Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts. 1970/01/01 00:01:00 parsed 1 programs [ 61.754130][ T4396] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 66.080949][ T4493] chnl_net:caif_netlink_parms(): no params data found [ 66.099679][ T4493] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.100928][ T4493] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.102794][ T4493] device bridge_slave_0 entered promiscuous mode [ 66.105214][ T4493] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.106345][ T4493] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.107987][ T4493] device bridge_slave_1 entered promiscuous mode [ 66.118562][ T4493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.121393][ T4493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.129978][ T4493] team0: Port device team_slave_0 added [ 66.131970][ T4493] team0: Port device team_slave_1 added [ 66.139680][ T4493] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.140826][ T4493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.145273][ T4493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.147700][ T4493] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.148834][ T4493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.153737][ T4493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.223327][ T4493] device hsr_slave_0 entered promiscuous mode [ 66.262793][ T4493] device hsr_slave_1 entered promiscuous mode [ 66.889998][ T4493] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.913692][ T4493] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.954092][ T4493] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.015026][ T4493] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.093015][ T4493] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.097755][ T4493] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.101107][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 67.102733][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.109937][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 67.111454][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.142392][ T1606] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.143638][ T1606] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.156308][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 67.158090][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 67.159740][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.161394][ T1606] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.162552][ T1606] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.164779][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.166658][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 67.168339][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 67.170507][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.173123][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 67.174704][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.179782][ T4493] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 67.181327][ T4493] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.186531][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.188167][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.189926][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.193409][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.194895][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.198900][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.242519][ T4493] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.244448][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 67.245756][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 67.254878][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 67.256624][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.265841][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 67.267474][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.269053][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.270464][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.274220][ T4493] device veth0_vlan entered promiscuous mode [ 67.277851][ T4493] device veth1_vlan entered promiscuous mode [ 67.286151][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 67.287742][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 67.289248][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.290779][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.295279][ T4493] device veth0_macvtap entered promiscuous mode [ 67.297906][ T4493] device veth1_macvtap entered promiscuous mode [ 67.304405][ T4493] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.305598][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.307111][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 67.308527][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 67.310070][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.315575][ T4493] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.316804][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.318471][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.321580][ T4493] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.323690][ T4493] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.325095][ T4493] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.326499][ T4493] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.430235][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.431505][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.433908][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.447208][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.448531][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.449917][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:07 executed programs: 0 [ 67.719706][ T4651] chnl_net:caif_netlink_parms(): no params data found [ 67.739244][ T4651] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.740496][ T4651] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.742471][ T4651] device bridge_slave_0 entered promiscuous mode [ 67.744589][ T4651] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.745734][ T4651] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.747265][ T4651] device bridge_slave_1 entered promiscuous mode [ 67.756946][ T4651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.759619][ T4651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.770489][ T4651] team0: Port device team_slave_0 added [ 67.774192][ T4651] team0: Port device team_slave_1 added [ 67.781325][ T4651] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.783848][ T4651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.788156][ T4651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.791010][ T4651] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.793254][ T4651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.797433][ T4651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.854358][ T4651] device hsr_slave_0 entered promiscuous mode [ 67.892497][ T4651] device hsr_slave_1 entered promiscuous mode [ 67.922048][ T4651] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 67.923222][ T4651] Cannot create hsr debugfs directory [ 67.970159][ T4651] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.623870][ T2064] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.625376][ T2064] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.627675][ T1540] cfg80211: failed to load regulatory.db [ 69.701884][ T1540] Bluetooth: hci0: command 0x0409 tx timeout [ 70.762674][ T4651] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.782309][ T21] Bluetooth: hci0: command 0x041b tx timeout [ 73.125667][ T4651] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.167098][ T4651] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.276970][ T4651] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.323926][ T4651] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.380159][ T4651] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.412954][ T4651] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.482640][ T4651] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.486624][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 73.488265][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 73.490982][ T4651] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.494092][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 73.495787][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 73.497351][ T1606] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.498615][ T1606] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.500134][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.509267][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 73.511078][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 73.514438][ T1606] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.515541][ T1606] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.519225][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 73.523054][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 73.526074][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 73.527850][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 73.529482][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 73.533612][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 73.535394][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 73.536947][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 73.538577][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 73.541434][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 73.543439][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 73.551141][ T4651] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 73.594107][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 73.595512][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 73.600260][ T4651] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.607943][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.609601][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.617442][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.619042][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.620673][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 73.622385][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 73.624863][ T4651] device veth0_vlan entered promiscuous mode [ 73.628495][ T4651] device veth1_vlan entered promiscuous mode [ 73.637145][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 73.638759][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 73.640290][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.643994][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.654774][ T4651] device veth0_macvtap entered promiscuous mode [ 73.658445][ T4651] device veth1_macvtap entered promiscuous mode [ 73.664990][ T4651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.666705][ T4651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.669025][ T4651] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.670250][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 73.672454][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 73.673922][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 73.675565][ T1606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 73.678278][ T4651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.679961][ T4651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.682498][ T4651] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.684066][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 73.685781][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 73.688560][ T4651] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.689997][ T4651] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.691482][ T4651] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.693218][ T4651] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.717530][ T1606] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.718889][ T1606] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.720326][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 73.729359][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.730711][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.733541][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:13 executed programs: 2 [ 73.758984][ T4875] loop0: detected capacity change from 0 to 128 [ 73.858419][ T4875] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.859583][ T4875] Bad inode number on dev loop0: 2 is out of range [ 73.860572][ T4875] SysV FS: get root inode failed [ 73.861441][ T4875] oldfs: cannot read superblock [ 73.862576][ T21] Bluetooth: hci0: command 0x040f tx timeout [ 73.864863][ C1] ------------[ cut here ]------------ [ 73.865733][ C1] VFS: brelse: Trying to free free buffer [ 73.866741][ C1] WARNING: CPU: 1 PID: 4875 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.868253][ C1] Modules linked in: [ 73.868899][ C1] CPU: 1 PID: 4875 Comm: syz.0.15 Not tainted syzkaller #0 [ 73.870175][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 73.871903][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.873299][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 73.874179][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 73.875048][ C1] sp : ffff800008017de0 [ 73.875713][ C1] x29: ffff800008017de0 x28: ffff0000ceab3680 x27: 1fffe000341f645c [ 73.877074][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 73.878453][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2139a58 [ 73.879758][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 73.881004][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 73.882374][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 73.883782][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : e252f1c2afdfcb00 [ 73.885125][ C1] x8 : e252f1c2afdfcb00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.886482][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 73.887818][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 73.889164][ C1] Call trace: [ 73.889734][ C1] invalidate_bh_lru+0x128/0x22c [ 73.890543][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.891431][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.892509][ C1] ipi_handler+0x10c/0x6fc [ 73.893237][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 73.894187][ C1] handle_domain_irq+0x144/0x1fc [ 73.895009][ C1] gic_handle_irq+0x78/0x1b8 [ 73.895796][ C1] call_on_irq_stack+0x30/0x48 [ 73.896631][ C1] do_interrupt_handler+0x6c/0x88 [ 73.897484][ C1] el1_interrupt+0x30/0x58 [ 73.898272][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.899134][ C1] el1h_64_irq+0x78/0x7c [ 73.899865][ C1] lock_page_memcg+0x120/0x22c [ 73.900675][ C1] page_remove_rmap+0x3c/0xf90 [ 73.901470][ C1] unmap_page_range+0xb78/0x190c [ 73.902341][ C1] unmap_single_vma+0x13c/0x1e4 [ 73.903167][ C1] unmap_vmas+0x10c/0x214 [ 73.903906][ C1] exit_mmap+0x2c4/0x508 [ 73.904658][ C1] __mmput+0xec/0x3a8 [ 73.905333][ C1] mmput+0x80/0xc0 [ 73.905940][ C1] exit_mm+0x4ac/0x664 [ 73.906566][ C1] do_exit+0x4f0/0x1f50 [ 73.907244][ C1] do_group_exit+0x100/0x268 [ 73.907939][ C1] get_signal+0x73c/0x1334 [ 73.908594][ C1] do_notify_resume+0x354/0x309c [ 73.909346][ C1] el0_svc+0xf0/0x1d0 [ 73.909923][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.910721][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.911390][ C1] irq event stamp: 2834 [ 73.911968][ C1] hardirqs last enabled at (2833): [] lock_page_memcg+0x110/0x22c [ 73.913526][ C1] hardirqs last disabled at (2834): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.915025][ C1] softirqs last enabled at (1914): [] local_bh_enable+0x10/0x34 [ 73.916544][ C1] softirqs last disabled at (1912): [] local_bh_disable+0x10/0x34 [ 73.918083][ C1] ---[ end trace 2ba480db038c16af ]--- [ 73.953964][ T4877] loop0: detected capacity change from 0 to 128 [ 73.957839][ T4877] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.959067][ T4877] Bad inode number on dev loop0: 2 is out of range [ 73.960097][ T4877] SysV FS: get root inode failed [ 73.960880][ T4877] oldfs: cannot read superblock [ 73.964158][ C0] ------------[ cut here ]------------ [ 73.965002][ C0] VFS: brelse: Trying to free free buffer [ 73.965927][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.967306][ C0] Modules linked in: [ 73.967919][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.969394][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 73.971078][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.972368][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 73.973261][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 73.974182][ C0] sp : ffff800008007de0 [ 73.974835][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 73.976138][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 73.977573][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2139df8 [ 73.978877][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 73.980303][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 73.981685][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 73.983052][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 73.984392][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.985772][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 73.987125][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.988490][ C0] Call trace: [ 73.989033][ C0] invalidate_bh_lru+0x128/0x22c [ 73.989854][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 73.990916][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.992237][ C0] ipi_handler+0x10c/0x6fc [ 73.992991][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 73.993921][ C0] handle_domain_irq+0x144/0x1fc [ 73.994767][ C0] gic_handle_irq+0x78/0x1b8 [ 73.995541][ C0] call_on_irq_stack+0x30/0x48 [ 73.996383][ C0] do_interrupt_handler+0x6c/0x88 [ 73.997264][ C0] el1_interrupt+0x30/0x58 [ 73.997965][ C0] el1h_64_irq_handler+0x18/0x24 [ 73.998767][ C0] el1h_64_irq+0x78/0x7c [ 73.999487][ C0] lock_acquire+0x158/0x618 [ 74.000272][ C0] __might_fault+0xc8/0x128 [ 74.000990][ C0] __arm64_sys_rt_sigreturn+0x338/0x20c0 [ 74.001872][ C0] invoke_syscall+0x98/0x2b0 [ 74.002689][ C0] el0_svc_common+0x138/0x258 [ 74.003484][ C0] do_el0_svc+0x58/0x13c [ 74.004214][ C0] el0_svc+0x78/0x1d0 [ 74.004849][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.005658][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.006387][ C0] irq event stamp: 162578 [ 74.007106][ C0] hardirqs last enabled at (162577): [] _raw_spin_unlock_irq+0x98/0x128 [ 74.008840][ C0] hardirqs last disabled at (162578): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.010419][ C0] softirqs last enabled at (162570): [] local_bh_enable+0x10/0x34 [ 74.012159][ C0] softirqs last disabled at (162568): [] local_bh_disable+0x10/0x34 [ 74.013849][ C0] ---[ end trace 2ba480db038c16b0 ]--- [ 74.048764][ T4880] loop0: detected capacity change from 0 to 128 [ 74.054744][ T4880] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.055990][ T4880] Bad inode number on dev loop0: 2 is out of range [ 74.056979][ T4880] SysV FS: get root inode failed [ 74.058075][ T4880] oldfs: cannot read superblock [ 74.064596][ C1] ------------[ cut here ]------------ [ 74.065476][ C1] VFS: brelse: Trying to free free buffer [ 74.066493][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.068003][ C1] Modules linked in: [ 74.068681][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.070209][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.071871][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.073215][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 74.074073][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 74.074930][ C1] sp : ffff800008017de0 [ 74.075612][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645c [ 74.076930][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 74.078304][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2214148 [ 74.079618][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.080996][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.082418][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.083737][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 74.085116][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.086372][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.087613][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.088926][ C1] Call trace: [ 74.089470][ C1] invalidate_bh_lru+0x128/0x22c [ 74.090314][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.091320][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.092424][ C1] ipi_handler+0x10c/0x6fc [ 74.093238][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 74.094181][ C1] handle_domain_irq+0x144/0x1fc [ 74.095032][ C1] gic_handle_irq+0x78/0x1b8 [ 74.095848][ C1] call_on_irq_stack+0x30/0x48 [ 74.096638][ C1] do_interrupt_handler+0x6c/0x88 [ 74.097498][ C1] el1_interrupt+0x30/0x58 [ 74.098239][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.099149][ C1] el1h_64_irq+0x78/0x7c [ 74.099867][ C1] put_cpu_partial+0x198/0x214 [ 74.100688][ C1] __slab_free+0x180/0x248 [ 74.101438][ C1] ___cache_free+0x174/0x1b8 [ 74.102237][ C1] qlink_free+0x5c/0xa0 [ 74.102925][ C1] qlist_free_all+0x40/0xa8 [ 74.103635][ C1] kasan_quarantine_reduce+0x124/0x130 [ 74.104535][ C1] __kasan_slab_alloc+0x34/0xcc [ 74.105324][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 74.106181][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 74.107027][ C1] __alloc_file+0x30/0x238 [ 74.107742][ C1] alloc_empty_file+0xa0/0x184 [ 74.108517][ C1] alloc_file+0x64/0x490 [ 74.109155][ C1] alloc_file_pseudo+0x16c/0x1f4 [ 74.109896][ C1] sock_alloc_file+0xb4/0x22c [ 74.110661][ C1] __sys_socket+0x13c/0x18c [ 74.111440][ C1] __arm64_sys_socket+0x7c/0x94 [ 74.112206][ C1] invoke_syscall+0x98/0x2b0 [ 74.112934][ C1] el0_svc_common+0x138/0x258 [ 74.113743][ C1] do_el0_svc+0x58/0x13c [ 74.114426][ C1] el0_svc+0x78/0x1d0 [ 74.115059][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.115901][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.116705][ C1] irq event stamp: 168178 [ 74.117433][ C1] hardirqs last enabled at (168177): [] put_cpu_partial+0x188/0x214 [ 74.119093][ C1] hardirqs last disabled at (168178): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.120716][ C1] softirqs last enabled at (167644): [] release_sock+0x1d0/0x258 [ 74.122312][ C1] softirqs last disabled at (167642): [] release_sock+0x34/0x258 [ 74.123884][ C1] ---[ end trace 2ba480db038c16b1 ]--- [ 74.165248][ T4882] loop0: detected capacity change from 0 to 128 [ 74.218583][ T4882] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.219865][ T4882] Bad inode number on dev loop0: 2 is out of range [ 74.220991][ T4882] SysV FS: get root inode failed [ 74.222527][ T4882] oldfs: cannot read superblock [ 74.228578][ C0] ------------[ cut here ]------------ [ 74.229447][ C0] VFS: brelse: Trying to free free buffer [ 74.230333][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.231632][ C0] Modules linked in: [ 74.232263][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.233755][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.235558][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.236890][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.237813][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.238722][ C0] sp : ffff800008007de0 [ 74.239445][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 74.240706][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.242163][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b4970 [ 74.243564][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.245009][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.246386][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.247745][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 74.249077][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.250519][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.251964][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.253365][ C0] Call trace: [ 74.253935][ C0] invalidate_bh_lru+0x128/0x22c [ 74.254778][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.255777][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.257012][ C0] ipi_handler+0x10c/0x6fc [ 74.257820][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.258779][ C0] handle_domain_irq+0x144/0x1fc [ 74.259621][ C0] gic_handle_irq+0x78/0x1b8 [ 74.260392][ C0] call_on_irq_stack+0x30/0x48 [ 74.261273][ C0] do_interrupt_handler+0x6c/0x88 [ 74.262166][ C0] el1_interrupt+0x30/0x58 [ 74.262905][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.263712][ C0] el1h_64_irq+0x78/0x7c [ 74.264429][ C0] __local_bh_enable_ip+0x200/0x37c [ 74.265302][ C0] _raw_spin_unlock_bh+0xec/0x174 [ 74.266111][ C0] lock_sock_nested+0x14c/0x1d4 [ 74.266871][ C0] ip_getsockopt+0x328/0x1664 [ 74.267603][ C0] tcp_getsockopt+0x210/0x2eec [ 74.268335][ C0] sock_common_getsockopt+0xa8/0xc4 [ 74.269141][ C0] __sys_getsockopt+0x1b8/0x250 [ 74.269964][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 74.270767][ C0] invoke_syscall+0x98/0x2b0 [ 74.271520][ C0] el0_svc_common+0x138/0x258 [ 74.272330][ C0] do_el0_svc+0x58/0x13c [ 74.273096][ C0] el0_svc+0x78/0x1d0 [ 74.273798][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.274635][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.275431][ C0] irq event stamp: 172182 [ 74.276170][ C0] hardirqs last enabled at (172181): [] __local_bh_enable_ip+0x1f8/0x37c [ 74.277840][ C0] hardirqs last disabled at (172182): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.279551][ C0] softirqs last enabled at (172180): [] lock_sock_nested+0x14c/0x1d4 [ 74.281179][ C0] softirqs last disabled at (172178): [] lock_sock_nested+0xf4/0x1d4 [ 74.282803][ C0] ---[ end trace 2ba480db038c16b2 ]--- [ 74.314639][ T4884] loop0: detected capacity change from 0 to 128 [ 74.317049][ T4884] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.318240][ T4884] Bad inode number on dev loop0: 2 is out of range [ 74.319398][ T4884] SysV FS: get root inode failed [ 74.320427][ T4884] oldfs: cannot read superblock [ 74.335355][ T4867] ------------[ cut here ]------------ [ 74.336382][ T4867] VFS: brelse: Trying to free free buffer [ 74.337457][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.338942][ T4867] Modules linked in: [ 74.339543][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 74.340858][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.342510][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.343885][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 74.344832][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 74.345731][ T4867] sp : ffff80001fc377c0 [ 74.346409][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 74.347800][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 74.349176][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22144e8 [ 74.350580][ T4867] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 74.351939][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.353322][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.354692][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 74.356006][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.357508][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.358887][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.360319][ T4867] Call trace: [ 74.360867][ T4867] invalidate_bh_lru+0x128/0x22c [ 74.361747][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 74.362728][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.363566][ T4867] invalidate_bh_lrus+0x34/0x40 [ 74.364412][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 74.365361][ T4867] blkdev_put+0x490/0x6ac [ 74.366147][ T4867] blkdev_close+0x74/0xb0 [ 74.366883][ T4867] __fput+0x1c0/0x7e8 [ 74.367566][ T4867] ____fput+0x20/0x30 [ 74.368277][ T4867] task_work_run+0x12c/0x1d8 [ 74.369015][ T4867] do_notify_resume+0x2450/0x309c [ 74.369890][ T4867] el0_svc+0xf0/0x1d0 [ 74.370510][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 74.371351][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 74.372128][ T4867] irq event stamp: 31654 [ 74.372860][ T4867] hardirqs last enabled at (31653): [] kasan_quarantine_put+0xc4/0x200 [ 74.374602][ T4867] hardirqs last disabled at (31654): [] smp_call_function_many_cond+0xa44/0xeac [ 74.376506][ T4867] softirqs last enabled at (31386): [] local_bh_enable+0x10/0x34 [ 74.378081][ T4867] softirqs last disabled at (31384): [] local_bh_disable+0x10/0x34 [ 74.379644][ T4867] ---[ end trace 2ba480db038c16b3 ]--- [ 74.428655][ T4888] loop0: detected capacity change from 0 to 128 [ 74.431084][ T4888] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.432815][ T4888] Bad inode number on dev loop0: 2 is out of range [ 74.433887][ T4888] SysV FS: get root inode failed [ 74.434720][ T4888] oldfs: cannot read superblock [ 74.444246][ C0] ------------[ cut here ]------------ [ 74.445173][ C0] VFS: brelse: Trying to free free buffer [ 74.446189][ C0] WARNING: CPU: 0 PID: 4889 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.447640][ C0] Modules linked in: [ 74.448299][ C0] CPU: 0 PID: 4889 Comm: syz.0.22 Tainted: G W syzkaller #0 [ 74.449703][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.451409][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.452676][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.453597][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.454486][ C0] sp : ffff800008007de0 [ 74.455228][ C0] x29: ffff800008007de0 x28: ffff0000c2ea51c0 x27: 1fffe000341f225c [ 74.456550][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.457842][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b4d10 [ 74.459252][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.460642][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.462023][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.463392][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : f6f5372a28087100 [ 74.464810][ C0] x8 : f6f5372a28087100 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.466190][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.467632][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.469046][ C0] Call trace: [ 74.469617][ C0] invalidate_bh_lru+0x128/0x22c [ 74.470446][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.471466][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.472584][ C0] ipi_handler+0x10c/0x6fc [ 74.473326][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.474284][ C0] handle_domain_irq+0x144/0x1fc [ 74.475104][ C0] gic_handle_irq+0x78/0x1b8 [ 74.475825][ C0] call_on_irq_stack+0x30/0x48 [ 74.476638][ C0] do_interrupt_handler+0x6c/0x88 [ 74.477522][ C0] el1_interrupt+0x30/0x58 [ 74.478293][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.479208][ C0] el1h_64_irq+0x78/0x7c [ 74.479937][ C0] try_charge_memcg+0x1e4/0x11a0 [ 74.480784][ C0] obj_cgroup_charge_pages+0x90/0x1a4 [ 74.481696][ C0] obj_cgroup_charge+0x188/0x2c8 [ 74.482544][ C0] slab_pre_alloc_hook+0xc8/0xe8 [ 74.483404][ C0] kmem_cache_alloc_node+0x98/0x40c [ 74.484234][ C0] dup_task_struct+0x74/0xc14 [ 74.484972][ C0] copy_process+0x4e0/0x34c8 [ 74.485759][ C0] kernel_clone+0x1ec/0x9e8 [ 74.486547][ C0] __arm64_sys_clone3+0x33c/0x374 [ 74.487432][ C0] invoke_syscall+0x98/0x2b0 [ 74.488192][ C0] el0_svc_common+0x138/0x258 [ 74.488992][ C0] do_el0_svc+0x58/0x13c [ 74.489723][ C0] el0_svc+0x78/0x1d0 [ 74.490385][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.491276][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.492015][ C0] irq event stamp: 1434 [ 74.492737][ C0] hardirqs last enabled at (1433): [] try_charge_memcg+0x1d4/0x11a0 [ 74.494329][ C0] hardirqs last disabled at (1434): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.495969][ C0] softirqs last enabled at (1418): [] local_bh_enable+0x10/0x34 [ 74.497539][ C0] softirqs last disabled at (1416): [] local_bh_disable+0x10/0x34 [ 74.499106][ C0] ---[ end trace 2ba480db038c16b4 ]--- [ 74.545408][ T4890] loop0: detected capacity change from 0 to 128 [ 74.548240][ T4890] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.549334][ T4890] Bad inode number on dev loop0: 2 is out of range [ 74.550387][ T4890] SysV FS: get root inode failed [ 74.551330][ T4890] oldfs: cannot read superblock [ 74.570783][ T4867] ------------[ cut here ]------------ [ 74.571700][ T4867] VFS: brelse: Trying to free free buffer [ 74.572725][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.574217][ T4867] Modules linked in: [ 74.574883][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 74.576301][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.577997][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.579378][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 74.580231][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 74.581113][ T4867] sp : ffff80001fc377c0 [ 74.581838][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 74.583176][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 74.584558][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2214888 [ 74.585927][ T4867] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 74.587238][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.588578][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.589885][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 74.591202][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.592543][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.593832][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.595169][ T4867] Call trace: [ 74.595720][ T4867] invalidate_bh_lru+0x128/0x22c [ 74.596578][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 74.597601][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.598417][ T4867] invalidate_bh_lrus+0x34/0x40 [ 74.599199][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 74.600086][ T4867] blkdev_put+0x490/0x6ac [ 74.600797][ T4867] blkdev_close+0x74/0xb0 [ 74.601537][ T4867] __fput+0x1c0/0x7e8 [ 74.602246][ T4867] ____fput+0x20/0x30 [ 74.602926][ T4867] task_work_run+0x12c/0x1d8 [ 74.603711][ T4867] do_notify_resume+0x2450/0x309c [ 74.604560][ T4867] el0_svc+0xf0/0x1d0 [ 74.605233][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 74.606068][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 74.606820][ T4867] irq event stamp: 44514 [ 74.607496][ T4867] hardirqs last enabled at (44513): [] kasan_quarantine_put+0xc4/0x200 [ 74.609101][ T4867] hardirqs last disabled at (44514): [] smp_call_function_many_cond+0xa44/0xeac [ 74.610816][ T4867] softirqs last enabled at (44240): [] local_bh_enable+0x10/0x34 [ 74.612346][ T4867] softirqs last disabled at (44238): [] local_bh_disable+0x10/0x34 [ 74.613932][ T4867] ---[ end trace 2ba480db038c16b5 ]--- [ 74.664499][ T4894] loop0: detected capacity change from 0 to 128 [ 74.671884][ T4894] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.673008][ T4894] Bad inode number on dev loop0: 2 is out of range [ 74.673988][ T4894] SysV FS: get root inode failed [ 74.674822][ T4894] oldfs: cannot read superblock [ 74.681478][ T4867] ------------[ cut here ]------------ [ 74.682304][ T4867] VFS: brelse: Trying to free free buffer [ 74.683289][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.684691][ T4867] Modules linked in: [ 74.685305][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 74.686616][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.688248][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.689509][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 74.690424][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 74.691367][ T4867] sp : ffff80001fc377c0 [ 74.692056][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 74.693459][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 74.694908][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2214c28 [ 74.696252][ T4867] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 74.697668][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.699058][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.700415][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 74.701741][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.703151][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.704561][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.705930][ T4867] Call trace: [ 74.706526][ T4867] invalidate_bh_lru+0x128/0x22c [ 74.707294][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 74.708303][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.709130][ T4867] invalidate_bh_lrus+0x34/0x40 [ 74.709913][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 74.710791][ T4867] blkdev_put+0x490/0x6ac [ 74.711559][ T4867] blkdev_close+0x74/0xb0 [ 74.712261][ T4867] __fput+0x1c0/0x7e8 [ 74.712935][ T4867] ____fput+0x20/0x30 [ 74.713619][ T4867] task_work_run+0x12c/0x1d8 [ 74.714405][ T4867] do_notify_resume+0x2450/0x309c [ 74.715237][ T4867] el0_svc+0xf0/0x1d0 [ 74.715877][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 74.716721][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 74.717540][ T4867] irq event stamp: 48392 [ 74.718223][ T4867] hardirqs last enabled at (48391): [] kasan_quarantine_put+0xc4/0x200 [ 74.719971][ T4867] hardirqs last disabled at (48392): [] smp_call_function_many_cond+0xa44/0xeac [ 74.721850][ T4867] softirqs last enabled at (48122): [] local_bh_enable+0x10/0x34 [ 74.723545][ T4867] softirqs last disabled at (48120): [] local_bh_disable+0x10/0x34 [ 74.725244][ T4867] ---[ end trace 2ba480db038c16b6 ]--- [ 74.780410][ T4897] loop0: detected capacity change from 0 to 128 [ 74.863059][ T4897] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.864339][ T4897] Bad inode number on dev loop0: 2 is out of range [ 74.865476][ T4897] SysV FS: get root inode failed [ 74.866343][ T4897] oldfs: cannot read superblock [ 74.876099][ C1] ------------[ cut here ]------------ [ 74.877078][ C1] VFS: brelse: Trying to free free buffer [ 74.878097][ C1] WARNING: CPU: 1 PID: 4899 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.879598][ C1] Modules linked in: [ 74.880267][ C1] CPU: 1 PID: 4899 Comm: syz.0.26 Tainted: G W syzkaller #0 [ 74.881739][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.883488][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.884786][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 74.885716][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 74.886618][ C1] sp : ffff800008017de0 [ 74.887301][ C1] x29: ffff800008017de0 x28: ffff0000da493680 x27: 1fffe000341f645b [ 74.888770][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 74.890079][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2056a58 [ 74.891435][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.892858][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.894303][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.895702][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 501bd4078377bb00 [ 74.897066][ C1] x8 : 501bd4078377bb00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.898451][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.899788][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.901148][ C1] Call trace: [ 74.901669][ C1] invalidate_bh_lru+0x128/0x22c [ 74.902465][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.903443][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.904510][ C1] ipi_handler+0x10c/0x6fc [ 74.905230][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 74.906095][ C1] handle_domain_irq+0x144/0x1fc [ 74.906897][ C1] gic_handle_irq+0x78/0x1b8 [ 74.907660][ C1] call_on_irq_stack+0x30/0x48 [ 74.908439][ C1] do_interrupt_handler+0x6c/0x88 [ 74.909230][ C1] el1_interrupt+0x30/0x58 [ 74.909987][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.910774][ C1] el1h_64_irq+0x78/0x7c [ 74.911466][ C1] local_daif_restore+0x20/0x3c [ 74.912316][ C1] el0_da+0x80/0x1ec [ 74.913010][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 74.913840][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.914648][ C1] irq event stamp: 1012 [ 74.915330][ C1] hardirqs last enabled at (1011): [] local_daif_restore+0x1c/0x3c [ 74.916920][ C1] hardirqs last disabled at (1012): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.918518][ C1] softirqs last enabled at (998): [] local_bh_enable+0x10/0x34 [ 74.920051][ C1] softirqs last disabled at (996): [] local_bh_disable+0x10/0x34 [ 74.921667][ C1] ---[ end trace 2ba480db038c16b7 ]--- [ 74.969124][ T4900] loop0: detected capacity change from 0 to 128 [ 74.970569][ T427] device hsr_slave_0 left promiscuous mode [ 74.974374][ T4900] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.975584][ T4900] Bad inode number on dev loop0: 2 is out of range [ 74.976707][ T4900] SysV FS: get root inode failed [ 74.977546][ T4900] oldfs: cannot read superblock [ 74.988300][ C0] ------------[ cut here ]------------ [ 74.989237][ C0] VFS: brelse: Trying to free free buffer [ 74.990200][ C0] WARNING: CPU: 0 PID: 4902 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.991676][ C0] Modules linked in: [ 74.992324][ C0] CPU: 0 PID: 4902 Comm: syz.0.27 Tainted: G W syzkaller #0 [ 74.993786][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.995523][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.996854][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.997718][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.998547][ C0] sp : ffff800008007de0 [ 74.999177][ C0] x29: ffff800008007de0 x28: ffff0000cbf051c0 x27: 1fffe000341f225c [ 75.000534][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 75.001970][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e21ab6b8 [ 75.003370][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 75.004765][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.006170][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 75.007556][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 3e8beffed0c67e00 [ 75.008959][ C0] x8 : 3e8beffed0c67e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.010237][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.011531][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.012929][ C0] Call trace: [ 75.013380][ C0] invalidate_bh_lru+0x128/0x22c [ 75.014184][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.015170][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.016320][ C0] ipi_handler+0x10c/0x6fc [ 75.016995][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 75.017889][ C0] handle_domain_irq+0x144/0x1fc [ 75.018683][ C0] gic_handle_irq+0x78/0x1b8 [ 75.019513][ C0] call_on_irq_stack+0x30/0x48 [ 75.020344][ C0] do_interrupt_handler+0x6c/0x88 [ 75.021195][ C0] el1_interrupt+0x30/0x58 [ 75.021982][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.022747][ C0] el1h_64_irq+0x78/0x7c [ 75.023465][ C0] arch_local_irq_restore+0x8/0x10 [ 75.024315][ C0] rcu_read_lock_held+0x34/0x50 [ 75.025144][ C0] __cgroup_throttle_swaprate+0x218/0x55c [ 75.026179][ C0] handle_mm_fault+0x1ec8/0x2a28 [ 75.027026][ C0] do_page_fault+0x67c/0xab0 [ 75.027836][ C0] do_translation_fault+0xe0/0x130 [ 75.028618][ C0] do_mem_abort+0x6c/0x1ac [ 75.029378][ C0] el0_da+0x90/0x1ec [ 75.030025][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 75.030922][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.031747][ C0] irq event stamp: 170 [ 75.032394][ C0] hardirqs last enabled at (169): [] charge_memcg+0x190/0x21c [ 75.033992][ C0] hardirqs last disabled at (170): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.035672][ C0] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 75.037303][ C0] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 75.038858][ C0] ---[ end trace 2ba480db038c16b8 ]--- [ 75.063619][ T427] device hsr_slave_1 left promiscuous mode [ 75.068521][ T4902] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.070120][ T4902] Bad inode number on dev loop0: 2 is out of range [ 75.071145][ T4902] SysV FS: get root inode failed [ 75.072826][ T4902] oldfs: cannot read superblock [ 75.077043][ C1] ------------[ cut here ]------------ [ 75.077922][ C1] VFS: brelse: Trying to free free buffer [ 75.078899][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.080314][ C1] Modules linked in: [ 75.081017][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.082486][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.084147][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.085418][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.086329][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.087182][ C1] sp : ffff800008017de0 [ 75.087880][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645c [ 75.089279][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.090704][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e204c6b8 [ 75.091962][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 75.093398][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.094776][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.096252][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 19e79de5f0c73800 [ 75.097683][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.099026][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.100401][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.101761][ C1] Call trace: [ 75.102277][ C1] invalidate_bh_lru+0x128/0x22c [ 75.103091][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.104165][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.105386][ C1] ipi_handler+0x10c/0x6fc [ 75.106146][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.107107][ C1] handle_domain_irq+0x144/0x1fc [ 75.107977][ C1] gic_handle_irq+0x78/0x1b8 [ 75.108758][ C1] call_on_irq_stack+0x30/0x48 [ 75.109564][ C1] do_interrupt_handler+0x6c/0x88 [ 75.110414][ C1] el1_interrupt+0x30/0x58 [ 75.111149][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.111977][ C1] el1h_64_irq+0x78/0x7c [ 75.112715][ C1] __sanitizer_cov_trace_pc+0x78/0xac [ 75.113580][ C1] check_preemption_disabled+0x28/0x164 [ 75.114461][ C1] debug_smp_processor_id+0x20/0x2c [ 75.115312][ C1] rcu_is_watching+0x50/0x134 [ 75.116115][ C1] lock_release+0xb4/0x8e0 [ 75.116862][ C1] rcu_lock_release+0x2c/0x38 [ 75.117675][ C1] mntput_no_expire+0x2a8/0x788 [ 75.118458][ C1] mntput+0x60/0xcc [ 75.119114][ C1] path_put+0x58/0x68 [ 75.119853][ C1] vfs_statx+0x258/0x490 [ 75.120598][ C1] __arm64_sys_newfstatat+0x124/0x1bc [ 75.121465][ C1] invoke_syscall+0x98/0x2b0 [ 75.122239][ C1] el0_svc_common+0x138/0x258 [ 75.123069][ C1] do_el0_svc+0x58/0x13c [ 75.123763][ C1] el0_svc+0x78/0x1d0 [ 75.124409][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.125200][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.125952][ C1] irq event stamp: 199936 [ 75.126624][ C1] hardirqs last enabled at (199935): [] kasan_quarantine_put+0xc4/0x200 [ 75.128257][ C1] hardirqs last disabled at (199936): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.129851][ C1] softirqs last enabled at (199892): [] local_bh_enable+0x10/0x34 [ 75.131485][ C1] softirqs last disabled at (199890): [] local_bh_disable+0x10/0x34 [ 75.133159][ C1] ---[ end trace 2ba480db038c16b9 ]--- [ 75.172564][ T427] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.173841][ T427] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.176164][ T427] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.177404][ T427] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.178881][ T427] device bridge_slave_1 left promiscuous mode [ 75.185524][ T427] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.188796][ T4904] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.189946][ T4904] Bad inode number on dev loop0: 2 is out of range [ 75.191072][ T4904] SysV FS: get root inode failed [ 75.192549][ T4904] oldfs: cannot read superblock [ 75.195548][ T4867] ------------[ cut here ]------------ [ 75.196521][ T4867] VFS: brelse: Trying to free free buffer [ 75.197513][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.199039][ T4867] Modules linked in: [ 75.199605][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 75.200946][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.202681][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.204052][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 75.204972][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 75.205888][ T4867] sp : ffff80001fc377c0 [ 75.206597][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 75.207976][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 75.209347][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e204cb40 [ 75.210592][ T4867] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 75.211976][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.213331][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.214637][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 75.216002][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.217406][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.218760][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.220142][ T4867] Call trace: [ 75.220661][ T4867] invalidate_bh_lru+0x128/0x22c [ 75.221570][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 75.222577][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.223463][ T4867] invalidate_bh_lrus+0x34/0x40 [ 75.224302][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 75.225195][ T4867] blkdev_put+0x490/0x6ac [ 75.225954][ T4867] blkdev_close+0x74/0xb0 [ 75.226690][ T4867] __fput+0x1c0/0x7e8 [ 75.227384][ T4867] ____fput+0x20/0x30 [ 75.228063][ T4867] task_work_run+0x12c/0x1d8 [ 75.228884][ T4867] do_notify_resume+0x2450/0x309c [ 75.229769][ T4867] el0_svc+0xf0/0x1d0 [ 75.230446][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 75.231251][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 75.231976][ T4867] irq event stamp: 67436 [ 75.232704][ T4867] hardirqs last enabled at (67435): [] kasan_quarantine_put+0xc4/0x200 [ 75.234476][ T4867] hardirqs last disabled at (67436): [] smp_call_function_many_cond+0xa44/0xeac [ 75.236361][ T4867] softirqs last enabled at (67178): [] local_bh_enable+0x10/0x34 [ 75.238088][ T4867] softirqs last disabled at (67176): [] local_bh_disable+0x10/0x34 [ 75.239859][ T4867] ---[ end trace 2ba480db038c16ba ]--- [ 75.252905][ T427] device bridge_slave_0 left promiscuous mode [ 75.253921][ T427] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.264021][ T4906] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.265265][ T4906] Bad inode number on dev loop0: 2 is out of range [ 75.266368][ T4906] SysV FS: get root inode failed [ 75.267121][ T4906] oldfs: cannot read superblock [ 75.271766][ T4867] ------------[ cut here ]------------ [ 75.272707][ T4867] VFS: brelse: Trying to free free buffer [ 75.273797][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.275342][ T4867] Modules linked in: [ 75.275982][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 75.277464][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.279140][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.280430][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 75.281346][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 75.282180][ T4867] sp : ffff80001fc377c0 [ 75.282786][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 75.284154][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.285544][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df13b318 [ 75.286906][ T4867] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 75.288282][ T4867] x17: 0000000000000000 x16: ffff800008304af8 x15: 00000000ffffffff [ 75.289685][ T4867] x14: 0000000000000001 x13: 1ffff00003f86e18 x12: 0000000000ff0100 [ 75.291047][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 75.292476][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.293896][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008304c08 [ 75.295211][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.296585][ T4867] Call trace: [ 75.297138][ T4867] invalidate_bh_lru+0x128/0x22c [ 75.298003][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 75.298973][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.299825][ T4867] invalidate_bh_lrus+0x34/0x40 [ 75.300636][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 75.301558][ T4867] blkdev_put+0x490/0x6ac [ 75.302327][ T4867] blkdev_close+0x74/0xb0 [ 75.303063][ T4867] __fput+0x1c0/0x7e8 [ 75.303753][ T4867] ____fput+0x20/0x30 [ 75.304414][ T4867] task_work_run+0x12c/0x1d8 [ 75.305226][ T4867] do_notify_resume+0x2450/0x309c [ 75.306055][ T4867] el0_svc+0xf0/0x1d0 [ 75.306747][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 75.307624][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 75.308340][ T4867] irq event stamp: 73400 [ 75.309081][ T4867] hardirqs last enabled at (73399): [] kasan_quarantine_put+0xc4/0x200 [ 75.310532][ T4867] hardirqs last disabled at (73400): [] smp_call_function_many_cond+0xa44/0xeac [ 75.312124][ T4867] softirqs last enabled at (73146): [] local_bh_enable+0x10/0x34 [ 75.313761][ T4867] softirqs last disabled at (73144): [] local_bh_disable+0x10/0x34 [ 75.315418][ T4867] ---[ end trace 2ba480db038c16bb ]--- [ 75.383295][ T4908] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.384892][ T4908] Bad inode number on dev loop0: 2 is out of range [ 75.385943][ T4908] SysV FS: get root inode failed [ 75.386938][ T4908] oldfs: cannot read superblock [ 75.393181][ T427] device veth1_macvtap left promiscuous mode [ 75.394179][ T427] device veth0_macvtap left promiscuous mode [ 75.395248][ T427] device veth1_vlan left promiscuous mode [ 75.396203][ T427] device veth0_vlan left promiscuous mode [ 75.418333][ C1] ------------[ cut here ]------------ [ 75.419263][ C1] VFS: brelse: Trying to free free buffer [ 75.420269][ C1] WARNING: CPU: 1 PID: 427 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.421796][ C1] Modules linked in: [ 75.422481][ C1] CPU: 1 PID: 427 Comm: kworker/u4:4 Tainted: G W syzkaller #0 [ 75.424029][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.425705][ C1] Workqueue: netns cleanup_net [ 75.426542][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.427806][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.428730][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.429576][ C1] sp : ffff800008017de0 [ 75.430282][ C1] x29: ffff800008017de0 x28: ffff0000c8298000 x27: 1fffe000341f645c [ 75.431606][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.433013][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df13b6b8 [ 75.434306][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010203 [ 75.435722][ C1] x17: 0000000000010203 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.437067][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.438505][ C1] x11: 0000000000010202 x10: 0000000000010202 x9 : 5b49d5d53dddc200 [ 75.439818][ C1] x8 : 5b49d5d53dddc200 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.441208][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.442572][ C1] x2 : 0000000000000001 x1 : 0000000100010202 x0 : 0000000000000027 [ 75.443907][ C1] Call trace: [ 75.444470][ C1] invalidate_bh_lru+0x128/0x22c [ 75.445402][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.446465][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.447611][ C1] ipi_handler+0x10c/0x6fc [ 75.448346][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.449275][ C1] handle_domain_irq+0x144/0x1fc [ 75.450114][ C1] gic_handle_irq+0x78/0x1b8 [ 75.450858][ C1] call_on_irq_stack+0x30/0x48 [ 75.451687][ C1] do_interrupt_handler+0x6c/0x88 [ 75.452586][ C1] el1_interrupt+0x30/0x58 [ 75.453304][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.454120][ C1] el1h_64_irq+0x78/0x7c [ 75.454817][ C1] __sanitizer_cov_trace_pc+0x3c/0xac [ 75.455718][ C1] stack_trace_save+0x9c/0xf0 [ 75.456555][ C1] kasan_set_track+0x4c/0x84 [ 75.457372][ C1] kasan_set_free_info+0x28/0x4c [ 75.458214][ C1] ____kasan_slab_free+0x118/0x164 [ 75.459056][ C1] __kasan_slab_free+0x18/0x28 [ 75.459850][ C1] slab_free_freelist_hook+0x128/0x1e4 [ 75.460712][ C1] kfree+0x16c/0x400 [ 75.461310][ C1] skb_release_data+0x3bc/0x5a0 [ 75.462111][ C1] consume_skb+0x138/0x338 [ 75.462871][ C1] netlink_broadcast_filtered+0xccc/0xe34 [ 75.463818][ C1] nlmsg_notify+0x100/0x1e8 [ 75.464610][ C1] rtnl_notify+0xa0/0xd8 [ 75.465343][ C1] inet6_rt_notify+0x1b4/0x2b4 [ 75.466111][ C1] fib6_del+0xd3c/0x11c4 [ 75.466787][ C1] fib6_clean_node+0x22c/0x4b0 [ 75.467847][ C1] fib6_walk_continue+0x654/0x878 [ 75.468705][ C1] fib6_walk+0x140/0x254 [ 75.469433][ C1] __fib6_clean_all+0x1fc/0x344 [ 75.470235][ C1] fib6_clean_all+0x3c/0x50 [ 75.471006][ C1] rt6_disable_ip+0x104/0x650 [ 75.471758][ C1] addrconf_ifdown+0x14c/0x1680 [ 75.472526][ C1] addrconf_notify+0x36c/0xc50 [ 75.473290][ C1] raw_notifier_call_chain+0xd4/0x164 [ 75.474240][ C1] dev_close_many+0x2c8/0x438 [ 75.475000][ C1] unregister_netdevice_many+0x3e0/0x183c [ 75.475937][ C1] default_device_exit_batch+0x464/0x4c4 [ 75.476873][ C1] cleanup_net+0x654/0xaa4 [ 75.477598][ C1] process_one_work+0x79c/0x1138 [ 75.478437][ C1] worker_thread+0x8f4/0x1034 [ 75.479214][ C1] kthread+0x374/0x454 [ 75.479853][ C1] ret_from_fork+0x10/0x20 [ 75.480574][ C1] irq event stamp: 1837865 [ 75.481267][ C1] hardirqs last enabled at (1837864): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 75.483021][ C1] hardirqs last disabled at (1837865): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.484715][ C1] softirqs last enabled at (1837834): [] clusterip_netdev_event+0x384/0x3ac [ 75.486415][ C1] softirqs last disabled at (1837836): [] __fib6_clean_all+0x1b0/0x344 [ 75.488181][ C1] ---[ end trace 2ba480db038c16bc ]--- [ 75.540266][ T4914] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.553834][ T4914] Bad inode number on dev loop0: 2 is out of range [ 75.555056][ T4914] SysV FS: get root inode failed [ 75.555951][ T4914] oldfs: cannot read superblock [ 75.565819][ C1] ------------[ cut here ]------------ [ 75.566712][ C1] VFS: brelse: Trying to free free buffer [ 75.567662][ C1] WARNING: CPU: 1 PID: 4915 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.569137][ C1] Modules linked in: [ 75.569798][ C1] CPU: 1 PID: 4915 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.571314][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.573038][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.574449][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.575394][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.576296][ C1] sp : ffff800008017de0 [ 75.576988][ C1] x29: ffff800008017de0 x28: ffff0000db5b8000 x27: 1fffe000341f645c [ 75.578397][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.579755][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df13ba58 [ 75.581121][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 75.582475][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.583841][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.585235][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a901e2d0e5be9200 [ 75.586554][ C1] x8 : a901e2d0e5be9200 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.587859][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.589213][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.590569][ C1] Call trace: [ 75.591108][ C1] invalidate_bh_lru+0x128/0x22c [ 75.591932][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.592955][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.594113][ C1] ipi_handler+0x10c/0x6fc [ 75.594817][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.595753][ C1] handle_domain_irq+0x144/0x1fc [ 75.596585][ C1] gic_handle_irq+0x78/0x1b8 [ 75.597368][ C1] call_on_irq_stack+0x30/0x48 [ 75.598149][ C1] do_interrupt_handler+0x6c/0x88 [ 75.599025][ C1] el1_interrupt+0x30/0x58 [ 75.599776][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.600597][ C1] el1h_64_irq+0x78/0x7c [ 75.601338][ C1] filter_irq_stacks+0x98/0xd8 [ 75.602136][ C1] kasan_set_track+0x58/0x84 [ 75.602915][ C1] kasan_set_free_info+0x28/0x4c [ 75.603747][ C1] ____kasan_slab_free+0x118/0x164 [ 75.604649][ C1] __kasan_slab_free+0x18/0x28 [ 75.605457][ C1] slab_free_freelist_hook+0x128/0x1e4 [ 75.606373][ C1] kfree+0x16c/0x400 [ 75.607044][ C1] tomoyo_path_perm+0x33c/0x49c [ 75.607836][ C1] tomoyo_path_symlink+0xac/0xf8 [ 75.608638][ C1] security_path_symlink+0xec/0x13c [ 75.609523][ C1] do_symlinkat+0x10c/0x5b4 [ 75.610269][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 75.611092][ C1] invoke_syscall+0x98/0x2b0 [ 75.611821][ C1] el0_svc_common+0x138/0x258 [ 75.612659][ C1] do_el0_svc+0x58/0x13c [ 75.613458][ C1] el0_svc+0x78/0x1d0 [ 75.614136][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.615059][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.615881][ C1] irq event stamp: 632 [ 75.616537][ C1] hardirqs last enabled at (631): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 75.618395][ C1] hardirqs last disabled at (632): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.620029][ C1] softirqs last enabled at (552): [] local_bh_enable+0x10/0x34 [ 75.621614][ C1] softirqs last disabled at (550): [] local_bh_disable+0x10/0x34 [ 75.623162][ C1] ---[ end trace 2ba480db038c16bd ]--- [ 75.670878][ T427] team0 (unregistering): Port device team_slave_1 removed [ 75.678695][ T427] team0 (unregistering): Port device team_slave_0 removed [ 75.685412][ T427] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 75.716783][ T4916] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.718069][ T4916] Bad inode number on dev loop0: 2 is out of range [ 75.719114][ T4916] SysV FS: get root inode failed [ 75.720008][ T4916] oldfs: cannot read superblock [ 75.720946][ T4916] ------------[ cut here ]------------ [ 75.721891][ T4916] VFS: brelse: Trying to free free buffer [ 75.722908][ T4916] WARNING: CPU: 1 PID: 4916 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.724456][ T4916] Modules linked in: [ 75.725130][ T4916] CPU: 1 PID: 4916 Comm: syz.0.34 Tainted: G W syzkaller #0 [ 75.726558][ T4916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.728346][ T4916] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.729711][ T4916] pc : invalidate_bh_lru+0x128/0x22c [ 75.730598][ T4916] lr : invalidate_bh_lru+0x128/0x22c [ 75.731494][ T4916] sp : ffff80001f6476e0 [ 75.732204][ T4916] x29: ffff80001f6476e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 75.733585][ T4916] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 75.734973][ T4916] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df13bdf8 [ 75.736341][ T4916] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 75.737665][ T4916] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.739063][ T4916] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.740474][ T4916] x11: 0000000000000002 x10: 0000000000000000 x9 : fe7723daf645b900 [ 75.741844][ T4916] x8 : fe7723daf645b900 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.743170][ T4916] x5 : ffff80001f646ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.744603][ T4916] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.745988][ T4916] Call trace: [ 75.746541][ T4916] invalidate_bh_lru+0x128/0x22c [ 75.747370][ T4916] smp_call_function_many_cond+0xa50/0xeac [ 75.748354][ T4916] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.749222][ T4916] invalidate_bh_lrus+0x34/0x40 [ 75.749990][ T4916] blkdev_flush_mapping+0x16c/0x334 [ 75.750878][ T4916] blkdev_put+0x490/0x6ac [ 75.751573][ T4916] kill_block_super+0x98/0xdc [ 75.752361][ T4916] deactivate_locked_super+0xb8/0x134 [ 75.753215][ T4916] mount_bdev+0x284/0x358 [ 75.753907][ T4916] sysv_mount+0x44/0x58 [ 75.754589][ T4916] legacy_get_tree+0xd4/0x16c [ 75.755291][ T4916] vfs_get_tree+0x90/0x274 [ 75.755974][ T4916] do_new_mount+0x228/0x810 [ 75.756663][ T4916] path_mount+0x5bc/0x1008 [ 75.757363][ T4916] __arm64_sys_mount+0x514/0x5f0 [ 75.758232][ T4916] invoke_syscall+0x98/0x2b0 [ 75.759012][ T4916] el0_svc_common+0x138/0x258 [ 75.759850][ T4916] do_el0_svc+0x58/0x13c [ 75.760614][ T4916] el0_svc+0x78/0x1d0 [ 75.761295][ T4916] el0t_64_sync_handler+0xcc/0xe4 [ 75.762078][ T4916] el0t_64_sync+0x1a0/0x1a4 [ 75.762850][ T4916] irq event stamp: 1272 [ 75.763577][ T4916] hardirqs last enabled at (1271): [] kasan_quarantine_put+0xc4/0x200 [ 75.765274][ T4916] hardirqs last disabled at (1272): [] smp_call_function_many_cond+0xa44/0xeac [ 75.767067][ T4916] softirqs last enabled at (1080): [] local_bh_enable+0x10/0x34 [ 75.768646][ T4916] softirqs last disabled at (1078): [] local_bh_disable+0x10/0x34 [ 75.770279][ T4916] ---[ end trace 2ba480db038c16be ]--- [ 75.772000][ T427] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 75.872379][ T4918] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.873545][ T4918] Bad inode number on dev loop0: 2 is out of range [ 75.874474][ T4918] SysV FS: get root inode failed [ 75.875238][ T4918] oldfs: cannot read superblock [ 75.885721][ C1] ------------[ cut here ]------------ [ 75.886590][ C1] VFS: brelse: Trying to free free buffer [ 75.887564][ C1] WARNING: CPU: 1 PID: 4920 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.888873][ C1] Modules linked in: [ 75.889584][ C1] CPU: 1 PID: 4920 Comm: syz.0.36 Tainted: G W syzkaller #0 [ 75.890980][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.892710][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.894089][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.895066][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.895962][ C1] sp : ffff800008017de0 [ 75.896630][ C1] x29: ffff800008017de0 x28: ffff0000cb7c8000 x27: 1fffe000341f645c [ 75.897836][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.899245][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df137230 [ 75.900582][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 75.901956][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.903333][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.904689][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 94ab15cacb084600 [ 75.906093][ C1] x8 : 94ab15cacb084600 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.907562][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.909003][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.910341][ C1] Call trace: [ 75.910888][ C1] invalidate_bh_lru+0x128/0x22c [ 75.911707][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.912697][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.913851][ C1] ipi_handler+0x10c/0x6fc [ 75.914654][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.915607][ C1] handle_domain_irq+0x144/0x1fc [ 75.916423][ C1] gic_handle_irq+0x78/0x1b8 [ 75.917168][ C1] call_on_irq_stack+0x30/0x48 [ 75.917886][ C1] do_interrupt_handler+0x6c/0x88 [ 75.918763][ C1] el1_interrupt+0x30/0x58 [ 75.919509][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.920364][ C1] el1h_64_irq+0x78/0x7c [ 75.921024][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 75.922046][ C1] debug_check_no_obj_freed+0x450/0x46c [ 75.922993][ C1] free_unref_page_prepare+0x2f8/0xa84 [ 75.923945][ C1] free_unref_page+0x78/0x1f8 [ 75.924743][ C1] __free_pages+0x17c/0x1d0 [ 75.925530][ C1] __free_slab+0x174/0x38c [ 75.926301][ C1] discard_slab+0x64/0xd8 [ 75.926992][ C1] __unfreeze_partials+0x150/0x190 [ 75.927871][ C1] put_cpu_partial+0x1a8/0x214 [ 75.928710][ C1] __slab_free+0x180/0x248 [ 75.929457][ C1] ___cache_free+0x174/0x1b8 [ 75.930274][ C1] qlink_free+0x5c/0xa0 [ 75.931002][ C1] qlist_free_all+0x40/0xa8 [ 75.931778][ C1] kasan_quarantine_reduce+0x124/0x130 [ 75.932650][ C1] __kasan_slab_alloc+0x34/0xcc [ 75.933433][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 75.934336][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 75.935129][ C1] getname_flags+0xb8/0x450 [ 75.935855][ C1] getname+0x28/0x38 [ 75.936487][ C1] do_sys_openat2+0xdc/0x3f4 [ 75.937255][ C1] __arm64_sys_openat+0x118/0x14c [ 75.938080][ C1] invoke_syscall+0x98/0x2b0 [ 75.938856][ C1] el0_svc_common+0x138/0x258 [ 75.939626][ C1] do_el0_svc+0x58/0x13c [ 75.940329][ C1] el0_svc+0x78/0x1d0 [ 75.941032][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.941864][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.942615][ C1] irq event stamp: 826 [ 75.943249][ C1] hardirqs last enabled at (825): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 75.944934][ C1] hardirqs last disabled at (826): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.946552][ C1] softirqs last enabled at (48): [] local_bh_enable+0x10/0x34 [ 75.948021][ C1] softirqs last disabled at (46): [] local_bh_disable+0x10/0x34 [ 75.949553][ C1] ---[ end trace 2ba480db038c16bf ]--- [ 75.951453][ T1540] Bluetooth: hci0: command 0x0419 tx timeout [ 75.965518][ T427] bond0 (unregistering): Released all slaves [ 76.033049][ T4920] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.034321][ T4920] Bad inode number on dev loop0: 2 is out of range [ 76.035751][ T4920] SysV FS: get root inode failed [ 76.036571][ T4920] oldfs: cannot read superblock [ 76.044774][ T4920] ------------[ cut here ]------------ [ 76.045741][ T4920] VFS: brelse: Trying to free free buffer [ 76.046773][ T4920] WARNING: CPU: 1 PID: 4920 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.048172][ T4920] Modules linked in: [ 76.048779][ T4920] CPU: 1 PID: 4920 Comm: syz.0.36 Tainted: G W syzkaller #0 [ 76.050090][ T4920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.051654][ T4920] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.053033][ T4920] pc : invalidate_bh_lru+0x128/0x22c [ 76.053949][ T4920] lr : invalidate_bh_lru+0x128/0x22c [ 76.054807][ T4920] sp : ffff80001feb76e0 [ 76.055528][ T4920] x29: ffff80001feb76e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 76.056885][ T4920] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 76.058249][ T4920] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1375d0 [ 76.059663][ T4920] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.061084][ T4920] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.062531][ T4920] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.063960][ T4920] x11: 0000000000000002 x10: 0000000000000000 x9 : 94ab15cacb084600 [ 76.065400][ T4920] x8 : 94ab15cacb084600 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.066754][ T4920] x5 : ffff80001feb6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.068104][ T4920] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.069503][ T4920] Call trace: [ 76.070087][ T4920] invalidate_bh_lru+0x128/0x22c [ 76.070920][ T4920] smp_call_function_many_cond+0xa50/0xeac [ 76.071898][ T4920] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.072742][ T4920] invalidate_bh_lrus+0x34/0x40 [ 76.073625][ T4920] blkdev_flush_mapping+0x16c/0x334 [ 76.074520][ T4920] blkdev_put+0x490/0x6ac [ 76.075275][ T4920] kill_block_super+0x98/0xdc [ 76.076090][ T4920] deactivate_locked_super+0xb8/0x134 [ 76.076998][ T4920] mount_bdev+0x284/0x358 [ 76.077682][ T4920] sysv_mount+0x44/0x58 [ 76.078403][ T4920] legacy_get_tree+0xd4/0x16c [ 76.079175][ T4920] vfs_get_tree+0x90/0x274 [ 76.079917][ T4920] do_new_mount+0x228/0x810 [ 76.080643][ T4920] path_mount+0x5bc/0x1008 [ 76.081397][ T4920] __arm64_sys_mount+0x514/0x5f0 [ 76.082167][ T4920] invoke_syscall+0x98/0x2b0 [ 76.082861][ T4920] el0_svc_common+0x138/0x258 [ 76.083602][ T4920] do_el0_svc+0x58/0x13c [ 76.084326][ T4920] el0_svc+0x78/0x1d0 [ 76.084985][ T4920] el0t_64_sync_handler+0xcc/0xe4 [ 76.085839][ T4920] el0t_64_sync+0x1a0/0x1a4 [ 76.086560][ T4920] irq event stamp: 1900 [ 76.087272][ T4920] hardirqs last enabled at (1899): [] kasan_quarantine_put+0xc4/0x200 [ 76.088874][ T4920] hardirqs last disabled at (1900): [] smp_call_function_many_cond+0xa44/0xeac [ 76.090639][ T4920] softirqs last enabled at (1702): [] local_bh_enable+0x10/0x34 [ 76.092158][ T4920] softirqs last disabled at (1700): [] local_bh_disable+0x10/0x34 [ 76.093659][ T4920] ---[ end trace 2ba480db038c16c0 ]--- [ 76.156270][ T4923] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.157515][ T4923] Bad inode number on dev loop0: 2 is out of range [ 76.158736][ T4923] SysV FS: get root inode failed [ 76.159602][ T4923] oldfs: cannot read superblock [ 76.167830][ C0] ------------[ cut here ]------------ [ 76.168647][ C0] VFS: brelse: Trying to free free buffer [ 76.169643][ C0] WARNING: CPU: 0 PID: 4924 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.171033][ C0] Modules linked in: [ 76.171639][ C0] CPU: 0 PID: 4924 Comm: syz.0.38 Tainted: G W syzkaller #0 [ 76.173117][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.174796][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.176187][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.177132][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.178013][ C0] sp : ffff800008007de0 [ 76.178741][ C0] x29: ffff800008007de0 x28: ffff0000d50b1b40 x27: 1fffe000341f225c [ 76.180216][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 76.181704][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e21aba58 [ 76.183078][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.184376][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.185772][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.187134][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 75106eef88d82d00 [ 76.188493][ C0] x8 : 75106eef88d82d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.189900][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.191284][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.192689][ C0] Call trace: [ 76.193275][ C0] invalidate_bh_lru+0x128/0x22c [ 76.194152][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.195220][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.196361][ C0] ipi_handler+0x10c/0x6fc [ 76.197155][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.198078][ C0] handle_domain_irq+0x144/0x1fc [ 76.198880][ C0] gic_handle_irq+0x78/0x1b8 [ 76.199644][ C0] call_on_irq_stack+0x30/0x48 [ 76.200391][ C0] do_interrupt_handler+0x6c/0x88 [ 76.201261][ C0] el1_interrupt+0x30/0x58 [ 76.201991][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.202796][ C0] el1h_64_irq+0x78/0x7c [ 76.203504][ C0] get_page_from_freelist+0x2210/0x2a68 [ 76.204506][ C0] __alloc_pages+0x1a0/0x470 [ 76.205297][ C0] alloc_pages_vma+0x284/0x790 [ 76.206039][ C0] alloc_zeroed_user_highpage_movable+0x9c/0xd8 [ 76.207106][ C0] handle_mm_fault+0x17d4/0x2a28 [ 76.207934][ C0] do_page_fault+0x67c/0xab0 [ 76.208709][ C0] do_translation_fault+0xe0/0x130 [ 76.209602][ C0] do_mem_abort+0x6c/0x1ac [ 76.210348][ C0] el0_da+0x90/0x1ec [ 76.211039][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 76.211862][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.212550][ C0] irq event stamp: 1274 [ 76.213251][ C0] hardirqs last enabled at (1273): [] get_page_from_freelist+0x2200/0x2a68 [ 76.214964][ C0] hardirqs last disabled at (1274): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.216641][ C0] softirqs last enabled at (1114): [] local_bh_enable+0x10/0x34 [ 76.218199][ C0] softirqs last disabled at (1112): [] local_bh_disable+0x10/0x34 [ 76.219732][ C0] ---[ end trace 2ba480db038c16c1 ]--- [ 76.256112][ T4925] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.257293][ T4925] Bad inode number on dev loop0: 2 is out of range [ 76.258420][ T4925] SysV FS: get root inode failed [ 76.259260][ T4925] oldfs: cannot read superblock [ 76.265187][ C1] ------------[ cut here ]------------ [ 76.266177][ C1] VFS: brelse: Trying to free free buffer [ 76.267291][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.268739][ C1] Modules linked in: [ 76.269424][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.270925][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.272721][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.274077][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.274936][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.275906][ C1] sp : ffff800008017de0 [ 76.276590][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645c [ 76.277916][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 76.279261][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df137970 [ 76.280730][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.282179][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.283546][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.284970][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 76.286402][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.287792][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.289177][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.290584][ C1] Call trace: [ 76.291128][ C1] invalidate_bh_lru+0x128/0x22c [ 76.291949][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.292994][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.294186][ C1] ipi_handler+0x10c/0x6fc [ 76.294923][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.295804][ C1] handle_domain_irq+0x144/0x1fc [ 76.296632][ C1] gic_handle_irq+0x78/0x1b8 [ 76.297341][ C1] call_on_irq_stack+0x30/0x48 [ 76.298157][ C1] do_interrupt_handler+0x6c/0x88 [ 76.298976][ C1] el1_interrupt+0x30/0x58 [ 76.299675][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.300508][ C1] el1h_64_irq+0x78/0x7c [ 76.301262][ C1] __raw_spin_lock_init+0x4/0x128 [ 76.302155][ C1] __sock_create+0x4b0/0x8b4 [ 76.302963][ C1] __sys_socket+0xf0/0x18c [ 76.303723][ C1] __arm64_sys_socket+0x7c/0x94 [ 76.304486][ C1] invoke_syscall+0x98/0x2b0 [ 76.305197][ C1] el0_svc_common+0x138/0x258 [ 76.305997][ C1] do_el0_svc+0x58/0x13c [ 76.306672][ C1] el0_svc+0x78/0x1d0 [ 76.307317][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.308157][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.308936][ C1] irq event stamp: 234714 [ 76.309733][ C1] hardirqs last enabled at (234713): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 76.311605][ C1] hardirqs last disabled at (234714): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.313261][ C1] softirqs last enabled at (234666): [] release_sock+0x1d0/0x258 [ 76.314943][ C1] softirqs last disabled at (234664): [] release_sock+0x34/0x258 [ 76.316457][ C1] ---[ end trace 2ba480db038c16c2 ]--- [ 76.413973][ T4927] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.415187][ T4927] Bad inode number on dev loop0: 2 is out of range [ 76.416346][ T4927] SysV FS: get root inode failed [ 76.417182][ T4927] oldfs: cannot read superblock [ 76.433238][ C1] ------------[ cut here ]------------ [ 76.434155][ C1] VFS: brelse: Trying to free free buffer [ 76.435094][ C1] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.436530][ C1] Modules linked in: [ 76.437171][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W syzkaller #0 [ 76.438685][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.440420][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.441709][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.442634][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.443544][ C1] sp : ffff800008017de0 [ 76.444212][ C1] x29: ffff800008017de0 x28: ffff0000c0a68000 x27: 1fffe000341f645c [ 76.445504][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 76.446840][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df137d10 [ 76.448257][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 76.449624][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.451040][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.452470][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : d7cad4515cea1e00 [ 76.453818][ C1] x8 : d7cad4515cea1e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.455254][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.456618][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.458061][ C1] Call trace: [ 76.458607][ C1] invalidate_bh_lru+0x128/0x22c [ 76.459385][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.460453][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.461621][ C1] ipi_handler+0x10c/0x6fc [ 76.462359][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.463298][ C1] handle_domain_irq+0x144/0x1fc [ 76.464149][ C1] gic_handle_irq+0x78/0x1b8 [ 76.464949][ C1] call_on_irq_stack+0x30/0x48 [ 76.465734][ C1] do_interrupt_handler+0x6c/0x88 [ 76.466543][ C1] el1_interrupt+0x30/0x58 [ 76.467304][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.468132][ C1] el1h_64_irq+0x78/0x7c [ 76.468794][ C1] arch_local_irq_enable+0xc/0x18 [ 76.469617][ C1] default_idle_call+0xcc/0x40c [ 76.470446][ C1] do_idle+0x2f8/0x56c [ 76.471194][ C1] cpu_startup_entry+0x24/0x28 [ 76.471990][ C1] secondary_start_kernel+0x23c/0x28c [ 76.472991][ C1] __secondary_switched+0x94/0x98 [ 76.473915][ C1] irq event stamp: 524054 [ 76.474673][ C1] hardirqs last enabled at (524053): [] default_idle_call+0xb8/0x40c [ 76.476313][ C1] hardirqs last disabled at (524054): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.478016][ C1] softirqs last enabled at (523886): [] handle_softirqs+0xa40/0xbe4 [ 76.479673][ C1] softirqs last disabled at (523775): [] __irq_exit_rcu+0x240/0x43c [ 76.481264][ C1] ---[ end trace 2ba480db038c16c3 ]--- [ 76.513867][ T4931] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.518002][ T4931] Bad inode number on dev loop0: 2 is out of range [ 76.519094][ T4931] SysV FS: get root inode failed [ 76.519951][ T4931] oldfs: cannot read superblock [ 76.538007][ C0] ------------[ cut here ]------------ [ 76.538829][ C0] VFS: brelse: Trying to free free buffer [ 76.539724][ C0] WARNING: CPU: 0 PID: 4934 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.541162][ C0] Modules linked in: [ 76.541797][ C0] CPU: 0 PID: 4934 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.543308][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.545057][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.546402][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.547323][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.548216][ C0] sp : ffff800008007de0 [ 76.548897][ C0] x29: ffff800008007de0 x28: ffff0000d8163680 x27: 1fffe000341f225c [ 76.550298][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 76.551695][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e21abdf8 [ 76.553064][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.554444][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.555810][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.557172][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc626175757e6700 [ 76.558573][ C0] x8 : cc626175757e6700 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.559917][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.561305][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.562686][ C0] Call trace: [ 76.563266][ C0] invalidate_bh_lru+0x128/0x22c [ 76.564157][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.565192][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.566385][ C0] ipi_handler+0x10c/0x6fc [ 76.567152][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.568073][ C0] handle_domain_irq+0x144/0x1fc [ 76.568920][ C0] gic_handle_irq+0x78/0x1b8 [ 76.569687][ C0] call_on_irq_stack+0x30/0x48 [ 76.570498][ C0] do_interrupt_handler+0x6c/0x88 [ 76.571335][ C0] el1_interrupt+0x30/0x58 [ 76.572104][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.572937][ C0] el1h_64_irq+0x78/0x7c [ 76.573668][ C0] d_set_d_op+0xa8/0x37c [ 76.574451][ C0] proc_pid_instantiate+0x1f0/0x26c [ 76.575350][ C0] proc_pid_lookup+0x2e0/0x454 [ 76.576184][ C0] proc_root_lookup+0x30/0x68 [ 76.576932][ C0] __lookup_slow+0x25c/0x39c [ 76.577690][ C0] lookup_slow+0x5c/0x80 [ 76.578423][ C0] walk_component+0x2b0/0x3a8 [ 76.579275][ C0] link_path_walk+0x590/0xbe0 [ 76.580073][ C0] path_openat+0x1cc/0x2718 [ 76.580847][ C0] do_filp_open+0x184/0x368 [ 76.581603][ C0] do_sys_openat2+0x134/0x3f4 [ 76.582363][ C0] __arm64_sys_openat+0x118/0x14c [ 76.583233][ C0] invoke_syscall+0x98/0x2b0 [ 76.584012][ C0] el0_svc_common+0x138/0x258 [ 76.584789][ C0] do_el0_svc+0x58/0x13c [ 76.585498][ C0] el0_svc+0x78/0x1d0 [ 76.586147][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 76.586934][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.587667][ C0] irq event stamp: 776 [ 76.588381][ C0] hardirqs last enabled at (775): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 76.590182][ C0] hardirqs last disabled at (776): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.591939][ C0] softirqs last enabled at (752): [] local_bh_enable+0x10/0x34 [ 76.593489][ C0] softirqs last disabled at (750): [] local_bh_disable+0x10/0x34 [ 76.595098][ C0] ---[ end trace 2ba480db038c16c4 ]--- [ 76.657859][ T4935] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.659027][ T4935] Bad inode number on dev loop0: 2 is out of range [ 76.660062][ T4935] SysV FS: get root inode failed [ 76.660905][ T4935] oldfs: cannot read superblock [ 76.665952][ C1] ------------[ cut here ]------------ [ 76.666848][ C1] VFS: brelse: Trying to free free buffer [ 76.667803][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.669167][ C1] Modules linked in: [ 76.669817][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.671236][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.672920][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.674208][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.675107][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.675999][ C1] sp : ffff800008017de0 [ 76.676692][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645c [ 76.678009][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 76.679324][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df134148 [ 76.680674][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.682135][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.683427][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.684797][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 76.686043][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.687340][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.688725][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.690076][ C1] Call trace: [ 76.690623][ C1] invalidate_bh_lru+0x128/0x22c [ 76.691468][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.692447][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.693567][ C1] ipi_handler+0x10c/0x6fc [ 76.694301][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.695183][ C1] handle_domain_irq+0x144/0x1fc [ 76.695945][ C1] gic_handle_irq+0x78/0x1b8 [ 76.696702][ C1] call_on_irq_stack+0x30/0x48 [ 76.697564][ C1] do_interrupt_handler+0x6c/0x88 [ 76.698440][ C1] el1_interrupt+0x30/0x58 [ 76.699219][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.700022][ C1] el1h_64_irq+0x78/0x7c [ 76.700769][ C1] el0_svc_common+0xa8/0x258 [ 76.701507][ C1] do_el0_svc+0x58/0x13c [ 76.702209][ C1] el0_svc+0x78/0x1d0 [ 76.702935][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.703742][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.704455][ C1] irq event stamp: 248682 [ 76.705163][ C1] hardirqs last enabled at (248681): [] el0_svc_common+0x9c/0x258 [ 76.706795][ C1] hardirqs last disabled at (248682): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.708482][ C1] softirqs last enabled at (248580): [] local_bh_enable+0x10/0x34 [ 76.710108][ C1] softirqs last disabled at (248578): [] local_bh_disable+0x10/0x34 [ 76.711730][ C1] ---[ end trace 2ba480db038c16c5 ]--- [ 76.756525][ T4937] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.757737][ T4937] Bad inode number on dev loop0: 2 is out of range [ 76.758991][ T4937] SysV FS: get root inode failed [ 76.759894][ T4937] oldfs: cannot read superblock [ 76.767784][ T4867] ------------[ cut here ]------------ [ 76.768723][ T4867] VFS: brelse: Trying to free free buffer [ 76.769735][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.771236][ T4867] Modules linked in: [ 76.771936][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 76.773328][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.775041][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.776416][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 76.777316][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 76.778197][ T4867] sp : ffff80001fc377c0 [ 76.778924][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 76.780321][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 76.781685][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2136318 [ 76.783039][ T4867] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.784398][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.785821][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.787216][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 76.788626][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.789998][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.791360][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.792680][ T4867] Call trace: [ 76.793267][ T4867] invalidate_bh_lru+0x128/0x22c [ 76.794113][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 76.795085][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.795962][ T4867] invalidate_bh_lrus+0x34/0x40 [ 76.796746][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 76.797638][ T4867] blkdev_put+0x490/0x6ac [ 76.798351][ T4867] blkdev_close+0x74/0xb0 [ 76.799100][ T4867] __fput+0x1c0/0x7e8 [ 76.799774][ T4867] ____fput+0x20/0x30 [ 76.800447][ T4867] task_work_run+0x12c/0x1d8 [ 76.801228][ T4867] do_notify_resume+0x2450/0x309c [ 76.802173][ T4867] el0_svc+0xf0/0x1d0 [ 76.802876][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 76.803718][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 76.804545][ T4867] irq event stamp: 148284 [ 76.805289][ T4867] hardirqs last enabled at (148283): [] kasan_quarantine_put+0xc4/0x200 [ 76.807035][ T4867] hardirqs last disabled at (148284): [] smp_call_function_many_cond+0xa44/0xeac [ 76.808794][ T4867] softirqs last enabled at (148004): [] local_bh_enable+0x10/0x34 [ 76.810370][ T4867] softirqs last disabled at (148002): [] local_bh_disable+0x10/0x34 [ 76.811976][ T4867] ---[ end trace 2ba480db038c16c6 ]--- [ 76.893727][ T4939] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.894911][ T4939] Bad inode number on dev loop0: 2 is out of range [ 76.895908][ T4939] SysV FS: get root inode failed [ 76.896727][ T4939] oldfs: cannot read superblock [ 76.907155][ T4867] ------------[ cut here ]------------ [ 76.908044][ T4867] VFS: brelse: Trying to free free buffer [ 76.909023][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.910424][ T4867] Modules linked in: [ 76.911059][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 76.912488][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.914178][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.915417][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 76.916322][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 76.917247][ T4867] sp : ffff80001fc377c0 [ 76.917947][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 76.919220][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 76.920494][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e21366b8 [ 76.921790][ T4867] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.923087][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.924525][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.925870][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 76.927228][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.928611][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.930046][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.931388][ T4867] Call trace: [ 76.931946][ T4867] invalidate_bh_lru+0x128/0x22c [ 76.932755][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 76.933733][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.934587][ T4867] invalidate_bh_lrus+0x34/0x40 [ 76.935455][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 76.936360][ T4867] blkdev_put+0x490/0x6ac [ 76.937053][ T4867] blkdev_close+0x74/0xb0 [ 76.937841][ T4867] __fput+0x1c0/0x7e8 [ 76.938472][ T4867] ____fput+0x20/0x30 [ 76.939168][ T4867] task_work_run+0x12c/0x1d8 [ 76.939923][ T4867] do_notify_resume+0x2450/0x309c [ 76.940822][ T4867] el0_svc+0xf0/0x1d0 [ 76.941530][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 76.942393][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 76.943186][ T4867] irq event stamp: 152036 [ 76.943958][ T4867] hardirqs last enabled at (152035): [] kasan_quarantine_put+0xc4/0x200 [ 76.945616][ T4867] hardirqs last disabled at (152036): [] smp_call_function_many_cond+0xa44/0xeac [ 76.947522][ T4867] softirqs last enabled at (151788): [] local_bh_enable+0x10/0x34 [ 76.949115][ T4867] softirqs last disabled at (151786): [] local_bh_disable+0x10/0x34 [ 76.950757][ T4867] ---[ end trace 2ba480db038c16c7 ]--- [ 77.002160][ T4941] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.003363][ T4941] Bad inode number on dev loop0: 2 is out of range [ 77.004503][ T4941] SysV FS: get root inode failed [ 77.005309][ T4941] oldfs: cannot read superblock [ 77.027387][ C0] ------------[ cut here ]------------ [ 77.028289][ C0] VFS: brelse: Trying to free free