ------------[ cut here ]------------ [ 81.835338][ C1] VFS: brelse: Trying to free free buffer [ 81.836258][ C1] WARNING: CPU: 1 PID: 5089 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.837599][ C1] Modules linked in: [ 81.838168][ C1] CPU: 1 PID: 5089 Comm: syz.0.78 Tainted: G W syzkaller #0 [ 81.839420][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.840957][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.842114][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.842920][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.843716][ C1] sp : ffff800008017de0 [ 81.844328][ C1] x29: ffff800008017de0 x28: ffff0000da9c3680 x27: 1fffe0003421a45c [ 81.845586][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 81.846846][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd6b40 [ 81.848119][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 81.849352][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.850563][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.851827][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 2cd1917f8a41de00 [ 81.853003][ C1] x8 : 2cd1917f8a41de00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.854229][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.855354][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.856549][ C1] Call trace: [ 81.857019][ C1] invalidate_bh_lru+0x128/0x234 [ 81.857791][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.858657][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.859690][ C1] ipi_handler+0x10c/0x710 [ 81.860362][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.861151][ C1] handle_domain_irq+0x144/0x1fc [ 81.861860][ C1] gic_handle_irq+0x78/0x1c8 [ 81.862563][ C1] call_on_irq_stack+0x30/0x48 [ 81.863287][ C1] do_interrupt_handler+0x6c/0x88 [ 81.864062][ C1] el1_interrupt+0x30/0x58 [ 81.864703][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.865396][ C1] el1h_64_irq+0x78/0x7c [ 81.865982][ C1] __sanitizer_cov_trace_pc+0x3c/0xac [ 81.866797][ C1] check_preemption_disabled+0x38/0x164 [ 81.867634][ C1] debug_smp_processor_id+0x20/0x2c [ 81.868423][ C1] rcu_is_watching+0x50/0x134 [ 81.869094][ C1] count_memcg_event_mm+0x1ec/0x308 [ 81.869860][ C1] handle_mm_fault+0x1a0/0x2970 [ 81.870593][ C1] do_page_fault+0x694/0xad4 [ 81.871277][ C1] do_translation_fault+0xe0/0x130 [ 81.871974][ C1] do_mem_abort+0x6c/0x1ac [ 81.872621][ C1] el0_da+0x90/0x1fc [ 81.873179][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 81.873873][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.874581][ C1] irq event stamp: 284 [ 81.875205][ C1] hardirqs last enabled at (283): [] count_memcg_event_mm+0x1b0/0x308 [ 81.876672][ C1] hardirqs last disabled at (284): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.878201][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 81.879527][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 81.880878][ C1] ---[ end trace 5519afa7f6d9eb78 ]--- [ 81.903013][ T5089] loop0: detected capacity change from 0 to 128 [ 81.980856][ T5089] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.982037][ T5089] Bad inode number on dev loop0: 2 is out of range [ 81.983071][ T5089] SysV FS: get root inode failed [ 81.983843][ T5089] oldfs: cannot read superblock [ 81.994597][ C1] ------------[ cut here ]------------ [ 81.995501][ C1] VFS: brelse: Trying to free free buffer [ 81.996374][ C1] WARNING: CPU: 1 PID: 5091 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.997649][ C1] Modules linked in: [ 81.998200][ C1] CPU: 1 PID: 5091 Comm: syz.0.79 Tainted: G W syzkaller #0 [ 81.999465][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.000945][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.002051][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 82.002778][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 82.003568][ C1] sp : ffff800008017de0 [ 82.004164][ C1] x29: ffff800008017de0 x28: ffff0000d9891b40 x27: 1fffe0003421a45c [ 82.005313][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 82.006442][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd6ee0 [ 82.007635][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 82.008842][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.010131][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.011435][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 6025aa3baa7a9300 [ 82.012677][ C1] x8 : 6025aa3baa7a9300 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.013926][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.015194][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.016488][ C1] Call trace: [ 82.016985][ C1] invalidate_bh_lru+0x128/0x234 [ 82.017833][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.018812][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.019855][ C1] ipi_handler+0x10c/0x710 [ 82.020511][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 82.021356][ C1] handle_domain_irq+0x144/0x1fc [ 82.022092][ C1] gic_handle_irq+0x78/0x1c8 [ 82.022774][ C1] call_on_irq_stack+0x30/0x48 [ 82.023512][ C1] do_interrupt_handler+0x6c/0x88 [ 82.024284][ C1] el0_interrupt+0x94/0x260 [ 82.024987][ C1] __el0_irq_handler_common+0x18/0x24 [ 82.025792][ C1] el0t_64_irq_handler+0x10/0x1c [ 82.026501][ C1] el0t_64_irq+0x1a0/0x1a4 [ 82.027148][ C1] irq event stamp: 106 [ 82.027735][ C1] hardirqs last enabled at (105): [] el0t_64_sync_handler+0xd8/0xe4 [ 82.029086][ C1] hardirqs last disabled at (106): [] __el0_irq_handler_common+0x18/0x24 [ 82.030465][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 82.031723][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 82.032993][ C1] ---[ end trace 5519afa7f6d9eb79 ]--- [ 82.063069][ T5091] loop0: detected capacity change from 0 to 128 [ 82.101361][ T5091] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.102515][ T5091] Bad inode number on dev loop0: 2 is out of range [ 82.103508][ T5091] SysV FS: get root inode failed [ 82.104240][ T5091] oldfs: cannot read superblock [ 82.113158][ C0] ------------[ cut here ]------------ [ 82.114049][ C0] VFS: brelse: Trying to free free buffer [ 82.114999][ C0] WARNING: CPU: 0 PID: 5092 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.116315][ C0] Modules linked in: [ 82.116901][ C0] CPU: 0 PID: 5092 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.118213][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.119681][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.120815][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 82.121612][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 82.122388][ C0] sp : ffff800008007de0 [ 82.123042][ C0] x29: ffff800008007de0 x28: ffff0000d818d1c0 x27: 1fffe0003421625c [ 82.124227][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 82.125342][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3055a58 [ 82.126597][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 82.127835][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.129049][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.130252][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 5776d9971b7a1a00 [ 82.131454][ C0] x8 : 5776d9971b7a1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.132610][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.133735][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.134856][ C0] Call trace: [ 82.135313][ C0] invalidate_bh_lru+0x128/0x234 [ 82.136037][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.136961][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.137977][ C0] ipi_handler+0x10c/0x710 [ 82.138602][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 82.139390][ C0] handle_domain_irq+0x144/0x1fc [ 82.140110][ C0] gic_handle_irq+0x78/0x1c8 [ 82.140781][ C0] call_on_irq_stack+0x30/0x48 [ 82.141486][ C0] do_interrupt_handler+0x6c/0x88 [ 82.142209][ C0] el1_interrupt+0x30/0x58 [ 82.142857][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.143554][ C0] el1h_64_irq+0x78/0x7c [ 82.144166][ C0] lock_release+0x4a0/0x8e8 [ 82.144771][ C0] rcu_lock_release+0x24/0x30 [ 82.145444][ C0] __unlock_page_memcg+0xe0/0xf8 [ 82.146118][ C0] unlock_page_memcg+0x4c/0x5c [ 82.146817][ C0] page_add_file_rmap+0x660/0x8e4 [ 82.147557][ C0] do_set_pte+0x390/0x4dc [ 82.148227][ C0] filemap_map_pages+0x9c4/0xc50 [ 82.148984][ C0] handle_mm_fault+0x19c4/0x2970 [ 82.149721][ C0] do_page_fault+0x694/0xad4 [ 82.150391][ C0] do_translation_fault+0xe0/0x130 [ 82.151131][ C0] do_mem_abort+0x6c/0x1ac [ 82.151836][ C0] el0_ia+0xe0/0x2d0 [ 82.152405][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 82.153179][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.153819][ C0] irq event stamp: 402 [ 82.154403][ C0] hardirqs last enabled at (401): [] lock_page_memcg+0x110/0x234 [ 82.155732][ C0] hardirqs last disabled at (402): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.157116][ C0] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 82.158497][ C0] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 82.159987][ C0] ---[ end trace 5519afa7f6d9eb7a ]--- [ 82.213820][ T5093] loop0: detected capacity change from 0 to 128 [ 82.291003][ T5093] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.292196][ T5093] Bad inode number on dev loop0: 2 is out of range [ 82.293184][ T5093] SysV FS: get root inode failed [ 82.296347][ T5093] oldfs: cannot read superblock [ 82.304930][ T4580] ------------[ cut here ]------------ [ 82.305806][ T4580] VFS: brelse: Trying to free free buffer [ 82.306738][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.307978][ T4580] Modules linked in: [ 82.308555][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 82.309803][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.311267][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.312412][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 82.313183][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 82.314019][ T4580] sp : ffff80001fc377c0 [ 82.314641][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 82.315833][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 82.317013][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ccad6318 [ 82.318239][ T4580] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 82.319407][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.320639][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.321888][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 82.323131][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.324328][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.325484][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.326670][ T4580] Call trace: [ 82.327183][ T4580] invalidate_bh_lru+0x128/0x234 [ 82.327953][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 82.328781][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.329539][ T4580] invalidate_bh_lrus+0x34/0x40 [ 82.330239][ T4580] blkdev_flush_mapping+0x168/0x31c [ 82.331015][ T4580] blkdev_put+0x490/0x6ac [ 82.331694][ T4580] blkdev_close+0x74/0xb0 [ 82.332349][ T4580] __fput+0x1c0/0x7f8 [ 82.332912][ T4580] ____fput+0x20/0x30 [ 82.333474][ T4580] task_work_run+0x12c/0x1e0 [ 82.334094][ T4580] do_notify_resume+0x24b4/0x3128 [ 82.334797][ T4580] el0_svc+0xf0/0x1e0 [ 82.335355][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 82.336105][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 82.336738][ T4580] irq event stamp: 350080 [ 82.337354][ T4580] hardirqs last enabled at (350079): [] kasan_quarantine_put+0xc4/0x204 [ 82.338858][ T4580] hardirqs last disabled at (350080): [] smp_call_function_many_cond+0xa44/0xeb0 [ 82.340401][ T4580] softirqs last enabled at (349830): [] local_bh_enable+0x10/0x34 [ 82.341776][ T4580] softirqs last disabled at (349828): [] local_bh_disable+0x10/0x34 [ 82.343194][ T4580] ---[ end trace 5519afa7f6d9eb7b ]--- [ 82.373961][ T5095] loop0: detected capacity change from 0 to 128 [ 82.425694][ T5095] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.426740][ T5095] Bad inode number on dev loop0: 2 is out of range [ 82.427672][ T5095] SysV FS: get root inode failed [ 82.428343][ T5095] oldfs: cannot read superblock [ 82.433817][ C1] ------------[ cut here ]------------ [ 82.434683][ C1] VFS: brelse: Trying to free free buffer [ 82.435599][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.436818][ C1] Modules linked in: [ 82.437409][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.438739][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.440243][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.441416][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 82.442235][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 82.443013][ C1] sp : ffff800008017de0 [ 82.443668][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 82.444925][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 82.446136][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ccad66b8 [ 82.447271][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 82.448390][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.449583][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.450823][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 82.452089][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.453298][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.454491][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.455815][ C1] Call trace: [ 82.456318][ C1] invalidate_bh_lru+0x128/0x234 [ 82.457102][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.457971][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.458958][ C1] ipi_handler+0x10c/0x710 [ 82.459616][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 82.460375][ C1] handle_domain_irq+0x144/0x1fc [ 82.461038][ C1] gic_handle_irq+0x78/0x1c8 [ 82.461722][ C1] call_on_irq_stack+0x30/0x48 [ 82.462415][ C1] do_interrupt_handler+0x6c/0x88 [ 82.463145][ C1] el1_interrupt+0x30/0x58 [ 82.463815][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.464546][ C1] el1h_64_irq+0x78/0x7c [ 82.465173][ C1] lock_acquire+0x234/0x620 [ 82.465814][ C1] __might_fault+0xc8/0x128 [ 82.466489][ C1] xt_obj_to_user+0x17c/0x3c8 [ 82.467151][ C1] xt_target_to_user+0x88/0x1a8 [ 82.467906][ C1] do_ipt_get_ctl+0xfc0/0x13a8 [ 82.468571][ C1] nf_getsockopt+0x264/0x284 [ 82.469215][ C1] ip_getsockopt+0xffc/0x158c [ 82.469881][ C1] tcp_getsockopt+0x208/0x2e78 [ 82.470600][ C1] sock_common_getsockopt+0xa8/0xc4 [ 82.471334][ C1] __sys_getsockopt+0x1b8/0x250 [ 82.472007][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 82.472811][ C1] invoke_syscall+0x98/0x2b8 [ 82.473467][ C1] el0_svc_common+0x138/0x258 [ 82.474206][ C1] do_el0_svc+0x58/0x14c [ 82.474811][ C1] el0_svc+0x78/0x1e0 [ 82.475382][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.476140][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.476784][ C1] irq event stamp: 365698 [ 82.477467][ C1] hardirqs last enabled at (365697): [] alloc_counters+0x3d4/0x7a4 [ 82.478784][ C1] hardirqs last disabled at (365698): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.480188][ C1] softirqs last enabled at (365664): [] release_sock+0x1d0/0x258 [ 82.481526][ C1] softirqs last disabled at (365662): [] release_sock+0x34/0x258 [ 82.482821][ C1] ---[ end trace 5519afa7f6d9eb7c ]--- [ 82.523075][ T5097] loop0: detected capacity change from 0 to 128 [ 82.525298][ T5097] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.526776][ T5097] Bad inode number on dev loop0: 2 is out of range [ 82.527829][ T5097] SysV FS: get root inode failed [ 82.528630][ T5097] oldfs: cannot read superblock [ 82.536380][ C0] ------------[ cut here ]------------ [ 82.537296][ C0] VFS: brelse: Trying to free free buffer [ 82.538285][ C0] WARNING: CPU: 0 PID: 5098 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.539510][ C0] Modules linked in: [ 82.540106][ C0] CPU: 0 PID: 5098 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.541475][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.542931][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.544094][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 82.544993][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 82.545731][ C0] sp : ffff800008007de0 [ 82.546335][ C0] x29: ffff800008007de0 x28: ffff0000da9b9b40 x27: 1fffe0003421625c [ 82.547505][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 82.548702][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3055df8 [ 82.549877][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 82.551166][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.552404][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.553643][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 79abcbb971c49a00 [ 82.554906][ C0] x8 : 79abcbb971c49a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.555975][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.557295][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.558442][ C0] Call trace: [ 82.558930][ C0] invalidate_bh_lru+0x128/0x234 [ 82.559645][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.560489][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.561478][ C0] ipi_handler+0x10c/0x710 [ 82.562141][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 82.563004][ C0] handle_domain_irq+0x144/0x1fc [ 82.563695][ C0] gic_handle_irq+0x78/0x1c8 [ 82.564334][ C0] call_on_irq_stack+0x30/0x48 [ 82.565019][ C0] do_interrupt_handler+0x6c/0x88 [ 82.565804][ C0] el1_interrupt+0x30/0x58 [ 82.566477][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.567200][ C0] el1h_64_irq+0x78/0x7c [ 82.567827][ C0] clear_page+0x1c/0x58 [ 82.568399][ C0] post_alloc_hook+0xe4/0x208 [ 82.569133][ C0] get_page_from_freelist+0x296c/0x2aa8 [ 82.569954][ C0] __alloc_pages+0x1a0/0x470 [ 82.570699][ C0] alloc_pages+0x34c/0x5c0 [ 82.571316][ C0] new_slab+0xe0/0x55c [ 82.571923][ C0] ___slab_alloc+0x6c0/0xda8 [ 82.572582][ C0] __slab_alloc+0x68/0xc0 [ 82.573197][ C0] __kmalloc+0x2ec/0x44c [ 82.573826][ C0] tomoyo_realpath_from_path+0xcc/0x510 [ 82.574656][ C0] tomoyo_path_perm+0x1b4/0x440 [ 82.575363][ C0] tomoyo_path_symlink+0xa8/0xec [ 82.576098][ C0] security_path_symlink+0xec/0x13c [ 82.576831][ C0] do_symlinkat+0x108/0x5a8 [ 82.577471][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 82.578245][ C0] invoke_syscall+0x98/0x2b8 [ 82.578958][ C0] el0_svc_common+0x138/0x258 [ 82.579575][ C0] do_el0_svc+0x58/0x14c [ 82.580200][ C0] el0_svc+0x78/0x1e0 [ 82.580728][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.581478][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.582133][ C0] irq event stamp: 954 [ 82.582709][ C0] hardirqs last enabled at (953): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 82.584332][ C0] hardirqs last disabled at (954): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.585708][ C0] softirqs last enabled at (502): [] local_bh_enable+0x10/0x34 [ 82.587055][ C0] softirqs last disabled at (500): [] local_bh_disable+0x10/0x34 [ 82.588453][ C0] ---[ end trace 5519afa7f6d9eb7d ]--- [ 82.643597][ T5099] loop0: detected capacity change from 0 to 128 [ 82.646080][ T5099] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.647297][ T5099] Bad inode number on dev loop0: 2 is out of range [ 82.648376][ T5099] SysV FS: get root inode failed [ 82.649101][ T5099] oldfs: cannot read superblock [ 82.658866][ C1] ------------[ cut here ]------------ [ 82.659721][ C1] VFS: brelse: Trying to free free buffer [ 82.660654][ C1] WARNING: CPU: 1 PID: 5101 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.661891][ C1] Modules linked in: [ 82.662472][ C1] CPU: 1 PID: 5101 Comm: syz.0.84 Tainted: G W syzkaller #0 [ 82.663959][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.665492][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.666648][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 82.667433][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 82.668235][ C1] sp : ffff800008017de0 [ 82.668847][ C1] x29: ffff800008017de0 x28: ffff0000d9893680 x27: 1fffe0003421a45c [ 82.670017][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 82.671182][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ccad6a58 [ 82.672362][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 82.673600][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.674672][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.675828][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : c02c4f4b30b58d00 [ 82.677058][ C1] x8 : c02c4f4b30b58d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.678194][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.679283][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.680478][ C1] Call trace: [ 82.680951][ C1] invalidate_bh_lru+0x128/0x234 [ 82.681716][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.682639][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.683653][ C1] ipi_handler+0x10c/0x710 [ 82.684321][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 82.685117][ C1] handle_domain_irq+0x144/0x1fc [ 82.685808][ C1] gic_handle_irq+0x78/0x1c8 [ 82.686478][ C1] call_on_irq_stack+0x30/0x48 [ 82.687171][ C1] do_interrupt_handler+0x6c/0x88 [ 82.687967][ C1] el1_interrupt+0x30/0x58 [ 82.688629][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.689313][ C1] el1h_64_irq+0x78/0x7c [ 82.689863][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 82.690717][ C1] debug_check_no_obj_freed+0x450/0x46c [ 82.691508][ C1] free_unref_page_prepare+0x2fc/0xaa0 [ 82.692294][ C1] free_unref_page+0x78/0x1fc [ 82.692963][ C1] __free_pages+0x180/0x1d4 [ 82.693645][ C1] __free_slab+0x178/0x398 [ 82.694256][ C1] discard_slab+0x64/0xe0 [ 82.694875][ C1] __slab_free+0x1c4/0x254 [ 82.695522][ C1] ___cache_free+0x178/0x1bc [ 82.696252][ C1] qlink_free+0x5c/0xa4 [ 82.696897][ C1] qlist_free_all+0x40/0xa8 [ 82.697584][ C1] kasan_quarantine_reduce+0x124/0x130 [ 82.698379][ C1] __kasan_slab_alloc+0x34/0xcc [ 82.699069][ C1] slab_post_alloc_hook+0x74/0x408 [ 82.699856][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 82.700572][ C1] __d_alloc+0x3c/0x65c [ 82.701160][ C1] d_alloc_pseudo+0x28/0x8c [ 82.701765][ C1] alloc_file_pseudo+0xcc/0x1dc [ 82.702466][ C1] __shmem_file_setup+0x19c/0x264 [ 82.703189][ C1] shmem_file_setup+0x40/0x54 [ 82.703885][ C1] __arm64_sys_memfd_create+0x37c/0x514 [ 82.704665][ C1] invoke_syscall+0x98/0x2b8 [ 82.705324][ C1] el0_svc_common+0x138/0x258 [ 82.706036][ C1] do_el0_svc+0x58/0x14c [ 82.706662][ C1] el0_svc+0x78/0x1e0 [ 82.707197][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.707991][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.708635][ C1] irq event stamp: 296 [ 82.709224][ C1] hardirqs last enabled at (295): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 82.710880][ C1] hardirqs last disabled at (296): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.712422][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 82.713771][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 82.715134][ C1] ---[ end trace 5519afa7f6d9eb7e ]--- [ 82.773197][ T5101] loop0: detected capacity change from 0 to 128 [ 82.815125][ T5101] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.816256][ T5101] Bad inode number on dev loop0: 2 is out of range [ 82.817248][ T5101] SysV FS: get root inode failed [ 82.817976][ T5101] oldfs: cannot read superblock [ 82.826643][ T4580] ------------[ cut here ]------------ [ 82.827513][ T4580] VFS: brelse: Trying to free free buffer [ 82.828398][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.829618][ T4580] Modules linked in: [ 82.830210][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 82.831508][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.832909][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.834095][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 82.834865][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 82.835670][ T4580] sp : ffff80001fc377c0 [ 82.836270][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 82.837477][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 82.838673][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd47d230 [ 82.839797][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 82.841036][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.842225][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.843406][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 82.844615][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.845758][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.846939][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.848190][ T4580] Call trace: [ 82.848658][ T4580] invalidate_bh_lru+0x128/0x234 [ 82.849460][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 82.850259][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.850983][ T4580] invalidate_bh_lrus+0x34/0x40 [ 82.851633][ T4580] blkdev_flush_mapping+0x168/0x31c [ 82.852403][ T4580] blkdev_put+0x490/0x6ac [ 82.853041][ T4580] blkdev_close+0x74/0xb0 [ 82.853642][ T4580] __fput+0x1c0/0x7f8 [ 82.854229][ T4580] ____fput+0x20/0x30 [ 82.854817][ T4580] task_work_run+0x12c/0x1e0 [ 82.855633][ T4580] do_notify_resume+0x24b4/0x3128 [ 82.856409][ T4580] el0_svc+0xf0/0x1e0 [ 82.857096][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 82.857829][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 82.858485][ T4580] irq event stamp: 366674 [ 82.859112][ T4580] hardirqs last enabled at (366673): [] kasan_quarantine_put+0xc4/0x204 [ 82.860587][ T4580] hardirqs last disabled at (366674): [] smp_call_function_many_cond+0xa44/0xeb0 [ 82.862217][ T4580] softirqs last enabled at (366426): [] local_bh_enable+0x10/0x34 [ 82.863747][ T4580] softirqs last disabled at (366424): [] local_bh_disable+0x10/0x34 [ 82.865219][ T4580] ---[ end trace 5519afa7f6d9eb7f ]--- [ 82.924356][ T5103] loop0: detected capacity change from 0 to 128 [ 82.926916][ T5103] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.927975][ T5103] Bad inode number on dev loop0: 2 is out of range [ 82.928966][ T5103] SysV FS: get root inode failed [ 82.929713][ T5103] oldfs: cannot read superblock [ 82.934788][ C0] ------------[ cut here ]------------ [ 82.935628][ C0] VFS: brelse: Trying to free free buffer [ 82.936507][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 82.937814][ C0] Modules linked in: [ 82.938361][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.939667][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 82.941258][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.942492][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 82.943222][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 82.943990][ C0] sp : ffff800008007de0 [ 82.944604][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 82.945743][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 82.946946][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd47d5d0 [ 82.948160][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 82.949441][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 82.950788][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 82.952079][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 82.953318][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.954534][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 82.955710][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.956827][ C0] Call trace: [ 82.957274][ C0] invalidate_bh_lru+0x128/0x234 [ 82.957997][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.958863][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.959890][ C0] ipi_handler+0x10c/0x710 [ 82.960557][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 82.961339][ C0] handle_domain_irq+0x144/0x1fc [ 82.962025][ C0] gic_handle_irq+0x78/0x1c8 [ 82.962676][ C0] call_on_irq_stack+0x30/0x48 [ 82.963430][ C0] do_interrupt_handler+0x6c/0x88 [ 82.964178][ C0] el1_interrupt+0x30/0x58 [ 82.964839][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.965607][ C0] el1h_64_irq+0x78/0x7c [ 