Warning: Permanently added '10.128.1.50' (ED25519) to the list of known hosts. 1970/01/01 00:01:07 parsed 1 programs [ 68.335160][ T4464] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 69.623847][ T2065] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.625023][ T2065] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.627646][ T7] cfg80211: failed to load regulatory.db [ 70.465221][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.466524][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.470184][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 70.480274][ T1712] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 70.481633][ T1712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 70.483704][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 70.855823][ T4557] chnl_net:caif_netlink_parms(): no params data found [ 70.883451][ T4557] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.884938][ T4557] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.886704][ T4557] device bridge_slave_0 entered promiscuous mode [ 70.888968][ T4557] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.890224][ T4557] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.891854][ T4557] device bridge_slave_1 entered promiscuous mode [ 70.901088][ T4557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.904250][ T4557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.912947][ T4557] team0: Port device team_slave_0 added [ 70.916669][ T4557] team0: Port device team_slave_1 added [ 70.924090][ T4557] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.925213][ T4557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.929296][ T4557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.932171][ T4557] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.933380][ T4557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.937629][ T4557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.994287][ T4557] device hsr_slave_0 entered promiscuous mode [ 71.042535][ T4557] device hsr_slave_1 entered promiscuous mode [ 71.678236][ T4557] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.704713][ T4557] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.755236][ T4557] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.794088][ T4557] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.869225][ T4557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.874988][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.876444][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.881812][ T4557] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.886047][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.887632][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.889046][ T357] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.890138][ T357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.891524][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.897614][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.899250][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.900792][ T357] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.902124][ T357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.913223][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.915093][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.917060][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.919159][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.920732][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.924433][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.928931][ T4557] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.930632][ T4557] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.934583][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.936349][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.937966][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.939953][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.941503][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.951430][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.995473][ T4557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.997819][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 71.999232][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 72.018730][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 72.020496][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 72.025308][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 72.030536][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 72.032810][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 72.034494][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 72.037041][ T4557] device veth0_vlan entered promiscuous mode [ 72.040603][ T4557] device veth1_vlan entered promiscuous mode [ 72.049842][ T4557] device veth0_macvtap entered promiscuous mode [ 72.052252][ T4557] device veth1_macvtap entered promiscuous mode [ 72.055062][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 72.056636][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 72.058199][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 72.059778][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 72.061392][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 72.069303][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 72.073783][ T4557] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.075160][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 72.076809][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 72.080103][ T4557] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.081347][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 72.084537][ T1712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 72.087945][ T4557] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.089405][ T4557] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.090963][ T4557] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.093450][ T4557] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:12 executed programs: 0 [ 72.720467][ T4740] chnl_net:caif_netlink_parms(): no params data found [ 72.744256][ T4740] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.745603][ T4740] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.747179][ T4740] device bridge_slave_0 entered promiscuous mode [ 72.749624][ T4740] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.750850][ T4740] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.753231][ T4740] device bridge_slave_1 entered promiscuous mode [ 72.763386][ T4740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.766199][ T4740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.777054][ T4740] team0: Port device team_slave_0 added [ 72.779124][ T4740] team0: Port device team_slave_1 added [ 72.786926][ T4740] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.788047][ T4740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.793493][ T4740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.796021][ T4740] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.797167][ T4740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.801781][ T4740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.855302][ T4740] device hsr_slave_0 entered promiscuous mode [ 72.912854][ T4740] device hsr_slave_1 entered promiscuous mode [ 72.942723][ T4740] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.943989][ T4740] Cannot create hsr debugfs directory [ 72.980729][ T4740] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.662431][ T21] Bluetooth: hci0: command 0x0409 tx timeout [ 75.187886][ T4740] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.742332][ T21] Bluetooth: hci0: command 0x041b tx timeout [ 77.526005][ T4740] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.567712][ T4740] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.737351][ T4740] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.764469][ T4740] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.833617][ T4740] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.893948][ T4740] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.970193][ T4740] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.974391][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.975988][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.978610][ T4740] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.981278][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.984627][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.986059][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.987235][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.988612][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.991597][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.996156][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.997818][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.999087][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.002069][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 78.005395][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 78.008319][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 78.010090][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 78.011797][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 78.016285][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 78.018042][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 78.020867][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 78.022627][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.025621][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.027175][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.029825][ T4740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.070860][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.072271][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.076973][ T4740] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.084718][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 78.086743][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.104012][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 78.105826][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.108103][ T4740] device veth0_vlan entered promiscuous mode [ 78.109402][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 78.110905][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 78.116644][ T4740] device veth1_vlan entered promiscuous mode [ 78.125230][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 78.126864][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 78.128450][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.130039][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.134690][ T4740] device veth0_macvtap entered promiscuous mode [ 78.137346][ T4740] device veth1_macvtap entered promiscuous mode [ 78.142248][ T4740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.144394][ T4740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.146628][ T4740] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.147907][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.149549][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.151062][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.153137][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.155971][ T4740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.157755][ T4740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.160048][ T4740] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.161280][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.163724][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.167382][ T4740] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.168880][ T4740] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.170435][ T4740] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.171916][ T4740] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.196295][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.197654][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.199063][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.209061][ T1712] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.210419][ T1712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.211789][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:18 executed programs: 2 [ 78.231878][ T4942] loop0: detected capacity change from 0 to 128 [ 78.245484][ T4942] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.246816][ T4942] Bad inode number on dev loop0: 2 is out of range [ 78.247806][ T4942] SysV FS: get root inode failed [ 78.248659][ T4942] oldfs: cannot read superblock [ 78.260451][ T4515] ------------[ cut here ]------------ [ 78.261482][ T4515] VFS: brelse: Trying to free free buffer [ 78.262464][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.263978][ T4515] Modules linked in: [ 78.264650][ T4515] CPU: 0 PID: 4515 Comm: udevd Not tainted syzkaller #0 [ 78.265917][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.267614][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.268936][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 78.269795][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 78.270624][ T4515] sp : ffff80001f8c77c0 [ 78.271298][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 78.272651][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 78.274050][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb89318 [ 78.275449][ T4515] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.276761][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.278196][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.279614][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 78.281013][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.282381][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.283827][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.285160][ T4515] Call trace: [ 78.285679][ T4515] invalidate_bh_lru+0x128/0x22c [ 78.286557][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 78.287457][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.288286][ T4515] invalidate_bh_lrus+0x34/0x40 [ 78.289126][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 78.290018][ T4515] blkdev_put+0x490/0x6ac [ 78.290699][ T4515] blkdev_close+0x74/0xb0 [ 78.291436][ T4515] __fput+0x1c0/0x7e8 [ 78.292127][ T4515] ____fput+0x20/0x30 [ 78.292775][ T4515] task_work_run+0x12c/0x1d8 [ 78.293611][ T4515] do_notify_resume+0x2450/0x309c [ 78.294443][ T4515] el0_svc+0xf0/0x1d0 [ 78.295055][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 78.295837][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 78.296548][ T4515] irq event stamp: 77088 [ 78.297225][ T4515] hardirqs last enabled at (77087): [] kasan_quarantine_put+0xc4/0x200 [ 78.298759][ T4515] hardirqs last disabled at (77088): [] smp_call_function_many_cond+0xa44/0xeac [ 78.300526][ T4515] softirqs last enabled at (76822): [] local_bh_enable+0x10/0x34 [ 78.302091][ T4515] softirqs last disabled at (76820): [] local_bh_disable+0x10/0x34 [ 78.303658][ T4515] ---[ end trace 062e6fe66ca8d278 ]--- [ 78.345399][ T4944] loop0: detected capacity change from 0 to 128 [ 78.395717][ T4944] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.396947][ T4944] Bad inode number on dev loop0: 2 is out of range [ 78.398067][ T4944] SysV FS: get root inode failed [ 78.398902][ T4944] oldfs: cannot read superblock [ 78.406477][ C0] ------------[ cut here ]------------ [ 78.407400][ C0] VFS: brelse: Trying to free free buffer [ 78.408407][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.409863][ C0] Modules linked in: [ 78.410489][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.412066][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.413876][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.415241][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 78.416165][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 78.417082][ C0] sp : ffff800008007de0 [ 78.417786][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 78.419065][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 78.420424][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f7318 [ 78.421739][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 78.423109][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.424550][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.425953][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 78.427372][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.428787][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.430160][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.431505][ C0] Call trace: [ 78.432063][ C0] invalidate_bh_lru+0x128/0x22c [ 78.432910][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.433915][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.435044][ C0] ipi_handler+0x10c/0x6fc [ 78.435765][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 78.436711][ C0] handle_domain_irq+0x144/0x1fc [ 78.437563][ C0] gic_handle_irq+0x78/0x1b8 [ 78.438351][ C0] call_on_irq_stack+0x30/0x48 [ 78.439166][ C0] do_interrupt_handler+0x6c/0x88 [ 78.439984][ C0] el1_interrupt+0x30/0x58 [ 78.440719][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.441543][ C0] el1h_64_irq+0x78/0x7c [ 78.442201][ C0] __sanitizer_cov_trace_pc+0xa8/0xac [ 78.443029][ C0] tomoyo_path_permission+0x164/0x310 [ 78.443898][ C0] tomoyo_path_perm+0x35c/0x49c [ 78.444651][ C0] tomoyo_path_unlink+0xa8/0xf4 [ 78.445446][ C0] security_path_unlink+0xe4/0x134 [ 78.446269][ C0] do_unlinkat+0x28c/0x618 [ 78.447057][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 78.447938][ C0] invoke_syscall+0x98/0x2b0 [ 78.448728][ C0] el0_svc_common+0x138/0x258 [ 78.449496][ C0] do_el0_svc+0x58/0x13c [ 78.450229][ C0] el0_svc+0x78/0x1d0 [ 78.450840][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.451714][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.452467][ C0] irq event stamp: 168782 [ 78.453186][ C0] hardirqs last enabled at (168781): [] kasan_quarantine_put+0xc4/0x200 [ 78.454906][ C0] hardirqs last disabled at (168782): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.456616][ C0] softirqs last enabled at (168728): [] local_bh_enable+0x10/0x34 [ 78.458311][ C0] softirqs last disabled at (168726): [] local_bh_disable+0x10/0x34 [ 78.459986][ C0] ---[ end trace 062e6fe66ca8d279 ]--- [ 78.512927][ T4946] loop0: detected capacity change from 0 to 128 [ 78.515607][ T4946] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.516846][ T4946] Bad inode number on dev loop0: 2 is out of range [ 78.517877][ T4946] SysV FS: get root inode failed [ 78.518657][ T4946] oldfs: cannot read superblock [ 78.521954][ C1] ------------[ cut here ]------------ [ 78.522903][ C1] VFS: brelse: Trying to free free buffer [ 78.523937][ C1] WARNING: CPU: 1 PID: 4464 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.525475][ C1] Modules linked in: [ 78.526106][ C1] CPU: 1 PID: 4464 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.527601][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.529399][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.530730][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.531667][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.532589][ C1] sp : ffff800008017de0 [ 78.533341][ C1] x29: ffff800008017de0 x28: ffff0000cee051c0 x27: 1fffe000341f645c [ 78.534733][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 78.536011][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bba58 [ 78.537295][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 78.538654][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.540067][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.541363][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : af9ef460ff185a00 [ 78.542672][ C1] x8 : af9ef460ff185a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.544086][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.545547][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.546977][ C1] Call trace: [ 78.547527][ C1] invalidate_bh_lru+0x128/0x22c [ 78.548392][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.549417][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.550600][ C1] ipi_handler+0x10c/0x6fc [ 78.551398][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.552366][ C1] handle_domain_irq+0x144/0x1fc [ 78.553223][ C1] gic_handle_irq+0x78/0x1b8 [ 78.554022][ C1] call_on_irq_stack+0x30/0x48 [ 78.554824][ C1] do_interrupt_handler+0x6c/0x88 [ 78.555655][ C1] el0_interrupt+0x94/0x248 [ 78.556428][ C1] __el0_irq_handler_common+0x18/0x24 [ 78.557300][ C1] el0t_64_irq_handler+0x10/0x1c [ 78.558183][ C1] el0t_64_irq+0x1a0/0x1a4 [ 78.559004][ C1] irq event stamp: 660894 [ 78.559748][ C1] hardirqs last enabled at (660893): [] el0t_64_sync_handler+0xcc/0xe4 [ 78.561481][ C1] hardirqs last disabled at (660894): [] __el0_irq_handler_common+0x18/0x24 [ 78.563215][ C1] softirqs last enabled at (660890): [] release_sock+0x1d0/0x258 [ 78.564863][ C1] softirqs last disabled at (660888): [] release_sock+0x34/0x258 [ 78.566483][ C1] ---[ end trace 062e6fe66ca8d27a ]--- [ 78.618387][ T4948] loop0: detected capacity change from 0 to 128 [ 78.620946][ T4948] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.622138][ T4948] Bad inode number on dev loop0: 2 is out of range [ 78.623932][ T4948] SysV FS: get root inode failed [ 78.624709][ T4948] oldfs: cannot read superblock [ 78.630305][ T4515] ------------[ cut here ]------------ [ 78.631238][ T4515] VFS: brelse: Trying to free free buffer [ 78.632308][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.633705][ T4515] Modules linked in: [ 78.634397][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 78.635847][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.637593][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.638968][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 78.639857][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 78.640710][ T4515] sp : ffff80001f8c77c0 [ 78.641392][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 78.642771][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 78.644124][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f76b8 [ 78.645508][ T4515] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.646965][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.648303][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.649691][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 78.651104][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.652461][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.653817][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.655242][ T4515] Call trace: [ 78.655795][ T4515] invalidate_bh_lru+0x128/0x22c [ 78.656675][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 78.657667][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.658533][ T4515] invalidate_bh_lrus+0x34/0x40 [ 78.659369][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 78.660352][ T4515] blkdev_put+0x490/0x6ac [ 78.661067][ T4515] blkdev_close+0x74/0xb0 [ 78.661801][ T4515] __fput+0x1c0/0x7e8 [ 78.662471][ T4515] ____fput+0x20/0x30 [ 78.663102][ T4515] task_work_run+0x12c/0x1d8 [ 78.663899][ T4515] do_notify_resume+0x2450/0x309c [ 78.664779][ T4515] el0_svc+0xf0/0x1d0 [ 78.665451][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 78.666324][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 78.667124][ T4515] irq event stamp: 91044 [ 78.667841][ T4515] hardirqs last enabled at (91043): [] kasan_quarantine_put+0xc4/0x200 [ 78.669632][ T4515] hardirqs last disabled at (91044): [] smp_call_function_many_cond+0xa44/0xeac [ 78.671452][ T4515] softirqs last enabled at (90762): [] local_bh_enable+0x10/0x34 [ 78.673119][ T4515] softirqs last disabled at (90760): [] local_bh_disable+0x10/0x34 [ 78.674803][ T4515] ---[ end trace 062e6fe66ca8d27b ]--- [ 78.724190][ T4950] loop0: detected capacity change from 0 to 128 [ 78.727627][ T4950] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.729163][ T4950] Bad inode number on dev loop0: 2 is out of range [ 78.730655][ T4950] SysV FS: get root inode failed [ 78.731472][ T4950] oldfs: cannot read superblock [ 78.737261][ C1] ------------[ cut here ]------------ [ 78.738283][ C1] VFS: brelse: Trying to free free buffer [ 78.739259][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.740671][ C1] Modules linked in: [ 78.741261][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.742728][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.744435][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.745761][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.746680][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.747579][ C1] sp : ffff800008017de0 [ 78.748252][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 78.749573][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 78.751063][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bb6b8 [ 78.752557][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 78.753960][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.755326][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.756745][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 78.758105][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.759555][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.760955][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.762313][ C1] Call trace: [ 78.762880][ C1] invalidate_bh_lru+0x128/0x22c [ 78.763748][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.764793][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.766037][ C1] ipi_handler+0x10c/0x6fc [ 78.766790][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.767779][ C1] handle_domain_irq+0x144/0x1fc [ 78.768608][ C1] gic_handle_irq+0x78/0x1b8 [ 78.769331][ C1] call_on_irq_stack+0x30/0x48 [ 78.770118][ C1] do_interrupt_handler+0x6c/0x88 [ 78.770976][ C1] el1_interrupt+0x30/0x58 [ 78.771667][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.772530][ C1] el1h_64_irq+0x78/0x7c [ 78.773361][ C1] arch_local_irq_restore+0x8/0x10 [ 78.774294][ C1] rcu_read_lock_any_held+0x38/0xdc [ 78.775255][ C1] sb_end_write+0xe8/0x404 [ 78.776025][ C1] mnt_drop_write+0x48/0x58 [ 78.776795][ C1] do_mkdirat+0x1fc/0x514 [ 78.777547][ C1] __arm64_sys_mkdirat+0x90/0xa8 [ 78.778413][ C1] invoke_syscall+0x98/0x2b0 [ 78.779192][ C1] el0_svc_common+0x138/0x258 [ 78.779986][ C1] do_el0_svc+0x58/0x13c [ 78.780723][ C1] el0_svc+0x78/0x1d0 [ 78.781460][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.782338][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.783165][ C1] irq event stamp: 180962 [ 78.783903][ C1] hardirqs last enabled at (180961): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 78.785703][ C1] hardirqs last disabled at (180962): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.787419][ C1] softirqs last enabled at (180924): [] local_bh_enable+0x10/0x34 [ 78.789004][ C1] softirqs last disabled at (180922): [] local_bh_disable+0x10/0x34 [ 78.790624][ C1] ---[ end trace 062e6fe66ca8d27c ]--- [ 78.832873][ T4062] Bluetooth: hci0: command 0x040f tx timeout [ 78.834828][ T4952] loop0: detected capacity change from 0 to 128 [ 78.933909][ T4952] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.935173][ T4952] Bad inode number on dev loop0: 2 is out of range [ 78.936276][ T4952] SysV FS: get root inode failed [ 78.937116][ T4952] oldfs: cannot read superblock [ 78.938028][ T4952] ------------[ cut here ]------------ [ 78.939065][ T4952] VFS: brelse: Trying to free free buffer [ 78.940056][ T4952] WARNING: CPU: 1 PID: 4952 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.941455][ T4952] Modules linked in: [ 78.942110][ T4952] CPU: 1 PID: 4952 Comm: syz.0.21 Tainted: G W syzkaller #0 [ 78.943696][ T4952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.945281][ T4952] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.946602][ T4952] pc : invalidate_bh_lru+0x128/0x22c [ 78.947474][ T4952] lr : invalidate_bh_lru+0x128/0x22c [ 78.948308][ T4952] sp : ffff80001fe276e0 [ 78.949044][ T4952] x29: ffff80001fe276e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 78.950394][ T4952] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 78.951784][ T4952] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bb318 [ 78.953155][ T4952] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.954554][ T4952] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.955927][ T4952] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.957332][ T4952] x11: 0000000000000002 x10: 0000000000000000 x9 : 721f7bb3c48bf000 [ 78.958652][ T4952] x8 : 721f7bb3c48bf000 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.960110][ T4952] x5 : ffff80001fe26ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.961602][ T4952] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.963028][ T4952] Call trace: [ 78.963542][ T4952] invalidate_bh_lru+0x128/0x22c [ 78.964343][ T4952] smp_call_function_many_cond+0xa50/0xeac [ 78.965347][ T4952] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.966282][ T4952] invalidate_bh_lrus+0x34/0x40 [ 78.967073][ T4952] blkdev_flush_mapping+0x16c/0x334 [ 78.967949][ T4952] blkdev_put+0x490/0x6ac [ 78.968679][ T4952] kill_block_super+0x98/0xdc [ 78.969485][ T4952] deactivate_locked_super+0xb8/0x134 [ 78.970422][ T4952] mount_bdev+0x284/0x358 [ 78.971178][ T4952] sysv_mount+0x44/0x58 [ 78.971856][ T4952] legacy_get_tree+0xd4/0x16c [ 78.972620][ T4952] vfs_get_tree+0x90/0x274 [ 78.973396][ T4952] do_new_mount+0x228/0x810 [ 78.974154][ T4952] path_mount+0x5bc/0x1008 [ 78.974913][ T4952] __arm64_sys_mount+0x514/0x5f0 [ 78.975767][ T4952] invoke_syscall+0x98/0x2b0 [ 78.976576][ T4952] el0_svc_common+0x138/0x258 [ 78.977372][ T4952] do_el0_svc+0x58/0x13c [ 78.978120][ T4952] el0_svc+0x78/0x1d0 [ 78.978780][ T4952] el0t_64_sync_handler+0xcc/0xe4 [ 78.979588][ T4952] el0t_64_sync+0x1a0/0x1a4 [ 78.980366][ T4952] irq event stamp: 1156 [ 78.981014][ T4952] hardirqs last enabled at (1155): [] kasan_quarantine_put+0xc4/0x200 [ 78.982538][ T4952] hardirqs last disabled at (1156): [] smp_call_function_many_cond+0xa44/0xeac [ 78.984246][ T4952] softirqs last enabled at (964): [] local_bh_enable+0x10/0x34 [ 78.985639][ T4952] softirqs last disabled at (962): [] local_bh_disable+0x10/0x34 [ 78.987200][ T4952] ---[ end trace 062e6fe66ca8d27d ]--- [ 79.089075][ T4956] loop0: detected capacity change from 0 to 128 [ 79.091547][ T4956] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.092945][ T4956] Bad inode number on dev loop0: 2 is out of range [ 79.094175][ T4956] SysV FS: get root inode failed [ 79.095035][ T4956] oldfs: cannot read superblock [ 79.112915][ T4515] ------------[ cut here ]------------ [ 79.113804][ T4515] VFS: brelse: Trying to free free buffer [ 79.114840][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.116363][ T4515] Modules linked in: [ 79.117058][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 79.118487][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.120245][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.121650][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 79.122595][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 79.123490][ T4515] sp : ffff80001f8c77c0 [ 79.124225][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 79.125611][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.127025][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f7a58 [ 79.128385][ T4515] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.129813][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.131192][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.132509][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 79.133893][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.135300][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.136654][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.138076][ T4515] Call trace: [ 79.138678][ T4515] invalidate_bh_lru+0x128/0x22c [ 79.139461][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 79.140392][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.141299][ T4515] invalidate_bh_lrus+0x34/0x40 [ 79.142071][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 79.143083][ T4515] blkdev_put+0x490/0x6ac [ 79.143833][ T4515] blkdev_close+0x74/0xb0 [ 79.144606][ T4515] __fput+0x1c0/0x7e8 [ 79.145334][ T4515] ____fput+0x20/0x30 [ 79.146006][ T4515] task_work_run+0x12c/0x1d8 [ 79.146813][ T4515] do_notify_resume+0x2450/0x309c [ 79.147672][ T4515] el0_svc+0xf0/0x1d0 [ 79.148342][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 79.149157][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 79.149963][ T4515] irq event stamp: 110176 [ 79.150714][ T4515] hardirqs last enabled at (110175): [] kasan_quarantine_put+0xc4/0x200 [ 79.152437][ T4515] hardirqs last disabled at (110176): [] smp_call_function_many_cond+0xa44/0xeac [ 79.154419][ T4515] softirqs last enabled at (109902): [] local_bh_enable+0x10/0x34 [ 79.156083][ T4515] softirqs last disabled at (109900): [] local_bh_disable+0x10/0x34 [ 79.157840][ T4515] ---[ end trace 062e6fe66ca8d27e ]--- [ 79.176890][ T4960] loop0: detected capacity change from 0 to 128 [ 79.181175][ T4960] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.182753][ T4960] Bad inode number on dev loop0: 2 is out of range [ 79.183760][ T4960] SysV FS: get root inode failed [ 79.184539][ T4960] oldfs: cannot read superblock [ 79.195559][ T4515] ------------[ cut here ]------------ [ 79.196385][ T4515] VFS: brelse: Trying to free free buffer [ 79.197363][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.198661][ T4515] Modules linked in: [ 79.199354][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 79.200762][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.202462][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.203802][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 79.204775][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 79.205692][ T4515] sp : ffff80001f8c77c0 [ 79.206351][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 79.207732][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 79.209125][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f7df8 [ 79.210556][ T4515] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.211933][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.213353][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.214752][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 79.216075][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.217465][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.218876][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.220249][ T4515] Call trace: [ 79.220776][ T4515] invalidate_bh_lru+0x128/0x22c [ 79.221667][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 79.222637][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.223500][ T4515] invalidate_bh_lrus+0x34/0x40 [ 79.224305][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 79.225158][ T4515] blkdev_put+0x490/0x6ac [ 79.225940][ T4515] blkdev_close+0x74/0xb0 [ 79.226716][ T4515] __fput+0x1c0/0x7e8 [ 79.227453][ T4515] ____fput+0x20/0x30 [ 79.228120][ T4515] task_work_run+0x12c/0x1d8 [ 79.228859][ T4515] do_notify_resume+0x2450/0x309c [ 79.229684][ T4515] el0_svc+0xf0/0x1d0 [ 79.230354][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 79.231179][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 79.231940][ T4515] irq event stamp: 114570 [ 79.232642][ T4515] hardirqs last enabled at (114569): [] kasan_quarantine_put+0xc4/0x200 [ 79.234417][ T4515] hardirqs last disabled at (114570): [] smp_call_function_many_cond+0xa44/0xeac [ 79.236373][ T4515] softirqs last enabled at (114328): [] local_bh_enable+0x10/0x34 [ 79.238095][ T4515] softirqs last disabled at (114326): [] local_bh_disable+0x10/0x34 [ 79.239966][ T4515] ---[ end trace 062e6fe66ca8d27f ]--- [ 79.265956][ T4962] loop0: detected capacity change from 0 to 128 [ 79.268754][ T4962] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.269990][ T4962] Bad inode number on dev loop0: 2 is out of range [ 79.271119][ T4962] SysV FS: get root inode failed [ 79.272059][ T4962] oldfs: cannot read superblock [ 79.283391][ C0] ------------[ cut here ]------------ [ 79.284321][ C0] VFS: brelse: Trying to free free buffer [ 79.285291][ C0] WARNING: CPU: 0 PID: 4963 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.286783][ C0] Modules linked in: [ 79.287427][ C0] CPU: 0 PID: 4963 Comm: syz.0.27 Tainted: G W syzkaller #0 [ 79.288884][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.290509][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.291772][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.292652][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.293525][ C0] sp : ffff800008007de0 [ 79.294189][ C0] x29: ffff800008007de0 x28: ffff0000cde29b40 x27: 1fffe000341f225c [ 79.295531][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.296814][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fbb40 [ 79.298070][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.299600][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.300967][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.302372][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 566fbed05b97aa00 [ 79.303717][ C0] x8 : 566fbed05b97aa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.305064][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.306436][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.307813][ C0] Call trace: [ 79.308387][ C0] invalidate_bh_lru+0x128/0x22c [ 79.309231][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.310218][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.311418][ C0] ipi_handler+0x10c/0x6fc [ 79.312221][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.313179][ C0] handle_domain_irq+0x144/0x1fc [ 79.314045][ C0] gic_handle_irq+0x78/0x1b8 [ 79.314847][ C0] call_on_irq_stack+0x30/0x48 [ 79.315690][ C0] do_interrupt_handler+0x6c/0x88 [ 79.316581][ C0] el0_interrupt+0x94/0x248 [ 79.317344][ C0] __el0_irq_handler_common+0x18/0x24 [ 79.318246][ C0] el0t_64_irq_handler+0x10/0x1c [ 79.319116][ C0] el0t_64_irq+0x1a0/0x1a4 [ 79.319913][ C0] irq event stamp: 1212 [ 79.320621][ C0] hardirqs last enabled at (1211): [] el0t_64_sync_handler+0xd8/0xe4 [ 79.322168][ C0] hardirqs last disabled at (1212): [] __el0_irq_handler_common+0x18/0x24 [ 79.323848][ C0] softirqs last enabled at (1176): [] local_bh_enable+0x10/0x34 [ 79.325478][ C0] softirqs last disabled at (1174): [] local_bh_disable+0x10/0x34 [ 79.327082][ C0] ---[ end trace 062e6fe66ca8d280 ]--- [ 79.365199][ T4964] loop0: detected capacity change from 0 to 128 [ 79.404536][ T4964] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.405889][ T4964] Bad inode number on dev loop0: 2 is out of range [ 79.406957][ T4964] SysV FS: get root inode failed [ 79.407841][ T4964] oldfs: cannot read superblock [ 79.411790][ C1] ------------[ cut here ]------------ [ 79.412702][ C1] VFS: brelse: Trying to free free buffer [ 79.413669][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.415173][ C1] Modules linked in: [ 79.415772][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 79.417074][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.418740][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.420078][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.420942][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.421846][ C1] sp : ffff800008017de0 [ 79.422551][ C1] x29: ffff800008017de0 x28: ffff0000d658d1c0 x27: 1fffe000341f645b [ 79.423920][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 79.425309][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ec43c060 [ 79.426675][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.428113][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.429408][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.430732][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 672382a832d07600 [ 79.432144][ C1] x8 : 672382a832d07600 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.433544][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.434940][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.436350][ C1] Call trace: [ 79.436937][ C1] invalidate_bh_lru+0x128/0x22c [ 79.437780][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.438873][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.440097][ C1] ipi_handler+0x10c/0x6fc [ 79.440876][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.441830][ C1] handle_domain_irq+0x144/0x1fc [ 79.442694][ C1] gic_handle_irq+0x78/0x1b8 [ 79.443454][ C1] call_on_irq_stack+0x30/0x48 [ 79.444233][ C1] do_interrupt_handler+0x6c/0x88 [ 79.445145][ C1] el1_interrupt+0x30/0x58 [ 79.445885][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.446762][ C1] el1h_64_irq+0x78/0x7c [ 79.447480][ C1] lock_acquire+0x234/0x618 [ 79.448320][ C1] fs_reclaim_acquire+0x118/0x1c4 [ 79.449190][ C1] slab_pre_alloc_hook+0x38/0xe8 [ 79.450008][ C1] kmem_cache_alloc_trace+0x98/0x3ec [ 79.450943][ C1] kernfs_fop_open+0x788/0xa84 [ 79.451773][ C1] do_dentry_open+0x758/0xe9c [ 79.452587][ C1] vfs_open+0x7c/0x90 [ 79.453312][ C1] path_openat+0x1fc4/0x2718 [ 79.454110][ C1] do_filp_open+0x184/0x368 [ 79.454851][ C1] do_sys_openat2+0x134/0x3f4 [ 79.455636][ C1] __arm64_sys_openat+0x118/0x14c [ 79.456538][ C1] invoke_syscall+0x98/0x2b0 [ 79.457314][ C1] el0_svc_common+0x138/0x258 [ 79.458124][ C1] do_el0_svc+0x58/0x13c [ 79.458876][ C1] el0_svc+0x78/0x1d0 [ 79.459561][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.460413][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.461181][ C1] irq event stamp: 1136320 [ 79.461946][ C1] hardirqs last enabled at (1136319): [] _raw_spin_unlock_irq+0x98/0x128 [ 79.463701][ C1] hardirqs last disabled at (1136320): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.465441][ C1] softirqs last enabled at (1136284): [] local_bh_enable+0x10/0x34 [ 79.467176][ C1] softirqs last disabled at (1136282): [] local_bh_disable+0x10/0x34 [ 79.468879][ C1] ---[ end trace 062e6fe66ca8d281 ]--- [ 79.506373][ T4966] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.507597][ T4966] Bad inode number on dev loop0: 2 is out of range [ 79.508707][ T4966] SysV FS: get root inode failed [ 79.509530][ T4966] oldfs: cannot read superblock [ 79.518096][ C0] ------------[ cut here ]------------ [ 79.519072][ C0] VFS: brelse: Trying to free free buffer [ 79.520052][ C0] WARNING: CPU: 0 PID: 357 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.521539][ C0] Modules linked in: [ 79.522249][ C0] CPU: 0 PID: 357 Comm: kworker/u4:3 Tainted: G W syzkaller #0 [ 79.523782][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.525572][ C0] Workqueue: netns cleanup_net [ 79.526381][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.527772][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.528638][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.529509][ C0] sp : ffff800008007de0 [ 79.530179][ C0] x29: ffff800008007de0 x28: ffff0000c7bfb680 x27: 1fffe000341f225c [ 79.531510][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.532920][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fbee0 [ 79.534364][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010004 [ 79.535710][ C0] x17: 0000000000010004 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.537208][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.538634][ C0] x11: 0000000000010003 x10: 0000000000010003 x9 : 5855d2f540c0bd00 [ 79.540040][ C0] x8 : 5855d2f540c0bd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.541363][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.542751][ C0] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 79.544107][ C0] Call trace: [ 79.544698][ C0] invalidate_bh_lru+0x128/0x22c [ 79.545634][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.546651][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.547878][ C0] ipi_handler+0x10c/0x6fc [ 79.548680][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.549558][ C0] handle_domain_irq+0x144/0x1fc [ 79.550351][ C0] gic_handle_irq+0x78/0x1b8 [ 79.551085][ C0] call_on_irq_stack+0x30/0x48 [ 79.551905][ C0] do_interrupt_handler+0x6c/0x88 [ 79.552773][ C0] el1_interrupt+0x30/0x58 [ 79.553526][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.554396][ C0] el1h_64_irq+0x78/0x7c [ 79.555162][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 79.556130][ C0] debug_object_activate+0x258/0x4b4 [ 79.557059][ C0] kvfree_call_rcu+0x60/0x664 [ 79.557807][ C0] drop_sysctl_table+0x278/0x3c0 [ 79.558612][ C0] unregister_sysctl_table+0x94/0x134 [ 79.559544][ C0] unregister_net_sysctl_table+0x20/0x30 [ 79.560437][ C0] inetdev_event+0x55c/0x1270 [ 79.561255][ C0] raw_notifier_call_chain+0xd4/0x164 [ 79.562218][ C0] unregister_netdevice_many+0xe74/0x183c [ 79.563234][ C0] ip_tunnel_delete_nets+0x2d0/0x32c [ 79.564196][ C0] ipgre_exit_batch_net+0x30/0x40 [ 79.565093][ C0] cleanup_net+0x654/0xaa4 [ 79.565852][ C0] process_one_work+0x79c/0x1138 [ 79.566751][ C0] worker_thread+0x8f4/0x1034 [ 79.567518][ C0] kthread+0x374/0x454 [ 79.568315][ C0] ret_from_fork+0x10/0x20 [ 79.569095][ C0] irq event stamp: 845234 [ 79.569881][ C0] hardirqs last enabled at (845233): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 79.571687][ C0] hardirqs last disabled at (845234): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.573483][ C0] softirqs last enabled at (845230): [] igmpv3_clear_delrec+0x6c/0x69c [ 79.575286][ C0] softirqs last disabled at (845228): [] igmpv3_clear_delrec+0x3c/0x69c [ 79.576991][ C0] ---[ end trace 062e6fe66ca8d282 ]--- [ 79.620015][ T4968] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.621528][ T4968] Bad inode number on dev loop0: 2 is out of range [ 79.624226][ T4968] SysV FS: get root inode failed [ 79.625114][ T4968] oldfs: cannot read superblock [ 79.628935][ C1] ------------[ cut here ]------------ [ 79.629851][ C1] VFS: brelse: Trying to free free buffer [ 79.630870][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.632261][ C1] Modules linked in: [ 79.632849][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.634215][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.635858][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.637120][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.637979][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.638823][ C1] sp : ffff800008017de0 [ 79.639445][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 79.640699][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 79.641926][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a06888 [ 79.643193][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 79.644445][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.645782][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.647225][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 79.648616][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.650049][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.651468][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.652821][ C1] Call trace: [ 79.653377][ C1] invalidate_bh_lru+0x128/0x22c [ 79.654241][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.655242][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.656365][ C1] ipi_handler+0x10c/0x6fc [ 79.657101][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.658020][ C1] handle_domain_irq+0x144/0x1fc [ 79.658829][ C1] gic_handle_irq+0x78/0x1b8 [ 79.659633][ C1] call_on_irq_stack+0x30/0x48 [ 79.660410][ C1] do_interrupt_handler+0x6c/0x88 [ 79.661211][ C1] el1_interrupt+0x30/0x58 [ 79.661905][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.662720][ C1] el1h_64_irq+0x78/0x7c [ 79.663356][ C1] lock_acquire+0x234/0x618 [ 79.664128][ C1] _raw_spin_lock+0xb0/0x10c [ 79.664881][ C1] lockref_put_or_lock+0x30/0xd0 [ 79.665695][ C1] dput+0x20c/0x458 [ 79.666320][ C1] dcache_dir_close+0x40/0x54 [ 79.667102][ C1] __fput+0x1c0/0x7e8 [ 79.667845][ C1] ____fput+0x20/0x30 [ 79.668549][ C1] task_work_run+0x12c/0x1d8 [ 79.669395][ C1] do_notify_resume+0x2450/0x309c [ 79.670290][ C1] el0_svc+0xf0/0x1d0 [ 79.670960][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.671877][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.672678][ C1] irq event stamp: 209242 [ 79.673429][ C1] hardirqs last enabled at (209241): [] call_rcu+0x570/0x8f4 [ 79.675084][ C1] hardirqs last disabled at (209242): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.676831][ C1] softirqs last enabled at (209126): [] local_bh_enable+0x10/0x34 [ 79.678464][ C1] softirqs last disabled at (209124): [] local_bh_disable+0x10/0x34 [ 79.680036][ C1] ---[ end trace 062e6fe66ca8d283 ]--- [ 79.739177][ T4970] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.740429][ T4970] Bad inode number on dev loop0: 2 is out of range [ 79.741477][ T4970] SysV FS: get root inode failed [ 79.743387][ T4970] oldfs: cannot read superblock [ 79.753301][ T4515] ------------[ cut here ]------------ [ 79.754265][ T4515] VFS: brelse: Trying to free free buffer [ 79.755326][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.756831][ T4515] Modules linked in: [ 79.757459][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 79.758884][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.760691][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.762035][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 79.762887][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 79.763849][ T4515] sp : ffff80001f8c77c0 [ 79.764556][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 79.765891][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.767302][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fb318 [ 79.768633][ T4515] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.769951][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.771366][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.772803][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 79.774210][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.775611][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.777063][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.778440][ T4515] Call trace: [ 79.778965][ T4515] invalidate_bh_lru+0x128/0x22c [ 79.779775][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 79.780877][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.781643][ T4515] invalidate_bh_lrus+0x34/0x40 [ 79.782500][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 79.783374][ T4515] blkdev_put+0x490/0x6ac [ 79.784159][ T4515] blkdev_close+0x74/0xb0 [ 79.784915][ T4515] __fput+0x1c0/0x7e8 [ 79.785602][ T4515] ____fput+0x20/0x30 [ 79.786208][ T4515] task_work_run+0x12c/0x1d8 [ 79.786958][ T4515] do_notify_resume+0x2450/0x309c [ 79.787801][ T4515] el0_svc+0xf0/0x1d0 [ 79.788452][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 79.789333][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 79.790072][ T4515] irq event stamp: 152484 [ 79.790770][ T4515] hardirqs last enabled at (152483): [] kasan_quarantine_put+0xc4/0x200 [ 79.792454][ T4515] hardirqs last disabled at (152484): [] smp_call_function_many_cond+0xa44/0xeac [ 79.794161][ T4515] softirqs last enabled at (152252): [] local_bh_enable+0x10/0x34 [ 79.795759][ T4515] softirqs last disabled at (152250): [] local_bh_disable+0x10/0x34 [ 79.797382][ T4515] ---[ end trace 062e6fe66ca8d284 ]--- [ 79.830620][ T4972] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.831871][ T4972] Bad inode number on dev loop0: 2 is out of range [ 79.833479][ T4972] SysV FS: get root inode failed [ 79.834270][ T4972] oldfs: cannot read superblock [ 79.845728][ T4515] ------------[ cut here ]------------ [ 79.846717][ T4515] VFS: brelse: Trying to free free buffer [ 79.847747][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.849355][ T4515] Modules linked in: [ 79.850001][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 79.851556][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.853335][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.854632][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 79.855523][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 79.856394][ T4515] sp : ffff80001f8c77c0 [ 79.857065][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 79.858421][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 79.859802][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de970148 [ 79.861191][ T4515] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.862678][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.864048][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.865416][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 79.866773][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.868091][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.869490][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.870903][ T4515] Call trace: [ 79.871458][ T4515] invalidate_bh_lru+0x128/0x22c [ 79.872340][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 79.873340][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.874148][ T4515] invalidate_bh_lrus+0x34/0x40 [ 79.874960][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 79.875870][ T4515] blkdev_put+0x490/0x6ac [ 79.876661][ T4515] blkdev_close+0x74/0xb0 [ 79.877359][ T4515] __fput+0x1c0/0x7e8 [ 79.878032][ T4515] ____fput+0x20/0x30 [ 79.878738][ T4515] task_work_run+0x12c/0x1d8 [ 79.879553][ T4515] do_notify_resume+0x2450/0x309c [ 79.880354][ T4515] el0_svc+0xf0/0x1d0 [ 79.881077][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 79.881927][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 79.882674][ T4515] irq event stamp: 159742 [ 79.883340][ T4515] hardirqs last enabled at (159741): [] kasan_quarantine_put+0xc4/0x200 [ 79.885079][ T4515] hardirqs last disabled at (159742): [] smp_call_function_many_cond+0xa44/0xeac [ 79.886915][ T4515] softirqs last enabled at (159480): [] local_bh_enable+0x10/0x34 [ 79.888552][ T4515] softirqs last disabled at (159478): [] local_bh_disable+0x10/0x34 [ 79.890174][ T4515] ---[ end trace 062e6fe66ca8d285 ]--- [ 79.950827][ T4974] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.952146][ T4974] Bad inode number on dev loop0: 2 is out of range [ 79.953618][ T4974] SysV FS: get root inode failed [ 79.954397][ T4974] oldfs: cannot read superblock [ 79.960237][ C1] ------------[ cut here ]------------ [ 79.961074][ C1] VFS: brelse: Trying to free free buffer [ 79.961951][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.963427][ C1] Modules linked in: [ 79.964112][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.965607][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.967196][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.968513][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.969451][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.970269][ C1] sp : ffff800008017de0 [ 79.971006][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 79.972476][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 79.973873][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a06ee0 [ 79.975239][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.976642][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.978010][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.979364][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 79.980828][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.982225][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.983496][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.984933][ C1] Call trace: [ 79.985508][ C1] invalidate_bh_lru+0x128/0x22c [ 79.986395][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.987397][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.988562][ C1] ipi_handler+0x10c/0x6fc [ 79.989304][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.990243][ C1] handle_domain_irq+0x144/0x1fc [ 79.991110][ C1] gic_handle_irq+0x78/0x1b8 [ 79.991874][ C1] call_on_irq_stack+0x30/0x48 [ 79.992649][ C1] do_interrupt_handler+0x6c/0x88 [ 79.993545][ C1] el1_interrupt+0x30/0x58 [ 79.994309][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.995168][ C1] el1h_64_irq+0x78/0x7c [ 79.995872][ C1] try_charge_memcg+0x1080/0x11a0 [ 79.996717][ C1] obj_cgroup_charge_pages+0x90/0x1a4 [ 79.997637][ C1] obj_cgroup_charge+0x188/0x2c8 [ 79.998434][ C1] slab_pre_alloc_hook+0xc8/0xe8 [ 79.999341][ C1] kmem_cache_alloc+0x94/0x3d4 [ 80.000111][ C1] sock_alloc_inode+0x24/0xc4 [ 80.000848][ C1] new_inode_pseudo+0x68/0x1fc [ 80.001638][ C1] __sock_create+0x140/0x8b4 [ 80.002339][ C1] __sys_socket+0xf0/0x18c [ 80.003022][ C1] __arm64_sys_socket+0x7c/0x94 [ 80.003874][ C1] invoke_syscall+0x98/0x2b0 [ 80.004635][ C1] el0_svc_common+0x138/0x258 [ 80.005403][ C1] do_el0_svc+0x58/0x13c [ 80.006121][ C1] el0_svc+0x78/0x1d0 [ 80.006807][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.007641][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.008346][ C1] irq event stamp: 219402 [ 80.009057][ C1] hardirqs last enabled at (219401): [] try_charge_memcg+0x1d4/0x11a0 [ 80.010767][ C1] hardirqs last disabled at (219402): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.012440][ C1] softirqs last enabled at (219356): [] release_sock+0x1d0/0x258 [ 80.014010][ C1] softirqs last disabled at (219354): [] release_sock+0x34/0x258 [ 80.015551][ C1] ---[ end trace 062e6fe66ca8d286 ]--- [ 80.048265][ T4976] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.049569][ T4976] Bad inode number on dev loop0: 2 is out of range [ 80.050676][ T4976] SysV FS: get root inode failed [ 80.051497][ T4976] oldfs: cannot read superblock [ 80.058609][ T4515] ------------[ cut here ]------------ [ 80.059567][ T4515] VFS: brelse: Trying to free free buffer [ 80.060553][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.061952][ T4515] Modules linked in: [ 80.062580][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 80.064020][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.065761][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.067069][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 80.067944][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 80.068851][ T4515] sp : ffff80001f8c77c0 [ 80.069617][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 80.070982][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.072469][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a06060 [ 80.073885][ T4515] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.075280][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.076740][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.078231][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 80.079464][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.080738][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.082148][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.083544][ T4515] Call trace: [ 80.084104][ T4515] invalidate_bh_lru+0x128/0x22c [ 80.084961][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 80.085970][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.086856][ T4515] invalidate_bh_lrus+0x34/0x40 [ 80.087764][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 80.088737][ T4515] blkdev_put+0x490/0x6ac [ 80.089478][ T4515] blkdev_close+0x74/0xb0 [ 80.090206][ T4515] __fput+0x1c0/0x7e8 [ 80.090885][ T4515] ____fput+0x20/0x30 [ 80.091622][ T4515] task_work_run+0x12c/0x1d8 [ 80.092421][ T4515] do_notify_resume+0x2450/0x309c [ 80.093282][ T4515] el0_svc+0xf0/0x1d0 [ 80.093928][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 80.094694][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 80.095395][ T4515] irq event stamp: 167174 [ 80.096104][ T4515] hardirqs last enabled at (167173): [] kasan_quarantine_put+0xc4/0x200 [ 80.097891][ T4515] hardirqs last disabled at (167174): [] smp_call_function_many_cond+0xa44/0xeac [ 80.099772][ T4515] softirqs last enabled at (166908): [] local_bh_enable+0x10/0x34 [ 80.101310][ T4515] softirqs last disabled at (166906): [] local_bh_disable+0x10/0x34 [ 80.102789][ T4515] ---[ end trace 062e6fe66ca8d287 ]--- [ 80.140554][ T4978] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.141864][ T4978] Bad inode number on dev loop0: 2 is out of range [ 80.143308][ T4978] SysV FS: get root inode failed [ 80.144100][ T4978] oldfs: cannot read superblock [ 80.167566][ C0] ------------[ cut here ]------------ [ 80.168587][ C0] VFS: brelse: Trying to free free buffer [ 80.169569][ C0] WARNING: CPU: 0 PID: 4981 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.170982][ C0] Modules linked in: [ 80.171605][ C0] CPU: 0 PID: 4981 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.173180][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.174989][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.176337][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 80.177304][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 80.178244][ C0] sp : ffff800008007de0 [ 80.178942][ C0] x29: ffff800008007de0 x28: ffff0000ccd9b680 x27: 1fffe000341f225c [ 80.180304][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 80.181730][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de9704e8 [ 80.183136][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 80.184470][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.185894][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.187362][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 32923fbbc6e71000 [ 80.188758][ C0] x8 : 32923fbbc6e71000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.190213][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.191526][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.192963][ C0] Call trace: [ 80.193541][ C0] invalidate_bh_lru+0x128/0x22c [ 80.194425][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.195455][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.196642][ C0] ipi_handler+0x10c/0x6fc [ 80.197342][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 80.198363][ C0] handle_domain_irq+0x144/0x1fc [ 80.199236][ C0] gic_handle_irq+0x78/0x1b8 [ 80.199999][ C0] call_on_irq_stack+0x30/0x48 [ 80.200770][ C0] do_interrupt_handler+0x6c/0x88 [ 80.201590][ C0] el1_interrupt+0x30/0x58 [ 80.202299][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.203155][ C0] el1h_64_irq+0x78/0x7c [ 80.203847][ C0] lock_acquire+0x234/0x618 [ 80.204564][ C0] _raw_spin_lock+0xb0/0x10c [ 80.205327][ C0] find_lock_task_mm+0x104/0x238 [ 80.206109][ C0] __set_oom_adj+0x1ac/0xb50 [ 80.206860][ C0] oom_score_adj_write+0x23c/0x2f4 [ 80.207685][ C0] vfs_write+0x284/0xa60 [ 80.208424][ C0] ksys_write+0x12c/0x224 [ 80.209141][ C0] __arm64_sys_write+0x7c/0x90 [ 80.209923][ C0] invoke_syscall+0x98/0x2b0 [ 80.210679][ C0] el0_svc_common+0x138/0x258 [ 80.211477][ C0] do_el0_svc+0x58/0x13c [ 80.212168][ C0] el0_svc+0x78/0x1d0 [ 80.212807][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.213672][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.214455][ C0] irq event stamp: 922 [ 80.215166][ C0] hardirqs last enabled at (921): [] el0_svc_common+0x9c/0x258 [ 80.216666][ C0] hardirqs last disabled at (922): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.218251][ C0] softirqs last enabled at (846): [] local_bh_enable+0x10/0x34 [ 80.219872][ C0] softirqs last disabled at (844): [] local_bh_disable+0x10/0x34 [ 80.221458][ C0] ---[ end trace 062e6fe66ca8d288 ]--- [ 80.259002][ T4982] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.260243][ T4982] Bad inode number on dev loop0: 2 is out of range [ 80.261462][ T357] device hsr_slave_0 left promiscuous mode [ 80.261474][ T4982] SysV FS: get root inode failed [ 80.264030][ T4982] oldfs: cannot read superblock [ 80.273904][ C1] ------------[ cut here ]------------ [ 80.274857][ C1] VFS: brelse: Trying to free free buffer [ 80.275855][ C1] WARNING: CPU: 1 PID: 136 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.277286][ C1] Modules linked in: [ 80.277935][ C1] CPU: 1 PID: 136 Comm: kworker/u4:1 Tainted: G W syzkaller #0 [ 80.279317][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.280984][ C1] Workqueue: bat_events batadv_nc_worker [ 80.281929][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.283311][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.284188][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.285074][ C1] sp : ffff800008017de0 [ 80.285798][ C1] x29: ffff800008017de0 x28: ffff0000c2690000 x27: 1fffe000341f645b [ 80.287174][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.288566][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a7318 [ 80.290029][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.291426][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.292790][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.294279][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7b627a41b79b8200 [ 80.295778][ C1] x8 : 7b627a41b79b8200 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.297232][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.298630][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.300035][ C1] Call trace: [ 80.300608][ C1] invalidate_bh_lru+0x128/0x22c [ 80.301445][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.302480][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.303653][ C1] ipi_handler+0x10c/0x6fc [ 80.304423][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.305384][ C1] handle_domain_irq+0x144/0x1fc [ 80.306264][ C1] gic_handle_irq+0x78/0x1b8 [ 80.307003][ C1] call_on_irq_stack+0x30/0x48 [ 80.307791][ C1] do_interrupt_handler+0x6c/0x88 [ 80.308673][ C1] el1_interrupt+0x30/0x58 [ 80.309422][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.310300][ C1] el1h_64_irq+0x78/0x7c [ 80.311012][ C1] lock_release+0x4a0/0x8e0 [ 80.311806][ C1] rcu_lock_release+0x2c/0x38 [ 80.312578][ C1] batadv_nc_worker+0x24c/0x554 [ 80.313434][ C1] process_one_work+0x79c/0x1138 [ 80.314227][ C1] worker_thread+0x8f4/0x1034 [ 80.315030][ C1] kthread+0x374/0x454 [ 80.315764][ C1] ret_from_fork+0x10/0x20 [ 80.316493][ C1] irq event stamp: 2830938 [ 80.317257][ C1] hardirqs last enabled at (2830937): [] _raw_spin_unlock_irq+0x98/0x128 [ 80.318987][ C1] hardirqs last disabled at (2830938): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.320764][ C1] softirqs last enabled at (2830922): [] batadv_forw_packet_steal+0x11c/0x13c [ 80.322550][ C1] softirqs last disabled at (2830920): [] batadv_forw_packet_steal+0x38/0x13c [ 80.324431][ C1] ---[ end trace 062e6fe66ca8d289 ]--- [ 80.382618][ T357] device hsr_slave_1 left promiscuous mode [ 80.463248][ T4984] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.464458][ T4984] Bad inode number on dev loop0: 2 is out of range [ 80.465681][ T4984] SysV FS: get root inode failed [ 80.466500][ T4984] oldfs: cannot read superblock [ 80.475790][ C1] ------------[ cut here ]------------ [ 80.476726][ C1] VFS: brelse: Trying to free free buffer [ 80.477718][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.479215][ C1] Modules linked in: [ 80.479854][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.481407][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.483095][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.484522][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.485451][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.486382][ C1] sp : ffff800008017de0 [ 80.487073][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 80.488494][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.489825][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a76b8 [ 80.491125][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.492418][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.493869][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.495262][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 80.496686][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.498038][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.499386][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.500728][ C1] Call trace: [ 80.501229][ C1] invalidate_bh_lru+0x128/0x22c [ 80.502062][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.503046][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.504200][ C1] ipi_handler+0x10c/0x6fc [ 80.504905][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.505826][ C1] handle_domain_irq+0x144/0x1fc [ 80.506570][ C1] gic_handle_irq+0x78/0x1b8 [ 80.507350][ C1] call_on_irq_stack+0x30/0x48 [ 80.508105][ C1] do_interrupt_handler+0x6c/0x88 [ 80.508996][ C1] el1_interrupt+0x30/0x58 [ 80.509761][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.510562][ C1] el1h_64_irq+0x78/0x7c [ 80.511279][ C1] __sanitizer_cov_trace_cmp1+0x78/0xc4 [ 80.512254][ C1] tomoyo_path_permission+0x164/0x310 [ 80.513167][ C1] tomoyo_path_perm+0x35c/0x49c [ 80.514019][ C1] tomoyo_path_unlink+0xa8/0xf4 [ 80.514799][ C1] security_path_unlink+0xe4/0x134 [ 80.515669][ C1] do_unlinkat+0x28c/0x618 [ 80.516418][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 80.517288][ C1] invoke_syscall+0x98/0x2b0 [ 80.518085][ C1] el0_svc_common+0x138/0x258 [ 80.518904][ C1] do_el0_svc+0x58/0x13c [ 80.519676][ C1] el0_svc+0x78/0x1d0 [ 80.520353][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.521209][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.521956][ C1] irq event stamp: 233792 [ 80.522666][ C1] hardirqs last enabled at (233791): [] kasan_quarantine_put+0xc4/0x200 [ 80.524405][ C1] hardirqs last disabled at (233792): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.526143][ C1] softirqs last enabled at (233718): [] local_bh_enable+0x10/0x34 [ 80.527809][ C1] softirqs last disabled at (233716): [] local_bh_disable+0x10/0x34 [ 80.529527][ C1] ---[ end trace 062e6fe66ca8d28a ]--- [ 80.531827][ T357] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 80.533082][ T357] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 80.535194][ T357] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 80.536400][ T357] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 80.538109][ T357] device bridge_slave_1 left promiscuous mode [ 80.539228][ T357] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.573469][ T357] device bridge_slave_0 left promiscuous mode [ 80.574547][ T357] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.582016][ T4986] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.585060][ T4986] Bad inode number on dev loop0: 2 is out of range [ 80.586197][ T4986] SysV FS: get root inode failed [ 80.586997][ T4986] oldfs: cannot read superblock [ 80.598666][ C0] ------------[ cut here ]------------ [ 80.599649][ C0] VFS: brelse: Trying to free free buffer [ 80.600692][ C0] WARNING: CPU: 0 PID: 4988 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.602194][ C0] Modules linked in: [ 80.602852][ C0] CPU: 0 PID: 4988 Comm: syz.0.39 Tainted: G W syzkaller #0 [ 80.604391][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.606078][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.607475][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 80.608328][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 80.609286][ C0] sp : ffff800008007de0 [ 80.609977][ C0] x29: ffff800008007de0 x28: ffff0000d36351c0 x27: 1fffe000341f225b [ 80.611333][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 80.612742][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de970888 [ 80.614067][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.615412][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.616819][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.618226][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 9006259533e6fe00 [ 80.619525][ C0] x8 : 9006259533e6fe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.620898][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.622242][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.623614][ C0] Call trace: [ 80.624175][ C0] invalidate_bh_lru+0x128/0x22c [ 80.625045][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.626085][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.627322][ C0] ipi_handler+0x10c/0x6fc [ 80.628058][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 80.628991][ C0] handle_domain_irq+0x144/0x1fc [ 80.629802][ C0] gic_handle_irq+0x78/0x1b8 [ 80.630591][ C0] call_on_irq_stack+0x30/0x48 [ 80.631355][ C0] do_interrupt_handler+0x6c/0x88 [ 80.632222][ C0] el1_interrupt+0x30/0x58 [ 80.633038][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.633895][ C0] el1h_64_irq+0x78/0x7c [ 80.634600][ C0] bad_range+0x128/0x2a0 [ 80.635366][ C0] get_page_from_freelist+0x2910/0x2a68 [ 80.636290][ C0] __alloc_pages+0x1a0/0x470 [ 80.637047][ C0] alloc_pages_vma+0x284/0x790 [ 80.637856][ C0] shmem_alloc_and_acct_page+0x3e0/0xb48 [ 80.638840][ C0] shmem_getpage_gfp+0x1038/0x1f10 [ 80.639628][ C0] shmem_write_begin+0xe0/0x29c [ 80.640398][ C0] generic_perform_write+0x208/0x488 [ 80.641322][ C0] __generic_file_write_iter+0x23c/0x454 [ 80.642305][ C0] generic_file_write_iter+0xb0/0x1b4 [ 80.643289][ C0] vfs_write+0x590/0xa60 [ 80.644003][ C0] ksys_write+0x12c/0x224 [ 80.644826][ C0] __arm64_sys_write+0x7c/0x90 [ 80.645623][ C0] invoke_syscall+0x98/0x2b0 [ 80.646464][ C0] el0_svc_common+0x138/0x258 [ 80.647284][ C0] do_el0_svc+0x58/0x13c [ 80.648016][ C0] el0_svc+0x78/0x1d0 [ 80.648710][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.649611][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.650460][ C0] irq event stamp: 472 [ 80.651172][ C0] hardirqs last enabled at (471): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 80.653081][ C0] hardirqs last disabled at (472): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.654812][ C0] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 80.656416][ C0] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 80.657995][ C0] ---[ end trace 062e6fe66ca8d28b ]--- [ 80.742578][ T357] device veth1_macvtap left promiscuous mode [ 80.743658][ T357] device veth0_macvtap left promiscuous mode [ 80.744695][ T357] device veth1_vlan left promiscuous mode [ 80.745684][ T357] device veth0_vlan left promiscuous mode [ 80.755169][ T4988] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.756479][ T4988] Bad inode number on dev loop0: 2 is out of range [ 80.757579][ T4988] SysV FS: get root inode failed [ 80.758385][ T4988] oldfs: cannot read superblock [ 80.761530][ C1] ------------[ cut here ]------------ [ 80.762492][ C1] VFS: brelse: Trying to free free buffer [ 80.763570][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.765097][ C1] Modules linked in: [ 80.765751][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.767337][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.768951][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.770269][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.771129][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.772053][ C1] sp : ffff800008017de0 [ 80.772699][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 80.774047][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.775213][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a7a58 [ 80.776595][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.778060][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.779448][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.780868][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 80.782223][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.783738][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.785224][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.786631][ C1] Call trace: [ 80.787204][ C1] invalidate_bh_lru+0x128/0x22c [ 80.788035][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.789064][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.790231][ C1] ipi_handler+0x10c/0x6fc [ 80.790969][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.791895][ C1] handle_domain_irq+0x144/0x1fc [ 80.792759][ C1] gic_handle_irq+0x78/0x1b8 [ 80.793555][ C1] call_on_irq_stack+0x30/0x48 [ 80.794373][ C1] do_interrupt_handler+0x6c/0x88 [ 80.795274][ C1] el1_interrupt+0x30/0x58 [ 80.795997][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.796868][ C1] el1h_64_irq+0x78/0x7c [ 80.797582][ C1] call_rcu+0x580/0x8f4 [ 80.798223][ C1] evict+0x760/0x828 [ 80.798900][ C1] iput+0x6ac/0x764 [ 80.799522][ C1] dentry_unlink_inode+0x360/0x438 [ 80.800363][ C1] __dentry_kill+0x320/0x598 [ 80.801209][ C1] shrink_dentry_list+0x400/0x7b8 [ 80.802172][ C1] shrink_dcache_parent+0xb4/0x364 [ 80.803070][ C1] d_invalidate+0x10c/0x24c [ 80.803805][ C1] proc_invalidate_siblings_dcache+0x3c0/0x664 [ 80.804945][ C1] proc_flush_pid+0x24/0x34 [ 80.805709][ C1] release_task+0x14a0/0x1688 [ 80.806455][ C1] wait_consider_task+0x1538/0x27dc [ 80.807336][ C1] do_wait+0x2f8/0xa94 [ 80.807998][ C1] kernel_wait4+0x1f8/0x340 [ 80.808773][ C1] __arm64_sys_wait4+0x138/0x2fc [ 80.809614][ C1] invoke_syscall+0x98/0x2b0 [ 80.810421][ C1] el0_svc_common+0x138/0x258 [ 80.811299][ C1] do_el0_svc+0x58/0x13c [ 80.812102][ C1] el0_svc+0x78/0x1d0 [ 80.812806][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.813624][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.814377][ C1] irq event stamp: 239836 [ 80.815037][ C1] hardirqs last enabled at (239835): [] call_rcu+0x570/0x8f4 [ 80.816525][ C1] hardirqs last disabled at (239836): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.818330][ C1] softirqs last enabled at (239794): [] local_bh_enable+0x10/0x34 [ 80.819945][ C1] softirqs last disabled at (239792): [] local_bh_disable+0x10/0x34 [ 80.821506][ C1] ---[ end trace 062e6fe66ca8d28c ]--- [ 80.912513][ T1539] Bluetooth: hci0: command 0x0419 tx timeout [ 80.926573][ T4990] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.927772][ T4990] Bad inode number on dev loop0: 2 is out of range [ 80.928839][ T4990] SysV FS: get root inode failed [ 80.932995][ T4990] oldfs: cannot read superblock [ 80.941516][ T4515] ------------[ cut here ]------------ [ 80.942471][ T4515] VFS: brelse: Trying to free free buffer [ 80.943491][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.944964][ T4515] Modules linked in: [ 80.945666][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 80.947027][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.948693][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.950030][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 80.950986][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 80.951971][ T4515] sp : ffff80001f8c77c0 [ 80.952726][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 80.954132][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.955454][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a7df8 [ 80.956838][ T4515] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.958252][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.959723][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.960958][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 80.962347][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.963825][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.965197][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.966650][ T4515] Call trace: [ 80.967203][ T4515] invalidate_bh_lru+0x128/0x22c [ 80.968018][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 80.969066][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.969931][ T4515] invalidate_bh_lrus+0x34/0x40 [ 80.970737][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 80.971644][ T4515] blkdev_put+0x490/0x6ac [ 80.972418][ T4515] blkdev_close+0x74/0xb0 [ 80.973142][ T4515] __fput+0x1c0/0x7e8 [ 80.973830][ T4515] ____fput+0x20/0x30 [ 80.974504][ T4515] task_work_run+0x12c/0x1d8 [ 80.975292][ T4515] do_notify_resume+0x2450/0x309c [ 80.976178][ T4515] el0_svc+0xf0/0x1d0 [ 80.976883][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 80.977767][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 80.978558][ T4515] irq event stamp: 207328 [ 80.979374][ T4515] hardirqs last enabled at (207327): [] kasan_quarantine_put+0xc4/0x200 [ 80.981083][ T4515] hardirqs last disabled at (207328): [] smp_call_function_many_cond+0xa44/0xeac [ 80.982869][ T4515] softirqs last enabled at (207060): [] local_bh_enable+0x10/0x34 [ 80.984467][ T4515] softirqs last disabled at (207058): [] local_bh_disable+0x10/0x34 [ 80.986011][ T4515] ---[ end trace 062e6fe66ca8d28d ]--- [ 80.990435][ T357] team0 (unregistering): Port device team_slave_1 removed [ 80.997349][ T357] team0 (unregistering): Port device team_slave_0 removed [ 81.001832][ T357] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 81.010222][ T4992] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.011400][ T4992] Bad inode number on dev loop0: 2 is out of range [ 81.014339][ T4992] SysV FS: get root inode failed [ 81.015180][ T4992] oldfs: cannot read superblock [ 81.020087][ T4515] ------------[ cut here ]------------ [ 81.021011][ T4515] VFS: brelse: Trying to free free buffer [ 81.021961][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.023466][ T4515] Modules linked in: [ 81.024121][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 81.025599][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.027379][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.028647][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 81.029562][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 81.030459][ T4515] sp : ffff80001f8c77c0 [ 81.031186][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 81.032647][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 81.034034][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a3230 [ 81.035419][ T4515] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.036772][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.038195][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.039579][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 81.040982][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.042367][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.043703][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.045089][ T4515] Call trace: [ 81.045671][ T4515] invalidate_bh_lru+0x128/0x22c [ 81.046491][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 81.047481][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.048356][ T4515] invalidate_bh_lrus+0x34/0x40 [ 81.049098][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 81.049989][ T4515] blkdev_put+0x490/0x6ac [ 81.050789][ T4515] blkdev_close+0x74/0xb0 [ 81.051580][ T4515] __fput+0x1c0/0x7e8 [ 81.052238][ T4515] ____fput+0x20/0x30 [ 81.052884][ T4515] task_work_run+0x12c/0x1d8 [ 81.053689][ T4515] do_notify_resume+0x2450/0x309c [ 81.054614][ T4515] el0_svc+0xf0/0x1d0 [ 81.055318][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 81.056158][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 81.056902][ T4515] irq event stamp: 212052 [ 81.057639][ T4515] hardirqs last enabled at (212051): [] kasan_quarantine_put+0xc4/0x200 [ 81.059418][ T4515] hardirqs last disabled at (212052): [] smp_call_function_many_cond+0xa44/0xeac [ 81.061235][ T4515] softirqs last enabled at (211082): [] local_bh_enable+0x10/0x34 [ 81.062929][ T4515] softirqs last disabled at (211080): [] local_bh_disable+0x10/0x34 [ 81.064576][ T4515] ---[ end trace 062e6fe66ca8d28e ]--- [ 81.087612][ T357] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 81.096099][ T4994] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.097381][ T4994] Bad inode number on dev loop0: 2 is out of range [ 81.098452][ T4994] SysV FS: get root inode failed [ 81.099315][ T4994] oldfs: cannot read superblock [ 81.109616][ C1] ------------[ cut here ]------------ [ 81.110582][ C1] VFS: brelse: Trying to free free buffer [ 81.111544][ C1] WARNING: CPU: 1 PID: 4996 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.113040][ C1] Modules linked in: [ 81.113710][ C1] CPU: 1 PID: 4996 Comm: syz.0.43 Tainted: G W syzkaller #0 [ 81.115270][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.116998][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.118331][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.119200][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.120175][ C1] sp : ffff800008017de0 [ 81.120884][ C1] x29: ffff800008017de0 x28: ffff0000cc963680 x27: 1fffe000341f645c [ 81.122407][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.123793][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a35d0 [ 81.125210][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.126538][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.127909][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.129255][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : e572e26934069900 [ 81.130663][ C1] x8 : e572e26934069900 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.132003][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.133340][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.134732][ C1] Call trace: [ 81.135301][ C1] invalidate_bh_lru+0x128/0x22c [ 81.136123][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.137139][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.138243][ C1] ipi_handler+0x10c/0x6fc [ 81.138998][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.139953][ C1] handle_domain_irq+0x144/0x1fc [ 81.140770][ C1] gic_handle_irq+0x78/0x1b8 [ 81.141627][ C1] call_on_irq_stack+0x30/0x48 [ 81.142495][ C1] do_interrupt_handler+0x6c/0x88 [ 81.143361][ C1] el0_interrupt+0x94/0x248 [ 81.144084][ C1] __el0_irq_handler_common+0x18/0x24 [ 81.144977][ C1] el0t_64_irq_handler+0x10/0x1c [ 81.145836][ C1] el0t_64_irq+0x1a0/0x1a4 [ 81.146594][ C1] irq event stamp: 284 [ 81.147302][ C1] hardirqs last enabled at (283): [] el0t_64_sync_handler+0xd8/0xe4 [ 81.148925][ C1] hardirqs last disabled at (284): [] __el0_irq_handler_common+0x18/0x24 [ 81.150485][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 81.152025][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 81.153487][ C1] ---[ end trace 062e6fe66ca8d28f ]--- [ 81.208222][ T4996] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.209581][ T4996] Bad inode number on dev loop0: 2 is out of range [ 81.210673][ T4996] SysV FS: get root inode failed [ 81.211452][ T4996] oldfs: cannot read superblock [ 81.226503][ T4515] ------------[ cut here ]------------ [ 81.227461][ T4515] VFS: brelse: Trying to free free buffer [ 81.228459][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.229920][ T4515] Modules linked in: [ 81.230584][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 81.232039][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.233733][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.235070][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 81.236020][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 81.236909][ T4515] sp : ffff80001f8c77c0 [ 81.237570][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 81.238971][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.240393][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a3970 [ 81.241713][ T4515] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.243045][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.244462][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.245846][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 81.247258][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.248599][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.249958][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.251294][ T4515] Call trace: [ 81.251832][ T4515] invalidate_bh_lru+0x128/0x22c [ 81.252688][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 81.253737][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.254575][ T4515] invalidate_bh_lrus+0x34/0x40 [ 81.255312][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 81.256182][ T4515] blkdev_put+0x490/0x6ac [ 81.256962][ T4515] blkdev_close+0x74/0xb0 [ 81.257706][ T4515] __fput+0x1c0/0x7e8 [ 81.258398][ T4515] ____fput+0x20/0x30 [ 81.259050][ T4515] task_work_run+0x12c/0x1d8 [ 81.259799][ T4515] do_notify_resume+0x2450/0x309c [ 81.260642][ T4515] el0_svc+0xf0/0x1d0 [ 81.261325][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 81.262239][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 81.262966][ T4515] irq event stamp: 223172 [ 81.263752][ T4515] hardirqs last enabled at (223171): [] kasan_quarantine_put+0xc4/0x200 [ 81.265506][ T4515] hardirqs last disabled at (223172): [] smp_call_function_many_cond+0xa44/0xeac [ 81.267379][ T4515] softirqs last enabled at (222910): [] local_bh_enable+0x10/0x34 [ 81.269090][ T4515] softirqs last disabled at (222908): [] local_bh_disable+0x10/0x34 [ 81.280788][ T4515] ---[ end trace 062e6fe66ca8d290 ]--- [ 81.326902][ T357] bond0 (unregistering): Released all slaves [ 81.375632][ T5000] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.377017][ T5000] Bad inode number on dev loop0: 2 is out of range [ 81.378102][ T5000] SysV FS: get root inode failed [ 81.378883][ T5000] oldfs: cannot read superblock [ 81.382492][ C1] ------------[ cut here ]------------ [ 81.383376][ C1] VFS: brelse: Trying to free free buffer [ 81.384357][ C1] WARNING: CPU: 1 PID: 3649 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.385836][ C1] Modules linked in: [ 81.386533][ C1] CPU: 1 PID: 3649 Comm: klogd Tainted: G W syzkaller #0 [ 81.388106][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.389777][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.391072][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.392006][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.392944][ C1] sp : ffff800008017de0 [ 81.393663][ C1] x29: ffff800008017de0 x28: ffff0000d5fc51c0 x27: 1fffe000341f645c [ 81.395048][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.396454][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a3d10 [ 81.397891][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.399286][ C1] x17: 0000000000010002 x16: ffff800008304af8 x15: 00000000ffffffff [ 81.400657][ C1] x14: 0000000000000001 x13: 1ffff00001002edc x12: 0000000000ff0100 [ 81.401943][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c5fd0b2ed6e8c200 [ 81.403332][ C1] x8 : c5fd0b2ed6e8c200 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.404620][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008304c08 [ 81.406021][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.407414][ C1] Call trace: [ 81.407990][ C1] invalidate_bh_lru+0x128/0x22c [ 81.408791][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.409824][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.411024][ C1] ipi_handler+0x10c/0x6fc [ 81.411771][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.412690][ C1] handle_domain_irq+0x144/0x1fc [ 81.413522][ C1] gic_handle_irq+0x78/0x1b8 [ 81.414296][ C1] call_on_irq_stack+0x30/0x48 [ 81.415109][ C1] do_interrupt_handler+0x6c/0x88 [ 81.415947][ C1] el1_interrupt+0x30/0x58 [ 81.416646][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.417423][ C1] el1h_64_irq+0x78/0x7c [ 81.418099][ C1] __sys_sendto+0x0/0x420 [ 81.418759][ C1] invoke_syscall+0x98/0x2b0 [ 81.419491][ C1] el0_svc_common+0x138/0x258 [ 81.420237][ C1] do_el0_svc+0x58/0x13c [ 81.420968][ C1] el0_svc+0x78/0x1d0 [ 81.421651][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.422496][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.423210][ C1] irq event stamp: 60826 [ 81.423901][ C1] hardirqs last enabled at (60825): [] el0_svc_common+0x9c/0x258 [ 81.425481][ C1] hardirqs last disabled at (60826): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.427237][ C1] softirqs last enabled at (60820): [] local_bh_enable+0x10/0x34 [ 81.428862][ C1] softirqs last disabled at (60818): [] local_bh_disable+0x10/0x34 [ 81.430559][ C1] ---[ end trace 062e6fe66ca8d291 ]--- [ 81.523697][ T5002] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.525019][ T5002] Bad inode number on dev loop0: 2 is out of range [ 81.526136][ T5002] SysV FS: get root inode failed [ 81.526954][ T5002] oldfs: cannot read superblock [ 81.527814][ T5002] ------------[ cut here ]------------ [ 81.528714][ T5002] VFS: brelse: Trying to free free buffer [ 81.529624][ T5002] WARNING: CPU: 1 PID: 5002 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.531107][ T5002] Modules linked in: [ 81.531737][ T5002] CPU: 1 PID: 5002 Comm: syz.0.46 Tainted: G W syzkaller #0 [ 81.533233][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.534969][ T5002] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.536342][ T5002] pc : invalidate_bh_lru+0x128/0x22c [ 81.537236][ T5002] lr : invalidate_bh_lru+0x128/0x22c [ 81.538216][ T5002] sp : ffff80001fef76e0 [ 81.538871][ T5002] x29: ffff80001fef76e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 81.540247][ T5002] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 81.541661][ T5002] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb41148 [ 81.542984][ T5002] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.544240][ T5002] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.545616][ T5002] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.546961][ T5002] x11: 0000000000000002 x10: 0000000000000000 x9 : 1895e4045dc2e400 [ 81.548335][ T5002] x8 : 1895e4045dc2e400 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.549753][ T5002] x5 : ffff80001fef6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.551150][ T5002] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.552595][ T5002] Call trace: [ 81.553163][ T5002] invalidate_bh_lru+0x128/0x22c [ 81.554035][ T5002] smp_call_function_many_cond+0xa50/0xeac [ 81.555052][ T5002] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.556026][ T5002] invalidate_bh_lrus+0x34/0x40 [ 81.556876][ T5002] blkdev_flush_mapping+0x16c/0x334 [ 81.557866][ T5002] blkdev_put+0x490/0x6ac [ 81.558596][ T5002] kill_block_super+0x98/0xdc [ 81.559392][ T5002] deactivate_locked_super+0xb8/0x134 [ 81.560267][ T5002] mount_bdev+0x284/0x358 [ 81.561057][ T5002] sysv_mount+0x44/0x58 [ 81.561798][ T5002] legacy_get_tree+0xd4/0x16c [ 81.562625][ T5002] vfs_get_tree+0x90/0x274 [ 81.563434][ T5002] do_new_mount+0x228/0x810 [ 81.564218][ T5002] path_mount+0x5bc/0x1008 [ 81.564982][ T5002] __arm64_sys_mount+0x514/0x5f0 [ 81.565811][ T5002] invoke_syscall+0x98/0x2b0 [ 81.566608][ T5002] el0_svc_common+0x138/0x258 [ 81.567400][ T5002] do_el0_svc+0x58/0x13c [ 81.568139][ T5002] el0_svc+0x78/0x1d0 [ 81.568813][ T5002] el0t_64_sync_handler+0xcc/0xe4 [ 81.569687][ T5002] el0t_64_sync+0x1a0/0x1a4 [ 81.570457][ T5002] irq event stamp: 1142 [ 81.571136][ T5002] hardirqs last enabled at (1141): [] kasan_quarantine_put+0xc4/0x200 [ 81.572810][ T5002] hardirqs last disabled at (1142): [] smp_call_function_many_cond+0xa44/0xeac [ 81.574632][ T5002] softirqs last enabled at (926): [] local_bh_enable+0x10/0x34 [ 81.576154][ T5002] softirqs last disabled at (924): [] local_bh_disable+0x10/0x34 [ 81.577815][ T5002] ---[ end trace 062e6fe66ca8d292 ]--- [ 81.677642][ T5006] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.678846][ T5006] Bad inode number on dev loop0: 2 is out of range [ 81.679836][ T5006] SysV FS: get root inode failed [ 81.680576][ T5006] oldfs: cannot read superblock [ 81.681436][ T5006] ------------[ cut here ]------------ [ 81.682284][ T5006] VFS: brelse: Trying to free free buffer [ 81.683294][ T5006] WARNING: CPU: 0 PID: 5006 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.684857][ T5006] Modules linked in: [ 81.685578][ T5006] CPU: 0 PID: 5006 Comm: syz.0.48 Tainted: G W syzkaller #0 [ 81.687062][ T5006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.688795][ T5006] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.690053][ T5006] pc : invalidate_bh_lru+0x128/0x22c [ 81.690947][ T5006] lr : invalidate_bh_lru+0x128/0x22c [ 81.691892][ T5006] sp : ffff8000200176e0 [ 81.692638][ T5006] x29: ffff8000200176e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 81.694053][ T5006] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 81.695500][ T5006] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de970c28 [ 81.696850][ T5006] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.698228][ T5006] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.699727][ T5006] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.701118][ T5006] x11: 0000000000000002 x10: 0000000000000000 x9 : 52569a74dd80dd00 [ 81.702525][ T5006] x8 : 52569a74dd80dd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.703951][ T5006] x5 : ffff800020016ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.705367][ T5006] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.706704][ T5006] Call trace: [ 81.707231][ T5006] invalidate_bh_lru+0x128/0x22c [ 81.708049][ T5006] smp_call_function_many_cond+0xa50/0xeac [ 81.709001][ T5006] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.709870][ T5006] invalidate_bh_lrus+0x34/0x40 [ 81.710751][ T5006] blkdev_flush_mapping+0x16c/0x334 [ 81.711653][ T5006] blkdev_put+0x490/0x6ac [ 81.712388][ T5006] kill_block_super+0x98/0xdc [ 81.713191][ T5006] deactivate_locked_super+0xb8/0x134 [ 81.714104][ T5006] mount_bdev+0x284/0x358 [ 81.714852][ T5006] sysv_mount+0x44/0x58 [ 81.715519][ T5006] legacy_get_tree+0xd4/0x16c [ 81.716261][ T5006] vfs_get_tree+0x90/0x274 [ 81.717000][ T5006] do_new_mount+0x228/0x810 [ 81.717746][ T5006] path_mount+0x5bc/0x1008 [ 81.718512][ T5006] __arm64_sys_mount+0x514/0x5f0 [ 81.719315][ T5006] invoke_syscall+0x98/0x2b0 [ 81.720041][ T5006] el0_svc_common+0x138/0x258 [ 81.720902][ T5006] do_el0_svc+0x58/0x13c [ 81.721581][ T5006] el0_svc+0x78/0x1d0 [ 81.722224][ T5006] el0t_64_sync_handler+0xcc/0xe4 [ 81.723035][ T5006] el0t_64_sync+0x1a0/0x1a4 [ 81.723792][ T5006] irq event stamp: 1080 [ 81.724439][ T5006] hardirqs last enabled at (1079): [] kasan_quarantine_put+0xc4/0x200 [ 81.726019][ T5006] hardirqs last disabled at (1080): [] smp_call_function_many_cond+0xa44/0xeac [ 81.727797][ T5006] softirqs last enabled at (904): [] local_bh_enable+0x10/0x34 [ 81.729334][ T5006] softirqs last disabled at (902): [] local_bh_disable+0x10/0x34 [ 81.730892][ T5006] ---[ end trace 062e6fe66ca8d293 ]--- [ 81.830141][ T5008] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.831395][ T5008] Bad inode number on dev loop0: 2 is out of range [ 81.834052][ T5008] SysV FS: get root inode failed [ 81.835273][ T5008] oldfs: cannot read superblock [ 81.839596][ C0] ------------[ cut here ]------------ [ 81.840560][ C0] VFS: brelse: Trying to free free buffer [ 81.841580][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.843075][ C0] Modules linked in: [ 81.843717][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.845243][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.847012][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.848334][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 81.849244][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 81.850123][ C0] sp : ffff800008007de0 [ 81.850843][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 81.852247][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.853642][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de971060 [ 81.855040][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 81.856402][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.857903][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.859318][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 81.860759][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.862125][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.863512][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.864893][ C0] Call trace: [ 81.865418][ C0] invalidate_bh_lru+0x128/0x22c [ 81.866292][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.867396][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.868477][ C0] ipi_handler+0x10c/0x6fc [ 81.869228][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 81.870139][ C0] handle_domain_irq+0x144/0x1fc [ 81.870965][ C0] gic_handle_irq+0x78/0x1b8 [ 81.871698][ C0] call_on_irq_stack+0x30/0x48 [ 81.872489][ C0] do_interrupt_handler+0x6c/0x88 [ 81.873339][ C0] el1_interrupt+0x30/0x58 [ 81.874067][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.874891][ C0] el1h_64_irq+0x78/0x7c [ 81.875579][ C0] preempt_count+0x44/0x68 [ 81.876343][ C0] check_preemption_disabled+0x38/0x164 [ 81.877290][ C0] debug_smp_processor_id+0x20/0x2c [ 81.878119][ C0] rcu_is_watching+0x50/0x134 [ 81.878927][ C0] path_init+0x120/0xed8 [ 81.879655][ C0] path_lookupat+0x40/0x3d0 [ 81.880367][ C0] filename_lookup+0x1b4/0x464 [ 81.881150][ C0] user_path_at_empty+0x5c/0x1a0 [ 81.881914][ C0] __arm64_sys_umount+0xf8/0x184 [ 81.882748][ C0] invoke_syscall+0x98/0x2b0 [ 81.883502][ C0] el0_svc_common+0x138/0x258 [ 81.884281][ C0] do_el0_svc+0x58/0x13c [ 81.885014][ C0] el0_svc+0x78/0x1d0 [ 81.885699][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.886555][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.887349][ C0] irq event stamp: 270148 [ 81.888124][ C0] hardirqs last enabled at (270147): [] put_cpu_partial+0x188/0x214 [ 81.889866][ C0] hardirqs last disabled at (270148): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.891622][ C0] softirqs last enabled at (269690): [] local_bh_enable+0x10/0x34 [ 81.893278][ C0] softirqs last disabled at (269688): [] local_bh_disable+0x10/0x34 [ 81.894990][ C0] ---[ end trace 062e6fe66ca8d294 ]--- [ 81.953844][ T5010] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.955138][ T5010] Bad inode number on dev loop0: 2 is out of range [ 81.956136][ T5010] SysV FS: get root inode failed [ 81.956907][ T5010] oldfs: cannot read superblock [ 81.965435][ C1] ------------[ cut here ]------------ [ 81.966351][ C1] VFS: brelse: Trying to free free buffer [ 81.967435][ C1] WARNING: CPU: 1 PID: 5011 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.968856][ C1] Modules linked in: [ 81.969476][ C1] CPU: 1 PID: 5011 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.970971][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.972577][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.973859][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.974674][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.975536][ C1] sp : ffff800008017de0 [ 81.976193][ C1] x29: ffff800008017de0 x28: ffff0000cdda3680 x27: 1fffe000341f645c [ 81.977673][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.979043][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb414e8 [ 81.980398][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.981788][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.983155][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.984544][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 50325c8cf3dad000 [ 81.985895][ C1] x8 : 50325c8cf3dad000 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.987326][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.988611][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.990020][ C1] Call trace: [ 81.990553][ C1] invalidate_bh_lru+0x128/0x22c [ 81.991372][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.992326][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.993421][ C1] ipi_handler+0x10c/0x6fc [ 81.994134][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.995085][ C1] handle_domain_irq+0x144/0x1fc [ 81.995870][ C1] gic_handle_irq+0x78/0x1b8 [ 81.996611][ C1] call_on_irq_stack+0x30/0x48 [ 81.997421][ C1] do_interrupt_handler+0x6c/0x88 [ 81.998228][ C1] el1_interrupt+0x30/0x58 [ 81.998968][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.999735][ C1] el1h_64_irq+0x78/0x7c [ 82.000426][ C1] do_notify_resume+0x110/0x309c [ 82.001269][ C1] asm_exit_to_user_mode+0x98/0xe8 [ 82.002153][ C1] ret_from_fork+0x1c/0x20 [ 82.002872][ C1] irq event stamp: 64 [ 82.003530][ C1] hardirqs last enabled at (63): [] do_notify_resume+0x104/0x309c [ 82.005236][ C1] hardirqs last disabled at (64): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.006969][ C1] softirqs last enabled at (0): [] copy_process+0x1140/0x34c8 [ 82.008717][ C1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.010013][ C1] ---[ end trace 062e6fe66ca8d295 ]--- [ 82.053600][ T5012] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.054765][ T5012] Bad inode number on dev loop0: 2 is out of range [ 82.055879][ T5012] SysV FS: get root inode failed [ 82.056664][ T5012] oldfs: cannot read superblock [ 82.057459][ T5012] ------------[ cut here ]------------ [ 82.058319][ T5012] VFS: brelse: Trying to free free buffer [ 82.059295][ T5012] WARNING: CPU: 1 PID: 5012 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.060629][ T5012] Modules linked in: [ 82.061278][ T5012] CPU: 1 PID: 5012 Comm: syz.0.51 Tainted: G W syzkaller #0 [ 82.062654][ T5012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.064358][ T5012] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.065663][ T5012] pc : invalidate_bh_lru+0x128/0x22c [ 82.066525][ T5012] lr : invalidate_bh_lru+0x128/0x22c [ 82.067422][ T5012] sp : ffff80001fbe76e0 [ 82.068154][ T5012] x29: ffff80001fbe76e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 82.069526][ T5012] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 82.070877][ T5012] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb41888 [ 82.072261][ T5012] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.073653][ T5012] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.075011][ T5012] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.076461][ T5012] x11: 0000000000000002 x10: 0000000000000000 x9 : 8b93ed96d6b43800 [ 82.077912][ T5012] x8 : 8b93ed96d6b43800 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.079210][ T5012] x5 : ffff80001fbe6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.080582][ T5012] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.081871][ T5012] Call trace: [ 82.082419][ T5012] invalidate_bh_lru+0x128/0x22c [ 82.083264][ T5012] smp_call_function_many_cond+0xa50/0xeac [ 82.084218][ T5012] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.085095][ T5012] invalidate_bh_lrus+0x34/0x40 [ 82.085938][ T5012] blkdev_flush_mapping+0x16c/0x334 [ 82.086758][ T5012] blkdev_put+0x490/0x6ac [ 82.087526][ T5012] kill_block_super+0x98/0xdc [ 82.088304][ T5012] deactivate_locked_super+0xb8/0x134 [ 82.089146][ T5012] mount_bdev+0x284/0x358 [ 82.089882][ T5012] sysv_mount+0x44/0x58 [ 82.090571][ T5012] legacy_get_tree+0xd4/0x16c [ 82.091331][ T5012] vfs_get_tree+0x90/0x274 [ 82.091997][ T5012] do_new_mount+0x228/0x810 [ 82.092678][ T5012] path_mount+0x5bc/0x1008 [ 82.093390][ T5012] __arm64_sys_mount+0x514/0x5f0 [ 82.094154][ T5012] invoke_syscall+0x98/0x2b0 [ 82.094867][ T5012] el0_svc_common+0x138/0x258 [ 82.095573][ T5012] do_el0_svc+0x58/0x13c [ 82.096201][ T5012] el0_svc+0x78/0x1d0 [ 82.096814][ T5012] el0t_64_sync_handler+0xcc/0xe4 [ 82.097608][ T5012] el0t_64_sync+0x1a0/0x1a4 [ 82.098362][ T5012] irq event stamp: 1124 [ 82.099132][ T5012] hardirqs last enabled at (1123): [] kasan_quarantine_put+0xc4/0x200 [ 82.100721][ T5012] hardirqs last disabled at (1124): [] smp_call_function_many_cond+0xa44/0xeac [ 82.102394][ T5012] softirqs last enabled at (920): [] local_bh_enable+0x10/0x34 [ 82.103992][ T5012] softirqs last disabled at (918): [] local_bh_disable+0x10/0x34 [ 82.105578][ T5012] ---[ end trace 062e6fe66ca8d296 ]--- [ 82.190342][ T5014] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.191633][ T5014] Bad inode number on dev loop0: 2 is out of range [ 82.192933][ T5014] SysV FS: get root inode failed [ 82.193748][ T5014] oldfs: cannot read superblock [ 82.201661][ C0] ------------[ cut here ]------------ [ 82.202558][ C0] VFS: brelse: Trying to free free buffer [ 82.203655][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.205275][ C0] Modules linked in: [ 82.205939][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.207599][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.209344][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.210715][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.211606][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.212529][ C0] sp : ffff800008007de0 [ 82.213189][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225b [ 82.214561][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 82.215973][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de971400 [ 82.217390][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.218645][ C0] x17: 0000000000010002 x16: ffff800008304af8 x15: 00000000ffffffff [ 82.219973][ C0] x14: 0000000000000001 x13: 1ffff00001000edc x12: 0000000000ff0100 [ 82.221317][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 82.222685][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.224067][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008304c08 [ 82.225440][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.226834][ C0] Call trace: [ 82.227387][ C0] invalidate_bh_lru+0x128/0x22c [ 82.228202][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.229236][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.230437][ C0] ipi_handler+0x10c/0x6fc [ 82.231138][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.232003][ C0] handle_domain_irq+0x144/0x1fc [ 82.232822][ C0] gic_handle_irq+0x78/0x1b8 [ 82.233556][ C0] call_on_irq_stack+0x30/0x48 [ 82.234385][ C0] do_interrupt_handler+0x6c/0x88 [ 82.235298][ C0] el1_interrupt+0x30/0x58 [ 82.236108][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.236971][ C0] el1h_64_irq+0x78/0x7c [ 82.237691][ C0] get_page_from_freelist+0x2210/0x2a68 [ 82.238642][ C0] __alloc_pages+0x1a0/0x470 [ 82.239423][ C0] alloc_pages+0x34c/0x5c0 [ 82.240172][ C0] __vmalloc_node_range+0x50c/0x8c8 [ 82.241094][ C0] vzalloc+0x110/0x188 [ 82.241847][ C0] xt_counters_alloc+0x50/0x60 [ 82.242662][ C0] __do_replace+0xa8/0x998 [ 82.243433][ C0] do_ip6t_set_ctl+0xb14/0xe60 [ 82.244303][ C0] nf_setsockopt+0x270/0x290 [ 82.245125][ C0] ipv6_setsockopt+0x1bb0/0x37ac [ 82.246030][ C0] tcp_setsockopt+0x1e0/0x1c3c [ 82.246867][ C0] sock_common_setsockopt+0xb0/0xcc [ 82.247807][ C0] __sys_setsockopt+0x260/0x36c [ 82.248686][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 82.249549][ C0] invoke_syscall+0x98/0x2b0 [ 82.250373][ C0] el0_svc_common+0x138/0x258 [ 82.251113][ C0] do_el0_svc+0x58/0x13c [ 82.251822][ C0] el0_svc+0x78/0x1d0 [ 82.252470][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.253271][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.254057][ C0] irq event stamp: 281866 [ 82.254762][ C0] hardirqs last enabled at (281865): [] get_page_from_freelist+0x2200/0x2a68 [ 82.256439][ C0] hardirqs last disabled at (281866): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.258039][ C0] softirqs last enabled at (281854): [] release_sock+0x1d0/0x258 [ 82.259640][ C0] softirqs last disabled at (281852): [] release_sock+0x34/0x258 [ 82.261237][ C0] ---[ end trace 062e6fe66ca8d297 ]--- [ 82.375422][ T5016] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.376648][ T5016] Bad inode number on dev loop0: 2 is out of range [ 82.377768][ T5016] SysV FS: get root inode failed [ 82.378566][ T5016] oldfs: cannot read superblock [ 82.389880][ T4515] ------------[ cut here ]------------ [ 82.390790][ T4515] VFS: brelse: Trying to free free buffer [ 82.391780][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.393337][ T4515] Modules linked in: [ 82.393990][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 82.395439][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.397136][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.398569][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 82.399530][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 82.400396][ T4515] sp : ffff80001f8c77c0 [ 82.401112][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 82.402530][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.403899][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb41c28 [ 82.405268][ T4515] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.406640][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.407945][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.409334][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 82.410747][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.412096][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.413491][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.414885][ T4515] Call trace: [ 82.415432][ T4515] invalidate_bh_lru+0x128/0x22c [ 82.416240][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 82.417247][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.418119][ T4515] invalidate_bh_lrus+0x34/0x40 [ 82.418961][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 82.419815][ T4515] blkdev_put+0x490/0x6ac [ 82.420492][ T4515] blkdev_close+0x74/0xb0 [ 82.421216][ T4515] __fput+0x1c0/0x7e8 [ 82.421903][ T4515] ____fput+0x20/0x30 [ 82.422584][ T4515] task_work_run+0x12c/0x1d8 [ 82.423384][ T4515] do_notify_resume+0x2450/0x309c [ 82.424213][ T4515] el0_svc+0xf0/0x1d0 [ 82.424864][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 82.425686][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 82.426422][ T4515] irq event stamp: 272162 [ 82.427135][ T4515] hardirqs last enabled at (272161): [] kasan_quarantine_put+0xc4/0x200 [ 82.428887][ T4515] hardirqs last disabled at (272162): [] smp_call_function_many_cond+0xa44/0xeac [ 82.430721][ T4515] softirqs last enabled at (271914): [] local_bh_enable+0x10/0x34 [ 82.432285][ T4515] softirqs last disabled at (271912): [] local_bh_disable+0x10/0x34 [ 82.433850][ T4515] ---[ end trace 062e6fe66ca8d298 ]--- [ 82.472822][ T5018] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.473958][ T5018] Bad inode number on dev loop0: 2 is out of range [ 82.475101][ T5018] SysV FS: get root inode failed [ 82.475928][ T5018] oldfs: cannot read superblock [ 82.479082][ C1] ------------[ cut here ]------------ [ 82.480005][ C1] VFS: brelse: Trying to free free buffer [ 82.481009][ C1] WARNING: CPU: 1 PID: 4464 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.482539][ C1] Modules linked in: [ 82.483202][ C1] CPU: 1 PID: 4464 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.484657][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.486523][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.487898][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.488868][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.489790][ C1] sp : ffff800008017de0 [ 82.490501][ C1] x29: ffff800008017de0 x28: ffff0000cee051c0 x27: 1fffe000341f645c [ 82.491986][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.493384][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb3d060 [ 