buffer [ 77.029220][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.030650][ C0] Modules linked in: [ 77.031303][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.032833][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.034534][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.035876][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.036850][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.037715][ C0] sp : ffff800008007de0 [ 77.038424][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 77.039673][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 77.041002][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2136a58 [ 77.042408][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 77.043773][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.045186][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.046673][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 77.047976][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.049339][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.050791][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.052126][ C0] Call trace: [ 77.052661][ C0] invalidate_bh_lru+0x128/0x22c [ 77.053531][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.054634][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.055802][ C0] ipi_handler+0x10c/0x6fc [ 77.056522][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.057499][ C0] handle_domain_irq+0x144/0x1fc [ 77.058343][ C0] gic_handle_irq+0x78/0x1b8 [ 77.059104][ C0] call_on_irq_stack+0x30/0x48 [ 77.059904][ C0] do_interrupt_handler+0x6c/0x88 [ 77.060771][ C0] el1_interrupt+0x30/0x58 [ 77.061517][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.062344][ C0] el1h_64_irq+0x78/0x7c [ 77.063041][ C0] kasan_quarantine_put+0xd4/0x200 [ 77.063981][ C0] ____kasan_slab_free+0x124/0x164 [ 77.064889][ C0] __kasan_slab_free+0x18/0x28 [ 77.065700][ C0] slab_free_freelist_hook+0x128/0x1e4 [ 77.066615][ C0] kmem_cache_free+0xdc/0x3b0 [ 77.067384][ C0] do_unlinkat+0x574/0x618 [ 77.068170][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 77.069043][ C0] invoke_syscall+0x98/0x2b0 [ 77.069829][ C0] el0_svc_common+0x138/0x258 [ 77.070588][ C0] do_el0_svc+0x58/0x13c [ 77.071282][ C0] el0_svc+0x78/0x1d0 [ 77.072010][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.072918][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.073703][ C0] irq event stamp: 261146 [ 77.074413][ C0] hardirqs last enabled at (261145): [] kasan_quarantine_put+0xc4/0x200 [ 77.076150][ C0] hardirqs last disabled at (261146): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.077871][ C0] softirqs last enabled at (261038): [] local_bh_enable+0x10/0x34 [ 77.079457][ C0] softirqs last disabled at (261036): [] local_bh_disable+0x10/0x34 [ 77.081204][ C0] ---[ end trace 2ba480db038c16c8 ]--- [ 77.124319][ T4945] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.125630][ T4945] Bad inode number on dev loop0: 2 is out of range [ 77.126743][ T4945] SysV FS: get root inode failed [ 77.127572][ T4945] oldfs: cannot read superblock [ 77.131595][ C0] ------------[ cut here ]------------ [ 77.132502][ C0] VFS: brelse: Trying to free free buffer [ 77.133472][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.135009][ C0] Modules linked in: [ 77.135662][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.137179][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.138936][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.140270][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.141098][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.141988][ C0] sp : ffff800008007de0 [ 77.142695][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 77.144055][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 77.145390][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba2a58 [ 77.146765][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 77.148199][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.149527][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.150971][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 77.152320][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.153706][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.155135][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.156569][ C0] Call trace: [ 77.157158][ C0] invalidate_bh_lru+0x128/0x22c [ 77.158023][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.159167][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.160318][ C0] ipi_handler+0x10c/0x6fc [ 77.161084][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.161958][ C0] handle_domain_irq+0x144/0x1fc [ 77.162738][ C0] gic_handle_irq+0x78/0x1b8 [ 77.163444][ C0] call_on_irq_stack+0x30/0x48 [ 77.164226][ C0] do_interrupt_handler+0x6c/0x88 [ 77.165047][ C0] el1_interrupt+0x30/0x58 [ 77.165725][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.166495][ C0] el1h_64_irq+0x78/0x7c [ 77.167175][ C0] call_rcu+0x580/0x8f4 [ 77.167808][ C0] security_inode_free+0xbc/0xd8 [ 77.168566][ C0] __destroy_inode+0x2f0/0x7ec [ 77.169372][ C0] evict+0x6c8/0x828 [ 77.170056][ C0] iput+0x6ac/0x764 [ 77.170682][ C0] do_unlinkat+0x36c/0x618 [ 77.171382][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 77.172206][ C0] invoke_syscall+0x98/0x2b0 [ 77.172975][ C0] el0_svc_common+0x138/0x258 [ 77.173786][ C0] do_el0_svc+0x58/0x13c [ 77.174493][ C0] el0_svc+0x78/0x1d0 [ 77.175130][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.175992][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.176749][ C0] irq event stamp: 264382 [ 77.177474][ C0] hardirqs last enabled at (264381): [] call_rcu+0x570/0x8f4 [ 77.178961][ C0] hardirqs last disabled at (264382): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.180613][ C0] softirqs last enabled at (264298): [] local_bh_enable+0x10/0x34 [ 77.182183][ C0] softirqs last disabled at (264296): [] local_bh_disable+0x10/0x34 [ 77.183811][ C0] ---[ end trace 2ba480db038c16c9 ]--- [ 77.222763][ T4947] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.223806][ T4947] Bad inode number on dev loop0: 2 is out of range [ 77.224768][ T4947] SysV FS: get root inode failed [ 77.225562][ T4947] oldfs: cannot read superblock [ 77.226827][ C1] ------------[ cut here ]------------ [ 77.227700][ C1] VFS: brelse: Trying to free free buffer [ 77.228778][ C1] WARNING: CPU: 1 PID: 4946 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.230204][ C1] Modules linked in: [ 77.230827][ C1] CPU: 1 PID: 4946 Comm: syz.0.49 Tainted: G W syzkaller #0 [ 77.232294][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.234029][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.235466][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 77.236410][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 77.237286][ C1] sp : ffff800008017de0 [ 77.238056][ C1] x29: ffff800008017de0 x28: ffff0000d4ec1b40 x27: 1fffe000341f645c [ 77.239407][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 77.240827][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1344e8 [ 77.242194][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 77.243565][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.244944][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 77.246443][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : ae4f2c72f7cf0700 [ 77.247852][ C1] x8 : ae4f2c72f7cf0700 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.249223][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.250576][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.251975][ C1] Call trace: [ 77.252530][ C1] invalidate_bh_lru+0x128/0x22c [ 77.253431][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.254498][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.255636][ C1] ipi_handler+0x10c/0x6fc [ 77.256354][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 77.257332][ C1] handle_domain_irq+0x144/0x1fc [ 77.258163][ C1] gic_handle_irq+0x78/0x1b8 [ 77.258985][ C1] call_on_irq_stack+0x30/0x48 [ 77.259787][ C1] do_interrupt_handler+0x6c/0x88 [ 77.260673][ C1] el1_interrupt+0x30/0x58 [ 77.261449][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.262249][ C1] el1h_64_irq+0x78/0x7c [ 77.263040][ C1] exit_robust_list+0x11c/0x5f0 [ 77.263855][ C1] futex_exit_release+0x124/0x1ac [ 77.264716][ C1] exit_mm_release+0x24/0x40 [ 77.265481][ C1] exit_mm+0xa4/0x664 [ 77.266206][ C1] do_exit+0x4f0/0x1f50 [ 77.266884][ C1] do_group_exit+0x100/0x268 [ 77.267634][ C1] __wake_up_parent+0x0/0x60 [ 77.268419][ C1] invoke_syscall+0x98/0x2b0 [ 77.269182][ C1] el0_svc_common+0x138/0x258 [ 77.269939][ C1] do_el0_svc+0x58/0x13c [ 77.270639][ C1] el0_svc+0x78/0x1d0 [ 77.271292][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.272131][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.272848][ C1] irq event stamp: 1626 [ 77.273583][ C1] hardirqs last enabled at (1625): [] _raw_spin_unlock_irq+0x98/0x128 [ 77.275263][ C1] hardirqs last disabled at (1626): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.276925][ C1] softirqs last enabled at (1594): [] local_bh_enable+0x10/0x34 [ 77.278511][ C1] softirqs last disabled at (1592): [] local_bh_disable+0x10/0x34 [ 77.280089][ C1] ---[ end trace 2ba480db038c16ca ]--- [ 77.320710][ T4949] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.322129][ T4949] Bad inode number on dev loop0: 2 is out of range [ 77.323148][ T4949] SysV FS: get root inode failed [ 77.324096][ T4949] oldfs: cannot read superblock [ 77.334143][ C0] ------------[ cut here ]------------ [ 77.335057][ C0] VFS: brelse: Trying to free free buffer [ 77.336092][ C0] WARNING: CPU: 0 PID: 4951 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.337580][ C0] Modules linked in: [ 77.338194][ C0] CPU: 0 PID: 4951 Comm: syz.0.51 Tainted: G W syzkaller #0 [ 77.339556][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.341135][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.342424][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.343300][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.344151][ C0] sp : ffff800008007de0 [ 77.344830][ C0] x29: ffff800008007de0 x28: ffff0000d7f151c0 x27: 1fffe000341f225c [ 77.346189][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 77.347591][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba2df8 [ 77.348929][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 77.350197][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.351524][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.352922][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : ee9d116f037e9f00 [ 77.354296][ C0] x8 : ee9d116f037e9f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.355658][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.356968][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.358368][ C0] Call trace: [ 77.358936][ C0] invalidate_bh_lru+0x128/0x22c [ 77.359761][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.360749][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.361879][ C0] ipi_handler+0x10c/0x6fc [ 77.362593][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.363522][ C0] handle_domain_irq+0x144/0x1fc [ 77.364385][ C0] gic_handle_irq+0x78/0x1b8 [ 77.365135][ C0] call_on_irq_stack+0x30/0x48 [ 77.365903][ C0] do_interrupt_handler+0x6c/0x88 [ 77.366709][ C0] el0_interrupt+0x94/0x248 [ 77.367441][ C0] __el0_irq_handler_common+0x18/0x24 [ 77.368342][ C0] el0t_64_irq_handler+0x10/0x1c [ 77.369144][ C0] el0t_64_irq+0x1a0/0x1a4 [ 77.369876][ C0] irq event stamp: 232 [ 77.370558][ C0] hardirqs last enabled at (231): [] el0t_64_sync_handler+0xd8/0xe4 [ 77.372179][ C0] hardirqs last disabled at (232): [] __el0_irq_handler_common+0x18/0x24 [ 77.373855][ C0] softirqs last enabled at (146): [] handle_softirqs+0xa40/0xbe4 [ 77.375440][ C0] softirqs last disabled at (93): [] __irq_exit_rcu+0x240/0x43c [ 77.377022][ C0] ---[ end trace 2ba480db038c16cb ]--- [ 77.562531][ T4951] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.563766][ T4951] Bad inode number on dev loop0: 2 is out of range [ 77.564653][ T4951] SysV FS: get root inode failed [ 77.565358][ T4951] oldfs: cannot read superblock [ 77.571303][ C0] ------------[ cut here ]------------ [ 77.572182][ C0] VFS: brelse: Trying to free free buffer [ 77.573213][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.574736][ C0] Modules linked in: [ 77.575423][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.576911][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.578618][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.579980][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.580831][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.581701][ C0] sp : ffff800008007de0 [ 77.582357][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 77.583763][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 77.585182][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba44e8 [ 77.586612][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 77.587942][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.589365][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.590805][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 19e79de5f0c73800 [ 77.592245][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.593674][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.595177][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.596577][ C0] Call trace: [ 77.597155][ C0] invalidate_bh_lru+0x128/0x22c [ 77.597979][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.598927][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.600007][ C0] ipi_handler+0x10c/0x6fc [ 77.600837][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.601772][ C0] handle_domain_irq+0x144/0x1fc [ 77.602605][ C0] gic_handle_irq+0x78/0x1b8 [ 77.603352][ C0] call_on_irq_stack+0x30/0x48 [ 77.604139][ C0] do_interrupt_handler+0x6c/0x88 [ 77.604999][ C0] el1_interrupt+0x30/0x58 [ 77.605729][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.606507][ C0] el1h_64_irq+0x78/0x7c [ 77.607238][ C0] __sanitizer_cov_trace_pc+0x10/0xac [ 77.608131][ C0] return_address+0xd8/0x15c [ 77.608904][ C0] preempt_count_add+0x14c/0x41c [ 77.609710][ C0] _raw_spin_lock+0x24/0x10c [ 77.610473][ C0] remove_vm_area+0x44/0x1c4 [ 77.611258][ C0] __vunmap+0x304/0x9b0 [ 77.611953][ C0] vfree+0xbc/0x154 [ 77.612614][ C0] __do_replace+0x840/0x998 [ 77.613419][ C0] do_ipt_set_ctl+0xb14/0xe60 [ 77.614225][ C0] nf_setsockopt+0x270/0x290 [ 77.614965][ C0] ip_setsockopt+0x1db8/0x29fc [ 77.615836][ C0] tcp_setsockopt+0x1e0/0x1c3c [ 77.616696][ C0] sock_common_setsockopt+0xb0/0xcc [ 77.617567][ C0] __sys_setsockopt+0x260/0x36c [ 77.618403][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 77.619269][ C0] invoke_syscall+0x98/0x2b0 [ 77.619975][ C0] el0_svc_common+0x138/0x258 [ 77.620742][ C0] do_el0_svc+0x58/0x13c [ 77.621425][ C0] el0_svc+0x78/0x1d0 [ 77.622084][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.622890][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.623642][ C0] irq event stamp: 275892 [ 77.624365][ C0] hardirqs last enabled at (275891): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 77.626069][ C0] hardirqs last disabled at (275892): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.627701][ C0] softirqs last enabled at (275870): [] local_bh_enable+0x10/0x34 [ 77.629284][ C0] softirqs last disabled at (275868): [] local_bh_disable+0x10/0x34 [ 77.630930][ C0] ---[ end trace 2ba480db038c16cc ]--- [ 77.808884][ T4953] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.810269][ T4953] Bad inode number on dev loop0: 2 is out of range [ 77.811334][ T4953] SysV FS: get root inode failed [ 77.828243][ T4953] oldfs: cannot read superblock [ 77.829054][ T4953] ------------[ cut here ]------------ [ 77.829910][ T4953] VFS: brelse: Trying to free free buffer [ 77.830902][ T4953] WARNING: CPU: 0 PID: 4953 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.832270][ T4953] Modules linked in: [ 77.832961][ T4953] CPU: 0 PID: 4953 Comm: syz.0.52 Tainted: G W syzkaller #0 [ 77.834377][ T4953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.836169][ T4953] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.837567][ T4953] pc : invalidate_bh_lru+0x128/0x22c [ 77.838469][ T4953] lr : invalidate_bh_lru+0x128/0x22c [ 77.839355][ T4953] sp : ffff80001fee76e0 [ 77.840051][ T4953] x29: ffff80001fee76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 77.841473][ T4953] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 77.842870][ T4953] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba4888 [ 77.844223][ T4953] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 77.845646][ T4953] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.847023][ T4953] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.848436][ T4953] x11: 0000000000000002 x10: 0000000000000000 x9 : 3c15066fd953d300 [ 77.849875][ T4953] x8 : 3c15066fd953d300 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.851338][ T4953] x5 : ffff80001fee6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.852714][ T4953] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.854098][ T4953] Call trace: [ 77.854671][ T4953] invalidate_bh_lru+0x128/0x22c [ 77.855469][ T4953] smp_call_function_many_cond+0xa50/0xeac [ 77.856444][ T4953] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.857322][ T4953] invalidate_bh_lrus+0x34/0x40 [ 77.858142][ T4953] blkdev_flush_mapping+0x16c/0x334 [ 77.859040][ T4953] blkdev_put+0x490/0x6ac [ 77.859752][ T4953] kill_block_super+0x98/0xdc [ 77.860471][ T4953] deactivate_locked_super+0xb8/0x134 [ 77.861302][ T4953] mount_bdev+0x284/0x358 [ 77.861992][ T4953] sysv_mount+0x44/0x58 [ 77.862632][ T4953] legacy_get_tree+0xd4/0x16c [ 77.863385][ T4953] vfs_get_tree+0x90/0x274 [ 77.864030][ T4953] do_new_mount+0x228/0x810 [ 77.864667][ T4953] path_mount+0x5bc/0x1008 [ 77.865311][ T4953] __arm64_sys_mount+0x514/0x5f0 [ 77.866025][ T4953] invoke_syscall+0x98/0x2b0 [ 77.866705][ T4953] el0_svc_common+0x138/0x258 [ 77.867461][ T4953] do_el0_svc+0x58/0x13c [ 77.868145][ T4953] el0_svc+0x78/0x1d0 [ 77.868749][ T4953] el0t_64_sync_handler+0xcc/0xe4 [ 77.869603][ T4953] el0t_64_sync+0x1a0/0x1a4 [ 77.870341][ T4953] irq event stamp: 1690 [ 77.871001][ T4953] hardirqs last enabled at (1689): [] kasan_quarantine_put+0xc4/0x200 [ 77.872646][ T4953] hardirqs last disabled at (1690): [] smp_call_function_many_cond+0xa44/0xeac [ 77.874416][ T4953] softirqs last enabled at (1672): [] handle_softirqs+0xa40/0xbe4 [ 77.876080][ T4953] softirqs last disabled at (1649): [] __irq_exit_rcu+0x240/0x43c [ 77.877737][ T4953] ---[ end trace 2ba480db038c16cd ]--- [ 77.975426][ T4955] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.976638][ T4955] Bad inode number on dev loop0: 2 is out of range [ 77.977623][ T4955] SysV FS: get root inode failed [ 77.978369][ T4955] oldfs: cannot read superblock [ 77.979137][ C0] ------------[ cut here ]------------ [ 77.980078][ C0] VFS: brelse: Trying to free free buffer [ 77.981091][ C0] WARNING: CPU: 0 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.982503][ C0] Modules linked in: [ 77.983136][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W syzkaller #0 [ 77.984654][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.986411][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.987680][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.988563][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.989476][ C0] sp : ffff800008007de0 [ 77.990225][ C0] x29: ffff800008007de0 x28: ffff8000142c3740 x27: 1fffe000341f225b [ 77.991641][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 77.992973][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba4c28 [ 77.994289][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 77.995612][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.997017][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.998539][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 7424e12053edfe00 [ 77.999960][ C0] x8 : 7424e12053edfe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.001412][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.002845][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.004348][ C0] Call trace: [ 78.004890][ C0] invalidate_bh_lru+0x128/0x22c [ 78.005694][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.006758][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.007937][ C0] ipi_handler+0x10c/0x6fc [ 78.008672][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 78.009655][ C0] handle_domain_irq+0x144/0x1fc [ 78.010543][ C0] gic_handle_irq+0x78/0x1b8 [ 78.011370][ C0] call_on_irq_stack+0x30/0x48 [ 78.012140][ C0] do_interrupt_handler+0x6c/0x88 [ 78.012988][ C0] el1_interrupt+0x30/0x58 [ 78.013754][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.014563][ C0] el1h_64_irq+0x78/0x7c [ 78.015288][ C0] arch_local_irq_enable+0xc/0x18 [ 78.016166][ C0] default_idle_call+0xcc/0x40c [ 78.016976][ C0] do_idle+0x2f8/0x56c [ 78.017712][ C0] cpu_startup_entry+0x24/0x28 [ 78.018544][ C0] rest_init+0x360/0x390 [ 78.019227][ C0] arch_call_rest_init+0x14/0x20 [ 78.020075][ C0] start_kernel+0x484/0x530 [ 78.020879][ C0] __primary_switched+0xa8/0xb0 [ 78.021696][ C0] irq event stamp: 509444 [ 78.022485][ C0] hardirqs last enabled at (509443): [] default_idle_call+0xb8/0x40c [ 78.024156][ C0] hardirqs last disabled at (509444): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.025873][ C0] softirqs last enabled at (509420): [] handle_softirqs+0xa40/0xbe4 [ 78.027540][ C0] softirqs last disabled at (509357): [] __irq_exit_rcu+0x240/0x43c [ 78.029308][ C0] ---[ end trace 2ba480db038c16ce ]--- [ 78.128511][ T4957] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.129638][ T4957] Bad inode number on dev loop0: 2 is out of range [ 78.130768][ T4957] SysV FS: get root inode failed [ 78.131740][ T4957] oldfs: cannot read superblock [ 78.145426][ C0] ------------[ cut here ]------------ [ 78.146312][ C0] VFS: brelse: Trying to free free buffer [ 78.147314][ C0] WARNING: CPU: 0 PID: 4959 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.148673][ C0] Modules linked in: [ 78.149274][ C0] CPU: 0 PID: 4959 Comm: syz.0.55 Tainted: G W syzkaller #0 [ 78.150740][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.152452][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.153763][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 78.154757][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 78.155589][ C0] sp : ffff800008007de0 [ 78.156298][ C0] x29: ffff800008007de0 x28: ffff0000cc2851c0 x27: 1fffe000341f225c [ 78.157654][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 78.159039][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b5970 [ 78.160368][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 78.161726][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.163083][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.164418][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 301a3358964cb100 [ 78.165760][ C0] x8 : 301a3358964cb100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.167120][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.168548][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.169947][ C0] Call trace: [ 78.170487][ C0] invalidate_bh_lru+0x128/0x22c [ 78.171250][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.172257][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.173417][ C0] ipi_handler+0x10c/0x6fc [ 78.174145][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 78.175082][ C0] handle_domain_irq+0x144/0x1fc [ 78.175927][ C0] gic_handle_irq+0x78/0x1b8 [ 78.176732][ C0] call_on_irq_stack+0x30/0x48 [ 78.177543][ C0] do_interrupt_handler+0x6c/0x88 [ 78.178370][ C0] el1_interrupt+0x30/0x58 [ 78.179182][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.179995][ C0] el1h_64_irq+0x78/0x7c [ 78.180725][ C0] lock_page_memcg+0x120/0x22c [ 78.181536][ C0] page_remove_rmap+0x3c/0xf90 [ 78.182347][ C0] unmap_page_range+0xb78/0x190c [ 78.183211][ C0] unmap_single_vma+0x13c/0x1e4 [ 78.184069][ C0] unmap_vmas+0x10c/0x214 [ 78.184820][ C0] exit_mmap+0x2c4/0x508 [ 78.185540][ C0] __mmput+0xec/0x3a8 [ 78.186206][ C0] mmput+0x80/0xc0 [ 78.186826][ C0] exit_mm+0x4ac/0x664 [ 78.187456][ C0] do_exit+0x4f0/0x1f50 [ 78.188114][ C0] do_group_exit+0x100/0x268 [ 78.188810][ C0] get_signal+0x73c/0x1334 [ 78.189551][ C0] do_notify_resume+0x354/0x309c [ 78.190407][ C0] el0_svc+0xf0/0x1d0 [ 78.191124][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.191973][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.192747][ C0] irq event stamp: 1678 [ 78.193424][ C0] hardirqs last enabled at (1677): [] lock_page_memcg+0x110/0x22c [ 78.195034][ C0] hardirqs last disabled at (1678): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.196617][ C0] softirqs last enabled at (310): [] handle_softirqs+0xa40/0xbe4 [ 78.198162][ C0] softirqs last disabled at (205): [] __irq_exit_rcu+0x240/0x43c [ 78.199747][ C0] ---[ end trace 2ba480db038c16cf ]--- [ 78.253760][ T4961] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.254986][ T4961] Bad inode number on dev loop0: 2 is out of range [ 78.256277][ T4961] SysV FS: get root inode failed [ 78.257040][ T4961] oldfs: cannot read superblock [ 78.270074][ C0] ------------[ cut here ]------------ [ 78.270971][ C0] VFS: brelse: Trying to free free buffer [ 78.271969][ C0] WARNING: CPU: 0 PID: 4963 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.273484][ C0] Modules linked in: [ 78.274159][ C0] CPU: 0 PID: 4963 Comm: syz.0.57 Tainted: G W syzkaller #0 [ 78.275662][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.277344][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.278714][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 78.279665][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 78.280508][ C0] sp : ffff800008007de0 [ 78.281324][ C0] x29: ffff800008007de0 x28: ffff0000c8f93680 x27: 1fffe000341f225c [ 78.282695][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 78.284066][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b5d10 [ 78.285411][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 78.286825][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.288288][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.289684][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 6bfd88d875354c00 [ 78.291068][ C0] x8 : 6bfd88d875354c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.292487][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.293806][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.295228][ C0] Call trace: [ 78.295835][ C0] invalidate_bh_lru+0x128/0x22c [ 78.296632][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.297653][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.298846][ C0] ipi_handler+0x10c/0x6fc [ 78.299614][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 78.300544][ C0] handle_domain_irq+0x144/0x1fc [ 78.301425][ C0] gic_handle_irq+0x78/0x1b8 [ 78.302167][ C0] call_on_irq_stack+0x30/0x48 [ 78.302964][ C0] do_interrupt_handler+0x6c/0x88 [ 78.303864][ C0] el1_interrupt+0x30/0x58 [ 78.304647][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.305430][ C0] el1h_64_irq+0x78/0x7c [ 78.306202][ C0] page_remove_rmap+0x20c/0xf90 [ 78.307037][ C0] unmap_page_range+0xb78/0x190c [ 78.307869][ C0] unmap_single_vma+0x13c/0x1e4 [ 78.308692][ C0] unmap_vmas+0x10c/0x214 [ 78.309423][ C0] exit_mmap+0x2c4/0x508 [ 78.310170][ C0] __mmput+0xec/0x3a8 [ 78.310850][ C0] mmput+0x80/0xc0 [ 78.311481][ C0] exit_mm+0x4ac/0x664 [ 78.312163][ C0] do_exit+0x4f0/0x1f50 [ 78.312865][ C0] do_group_exit+0x100/0x268 [ 78.313606][ C0] get_signal+0x73c/0x1334 [ 78.314388][ C0] do_notify_resume+0x354/0x309c [ 78.315192][ C0] el0_svc+0xf0/0x1d0 [ 78.315832][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.316700][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.317474][ C0] irq event stamp: 1220 [ 78.318156][ C0] hardirqs last enabled at (1219): [] lock_page_memcg+0x110/0x22c [ 78.319857][ C0] hardirqs last disabled at (1220): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.321524][ C0] softirqs last enabled at (772): [] local_bh_enable+0x10/0x34 [ 78.323063][ C0] softirqs last disabled at (770): [] local_bh_disable+0x10/0x34 [ 78.324645][ C0] ---[ end trace 2ba480db038c16d0 ]--- [ 78.387304][ T4965] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.388515][ T4965] Bad inode number on dev loop0: 2 is out of range [ 78.389633][ T4965] SysV FS: get root inode failed [ 78.390489][ T4965] oldfs: cannot read superblock [ 78.398313][ C1] ------------[ cut here ]------------ [ 78.399180][ C1] VFS: brelse: Trying to free free buffer [ 78.400171][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.401411][ C1] Modules linked in: [ 78.401959][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.403514][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.405168][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.406545][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.407421][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.408328][ C1] sp : ffff800008017de0 [ 78.409066][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645b [ 78.410482][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 78.411874][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df134888 [ 78.413228][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010004 [ 78.414572][ C1] x17: 0000000000010004 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.416019][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.417385][ C1] x11: 0000000000010003 x10: 0000000000010003 x9 : 19e79de5f0c73800 [ 78.418659][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.420027][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.421353][ C1] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 78.422771][ C1] Call trace: [ 78.423335][ C1] invalidate_bh_lru+0x128/0x22c [ 78.424176][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.425198][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.426354][ C1] ipi_handler+0x10c/0x6fc [ 78.427048][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.427958][ C1] handle_domain_irq+0x144/0x1fc [ 78.428831][ C1] gic_handle_irq+0x78/0x1b8 [ 78.429625][ C1] call_on_irq_stack+0x30/0x48 [ 78.430423][ C1] do_interrupt_handler+0x6c/0x88 [ 78.431270][ C1] el1_interrupt+0x30/0x58 [ 78.432070][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.432899][ C1] el1h_64_irq+0x78/0x7c [ 78.433637][ C1] copy_page_range+0xad4/0x2328 [ 78.434433][ C1] copy_mm+0x9d8/0x105c [ 78.435135][ C1] copy_process+0x1500/0x34c8 [ 78.435852][ C1] kernel_clone+0x1ec/0x9e8 [ 78.436595][ C1] __arm64_sys_clone+0x14c/0x1b8 [ 78.437364][ C1] invoke_syscall+0x98/0x2b0 [ 78.438136][ C1] el0_svc_common+0x138/0x258 [ 78.438958][ C1] do_el0_svc+0x58/0x13c [ 78.439662][ C1] el0_svc+0x78/0x1d0 [ 78.440343][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.441145][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.441904][ C1] irq event stamp: 297432 [ 78.442658][ C1] hardirqs last