82.966259][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 82.967122][ C0] debug_check_no_obj_freed+0x450/0x46c [ 82.967962][ C0] slab_free_freelist_hook+0x9c/0x1e8 [ 82.968917][ C0] kfree+0x170/0x40c [ 82.969507][ C0] tomoyo_realpath_from_path+0x4c8/0x510 [ 82.970336][ C0] tomoyo_path_perm+0x1b4/0x440 [ 82.971066][ C0] tomoyo_path_rmdir+0xa4/0xe8 [ 82.971766][ C0] security_path_rmdir+0xe4/0x134 [ 82.972491][ C0] do_rmdir+0x1d0/0x634 [ 82.973087][ C0] __arm64_sys_unlinkat+0xcc/0xfc [ 82.973775][ C0] invoke_syscall+0x98/0x2b8 [ 82.974426][ C0] el0_svc_common+0x138/0x258 [ 82.975097][ C0] do_el0_svc+0x58/0x14c [ 82.975721][ C0] el0_svc+0x78/0x1e0 [ 82.976309][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.977074][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.977692][ C0] irq event stamp: 377136 [ 82.978261][ C0] hardirqs last enabled at (377135): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 82.979879][ C0] hardirqs last disabled at (377136): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.981316][ C0] softirqs last enabled at (375652): [] local_bh_enable+0x10/0x34 [ 82.982674][ C0] softirqs last disabled at (375650): [] local_bh_disable+0x10/0x34 [ 82.984074][ C0] ---[ end trace 5519afa7f6d9eb80 ]--- [ 83.019802][ T5105] loop0: detected capacity change from 0 to 128 [ 83.071349][ T5105] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.072661][ T5105] Bad inode number on dev loop0: 2 is out of range [ 83.073688][ T5105] SysV FS: get root inode failed [ 83.074442][ T5105] oldfs: cannot read superblock [ 83.081375][ C1] ------------[ cut here ]------------ [ 83.082275][ C1] VFS: brelse: Trying to free free buffer [ 83.083190][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.084577][ C1] Modules linked in: [ 83.085194][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.086549][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.088071][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.089187][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 83.089905][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 83.090690][ C1] sp : ffff800008017de0 [ 83.091284][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 83.092467][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 83.093690][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ccad6df8 [ 83.094925][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 83.096240][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.097644][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.099031][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 83.100296][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.101539][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.102830][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.104037][ C1] Call trace: [ 83.104557][ C1] invalidate_bh_lru+0x128/0x234 [ 83.105301][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.106191][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.107198][ C1] ipi_handler+0x10c/0x710 [ 83.107833][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 83.108619][ C1] handle_domain_irq+0x144/0x1fc [ 83.109302][ C1] gic_handle_irq+0x78/0x1c8 [ 83.109981][ C1] call_on_irq_stack+0x30/0x48 [ 83.110674][ C1] do_interrupt_handler+0x6c/0x88 [ 83.111445][ C1] el1_interrupt+0x30/0x58 [ 83.112087][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.112846][ C1] el1h_64_irq+0x78/0x7c [ 83.113497][ C1] lock_acquire+0x234/0x620 [ 83.114187][ C1] rcu_lock_acquire+0x38/0x44 [ 83.114936][ C1] percpu_ref_tryget+0x20/0x230 [ 83.115640][ C1] get_obj_cgroup_from_current+0x304/0x524 [ 83.116544][ C1] slab_pre_alloc_hook+0xa8/0xec [ 83.117317][ C1] kmem_cache_alloc+0x94/0x3e4 [ 83.118076][ C1] copy_mm+0x6cc/0x1090 [ 83.118777][ C1] copy_process+0x14d8/0x34ac [ 83.119534][ C1] kernel_clone+0x1d8/0x9d4 [ 83.120237][ C1] __arm64_sys_clone+0x138/0x190 [ 83.121011][ C1] invoke_syscall+0x98/0x2b8 [ 83.121668][ C1] el0_svc_common+0x138/0x258 [ 83.122336][ C1] do_el0_svc+0x58/0x14c [ 83.122974][ C1] el0_svc+0x78/0x1e0 [ 83.123574][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 83.124317][ C1] el0t_64_sync+0x1a0/0x1a4 [ 83.124984][ C1] irq event stamp: 382008 [ 83.125600][ C1] hardirqs last enabled at (382007): [] try_charge_memcg+0x1d8/0x11bc [ 83.127151][ C1] hardirqs last disabled at (382008): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.128563][ C1] softirqs last enabled at (381954): [] local_bh_enable+0x10/0x34 [ 83.129863][ C1] softirqs last disabled at (381952): [] local_bh_disable+0x10/0x34 [ 83.131314][ C1] ---[ end trace 5519afa7f6d9eb81 ]--- [ 83.173212][ T5107] loop0: detected capacity change from 0 to 128 [ 83.176227][ T5107] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.177388][ T5107] Bad inode number on dev loop0: 2 is out of range [ 83.178358][ T5107] SysV FS: get root inode failed [ 83.179120][ T5107] oldfs: cannot read superblock [ 83.189787][ C0] ------------[ cut here ]------------ [ 83.190753][ C0] VFS: brelse: Trying to free free buffer [ 83.191621][ C0] WARNING: CPU: 0 PID: 5109 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.192917][ C0] Modules linked in: [ 83.193446][ C0] CPU: 0 PID: 5109 Comm: syz.0.88 Tainted: G W syzkaller #0 [ 83.194737][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.196204][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.197360][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 83.198142][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 83.198870][ C0] sp : ffff800008007de0 [ 83.199467][ C0] x29: ffff800008007de0 x28: ffff0000d651b680 x27: 1fffe0003421625c [ 83.200602][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 83.201814][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd47d970 [ 83.202903][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 83.204070][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.205243][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.206386][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 2757529cd9edd400 [ 83.207556][ C0] x8 : 2757529cd9edd400 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.208706][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.209867][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.211032][ C0] Call trace: [ 83.211496][ C0] invalidate_bh_lru+0x128/0x234 [ 83.212203][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.213052][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.214061][ C0] ipi_handler+0x10c/0x710 [ 83.214682][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 83.215500][ C0] handle_domain_irq+0x144/0x1fc [ 83.216243][ C0] gic_handle_irq+0x78/0x1c8 [ 83.216962][ C0] call_on_irq_stack+0x30/0x48 [ 83.217600][ C0] do_interrupt_handler+0x6c/0x88 [ 83.218378][ C0] el0_interrupt+0x94/0x260 [ 83.219061][ C0] __el0_irq_handler_common+0x18/0x24 [ 83.219862][ C0] el0t_64_irq_handler+0x10/0x1c [ 83.220602][ C0] el0t_64_irq+0x1a0/0x1a4 [ 83.221233][ C0] irq event stamp: 244 [ 83.221829][ C0] hardirqs last enabled at (243): [] el0t_64_sync_handler+0xd8/0xe4 [ 83.223288][ C0] hardirqs last disabled at (244): [] __el0_irq_handler_common+0x18/0x24 [ 83.224700][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 83.226106][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 83.227420][ C0] ---[ end trace 5519afa7f6d9eb82 ]--- [ 83.263679][ T5109] loop0: detected capacity change from 0 to 128 [ 83.266946][ T5109] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.268120][ T5109] Bad inode number on dev loop0: 2 is out of range [ 83.269032][ T5109] SysV FS: get root inode failed [ 83.269737][ T5109] oldfs: cannot read superblock [ 83.275623][ T4580] ------------[ cut here ]------------ [ 83.276468][ T4580] VFS: brelse: Trying to free free buffer [ 83.277356][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.278652][ T4580] Modules linked in: [ 83.279196][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 83.280346][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.281799][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.282934][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 83.283668][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 83.284462][ T4580] sp : ffff80001fc377c0 [ 83.285142][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 83.286326][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 83.287573][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd47dd10 [ 83.288722][ T4580] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 83.289900][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.291060][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.292270][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 83.293476][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.294685][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.295789][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.297017][ T4580] Call trace: [ 83.297518][ T4580] invalidate_bh_lru+0x128/0x234 [ 83.298338][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 83.299190][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.299965][ T4580] invalidate_bh_lrus+0x34/0x40 [ 83.300682][ T4580] blkdev_flush_mapping+0x168/0x31c [ 83.301461][ T4580] blkdev_put+0x490/0x6ac [ 83.302102][ T4580] blkdev_close+0x74/0xb0 [ 83.302857][ T4580] __fput+0x1c0/0x7f8 [ 83.303520][ T4580] ____fput+0x20/0x30 [ 83.304179][ T4580] task_work_run+0x12c/0x1e0 [ 83.304942][ T4580] do_notify_resume+0x24b4/0x3128 [ 83.305714][ T4580] el0_svc+0xf0/0x1e0 [ 83.306308][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 83.307071][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 83.307792][ T4580] irq event stamp: 386548 [ 83.308399][ T4580] hardirqs last enabled at (386547): [] kasan_quarantine_put+0xc4/0x204 [ 83.309994][ T4580] hardirqs last disabled at (386548): [] smp_call_function_many_cond+0xa44/0xeb0 [ 83.311736][ T4580] softirqs last enabled at (386288): [] local_bh_enable+0x10/0x34 [ 83.313213][ T4580] softirqs last disabled at (386286): [] local_bh_disable+0x10/0x34 [ 83.314737][ T4580] ---[ end trace 5519afa7f6d9eb83 ]--- [ 83.343209][ T5111] loop0: detected capacity change from 0 to 128 [ 83.346028][ T5111] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.347297][ T5111] Bad inode number on dev loop0: 2 is out of range [ 83.348237][ T5111] SysV FS: get root inode failed [ 83.348960][ T5111] oldfs: cannot read superblock [ 83.354575][ T4580] ------------[ cut here ]------------ [ 83.355457][ T4580] VFS: brelse: Trying to free free buffer [ 83.356330][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.357667][ T4580] Modules linked in: [ 83.358286][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 83.359529][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.361137][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.362317][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 83.363118][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 83.363926][ T4580] sp : ffff80001fc377c0 [ 83.364536][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 83.365808][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 83.366973][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debe8148 [ 83.368189][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 83.369347][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.370530][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.371710][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 83.372958][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.374120][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.375335][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.376597][ T4580] Call trace: [ 83.377023][ T4580] invalidate_bh_lru+0x128/0x234 [ 83.377819][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 83.378669][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.379481][ T4580] invalidate_bh_lrus+0x34/0x40 [ 83.380235][ T4580] blkdev_flush_mapping+0x168/0x31c [ 83.381034][ T4580] blkdev_put+0x490/0x6ac [ 83.381693][ T4580] blkdev_close+0x74/0xb0 [ 83.382290][ T4580] __fput+0x1c0/0x7f8 [ 83.382892][ T4580] ____fput+0x20/0x30 [ 83.383488][ T4580] task_work_run+0x12c/0x1e0 [ 83.384192][ T4580] do_notify_resume+0x24b4/0x3128 [ 83.384908][ T4580] el0_svc+0xf0/0x1e0 [ 83.385532][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 83.386305][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 83.386969][ T4580] irq event stamp: 390546 [ 83.387601][ T4580] hardirqs last enabled at (390545): [] kasan_quarantine_put+0xc4/0x204 [ 83.389064][ T4580] hardirqs last disabled at (390546): [] smp_call_function_many_cond+0xa44/0xeb0 [ 83.390573][ T4580] softirqs last enabled at (390286): [] local_bh_enable+0x10/0x34 [ 83.391928][ T4580] softirqs last disabled at (390284): [] local_bh_disable+0x10/0x34 [ 83.393275][ T4580] ---[ end trace 5519afa7f6d9eb84 ]--- [ 83.434145][ T5113] loop0: detected capacity change from 0 to 128 [ 83.437992][ T5113] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.439240][ T5113] Bad inode number on dev loop0: 2 is out of range [ 83.440652][ T5113] SysV FS: get root inode failed [ 83.441448][ T5113] oldfs: cannot read superblock [ 83.444066][ C0] ------------[ cut here ]------------ [ 83.444890][ C0] VFS: brelse: Trying to free free buffer [ 83.445726][ C0] WARNING: CPU: 0 PID: 5113 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.446955][ C0] Modules linked in: [ 83.447479][ C0] CPU: 0 PID: 5113 Comm: syz.0.90 Tainted: G W syzkaller #0 [ 83.448728][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.450202][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.451345][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 83.452098][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 83.452825][ C0] sp : ffff800008007de0 [ 83.453418][ C0] x29: ffff800008007de0 x28: ffff0000d11cb680 x27: 1fffe0003421625c [ 83.454568][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 83.455767][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debe84e8 [ 83.457035][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 83.458260][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.459571][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.460834][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 68cdf0b7619dbc00 [ 83.462098][ C0] x8 : 68cdf0b7619dbc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.463260][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.464441][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.465667][ C0] Call trace: [ 83.466147][ C0] invalidate_bh_lru+0x128/0x234 [ 83.466852][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.467714][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.468731][ C0] ipi_handler+0x10c/0x710 [ 83.469339][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 83.470146][ C0] handle_domain_irq+0x144/0x1fc [ 83.470852][ C0] gic_handle_irq+0x78/0x1c8 [ 83.471512][ C0] call_on_irq_stack+0x30/0x48 [ 83.472241][ C0] do_interrupt_handler+0x6c/0x88 [ 83.472966][ C0] el1_interrupt+0x30/0x58 [ 83.473626][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.474280][ C0] el1h_64_irq+0x78/0x7c [ 83.474868][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 83.475708][ C0] debug_check_no_obj_freed+0x450/0x46c [ 83.476527][ C0] slab_free_freelist_hook+0x9c/0x1e8 [ 83.477229][ C0] kmem_cache_free+0xdc/0x3b4 [ 83.477890][ C0] vm_area_free+0x28/0x38 [ 83.478510][ C0] exit_mmap+0x3e0/0x4e0 [ 83.479251][ C0] __mmput+0xec/0x3b8 [ 83.479853][ C0] mmput+0x80/0xc8 [ 83.480476][ C0] exit_mm+0x4a0/0x684 [ 83.481106][ C0] do_exit+0x4ec/0x1f58 [ 83.481746][ C0] do_group_exit+0x100/0x268 [ 83.482410][ C0] get_signal+0x73c/0x1340 [ 83.483076][ C0] do_notify_resume+0x35c/0x3128 [ 83.483818][ C0] el0_svc+0xf0/0x1e0 [ 83.484381][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.485139][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.485784][ C0] irq event stamp: 2632 [ 83.486445][ C0] hardirqs last enabled at (2631): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 83.488048][ C0] hardirqs last disabled at (2632): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.489425][ C0] softirqs last enabled at (1214): [] local_bh_enable+0x10/0x34 [ 83.490807][ C0] softirqs last disabled at (1212): [] local_bh_disable+0x10/0x34 [ 83.492168][ C0] ---[ end trace 5519afa7f6d9eb85 ]--- [ 83.540418][ T5115] loop0: detected capacity change from 0 to 128 [ 83.542666][ T5115] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.543885][ T5115] Bad inode number on dev loop0: 2 is out of range [ 83.544843][ T5115] SysV FS: get root inode failed [ 83.545648][ T5115] oldfs: cannot read superblock [ 83.549499][ C1] ------------[ cut here ]------------ [ 83.550431][ C1] VFS: brelse: Trying to free free buffer [ 83.551363][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.552740][ C1] Modules linked in: [ 83.553283][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.554613][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.556035][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.557226][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 83.558028][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 83.558829][ C1] sp : ffff800008017de0 [ 83.559424][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 83.560686][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 83.561968][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb9b230 [ 83.563191][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 83.564450][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.565648][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.566822][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 83.567938][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.569180][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.570397][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.571609][ C1] Call trace: [ 83.572107][ C1] invalidate_bh_lru+0x128/0x234 [ 83.572826][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.573684][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.574613][ C1] ipi_handler+0x10c/0x710 [ 83.575230][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 83.575987][ C1] handle_domain_irq+0x144/0x1fc [ 83.576681][ C1] gic_handle_irq+0x78/0x1c8 [ 83.577297][ C1] call_on_irq_stack+0x30/0x48 [ 83.578015][ C1] do_interrupt_handler+0x6c/0x88 [ 83.578786][ C1] el1_interrupt+0x30/0x58 [ 83.579418][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.580193][ C1] el1h_64_irq+0x78/0x7c [ 83.580822][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 83.581705][ C1] debug_object_activate+0x248/0x464 [ 83.582464][ C1] call_rcu+0x54/0x8fc [ 83.583039][ C1] __fput+0x51c/0x7f8 [ 83.583614][ C1] ____fput+0x20/0x30 [ 83.584242][ C1] task_work_run+0x12c/0x1e0 [ 83.584907][ C1] do_notify_resume+0x24b4/0x3128 [ 83.585631][ C1] el0_svc+0xf0/0x1e0 [ 83.586232][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 83.586866][ C1] el0t_64_sync+0x1a0/0x1a4 [ 83.587536][ C1] irq event stamp: 395092 [ 83.588146][ C1] hardirqs last enabled at (395091): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 83.589746][ C1] hardirqs last disabled at (395092): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.591211][ C1] softirqs last enabled at (394286): [] local_bh_enable+0x10/0x34 [ 83.592585][ C1] softirqs last disabled at (394284): [] local_bh_disable+0x10/0x34 [ 83.593981][ C1] ---[ end trace 5519afa7f6d9eb86 ]--- [ 83.637313][ T5117] loop0: detected capacity change from 0 to 128 [ 83.683937][ T5117] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.685122][ T5117] Bad inode number on dev loop0: 2 is out of range [ 83.686113][ T5117] SysV FS: get root inode failed [ 83.686881][ T5117] oldfs: cannot read superblock [ 83.693035][ C0] ------------[ cut here ]------------ [ 83.693924][ C0] VFS: brelse: Trying to free free buffer [ 83.694753][ C0] WARNING: CPU: 0 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.696072][ C0] Modules linked in: [ 83.696635][ C0] CPU: 0 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.697964][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.699352][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.700537][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 83.701331][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 83.702115][ C0] sp : ffff800008007de0 [ 83.702724][ C0] x29: ffff800008007de0 x28: ffff0000c22db680 x27: 1fffe0003421625c [ 83.703871][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 83.705036][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debe8888 [ 83.706271][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 83.707470][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.708776][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.710033][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 83.711190][ C0] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.712366][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.713512][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.714681][ C0] Call trace: [ 83.715093][ C0] invalidate_bh_lru+0x128/0x234 [ 83.715828][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.716672][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.717650][ C0] ipi_handler+0x10c/0x710 [ 83.718284][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 83.719067][ C0] handle_domain_irq+0x144/0x1fc [ 83.719794][ C0] gic_handle_irq+0x78/0x1c8 [ 83.720424][ C0] call_on_irq_stack+0x30/0x48 [ 83.721076][ C0] do_interrupt_handler+0x6c/0x88 [ 83.721793][ C0] el1_interrupt+0x30/0x58 [ 83.722396][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.723101][ C0] el1h_64_irq+0x78/0x7c [ 83.723726][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 83.724512][ C0] __unfreeze_partials+0x13c/0x190 [ 83.725193][ C0] put_cpu_partial+0x1a8/0x218 [ 83.725877][ C0] __slab_free+0x184/0x254 [ 83.726501][ C0] ___cache_free+0x178/0x1bc [ 83.727138][ C0] qlink_free+0x5c/0xa4 [ 83.727757][ C0] qlist_free_all+0x40/0xa8 [ 83.728370][ C0] kasan_quarantine_reduce+0x124/0x130 [ 83.729219][ C0] __kasan_slab_alloc+0x34/0xcc [ 83.729920][ C0] slab_post_alloc_hook+0x74/0x408 [ 83.730644][ C0] kmem_cache_alloc_node_trace+0x20c/0x438 [ 83.731479][ C0] __get_vm_area_node+0x14c/0x2e8 [ 83.732163][ C0] __vmalloc_node_range+0xe8/0x8d8 [ 83.732916][ C0] vzalloc+0x118/0x190 [ 83.733510][ C0] alloc_counters+0x84/0x7a4 [ 83.734214][ C0] do_ipt_get_ctl+0xaf4/0x13a8 [ 83.734932][ C0] nf_getsockopt+0x264/0x284 [ 83.735585][ C0] ip_getsockopt+0xffc/0x158c [ 83.736240][ C0] tcp_getsockopt+0x208/0x2e78 [ 83.736899][ C0] sock_common_getsockopt+0xa8/0xc4 [ 83.737718][ C0] __sys_getsockopt+0x1b8/0x250 [ 83.738496][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 83.739189][ C0] invoke_syscall+0x98/0x2b8 [ 83.739817][ C0] el0_svc_common+0x138/0x258 [ 83.740448][ C0] do_el0_svc+0x58/0x14c [ 83.741062][ C0] el0_svc+0x78/0x1e0 [ 83.741596][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.742372][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.743039][ C0] irq event stamp: 399240 [ 83.743637][ C0] hardirqs last enabled at (399239): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 83.745035][ C0] hardirqs last disabled at (399240): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.746407][ C0] softirqs last enabled at (398564): [] release_sock+0x1d0/0x258 [ 83.747662][ C0] softirqs last disabled at (398562): [] release_sock+0x34/0x258 [ 83.748889][ C0] ---[ end trace 5519afa7f6d9eb87 ]--- [ 83.793448][ T5119] loop0: detected capacity change from 0 to 128 [ 83.797208][ T5119] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.798272][ T5119] Bad inode number on dev loop0: 2 is out of range [ 83.799216][ T5119] SysV FS: get root inode failed [ 83.799940][ T5119] oldfs: cannot read superblock [ 83.804409][ C1] ------------[ cut here ]------------ [ 83.805227][ C1] VFS: brelse: Trying to free free buffer [ 83.806122][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.807352][ C1] Modules linked in: [ 83.807901][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.809270][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.810833][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.812038][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 83.812863][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 83.813698][ C1] sp : ffff800008017de0 [ 83.814291][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45c [ 83.815465][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 83.816666][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb9b5d0 [ 83.817894][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 83.819052][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 83.820246][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.821509][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 054daef7726fa800 [ 83.822775][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.823985][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 83.825215][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.826509][ C1] Call trace: [ 83.826980][ C1] invalidate_bh_lru+0x128/0x234 [ 83.827684][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.828739][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.829908][ C1] ipi_handler+0x10c/0x710 [ 83.830588][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 83.831447][ C1] handle_domain_irq+0x144/0x1fc [ 83.832212][ C1] gic_handle_irq+0x78/0x1c8 [ 83.832937][ C1] call_on_irq_stack+0x30/0x48 [ 83.833704][ C1] do_interrupt_handler+0x6c/0x88 [ 83.834489][ C1] el1_interrupt+0x30/0x58 [ 83.835127][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.835869][ C1] el1h_64_irq+0x78/0x7c [ 83.836484][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 83.837346][ C1] debug_check_no_obj_freed+0x450/0x46c [ 83.838219][ C1] slab_free_freelist_hook+0x9c/0x1e8 [ 83.839019][ C1] kfree+0x170/0x40c [ 83.839602][ C1] tomoyo_realpath_from_path+0x4c8/0x510 [ 83.840472][ C1] tomoyo_path_perm+0x1b4/0x440 [ 83.841194][ C1] tomoyo_inode_getattr+0x28/0x38 [ 83.841961][ C1] security_inode_getattr+0xd8/0x124 [ 83.842757][ C1] vfs_statx+0x118/0x458 [ 83.843415][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 83.844190][ C1] invoke_syscall+0x98/0x2b8 [ 83.844839][ C1] el0_svc_common+0x138/0x258 [ 83.845511][ C1] do_el0_svc+0x58/0x14c [ 83.846129][ C1] el0_svc+0x78/0x1e0 [ 83.846700][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 83.847390][ C1] el0t_64_sync+0x1a0/0x1a4 [ 83.848035][ C1] irq event stamp: 401434 [ 83.848696][ C1] hardirqs last enabled at (401433): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 83.850162][ C1] hardirqs last disabled at (401434): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.851472][ C1] softirqs last enabled at (400850): [] local_bh_enable+0x10/0x34 [ 83.852786][ C1] softirqs last disabled at (400848): [] local_bh_disable+0x10/0x34 [ 83.854047][ C1] ---[ end trace 5519afa7f6d9eb88 ]--- [ 83.929591][ T5121] loop0: detected capacity change from 0 to 128 [ 83.932570][ T5121] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.933734][ T5121] Bad inode number on dev loop0: 2 is out of range [ 83.934883][ T5121] SysV FS: get root inode failed [ 83.935939][ T5121] oldfs: cannot read superblock [ 83.943418][ T4580] ------------[ cut here ]------------ [ 83.944249][ T4580] VFS: brelse: Trying to free free buffer [ 83.945102][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 83.946381][ T4580] Modules linked in: [ 83.946934][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 83.948070][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.949441][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.950611][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 83.951357][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 83.952114][ T4580] sp : ffff80001fc377c0 [ 83.952759][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 