82.494719][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.496036][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.497361][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.498695][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : af9ef460ff185a00 [ 82.500037][ C1] x8 : af9ef460ff185a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.501435][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.502769][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.504181][ C1] Call trace: [ 82.504740][ C1] invalidate_bh_lru+0x128/0x22c [ 82.505568][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.506591][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.507751][ C1] ipi_handler+0x10c/0x6fc [ 82.508509][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.509441][ C1] handle_domain_irq+0x144/0x1fc [ 82.510323][ C1] gic_handle_irq+0x78/0x1b8 [ 82.511165][ C1] call_on_irq_stack+0x30/0x48 [ 82.512034][ C1] do_interrupt_handler+0x6c/0x88 [ 82.512949][ C1] el1_interrupt+0x30/0x58 [ 82.513710][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.514560][ C1] el1h_64_irq+0x78/0x7c [ 82.515298][ C1] __sanitizer_cov_trace_pc+0xa8/0xac [ 82.516220][ C1] check_preemption_disabled+0x38/0x164 [ 82.517155][ C1] debug_smp_processor_id+0x20/0x2c [ 82.518081][ C1] rcu_is_watching+0x50/0x134 [ 82.518900][ C1] lock_acquire+0xc4/0x618 [ 82.519614][ C1] fs_reclaim_acquire+0xec/0x1c4 [ 82.520492][ C1] slab_pre_alloc_hook+0x38/0xe8 [ 82.521334][ C1] kmem_cache_alloc_node+0x98/0x40c [ 82.522196][ C1] __alloc_skb+0x130/0x678 [ 82.522926][ C1] sk_stream_alloc_skb+0x17c/0x870 [ 82.523712][ C1] tcp_sendmsg_locked+0x958/0x2ca0 [ 82.524587][ C1] tcp_sendmsg+0x40/0x64 [ 82.525263][ C1] inet_sendmsg+0x154/0x284 [ 82.526064][ C1] sock_write_iter+0x250/0x340 [ 82.526843][ C1] vfs_write+0x590/0xa60 [ 82.527523][ C1] ksys_write+0x12c/0x224 [ 82.528260][ C1] __arm64_sys_write+0x7c/0x90 [ 82.529031][ C1] invoke_syscall+0x98/0x2b0 [ 82.529796][ C1] el0_svc_common+0x138/0x258 [ 82.530670][ C1] do_el0_svc+0x58/0x13c [ 82.531415][ C1] el0_svc+0x78/0x1d0 [ 82.532074][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.532927][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.533763][ C1] irq event stamp: 671242 [ 82.534471][ C1] hardirqs last enabled at (671241): [] __local_bh_enable_ip+0x1f8/0x37c [ 82.536106][ C1] hardirqs last disabled at (671242): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.537673][ C1] softirqs last enabled at (671240): [] lock_sock_nested+0x14c/0x1d4 [ 82.539214][ C1] softirqs last disabled at (671238): [] lock_sock_nested+0xf4/0x1d4 [ 82.540866][ C1] ---[ end trace 062e6fe66ca8d299 ]--- [ 82.607627][ T5020] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.608877][ T5020] Bad inode number on dev loop0: 2 is out of range [ 82.610025][ T5020] SysV FS: get root inode failed [ 82.611217][ T5020] oldfs: cannot read superblock [ 82.620980][ T4515] ------------[ cut here ]------------ [ 82.621930][ T4515] VFS: brelse: Trying to free free buffer [ 82.622945][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.624379][ T4515] Modules linked in: [ 82.625104][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 82.626589][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.628365][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.629727][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 82.630604][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 82.631533][ T4515] sp : ffff80001f8c77c0 [ 82.632220][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 82.633566][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 82.634979][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2ac7a0 [ 82.636342][ T4515] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.637769][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.639206][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.640589][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 82.642083][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.643427][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.644858][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.646269][ T4515] Call trace: [ 82.646803][ T4515] invalidate_bh_lru+0x128/0x22c [ 82.647634][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 82.648612][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.649460][ T4515] invalidate_bh_lrus+0x34/0x40 [ 82.650309][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 82.651150][ T4515] blkdev_put+0x490/0x6ac [ 82.651855][ T4515] blkdev_close+0x74/0xb0 [ 82.652569][ T4515] __fput+0x1c0/0x7e8 [ 82.653256][ T4515] ____fput+0x20/0x30 [ 82.653889][ T4515] task_work_run+0x12c/0x1d8 [ 82.654669][ T4515] do_notify_resume+0x2450/0x309c [ 82.655533][ T4515] el0_svc+0xf0/0x1d0 [ 82.656258][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 82.657143][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 82.657897][ T4515] irq event stamp: 289010 [ 82.658657][ T4515] hardirqs last enabled at (289009): [] kasan_quarantine_put+0xc4/0x200 [ 82.660378][ T4515] hardirqs last disabled at (289010): [] smp_call_function_many_cond+0xa44/0xeac [ 82.662286][ T4515] softirqs last enabled at (288764): [] local_bh_enable+0x10/0x34 [ 82.663893][ T4515] softirqs last disabled at (288762): [] local_bh_disable+0x10/0x34 [ 82.665504][ T4515] ---[ end trace 062e6fe66ca8d29a ]--- [ 82.700773][ T5022] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.702061][ T5022] Bad inode number on dev loop0: 2 is out of range [ 82.703273][ T5022] SysV FS: get root inode failed [ 82.704091][ T5022] oldfs: cannot read superblock [ 82.712098][ C0] ------------[ cut here ]------------ [ 82.713101][ C0] VFS: brelse: Trying to free free buffer [ 82.714106][ C0] WARNING: CPU: 0 PID: 5023 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.715614][ C0] Modules linked in: [ 82.716259][ C0] CPU: 0 PID: 5023 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.717724][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.719485][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.720878][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.721784][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.722737][ C0] sp : ffff800008007de0 [ 82.723525][ C0] x29: ffff800008007de0 x28: ffff0000d0eb8000 x27: 1fffe000341f225c [ 82.724939][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 82.726361][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2acb40 [ 82.727678][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.729042][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.730505][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.731928][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 9c046bc189ce6900 [ 82.733336][ C0] x8 : 9c046bc189ce6900 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.734779][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.736213][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.737674][ C0] Call trace: [ 82.738212][ C0] invalidate_bh_lru+0x128/0x22c [ 82.739072][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.740119][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.741253][ C0] ipi_handler+0x10c/0x6fc [ 82.741988][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.742951][ C0] handle_domain_irq+0x144/0x1fc [ 82.743845][ C0] gic_handle_irq+0x78/0x1b8 [ 82.744665][ C0] call_on_irq_stack+0x30/0x48 [ 82.745528][ C0] do_interrupt_handler+0x6c/0x88 [ 82.746432][ C0] el1_interrupt+0x30/0x58 [ 82.747169][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.747999][ C0] el1h_64_irq+0x78/0x7c [ 82.748699][ C0] lock_page_memcg+0x120/0x22c [ 82.749554][ C0] page_add_file_rmap+0x148/0x8c4 [ 82.750353][ C0] do_set_pte+0x390/0x4dc [ 82.751045][ C0] filemap_map_pages+0x9d0/0xc54 [ 82.751930][ C0] handle_mm_fault+0x188c/0x2a28 [ 82.752818][ C0] do_page_fault+0x67c/0xab0 [ 82.753553][ C0] do_translation_fault+0xe0/0x130 [ 82.754447][ C0] do_mem_abort+0x6c/0x1ac [ 82.755192][ C0] el0_ia+0xe0/0x2b8 [ 82.755802][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 82.756552][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.757232][ C0] irq event stamp: 644 [ 82.757858][ C0] hardirqs last enabled at (643): [] lock_page_memcg+0x110/0x22c [ 82.759393][ C0] hardirqs last disabled at (644): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.761205][ C0] softirqs last enabled at (64): [] local_bh_enable+0x10/0x34 [ 82.762756][ C0] softirqs last disabled at (62): [] local_bh_disable+0x10/0x34 [ 82.764497][ C0] ---[ end trace 062e6fe66ca8d29b ]--- [ 82.857544][ T5024] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.858873][ T5024] Bad inode number on dev loop0: 2 is out of range [ 82.860026][ T5024] SysV FS: get root inode failed [ 82.860880][ T5024] oldfs: cannot read superblock [ 82.868439][ C0] ------------[ cut here ]------------ [ 82.869419][ C0] VFS: brelse: Trying to free free buffer [ 82.870449][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.871931][ C0] Modules linked in: [ 82.872626][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.874204][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.876107][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.877552][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.878530][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.879517][ C0] sp : ffff800008007de0 [ 82.880213][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 82.881651][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 82.883061][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2acee0 [ 82.884513][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.885891][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.887256][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.888599][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 82.889940][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.891340][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.892742][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.894148][ C0] Call trace: [ 82.894749][ C0] invalidate_bh_lru+0x128/0x22c [ 82.895599][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.896600][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.897795][ C0] ipi_handler+0x10c/0x6fc [ 82.898586][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.899516][ C0] handle_domain_irq+0x144/0x1fc [ 82.900363][ C0] gic_handle_irq+0x78/0x1b8 [ 82.901138][ C0] call_on_irq_stack+0x30/0x48 [ 82.901946][ C0] do_interrupt_handler+0x6c/0x88 [ 82.902801][ C0] el1_interrupt+0x30/0x58 [ 82.903543][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.904395][ C0] el1h_64_irq+0x78/0x7c [ 82.905123][ C0] lock_acquire+0x234/0x618 [ 82.905912][ C0] _raw_spin_lock+0xb0/0x10c [ 82.906749][ C0] free_vmap_area_noflush+0x1e4/0x8a0 [ 82.907670][ C0] remove_vm_area+0x1ac/0x1c4 [ 82.908420][ C0] __vunmap+0x304/0x9b0 [ 82.909087][ C0] vfree+0xbc/0x154 [ 82.909725][ C0] __do_replace+0x840/0x998 [ 82.910507][ C0] do_ip6t_set_ctl+0xb14/0xe60 [ 82.911307][ C0] nf_setsockopt+0x270/0x290 [ 82.912044][ C0] ipv6_setsockopt+0x1bb0/0x37ac [ 82.912811][ C0] tcp_setsockopt+0x1e0/0x1c3c [ 82.913646][ C0] sock_common_setsockopt+0xb0/0xcc [ 82.914501][ C0] __sys_setsockopt+0x260/0x36c [ 82.915263][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 82.916148][ C0] invoke_syscall+0x98/0x2b0 [ 82.916927][ C0] el0_svc_common+0x138/0x258 [ 82.917750][ C0] do_el0_svc+0x58/0x13c [ 82.918459][ C0] el0_svc+0x78/0x1d0 [ 82.919129][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.920053][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.920823][ C0] irq event stamp: 296920 [ 82.921607][ C0] hardirqs last enabled at (296919): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 82.923492][ C0] hardirqs last disabled at (296920): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.925251][ C0] softirqs last enabled at (296898): [] local_bh_enable+0x10/0x34 [ 82.926923][ C0] softirqs last disabled at (296896): [] local_bh_disable+0x10/0x34 [ 82.928551][ C0] ---[ end trace 062e6fe66ca8d29c ]--- [ 83.004886][ T5026] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.006179][ T5026] Bad inode number on dev loop0: 2 is out of range [ 83.007263][ T5026] SysV FS: get root inode failed [ 83.008064][ T5026] oldfs: cannot read superblock [ 83.013145][ C1] ------------[ cut here ]------------ [ 83.014063][ C1] VFS: brelse: Trying to free free buffer [ 83.014991][ C1] WARNING: CPU: 1 PID: 1604 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.016382][ C1] Modules linked in: [ 83.017045][ C1] CPU: 1 PID: 1604 Comm: kworker/u4:4 Tainted: G W syzkaller #0 [ 83.018518][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.020216][ C1] Workqueue: bat_events batadv_nc_worker [ 83.021059][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.022387][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.023262][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.024157][ C1] sp : ffff800008017de0 [ 83.024829][ C1] x29: ffff800008017de0 x28: ffff0000cc9351c0 x27: 1fffe000341f645c [ 83.026151][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 83.027526][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb3d400 [ 83.028847][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.030273][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.031642][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.033013][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 363540bcf0ff2a00 [ 83.034434][ C1] x8 : 363540bcf0ff2a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.035764][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.037018][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.038313][ C1] Call trace: [ 83.038895][ C1] invalidate_bh_lru+0x128/0x22c [ 83.039711][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.040657][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.041750][ C1] ipi_handler+0x10c/0x6fc [ 83.042446][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.043365][ C1] handle_domain_irq+0x144/0x1fc [ 83.044140][ C1] gic_handle_irq+0x78/0x1b8 [ 83.044882][ C1] call_on_irq_stack+0x30/0x48 [ 83.045731][ C1] do_interrupt_handler+0x6c/0x88 [ 83.046601][ C1] el1_interrupt+0x30/0x58 [ 83.047336][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.048125][ C1] el1h_64_irq+0x78/0x7c [ 83.048864][ C1] __local_bh_enable_ip+0x200/0x37c [ 83.049782][ C1] _raw_spin_unlock_bh+0xec/0x174 [ 83.050558][ C1] batadv_nc_purge_paths+0x300/0x388 [ 83.051421][ C1] batadv_nc_worker+0x300/0x554 [ 83.052182][ C1] process_one_work+0x79c/0x1138 [ 83.052973][ C1] worker_thread+0x8f4/0x1034 [ 83.053739][ C1] kthread+0x374/0x454 [ 83.054419][ C1] ret_from_fork+0x10/0x20 [ 83.055137][ C1] irq event stamp: 493930 [ 83.055860][ C1] hardirqs last enabled at (493929): [] __local_bh_enable_ip+0x1f8/0x37c [ 83.057521][ C1] hardirqs last disabled at (493930): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.059204][ C1] softirqs last enabled at (493928): [] batadv_nc_purge_paths+0x300/0x388 [ 83.060972][ C1] softirqs last disabled at (493926): [] batadv_nc_purge_paths+0xd0/0x388 [ 83.062614][ C1] ---[ end trace 062e6fe66ca8d29d ]--- [ 83.126979][ T5028] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.128435][ T5028] Bad inode number on dev loop0: 2 is out of range [ 83.129470][ T5028] SysV FS: get root inode failed [ 83.130305][ T5028] oldfs: cannot read superblock [ 83.131220][ C1] ------------[ cut here ]------------ [ 83.132148][ C1] VFS: brelse: Trying to free free buffer [ 83.133139][ C1] WARNING: CPU: 1 PID: 357 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.134528][ C1] Modules linked in: [ 83.135198][ C1] CPU: 1 PID: 357 Comm: kworker/u4:3 Tainted: G W syzkaller #0 [ 83.136762][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.138390][ C1] Workqueue: netns cleanup_net [ 83.139204][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.140500][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.141476][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.142350][ C1] sp : ffff800008017de0 [ 83.143051][ C1] x29: ffff800008017de0 x28: ffff0000c7bfb680 x27: 1fffe000341f645b [ 83.144310][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 83.145785][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb3d7a0 [ 83.147189][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.148505][ C1] x17: 0000000000010002 x16: ffff800008304af8 x15: 00000000ffffffff [ 83.149895][ C1] x14: 0000000000000001 x13: 1ffff00001002edc x12: 0000000000ff0100 [ 83.151301][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 5855d2f540c0bd00 [ 83.152651][ C1] x8 : 5855d2f540c0bd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.154074][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008304c08 [ 83.155537][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.156922][ C1] Call trace: [ 83.157452][ C1] invalidate_bh_lru+0x128/0x22c [ 83.158313][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.159313][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.160557][ C1] ipi_handler+0x10c/0x6fc [ 83.161290][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.162205][ C1] handle_domain_irq+0x144/0x1fc [ 83.163038][ C1] gic_handle_irq+0x78/0x1b8 [ 83.163759][ C1] call_on_irq_stack+0x30/0x48 [ 83.164498][ C1] do_interrupt_handler+0x6c/0x88 [ 83.165255][ C1] el1_interrupt+0x30/0x58 [ 83.165975][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.166792][ C1] el1h_64_irq+0x78/0x7c [ 83.167450][ C1] lock_acquire+0x234/0x618 [ 83.168144][ C1] rcu_lock_acquire+0x40/0x4c [ 83.168880][ C1] inet_twsk_purge+0x110/0x7c4 [ 83.169619][ C1] dccp_v6_exit_batch+0x20/0x2c [ 83.170443][ C1] cleanup_net+0x654/0xaa4 [ 83.171196][ C1] process_one_work+0x79c/0x1138 [ 83.172005][ C1] worker_thread+0x8f4/0x1034 [ 83.172747][ C1] kthread+0x374/0x454 [ 83.173438][ C1] ret_from_fork+0x10/0x20 [ 83.174138][ C1] irq event stamp: 1075356 [ 83.174845][ C1] hardirqs last enabled at (1075355): [] exit_to_kernel_mode+0xe0/0x168 [ 83.176499][ C1] hardirqs last disabled at (1075356): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.178226][ C1] softirqs last enabled at (1075342): [] handle_softirqs+0xa40/0xbe4 [ 83.179835][ C1] softirqs last disabled at (1074979): [] __irq_exit_rcu+0x240/0x43c [ 83.181449][ C1] ---[ end trace 062e6fe66ca8d29e ]--- 1970/01/01 00:01:23 executed programs: 46 [ 83.301287][ T5032] set_capacity_and_notify: 29 callbacks suppressed [ 83.301297][ T5032] loop0: detected capacity change from 0 to 128 [ 83.404278][ T5032] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.405577][ T5032] Bad inode number on dev loop0: 2 is out of range [ 83.406702][ T5032] SysV FS: get root inode failed [ 83.407722][ T5032] oldfs: cannot read superblock [ 83.409023][ T3660] ------------[ cut here ]------------ [ 83.409861][ T3660] VFS: brelse: Trying to free free buffer [ 83.410998][ T3660] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.412468][ T3660] Modules linked in: [ 83.413139][ T3660] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 83.414650][ T3660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.416442][ T3660] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.417825][ T3660] pc : invalidate_bh_lru+0x128/0x22c [ 83.418760][ T3660] lr : invalidate_bh_lru+0x128/0x22c [ 83.419643][ T3660] sp : ffff8000225677c0 [ 83.420335][ T3660] x29: ffff8000225677c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 83.421600][ T3660] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 83.422889][ T3660] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb3db40 [ 83.424229][ T3660] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.425571][ T3660] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.427011][ T3660] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.428377][ T3660] x11: 0000000000000002 x10: 0000000000000000 x9 : 672382a832d07600 [ 83.429702][ T3660] x8 : 672382a832d07600 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.431154][ T3660] x5 : ffff8000225670d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.432482][ T3660] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.433900][ T3660] Call trace: [ 83.434414][ T3660] invalidate_bh_lru+0x128/0x22c [ 83.435315][ T3660] smp_call_function_many_cond+0xa50/0xeac [ 83.436210][ T3660] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.437118][ T3660] invalidate_bh_lrus+0x34/0x40 [ 83.437978][ T3660] blkdev_flush_mapping+0x16c/0x334 [ 83.438887][ T3660] blkdev_put+0x490/0x6ac [ 83.439653][ T3660] blkdev_close+0x74/0xb0 [ 83.440390][ T3660] __fput+0x1c0/0x7e8 [ 83.441028][ T3660] ____fput+0x20/0x30 [ 83.441725][ T3660] task_work_run+0x12c/0x1d8 [ 83.442446][ T3660] do_notify_resume+0x2450/0x309c [ 83.443267][ T3660] el0_svc+0xf0/0x1d0 [ 83.443925][ T3660] el0t_64_sync_handler+0xcc/0xe4 [ 83.444755][ T3660] el0t_64_sync+0x1a0/0x1a4 [ 83.445482][ T3660] irq event stamp: 1272962 [ 83.446258][ T3660] hardirqs last enabled at (1272961): [] kasan_quarantine_put+0xc4/0x200 [ 83.447948][ T3660] hardirqs last disabled at (1272962): [] smp_call_function_many_cond+0xa44/0xeac [ 83.449801][ T3660] softirqs last enabled at (1272924): [] local_bh_enable+0x10/0x34 [ 83.451387][ T3660] softirqs last disabled at (1272922): [] local_bh_disable+0x10/0x34 [ 83.452947][ T3660] ---[ end trace 062e6fe66ca8d29f ]--- [ 83.510815][ T5034] loop0: detected capacity change from 0 to 128 [ 83.535546][ T5034] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.536793][ T5034] Bad inode number on dev loop0: 2 is out of range [ 83.538803][ T5034] SysV FS: get root inode failed [ 83.539591][ T5034] oldfs: cannot read superblock [ 83.547482][ T4515] ------------[ cut here ]------------ [ 83.548408][ T4515] VFS: brelse: Trying to free free buffer [ 83.549324][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.550799][ T4515] Modules linked in: [ 83.551493][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 83.552843][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.554523][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.555886][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 83.556841][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 83.557734][ T4515] sp : ffff80001f8c77c0 [ 83.558445][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 83.559693][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 83.561082][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb3dee0 [ 83.562529][ T4515] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.563981][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.565339][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.566661][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 83.568077][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.569424][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.570784][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.572286][ T4515] Call trace: [ 83.572827][ T4515] invalidate_bh_lru+0x128/0x22c [ 83.573670][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 83.574703][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.575625][ T4515] invalidate_bh_lrus+0x34/0x40 [ 83.576421][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 83.577272][ T4515] blkdev_put+0x490/0x6ac [ 83.578015][ T4515] blkdev_close+0x74/0xb0 [ 83.578730][ T4515] __fput+0x1c0/0x7e8 [ 83.579370][ T4515] ____fput+0x20/0x30 [ 83.580009][ T4515] task_work_run+0x12c/0x1d8 [ 83.580773][ T4515] do_notify_resume+0x2450/0x309c [ 83.581633][ T4515] el0_svc+0xf0/0x1d0 [ 83.582255][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 83.583116][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 83.583887][ T4515] irq event stamp: 322234 [ 83.584556][ T4515] hardirqs last enabled at (322233): [] kasan_quarantine_put+0xc4/0x200 [ 83.586243][ T4515] hardirqs last disabled at (322234): [] smp_call_function_many_cond+0xa44/0xeac [ 83.588177][ T4515] softirqs last enabled at (321954): [] local_bh_enable+0x10/0x34 [ 83.589854][ T4515] softirqs last disabled at (321952): [] local_bh_disable+0x10/0x34 [ 83.591526][ T4515] ---[ end trace 062e6fe66ca8d2a0 ]--- [ 83.637332][ T5036] loop0: detected capacity change from 0 to 128 [ 83.703988][ T5036] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.705230][ T5036] Bad inode number on dev loop0: 2 is out of range [ 83.706416][ T5036] SysV FS: get root inode failed [ 83.707245][ T5036] oldfs: cannot read superblock [ 83.718870][ T4515] ------------[ cut here ]------------ [ 83.719771][ T4515] VFS: brelse: Trying to free free buffer [ 83.720749][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.722171][ T4515] Modules linked in: [ 83.722879][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 83.724327][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.726144][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.727527][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 83.728564][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 83.729496][ T4515] sp : ffff80001f8c77c0 [ 83.730233][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 83.731609][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 83.733069][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286d318 [ 83.734373][ T4515] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.735735][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.737221][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.738629][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 83.739970][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.741297][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.742658][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.744043][ T4515] Call trace: [ 83.744574][ T4515] invalidate_bh_lru+0x128/0x22c [ 83.745470][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 83.746460][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.747339][ T4515] invalidate_bh_lrus+0x34/0x40 [ 83.748145][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 83.749084][ T4515] blkdev_put+0x490/0x6ac [ 83.749882][ T4515] blkdev_close+0x74/0xb0 [ 83.750596][ T4515] __fput+0x1c0/0x7e8 [ 83.751271][ T4515] ____fput+0x20/0x30 [ 83.751970][ T4515] task_work_run+0x12c/0x1d8 [ 83.752705][ T4515] do_notify_resume+0x2450/0x309c [ 83.753587][ T4515] el0_svc+0xf0/0x1d0 [ 83.754264][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 83.755112][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 83.755929][ T4515] irq event stamp: 325864 [ 83.756729][ T4515] hardirqs last enabled at (325863): [] kasan_quarantine_put+0xc4/0x200 [ 83.758468][ T4515] hardirqs last disabled at (325864): [] smp_call_function_many_cond+0xa44/0xeac [ 83.760341][ T4515] softirqs last enabled at (325598): [] local_bh_enable+0x10/0x34 [ 83.762029][ T4515] softirqs last disabled at (325596): [] local_bh_disable+0x10/0x34 [ 83.763653][ T4515] ---[ end trace 062e6fe66ca8d2a1 ]--- [ 83.803746][ T5038] loop0: detected capacity change from 0 to 128 [ 83.808289][ T5038] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.809449][ T5038] Bad inode number on dev loop0: 2 is out of range [ 83.810531][ T5038] SysV FS: get root inode failed [ 83.811510][ T5038] oldfs: cannot read superblock [ 83.815835][ C0] ------------[ cut here ]------------ [ 83.816767][ C0] VFS: brelse: Trying to free free buffer [ 83.817787][ C0] WARNING: CPU: 0 PID: 5037 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.819202][ C0] Modules linked in: [ 83.819791][ C0] CPU: 0 PID: 5037 Comm: syz.0.64 Tainted: G W syzkaller #0 [ 83.821301][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.822988][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.824444][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 83.825376][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 83.826267][ C0] sp : ffff800008007de0 [ 83.826983][ C0] x29: ffff800008007de0 x28: ffff0000c65f1b40 x27: 1fffe000341f225c [ 83.828368][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 83.829721][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286d6b8 [ 83.831056][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010004 [ 83.832368][ C0] x17: 0000000000010004 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.833652][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.835028][ C0] x11: 0000000000010003 x10: 0000000000010003 x9 : 1e45dadacb47f700 [ 83.836315][ C0] x8 : 1e45dadacb47f700 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.837781][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.839173][ C0] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 83.840564][ C0] Call trace: [ 83.841096][ C0] invalidate_bh_lru+0x128/0x22c [ 83.841905][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 83.842958][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.844151][ C0] ipi_handler+0x10c/0x6fc [ 