enabled at (297431): [] pte_alloc_one+0x194/0x254 [ 78.444345][ C1] hardirqs last disabled at (297432): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.445918][ C1] softirqs last enabled at (297326): [] local_bh_enable+0x10/0x34 [ 78.447551][ C1] softirqs last disabled at (297324): [] local_bh_disable+0x10/0x34 [ 78.449196][ C1] ---[ end trace 2ba480db038c16d1 ]--- [ 78.542755][ T4967] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.543936][ T4967] Bad inode number on dev loop0: 2 is out of range [ 78.544962][ T4967] SysV FS: get root inode failed [ 78.546169][ T4967] oldfs: cannot read superblock [ 78.556051][ C1] ------------[ cut here ]------------ [ 78.556882][ C1] VFS: brelse: Trying to free free buffer [ 78.557848][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.559248][ C1] Modules linked in: [ 78.559928][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.561498][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.563223][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.564590][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.565523][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.566433][ C1] sp : ffff800008017de0 [ 78.567147][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645d [ 78.568503][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000002 [ 78.569827][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df134c28 [ 78.571134][ C1] x20: ffff0001a0fb22e8 x19: ffff80001146afa0 x18: 0000000000010002 [ 78.572553][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.573883][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.575263][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 78.576715][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.578060][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.579400][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.580670][ C1] Call trace: [ 78.581212][ C1] invalidate_bh_lru+0x128/0x22c [ 78.582048][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.583032][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.584273][ C1] ipi_handler+0x10c/0x6fc [ 78.585026][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.585990][ C1] handle_domain_irq+0x144/0x1fc [ 78.586856][ C1] gic_handle_irq+0x78/0x1b8 [ 78.587676][ C1] call_on_irq_stack+0x30/0x48 [ 78.588437][ C1] do_interrupt_handler+0x6c/0x88 [ 78.589261][ C1] el1_interrupt+0x30/0x58 [ 78.590001][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.590840][ C1] el1h_64_irq+0x78/0x7c [ 78.591540][ C1] do_notify_resume+0x110/0x309c [ 78.592359][ C1] el0_svc+0xf0/0x1d0 [ 78.593040][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.593931][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.594612][ C1] irq event stamp: 298084 [ 78.595293][ C1] hardirqs last enabled at (298083): [] do_notify_resume+0x104/0x309c [ 78.596903][ C1] hardirqs last disabled at (298084): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.598580][ C1] softirqs last enabled at (297990): [] local_bh_enable+0x10/0x34 [ 78.600128][ C1] softirqs last disabled at (297988): [] local_bh_disable+0x10/0x34 [ 78.601737][ C1] ---[ end trace 2ba480db038c16d2 ]--- [ 78.654516][ T4969] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.655751][ T4969] Bad inode number on dev loop0: 2 is out of range [ 78.656900][ T4969] SysV FS: get root inode failed [ 78.657770][ T4969] oldfs: cannot read superblock [ 78.661645][ T4867] ------------[ cut here ]------------ [ 78.662572][ T4867] VFS: brelse: Trying to free free buffer [ 78.663575][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.664959][ T4867] Modules linked in: [ 78.665633][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 78.666988][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.668666][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.669985][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 78.670862][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 78.671691][ T4867] sp : ffff80001fc377c0 [ 78.672379][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 78.673761][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 78.675091][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b5148 [ 78.676472][ T4867] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.677832][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.679281][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.680612][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 78.681964][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.683269][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.684653][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.685994][ T4867] Call trace: [ 78.686584][ T4867] invalidate_bh_lru+0x128/0x22c [ 78.687402][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 78.688378][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.689234][ T4867] invalidate_bh_lrus+0x34/0x40 [ 78.690009][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 78.690883][ T4867] blkdev_put+0x490/0x6ac [ 78.691584][ T4867] blkdev_close+0x74/0xb0 [ 78.692298][ T4867] __fput+0x1c0/0x7e8 [ 78.692942][ T4867] ____fput+0x20/0x30 [ 78.693620][ T4867] task_work_run+0x12c/0x1d8 [ 78.694399][ T4867] do_notify_resume+0x2450/0x309c [ 78.695239][ T4867] el0_svc+0xf0/0x1d0 [ 78.695895][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 78.696770][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 78.697499][ T4867] irq event stamp: 247570 [ 78.698203][ T4867] hardirqs last enabled at (247569): [] kasan_quarantine_put+0xc4/0x200 [ 78.699860][ T4867] hardirqs last disabled at (247570): [] smp_call_function_many_cond+0xa44/0xeac [ 78.701618][ T4867] softirqs last enabled at (247296): [] local_bh_enable+0x10/0x34 [ 78.703235][ T4867] softirqs last disabled at (247294): [] local_bh_disable+0x10/0x34 [ 78.704856][ T4867] ---[ end trace 2ba480db038c16d3 ]--- [ 78.763047][ T4971] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.764313][ T4971] Bad inode number on dev loop0: 2 is out of range [ 78.765487][ T4971] SysV FS: get root inode failed [ 78.766247][ T4971] oldfs: cannot read superblock [ 78.770278][ C0] ------------[ cut here ]------------ [ 78.771135][ C0] VFS: brelse: Trying to free free buffer [ 78.772213][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.773810][ C0] Modules linked in: [ 78.774499][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.776043][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.777833][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.779176][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 78.780042][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 78.780966][ C0] sp : ffff800008007de0 [ 78.781640][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 78.783002][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 78.784348][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b54e8 [ 78.785548][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 78.786935][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.788193][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.789553][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 19e79de5f0c73800 [ 78.790918][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.792359][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.793733][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.795090][ C0] Call trace: [ 78.795646][ C0] invalidate_bh_lru+0x128/0x22c [ 78.796457][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.797466][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.798716][ C0] ipi_handler+0x10c/0x6fc [ 78.799473][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 78.800390][ C0] handle_domain_irq+0x144/0x1fc [ 78.801225][ C0] gic_handle_irq+0x78/0x1b8 [ 78.802030][ C0] call_on_irq_stack+0x30/0x48 [ 78.802809][ C0] do_interrupt_handler+0x6c/0x88 [ 78.803666][ C0] el1_interrupt+0x30/0x58 [ 78.804405][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.805227][ C0] el1h_64_irq+0x78/0x7c [ 78.805945][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 78.806935][ C0] debug_check_no_obj_freed+0x450/0x46c [ 78.807931][ C0] slab_free_freelist_hook+0x9c/0x1e4 [ 78.808845][ C0] kmem_cache_free+0xdc/0x3b0 [ 78.809612][ C0] user_path_at_empty+0x144/0x1a0 [ 78.810480][ C0] __arm64_sys_umount+0xf8/0x184 [ 78.811301][ C0] invoke_syscall+0x98/0x2b0 [ 78.812102][ C0] el0_svc_common+0x138/0x258 [ 78.812921][ C0] do_el0_svc+0x58/0x13c [ 78.813641][ C0] el0_svc+0x78/0x1d0 [ 78.814304][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.815165][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.815943][ C0] irq event stamp: 304824 [ 78.816667][ C0] hardirqs last enabled at (304823): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 78.818511][ C0] hardirqs last disabled at (304824): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.820181][ C0] softirqs last enabled at (304812): [] local_bh_enable+0x10/0x34 [ 78.821715][ C0] softirqs last disabled at (304810): [] local_bh_disable+0x10/0x34 [ 78.823347][ C0] ---[ end trace 2ba480db038c16d4 ]--- 1970/01/01 00:01:18 executed programs: 49 [ 78.859084][ T4973] set_capacity_and_notify: 28 callbacks suppressed [ 78.859093][ T4973] loop0: detected capacity change from 0 to 128 [ 78.863687][ T4973] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.864876][ T4973] Bad inode number on dev loop0: 2 is out of range [ 78.866020][ T4973] SysV FS: get root inode failed [ 78.866928][ T4973] oldfs: cannot read superblock [ 78.870124][ C1] ------------[ cut here ]------------ [ 78.870988][ C1] VFS: brelse: Trying to free free buffer [ 78.872001][ C1] WARNING: CPU: 1 PID: 4399 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.873527][ C1] Modules linked in: [ 78.874201][ C1] CPU: 1 PID: 4399 Comm: syz-execprog Tainted: G W syzkaller #0 [ 78.875801][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.877525][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.878850][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.879770][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.880614][ C1] sp : ffff800008017de0 [ 78.881319][ C1] x29: ffff800008017de0 x28: ffff0000c89e0000 x27: 1fffe000341f645c [ 78.882652][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 78.884014][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df130ee0 [ 78.885317][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 78.886594][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.887848][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.889122][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7187c4e5e8027500 [ 78.890487][ C1] x8 : 7187c4e5e8027500 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.891883][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.893272][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.894634][ C1] Call trace: [ 78.895176][ C1] invalidate_bh_lru+0x128/0x22c [ 78.895999][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.897012][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.898137][ C1] ipi_handler+0x10c/0x6fc [ 78.898903][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.899832][ C1] handle_domain_irq+0x144/0x1fc [ 78.900592][ C1] gic_handle_irq+0x78/0x1b8 [ 78.901296][ C1] call_on_irq_stack+0x30/0x48 [ 78.901995][ C1] do_interrupt_handler+0x6c/0x88 [ 78.902734][ C1] el1_interrupt+0x30/0x58 [ 78.903387][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.904084][ C1] el1h_64_irq+0x78/0x7c [ 78.904680][ C1] __free_object+0x1f0/0x894 [ 78.905312][ C1] debug_object_free+0x2b0/0x450 [ 78.906101][ C1] schedule_hrtimeout_range_clock+0x1e4/0x354 [ 78.907110][ C1] schedule_hrtimeout_range+0x38/0x4c [ 78.908027][ C1] ep_poll+0x13bc/0x1650 [ 78.908688][ C1] do_epoll_wait+0x1a0/0x218 [ 78.909455][ C1] do_epoll_pwait+0x70/0x194 [ 78.910243][ C1] __arm64_sys_epoll_pwait+0x1f4/0x24c [ 78.911196][ C1] invoke_syscall+0x98/0x2b0 [ 78.911975][ C1] el0_svc_common+0x138/0x258 [ 78.912805][ C1] do_el0_svc+0x58/0x13c [ 78.913532][ C1] el0_svc+0x78/0x1d0 [ 78.914186][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.915017][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.915791][ C1] irq event stamp: 1716280 [ 78.916550][ C1] hardirqs last enabled at (1716279): [] __free_object+0x1e0/0x894 [ 78.918186][ C1] hardirqs last disabled at (1716280): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.919854][ C1] softirqs last enabled at (1716248): [] release_sock+0x1d0/0x258 [ 78.921423][ C1] softirqs last disabled at (1716246): [] release_sock+0x34/0x258 [ 78.923050][ C1] ---[ end trace 2ba480db038c16d5 ]--- [ 78.979850][ T4975] loop0: detected capacity change from 0 to 128 [ 78.984549][ T4975] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.986000][ T4975] Bad inode number on dev loop0: 2 is out of range [ 78.987156][ T4975] SysV FS: get root inode failed [ 78.987971][ T4975] oldfs: cannot read superblock [ 78.996914][ T4867] ------------[ cut here ]------------ [ 78.997813][ T4867] VFS: brelse: Trying to free free buffer [ 78.998855][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.000349][ T4867] Modules linked in: [ 79.001022][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 79.002371][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.004045][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.005333][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 79.006187][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 79.007024][ T4867] sp : ffff80001fc377c0 [ 79.007750][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 79.009092][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 79.010434][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a24e8 [ 79.011813][ T4867] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.013151][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.014387][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.015790][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 79.017100][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.018416][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.019736][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.021112][ T4867] Call trace: [ 79.021658][ T4867] invalidate_bh_lru+0x128/0x22c [ 79.022422][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 79.023344][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.024186][ T4867] invalidate_bh_lrus+0x34/0x40 [ 79.024910][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 79.025738][ T4867] blkdev_put+0x490/0x6ac [ 79.026439][ T4867] blkdev_close+0x74/0xb0 [ 79.027108][ T4867] __fput+0x1c0/0x7e8 [ 79.027711][ T4867] ____fput+0x20/0x30 [ 79.028318][ T4867] task_work_run+0x12c/0x1d8 [ 79.029075][ T4867] do_notify_resume+0x2450/0x309c [ 79.029856][ T4867] el0_svc+0xf0/0x1d0 [ 79.030528][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 79.031383][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 79.032128][ T4867] irq event stamp: 262984 [ 79.032826][ T4867] hardirqs last enabled at (262983): [] kasan_quarantine_put+0xc4/0x200 [ 79.034513][ T4867] hardirqs last disabled at (262984): [] smp_call_function_many_cond+0xa44/0xeac [ 79.036371][ T4867] softirqs last enabled at (262722): [] local_bh_enable+0x10/0x34 [ 79.038018][ T4867] softirqs last disabled at (262720): [] local_bh_disable+0x10/0x34 [ 79.039647][ T4867] ---[ end trace 2ba480db038c16d6 ]--- [ 79.065700][ T4977] loop0: detected capacity change from 0 to 128 [ 79.133554][ T4977] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.134741][ T4977] Bad inode number on dev loop0: 2 is out of range [ 79.135815][ T4977] SysV FS: get root inode failed [ 79.136653][ T4977] oldfs: cannot read superblock [ 79.145869][ T4867] ------------[ cut here ]------------ [ 79.146790][ T4867] VFS: brelse: Trying to free free buffer [ 79.147769][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.149215][ T4867] Modules linked in: [ 79.149907][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 79.151282][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.152995][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.154335][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 79.155243][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 79.156116][ T4867] sp : ffff80001fc377c0 [ 79.156840][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 79.158171][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 79.159563][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a2888 [ 79.160969][ T4867] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.162339][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.163660][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.164872][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 79.166244][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.167618][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.168970][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.170275][ T4867] Call trace: [ 79.170854][ T4867] invalidate_bh_lru+0x128/0x22c [ 79.171669][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 79.172708][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.173544][ T4867] invalidate_bh_lrus+0x34/0x40 [ 79.174370][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 79.175260][ T4867] blkdev_put+0x490/0x6ac [ 79.175979][ T4867] blkdev_close+0x74/0xb0 [ 79.176749][ T4867] __fput+0x1c0/0x7e8 [ 79.177424][ T4867] ____fput+0x20/0x30 [ 79.178068][ T4867] task_work_run+0x12c/0x1d8 [ 79.178848][ T4867] do_notify_resume+0x2450/0x309c [ 79.179718][ T4867] el0_svc+0xf0/0x1d0 [ 79.180416][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 79.181249][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 79.182064][ T4867] irq event stamp: 267468 [ 79.182802][ T4867] hardirqs last enabled at (267467): [] kasan_quarantine_put+0xc4/0x200 [ 79.184526][ T4867] hardirqs last disabled at (267468): [] smp_call_function_many_cond+0xa44/0xeac [ 79.186353][ T4867] softirqs last enabled at (267198): [] local_bh_enable+0x10/0x34 [ 79.188019][ T4867] softirqs last disabled at (267196): [] local_bh_disable+0x10/0x34 [ 79.189700][ T4867] ---[ end trace 2ba480db038c16d7 ]--- [ 79.249757][ T4979] loop0: detected capacity change from 0 to 128 [ 79.256553][ T4979] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.257802][ T4979] Bad inode number on dev loop0: 2 is out of range [ 79.258931][ T4979] SysV FS: get root inode failed [ 79.259827][ T4979] oldfs: cannot read superblock [ 79.260724][ T4979] ------------[ cut here ]------------ [ 79.261593][ T4979] VFS: brelse: Trying to free free buffer [ 79.262558][ T4979] WARNING: CPU: 0 PID: 4979 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.264045][ T4979] Modules linked in: [ 79.264751][ T4979] CPU: 0 PID: 4979 Comm: syz.0.65 Tainted: G W syzkaller #0 [ 79.266139][ T4979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.267854][ T4979] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.269228][ T4979] pc : invalidate_bh_lru+0x128/0x22c [ 79.270108][ T4979] lr : invalidate_bh_lru+0x128/0x22c [ 79.271050][ T4979] sp : ffff80001ffa76e0 [ 79.271802][ T4979] x29: ffff80001ffa76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 79.273185][ T4979] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 79.274554][ T4979] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a2c28 [ 79.275943][ T4979] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.277227][ T4979] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.278584][ T4979] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.279920][ T4979] x11: 0000000000000002 x10: 0000000000000000 x9 : aafc9f58cfd1f100 [ 79.281312][ T4979] x8 : aafc9f58cfd1f100 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.282671][ T4979] x5 : ffff80001ffa6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.284052][ T4979] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.285444][ T4979] Call trace: [ 79.286029][ T4979] invalidate_bh_lru+0x128/0x22c [ 79.286896][ T4979] smp_call_function_many_cond+0xa50/0xeac [ 79.287845][ T4979] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.288756][ T4979] invalidate_bh_lrus+0x34/0x40 [ 79.289623][ T4979] blkdev_flush_mapping+0x16c/0x334 [ 79.290439][ T4979] blkdev_put+0x490/0x6ac [ 79.291259][ T4979] kill_block_super+0x98/0xdc [ 79.292024][ T4979] deactivate_locked_super+0xb8/0x134 [ 79.292902][ T4979] mount_bdev+0x284/0x358 [ 79.293608][ T4979] sysv_mount+0x44/0x58 [ 79.294247][ T4979] legacy_get_tree+0xd4/0x16c [ 79.294994][ T4979] vfs_get_tree+0x90/0x274 [ 79.295769][ T4979] do_new_mount+0x228/0x810 [ 79.296475][ T4979] path_mount+0x5bc/0x1008 [ 79.297182][ T4979] __arm64_sys_mount+0x514/0x5f0 [ 79.297962][ T4979] invoke_syscall+0x98/0x2b0 [ 79.298728][ T4979] el0_svc_common+0x138/0x258 [ 79.299458][ T4979] do_el0_svc+0x58/0x13c [ 79.300167][ T4979] el0_svc+0x78/0x1d0 [ 79.300758][ T4979] el0t_64_sync_handler+0xcc/0xe4 [ 79.301550][ T4979] el0t_64_sync+0x1a0/0x1a4 [ 79.302270][ T4979] irq event stamp: 1024 [ 79.302935][ T4979] hardirqs last enabled at (1023): [] kasan_quarantine_put+0xc4/0x200 [ 79.304529][ T4979] hardirqs last disabled at (1024): [] smp_call_function_many_cond+0xa44/0xeac [ 79.306360][ T4979] softirqs last enabled at (842): [] local_bh_enable+0x10/0x34 [ 79.307930][ T4979] softirqs last disabled at (840): [] local_bh_disable+0x10/0x34 [ 79.309458][ T4979] ---[ end trace 2ba480db038c16d8 ]--- [ 79.394554][ T4981] loop0: detected capacity change from 0 to 128 [ 79.397503][ T4981] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.398642][ T4981] Bad inode number on dev loop0: 2 is out of range [ 79.399642][ T4981] SysV FS: get root inode failed [ 79.400417][ T4981] oldfs: cannot read superblock [ 79.412575][ T4867] ------------[ cut here ]------------ [ 79.413518][ T4867] VFS: brelse: Trying to free free buffer [ 79.414618][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.416044][ T4867] Modules linked in: [ 79.416686][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 79.418077][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.419754][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.421074][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 79.421936][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 79.422859][ T4867] sp : ffff80001fc377c0 [ 79.423550][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 79.424854][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 79.426237][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df12c318 [ 79.427542][ T4867] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.428917][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.430322][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.431685][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 79.433079][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.434520][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.435905][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.437209][ T4867] Call trace: [ 79.437767][ T4867] invalidate_bh_lru+0x128/0x22c [ 79.438665][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 79.439680][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.440489][ T4867] invalidate_bh_lrus+0x34/0x40 [ 79.441301][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 79.442254][ T4867] blkdev_put+0x490/0x6ac [ 79.442953][ T4867] blkdev_close+0x74/0xb0 [ 79.443643][ T4867] __fput+0x1c0/0x7e8 [ 79.444310][ T4867] ____fput+0x20/0x30 [ 79.444978][ T4867] task_work_run+0x12c/0x1d8 [ 79.445792][ T4867] do_notify_resume+0x2450/0x309c [ 79.446651][ T4867] el0_svc+0xf0/0x1d0 [ 79.447327][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 79.448177][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 79.448943][ T4867] irq event stamp: 279374 [ 79.449645][ T4867] hardirqs last enabled at (279373): [] kasan_quarantine_put+0xc4/0x200 [ 79.451406][ T4867] hardirqs last disabled at (279374): [] smp_call_function_many_cond+0xa44/0xeac [ 79.453253][ T4867] softirqs last enabled at (279126): [] local_bh_enable+0x10/0x34 [ 79.454897][ T4867] softirqs last disabled at (279124): [] local_bh_disable+0x10/0x34 [ 79.456415][ T4867] ---[ end trace 2ba480db038c16d9 ]--- [ 79.492834][ T4983] loop0: detected capacity change from 0 to 128 [ 79.573272][ T4983] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.574511][ T4983] Bad inode number on dev loop0: 2 is out of range [ 79.575603][ T4983] SysV FS: get root inode failed [ 79.576481][ T4983] oldfs: cannot read superblock [ 79.585873][ C1] ------------[ cut here ]------------ [ 79.586819][ C1] VFS: brelse: Trying to free free buffer [ 79.587899][ C1] WARNING: CPU: 1 PID: 4984 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.589319][ C1] Modules linked in: [ 79.589949][ C1] CPU: 1 PID: 4984 Comm: syz.0.68 Tainted: G W syzkaller #0 [ 79.591321][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.592977][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.594313][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.595257][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.596118][ C1] sp : ffff800008017de0 [ 79.596863][ C1] x29: ffff800008017de0 x28: ffff0000d1079b40 x27: 1fffe000341f645c [ 79.598261][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 79.599634][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df12c6b8 [ 79.601009][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010004 [ 79.602415][ C1] x17: 0000000000010004 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.603833][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.605171][ C1] x11: 0000000000010003 x10: 0000000000010003 x9 : 73fb1ea714612900 [ 79.606542][ C1] x8 : 73fb1ea714612900 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.607901][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.609273][ C1] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 79.610544][ C1] Call trace: [ 79.611092][ C1] invalidate_bh_lru+0x128/0x22c [ 79.611911][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.612907][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.614061][ C1] ipi_handler+0x10c/0x6fc [ 79.614806][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.615709][ C1] handle_domain_irq+0x144/0x1fc [ 79.616536][ C1] gic_handle_irq+0x78/0x1b8 [ 79.617317][ C1] call_on_irq_stack+0x30/0x48 [ 79.618068][ C1] do_interrupt_handler+0x6c/0x88 [ 79.618983][ C1] el1_interrupt+0x30/0x58 [ 79.619704][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.620570][ C1] el1h_64_irq+0x78/0x7c [ 79.621248][ C1] lock_acquire+0x234/0x618 [ 79.621985][ C1] local_lock_acquire+0x4c/0x19c [ 79.622775][ C1] lru_cache_add+0x280/0x6dc [ 79.623567][ C1] lru_cache_add_inactive_or_unevictable+0x130/0x2f0 [ 79.624630][ C1] handle_mm_fault+0x23a0/0x2a28 [ 79.625512][ C1] do_page_fault+0x67c/0xab0 [ 79.626307][ C1] do_translation_fault+0xe0/0x130 [ 79.627168][ C1] do_mem_abort+0x6c/0x1ac [ 79.627930][ C1] el0_da+0x90/0x1ec [ 79.628522][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 79.629359][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.630111][ C1] irq event stamp: 1184 [ 79.630759][ C1] hardirqs last enabled at (1183): [] charge_memcg+0x190/0x21c [ 79.632413][ C1] hardirqs last disabled at (1184): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.634074][ C1] softirqs last enabled at (1094): [] local_bh_enable+0x10/0x34 [ 79.635643][ C1] softirqs last disabled at (1092): [] local_bh_disable+0x10/0x34 [ 79.637242][ C1] ---[ end trace 2ba480db038c16da ]--- [ 79.674691][ T4985] loop0: detected capacity change from 0 to 128 [ 79.713349][ T4985] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.714504][ T4985] Bad inode number on dev loop0: 2 is out of range [ 79.715568][ T4985] SysV FS: get root inode failed [ 79.716380][ T4985] oldfs: cannot read superblock [ 79.717253][ T4985] ------------[ cut here ]------------ [ 79.718189][ T4985] VFS: brelse: Trying to free free buffer [ 79.719194][ T4985] WARNING: CPU: 0 PID: 4985 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.720526][ T4985] Modules linked in: [ 79.721133][ T4985] CPU: 0 PID: 4985 Comm: syz.0.68 Tainted: G W syzkaller #0 [ 79.722498][ T4985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.724166][ T4985] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.725467][ T4985] pc : invalidate_bh_lru+0x128/0x22c [ 79.726306][ T4985] lr : invalidate_bh_lru+0x128/0x22c [ 79.727139][ T4985] sp : ffff8000200176e0 [ 79.727801][ T4985] x29: ffff8000200176e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 79.729095][ T4985] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 79.730374][ T4985] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcae8060 [ 79.731693][ T4985] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.732994][ T4985] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.734292][ T4985] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.735673][ T4985] x11: 0000000000000002 x10: 0000000000000000 x9 : 1c4e64f4b15ac400 [ 79.736960][ T4985] x8 : 1c4e64f4b15ac400 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.738270][ T4985] x5 : ffff800020016ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.739612][ T4985] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.741000][ T4985] Call trace: [ 79.741529][ T4985] invalidate_bh_lru+0x128/0x22c [ 79.742335][ T4985] smp_call_function_many_cond+0xa50/0xeac [ 79.743288][ T4985] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.744128][ T4985] invalidate_bh_lrus+0x34/0x40 [ 79.744907][ T4985] blkdev_flush_mapping+0x16c/0x334 [ 79.745766][ T4985] blkdev_put+0x490/0x6ac [ 79.746470][ T4985] kill_block_super+0x98/0xdc [ 79.747241][ T4985] deactivate_locked_super+0xb8/0x134 [ 79.748120][ T4985] mount_bdev+0x284/0x358 [ 79.748859][ T4985] sysv_mount+0x44/0x58 [ 79.749568][ T4985] legacy_get_tree+0xd4/0x16c [ 79.750365][ T4985] vfs_get_tree+0x90/0x274 [ 79.751093][ T4985] do_new_mount+0x228/0x810 [ 79.751844][ T4985] path_mount+0x5bc/0x1008 [ 79.752566][ T4985] __arm64_sys_mount+0x514/0x5f0 [ 79.753366][ T4985] invoke_syscall+0x98/0x2b0 [ 79.754104][ T4985] el0_svc_common+0x138/0x258 [ 79.754858][ T4985] do_el0_svc+0x58/0x13c [ 79.755543][ T4985] el0_svc+0x78/0x1d0 [ 79.756181][ T4985] el0t_64_sync_handler+0xcc/0xe4 [ 79.756972][ T4985] el0t_64_sync+0x1a0/0x1a4 [ 79.757696][ T4985] irq event stamp: 1124 [ 79.758346][ T4985] hardirqs last enabled at (1123): [] kasan_quarantine_put+0xc4/0x200 [ 79.759880][ T4985] hardirqs last disabled at (1124): [] smp_call_function_many_cond+0xa44/0xeac [ 79.761572][ T4985] softirqs last enabled at (902): [] local_bh_enable+0x10/0x34 [ 79.763031][ T4985] softirqs last disabled at (900): [] local_bh_disable+0x10/0x34 [ 79.764516][ T4985] ---[ end trace 2ba480db038c16db ]--- [ 79.855055][ T4987] loop0: detected capacity change from 0 to 128 [ 79.913205][ T4987] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.914406][ T4987] Bad inode number on dev loop0: 2 is out of range [ 79.915690][ T4987] SysV FS: get root inode failed [ 79.916488][ T4987] oldfs: cannot read superblock [ 79.920626][ C0] ------------[ cut here ]------------ [ 79.921437][ C0] VFS: brelse: Trying to free free buffer [ 79.922479][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.923994][ C0] Modules linked in: [ 79.924712][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.926238][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.928098][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.929373][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.930266][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.931096][ C0] sp : ffff800008007de0 [ 79.931800][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 79.933241][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.934614][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcae8400 [ 79.935962][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.937343][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.938706][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.940066][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 79.941447][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.942896][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.944260][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.945555][ C0] Call trace: [ 79.946070][ C0] invalidate_bh_lru+0x128/0x22c [ 79.946839][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.947804][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.948962][ C0] ipi_handler+0x10c/0x6fc [ 79.949729][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.950651][ C0] handle_domain_irq+0x144/0x1fc [ 79.951422][ C0] gic_handle_irq+0x78/0x1b8 [ 79.952161][ C0] call_on_irq_stack+0x30/0x48 [ 79.952920][ C0] do_interrupt_handler+0x6c/0x88 [ 79.953727][ C0] el1_interrupt+0x30/0x58 [ 79.954449][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.955284][ C0] el1h_64_irq+0x78/0x7c [ 79.955983][ C0] el0_svc_common+0xa8/0x258 [ 79.956747][ C0] do_el0_svc+0x58/0x13c [ 79.957434][ C0] el0_svc+0x78/0x1d0 [ 79.958112][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.959000][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.959779][ C0] irq event stamp: 330140 [ 79.960454][ C0] hardirqs last enabled at (330139): [] el0_svc_common+0x9c/0x258 [ 79.962149][ C0] hardirqs last disabled at (330140): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.963851][ C0] softirqs last enabled at (330122): [] local_bh_enable+0x10/0x34 [ 79.965519][ C0] softirqs last disabled at (330120): [] local_bh_disable+0x10/0x34 [ 79.967147][ C0] ---[ end trace 2ba480db038c16dc ]--- [ 80.011041][ T4989] loop0: detected capacity change from 0 to 128 [ 80.013987][ T4989] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.015194][ T4989] Bad inode number on dev loop0: 2 is out of range [ 80.016298][ T4989] SysV FS: get root inode failed [ 80.017134][ T4989] oldfs: cannot read superblock [ 80.025618][ T4651] ------------[ cut here ]------------ [ 80.026601][ T4651] VFS: brelse: Trying to free free buffer [ 80.027559][ T4651] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.029045][ T4651] Modules linked in: [ 80.029686][ T4651] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.031144][ T4651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.032824][ T4651] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.034152][ T4651] pc : invalidate_bh_lru+0x128/0x22c [ 80.035066][ T4651] lr : invalidate_bh_lru+0x128/0x22c [ 80.035936][ T4651] sp : ffff80001f9677c0 [ 80.036618][ T4651] x29: ffff80001f9677c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 80.037938][ T4651] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.039284][ T4651] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df12ca58 [ 80.040637][ T4651] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.041991][ T4651] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.043363][ T4651] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.044704][ T4651] x11: 0000000000000002 x10: 0000000000000000 x9 : 19e79de5f0c73800 [ 80.046068][ T4651] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.047486][ T4651] x5 : ffff80001f9670d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.048798][ T4651] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.050109][ T4651] Call trace: [ 80.050659][ T4651] invalidate_bh_lru+0x128/0x22c [ 80.051503][ T4651] smp_call_function_many_cond+0xa50/0xeac [ 80.052427][ T4651] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.053309][ T4651] invalidate_bh_lrus+0x34/0x40 [ 80.054116][ T4651] blkdev_flush_mapping+0x16c/0x334 [ 80.055025][ T4651] blkdev_put+0x490/0x6ac [ 80.055766][ T4651] blkdev_close+0x74/0xb0 [ 80.056507][ T4651] __fput+0x1c0/0x7e8 [ 80.057149][ T4651] ____fput+0x20/0x30 [ 80.057803][ T4651] task_work_run+0x12c/0x1d8 [ 80.058569][ T4651] do_notify_resume+0x2450/0x309c [ 80.059436][ T4651] el0_svc+0xf0/0x1d0 [ 80.060118][ T4651] el0t_64_sync_handler+0xcc/0xe4 [ 80.061015][ T4651] el0t_64_sync+0x1a0/0x1a4 [ 80.061789][ T4651] irq event stamp: 334008 [ 80.062528][ T4651] hardirqs last enabled at (334007): [] finish_lock_switch+0xb0/0x1c4 [ 80.064201][ T4651] hardirqs last disabled at (334008): [] smp_call_function_many_cond+0xa44/0xeac [ 80.066045][ T4651] softirqs last enabled at (333938): [] local_bh_enable+0x10/0x34 [ 80.067649][ T4651] softirqs last disabled at (333936): [] local_bh_disable+0x10/0x34 [ 80.069325][ T4651] ---[ end trace 2ba480db038c16dd ]--- [ 80.090936][ T4991] loop0: detected capacity change from 0 to 128 [ 80.136742][ T4991] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.138125][ T4991] Bad inode number on dev loop0: 2 is out of range [ 80.139274][ T4991] SysV FS: get root inode failed [ 80.140149][ T4991] oldfs: cannot read superblock [ 80.142725][ C1] ------------[ cut here ]------------ [ 80.143592][ C1] VFS: brelse: Trying to free free buffer [ 80.144547][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.145984][ C1] Modules linked in: [ 80.146634][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 80.147963][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.149667][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.150947][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.151882][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.152783][ C1] sp : ffff800008017de0 [ 80.153469][ C1] x29: ffff800008017de0 x28: ffff0000d61b9b40 x27: 1fffe000341f645b [ 80.154884][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.156271][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df12cdf8 [ 80.157693][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.159055][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.160416][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.161770][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 6dbd0b20b0315400 [ 80.163197][ C1] x8 : 6dbd0b20b0315400 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.164571][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.165942][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.167378][ C1] Call trace: [ 80.167930][ C1] invalidate_bh_lru+0x128/0x22c [ 80.168810][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.169847][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.171040][ C1] ipi_handler+0x10c/0x6fc [ 80.171784][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.172800][ C1] handle_domain_irq+0x144/0x1fc [ 80.173643][ C1] gic_handle_irq+0x78/0x1b8 [ 80.174475][ C1] call_on_irq_stack+0x30/0x48 [ 80.175336][ C1] do_interrupt_handler+0x6c/0x88 [ 80.176212][ C1] el1_interrupt+0x30/0x58 [ 80.176990][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.177859][ C1] el1h_64_irq+0x78/0x7c [ 80.178582][ C1] __sanitizer_cov_trace_cmp8+0xbc/0xc0 [ 80.179533][ C1] memcg_slab_free_hook+0xa8/0x1f4 [ 80.180502][ C1] ___cache_free+0x78/0x1b8 [ 80.181297][ C1] qlink_free+0x5c/0xa0 [ 80.182067][ C1] qlist_free_all+0x40/0xa8 [ 80.182853][ C1] kasan_quarantine_reduce+0x124/0x130 [ 80.183772][ C1] __kasan_slab_alloc+0x34/0xcc [ 80.184558][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 80.185385][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 80.186167][ C1] getname_flags+0xb8/0x450 [ 80.186870][ C1] getname+0x28/0x38 [ 80.187523][ C1] do_sys_openat2+0xdc/0x3f4 [ 80.188228][ C1] __arm64_sys_openat+0x118/0x14c [ 80.189090][ C1] invoke_syscall+0x98/0x2b0 [ 80.189828][ C1] el0_svc_common+0x138/0x258 [ 80.190574][ C1] do_el0_svc+0x58/0x13c [ 80.191245][ C1] el0_svc+0x78/0x1d0 [ 80.191861][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.192644][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.193313][ C1] irq event stamp: 1274620 [ 80.193926][ C1] hardirqs last enabled at (1274619): [] put_cpu_partial+0x188/0x214 [ 80.195567][ C1] hardirqs last disabled at (1274620): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.197272][ C1] softirqs last enabled at (1274192): [] local_bh_enable+0x10/0x34 [ 80.198915][ C1] softirqs last disabled at (1274190): [] local_bh_disable+0x10/0x34 [ 80.200520][ C1] ---[ end trace 2ba480db038c16de ]--- [ 80.281499][ T4993] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.282899][ T4993] Bad inode number on dev loop0: 2 is out of range [ 80.284297][ T4993] SysV FS: get root inode failed [ 80.285102][ T4993] oldfs: cannot read superblock [ 80.292134][ C1] ------------[ cut here ]------------ [ 80.293027][ C1] VFS: brelse: Trying to free free buffer [ 80.294050][ C1] WARNING: CPU: 1 PID: 3645 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.295552][ C1] Modules linked in: [ 80.296231][ C1] CPU: 1 PID: 3645 Comm: syslogd Tainted: G W syzkaller #0 [ 80.297620][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.299287][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.300580][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.301444][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.302382][ C1] sp : ffff800008017de0 [ 80.303061][ C1] x29: ffff800008017de0 x28: ffff0000d50b51c0 x27: 1fffe000341f645c [ 80.304406][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.305729][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1a1230 [ 80.307075][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.308396][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.309774][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.311213][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : ba3012d4795b6100 [ 80.312655][ C1] x8 : ba3012d4795b6100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.314005][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.315371][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.316765][ C1] Call trace: [ 80.317331][ C1] invalidate_bh_lru+0x128/0x22c [ 80.318156][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.319161][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.320372][ C1] ipi_handler+0x10c/0x6fc [ 80.321108][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.322051][ C1] handle_domain_irq+0x144/0x1fc [ 80.322884][ C1] gic_handle_irq+0x78/0x1b8 [ 80.323660][ C1] call_on_irq_stack+0x30/0x48 [ 80.324467][ C1] do_interrupt_handler+0x6c/0x88 [ 80.325276][ C1] el1_interrupt+0x30/0x58 [ 80.326008][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.326799][ C1] el1h_64_irq+0x78/0x7c [ 80.327496][ C1] memset+0x84/0x88 [ 80.328144][ C1] stack_trace_save+0x9c/0xf0 [ 80.328875][ C1] kasan_set_track+0x4c/0x84 [ 80.329696][ C1] kasan_set_free_info+0x28/0x4c [ 80.330510][ C1] ____kasan_slab_free+0x118/0x164 [ 80.331367][ C1] __kasan_slab_free+0x18/0x28 [ 80.332173][ C1] slab_free_freelist_hook+0x128/0x1e4 [ 80.333164][ C1] kmem_cache_free+0xdc/0x3b0 [ 80.333991][ C1] kfree_skbmem+0x114/0x1a8 [ 80.334765][ C1] consume_skb+0x140/0x338 [ 80.335497][ C1] skb_free_datagram+0x30/0xe4 [ 80.336267][ C1] __unix_dgram_recvmsg+0x7f8/0xb3c [ 80.337215][ C1] unix_dgram_recvmsg+0xd4/0xec [ 80.338093][ C1] sock_read_iter+0x250/0x300 [ 80.338915][ C1] vfs_read+0x588/0xa44 [ 80.339637][ C1] ksys_read+0x12c/0x224 [ 80.340358][ C1] __arm64_sys_read+0x7c/0x90 [ 80.341121][ C1] invoke_syscall+0x98/0x2b0 [ 80.341912][ C1] el0_svc_common+0x138/0x258 [ 80.342690][ C1] do_el0_svc+0x58/0x13c [ 80.343458][ C1] el0_svc+0x78/0x1d0 [ 80.344142][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.344999][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.345784][ C1] irq event stamp: 89002 [ 80.346524][ C1] hardirqs last enabled at (89001): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.348288][ C1] hardirqs last disabled at (89002): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.349959][ C1] softirqs last enabled at (88974): [] local_bh_enable+0x10/0x34 [ 80.351566][ C1] softirqs last disabled at (88972): [] local_bh_disable+0x10/0x34 [ 80.353152][ C1] ---[ end trace 2ba480db038c16df ]--- [ 80.425235][ T4995] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.426603][ T4995] Bad inode number on dev loop0: 2 is out of range [ 80.427740][ T4995] SysV FS: get root inode failed [ 80.428682][ T4995] oldfs: cannot read superblock [ 80.438006][ T4867] ------------[ cut here ]------------ [ 80.438839][ T4867] VFS: brelse: Trying to free free buffer [ 80.439691][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.441029][ T4867] Modules linked in: [ 80.441640][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 80.443005][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.444637][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.445978][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 80.446816][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 80.447701][ T4867] sp : ffff80001fc377c0 [ 80.448324][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 80.449597][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.450949][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1a15d0 [ 80.452314][ T4867] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.453656][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.455195][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.456581][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 80.457920][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.459284][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.460580][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.461906][ T4867] Call trace: [ 80.462452][ T4867] invalidate_bh_lru+0x128/0x22c [ 80.463315][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 80.464326][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.465213][ T4867] invalidate_bh_lrus+0x34/0x40 [ 80.466030][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 80.466978][ T4867] blkdev_put+0x490/0x6ac [ 80.467687][ T4867] blkdev_close+0x74/0xb0 [ 80.468401][ T4867] __fput+0x1c0/0x7e8 [ 80.469037][ T4867] ____fput+0x20/0x30 [ 80.469676][ T4867] task_work_run+0x12c/0x1d8 [ 80.470474][ T4867] do_notify_resume+0x2450/0x309c [ 80.471260][ T4867] el0_svc+0xf0/0x1d0 [ 80.471980][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 80.472838][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 80.473607][ T4867] irq event stamp: 328504 [ 80.474336][ T4867] hardirqs last enabled at (328503): [] kasan_quarantine_put+0xc4/0x200 [ 80.475969][ T4867] hardirqs last disabled at (328504): [] smp_call_function_many_cond+0xa44/0xeac [ 80.477712][ T4867] softirqs last enabled at (328490): [] local_bh_enable+0x10/0x34 [ 80.479319][ T4867] softirqs last disabled at (328488): [] local_bh_disable+0x10/0x34 [ 80.480914][ T4867] ---[ end trace 2ba480db038c16e0 ]--- [ 80.554988][ T4997] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.556543][ T4997] Bad inode number on dev loop0: 2 is out of range [ 80.557560][ T4997] SysV FS: get root inode failed [ 80.558338][ T4997] oldfs: cannot read superblock [ 80.564349][ T4867] ------------[ cut here ]------------ [ 80.565231][ T4867] VFS: brelse: Trying to free free buffer [ 80.566285][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.567717][ T4867] Modules linked in: [ 80.568399][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 80.569668][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.571363][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.572674][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 80.573565][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 80.574461][ T4867] sp : ffff80001fc377c0 [ 80.575169][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 80.576524][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.577907][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1a1970 [ 80.579288][ T4867] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.580643][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.582006][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.583460][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 80.584836][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.586218][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.587532][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.588900][ T4867] Call trace: [ 80.589442][ T4867] invalidate_bh_lru+0x128/0x22c [ 80.590281][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 80.591214][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.592065][ T4867] invalidate_bh_lrus+0x34/0x40 [ 80.592909][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 80.593760][ T4867] blkdev_put+0x490/0x6ac [ 80.594497][ T4867] blkdev_close+0x74/0xb0 [ 80.595259][ T4867] __fput+0x1c0/0x7e8 [ 80.595953][ T4867] ____fput+0x20/0x30 [ 80.596614][ T4867] task_work_run+0x12c/0x1d8 [ 80.597416][ T4867] do_notify_resume+0x2450/0x309c [ 80.598254][ T4867] el0_svc+0xf0/0x1d0 [ 80.598942][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 80.599794][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 80.600558][ T4867] irq event stamp: 332628 [ 80.601305][ T4867] hardirqs last enabled at (332627): [] kasan_quarantine_put+0xc4/0x200 [ 80.602902][ T4867] hardirqs last disabled at (332628): [] smp_call_function_many_cond+0xa44/0xeac [ 80.604741][ T4867] softirqs last enabled at (332360): [] local_bh_enable+0x10/0x34 [ 80.606335][ T4867] softirqs last disabled at (332358): [] local_bh_disable+0x10/0x34 [ 80.607864][ T4867] ---[ end trace 2ba480db038c16e1 ]--- [ 80.696048][ T4999] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.697253][ T4999] Bad inode number on dev loop0: 2 is out of range [ 80.698341][ T4999] SysV FS: get root inode failed [ 80.699177][ T4999] oldfs: cannot read superblock [ 80.705283][ C1] ------------[ cut here ]------------ [ 80.706190][ C1] VFS: brelse: Trying to free free buffer [ 80.707202][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.708566][ C1] Modules linked in: [ 80.709254][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.710718][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.712445][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.713783][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.714693][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.715583][ C1] sp : ffff800008017de0 [ 80.716248][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645b [ 80.717577][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.718972][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1a1d10 [ 80.720283][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 80.721590][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.722924][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.724318][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 19e79de5f0c73800 [ 80.725612][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.726978][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.728326][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.729625][ C1] Call trace: [ 80.730166][ C1] invalidate_bh_lru+0x128/0x22c [ 80.730957][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.731983][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.733113][ C1] ipi_handler+0x10c/0x6fc [ 80.733850][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.734732][ C1] handle_domain_irq+0x144/0x1fc [ 80.735506][ C1] gic_handle_irq+0x78/0x1b8 [ 80.736282][ C1] call_on_irq_stack+0x30/0x48 [ 80.737041][ C1] do_interrupt_handler+0x6c/0x88 [ 80.737825][ C1] el1_interrupt+0x30/0x58 [ 80.738594][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.739353][ C1] el1h_64_irq+0x78/0x7c [ 80.740089][ C1] __sanitizer_cov_trace_pc+0xc/0xac [ 80.740950][ C1] check_preemption_disabled+0x38/0x164 [ 80.741842][ C1] debug_smp_processor_id+0x20/0x2c [ 80.742770][ C1] rcu_is_watching+0x50/0x134 [ 80.743594][ C1] lock_acquire+0xc4/0x618 [ 80.744287][ C1] __might_fault+0xc8/0x128 [ 80.745034][ C1] do_ip6t_get_ctl+0xe7c/0x143c [ 80.745880][ C1] nf_getsockopt+0x264/0x284 [ 80.746679][ C1] ipv6_getsockopt+0x588/0x2538 [ 80.747486][ C1] tcp_getsockopt+0x210/0x2eec [ 80.748244][ C1] sock_common_getsockopt+0xa8/0xc4 [ 80.749089][ C1] __sys_getsockopt+0x1b8/0x250 [ 80.749841][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 80.750682][ C1] invoke_syscall+0x98/0x2b0 [ 80.751480][ C1] el0_svc_common+0x138/0x258 [ 80.752229][ C1] do_el0_svc+0x58/0x13c [ 80.752921][ C1] el0_svc+0x78/0x1d0 [ 80.753571][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.754426][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.755174][ C1] irq event stamp: 352564 [ 80.755892][ C1] hardirqs last enabled at (352563): [] alloc_counters+0x3d4/0x7a0 [ 80.757529][ C1] hardirqs last disabled at (352564): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.759291][ C1] softirqs last enabled at (352320): [] release_sock+0x1d0/0x258 [ 80.760984][ C1] softirqs last disabled at (352318): [] release_sock+0x34/0x258 [ 80.762612][ C1] ---[ end trace 2ba480db038c16e2 ]--- [ 80.798869][ T5001] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.800082][ T5001] Bad inode number on dev loop0: 2 is out of range [ 80.801193][ T5001] SysV FS: get root inode failed [ 80.802413][ T5001] oldfs: cannot read superblock [ 80.807051][ C0] ------------[ cut here ]------------ [ 80.807908][ C0] VFS: brelse: Trying to free free buffer [ 80.808832][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.810304][ C0] Modules linked in: [ 80.810945][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.812417][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.814145][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.815500][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 80.816418][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 80.817299][ C0] sp : ffff800008007de0 [ 80.818006][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 80.819427][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 80.820803][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcae87a0 [ 80.822146][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 80.823491][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.824790][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.826136][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 19e79de5f0c73800 [ 80.827509][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.828867][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.830276][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.831735][ C0] Call trace: [ 80.832296][ C0] invalidate_bh_lru+0x128/0x22c [ 80.833120][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.834126][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.835336][ C0] ipi_handler+0x10c/0x6fc [ 80.836045][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 80.836996][ C0] handle_domain_irq+0x144/0x1fc [ 80.837855][ C0] gic_handle_irq+0x78/0x1b8 [ 80.838694][ C0] call_on_irq_stack+0x30/0x48 [ 80.839502][ C0] do_interrupt_handler+0x6c/0x88 [ 80.840390][ C0] el1_interrupt+0x30/0x58 [ 80.841101][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.841953][ C0] el1h_64_irq+0x78/0x7c [ 80.842671][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 80.843599][ C0] debug_object_activate+0x258/0x4b4 [ 80.844500][ C0] call_rcu+0x54/0x8f4 [ 80.845239][ C0] evict+0x760/0x828 [ 80.845896][ C0] iput+0x6ac/0x764 [ 80.846549][ C0] vfs_rmdir+0x2f4/0x3ec [ 80.847311][ C0] do_rmdir+0x24c/0x64c [ 80.848038][ C0] __arm64_sys_unlinkat+0xcc/0xfc [ 80.848960][ C0] invoke_syscall+0x98/0x2b0 [ 80.849774][ C0] el0_svc_common+0x138/0x258 [ 80.850615][ C0] do_el0_svc+0x58/0x13c [ 80.851344][ C0] el0_svc+0x78/0x1d0 [ 80.852061][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.852866][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.853578][ C0] irq event stamp: 354172 [ 80.854288][ C0] hardirqs last enabled at (354171): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.856126][ C0] hardirqs last disabled at (354172): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.857828][ C0] softirqs last enabled at (354004): [] local_bh_enable+0x10/0x34 [ 80.859509][ C0] softirqs last disabled at (354002): [] local_bh_disable+0x10/0x34 [ 80.861215][ C0] ---[ end trace 2ba480db038c16e3 ]--- [ 80.943249][ T5003] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.944506][ T5003] Bad inode number on dev loop0: 2 is out of range [ 80.945595][ T5003] SysV FS: get root inode failed [ 80.946402][ T5003] oldfs: cannot read superblock [ 80.950836][ C1] ------------[ cut here ]------------ [ 80.951712][ C1] VFS: brelse: Trying to free free buffer [ 80.952715][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.954209][ C1] Modules linked in: [ 80.954856][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 80.956344][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.958075][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.959463][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.960400][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.961286][ C1] sp : ffff800008017de0 [ 80.961956][ C1] x29: ffff800008017de0 x28: ffff0000d61b9b40 x27: 1fffe000341f645b [ 80.963286][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.964634][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1d4148 [ 80.966078][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 80.967407][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.968763][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.969978][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 6dbd0b20b0315400 [ 80.971334][ C1] x8 : 6dbd0b20b0315400 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.972738][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.974045][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.975340][ C1] Call trace: [ 80.975879][ C1] invalidate_bh_lru+0x128/0x22c [ 80.976715][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.977701][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.978878][ C1] ipi_handler+0x10c/0x6fc [ 80.979603][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.980576][ C1] handle_domain_irq+0x144/0x1fc [ 80.981464][ C1] gic_handle_irq+0x78/0x1b8 [ 80.982218][ C1] call_on_irq_stack+0x30/0x48 [ 80.982984][ C1] do_interrupt_handler+0x6c/0x88 [ 80.983839][ C1] el1_interrupt+0x30/0x58 [ 80.984630][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.985411][ C1] el1h_64_irq+0x78/0x7c [ 80.986103][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 80.987094][ C1] debug_check_no_obj_freed+0x450/0x46c [ 80.988021][ C1] slab_free_freelist_hook+0x9c/0x1e4 [ 80.988970][ C1] kmem_cache_free+0xdc/0x3b0 [ 80.989757][ C1] user_path_at_empty+0x144/0x1a0 [ 80.990675][ C1] vfs_statx+0xf8/0x490 [ 80.991352][ C1] __arm64_sys_newfstatat+0x124/0x1bc [ 80.992249][ C1] invoke_syscall+0x98/0x2b0 [ 80.993024][ C1] el0_svc_common+0x138/0x258 [ 80.993805][ C1] do_el0_svc+0x58/0x13c [ 80.994517][ C1] el0_svc+0x78/0x1d0 [ 80.995195][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.996037][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.996821][ C1] irq event stamp: 1306500 [ 80.997547][ C1] hardirqs last enabled at (1306499): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.999343][ C1] hardirqs last disabled at (1306500): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.000992][ C1] softirqs last enabled at (1306486): [] local_bh_enable+0x10/0x34 [ 81.002570][ C1] softirqs last disabled at (1306484): [] local_bh_disable+0x10/0x34 [ 81.004042][ C1] ---[ end trace 2ba480db038c16e4 ]--- [ 81.093630][ T5005] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.094927][ T5005] Bad inode number on dev loop0: 2 is out of range [ 81.096024][ T5005] SysV FS: get root inode failed [ 81.096835][ T5005] oldfs: cannot read superblock [ 81.106746][ C1] ------------[ cut here ]------------ [ 81.107645][ C1] VFS: brelse: Trying to free free buffer [ 81.108647][ C1] WARNING: CPU: 1 PID: 5007 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.110036][ C1] Modules linked in: [ 81.110751][ C1] CPU: 1 PID: 5007 Comm: syz.0.79 Tainted: G W syzkaller #0 [ 81.112247][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.113918][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.115268][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.116163][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.117009][ C1] sp : ffff800008017de0 [ 81.117734][ C1] x29: ffff800008017de0 x28: ffff0000d7af9b40 x27: 1fffe000341f645c [ 81.119008][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.120315][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1d44e8 [ 81.121670][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.123008][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.124301][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.125587][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 3dd1bfea3b822300 [ 81.126961][ C1] x8 : 3dd1bfea3b822300 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.128261][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.129697][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.131135][ C1] Call trace: [ 81.131695][ C1] invalidate_bh_lru+0x128/0x22c [ 81.132529][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.133585][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.134869][ C1] ipi_handler+0x10c/0x6fc [ 81.135766][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.136773][ C1] handle_domain_irq+0x144/0x1fc [ 81.137591][ C1] gic_handle_irq+0x78/0x1b8 [ 81.138392][ C1] call_on_irq_stack+0x30/0x48 [ 81.139205][ C1] do_interrupt_handler+0x6c/0x88 [ 81.140106][ C1] el1_interrupt+0x30/0x58 [ 81.140902][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.141700][ C1] el1h_64_irq+0x78/0x7c [ 81.142394][ C1] try_charge_memcg+0x1e4/0x11a0 [ 81.143209][ C1] charge_memcg+0xac/0x21c [ 81.144011][ C1] __mem_cgroup_charge+0x38/0xb0 [ 81.144880][ C1] handle_mm_fault+0x1808/0x2a28 [ 81.145710][ C1] do_page_fault+0x67c/0xab0 [ 81.146491][ C1] do_translation_fault+0xe0/0x130 [ 81.147329][ C1] do_mem_abort+0x6c/0x1ac [ 81.148125][ C1] el0_da+0x90/0x1ec [ 81.148756][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 81.149606][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.150389][ C1] irq event stamp: 188 [ 81.151080][ C1] hardirqs last enabled at (187): [] try_charge_memcg+0x1d4/0x11a0 [ 81.152687][ C1] hardirqs last disabled at (188): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.154292][ C1] softirqs last enabled at (48): [] local_bh_enable+0x10/0x34 [ 81.155873][ C1] softirqs last disabled at (46): [] local_bh_disable+0x10/0x34 [ 81.157422][ C1] ---[ end trace 2ba480db038c16e5 ]--- [ 81.193423][ T5007] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.194600][ T5007] Bad inode number on dev loop0: 2 is out of range [ 81.195650][ T5007] SysV FS: get root inode failed [ 81.196503][ T5007] oldfs: cannot read superblock [ 81.201448][ T4867] ------------[ cut here ]------------ [ 81.202336][ T4867] VFS: brelse: Trying to free free buffer [ 81.203393][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.204843][ T4867] Modules linked in: [ 81.205468][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 81.206904][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.208704][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.210122][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 81.211059][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 81.211939][ T4867] sp : ffff80001fc377c0 [ 81.212649][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 81.214024][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.215470][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1d4888 [ 81.216850][ T4867] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.218195][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.219494][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.220881][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 81.222251][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.223667][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.225017][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.226351][ T4867] Call trace: [ 81.226878][ T4867] invalidate_bh_lru+0x128/0x22c [ 81.227678][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 81.228670][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.229518][ T4867] invalidate_bh_lrus+0x34/0x40 [ 81.230291][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 81.231125][ T4867] blkdev_put+0x490/0x6ac [ 81.231835][ T4867] blkdev_close+0x74/0xb0 [ 81.232529][ T4867] __fput+0x1c0/0x7e8 [ 81.233242][ T4867] ____fput+0x20/0x30 [ 81.233972][ T4867] task_work_run+0x12c/0x1d8 [ 81.234767][ T4867] do_notify_resume+0x2450/0x309c [ 81.235643][ T4867] el0_svc+0xf0/0x1d0 [ 81.236314][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 81.237182][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 81.237893][ T4867] irq event stamp: 359478 [ 81.238614][ T4867] hardirqs last enabled at (359477): [] kasan_quarantine_put+0xc4/0x200 [ 81.240225][ T4867] hardirqs last disabled at (359478): [] smp_call_function_many_cond+0xa44/0xeac [ 81.241962][ T4867] softirqs last enabled at (359194): [] local_bh_enable+0x10/0x34 [ 81.243480][ T4867] softirqs last disabled at (359192): [] local_bh_disable+0x10/0x34 [ 81.245070][ T4867] ---[ end trace 2ba480db038c16e6 ]--- [ 81.274743][ T5009] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.275942][ T5009] Bad inode number on dev loop0: 2 is out of range [ 81.277060][ T5009] SysV FS: get root inode failed [ 81.277923][ T5009] oldfs: cannot read superblock [ 81.287518][ T4867] ------------[ cut here ]------------ [ 81.288387][ T4867] VFS: brelse: Trying to free free buffer [ 81.289402][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.290860][ T4867] Modules linked in: [ 81.291491][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 81.292908][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.294635][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.295972][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 81.296921][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 81.297787][ T4867] sp : ffff80001fc377c0 [ 81.298521][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 81.299759][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.301126][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0576318 [ 81.302494][ T4867] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.303882][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.305296][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.306535][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 81.307890][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.309295][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.310666][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.312026][ T4867] Call trace: [ 81.312579][ T4867] invalidate_bh_lru+0x128/0x22c [ 81.313426][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 81.314467][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.315310][ T4867] invalidate_bh_lrus+0x34/0x40 [ 81.316170][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 81.317036][ T4867] blkdev_put+0x490/0x6ac [ 81.317779][ T4867] blkdev_close+0x74/0xb0 [ 81.318500][ T4867] __fput+0x1c0/0x7e8 [ 81.319242][ T4867] ____fput+0x20/0x30 [ 81.319944][ T4867] task_work_run+0x12c/0x1d8 [ 81.320720][ T4867] do_notify_resume+0x2450/0x309c [ 81.321577][ T4867] el0_svc+0xf0/0x1d0 [ 81.322239][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 81.323103][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 81.323834][ T4867] irq event stamp: 368944 [ 81.324492][ T4867] hardirqs last enabled at (368943): [] kasan_quarantine_put+0xc4/0x200 [ 81.326099][ T4867] hardirqs last disabled at (368944): [] smp_call_function_many_cond+0xa44/0xeac [ 81.327865][ T4867] softirqs last enabled at (368682): [] local_bh_enable+0x10/0x34 [ 81.329510][ T4867] softirqs last disabled at (368680): [] local_bh_disable+0x10/0x34 [ 81.331089][ T4867] ---[ end trace 2ba480db038c16e7 ]--- [ 81.425192][ T5011] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.426381][ T5011] Bad inode number on dev loop0: 2 is out of range [ 81.427489][ T5011] SysV FS: get root inode failed [ 81.428334][ T5011] oldfs: cannot read superblock [ 81.433195][ C0] ------------[ cut here ]------------ [ 81.434086][ C0] VFS: brelse: Trying to free free buffer [ 81.435016][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.436314][ C0] Modules linked in: [ 81.436913][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.438366][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.440021][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.441293][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 81.442228][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 81.443167][ C0] sp : ffff800008007de0 [ 81.443885][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 81.445200][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.446570][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05766b8 [ 81.447929][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.449244][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.450628][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.451948][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 81.453330][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.454736][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.456027][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.457338][ C0] Call trace: [ 81.457898][ C0] invalidate_bh_lru+0x128/0x22c [ 81.458725][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.459692][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.460825][ C0] ipi_handler+0x10c/0x6fc [ 81.461560][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 81.462479][ C0] handle_domain_irq+0x144/0x1fc [ 81.463254][ C0] gic_handle_irq+0x78/0x1b8 [ 81.464045][ C0] call_on_irq_stack+0x30/0x48 [ 81.464839][ C0] do_interrupt_handler+0x6c/0x88 [ 81.465669][ C0] el1_interrupt+0x30/0x58 [ 81.466407][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.467291][ C0] el1h_64_irq+0x78/0x7c [ 81.468066][ C0] qlist_free_all+0x84/0xa8 [ 81.468875][ C0] kasan_quarantine_reduce+0x124/0x130 [ 81.469780][ C0] __kasan_slab_alloc+0x34/0xcc [ 81.470585][ C0] slab_post_alloc_hook+0x74/0x3f8 [ 81.471434][ C0] kmem_cache_alloc+0x1d8/0x3d4 [ 81.472289][ C0] getname_flags+0xb8/0x450 [ 81.473054][ C0] user_path_at_empty+0x40/0x1a0 [ 81.473870][ C0] __arm64_sys_umount+0xf8/0x184 [ 81.474669][ C0] invoke_syscall+0x98/0x2b0 [ 81.475442][ C0] el0_svc_common+0x138/0x258 [ 81.476204][ C0] do_el0_svc+0x58/0x13c [ 81.476924][ C0] el0_svc+0x78/0x1d0 [ 81.477582][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.478426][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.479107][ C0] irq event stamp: 369766 [ 81.479840][ C0] hardirqs last enabled at (369765): [] put_cpu_partial+0x188/0x214 [ 81.481492][ C0] hardirqs last disabled at (369766): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.483192][ C0] softirqs last enabled at (369206): [] local_bh_enable+0x10/0x34 [ 81.484862][ C0] softirqs last disabled at (369204): [] local_bh_disable+0x10/0x34 [ 81.486406][ C0] ---[ end trace 2ba480db038c16e8 ]--- [ 81.582822][ T5013] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.584043][ T5013] Bad inode number on dev loop0: 2 is out of range [ 81.585096][ T5013] SysV FS: get root inode failed [ 81.586063][ T5013] oldfs: cannot read superblock [ 81.596163][ C1] ------------[ cut here ]------------ [ 81.597086][ C1] VFS: brelse: Trying to free free buffer [ 81.598060][ C1] WARNING: CPU: 1 PID: 5015 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.599492][ C1] Modules linked in: [ 81.600106][ C1] CPU: 1 PID: 5015 Comm: syz.0.83 Tainted: G W syzkaller #0 [ 81.601598][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.603333][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.604670][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.605577][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.606455][ C1] sp : ffff800008017de0 [ 81.607171][ C1] x29: ffff800008017de0 x28: ffff0000dbc0b680 x27: 1fffe000341f645c [ 81.608558][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.609962][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df1d4c28 [ 81.611283][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.612657][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.614026][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.615393][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 2364b697ceba0e00 [ 81.616795][ C1] x8 : 2364b697ceba0e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.618123][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.619434][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.620769][ C1] Call trace: [ 81.621266][ C1] invalidate_bh_lru+0x128/0x22c [ 81.622115][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.623130][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.624304][ C1] ipi_handler+0x10c/0x6fc [ 81.625034][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.625930][ C1] handle_domain_irq+0x144/0x1fc [ 81.626762][ C1] gic_handle_irq+0x78/0x1b8 [ 81.627466][ C1] call_on_irq_stack+0x30/0x48 [ 81.628251][ C1] do_interrupt_handler+0x6c/0x88 [ 81.629046][ C1] el0_interrupt+0x94/0x248 [ 81.629854][ C1] __el0_irq_handler_common+0x18/0x24 [ 81.630788][ C1] el0t_64_irq_handler+0x10/0x1c [ 81.631626][ C1] el0t_64_irq+0x1a0/0x1a4 [ 81.632374][ C1] irq event stamp: 138 [ 81.633017][ C1] hardirqs last enabled at (137): [] el0t_64_sync_handler+0xd8/0xe4 [ 81.634628][ C1] hardirqs last disabled at (138): [] __el0_irq_handler_common+0x18/0x24 [ 81.636233][ C1] softirqs last enabled at (48): [] local_bh_enable+0x10/0x34 [ 81.637732][ C1] softirqs last disabled at (46): [] local_bh_disable+0x10/0x34 [ 81.639254][ C1] ---[ end trace 2ba480db038c16e9 ]--- [ 81.711318][ T5015] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.712554][ T5015] Bad inode number on dev loop0: 2 is out of range [ 81.713538][ T5015] SysV FS: get root inode failed [ 81.714247][ T5015] oldfs: cannot read superblock [ 81.715901][ C1] ------------[ cut here ]------------ [ 81.716728][ C1] VFS: brelse: Trying to free free buffer [ 81.717726][ C1] WARNING: CPU: 1 PID: 5015 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.719141][ C1] Modules linked in: [ 81.719767][ C1] CPU: 1 PID: 5015 Comm: syz.0.83 Tainted: G W syzkaller #0 [ 81.721270][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.722987][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.724328][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.725200][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.726050][ C1] sp : ffff800008017de0 [ 81.726702][ C1] x29: ffff800008017de0 x28: ffff0000dbc0b680 x27: 1fffe000341f645c [ 81.728003][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.729366][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba8060 [ 81.730701][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 81.732060][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.733438][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.734805][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 2364b697ceba0e00 [ 81.736241][ C1] x8 : 2364b697ceba0e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.737646][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.739001][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.740358][ C1] Call trace: [ 81.740893][ C1] invalidate_bh_lru+0x128/0x22c [ 81.741735][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.742761][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.743939][ C1] ipi_handler+0x10c/0x6fc [ 81.744659][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.745649][ C1] handle_domain_irq+0x144/0x1fc [ 81.746421][ C1] gic_handle_irq+0x78/0x1b8 [ 81.747191][ C1] call_on_irq_stack+0x30/0x48 [ 81.748019][ C1] do_interrupt_handler+0x6c/0x88 [ 81.748836][ C1] el1_interrupt+0x30/0x58 [ 81.749522][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.750338][ C1] el1h_64_irq+0x78/0x7c [ 81.751081][ C1] lock_page_memcg+0x120/0x22c [ 81.751937][ C1] page_remove_rmap+0x3c/0xf90 [ 81.752756][ C1] unmap_page_range+0xb78/0x190c [ 81.753527][ C1] unmap_single_vma+0x13c/0x1e4 [ 81.754333][ C1] unmap_vmas+0x10c/0x214 [ 81.755066][ C1] exit_mmap+0x2c4/0x508 [ 81.755790][ C1] __mmput+0xec/0x3a8 [ 81.756510][ C1] mmput+0x80/0xc0 [ 81.757151][ C1] exit_mm+0x4ac/0x664 [ 81.757856][ C1] do_exit+0x4f0/0x1f50 [ 81.758576][ C1] do_group_exit+0x100/0x268 [ 81.759337][ C1] get_signal+0x73c/0x1334 [ 81.760106][ C1] do_notify_resume+0x354/0x309c [ 81.760920][ C1] el0_svc+0xf0/0x1d0 [ 81.761603][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.762468][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.763231][ C1] irq event stamp: 1694 [ 81.763936][ C1] hardirqs last enabled at (1693): [] lock_page_memcg+0x110/0x22c [ 81.765513][ C1] hardirqs last disabled at (1694): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.767196][ C1] softirqs last enabled at (1252): [] local_bh_enable+0x10/0x34 [ 81.768760][ C1] softirqs last disabled at (1250): [] local_bh_disable+0x10/0x34 [ 81.770395][ C1] ---[ end trace 2ba480db038c16ea ]--- [ 81.863401][ T5017] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.864631][ T5017] Bad inode number on dev loop0: 2 is out of range [ 81.865749][ T5017] SysV FS: get root inode failed [ 81.866596][ T5017] oldfs: cannot read superblock [ 81.872512][ C0] ------------[ cut here ]------------ [ 81.873397][ C0] VFS: brelse: Trying to free free buffer [ 81.874336][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.875706][ C0] Modules linked in: [ 81.876350][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.877766][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.879379][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.880646][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 81.881536][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 81.882492][ C0] sp : ffff800008007de0 [ 81.883206][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225b [ 81.884532][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 81.885814][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0576a58 [ 81.887126][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.888401][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.889711][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.891020][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 81.892372][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.893767][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.895057][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.896272][ C0] Call trace: [ 81.896762][ C0] invalidate_bh_lru+0x128/0x22c [ 81.897601][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.898663][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.899797][ C0] ipi_handler+0x10c/0x6fc [ 81.900539][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 81.901485][ C0] handle_domain_irq+0x144/0x1fc [ 81.902290][ C0] gic_handle_irq+0x78/0x1b8 [ 81.903052][ C0] call_on_irq_stack+0x30/0x48 [ 81.903879][ C0] do_interrupt_handler+0x6c/0x88 [ 81.904726][ C0] el1_interrupt+0x30/0x58 [ 81.905510][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.906363][ C0] el1h_64_irq+0x78/0x7c [ 81.907067][ C0] __sanitizer_cov_trace_const_cmp8+0xbc/0xc0 [ 81.908092][ C0] xt_data_to_user+0x70/0x308 [ 81.908860][ C0] xt_target_to_user+0xfc/0x1a8 [ 81.909671][ C0] do_ipt_get_ctl+0x104c/0x143c [ 81.910511][ C0] nf_getsockopt+0x264/0x284 [ 81.911250][ C0] ip_getsockopt+0x122c/0x1664 [ 81.912046][ C0] tcp_getsockopt+0x210/0x2eec [ 81.912861][ C0] sock_common_getsockopt+0xa8/0xc4 [ 81.913769][ C0] __sys_getsockopt+0x1b8/0x250 [ 81.914612][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 81.915440][ C0] invoke_syscall+0x98/0x2b0 [ 81.916233][ C0] el0_svc_common+0x138/0x258 [ 81.917025][ C0] do_el0_svc+0x58/0x13c [ 81.917747][ C0] el0_svc+0x78/0x1d0 [ 81.918463][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.919261][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.920033][ C0] irq event stamp: 379658 [ 81.920747][ C0] hardirqs last enabled at (379657): [] alloc_counters+0x3d4/0x7a0 [ 81.922398][ C0] hardirqs last disabled at (379658): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.924078][ C0] softirqs last enabled at (379636): [] release_sock+0x1d0/0x258 [ 81.925675][ C0] softirqs last disabled at (379634): [] release_sock+0x34/0x258 [ 81.927249][ C0] ---[ end trace 2ba480db038c16eb ]--- [ 81.976387][ T5019] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.977622][ T5019] Bad inode number on dev loop0: 2 is out of range [ 81.978734][ T5019] SysV FS: get root inode failed [ 81.979620][ T5019] oldfs: cannot read superblock [ 81.989302][ C1] ------------[ cut here ]------------ [ 81.990194][ C1] VFS: brelse: Trying to free free buffer [ 81.991216][ C1] WARNING: CPU: 1 PID: 5021 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.992743][ C1] Modules linked in: [ 81.993411][ C1] CPU: 1 PID: 5021 Comm: syz.0.86 Tainted: G W syzkaller #0 [ 81.994894][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.996746][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.998050][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.998958][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.999866][ C1] sp : ffff800008017de0 [ 82.000574][ C1] x29: ffff800008017de0 x28: ffff0000d4a151c0 x27: 1fffe000341f645c [ 82.001892][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.003216][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba8400 [ 82.004576][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010005 [ 82.005873][ C1] x17: 0000000000010005 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.007209][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.008611][ C1] x11: 0000000000010004 x10: 0000000000010004 x9 : 7b9de7e6cf0ffc00 [ 82.009963][ C1] x8 : 7b9de7e6cf0ffc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.011289][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.012662][ C1] x2 : 0000000000000001 x1 : 0000000100010004 x0 : 0000000000000027 [ 82.014026][ C1] Call trace: [ 82.014607][ C1] invalidate_bh_lru+0x128/0x22c [ 82.015433][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.016463][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.017596][ C1] ipi_handler+0x10c/0x6fc [ 82.018314][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.019260][ C1] handle_domain_irq+0x144/0x1fc [ 82.020104][ C1] gic_handle_irq+0x78/0x1b8 [ 82.020913][ C1] call_on_irq_stack+0x30/0x48 [ 82.021700][ C1] do_interrupt_handler+0x6c/0x88 [ 82.022505][ C1] el1_interrupt+0x30/0x58 [ 82.023211][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.023998][ C1] el1h_64_irq+0x78/0x7c [ 82.024712][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 82.025650][ C1] __pagevec_lru_add+0x1258/0x1588 [ 82.026469][ C1] lru_cache_add+0x470/0x6dc [ 82.027246][ C1] lru_cache_add_inactive_or_unevictable+0x130/0x2f0 [ 82.028309][ C1] handle_mm_fault+0x23a0/0x2a28 [ 82.029108][ C1] do_page_fault+0x67c/0xab0 [ 82.029836][ C1] do_translation_fault+0xe0/0x130 [ 82.030662][ C1] do_mem_abort+0x6c/0x1ac [ 82.031394][ C1] el0_da+0x90/0x1ec [ 82.032028][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 82.032781][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.033510][ C1] irq event stamp: 124 [ 82.034165][ C1] hardirqs last enabled at (123): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 82.035969][ C1] hardirqs last disabled at (124): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.037611][ C1] softirqs last enabled at (48): [] local_bh_enable+0x10/0x34 [ 82.039215][ C1] softirqs last disabled at (46): [] local_bh_disable+0x10/0x34 [ 82.040826][ C1] ---[ end trace 2ba480db038c16ec ]--- [ 82.183016][ T5021] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.184222][ T5021] Bad inode number on dev loop0: 2 is out of range [ 82.185253][ T5021] SysV FS: get root inode failed [ 82.186032][ T5021] oldfs: cannot read superblock [ 82.186831][ T5021] ------------[ cut here ]------------ [ 82.187779][ T5021] VFS: brelse: Trying to free free buffer [ 82.188702][ T5021] WARNING: CPU: 0 PID: 5021 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.190191][ T5021] Modules linked in: [ 82.190893][ T5021] CPU: 0 PID: 5021 Comm: syz.0.86 Tainted: G W syzkaller #0 [ 82.192455][ T5021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.194292][ T5021] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.195597][ T5021] pc : invalidate_bh_lru+0x128/0x22c [ 82.196472][ T5021] lr : invalidate_bh_lru+0x128/0x22c [ 82.197281][ T5021] sp : ffff8000200e76e0 [ 82.198013][ T5021] x29: ffff8000200e76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 82.199255][ T5021] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 82.200624][ T5021] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d0576df8 [ 82.201992][ T5021] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.203387][ T5021] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.204696][ T5021] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.206058][ T5021] x11: 0000000000000002 x10: 0000000000000000 x9 : 7b9de7e6cf0ffc00 [ 82.207516][ T5021] x8 : 7b9de7e6cf0ffc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.208946][ T5021] x5 : ffff8000200e6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.210427][ T5021] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.211866][ T5021] Call trace: [ 82.212473][ T5021] invalidate_bh_lru+0x128/0x22c [ 82.213357][ T5021] smp_call_function_many_cond+0xa50/0xeac [ 82.214379][ T5021] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.215257][ T5021] invalidate_bh_lrus+0x34/0x40 [ 82.216050][ T5021] blkdev_flush_mapping+0x16c/0x334 [ 82.216976][ T5021] blkdev_put+0x490/0x6ac [ 82.217736][ T5021] kill_block_super+0x98/0xdc [ 82.218534][ T5021] deactivate_locked_super+0xb8/0x134 [ 82.219428][ T5021] mount_bdev+0x284/0x358 [ 82.220185][ T5021] sysv_mount+0x44/0x58 [ 82.220925][ T5021] legacy_get_tree+0xd4/0x16c [ 82.221726][ T5021] vfs_get_tree+0x90/0x274 [ 82.222477][ T5021] do_new_mount+0x228/0x810 [ 82.223190][ T5021] path_mount+0x5bc/0x1008 [ 82.223936][ T5021] __arm64_sys_mount+0x514/0x5f0 [ 82.224779][ T5021] invoke_syscall+0x98/0x2b0 [ 82.225537][ T5021] el0_svc_common+0x138/0x258 [ 82.226318][ T5021] do_el0_svc+0x58/0x13c [ 82.227051][ T5021] el0_svc+0x78/0x1d0 [ 82.227747][ T5021] el0t_64_sync_handler+0xcc/0xe4 [ 82.228617][ T5021] el0t_64_sync+0x1a0/0x1a4 [ 82.229392][ T5021] irq event stamp: 1206 [ 82.230046][ T5021] hardirqs last enabled at (1205): [] kasan_quarantine_put+0xc4/0x200 [ 82.231716][ T5021] hardirqs last disabled at (1206): [] smp_call_function_many_cond+0xa44/0xeac [ 82.233434][ T5021] softirqs last enabled at (1016): [] local_bh_enable+0x10/0x34 [ 82.234966][ T5021] softirqs last disabled at (1014): [] local_bh_disable+0x10/0x34 [ 82.236598][ T5021] ---[ end trace 2ba480db038c16ed ]--- [ 82.363750][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.365031][ T5023] Bad inode number on dev loop0: 2 is out of range [ 82.366090][ T5023] SysV FS: get root inode failed [ 82.366958][ T5023] oldfs: cannot read superblock [ 82.371027][ C1] ------------[ cut here ]------------ [ 82.371934][ C1] VFS: brelse: Trying to free free buffer [ 82.372933][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.374429][ C1] Modules linked in: [ 82.375061][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.376675][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.378401][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.379715][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.380642][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.381560][ C1] sp : ffff800008017de0 [ 82.382278][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645c [ 82.383605][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.385086][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba87a0 [ 82.386553][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.387920][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.389270][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.390653][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 82.392052][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.393330][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.394730][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.396180][ C1] Call trace: [ 82.396749][ C1] invalidate_bh_lru+0x128/0x22c [ 82.397613][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.398700][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.399888][ C1] ipi_handler+0x10c/0x6fc [ 82.400638][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.401629][ C1] handle_domain_irq+0x144/0x1fc [ 82.402495][ C1] gic_handle_irq+0x78/0x1b8 [ 82.403289][ C1] call_on_irq_stack+0x30/0x48 [ 82.404097][ C1] do_interrupt_handler+0x6c/0x88 [ 82.404951][ C1] el0_interrupt+0x94/0x248 [ 82.405768][ C1] __el0_irq_handler_common+0x18/0x24 [ 82.406669][ C1] el0t_64_irq_handler+0x10/0x1c [ 82.407543][ C1] el0t_64_irq+0x1a0/0x1a4 [ 82.408307][ C1] irq event stamp: 387808 [ 82.408985][ C1] hardirqs last enabled at (387807): [] el0t_64_sync_handler+0x6c/0xe4 [ 82.410671][ C1] hardirqs last disabled at (387808): [] __el0_irq_handler_common+0x18/0x24 [ 82.412454][ C1] softirqs last enabled at (387804): [] local_bh_enable+0x10/0x34 [ 82.414072][ C1] softirqs last disabled at (387802): [] local_bh_disable+0x10/0x34 [ 82.415675][ C1] ---[ end trace 2ba480db038c16ee ]--- [ 82.473310][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.474566][ T5025] Bad inode number on dev loop0: 2 is out of range [ 82.475646][ T5025] SysV FS: get root inode failed [ 82.476489][ T5025] oldfs: cannot read superblock [ 82.487358][ C0] ------------[ cut here ]------------ [ 82.488280][ C0] VFS: brelse: Trying to free free buffer [ 82.489247][ C0] WARNING: CPU: 0 PID: 5027 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.490683][ C0] Modules linked in: [ 82.491287][ C0] CPU: 0 PID: 5027 Comm: syz.0.89 Tainted: G W syzkaller #0 [ 82.492632][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.494355][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.495602][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.496426][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.497244][ C0] sp : ffff800008007de0 [ 82.497885][ C0] x29: ffff800008007de0 x28: ffff0000cda80000 x27: 1fffe000341f225c [ 82.499220][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 82.500462][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a0230 [ 82.501864][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.503242][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.504627][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.505952][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : e09acb6e14b96200 [ 82.507305][ C0] x8 : e09acb6e14b96200 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.508695][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.510048][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.511433][ C0] Call trace: [ 82.512005][ C0] invalidate_bh_lru+0x128/0x22c [ 82.512875][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.513915][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.515072][ C0] ipi_handler+0x10c/0x6fc [ 82.515812][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.516709][ C0] handle_domain_irq+0x144/0x1fc [ 82.517566][ C0] gic_handle_irq+0x78/0x1b8 [ 82.518333][ C0] call_on_irq_stack+0x30/0x48 [ 82.519151][ C0] do_interrupt_handler+0x6c/0x88 [ 82.520016][ C0] el1_interrupt+0x30/0x58 [ 82.520794][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.521640][ C0] el1h_64_irq+0x78/0x7c [ 82.522356][ C0] __sanitizer_cov_trace_pc+0xa8/0xac [ 82.523293][ C0] devcgroup_check_permission+0x734/0x800 [ 82.524204][ C0] inode_permission+0x2ac/0x3c0 [ 82.525010][ C0] may_open+0x274/0x3b8 [ 82.525756][ C0] path_openat+0x1e9c/0x2718 [ 82.526548][ C0] do_filp_open+0x184/0x368 [ 82.527278][ C0] do_sys_openat2+0x134/0x3f4 [ 82.528090][ C0] __arm64_sys_openat+0x118/0x14c [ 82.528969][ C0] invoke_syscall+0x98/0x2b0 [ 82.529715][ C0] el0_svc_common+0x138/0x258 [ 82.530499][ C0] do_el0_svc+0x58/0x13c [ 82.531205][ C0] el0_svc+0x78/0x1d0 [ 82.531848][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.532711][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.533472][ C0] irq event stamp: 670 [ 82.534165][ C0] hardirqs last enabled at (669): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 82.535978][ C0] hardirqs last disabled at (670): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.537556][ C0] softirqs last enabled at (48): [] local_bh_enable+0x10/0x34 [ 82.539060][ C0] softirqs last disabled at (46): [] local_bh_disable+0x10/0x34 [ 82.540646][ C0] ---[ end trace 2ba480db038c16ef ]--- [ 82.569114][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.570317][ T5027] Bad inode number on dev loop0: 2 is out of range [ 82.571481][ T5027] SysV FS: get root inode failed [ 82.572447][ T5027] oldfs: cannot read superblock [ 82.579412][ T4867] ------------[ cut here ]------------ [ 82.580319][ T4867] VFS: brelse: Trying to free free buffer [ 82.581317][ T4867] WARNING: CPU: 1 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.582858][ T4867] Modules linked in: [ 82.583569][ T4867] CPU: 1 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 82.585018][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.586691][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.587942][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 