83.953947][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 83.955128][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debe8c28 [ 83.956281][ T4580] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 83.957577][ T4580] x17: 0000000000000000 x16: ffff800008302164 x15: 00000000ffffffff [ 83.958820][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 83.959983][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 83.961126][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.962276][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff800008302274 [ 83.963384][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.964584][ T4580] Call trace: [ 83.965102][ T4580] invalidate_bh_lru+0x128/0x234 [ 83.965840][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 83.966731][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.967515][ T4580] invalidate_bh_lrus+0x34/0x40 [ 83.968177][ T4580] blkdev_flush_mapping+0x168/0x31c [ 83.968913][ T4580] blkdev_put+0x490/0x6ac [ 83.969508][ T4580] blkdev_close+0x74/0xb0 [ 83.970077][ T4580] __fput+0x1c0/0x7f8 [ 83.970603][ T4580] ____fput+0x20/0x30 [ 83.971153][ T4580] task_work_run+0x12c/0x1e0 [ 83.971785][ T4580] do_notify_resume+0x24b4/0x3128 [ 83.972494][ T4580] el0_svc+0xf0/0x1e0 [ 83.973093][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 83.973856][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 83.974628][ T4580] irq event stamp: 420110 [ 83.975373][ T4580] hardirqs last enabled at (420109): [] kasan_quarantine_put+0xc4/0x204 [ 83.976930][ T4580] hardirqs last disabled at (420110): [] smp_call_function_many_cond+0xa44/0xeb0 [ 83.978643][ T4580] softirqs last enabled at (419838): [] local_bh_enable+0x10/0x34 [ 83.980070][ T4580] softirqs last disabled at (419836): [] local_bh_disable+0x10/0x34 [ 83.981528][ T4580] ---[ end trace 5519afa7f6d9eb89 ]--- [ 84.004050][ T5123] loop0: detected capacity change from 0 to 128 [ 84.006986][ T5123] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.008063][ T5123] Bad inode number on dev loop0: 2 is out of range [ 84.009062][ T5123] SysV FS: get root inode failed [ 84.009802][ T5123] oldfs: cannot read superblock [ 84.018602][ T4580] ------------[ cut here ]------------ [ 84.019393][ T4580] VFS: brelse: Trying to free free buffer [ 84.020272][ T4580] WARNING: CPU: 0 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.021605][ T4580] Modules linked in: [ 84.022245][ T4580] CPU: 0 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 84.023556][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.025012][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.026216][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 84.027003][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 84.027803][ T4580] sp : ffff80001fc377c0 [ 84.028408][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 84.029542][ T4580] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 84.030760][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debeb060 [ 84.031951][ T4580] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 84.033139][ T4580] x17: 0000000000000000 x16: ffff800008302164 x15: 00000000ffffffff [ 84.034349][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.035516][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 84.036661][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.037919][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff800008302274 [ 84.039157][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.040348][ T4580] Call trace: [ 84.040881][ T4580] invalidate_bh_lru+0x128/0x234 [ 84.041567][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 84.042441][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.043205][ T4580] invalidate_bh_lrus+0x34/0x40 [ 84.043938][ T4580] blkdev_flush_mapping+0x168/0x31c [ 84.044742][ T4580] blkdev_put+0x490/0x6ac [ 84.045383][ T4580] blkdev_close+0x74/0xb0 [ 84.046001][ T4580] __fput+0x1c0/0x7f8 [ 84.046603][ T4580] ____fput+0x20/0x30 [ 84.047179][ T4580] task_work_run+0x12c/0x1e0 [ 84.047828][ T4580] do_notify_resume+0x24b4/0x3128 [ 84.048613][ T4580] el0_svc+0xf0/0x1e0 [ 84.049204][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 84.049930][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 84.050613][ T4580] irq event stamp: 423810 [ 84.051249][ T4580] hardirqs last enabled at (423809): [] kasan_quarantine_put+0xc4/0x204 [ 84.052839][ T4580] hardirqs last disabled at (423810): [] smp_call_function_many_cond+0xa44/0xeb0 [ 84.054445][ T4580] softirqs last enabled at (423548): [] local_bh_enable+0x10/0x34 [ 84.055927][ T4580] softirqs last disabled at (423546): [] local_bh_disable+0x10/0x34 [ 84.057352][ T4580] ---[ end trace 5519afa7f6d9eb8a ]--- [ 84.083591][ T5125] loop0: detected capacity change from 0 to 128 [ 84.126685][ T5125] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.127827][ T5125] Bad inode number on dev loop0: 2 is out of range [ 84.128816][ T5125] SysV FS: get root inode failed [ 84.129566][ T5125] oldfs: cannot read superblock [ 84.138385][ C1] ------------[ cut here ]------------ [ 84.139273][ C1] VFS: brelse: Trying to free free buffer [ 84.140062][ C1] WARNING: CPU: 1 PID: 5127 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.141270][ C1] Modules linked in: [ 84.141827][ C1] CPU: 1 PID: 5127 Comm: syz.0.97 Tainted: G W syzkaller #0 [ 84.143022][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.144460][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.145555][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 84.146304][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 84.147067][ C1] sp : ffff800008017de0 [ 84.147692][ C1] x29: ffff800008017de0 x28: ffff0000d3b69b40 x27: 1fffe0003421a45c [ 84.149136][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 84.150244][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb9b970 [ 84.151372][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 84.152501][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 84.153586][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.154657][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 5b45c783985e3d00 [ 84.155768][ C1] x8 : 5b45c783985e3d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.156962][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 84.158081][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.159240][ C1] Call trace: [ 84.159727][ C1] invalidate_bh_lru+0x128/0x234 [ 84.160381][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.161199][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.162201][ C1] ipi_handler+0x10c/0x710 [ 84.162867][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 84.163681][ C1] handle_domain_irq+0x144/0x1fc [ 84.164420][ C1] gic_handle_irq+0x78/0x1c8 [ 84.165104][ C1] call_on_irq_stack+0x30/0x48 [ 84.165827][ C1] do_interrupt_handler+0x6c/0x88 [ 84.166544][ C1] el0_interrupt+0x94/0x260 [ 84.167189][ C1] __el0_irq_handler_common+0x18/0x24 [ 84.167962][ C1] el0t_64_irq_handler+0x10/0x1c [ 84.168683][ C1] el0t_64_irq+0x1a0/0x1a4 [ 84.169321][ C1] irq event stamp: 174 [ 84.169864][ C1] hardirqs last enabled at (173): [] el0t_64_sync_handler+0xd8/0xe4 [ 84.171295][ C1] hardirqs last disabled at (174): [] __el0_irq_handler_common+0x18/0x24 [ 84.172820][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 84.174199][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 84.175537][ C1] ---[ end trace 5519afa7f6d9eb8b ]--- [ 84.202654][ T5127] loop0: detected capacity change from 0 to 128 [ 84.206143][ T5127] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.207215][ T5127] Bad inode number on dev loop0: 2 is out of range [ 84.208175][ T5127] SysV FS: get root inode failed [ 84.208884][ T5127] oldfs: cannot read superblock [ 84.220831][ T4580] ------------[ cut here ]------------ [ 84.221715][ T4580] VFS: brelse: Trying to free free buffer [ 84.222604][ T4580] WARNING: CPU: 1 PID: 4580 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.223896][ T4580] Modules linked in: [ 84.224485][ T4580] CPU: 1 PID: 4580 Comm: udevd Tainted: G W syzkaller #0 [ 84.225779][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.227248][ T4580] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.228362][ T4580] pc : invalidate_bh_lru+0x128/0x234 [ 84.229128][ T4580] lr : invalidate_bh_lru+0x128/0x234 [ 84.229854][ T4580] sp : ffff80001fc377c0 [ 84.230436][ T4580] x29: ffff80001fc377c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 84.231646][ T4580] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 84.232861][ T4580] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb9bd10 [ 84.234119][ T4580] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 84.235347][ T4580] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 84.236615][ T4580] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.237800][ T4580] x11: 0000000000000002 x10: 0000000000000000 x9 : 85422156d6355000 [ 84.239009][ T4580] x8 : 85422156d6355000 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.240184][ T4580] x5 : ffff80001fc370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 84.241344][ T4580] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.242475][ T4580] Call trace: [ 84.242959][ T4580] invalidate_bh_lru+0x128/0x234 [ 84.243674][ T4580] smp_call_function_many_cond+0xa50/0xeb0 [ 84.244539][ T4580] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.245315][ T4580] invalidate_bh_lrus+0x34/0x40 [ 84.246025][ T4580] blkdev_flush_mapping+0x168/0x31c [ 84.246856][ T4580] blkdev_put+0x490/0x6ac [ 84.247463][ T4580] blkdev_close+0x74/0xb0 [ 84.248143][ T4580] __fput+0x1c0/0x7f8 [ 84.248748][ T4580] ____fput+0x20/0x30 [ 84.249366][ T4580] task_work_run+0x12c/0x1e0 [ 84.250064][ T4580] do_notify_resume+0x24b4/0x3128 [ 84.250777][ T4580] el0_svc+0xf0/0x1e0 [ 84.251400][ T4580] el0t_64_sync_handler+0xcc/0xe4 [ 84.252260][ T4580] el0t_64_sync+0x1a0/0x1a4 [ 84.253055][ T4580] irq event stamp: 434778 [ 84.253731][ T4580] hardirqs last enabled at (434777): [] kasan_quarantine_put+0xc4/0x204 [ 84.255232][ T4580] hardirqs last disabled at (434778): [] smp_call_function_many_cond+0xa44/0xeb0 [ 84.256972][ T4580] softirqs last enabled at (434706): [] handle_softirqs+0xa4c/0xbf0 [ 84.258600][ T4580] softirqs last disabled at (434691): [] __irq_exit_rcu+0x240/0x440 [ 84.260114][ T4580] ---[ end trace 5519afa7f6d9eb8c ]--- [ 84.303073][ T5129] loop0: detected capacity change from 0 to 128 [ 84.362254][ T5129] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.363395][ T5129] Bad inode number on dev loop0: 2 is out of range [ 84.364314][ T5129] SysV FS: get root inode failed [ 84.365044][ T5129] oldfs: cannot read superblock [ 84.373999][ C0] ------------[ cut here ]------------ [ 84.374884][ C0] VFS: brelse: Trying to free free buffer [ 84.375788][ C0] WARNING: CPU: 0 PID: 5130 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.377166][ C0] Modules linked in: [ 84.377779][ C0] CPU: 0 PID: 5130 Comm: syz.0.99 Tainted: G W syzkaller #0 [ 84.379129][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.380666][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.381836][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 84.382617][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 84.383373][ C0] sp : ffff800008007de0 [ 84.384023][ C0] x29: ffff800008007de0 x28: ffff0000d0f9d1c0 x27: 1fffe0003421625c [ 84.385168][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 84.386331][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debeb400 [ 84.387499][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 84.388643][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 84.389727][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.390860][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 02d58270c2aef800 [ 84.391997][ C0] x8 : 02d58270c2aef800 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.393058][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 84.394160][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.395404][ C0] Call trace: [ 84.395879][ C0] invalidate_bh_lru+0x128/0x234 [ 84.396607][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.397481][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.398474][ C0] ipi_handler+0x10c/0x710 [ 84.399127][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 84.399922][ C0] handle_domain_irq+0x144/0x1fc [ 84.400644][ C0] gic_handle_irq+0x78/0x1c8 [ 84.401374][ C0] call_on_irq_stack+0x30/0x48 [ 84.402098][ C0] do_interrupt_handler+0x6c/0x88 [ 84.402839][ C0] el0_interrupt+0x94/0x260 [ 84.403489][ C0] __el0_irq_handler_common+0x18/0x24 [ 84.404259][ C0] el0t_64_irq_handler+0x10/0x1c [ 84.404949][ C0] el0t_64_irq+0x1a0/0x1a4 [ 84.405559][ C0] irq event stamp: 1306 [ 84.406145][ C0] hardirqs last enabled at (1305): [] el0t_64_sync_handler+0xd8/0xe4 [ 84.407506][ C0] hardirqs last disabled at (1306): [] __el0_irq_handler_common+0x18/0x24 [ 84.408898][ C0] softirqs last enabled at (1182): [] local_bh_enable+0x10/0x34 [ 84.410191][ C0] softirqs last disabled at (1180): [] local_bh_disable+0x10/0x34 [ 84.411475][ C0] ---[ end trace 5519afa7f6d9eb8d ]--- [ 84.443046][ T5131] loop0: detected capacity change from 0 to 128 [ 84.446159][ T5131] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.447634][ T5131] Bad inode number on dev loop0: 2 is out of range [ 84.448635][ T5131] SysV FS: get root inode failed [ 84.449379][ T5131] oldfs: cannot read superblock [ 84.456789][ C1] ------------[ cut here ]------------ [ 84.457705][ C1] VFS: brelse: Trying to free free buffer [ 84.458739][ C1] WARNING: CPU: 1 PID: 5131 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.460118][ C1] Modules linked in: [ 84.460735][ C1] CPU: 1 PID: 5131 Comm: syz.0.99 Tainted: G W syzkaller #0 [ 84.461990][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.463507][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.464625][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 84.465429][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 84.466250][ C1] sp : ffff800008017de0 [ 84.466833][ C1] x29: ffff800008017de0 x28: ffff0000cd5fd1c0 x27: 1fffe0003421a45d [ 84.467957][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000002 [ 84.469114][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e30547a0 [ 84.470263][ C1] x20: ffff0001a10d22e8 x19: ffff8000113da820 x18: 0000000000010003 [ 84.471461][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 84.472664][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.473840][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : fed43debc6584100 [ 84.475027][ C1] x8 : fed43debc6584100 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.476203][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 84.477427][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 84.478571][ C1] Call trace: [ 84.479025][ C1] invalidate_bh_lru+0x128/0x234 [ 84.479780][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.480687][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.481665][ C1] ipi_handler+0x10c/0x710 [ 84.482300][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 84.483073][ C1] handle_domain_irq+0x144/0x1fc [ 84.483792][ C1] gic_handle_irq+0x78/0x1c8 [ 84.484448][ C1] call_on_irq_stack+0x30/0x48 [ 84.485129][ C1] do_interrupt_handler+0x6c/0x88 [ 84.485848][ C1] el1_interrupt+0x30/0x58 [ 84.486514][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.487222][ C1] el1h_64_irq+0x78/0x7c [ 84.487848][ C1] __sanitizer_cov_trace_cmp4+0x20/0xc8 [ 84.488622][ C1] unmap_page_range+0xc80/0x1958 [ 84.489366][ C1] unmap_single_vma+0x13c/0x1e4 [ 84.490056][ C1] unmap_vmas+0x104/0x200 [ 84.490670][ C1] exit_mmap+0x2a8/0x4e0 [ 84.491269][ C1] __mmput+0xec/0x3b8 [ 84.491838][ C1] mmput+0x80/0xc8 [ 84.492377][ C1] exit_mm+0x4a0/0x684 [ 84.492964][ C1] do_exit+0x4ec/0x1f58 [ 84.493549][ C1] do_group_exit+0x100/0x268 [ 84.494190][ C1] get_signal+0x73c/0x1340 [ 84.494801][ C1] do_notify_resume+0x35c/0x3128 [ 84.495512][ C1] el0_svc+0xf0/0x1e0 [ 84.496092][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 84.496793][ C1] el0t_64_sync+0x1a0/0x1a4 [ 84.497442][ C1] irq event stamp: 1700 [ 84.498056][ C1] hardirqs last enabled at (1699): [] lock_page_memcg+0x110/0x234 [ 84.499371][ C1] hardirqs last disabled at (1700): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.500788][ C1] softirqs last enabled at (1226): [] local_bh_enable+0x10/0x34 [ 84.502131][ C1] softirqs last disabled at (1224): [] local_bh_disable+0x10/0x34 [ 84.503481][ C1] ---[ end trace 5519afa7f6d9eb8e ]--- [ 84.558796][ T5133] loop0: detected capacity change from 0 to 128 [ 84.566196][ T5133] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.567370][ T5133] Bad inode number on dev loop0: 2 is out of range [ 84.568398][ T5133] SysV FS: get root inode failed [ 84.569184][ T5133] oldfs: cannot read superblock [ 84.573074][ C1] ------------[ cut here ]------------ [ 84.573897][ C1] VFS: brelse: Trying to free free buffer [ 84.574802][ C1] WARNING: CPU: 1 PID: 4717 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 84.576113][ C1] Modules linked in: [ 84.576647][ C1] CPU: 1 PID: 4717 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.577953][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.579391][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.580565][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 84.581306][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 84.582125][ C1] sp : ffff800008017de0 [ 84.582682][ C1] x29: ffff800008017de0 x28: ffff0000c22db680 x27: 1fffe0003421a45b [ 84.583852][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 84.585103][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd5c9d10 [ 84.586321][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010002 [ 84.587555][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 84.588763][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 84.590016][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 054daef7726fa800 [ 84.591157][ C1] x8 : 054daef7726fa800 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.592415][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 84.593730][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.595002][ C1] Call trace: [ 84.595504][ C1] invalidate_bh_lru+0x128/0x234 [ 84.596236][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.597100][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.598122][ C1] ipi_handler+0x10c/0x710 [ 84.598807][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 84.599687][ C1] handle_domain_irq+0x144/0x1fc [ 84.600473][ C1] gic_handle_irq+0x78/0x1c8