82.588769][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 82.589581][ T4867] sp : ffff80001fc377c0 [ 82.590175][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 82.591395][ T4867] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 82.592684][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba8b40 [ 82.593921][ T4867] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.595153][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.596458][ T4867] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.597774][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 82.599125][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.600374][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.601659][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.603026][ T4867] Call trace: [ 82.603604][ T4867] invalidate_bh_lru+0x128/0x22c [ 82.604369][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 82.605379][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.606266][ T4867] invalidate_bh_lrus+0x34/0x40 [ 82.607093][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 82.607971][ T4867] blkdev_put+0x490/0x6ac [ 82.608726][ T4867] blkdev_close+0x74/0xb0 [ 82.609512][ T4867] __fput+0x1c0/0x7e8 [ 82.610206][ T4867] ____fput+0x20/0x30 [ 82.610861][ T4867] task_work_run+0x12c/0x1d8 [ 82.611620][ T4867] do_notify_resume+0x2450/0x309c [ 82.612505][ T4867] el0_svc+0xf0/0x1d0 [ 82.613168][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 82.614036][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 82.614796][ T4867] irq event stamp: 420846 [ 82.615584][ T4867] hardirqs last enabled at (420845): [] kasan_quarantine_put+0xc4/0x200 [ 82.617320][ T4867] hardirqs last disabled at (420846): [] smp_call_function_many_cond+0xa44/0xeac [ 82.619078][ T4867] softirqs last enabled at (420590): [] local_bh_enable+0x10/0x34 [ 82.620696][ T4867] softirqs last disabled at (420588): [] local_bh_disable+0x10/0x34 [ 82.622253][ T4867] ---[ end trace 2ba480db038c16f0 ]--- [ 82.657884][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.659144][ T5029] Bad inode number on dev loop0: 2 is out of range [ 82.660288][ T5029] SysV FS: get root inode failed [ 82.661134][ T5029] oldfs: cannot read superblock [ 82.665214][ C1] ------------[ cut here ]------------ [ 82.666090][ C1] VFS: brelse: Trying to free free buffer [ 82.667072][ C1] WARNING: CPU: 1 PID: 4399 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.668469][ C1] Modules linked in: [ 82.669146][ C1] CPU: 1 PID: 4399 Comm: syz-execprog Tainted: G W syzkaller #0 [ 82.670619][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.672400][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.673701][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.674597][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.675464][ C1] sp : ffff800008017de0 [ 82.676177][ C1] x29: ffff800008017de0 x28: ffff0000c89e0000 x27: 1fffe000341f645c [ 82.677515][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.678846][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcba8ee0 [ 82.680244][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010004 [ 82.681637][ C1] x17: 0000000000010004 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.682987][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.684386][ C1] x11: 0000000000010003 x10: 0000000000010003 x9 : 7187c4e5e8027500 [ 82.685695][ C1] x8 : 7187c4e5e8027500 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.687152][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.688536][ C1] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 82.689876][ C1] Call trace: [ 82.690442][ C1] invalidate_bh_lru+0x128/0x22c [ 82.691257][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.692204][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.693336][ C1] ipi_handler+0x10c/0x6fc [ 82.694052][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.694981][ C1] handle_domain_irq+0x144/0x1fc [ 82.695864][ C1] gic_handle_irq+0x78/0x1b8 [ 82.696638][ C1] call_on_irq_stack+0x30/0x48 [ 82.697455][ C1] do_interrupt_handler+0x6c/0x88 [ 82.698325][ C1] el1_interrupt+0x30/0x58 [ 82.699089][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.700022][ C1] el1h_64_irq+0x78/0x7c [ 82.700744][ C1] __sanitizer_cov_trace_pc+0xa8/0xac [ 82.701591][ C1] check_preemption_disabled+0x38/0x164 [ 82.702550][ C1] debug_smp_processor_id+0x20/0x2c [ 82.703417][ C1] rcu_is_watching+0x50/0x134 [ 82.704197][ C1] lock_release+0xb4/0x8e0 [ 82.705022][ C1] _raw_spin_unlock+0x8c/0x11c [ 82.705818][ C1] futex_wake+0x470/0x504 [ 82.706490][ C1] do_futex+0x1714/0x2650 [ 82.707267][ C1] __arm64_sys_futex+0x394/0x41c [ 82.708182][ C1] invoke_syscall+0x98/0x2b0 [ 82.708971][ C1] el0_svc_common+0x138/0x258 [ 82.709755][ C1] do_el0_svc+0x58/0x13c [ 82.710442][ C1] el0_svc+0x78/0x1d0 [ 82.711131][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.712006][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.712752][ C1] irq event stamp: 1724770 [ 82.713499][ C1] hardirqs last enabled at (1724769): [] el0_svc_common+0x9c/0x258 [ 82.715135][ C1] hardirqs last disabled at (1724770): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.716715][ C1] softirqs last enabled at (1724764): [] local_bh_enable+0x10/0x34 [ 82.718348][ C1] softirqs last disabled at (1724762): [] local_bh_disable+0x10/0x34 [ 82.719979][ C1] ---[ end trace 2ba480db038c16f1 ]--- [ 82.814984][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.816277][ T5031] Bad inode number on dev loop0: 2 is out of range [ 82.817322][ T5031] SysV FS: get root inode failed [ 82.818069][ T5031] oldfs: cannot read superblock [ 82.821142][ C1] ------------[ cut here ]------------ [ 82.821972][ C1] VFS: brelse: Trying to free free buffer [ 82.823000][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.824535][ C1] Modules linked in: [ 82.825224][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 82.826628][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.828314][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.829551][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.830444][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.831327][ C1] sp : ffff800008017de0 [ 82.832042][ C1] x29: ffff800008017de0 x28: ffff0000d61b9b40 x27: 1fffe000341f645c [ 82.833390][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.834768][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e20446b8 [ 82.836158][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.837499][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.838878][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.840222][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 6dbd0b20b0315400 [ 82.841653][ C1] x8 : 6dbd0b20b0315400 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.843014][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.844411][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.845798][ C1] Call trace: [ 82.846344][ C1] invalidate_bh_lru+0x128/0x22c [ 82.847145][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.848086][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.849164][ C1] ipi_handler+0x10c/0x6fc [ 82.849829][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.850701][ C1] handle_domain_irq+0x144/0x1fc [ 82.851496][ C1] gic_handle_irq+0x78/0x1b8 [ 82.852300][ C1] call_on_irq_stack+0x30/0x48 [ 82.853083][ C1] do_interrupt_handler+0x6c/0x88 [ 82.853911][ C1] el1_interrupt+0x30/0x58 [ 82.854643][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.855482][ C1] el1h_64_irq+0x78/0x7c [ 82.856166][ C1] kasan_check_range+0x7c/0x2a0 [ 82.856962][ C1] memset+0x58/0x88 [ 82.857668][ C1] unwind_frame+0xcc/0x68c [ 82.858358][ C1] walk_stackframe+0x6c/0xa8 [ 82.859080][ C1] return_address+0xd8/0x15c [ 82.859826][ C1] preempt_count_add+0x14c/0x41c [ 82.860664][ C1] _raw_spin_lock+0x24/0x10c [ 82.861452][ C1] kernfs_iop_permission+0x6c/0x2e0 [ 82.862387][ C1] inode_permission+0x1d0/0x3c0 [ 82.863191][ C1] link_path_walk+0x268/0xbe0 [ 82.863970][ C1] path_lookupat+0x90/0x3d0 [ 82.864751][ C1] filename_lookup+0x1b4/0x464 [ 82.865535][ C1] user_path_at_empty+0x5c/0x1a0 [ 82.866367][ C1] do_readlinkat+0xe0/0x3fc [ 82.867177][ C1] __arm64_sys_readlinkat+0x9c/0xb8 [ 82.868032][ C1] invoke_syscall+0x98/0x2b0 [ 82.868815][ C1] el0_svc_common+0x138/0x258 [ 82.869612][ C1] do_el0_svc+0x58/0x13c [ 82.870308][ C1] el0_svc+0x78/0x1d0 [ 82.870938][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.871771][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.872528][ C1] irq event stamp: 1359900 [ 82.873275][ C1] hardirqs last enabled at (1359899): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 82.875128][ C1] hardirqs last disabled at (1359900): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.876823][ C1] softirqs last enabled at (1359890): [] local_bh_enable+0x10/0x34 [ 82.878403][ C1] softirqs last disabled at (1359888): [] local_bh_disable+0x10/0x34 [ 82.880041][ C1] ---[ end trace 2ba480db038c16f2 ]--- [ 82.994701][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.996004][ T5033] Bad inode number on dev loop0: 2 is out of range [ 82.996991][ T5033] SysV FS: get root inode failed [ 82.997805][ T5033] oldfs: cannot read superblock [ 83.010408][ C1] ------------[ cut here ]------------ [ 83.011302][ C1] VFS: brelse: Trying to free free buffer [ 83.012326][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.013788][ C1] Modules linked in: [ 83.014431][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 83.015857][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.017630][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.018971][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.019840][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.020661][ C1] sp : ffff800008017de0 [ 83.021361][ C1] x29: ffff800008017de0 x28: ffff0000d61b9b40 x27: 1fffe000341f645c [ 83.022762][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 83.024075][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2044a58 [ 83.025369][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.026663][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.027962][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.029306][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 6dbd0b20b0315400 [ 83.030650][ C1] x8 : 6dbd0b20b0315400 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.032039][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.033207][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.034573][ C1] Call trace: [ 83.035130][ C1] invalidate_bh_lru+0x128/0x22c [ 83.035931][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.036896][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.038092][ C1] ipi_handler+0x10c/0x6fc [ 83.038813][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.039747][ C1] handle_domain_irq+0x144/0x1fc [ 83.040543][ C1] gic_handle_irq+0x78/0x1b8 [ 83.041259][ C1] call_on_irq_stack+0x30/0x48 [ 83.042003][ C1] do_interrupt_handler+0x6c/0x88 [ 83.042815][ C1] el0_interrupt+0x94/0x248 [ 83.043539][ C1] __el0_irq_handler_common+0x18/0x24 [ 83.044399][ C1] el0t_64_irq_handler+0x10/0x1c [ 83.045204][ C1] el0t_64_irq+0x1a0/0x1a4 [ 83.045905][ C1] irq event stamp: 1367300 [ 83.046628][ C1] hardirqs last enabled at (1367299): [] el0t_64_sync_handler+0xcc/0xe4 [ 83.048486][ C1] hardirqs last disabled at (1367300): [] __el0_irq_handler_common+0x18/0x24 [ 83.050200][ C1] softirqs last enabled at (1367256): [] local_bh_enable+0x10/0x34 [ 83.051753][ C1] softirqs last disabled at (1367254): [] local_bh_disable+0x10/0x34 [ 83.053327][ C1] ---[ end trace 2ba480db038c16f3 ]--- [ 83.143575][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.144816][ T5037] Bad inode number on dev loop0: 2 is out of range [ 83.145993][ T5037] SysV FS: get root inode failed [ 83.146795][ T5037] oldfs: cannot read superblock [ 83.154375][ C1] ------------[ cut here ]------------ [ 83.155296][ C1] VFS: brelse: Trying to free free buffer [ 83.156237][ C1] WARNING: CPU: 1 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.157730][ C1] Modules linked in: [ 83.158406][ C1] CPU: 1 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.159860][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.161487][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.162800][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.163727][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.164639][ C1] sp : ffff800008017de0 [ 83.165316][ C1] x29: ffff800008017de0 x28: ffff0000e7820000 x27: 1fffe000341f645b [ 83.166673][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 83.168035][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2044df8 [ 83.169404][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.170775][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.172060][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.173391][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 19e79de5f0c73800 [ 83.174729][ C1] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.176014][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.177268][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.178635][ C1] Call trace: [ 83.179188][ C1] invalidate_bh_lru+0x128/0x22c [ 83.180003][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.181014][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.182197][ C1] ipi_handler+0x10c/0x6fc [ 83.182907][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.183849][ C1] handle_domain_irq+0x144/0x1fc [ 83.184654][ C1] gic_handle_irq+0x78/0x1b8 [ 83.185392][ C1] call_on_irq_stack+0x30/0x48 [ 83.186158][ C1] do_interrupt_handler+0x6c/0x88 [ 83.186981][ C1] el1_interrupt+0x30/0x58 [ 83.187737][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.188554][ C1] el1h_64_irq+0x78/0x7c [ 83.189293][ C1] alloc_counters+0x3f8/0x7a0 [ 83.190083][ C1] do_ip6t_get_ctl+0xb68/0x143c [ 83.190853][ C1] nf_getsockopt+0x264/0x284 [ 83.191650][ C1] ipv6_getsockopt+0x588/0x2538 [ 83.192465][ C1] tcp_getsockopt+0x210/0x2eec [ 83.193259][ C1] sock_common_getsockopt+0xa8/0xc4 [ 83.194083][ C1] __sys_getsockopt+0x1b8/0x250 [ 83.194903][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 83.195811][ C1] invoke_syscall+0x98/0x2b0 [ 83.196569][ C1] el0_svc_common+0x138/0x258 [ 83.197359][ C1] do_el0_svc+0x58/0x13c [ 83.198054][ C1] el0_svc+0x78/0x1d0 [ 83.198713][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 83.199523][ C1] el0t_64_sync+0x1a0/0x1a4 [ 83.200243][ C1] irq event stamp: 409098 [ 83.200986][ C1] hardirqs last enabled at (409097): [] alloc_counters+0x3d4/0x7a0 [ 83.202453][ C1] hardirqs last disabled at (409098): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.203967][ C1] softirqs last enabled at (408780): [] release_sock+0x1d0/0x258 [ 83.205421][ C1] softirqs last disabled at (408778): [] release_sock+0x34/0x258 [ 83.206825][ C1] ---[ end trace 2ba480db038c16f4 ]--- [ 83.246041][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.247331][ T5039] Bad inode number on dev loop0: 2 is out of range [ 83.248415][ T5039] SysV FS: get root inode failed [ 83.249178][ T5039] oldfs: cannot read superblock [ 83.254936][ C0] ------------[ cut here ]------------ [ 83.255811][ C0] VFS: brelse: Trying to free free buffer [ 83.256878][ C0] WARNING: CPU: 0 PID: 4651 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.258346][ C0] Modules linked in: [ 83.258954][ C0] CPU: 0 PID: 4651 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.260477][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.262106][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.263447][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 83.264421][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 83.265344][ C0] sp : ffff800008007de0 [ 83.266026][ C0] x29: ffff800008007de0 x28: ffff0000e7820000 x27: 1fffe000341f225c [ 83.267423][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 83.268811][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a05d0 [ 83.270146][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 83.271502][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.272829][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.274124][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 19e79de5f0c73800 [ 83.275528][ C0] x8 : 19e79de5f0c73800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.276901][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.278256][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.279699][ C0] Call trace: [ 83.280265][ C0] invalidate_bh_lru+0x128/0x22c [ 83.281101][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.282169][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.283318][ C0] ipi_handler+0x10c/0x6fc [ 83.284128][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 83.285034][ C0] handle_domain_irq+0x144/0x1fc [ 83.285829][ C0] gic_handle_irq+0x78/0x1b8 [ 83.286577][ C0] call_on_irq_stack+0x30/0x48 [ 83.287334][ C0] do_interrupt_handler+0x6c/0x88 [ 83.288191][ C0] el1_interrupt+0x30/0x58 [ 83.288996][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.289872][ C0] el1h_64_irq+0x78/0x7c [ 83.290585][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 83.291625][ C0] debug_check_no_obj_freed+0x450/0x46c [ 83.292560][ C0] slab_free_freelist_hook+0x9c/0x1e4 [ 83.293513][ C0] kfree+0x16c/0x400 [ 83.294169][ C0] kvfree+0x40/0x50 [ 83.294817][ C0] __vunmap+0x8e0/0x9b0 [ 83.295555][ C0] vfree+0xbc/0x154 [ 83.296195][ C0] do_ip6t_get_ctl+0x118c/0x143c [ 83.297084][ C0] nf_getsockopt+0x264/0x284 [ 83.297887][ C0] ipv6_getsockopt+0x588/0x2538 [ 83.298679][ C0] tcp_getsockopt+0x210/0x2eec [ 83.299499][ C0] sock_common_getsockopt+0xa8/0xc4 [ 83.300396][ C0] __sys_getsockopt+0x1b8/0x250 [ 83.301204][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 83.302102][ C0] invoke_syscall+0x98/0x2b0 [ 83.302911][ C0] el0_svc_common+0x138/0x258 [ 83.303706][ C0] do_el0_svc+0x58/0x13c [ 83.304399][ C0] el0_svc+0x78/0x1d0 [ 83.305057][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.305938][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.306728][ C0] irq event stamp: 411802 [ 83.307450][ C0] hardirqs last enabled at (411801): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 83.309351][ C0] hardirqs last disabled at (411802): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.311004][ C0] softirqs last enabled at (411650): [] local_bh_enable+0x10/0x34 [ 83.312610][ C0] softirqs last disabled at (411648): [] local_bh_disable+0x10/0x34 [ 83.314201][ C0] ---[ end trace 2ba480db038c16f5 ]--- [ 83.387344][ T5041] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.388650][ T5041] Bad inode number on dev loop0: 2 is out of range [ 83.389716][ T5041] SysV FS: get root inode failed [ 83.390530][ T5041] oldfs: cannot read superblock [ 83.408110][ T4867] ------------[ cut here ]------------ [ 83.408997][ T4867] VFS: brelse: Trying to free free buffer [ 83.410063][ T4867] WARNING: CPU: 0 PID: 4867 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.411469][ T4867] Modules linked in: [ 83.412124][ T4867] CPU: 0 PID: 4867 Comm: udevd Tainted: G W syzkaller #0 [ 83.413522][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.415233][ T4867] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.416546][ T4867] pc : invalidate_bh_lru+0x128/0x22c [ 83.417428][ T4867] lr : invalidate_bh_lru+0x128/0x22c [ 83.418323][ T4867] sp : ffff80001fc377c0 [ 83.419017][ T4867] x29: ffff80001fc377c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 83.420431][ T4867] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 83.421809][ T4867] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a0970 [ 83.423176][ T4867] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.424592][ T4867] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.425898][ T4867] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.427215][ T4867] x11: 0000000000000002 x10: 0000000000000000 x9 : c032511a4470a000 [ 83.428565][ T4867] x8 : c032511a4470a000 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.429969][ T4867] x5 : ffff80001fc370d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.431357][ T4867] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.432758][ T4867] Call trace: [ 83.433269][ T4867] invalidate_bh_lru+0x128/0x22c [ 83.434111][ T4867] smp_call_function_many_cond+0xa50/0xeac [ 83.435086][ T4867] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.435882][ T4867] invalidate_bh_lrus+0x34/0x40 [ 83.436717][ T4867] blkdev_flush_mapping+0x16c/0x334 [ 83.437593][ T4867] blkdev_put+0x490/0x6ac [ 83.438315][ T4867] blkdev_close+0x74/0xb0 [ 83.439057][ T4867] __fput+0x1c0/0x7e8 [ 83.439660][ T4867] ____fput+0x20/0x30 [ 83.440282][ T4867] task_work_run+0x12c/0x1d8 [ 83.441066][ T4867] do_notify_resume+0x2450/0x309c [ 83.441968][ T4867] el0_svc+0xf0/0x1d0 [ 83.442641][ T4867] el0t_64_sync_handler+0xcc/0xe4 [ 83.443545][ T4867] el0t_64_sync+0x1a0/0x1a4 [ 83.444286][ T4867] irq event stamp: 469004 [ 83.444984][ T4867] hardirqs last enabled at (469003): [] kasan_quarantine_put+0xc4/0x200 [ 83.446613][ T4867] hardirqs last disabled at (469004): [] smp_call_function_many_cond+0xa44/0xeac [ 83.448423][ T4867] softirqs last enabled at (468838): [] local_bh_enable+0x10/0x34 [ 83.450047][ T4867] softirqs last disabled at (468836): [] local_bh_disable+0x10/0x34 [ 83.451664][ T4867] ---[ end trace 2ba480db038c16f6 ]--- [ 83.513333][ T5045] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.514627][ T5045] Bad inode number on dev loop0: 2 is out of range [ 83.515687][ T5045] SysV FS: get root inode failed [ 83.516514][ T5045] oldfs: cannot read superblock [ 83.520946][ C0] ------------[ cut here ]------------ [ 83.521795][ C0] VFS: brelse: Trying to free free buffer [ 83.522782][ C0] WARNING: CPU: 0 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.524302][ C0] Modules linked in: [ 83.524955][ C0] CPU: 0 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 83.526314][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.527920][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.529314][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 83.530175][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 83.531047][ C0] sp : ffff800008007de0 [ 83.531741][ C0] x29: ffff800008007de0 x28: ffff0000d61b9b40 x27: 1fffe000341f225b [ 83.533118][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 83.534434][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d05a0d10 [ 83.535831][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.537110][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.538456][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.539851][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 6dbd0b20b0315400 [ 83.541313][ C0] x8 : 6dbd0b20b0315400 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.542826][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.544280][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.545636][ C0] Call trace: [ 83.546177][ C0] invalidate_bh_lru+0x128/0x22c [ 83.546985][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.548021][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.549248][ C0] ipi_handler+0x10c/0x6fc [ 83.549991][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 83.550896][ C0] handle_domain_irq+0x144/0x1fc [ 83.551661][ C0] gic_handle_irq+0x78/0x1b8 [ 83.552515][ C0] call_on_irq_stack+0x30/0x48 [ 83.553311][ C0] do_interrupt_handler+0x6c/0x88 [ 83.554233][ C0] el1_interrupt+0x30/0x58 [ 83.554997][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.555805][ C0] el1h_64_irq+0x78/0x7c [ 83.556537][ C0] arch_local_irq_restore+0x8/0x10 [ 83.557332][ C0] ___might_sleep+0x98/0x4d4 [ 83.558033][ C0] __might_sleep+0x98/0x124 [ 83.558758][ C0] down_read+0x3c/0x38c [ 83.559431][ C0] kernfs_iop_permission+0x64/0x2e0 [ 83.560284][ C0] inode_permission+0x1d0/0x3c0 [ 83.561094][ C0] link_path_walk+0x268/0xbe0 [ 83.561871][ C0] path_lookupat+0x90/0x3d0 [ 83.562622][ C0] filename_lookup+0x1b4/0x464 [ 83.563382][ C0] user_path_at_empty+0x5c/0x1a0 [ 83.564189][ C0] do_readlinkat+0xe0/0x3fc [ 83.564912][ C0] __arm64_sys_readlinkat+0x9c/0xb8 [ 83.565837][ C0] invoke_syscall+0x98/0x2b0 [ 83.566614][ C0] el0_svc_common+0x138/0x258 [ 83.567391][ C0] do_el0_svc+0x58/0x13c [ 83.568130][ C0] el0_svc+0x78/0x1d0 [ 83.568799][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.569622][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.570363][ C0] irq event stamp: 1386226 [ 83.571096][ C0] hardirqs last enabled at (1386225): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 83.572823][ C0] hardirqs last disabled at (1386226): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.574508][ C0] softirqs last enabled at (1386216): [] local_bh_enable+0x10/0x34 [ 83.576131][ C0] softirqs last disabled at (1386214): [] local_bh_disable+0x10/0x34 [ 83.577756][ C0] ---[ end trace 2ba480db038c16f7 ]--- [ 83.613119][ T5047] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.614398][ T5047] Bad inode number on dev loop0: 2 is out of range [ 83.615465][ T5047] SysV FS: get root inode failed [ 83.616311][ T5047] oldfs: cannot read superblock [ 83.617188][ T5047] ------------[ cut here ]------------ [ 83.618055][ T5047] VFS: brelse: Trying to free free buffer [ 83.619062][ T5047] WARNING: CPU: 0 PID: 5047 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.620545][ T5047] Modules linked in: [ 83.621156][ T5047] CPU: 0 PID: 5047 Comm: syz.0.99 Tainted: G W syzkaller #0 [ 83.622592][ T5047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.624430][ T5047] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.625816][ T5047] pc : invalidate_bh_lru+0x128/0x22c [ 83.626743][ T5047] lr : invalidate_bh_lru+0x128/0x22c [ 83.627658][ T5047] sp : ffff8000201d76e0 [ 83.628351][ T5047] x29: ffff8000201d76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 83.629765][ T5047] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 83.631114][ T5047] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b4970 [ 83.632494][ T5047] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.633944][ T5047] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.635233][ T5047] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.636554][ T5047] x11: 0000000000000002 x10: 0000000000000000 x9 : b44dba11c2192800 [ 83.637908][ T5047] x8 : b44dba11c2192800 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.639295][ T5047] x5 : ffff8000201d6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.640724][ T5047] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.642066][ T5047] Call trace: [ 83.642615][ T5047] invalidate_bh_lru+0x128/0x22c [ 83.643400][ T5047] smp_call_function_many_cond+0xa50/0xeac [ 83.644385][ T5047] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.645242][ T5047] invalidate_bh_lrus+0x34/0x40 [ 83.646058][ T5047] blkdev_flush_mapping+0x16c/0x334 [ 83.646948][ T5047] blkdev_put+0x490/0x6ac [ 83.647686][ T5047] kill_block_super+0x98/0xdc [ 83.648445][ T5047] deactivate_locked_super+0xb8/0x134 [ 83.649334][ T5047] mount_bdev+0x284/0x358 [ 83.650099][ T5047] sysv_mount+0x44/0x58 [ 83.650790][ T5047] legacy_get_tree+0xd4/0x16c [ 83.651662][ T5047] vfs_get_tree+0x90/0x274 [ 83.652403][ T5047] do_new_mount+0x228/0x810 [ 83.653178][ T5047] path_mount+0x5bc/0x1008 [ 83.653991][ T5047] __arm64_sys_mount+0x514/0x5f0 [ 83.654912][ T5047] invoke_syscall+0x98/0x2b0 [ 83.655702][ T5047] el0_svc_common+0x138/0x258 [ 83.656469][ T5047] do_el0_svc+0x58/0x13c [ 83.657247][ T5047] el0_svc+0x78/0x1d0 [ 83.657954][ T5047] el0t_64_sync_handler+0xcc/0xe4 [ 83.658898][ T5047] el0t_64_sync+0x1a0/0x1a4 [ 83.659590][ T5047] irq event stamp: 1078 [ 83.660264][ T5047] hardirqs last enabled at (1077): [] kasan_quarantine_put+0xc4/0x200 [ 83.661944][ T5047] hardirqs last disabled at (1078): [] smp_call_function_many_cond+0xa44/0xeac [ 83.663739][ T5047] softirqs last enabled at (870): [] local_bh_enable+0x10/0x34 [ 83.665238][ T5047] softirqs last disabled at (868): [] local_bh_disable+0x10/0x34 [ 83.666851][ T5047] ---[ end trace 2ba480db038c16f8 ]--- [ 83.804575][ T5049] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.805778][ T5049] Bad inode number on dev loop0: 2 is out of range [ 83.806840][ T5049] SysV FS: get root inode failed [ 83.807624][ T5049] oldfs: cannot read superblock [ 83.812171][ C0] ------------[ cut here ]------------ [ 83.813025][ C0] VFS: brelse: Trying to free free buffer [ 83.814106][ C0] WARNING: CPU: 0 PID: 3645 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.815688][ C0] Modules linked in: [ 83.816334][ C0] CPU: 0 PID: 3645 Comm: syslogd Tainted: G W syzkaller #0 [ 83.817760][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.819525][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.820840][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 83.821749][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 83.822599][ C0] sp : ffff800008007de0 [ 83.823295][ C0] x29: ffff800008007de0 x28: ffff0000d50b51c0 x27: 1fffe000341f225b [ 83.824567][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 83.825961][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e22b4d10 [ 83.827315][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.828684][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.830124][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.831400][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : ba3012d4795b6100 [ 83.832757][ C0] x8 : ba3012d4795b6100 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.834134][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.835522][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.836915][ C0] Call trace: [ 83.837428][ C0] invalidate_bh_lru+0x128/0x22c [ 83.838211][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.839219][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.840383][ C0] ipi_handler+0x10c/0x6fc [ 83.841120][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 83.842033][ C0] handle_domain_irq+0x144/0x1fc [ 83.842842][ C0] gic_handle_irq+0x78/0x1b8 [ 83.843613][ C0] call_on_irq_stack+0x30/0x48 [ 83.844416][ C0] do_interrupt_handler+0x6c/0x88 [ 83.845303][ C0] el1_interrupt+0x30/0x58 [ 83.846029][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.846868][ C0] el1h_64_irq+0x78/0x7c [ 83.847576][ C0] el0_svc_common+0xa8/0x258 [ 83.848369][ C0] do_el0_svc+0x58/0x13c [ 83.849041][ C0] el0_svc+0x78/0x1d0 [ 83.849709][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.850588][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.851336][ C0] irq event stamp: 111128 [ 83.852080][ C0] hardirqs last enabled at (111127): [] el0_svc_common+0x9c/0x258 [ 83.853669][ C0] hardirqs last disabled at (111128): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.855331][ C0] softirqs last enabled at (111080): [] local_bh_enable+0x10/0x34 [ 83.856935][ C0] softirqs last disabled at (111078): [] local_bh_disable+0x10/0x34 [ 83.858510][ C0] ---[ end trace 2ba480db038c16f9 ]---