83.844953][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 83.845980][ C0] handle_domain_irq+0x144/0x1fc [ 83.846879][ C0] gic_handle_irq+0x78/0x1b8 [ 83.847691][ C0] call_on_irq_stack+0x30/0x48 [ 83.848526][ C0] do_interrupt_handler+0x6c/0x88 [ 83.849469][ C0] el1_interrupt+0x30/0x58 [ 83.850178][ C0] el1h_64_irq_handler+0x18/0x24 [ 83.851012][ C0] el1h_64_irq+0x78/0x7c [ 83.851713][ C0] lock_acquire+0x234/0x618 [ 83.852517][ C0] _raw_spin_lock+0xb0/0x10c [ 83.853326][ C0] exit_fs+0x58/0x12c [ 83.853965][ C0] do_exit+0x67c/0x1f50 [ 83.854693][ C0] do_group_exit+0x100/0x268 [ 83.855436][ C0] __wake_up_parent+0x0/0x60 [ 83.856241][ C0] invoke_syscall+0x98/0x2b0 [ 83.857028][ C0] el0_svc_common+0x138/0x258 [ 83.857898][ C0] do_el0_svc+0x58/0x13c [ 83.858645][ C0] el0_svc+0x78/0x1d0 [ 83.859300][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 83.860190][ C0] el0t_64_sync+0x1a0/0x1a4 [ 83.861007][ C0] irq event stamp: 2474 [ 83.861757][ C0] hardirqs last enabled at (2473): [] exit_mm+0x47c/0x664 [ 83.863235][ C0] hardirqs last disabled at (2474): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.864879][ C0] softirqs last enabled at (2438): [] local_bh_enable+0x10/0x34 [ 83.866548][ C0] softirqs last disabled at (2436): [] local_bh_disable+0x10/0x34 [ 83.868285][ C0] ---[ end trace 062e6fe66ca8d2a2 ]--- [ 83.894148][ T5040] loop0: detected capacity change from 0 to 128 [ 83.973306][ T5040] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.974509][ T5040] Bad inode number on dev loop0: 2 is out of range [ 83.975561][ T5040] SysV FS: get root inode failed [ 83.976406][ T5040] oldfs: cannot read superblock [ 83.985691][ C0] ------------[ cut here ]------------ [ 83.986644][ C0] VFS: brelse: Trying to free free buffer [ 83.987575][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.989036][ C0] Modules linked in: [ 83.989671][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.991168][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.992776][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.994121][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 83.995016][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 83.995952][ C0] sp : ffff800008007de0 [ 83.996681][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225b [ 83.997974][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 83.999241][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286da58 [ 84.000541][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 84.001901][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.003257][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 84.004709][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 84.006001][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.007377][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.008702][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.010066][ C0] Call trace: [ 84.010607][ C0] invalidate_bh_lru+0x128/0x22c [ 84.011426][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.012386][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.013470][ C0] ipi_handler+0x10c/0x6fc [ 84.014159][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 84.015069][ C0] handle_domain_irq+0x144/0x1fc [ 84.015920][ C0] gic_handle_irq+0x78/0x1b8 [ 84.016642][ C0] call_on_irq_stack+0x30/0x48 [ 84.017414][ C0] do_interrupt_handler+0x6c/0x88 [ 84.018230][ C0] el1_interrupt+0x30/0x58 [ 84.019004][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.019779][ C0] el1h_64_irq+0x78/0x7c [ 84.020554][ C0] rcu_is_watching+0xc0/0x134 [ 84.021358][ C0] lock_acquire+0xc4/0x618 [ 84.022161][ C0] rcu_lock_acquire+0x38/0x44 [ 84.023033][ C0] slab_post_alloc_hook+0x1a8/0x3f8 [ 84.023881][ C0] kmem_cache_alloc+0x1d8/0x3d4 [ 84.024651][ C0] copy_mm+0x6d0/0x105c [ 84.025362][ C0] copy_process+0x1500/0x34c8 [ 84.026174][ C0] kernel_clone+0x1ec/0x9e8 [ 84.026927][ C0] __arm64_sys_clone+0x14c/0x1b8 [ 84.027716][ C0] invoke_syscall+0x98/0x2b0 [ 84.028490][ C0] el0_svc_common+0x138/0x258 [ 84.029324][ C0] do_el0_svc+0x58/0x13c [ 84.030022][ C0] el0_svc+0x78/0x1d0 [ 84.030614][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 84.031404][ C0] el0t_64_sync+0x1a0/0x1a4 [ 84.032138][ C0] irq event stamp: 324094 [ 84.032827][ C0] hardirqs last enabled at (324093): [] pte_alloc_one+0x194/0x254 [ 84.034338][ C0] hardirqs last disabled at (324094): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.035990][ C0] softirqs last enabled at (323976): [] local_bh_enable+0x10/0x34 [ 84.037530][ C0] softirqs last disabled at (323974): [] local_bh_disable+0x10/0x34 [ 84.039046][ C0] ---[ end trace 062e6fe66ca8d2a3 ]--- [ 84.065084][ T5042] loop0: detected capacity change from 0 to 128 [ 84.105378][ T5042] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.106695][ T5042] Bad inode number on dev loop0: 2 is out of range [ 84.107742][ T5042] SysV FS: get root inode failed [ 84.108506][ T5042] oldfs: cannot read superblock [ 84.114938][ C1] ------------[ cut here ]------------ [ 84.115864][ C1] VFS: brelse: Trying to free free buffer [ 84.116829][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.118223][ C1] Modules linked in: [ 84.118779][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.120233][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.121842][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.123071][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 84.123946][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 84.124815][ C1] sp : ffff800008017de0 [ 84.125472][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 84.126786][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 84.128084][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286a318 [ 84.129375][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 84.130809][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.132183][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 84.133478][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 84.134727][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.136043][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.137322][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 84.138552][ C1] Call trace: [ 84.139113][ C1] invalidate_bh_lru+0x128/0x22c [ 84.139935][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.140884][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.142036][ C1] ipi_handler+0x10c/0x6fc [ 84.142727][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 84.143607][ C1] handle_domain_irq+0x144/0x1fc [ 84.144338][ C1] gic_handle_irq+0x78/0x1b8 [ 84.145076][ C1] call_on_irq_stack+0x30/0x48 [ 84.145792][ C1] do_interrupt_handler+0x6c/0x88 [ 84.146579][ C1] el1_interrupt+0x30/0x58 [ 84.147373][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.148126][ C1] el1h_64_irq+0x78/0x7c [ 84.148815][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 84.149751][ C1] debug_check_no_obj_freed+0x450/0x46c [ 84.150604][ C1] slab_free_freelist_hook+0x9c/0x1e4 [ 84.151451][ C1] kmem_cache_free+0xdc/0x3b0 [ 84.152177][ C1] dentry_free+0xbc/0x178 [ 84.152858][ C1] __dentry_kill+0x45c/0x598 [ 84.153563][ C1] dentry_kill+0xc8/0x248 [ 84.154253][ C1] dput+0x23c/0x458 [ 84.154940][ C1] __fput+0x494/0x7e8 [ 84.155554][ C1] ____fput+0x20/0x30 [ 84.156259][ C1] task_work_run+0x12c/0x1d8 [ 84.157032][ C1] do_notify_resume+0x2450/0x309c [ 84.157844][ C1] el0_svc+0xf0/0x1d0 [ 84.158476][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 84.159290][ C1] el0t_64_sync+0x1a0/0x1a4 [ 84.160091][ C1] irq event stamp: 326430 [ 84.160821][ C1] hardirqs last enabled at (326429): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 84.162550][ C1] hardirqs last disabled at (326430): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.164095][ C1] softirqs last enabled at (326402): [] release_sock+0x1d0/0x258 [ 84.165579][ C1] softirqs last disabled at (326400): [] release_sock+0x34/0x258 [ 84.167140][ C1] ---[ end trace 062e6fe66ca8d2a4 ]--- [ 84.195794][ T5044] loop0: detected capacity change from 0 to 128 [ 84.198925][ T5044] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.200223][ T5044] Bad inode number on dev loop0: 2 is out of range [ 84.201273][ T5044] SysV FS: get root inode failed [ 84.202248][ T5044] oldfs: cannot read superblock [ 84.206541][ C0] ------------[ cut here ]------------ [ 84.207416][ C0] VFS: brelse: Trying to free free buffer [ 84.208403][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.209920][ C0] Modules linked in: [ 84.210574][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.212039][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.213610][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.214875][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 84.215753][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 84.216558][ C0] sp : ffff800008007de0 [ 84.217213][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 84.218408][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 84.219708][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286ddf8 [ 84.220991][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 84.222277][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.223547][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 84.224898][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 84.226240][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.227588][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.228967][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 84.230233][ C0] Call trace: [ 84.230783][ C0] invalidate_bh_lru+0x128/0x22c [ 84.231648][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.232686][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.233901][ C0] ipi_handler+0x10c/0x6fc [ 84.234615][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 84.235537][ C0] handle_domain_irq+0x144/0x1fc [ 84.236370][ C0] gic_handle_irq+0x78/0x1b8 [ 84.237097][ C0] call_on_irq_stack+0x30/0x48 [ 84.237915][ C0] do_interrupt_handler+0x6c/0x88 [ 84.238754][ C0] el1_interrupt+0x30/0x58 [ 84.239520][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.240349][ C0] el1h_64_irq+0x78/0x7c [ 84.241053][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 84.242095][ C0] debug_object_active_state+0x16c/0x374 [ 84.242989][ C0] call_rcu+0x6c/0x8f4 [ 84.243644][ C0] dentry_free+0xa4/0x178 [ 84.244382][ C0] __dentry_kill+0x45c/0x598 [ 84.245063][ C0] dentry_kill+0xc8/0x248 [ 84.245747][ C0] dput+0x23c/0x458 [ 84.246338][ C0] dcache_dir_close+0x40/0x54 [ 84.247048][ C0] __fput+0x1c0/0x7e8 [ 84.247753][ C0] ____fput+0x20/0x30 [ 84.248418][ C0] task_work_run+0x12c/0x1d8 [ 84.249203][ C0] do_notify_resume+0x2450/0x309c [ 84.250021][ C0] el0_svc+0xf0/0x1d0 [ 84.250626][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 84.251426][ C0] el0t_64_sync+0x1a0/0x1a4 [ 84.252097][ C0] irq event stamp: 327966 [ 84.252780][ C0] hardirqs last enabled at (327965): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 84.254518][ C0] hardirqs last disabled at (327966): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.256177][ C0] softirqs last enabled at (327824): [] local_bh_enable+0x10/0x34 [ 84.257668][ C0] softirqs last disabled at (327822): [] local_bh_disable+0x10/0x34 [ 84.259236][ C0] ---[ end trace 062e6fe66ca8d2a5 ]--- [ 84.299194][ T5046] loop0: detected capacity change from 0 to 128 [ 84.334084][ T5046] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.335442][ T5046] Bad inode number on dev loop0: 2 is out of range [ 84.336540][ T5046] SysV FS: get root inode failed [ 84.337383][ T5046] oldfs: cannot read superblock [ 84.348037][ T4515] ------------[ cut here ]------------ [ 84.348974][ T4515] VFS: brelse: Trying to free free buffer [ 84.349986][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.351421][ T4515] Modules linked in: [ 84.352094][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 84.353526][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.355315][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.356636][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 84.357544][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 84.358398][ T4515] sp : ffff80001f8c77c0 [ 84.359071][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 84.360374][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 84.361797][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e298a230 [ 84.363067][ T4515] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 84.364424][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.365718][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 84.367043][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 84.368370][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.369609][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.370931][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.372235][ T4515] Call trace: [ 84.372776][ T4515] invalidate_bh_lru+0x128/0x22c [ 84.373593][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 84.374619][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.375461][ T4515] invalidate_bh_lrus+0x34/0x40 [ 84.376221][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 84.377026][ T4515] blkdev_put+0x490/0x6ac [ 84.377733][ T4515] blkdev_close+0x74/0xb0 [ 84.378541][ T4515] __fput+0x1c0/0x7e8 [ 84.379198][ T4515] ____fput+0x20/0x30 [ 84.379864][ T4515] task_work_run+0x12c/0x1d8 [ 84.380615][ T4515] do_notify_resume+0x2450/0x309c [ 84.381406][ T4515] el0_svc+0xf0/0x1d0 [ 84.382056][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 84.382864][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 84.383574][ T4515] irq event stamp: 352766 [ 84.384325][ T4515] hardirqs last enabled at (352765): [] kasan_quarantine_put+0xc4/0x200 [ 84.385961][ T4515] hardirqs last disabled at (352766): [] smp_call_function_many_cond+0xa44/0xeac [ 84.387717][ T4515] softirqs last enabled at (351744): [] local_bh_enable+0x10/0x34 [ 84.389350][ T4515] softirqs last disabled at (351742): [] local_bh_disable+0x10/0x34 [ 84.390876][ T4515] ---[ end trace 062e6fe66ca8d2a6 ]--- [ 84.435483][ T5048] loop0: detected capacity change from 0 to 128 [ 84.473659][ T5048] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.474887][ T5048] Bad inode number on dev loop0: 2 is out of range [ 84.475925][ T5048] SysV FS: get root inode failed [ 84.476716][ T5048] oldfs: cannot read superblock [ 84.486831][ C1] ------------[ cut here ]------------ [ 84.487797][ C1] VFS: brelse: Trying to free free buffer [ 84.488760][ C1] WARNING: CPU: 1 PID: 5049 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.490261][ C1] Modules linked in: [ 84.490923][ C1] CPU: 1 PID: 5049 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.492446][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.494045][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.495283][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 84.496153][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 84.497009][ C1] sp : ffff800008017de0 [ 84.497692][ C1] x29: ffff800008017de0 x28: ffff0000dc60b680 x27: 1fffe000341f645c [ 84.499008][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 84.500335][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286a6b8 [ 84.501560][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 84.502849][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.504220][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 84.505522][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 8801054289558b00 [ 84.506815][ C1] x8 : 8801054289558b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.508168][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.509459][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.510896][ C1] Call trace: [ 84.511420][ C1] invalidate_bh_lru+0x128/0x22c [ 84.512206][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.513198][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.514333][ C1] ipi_handler+0x10c/0x6fc [ 84.515092][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 84.515975][ C1] handle_domain_irq+0x144/0x1fc [ 84.516793][ C1] gic_handle_irq+0x78/0x1b8 [ 84.517501][ C1] call_on_irq_stack+0x30/0x48 [ 84.518289][ C1] do_interrupt_handler+0x6c/0x88 [ 84.519120][ C1] el1_interrupt+0x30/0x58 [ 84.519925][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.520763][ C1] el1h_64_irq+0x78/0x7c [ 84.521466][ C1] el0_svc_common+0xa8/0x258 [ 84.522233][ C1] do_el0_svc+0x58/0x13c [ 84.522972][ C1] el0_svc+0x78/0x1d0 [ 84.523610][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 84.524428][ C1] el0t_64_sync+0x1a0/0x1a4 [ 84.525130][ C1] irq event stamp: 1060 [ 84.525752][ C1] hardirqs last enabled at (1059): [] el0_svc_common+0x9c/0x258 [ 84.527281][ C1] hardirqs last disabled at (1060): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.528872][ C1] softirqs last enabled at (828): [] local_bh_enable+0x10/0x34 [ 84.530321][ C1] softirqs last disabled at (826): [] local_bh_disable+0x10/0x34 [ 84.531794][ C1] ---[ end trace 062e6fe66ca8d2a7 ]--- [ 84.565439][ T5050] loop0: detected capacity change from 0 to 128 [ 84.568220][ T5050] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.569447][ T5050] Bad inode number on dev loop0: 2 is out of range [ 84.570474][ T5050] SysV FS: get root inode failed [ 84.571256][ T5050] oldfs: cannot read superblock [ 84.625277][ C0] ------------[ cut here ]------------ [ 84.626248][ C0] VFS: brelse: Trying to free free buffer [ 84.627258][ C0] WARNING: CPU: 0 PID: 4163 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.628740][ C0] Modules linked in: [ 84.629344][ C0] CPU: 0 PID: 4163 Comm: kworker/0:17 Tainted: G W syzkaller #0 [ 84.630725][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.632341][ C0] Workqueue: events pwq_unbound_release_workfn [ 84.633400][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.634733][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 84.635633][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 84.636458][ C0] sp : ffff800008007de0 [ 84.637180][ C0] x29: ffff800008007de0 x28: ffff0000c2540000 x27: 1fffe000341f225c [ 84.638456][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 84.639825][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e298a5d0 [ 84.641299][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 84.642582][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.643917][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 84.645233][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 333fea47c3a19100 [ 84.646642][ C0] x8 : 333fea47c3a19100 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.647950][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.649282][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.650648][ C0] Call trace: [ 84.651158][ C0] invalidate_bh_lru+0x128/0x22c [ 84.651963][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.652970][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.654080][ C0] ipi_handler+0x10c/0x6fc [ 84.654852][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 84.655669][ C0] handle_domain_irq+0x144/0x1fc [ 84.656449][ C0] gic_handle_irq+0x78/0x1b8 [ 84.657232][ C0] call_on_irq_stack+0x30/0x48 [ 84.658118][ C0] do_interrupt_handler+0x6c/0x88 [ 84.658951][ C0] el1_interrupt+0x30/0x58 [ 84.659696][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.660503][ C0] el1h_64_irq+0x78/0x7c [ 84.661135][ C0] lockdep_unregister_key+0x30c/0x388 [ 84.661939][ C0] pwq_unbound_release_workfn+0x200/0x254 [ 84.662824][ C0] process_one_work+0x79c/0x1138 [ 84.663610][ C0] worker_thread+0x8f4/0x1034 [ 84.664370][ C0] kthread+0x374/0x454 [ 84.665053][ C0] ret_from_fork+0x10/0x20 [ 84.665779][ C0] irq event stamp: 35688 [ 84.666470][ C0] hardirqs last enabled at (35687): [] call_rcu+0x570/0x8f4 [ 84.667989][ C0] hardirqs last disabled at (35688): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.669546][ C0] softirqs last enabled at (35518): [] nsim_dev_trap_report_work+0x5fc/0x938 [ 84.671202][ C0] softirqs last disabled at (35516): [] nsim_dev_trap_report_work+0x578/0x938 [ 84.672860][ C0] ---[ end trace 062e6fe66ca8d2a8 ]--- [ 84.690360][ T5052] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.691690][ T5052] Bad inode number on dev loop0: 2 is out of range [ 84.693141][ T5052] SysV FS: get root inode failed [ 84.693941][ T5052] oldfs: cannot read superblock [ 84.703766][ T4515] ------------[ cut here ]------------ [ 84.704808][ T4515] VFS: brelse: Trying to free free buffer [ 84.705778][ T4515] WARNING: CPU: 0 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.707260][ T4515] Modules linked in: [ 84.707900][ T4515] CPU: 0 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 84.709303][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.710877][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.712259][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 84.713171][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 84.714118][ T4515] sp : ffff80001f8c77c0 [ 84.714784][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 84.716167][ T4515] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 84.717538][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e298a970 [ 84.718834][ T4515] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 84.720183][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.721375][ T4515] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 84.722710][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 84.723961][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.725228][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.726436][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.727719][ T4515] Call trace: [ 84.728294][ T4515] invalidate_bh_lru+0x128/0x22c [ 84.729123][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 84.730086][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.730939][ T4515] invalidate_bh_lrus+0x34/0x40 [ 84.731675][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 84.732528][ T4515] blkdev_put+0x490/0x6ac [ 84.733245][ T4515] blkdev_close+0x74/0xb0 [ 84.733935][ T4515] __fput+0x1c0/0x7e8 [ 84.734507][ T4515] ____fput+0x20/0x30 [ 84.735135][ T4515] task_work_run+0x12c/0x1d8 [ 84.735837][ T4515] do_notify_resume+0x2450/0x309c [ 84.736644][ T4515] el0_svc+0xf0/0x1d0 [ 84.737291][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 84.738108][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 84.738877][ T4515] irq event stamp: 372064 [ 84.739553][ T4515] hardirqs last enabled at (372063): [] kasan_quarantine_put+0xc4/0x200 [ 84.741342][ T4515] hardirqs last disabled at (372064): [] smp_call_function_many_cond+0xa44/0xeac [ 84.743058][ T4515] softirqs last enabled at (371788): [] local_bh_enable+0x10/0x34 [ 84.744621][ T4515] softirqs last disabled at (371786): [] local_bh_disable+0x10/0x34 [ 84.746174][ T4515] ---[ end trace 062e6fe66ca8d2a9 ]--- [ 84.797523][ T5054] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.798934][ T5054] Bad inode number on dev loop0: 2 is out of range [ 84.799889][ T5054] SysV FS: get root inode failed [ 84.800634][ T5054] oldfs: cannot read superblock [ 84.805255][ C0] ------------[ cut here ]------------ [ 84.806181][ C0] VFS: brelse: Trying to free free buffer [ 84.807117][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.808560][ C0] Modules linked in: [ 84.809179][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.810664][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.812264][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.813505][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 84.814396][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 84.815278][ C0] sp : ffff800008007de0 [ 84.815922][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 84.817259][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 84.818571][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e298ad10 [ 84.819884][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 84.821184][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.822487][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 84.823760][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 84.825024][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.826359][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.827679][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.828997][ C0] Call trace: [ 84.829566][ C0] invalidate_bh_lru+0x128/0x22c [ 84.830431][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.831460][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.832519][ C0] ipi_handler+0x10c/0x6fc [ 84.833199][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 84.834071][ C0] handle_domain_irq+0x144/0x1fc [ 84.834810][ C0] gic_handle_irq+0x78/0x1b8 [ 84.835528][ C0] call_on_irq_stack+0x30/0x48 [ 84.836281][ C0] do_interrupt_handler+0x6c/0x88 [ 84.837147][ C0] el1_interrupt+0x30/0x58 [ 84.837913][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.838760][ C0] el1h_64_irq+0x78/0x7c [ 84.839427][ C0] __sanitizer_cov_trace_pc+0x4/0xac [ 84.840234][ C0] path_lookupat+0x13c/0x3d0 [ 84.840939][ C0] filename_lookup+0x1b4/0x464 [ 84.841638][ C0] user_path_at_empty+0x5c/0x1a0 [ 84.842407][ C0] __arm64_sys_umount+0xf8/0x184 [ 84.843172][ C0] invoke_syscall+0x98/0x2b0 [ 84.843894][ C0] el0_svc_common+0x138/0x258 [ 84.844653][ C0] do_el0_svc+0x58/0x13c [ 84.845306][ C0] el0_svc+0x78/0x1d0 [ 84.845959][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 84.846769][ C0] el0t_64_sync+0x1a0/0x1a4 [ 84.847486][ C0] irq event stamp: 343632 [ 84.848160][ C0] hardirqs last enabled at (343631): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 84.849963][ C0] hardirqs last disabled at (343632): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.851519][ C0] softirqs last enabled at (343624): [] local_bh_enable+0x10/0x34 [ 84.853174][ C0] softirqs last disabled at (343622): [] local_bh_disable+0x10/0x34 [ 84.854839][ C0] ---[ end trace 062e6fe66ca8d2aa ]--- [ 84.903490][ T5056] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.904732][ T5056] Bad inode number on dev loop0: 2 is out of range [ 84.905860][ T5056] SysV FS: get root inode failed [ 84.906776][ T5056] oldfs: cannot read superblock [ 84.926416][ C1] ------------[ cut here ]------------ [ 84.927348][ C1] VFS: brelse: Trying to free free buffer [ 84.928329][ C1] WARNING: CPU: 1 PID: 21 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.929608][ C1] Modules linked in: [ 84.930171][ C1] CPU: 1 PID: 21 Comm: kworker/1:0 Tainted: G W syzkaller #0 [ 84.931608][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 84.933237][ C1] Workqueue: rcu_gp srcu_invoke_callbacks [ 84.934204][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.935434][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 84.936353][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 84.937208][ C1] sp : ffff800008017de0 [ 84.937867][ C1] x29: ffff800008017de0 x28: ffff0000c0a79b40 x27: 1fffe000341f645c [ 84.939201][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 84.940536][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286aa58 [ 84.941881][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 84.943207][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 84.944536][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 84.945815][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : d0cd91c18d578600 [ 84.947119][ C1] x8 : d0cd91c18d578600 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.948462][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 84.949789][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 84.951048][ C1] Call trace: [ 84.951544][ C1] invalidate_bh_lru+0x128/0x22c [ 84.952346][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.953320][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.954501][ C1] ipi_handler+0x10c/0x6fc [ 84.955220][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 84.956145][ C1] handle_domain_irq+0x144/0x1fc [ 84.956929][ C1] gic_handle_irq+0x78/0x1b8 [ 84.957698][ C1] call_on_irq_stack+0x30/0x48 [ 84.958445][ C1] do_interrupt_handler+0x6c/0x88 [ 84.959228][ C1] el1_interrupt+0x30/0x58 [ 84.959972][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.960723][ C1] el1h_64_irq+0x78/0x7c [ 84.961451][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 84.962366][ C1] debug_object_active_state+0x16c/0x374 [ 84.963257][ C1] srcu_invoke_callbacks+0x190/0x348 [ 84.964135][ C1] process_one_work+0x79c/0x1138 [ 84.964956][ C1] worker_thread+0x8f4/0x1034 [ 84.965668][ C1] kthread+0x374/0x454 [ 84.966341][ C1] ret_from_fork+0x10/0x20 [ 84.967014][ C1] irq event stamp: 143352 [ 84.967608][ C1] hardirqs last enabled at (143351): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 84.969347][ C1] hardirqs last disabled at (143352): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.970904][ C1] softirqs last enabled at (141840): [] local_bh_enable+0xc/0x2c [ 84.972475][ C1] softirqs last disabled at (141836): [] local_bh_disable+0xc/0x2c [ 84.973953][ C1] ---[ end trace 062e6fe66ca8d2ab ]--- [ 85.035846][ T5060] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.037079][ T5060] Bad inode number on dev loop0: 2 is out of range [ 85.038171][ T5060] SysV FS: get root inode failed [ 85.038954][ T5060] oldfs: cannot read superblock [ 85.053029][ C0] ------------[ cut here ]------------ [ 85.053943][ C0] VFS: brelse: Trying to free free buffer [ 85.054872][ C0] WARNING: CPU: 0 PID: 5062 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.056247][ C0] Modules linked in: [ 85.056894][ C0] CPU: 0 PID: 5062 Comm: syz.0.76 Tainted: G W syzkaller #0 [ 85.058271][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.059887][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.061116][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 85.062011][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 85.062870][ C0] sp : ffff800008007de0 [ 85.063565][ C0] x29: ffff800008007de0 x28: ffff0000dc1c9b40 x27: 1fffe000341f225c [ 85.064951][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 85.066248][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2866148 [ 85.067531][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 85.068830][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.070110][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 85.071443][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : d7a019c1a5bc8700 [ 85.072710][ C0] x8 : d7a019c1a5bc8700 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.073962][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.075315][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.076616][ C0] Call trace: [ 85.077148][ C0] invalidate_bh_lru+0x128/0x22c [ 85.077947][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.078960][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.080103][ C0] ipi_handler+0x10c/0x6fc [ 85.080788][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 85.081660][ C0] handle_domain_irq+0x144/0x1fc [ 85.082463][ C0] gic_handle_irq+0x78/0x1b8 [ 85.083237][ C0] call_on_irq_stack+0x30/0x48 [ 85.084036][ C0] do_interrupt_handler+0x6c/0x88 [ 85.084876][ C0] el1_interrupt+0x30/0x58 [ 85.085520][ C0] el1h_64_irq_handler+0x18/0x24 [ 85.086237][ C0] el1h_64_irq+0x78/0x7c [ 85.086887][ C0] kmem_cache_free+0x38/0x3b0 [ 85.087682][ C0] unlink_anon_vmas+0x494/0x534 [ 85.088495][ C0] free_pgtables+0x14c/0x278 [ 85.089283][ C0] exit_mmap+0x2d8/0x508 [ 85.089901][ C0] __mmput+0xec/0x3a8 [ 85.090510][ C0] mmput+0x80/0xc0 [ 85.091089][ C0] exit_mm+0x4ac/0x664 [ 85.091729][ C0] do_exit+0x4f0/0x1f50 [ 85.092446][ C0] do_group_exit+0x100/0x268 [ 85.093170][ C0] get_signal+0x73c/0x1334 [ 85.093872][ C0] do_notify_resume+0x354/0x309c [ 85.094626][ C0] el0_svc+0xf0/0x1d0 [ 85.095245][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 85.096050][ C0] el0t_64_sync+0x1a0/0x1a4 [ 85.096747][ C0] irq event stamp: 2226 [ 85.097448][ C0] hardirqs last enabled at (2225): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 85.099135][ C0] hardirqs last disabled at (2226): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.100747][ C0] softirqs last enabled at (1312): [] handle_softirqs+0xa40/0xbe4 [ 85.102339][ C0] softirqs last disabled at (1281): [] __irq_exit_rcu+0x240/0x43c [ 85.103934][ C0] ---[ end trace 062e6fe66ca8d2ac ]--- [ 85.160951][ T5064] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.162159][ T5064] Bad inode number on dev loop0: 2 is out of range [ 85.164301][ T5064] SysV FS: get root inode failed [ 85.165255][ T5064] oldfs: cannot read superblock [ 85.173446][ C1] ------------[ cut here ]------------ [ 85.174367][ C1] VFS: brelse: Trying to free free buffer [ 85.175319][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.176763][ C1] Modules linked in: [ 85.177423][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.178826][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.180369][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.181594][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.182482][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.183343][ C1] sp : ffff800008017de0 [ 85.184051][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 85.185376][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 85.186641][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286adf8 [ 85.187934][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 85.189319][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.190637][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 85.191945][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 85.193291][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.194623][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.195916][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.197247][ C1] Call trace: [ 85.197850][ C1] invalidate_bh_lru+0x128/0x22c [ 85.198720][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.199716][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.200768][ C1] ipi_handler+0x10c/0x6fc [ 85.201500][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.202341][ C1] handle_domain_irq+0x144/0x1fc [ 85.203082][ C1] gic_handle_irq+0x78/0x1b8 [ 85.203822][ C1] call_on_irq_stack+0x30/0x48 [ 85.204603][ C1] do_interrupt_handler+0x6c/0x88 [ 85.205412][ C1] el1_interrupt+0x30/0x58 [ 85.206114][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.206957][ C1] el1h_64_irq+0x78/0x7c [ 85.207633][ C1] __sanitizer_cov_trace_const_cmp8+0x1c/0xc0 [ 85.208681][ C1] arch_stack_walk+0x200/0x2bc [ 85.209449][ C1] stack_trace_save+0x9c/0xf0 [ 85.210284][ C1] __kasan_slab_alloc+0x8c/0xcc [ 85.211085][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 85.211889][ C1] kmem_cache_alloc_node+0x1fc/0x40c [ 85.212737][ C1] alloc_vmap_area+0x140/0x16c4 [ 85.213517][ C1] __get_vm_area_node+0x17c/0x2e8 [ 85.214352][ C1] __vmalloc_node_range+0xe8/0x8c8 [ 85.215246][ C1] vzalloc+0x110/0x188 [ 85.215864][ C1] alloc_counters+0x84/0x7a0 [ 85.216610][ C1] do_ip6t_get_ctl+0xb68/0x143c [ 85.217444][ C1] nf_getsockopt+0x264/0x284 [ 85.218190][ C1] ipv6_getsockopt+0x588/0x2538 [ 85.219027][ C1] tcp_getsockopt+0x210/0x2eec [ 85.219856][ C1] sock_common_getsockopt+0xa8/0xc4 [ 85.220668][ C1] __sys_getsockopt+0x1b8/0x250 [ 85.221460][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 85.222317][ C1] invoke_syscall+0x98/0x2b0 [ 85.223066][ C1] el0_svc_common+0x138/0x258 [ 85.223813][ C1] do_el0_svc+0x58/0x13c [ 85.224545][ C1] el0_svc+0x78/0x1d0 [ 85.225201][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.226026][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.226802][ C1] irq event stamp: 359508 [ 85.227472][ C1] hardirqs last enabled at (359507): [] ___slab_alloc+0xc18/0xd8c [ 85.229044][ C1] hardirqs last disabled at (359508): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.230627][ C1] softirqs last enabled at (359376): [] release_sock+0x1d0/0x258 [ 85.232181][ C1] softirqs last disabled at (359374): [] release_sock+0x34/0x258 [ 85.233656][ C1] ---[ end trace 062e6fe66ca8d2ad ]--- [ 85.327527][ T5066] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.328779][ T5066] Bad inode number on dev loop0: 2 is out of range [ 85.329823][ T5066] SysV FS: get root inode failed [ 85.330738][ T5066] oldfs: cannot read superblock [ 85.337688][ C0] ------------[ cut here ]------------ [ 85.338626][ C0] VFS: brelse: Trying to free free buffer [ 85.339587][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.341021][ C0] Modules linked in: [ 85.341669][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.343110][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.344707][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.345999][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 85.346825][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 85.347655][ C0] sp : ffff800008007de0 [ 85.348330][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 85.349704][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 85.351005][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28664e8 [ 85.352444][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 85.353806][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.355109][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 85.356415][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 85.357752][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.359096][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.360410][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.361769][ C0] Call trace: [ 85.362308][ C0] invalidate_bh_lru+0x128/0x22c [ 85.363106][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.364140][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.365313][ C0] ipi_handler+0x10c/0x6fc [ 85.366011][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 85.366853][ C0] handle_domain_irq+0x144/0x1fc [ 85.367652][ C0] gic_handle_irq+0x78/0x1b8 [ 85.368343][ C0] call_on_irq_stack+0x30/0x48 [ 85.369170][ C0] do_interrupt_handler+0x6c/0x88 [ 85.369986][ C0] el1_interrupt+0x30/0x58 [ 85.370682][ C0] el1h_64_irq_handler+0x18/0x24 [ 85.371482][ C0] el1h_64_irq+0x78/0x7c [ 85.372170][ C0] count_memcg_event_mm+0x1d0/0x300 [ 85.373056][ C0] handle_mm_fault+0x19c/0x2a28 [ 85.373775][ C0] do_page_fault+0x67c/0xab0 [ 85.374502][ C0] do_mem_abort+0x6c/0x1ac [ 85.375148][ C0] el0_da+0x90/0x1ec [ 85.375728][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 85.376456][ C0] el0t_64_sync+0x1a0/0x1a4 [ 85.377220][ C0] irq event stamp: 363056 [ 85.377862][ C0] hardirqs last enabled at (363055): [] count_memcg_event_mm+0x1b0/0x300 [ 85.379403][ C0] hardirqs last disabled at (363056): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.381035][ C0] softirqs last enabled at (362782): [] local_bh_enable+0x10/0x34 [ 85.382642][ C0] softirqs last disabled at (362780): [] local_bh_disable+0x10/0x34 [ 85.384223][ C0] ---[ end trace 062e6fe66ca8d2ae ]--- [ 85.457224][ T5068] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.458434][ T5068] Bad inode number on dev loop0: 2 is out of range [ 85.459504][ T5068] SysV FS: get root inode failed [ 85.460284][ T5068] oldfs: cannot read superblock [ 85.461123][ T5068] ------------[ cut here ]------------ [ 85.462059][ T5068] VFS: brelse: Trying to free free buffer [ 85.463011][ T5068] WARNING: CPU: 0 PID: 5068 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.464451][ T5068] Modules linked in: [ 85.465136][ T5068] CPU: 0 PID: 5068 Comm: syz.0.79 Tainted: G W syzkaller #0 [ 85.466460][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.468116][ T5068] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.469480][ T5068] pc : invalidate_bh_lru+0x128/0x22c [ 85.470347][ T5068] lr : invalidate_bh_lru+0x128/0x22c [ 85.471157][ T5068] sp : ffff8000200b76e0 [ 85.471840][ T5068] x29: ffff8000200b76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 85.473230][ T5068] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 85.474522][ T5068] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2866888 [ 85.475775][ T5068] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 85.477048][ T5068] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.478324][ T5068] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 85.479692][ T5068] x11: 0000000000000002 x10: 0000000000000000 x9 : b8425d2914fbd300 [ 85.480959][ T5068] x8 : b8425d2914fbd300 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.482237][ T5068] x5 : ffff8000200b6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.483594][ T5068] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.484882][ T5068] Call trace: [ 85.485412][ T5068] invalidate_bh_lru+0x128/0x22c [ 85.486307][ T5068] smp_call_function_many_cond+0xa50/0xeac [ 85.487268][ T5068] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.488107][ T5068] invalidate_bh_lrus+0x34/0x40 [ 85.488934][ T5068] blkdev_flush_mapping+0x16c/0x334 [ 85.489767][ T5068] blkdev_put+0x490/0x6ac [ 85.490490][ T5068] kill_block_super+0x98/0xdc [ 85.491215][ T5068] deactivate_locked_super+0xb8/0x134 [ 85.492044][ T5068] mount_bdev+0x284/0x358 [ 85.492762][ T5068] sysv_mount+0x44/0x58 [ 85.493470][ T5068] legacy_get_tree+0xd4/0x16c [ 85.494293][ T5068] vfs_get_tree+0x90/0x274 [ 85.495009][ T5068] do_new_mount+0x228/0x810 [ 85.495774][ T5068] path_mount+0x5bc/0x1008 [ 85.496424][ T5068] __arm64_sys_mount+0x514/0x5f0 [ 85.497189][ T5068] invoke_syscall+0x98/0x2b0 [ 85.497956][ T5068] el0_svc_common+0x138/0x258 [ 85.498734][ T5068] do_el0_svc+0x58/0x13c [ 85.499456][ T5068] el0_svc+0x78/0x1d0 [ 85.500135][ T5068] el0t_64_sync_handler+0xcc/0xe4 [ 85.500990][ T5068] el0t_64_sync+0x1a0/0x1a4 [ 85.501698][ T5068] irq event stamp: 1150 [ 85.502374][ T5068] hardirqs last enabled at (1149): [] kasan_quarantine_put+0xc4/0x200 [ 85.503997][ T5068] hardirqs last disabled at (1150): [] smp_call_function_many_cond+0xa44/0xeac [ 85.505703][ T5068] softirqs last enabled at (906): [] local_bh_enable+0x10/0x34 [ 85.507094][ T5068] softirqs last disabled at (904): [] local_bh_disable+0x10/0x34 [ 85.508678][ T5068] ---[ end trace 062e6fe66ca8d2af ]--- [ 85.635582][ T5072] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.636851][ T5072] Bad inode number on dev loop0: 2 is out of range [ 85.637896][ T5072] SysV FS: get root inode failed [ 85.638807][ T5072] oldfs: cannot read superblock [ 85.646079][ C0] ------------[ cut here ]------------ [ 85.646986][ C0] VFS: brelse: Trying to free free buffer [ 85.647921][ C0] WARNING: CPU: 0 PID: 5073 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.649346][ C0] Modules linked in: [ 85.650038][ C0] CPU: 0 PID: 5073 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.651390][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.652895][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.654232][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 85.655132][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 85.656016][ C0] sp : ffff800008007de0 [ 85.656678][ C0] x29: ffff800008007de0 x28: ffff0000d6181b40 x27: 1fffe000341f225b [ 85.657902][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 85.659186][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2866c28 [ 85.660411][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 85.661671][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.662858][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 85.664102][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 7b366bc427321b00 [ 85.665350][ C0] x8 : 7b366bc427321b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.666653][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.668031][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 85.669364][ C0] Call trace: [ 85.669939][ C0] invalidate_bh_lru+0x128/0x22c [ 85.670733][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.671718][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.672846][ C0] ipi_handler+0x10c/0x6fc [ 85.673563][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 85.674417][ C0] handle_domain_irq+0x144/0x1fc [ 85.675190][ C0] gic_handle_irq+0x78/0x1b8 [ 85.675883][ C0] call_on_irq_stack+0x30/0x48 [ 85.676659][ C0] do_interrupt_handler+0x6c/0x88 [ 85.677517][ C0] el1_interrupt+0x30/0x58 [ 85.678253][ C0] el1h_64_irq_handler+0x18/0x24 [ 85.679066][ C0] el1h_64_irq+0x78/0x7c [ 85.679726][ C0] _raw_spin_unlock_irq+0xa0/0x128 [ 85.680541][ C0] calculate_sigpending+0x80/0xb8 [ 85.681409][ C0] schedule_tail+0x108/0x150 [ 85.682109][ C0] ret_from_fork+0x4/0x20 [ 85.682782][ C0] irq event stamp: 20 [ 85.683406][ C0] hardirqs last enabled at (19): [] _raw_spin_unlock_irq+0x98/0x128 [ 85.684945][ C0] hardirqs last disabled at (20): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.686531][ C0] softirqs last enabled at (0): [] copy_process+0x1140/0x34c8 [ 85.688095][ C0] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.689303][ C0] ---[ end trace 062e6fe66ca8d2b0 ]--- [ 85.768122][ T5074] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.769389][ T5074] Bad inode number on dev loop0: 2 is out of range [ 85.770527][ T5074] SysV FS: get root inode failed [ 85.771355][ T5074] oldfs: cannot read superblock [ 85.777828][ C1] ------------[ cut here ]------------ [ 85.778743][ C1] VFS: brelse: Trying to free free buffer [ 85.779628][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.781038][ C1] Modules linked in: [ 85.781645][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 85.782952][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.784659][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.785923][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.786808][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.787677][ C1] sp : ffff800008017de0 [ 85.788336][ C1] x29: ffff800008017de0 x28: ffff0000d658d1c0 x27: 1fffe000341f645c [ 85.789798][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 85.791155][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b9230 [ 85.792436][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 85.793810][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.795075][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 85.796453][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 672382a832d07600 [ 85.797703][ C1] x8 : 672382a832d07600 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.799086][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.800323][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.801589][ C1] Call trace: [ 85.802133][ C1] invalidate_bh_lru+0x128/0x22c [ 85.802982][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.803899][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.804949][ C1] ipi_handler+0x10c/0x6fc [ 85.805632][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.806571][ C1] handle_domain_irq+0x144/0x1fc [ 85.807421][ C1] gic_handle_irq+0x78/0x1b8 [ 85.808164][ C1] call_on_irq_stack+0x30/0x48 [ 85.808930][ C1] do_interrupt_handler+0x6c/0x88 [ 85.809781][ C1] el1_interrupt+0x30/0x58 [ 85.810549][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.811378][ C1] el1h_64_irq+0x78/0x7c [ 85.812137][ C1] arch_local_irq_restore+0x8/0x10 [ 85.812993][ C1] ___might_sleep+0x98/0x4d4 [ 85.813768][ C1] __might_sleep+0x98/0x124 [ 85.814486][ C1] __might_fault+0x80/0x128 [ 85.815222][ C1] strncpy_from_user+0x194/0x598 [ 85.815964][ C1] getname_flags+0xec/0x450 [ 85.816699][ C1] user_path_at_empty+0x40/0x1a0 [ 85.817460][ C1] do_readlinkat+0xe0/0x3fc [ 85.818192][ C1] __arm64_sys_readlinkat+0x9c/0xb8 [ 85.819015][ C1] invoke_syscall+0x98/0x2b0 [ 85.819758][ C1] el0_svc_common+0x138/0x258 [ 85.820547][ C1] do_el0_svc+0x58/0x13c [ 85.821250][ C1] el0_svc+0x78/0x1d0 [ 85.821939][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.822740][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.823511][ C1] irq event stamp: 1352864 [ 85.824244][ C1] hardirqs last enabled at (1352863): [] el0_svc_common+0x9c/0x258 [ 85.825766][ C1] hardirqs last disabled at (1352864): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.827441][ C1] softirqs last enabled at (1352858): [] local_bh_enable+0x10/0x34 [ 85.829025][ C1] softirqs last disabled at (1352856): [] local_bh_disable+0x10/0x34 [ 85.830483][ C1] ---[ end trace 062e6fe66ca8d2b1 ]--- [ 85.864004][ T5076] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.865261][ T5076] Bad inode number on dev loop0: 2 is out of range [ 85.866507][ T5076] SysV FS: get root inode failed [ 85.867293][ T5076] oldfs: cannot read superblock [ 85.871625][ C1] ------------[ cut here ]------------ [ 85.872607][ C1] VFS: brelse: Trying to free free buffer [ 85.873557][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.874994][ C1] Modules linked in: [ 85.875590][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.877018][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 85.878619][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.879966][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.880772][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.881656][ C1] sp : ffff800008017de0 [ 85.882299][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 85.883605][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 85.884997][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b95d0 [ 85.886356][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 85.887650][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 85.889094][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 85.890374][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 85.891684][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.892865][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 85.894054][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.895312][ C1] Call trace: [ 85.895864][ C1] invalidate_bh_lru+0x128/0x22c [ 85.896612][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.897571][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.898667][ C1] ipi_handler+0x10c/0x6fc [ 85.899362][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.900292][ C1] handle_domain_irq+0x144/0x1fc [ 85.901107][ C1] gic_handle_irq+0x78/0x1b8 [ 85.901871][ C1] call_on_irq_stack+0x30/0x48 [ 85.902650][ C1] do_interrupt_handler+0x6c/0x88 [ 85.903456][ C1] el0_interrupt+0x94/0x248 [ 85.904219][ C1] __el0_irq_handler_common+0x18/0x24 [ 85.905157][ C1] el0t_64_irq_handler+0x10/0x1c [ 85.905975][ C1] el0t_64_irq+0x1a0/0x1a4 [ 85.906665][ C1] irq event stamp: 377050 [ 85.907296][ C1] hardirqs last enabled at (377049): [] el0t_64_sync_handler+0x6c/0xe4 [ 85.909003][ C1] hardirqs last disabled at (377050): [] __el0_irq_handler_common+0x18/0x24 [ 85.910719][ C1] softirqs last enabled at (377046): [] local_bh_enable+0x10/0x34 [ 85.912215][ C1] softirqs last disabled at (377044): [] local_bh_disable+0x10/0x34 [ 85.913781][ C1] ---[ end trace 062e6fe66ca8d2b2 ]--- [ 85.967686][ T5078] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.968925][ T5078] Bad inode number on dev loop0: 2 is out of range [ 85.969947][ T5078] SysV FS: get root inode failed [ 85.970706][ T5078] oldfs: cannot read superblock [ 85.995687][ T4515] ------------[ cut here ]------------ [ 85.996552][ T4515] VFS: brelse: Trying to free free buffer [ 85.997561][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.998960][ T4515] Modules linked in: [ 85.999574][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 86.000925][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.002466][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.003793][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 86.004693][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 86.005470][ T4515] sp : ffff80001f8c77c0 [ 86.006066][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 86.007413][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 86.008677][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b9970 [ 86.009955][ T4515] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 86.011287][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.012595][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 86.013876][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 86.015178][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.016466][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.017783][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 86.019045][ T4515] Call trace: [ 86.019565][ T4515] invalidate_bh_lru+0x128/0x22c [ 86.020325][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 86.021186][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 86.022010][ T4515] invalidate_bh_lrus+0x34/0x40 [ 86.022788][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 86.023650][ T4515] blkdev_put+0x490/0x6ac [ 86.024358][ T4515] blkdev_close+0x74/0xb0 [ 86.025056][ T4515] __fput+0x1c0/0x7e8 [ 86.025699][ T4515] ____fput+0x20/0x30 [ 86.026334][ T4515] task_work_run+0x12c/0x1d8 [ 86.027107][ T4515] do_notify_resume+0x2450/0x309c [ 86.027984][ T4515] el0_svc+0xf0/0x1d0 [ 86.028662][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 86.029522][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 86.030242][ T4515] irq event stamp: 448614 [ 86.030948][ T4515] hardirqs last enabled at (448613): [] kasan_quarantine_put+0xc4/0x200 [ 86.032410][ T4515] hardirqs last disabled at (448614): [] smp_call_function_many_cond+0xa44/0xeac [ 86.034045][ T4515] softirqs last enabled at (448342): [] local_bh_enable+0x10/0x34 [ 86.035594][ T4515] softirqs last disabled at (448340): [] local_bh_disable+0x10/0x34 [ 86.037139][ T4515] ---[ end trace 062e6fe66ca8d2b3 ]--- [ 86.078853][ T5082] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.080049][ T5082] Bad inode number on dev loop0: 2 is out of range [ 86.081049][ T5082] SysV FS: get root inode failed [ 86.081791][ T5082] oldfs: cannot read superblock [ 86.086798][ C1] ------------[ cut here ]------------ [ 86.087711][ C1] VFS: brelse: Trying to free free buffer [ 86.088611][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.090061][ C1] Modules linked in: [ 86.090646][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.091999][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.093614][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.094880][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.095687][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.096583][ C1] sp : ffff800008017de0 [ 86.097245][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 86.098565][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 86.099889][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b9d10 [ 86.101183][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 86.102434][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.103660][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 86.104952][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 86.106261][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.107514][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.108846][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.110277][ C1] Call trace: [ 86.110824][ C1] invalidate_bh_lru+0x128/0x22c [ 86.111704][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.112688][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.113882][ C1] ipi_handler+0x10c/0x6fc [ 86.114614][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.115580][ C1] handle_domain_irq+0x144/0x1fc [ 86.116381][ C1] gic_handle_irq+0x78/0x1b8 [ 86.117140][ C1] call_on_irq_stack+0x30/0x48 [ 86.117897][ C1] do_interrupt_handler+0x6c/0x88 [ 86.118660][ C1] el1_interrupt+0x30/0x58 [ 86.119333][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.120125][ C1] el1h_64_irq+0x78/0x7c [ 86.120777][ C1] __sanitizer_cov_trace_pc+0x10/0xac [ 86.121590][ C1] unwind_frame+0x3f0/0x68c [ 86.122369][ C1] arch_stack_walk+0x200/0x2bc [ 86.123186][ C1] stack_trace_save+0x9c/0xf0 [ 86.123982][ C1] __kasan_slab_alloc+0x8c/0xcc [ 86.124745][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 86.125550][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 86.126333][ C1] sk_prot_alloc+0x60/0x1ec [ 86.127065][ C1] sk_alloc+0x40/0x384 [ 86.127731][ C1] inet_create+0x668/0xca4 [ 86.128409][ C1] __sock_create+0x4b0/0x8b4 [ 86.129205][ C1] __sys_socket+0xf0/0x18c [ 86.129997][ C1] __arm64_sys_socket+0x7c/0x94 [ 86.130868][ C1] invoke_syscall+0x98/0x2b0 [ 86.131599][ C1] el0_svc_common+0x138/0x258 [ 86.132377][ C1] do_el0_svc+0x58/0x13c [ 86.133090][ C1] el0_svc+0x78/0x1d0 [ 86.133731][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.134556][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.135286][ C1] irq event stamp: 385380 [ 86.136020][ C1] hardirqs last enabled at (385379): [] try_charge_memcg+0x1d4/0x11a0 [ 86.137525][ C1] hardirqs last disabled at (385380): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.139182][ C1] softirqs last enabled at (385332): [] release_sock+0x1d0/0x258 [ 86.140745][ C1] softirqs last disabled at (385330): [] release_sock+0x34/0x258 [ 86.142261][ C1] ---[ end trace 062e6fe66ca8d2b4 ]--- [ 86.213750][ T5084] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.215080][ T5084] Bad inode number on dev loop0: 2 is out of range [ 86.216204][ T5084] SysV FS: get root inode failed [ 86.217060][ T5084] oldfs: cannot read superblock [ 86.228398][ C0] ------------[ cut here ]------------ [ 86.229287][ C0] VFS: brelse: Trying to free free buffer [ 86.230262][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.231694][ C0] Modules linked in: [ 86.232333][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.233787][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.235386][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.236628][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 86.237490][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 86.238357][ C0] sp : ffff800008007de0 [ 86.239071][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 86.240359][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 86.241736][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fc060 [ 86.242981][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 86.244365][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.245757][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 86.247089][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 86.248350][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.249676][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.251055][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.252352][ C0] Call trace: [ 86.252914][ C0] invalidate_bh_lru+0x128/0x22c [ 86.253753][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 86.254673][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.255859][ C0] ipi_handler+0x10c/0x6fc [ 86.256638][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 86.257580][ C0] handle_domain_irq+0x144/0x1fc [ 86.258453][ C0] gic_handle_irq+0x78/0x1b8 [ 86.259220][ C0] call_on_irq_stack+0x30/0x48 [ 86.260022][ C0] do_interrupt_handler+0x6c/0x88 [ 86.260846][ C0] el1_interrupt+0x30/0x58 [ 86.261544][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.262370][ C0] el1h_64_irq+0x78/0x7c [ 86.263071][ C0] lock_release+0x4a0/0x8e0 [ 86.263816][ C0] rcu_lock_release+0x24/0x30 [ 86.264564][ C0] get_mem_cgroup_from_objcg+0x128/0x144 [ 86.265450][ C0] obj_cgroup_charge_pages+0x80/0x1a4 [ 86.266322][ C0] __memcg_kmem_charge_page+0x3c0/0x59c [ 86.267251][ C0] __alloc_pages+0x1d0/0x470 [ 86.267999][ C0] alloc_pages+0x34c/0x5c0 [ 86.268719][ C0] pte_alloc_one+0x2c/0x254 [ 86.269462][ C0] __pte_alloc+0x34/0x214 [ 86.270189][ C0] copy_page_range+0x1e1c/0x2328 [ 86.270989][ C0] copy_mm+0x9d8/0x105c [ 86.271661][ C0] copy_process+0x1500/0x34c8 [ 86.272417][ C0] kernel_clone+0x1ec/0x9e8 [ 86.273135][ C0] __arm64_sys_clone+0x14c/0x1b8 [ 86.273987][ C0] invoke_syscall+0x98/0x2b0 [ 86.274704][ C0] el0_svc_common+0x138/0x258 [ 86.275514][ C0] do_el0_svc+0x58/0x13c [ 86.276159][ C0] el0_svc+0x78/0x1d0 [ 86.276770][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 86.277642][ C0] el0t_64_sync+0x1a0/0x1a4 [ 86.278431][ C0] irq event stamp: 389288 [ 86.279136][ C0] hardirqs last enabled at (389287): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 86.280871][ C0] hardirqs last disabled at (389288): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.282500][ C0] softirqs last enabled at (389196): [] local_bh_enable+0x10/0x34 [ 86.284076][ C0] softirqs last disabled at (389194): [] local_bh_disable+0x10/0x34 [ 86.285540][ C0] ---[ end trace 062e6fe66ca8d2b5 ]--- [ 86.353886][ T5086] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.355198][ T5086] Bad inode number on dev loop0: 2 is out of range [ 86.356204][ T5086] SysV FS: get root inode failed [ 86.357015][ T5086] oldfs: cannot read superblock [ 86.362232][ C1] ------------[ cut here ]------------ [ 86.363178][ C1] VFS: brelse: Trying to free free buffer [ 86.364190][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.365669][ C1] Modules linked in: [ 86.366313][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 86.367689][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.369297][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.370522][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.371366][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.372143][ C1] sp : ffff800008017de0 [ 86.372856][ C1] x29: ffff800008017de0 x28: ffff0000d658d1c0 x27: 1fffe000341f645c [ 86.374148][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 86.375320][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd21b148 [ 86.376609][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 86.377945][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.379252][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 86.380526][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 672382a832d07600 [ 86.381773][ C1] x8 : 672382a832d07600 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.383084][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.384417][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.385746][ C1] Call trace: [ 86.386317][ C1] invalidate_bh_lru+0x128/0x22c [ 86.387158][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.388162][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.389320][ C1] ipi_handler+0x10c/0x6fc [ 86.390041][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.390931][ C1] handle_domain_irq+0x144/0x1fc [ 86.391732][ C1] gic_handle_irq+0x78/0x1b8 [ 86.392442][ C1] call_on_irq_stack+0x30/0x48 [ 86.393184][ C1] do_interrupt_handler+0x6c/0x88 [ 86.393990][ C1] el1_interrupt+0x30/0x58 [ 86.394656][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.395385][ C1] el1h_64_irq+0x78/0x7c [ 86.396044][ C1] kasan_quarantine_put+0xd4/0x200 [ 86.396830][ C1] ____kasan_slab_free+0x124/0x164 [ 86.397601][ C1] __kasan_slab_free+0x18/0x28 [ 86.398325][ C1] slab_free_freelist_hook+0x128/0x1e4 [ 86.399195][ C1] kmem_cache_free+0xdc/0x3b0 [ 86.399947][ C1] security_file_free+0xc8/0xe4 [ 86.400750][ C1] __fput+0x4b8/0x7e8 [ 86.401410][ C1] ____fput+0x20/0x30 [ 86.402056][ C1] task_work_run+0x12c/0x1d8 [ 86.402801][ C1] do_notify_resume+0x2450/0x309c [ 86.403592][ C1] el0_svc+0xf0/0x1d0 [ 86.404216][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.405027][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.405719][ C1] irq event stamp: 1374524 [ 86.406434][ C1] hardirqs last enabled at (1374523): [] kasan_quarantine_put+0xc4/0x200 [ 86.408054][ C1] hardirqs last disabled at (1374524): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.409742][ C1] softirqs last enabled at (1374366): [] local_bh_enable+0x10/0x34 [ 86.411382][ C1] softirqs last disabled at (1374364): [] local_bh_disable+0x10/0x34 [ 86.412940][ C1] ---[ end trace 062e6fe66ca8d2b6 ]--- [ 86.466067][ T5088] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.467312][ T5088] Bad inode number on dev loop0: 2 is out of range [ 86.468468][ T5088] SysV FS: get root inode failed [ 86.469244][ T5088] oldfs: cannot read superblock [ 86.476509][ C1] ------------[ cut here ]------------ [ 86.477456][ C1] VFS: brelse: Trying to free free buffer [ 86.478450][ C1] WARNING: CPU: 1 PID: 5089 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.479830][ C1] Modules linked in: [ 86.480463][ C1] CPU: 1 PID: 5089 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.481924][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.483569][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.484856][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.485743][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.486586][ C1] sp : ffff800008017de0 [ 86.487296][ C1] x29: ffff800008017de0 x28: ffff0000ee47b680 x27: 1fffe000341f645b [ 86.488645][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 86.489968][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd21b4e8 [ 86.491324][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 86.492674][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.494053][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 86.495308][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 85ff9e23a0d18e00 [ 86.496630][ C1] x8 : 85ff9e23a0d18e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.497891][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.499157][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 86.500421][ C1] Call trace: [ 86.501005][ C1] invalidate_bh_lru+0x128/0x22c [ 86.501780][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.502771][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.503920][ C1] ipi_handler+0x10c/0x6fc [ 86.504680][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.505523][ C1] handle_domain_irq+0x144/0x1fc [ 86.506291][ C1] gic_handle_irq+0x78/0x1b8 [ 86.507026][ C1] call_on_irq_stack+0x30/0x48 [ 86.507741][ C1] do_interrupt_handler+0x6c/0x88 [ 86.508483][ C1] el1_interrupt+0x30/0x58 [ 86.509166][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.510002][ C1] el1h_64_irq+0x78/0x7c [ 86.510690][ C1] __sync_icache_dcache+0x70/0x26c [ 86.511507][ C1] set_pte_at+0x70/0x3a8 [ 86.512225][ C1] do_set_pte+0x3d4/0x4dc [ 86.512949][ C1] filemap_map_pages+0x9d0/0xc54 [ 86.513696][ C1] handle_mm_fault+0x188c/0x2a28 [ 86.514524][ C1] do_page_fault+0x67c/0xab0 [ 86.515350][ C1] do_translation_fault+0xe0/0x130 [ 86.516247][ C1] do_mem_abort+0x6c/0x1ac [ 86.517024][ C1] el0_da+0x90/0x1ec [ 86.517679][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 86.518396][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.519112][ C1] irq event stamp: 522 [ 86.519683][ C1] hardirqs last enabled at (521): [] lock_page_memcg+0x110/0x22c [ 86.521210][ C1] hardirqs last disabled at (522): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.522729][ C1] softirqs last enabled at (24): [] local_bh_enable+0x10/0x34 [ 86.524144][ C1] softirqs last disabled at (22): [] local_bh_disable+0x10/0x34 [ 86.525607][ C1] ---[ end trace 062e6fe66ca8d2b7 ]--- [ 86.618018][ T5090] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.619226][ T5090] Bad inode number on dev loop0: 2 is out of range [ 86.620297][ T5090] SysV FS: get root inode failed [ 86.621131][ T5090] oldfs: cannot read superblock [ 86.628280][ C0] ------------[ cut here ]------------ [ 86.629193][ C0] VFS: brelse: Trying to free free buffer [ 86.630243][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.631671][ C0] Modules linked in: [ 86.632307][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.633718][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.635292][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.636573][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 86.637457][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 86.638259][ C0] sp : ffff800008007de0 [ 86.638933][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225b [ 86.640226][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 86.641547][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fc400 [ 86.642833][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 86.644197][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.645398][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 86.646693][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 86.647993][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.649248][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.650543][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 86.651922][ C0] Call trace: [ 86.652484][ C0] invalidate_bh_lru+0x128/0x22c [ 86.653273][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 86.654292][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.655438][ C0] ipi_handler+0x10c/0x6fc [ 86.656225][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 86.656974][ C0] handle_domain_irq+0x144/0x1fc [ 86.657723][ C0] gic_handle_irq+0x78/0x1b8 [ 86.658449][ C0] call_on_irq_stack+0x30/0x48 [ 86.659250][ C0] do_interrupt_handler+0x6c/0x88 [ 86.660134][ C0] el1_interrupt+0x30/0x58 [ 86.660859][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.661589][ C0] el1h_64_irq+0x78/0x7c [ 86.662248][ C0] ptep_clear_flush+0x148/0x1e4 [ 86.663299][ C0] wp_page_copy+0x7c8/0x11ec [ 86.664012][ C0] do_wp_page+0x6c0/0x984 [ 86.664724][ C0] handle_mm_fault+0x163c/0x2a28 [ 86.665563][ C0] do_page_fault+0x67c/0xab0 [ 86.666364][ C0] do_mem_abort+0x6c/0x1ac [ 86.667056][ C0] el0_da+0x90/0x1ec [ 86.667643][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 86.668443][ C0] el0t_64_sync+0x1a0/0x1a4 [ 86.669239][ C0] irq event stamp: 398004 [ 86.669931][ C0] hardirqs last enabled at (398003): [] charge_memcg+0x190/0x21c [ 86.671425][ C0] hardirqs last disabled at (398004): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.672966][ C0] softirqs last enabled at (397764): [] local_bh_enable+0x10/0x34 [ 86.674402][ C0] softirqs last disabled at (397762): [] local_bh_disable+0x10/0x34 [ 86.675958][ C0] ---[ end trace 062e6fe66ca8d2b8 ]--- [ 86.716816][ T5092] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.718062][ T5092] Bad inode number on dev loop0: 2 is out of range [ 86.719115][ T5092] SysV FS: get root inode failed [ 86.719945][ T5092] oldfs: cannot read superblock [ 86.725164][ T3660] ------------[ cut here ]------------ [ 86.726066][ T3660] VFS: brelse: Trying to free free buffer [ 86.727070][ T3660] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.728397][ T3660] Modules linked in: [ 86.729015][ T3660] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 86.730373][ T3660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.732007][ T3660] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.733311][ T3660] pc : invalidate_bh_lru+0x128/0x22c [ 86.734161][ T3660] lr : invalidate_bh_lru+0x128/0x22c [ 86.735059][ T3660] sp : ffff8000225677c0 [ 86.735746][ T3660] x29: ffff8000225677c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 86.737016][ T3660] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 86.738286][ T3660] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd21b888 [ 86.739771][ T3660] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 86.741023][ T3660] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.742302][ T3660] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 86.743628][ T3660] x11: 0000000000000002 x10: 0000000000000000 x9 : 672382a832d07600 [ 86.745021][ T3660] x8 : 672382a832d07600 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.746324][ T3660] x5 : ffff8000225670d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.747623][ T3660] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 86.749005][ T3660] Call trace: [ 86.749545][ T3660] invalidate_bh_lru+0x128/0x22c [ 86.750399][ T3660] smp_call_function_many_cond+0xa50/0xeac [ 86.751347][ T3660] on_each_cpu_cond_mask+0x5c/0xc4 [ 86.752180][ T3660] invalidate_bh_lrus+0x34/0x40 [ 86.752916][ T3660] blkdev_flush_mapping+0x16c/0x334 [ 86.753762][ T3660] blkdev_put+0x490/0x6ac [ 86.754478][ T3660] blkdev_close+0x74/0xb0 [ 86.755202][ T3660] __fput+0x1c0/0x7e8 [ 86.755849][ T3660] ____fput+0x20/0x30 [ 86.756531][ T3660] task_work_run+0x12c/0x1d8 [ 86.757270][ T3660] do_notify_resume+0x2450/0x309c [ 86.758142][ T3660] el0_svc+0xf0/0x1d0 [ 86.758750][ T3660] el0t_64_sync_handler+0xcc/0xe4 [ 86.759589][ T3660] el0t_64_sync+0x1a0/0x1a4 [ 86.760347][ T3660] irq event stamp: 1382792 [ 86.761117][ T3660] hardirqs last enabled at (1382791): [] kasan_quarantine_put+0xc4/0x200 [ 86.762728][ T3660] hardirqs last disabled at (1382792): [] smp_call_function_many_cond+0xa44/0xeac [ 86.764486][ T3660] softirqs last enabled at (1382672): [] local_bh_enable+0x10/0x34 [ 86.766022][ T3660] softirqs last disabled at (1382670): [] local_bh_disable+0x10/0x34 [ 86.767577][ T3660] ---[ end trace 062e6fe66ca8d2b9 ]--- [ 86.843454][ T5094] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.844643][ T5094] Bad inode number on dev loop0: 2 is out of range [ 86.845718][ T5094] SysV FS: get root inode failed [ 86.846481][ T5094] oldfs: cannot read superblock [ 86.857697][ C1] ------------[ cut here ]------------ [ 86.858559][ C1] VFS: brelse: Trying to free free buffer [ 86.859497][ C1] WARNING: CPU: 1 PID: 5096 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.860931][ C1] Modules linked in: [ 86.861520][ C1] CPU: 1 PID: 5096 Comm: syz.0.93 Tainted: G W syzkaller #0 [ 86.862902][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 86.864608][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.865921][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.866827][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.867660][ C1] sp : ffff800008017de0 [ 86.868342][ C1] x29: ffff800008017de0 x28: ffff0000ce139b40 x27: 1fffe000341f645c [ 86.869709][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 86.870987][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd21bc28 [ 86.872216][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 86.873578][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 86.874949][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 86.876235][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : ae47532503abfe00 [ 86.877520][ C1] x8 : ae47532503abfe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.878809][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 86.880178][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.881473][ C1] Call trace: [ 86.882014][ C1] invalidate_bh_lru+0x128/0x22c [ 86.882863][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.883827][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.884989][ C1] ipi_handler+0x10c/0x6fc [ 86.885675][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.886597][ C1] handle_domain_irq+0x144/0x1fc [ 86.887384][ C1] gic_handle_irq+0x78/0x1b8 [ 86.888047][ C1] call_on_irq_stack+0x30/0x48 [ 86.888887][ C1] do_interrupt_handler+0x6c/0x88 [ 86.889711][ C1] el1_interrupt+0x30/0x58 [ 86.890427][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.891229][ C1] el1h_64_irq+0x78/0x7c [ 86.891945][ C1] get_page_from_freelist+0x2210/0x2a68 [ 86.892841][ C1] __alloc_pages+0x1a0/0x470 [ 86.893569][ C1] alloc_pages_vma+0x284/0x790 [ 86.894376][ C1] shmem_alloc_and_acct_page+0x3e0/0xb48 [ 86.895292][ C1] shmem_getpage_gfp+0x1038/0x1f10 [ 86.896060][ C1] shmem_write_begin+0xe0/0x29c [ 86.896871][ C1] generic_perform_write+0x208/0x488 [ 86.897659][ C1] __generic_file_write_iter+0x23c/0x454 [ 86.898620][ C1] generic_file_write_iter+0xb0/0x1b4 [ 86.899531][ C1] vfs_write+0x590/0xa60 [ 86.900189][ C1] ksys_write+0x12c/0x224 [ 86.900850][ C1] __arm64_sys_write+0x7c/0x90 [ 86.901630][ C1] invoke_syscall+0x98/0x2b0 [ 86.902440][ C1] el0_svc_common+0x138/0x258 [ 86.903179][ C1] do_el0_svc+0x58/0x13c [ 86.903826][ C1] el0_svc+0x78/0x1d0 [ 86.904426][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.905215][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.905951][ C1] irq event stamp: 432 [ 86.906634][ C1] hardirqs last enabled at (431): [] get_page_from_freelist+0x2200/0x2a68 [ 86.908287][ C1] hardirqs last disabled at (432): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.909922][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 86.911418][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 86.912877][ C1] ---[ end trace 062e6fe66ca8d2ba ]--- [ 86.984989][ T5096] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.986215][ T5096] Bad inode number on dev loop0: 2 is out of range [ 86.987287][ T5096] SysV FS: get root inode failed [ 86.988145][ T5096] oldfs: cannot read superblock [ 86.996061][ C0] ------------[ cut here ]------------ [ 86.997008][ C0] VFS: brelse: Trying to free free buffer [ 86.997985][ C0] WARNING: CPU: 0 PID: 5097 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.999409][ C0] Modules linked in: [ 87.000099][ C0] CPU: 0 PID: 5097 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.001428][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.002984][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.004310][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 87.005185][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 87.006052][ C0] sp : ffff800008007de0 [ 87.006706][ C0] x29: ffff800008007de0 x28: ffff0000ccc50000 x27: 1fffe000341f225c [ 87.008018][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 87.009336][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fc7a0 [ 87.010763][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 87.012088][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.013420][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 87.014740][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 12440546f6305000 [ 87.015985][ C0] x8 : 12440546f6305000 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.017332][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.018554][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.019799][ C0] Call trace: [ 87.020393][ C0] invalidate_bh_lru+0x128/0x22c [ 87.021171][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.022193][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.023384][ C0] ipi_handler+0x10c/0x6fc [ 87.024136][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 87.025029][ C0] handle_domain_irq+0x144/0x1fc [ 87.025915][ C0] gic_handle_irq+0x78/0x1b8 [ 87.026733][ C0] call_on_irq_stack+0x30/0x48 [ 87.027503][ C0] do_interrupt_handler+0x6c/0x88 [ 87.028364][ C0] el1_interrupt+0x30/0x58 [ 87.029101][ C0] el1h_64_irq_handler+0x18/0x24 [ 87.029930][ C0] el1h_64_irq+0x78/0x7c [ 87.030658][ C0] lock_acquire+0x234/0x618 [ 87.031388][ C0] rcu_lock_acquire+0x38/0x44 [ 87.032188][ C0] __memcg_kmem_charge_page+0x184/0x59c [ 87.033093][ C0] __alloc_pages+0x1d0/0x470 [ 87.033885][ C0] alloc_pages+0x34c/0x5c0 [ 87.034532][ C0] pte_alloc_one+0x2c/0x254 [ 87.035288][ C0] handle_mm_fault+0x1830/0x2a28 [ 87.036110][ C0] do_page_fault+0x67c/0xab0 [ 87.036839][ C0] do_translation_fault+0xe0/0x130 [ 87.037601][ C0] do_mem_abort+0x6c/0x1ac [ 87.038344][ C0] el0_ia+0xe0/0x2b8 [ 87.038980][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 87.039839][ C0] el0t_64_sync+0x1a0/0x1a4 [ 87.040608][ C0] irq event stamp: 78 [ 87.041221][ C0] hardirqs last enabled at (77): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 87.043014][ C0] hardirqs last disabled at (78): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.044632][ C0] softirqs last enabled at (24): [] local_bh_enable+0x10/0x34 [ 87.046092][ C0] softirqs last disabled at (22): [] local_bh_disable+0x10/0x34 [ 87.047520][ C0] ---[ end trace 062e6fe66ca8d2bb ]--- [ 87.115417][ T5098] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.116613][ T5098] Bad inode number on dev loop0: 2 is out of range [ 87.117710][ T5098] SysV FS: get root inode failed [ 87.118504][ T5098] oldfs: cannot read superblock [ 87.125310][ C1] ------------[ cut here ]------------ [ 87.126180][ C1] VFS: brelse: Trying to free free buffer [ 87.127085][ C1] WARNING: CPU: 1 PID: 5099 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.128518][ C1] Modules linked in: [ 87.129156][ C1] CPU: 1 PID: 5099 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.130633][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.132244][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.133485][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 87.134333][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 87.135215][ C1] sp : ffff800008017de0 [ 87.135885][ C1] x29: ffff800008017de0 x28: ffff0000d5fc0000 x27: 1fffe000341f645c [ 87.137240][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 87.138607][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd301060 [ 87.139898][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 87.141277][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.142593][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 87.143943][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 0fa81ec4f49a2400 [ 87.145224][ C1] x8 : 0fa81ec4f49a2400 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.146570][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.147923][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 87.149232][ C1] Call trace: [ 87.149762][ C1] invalidate_bh_lru+0x128/0x22c [ 87.150583][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.151603][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.152727][ C1] ipi_handler+0x10c/0x6fc [ 87.153509][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 87.154395][ C1] handle_domain_irq+0x144/0x1fc [ 87.155174][ C1] gic_handle_irq+0x78/0x1b8 [ 87.155974][ C1] call_on_irq_stack+0x30/0x48 [ 87.156805][ C1] do_interrupt_handler+0x6c/0x88 [ 87.157623][ C1] el1_interrupt+0x30/0x58 [ 87.158416][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.159189][ C1] el1h_64_irq+0x78/0x7c [ 87.159837][ C1] lock_page_memcg+0x120/0x22c [ 87.160596][ C1] page_add_file_rmap+0x148/0x8c4 [ 87.161401][ C1] do_set_pte+0x390/0x4dc [ 87.162110][ C1] filemap_map_pages+0x9d0/0xc54 [ 87.162931][ C1] handle_mm_fault+0x188c/0x2a28 [ 87.163729][ C1] do_page_fault+0x67c/0xab0 [ 87.164475][ C1] do_translation_fault+0xe0/0x130 [ 87.165318][ C1] do_mem_abort+0x6c/0x1ac [ 87.166024][ C1] el0_ia+0xe0/0x2b8 [ 87.166607][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 87.167486][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.168246][ C1] irq event stamp: 130 [ 87.168887][ C1] hardirqs last enabled at (129): [] lock_page_memcg+0x110/0x22c [ 87.170398][ C1] hardirqs last disabled at (130): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.171948][ C1] softirqs last enabled at (64): [] local_bh_enable+0x10/0x34 [ 87.173430][ C1] softirqs last disabled at (62): [] local_bh_disable+0x10/0x34 [ 87.174954][ C1] ---[ end trace 062e6fe66ca8d2bc ]--- [ 87.273929][ T5100] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.275092][ T5100] Bad inode number on dev loop0: 2 is out of range [ 87.276206][ T5100] SysV FS: get root inode failed [ 87.277001][ T5100] oldfs: cannot read superblock [ 87.286762][ C1] ------------[ cut here ]------------ [ 87.287653][ C1] VFS: brelse: Trying to free free buffer [ 87.288569][ C1] WARNING: CPU: 1 PID: 5101 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.290070][ C1] Modules linked in: [ 87.290707][ C1] CPU: 1 PID: 5101 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.292153][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.293763][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.295071][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 87.295916][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 87.296801][ C1] sp : ffff800008017de0 [ 87.297420][ C1] x29: ffff800008017de0 x28: ffff0000d4ecd1c0 x27: 1fffe000341f645c [ 87.298743][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 87.300024][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd301400 [ 87.301364][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 87.302613][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.303927][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 87.305274][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : ea48961629404e00 [ 87.306584][ C1] x8 : ea48961629404e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.307882][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.309170][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 87.310423][ C1] Call trace: [ 87.310978][ C1] invalidate_bh_lru+0x128/0x22c [ 87.311787][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.312760][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.313856][ C1] ipi_handler+0x10c/0x6fc [ 87.314576][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 87.315482][ C1] handle_domain_irq+0x144/0x1fc [ 87.316237][ C1] gic_handle_irq+0x78/0x1b8 [ 87.316970][ C1] call_on_irq_stack+0x30/0x48 [ 87.317749][ C1] do_interrupt_handler+0x6c/0x88 [ 87.318577][ C1] el1_interrupt+0x30/0x58 [ 87.319318][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.320055][ C1] el1h_64_irq+0x78/0x7c [ 87.320725][ C1] ___slab_alloc+0x7d4/0xd8c [ 87.321459][ C1] __slab_alloc+0x68/0xc0 [ 87.322170][ C1] kmem_cache_alloc+0x2a4/0x3d4 [ 87.322981][ C1] security_inode_alloc+0x38/0x11c [ 87.323866][ C1] inode_init_always+0x670/0xa84 [ 87.324687][ C1] new_inode_pseudo+0x7c/0x1fc [ 87.325487][ C1] new_inode+0x38/0x174 [ 87.326164][ C1] shmem_get_inode+0x2d8/0x964 [ 87.326989][ C1] shmem_symlink+0xa4/0x498 [ 87.327725][ C1] vfs_symlink+0x238/0x3b0 [ 87.328461][ C1] do_symlinkat+0x188/0x5b4 [ 87.329201][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 87.330026][ C1] invoke_syscall+0x98/0x2b0 [ 87.330752][ C1] el0_svc_common+0x138/0x258 [ 87.331579][ C1] do_el0_svc+0x58/0x13c [ 87.332286][ C1] el0_svc+0x78/0x1d0 [ 87.332934][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 87.333761][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.334501][ C1] irq event stamp: 1292 [ 87.335203][ C1] hardirqs last enabled at (1291): [] ___slab_alloc+0x7c4/0xd8c [ 87.336637][ C1] hardirqs last disabled at (1292): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.338213][ C1] softirqs last enabled at (790): [] local_bh_enable+0x10/0x34 [ 87.339783][ C1] softirqs last disabled at (788): [] local_bh_disable+0x10/0x34 [ 87.341328][ C1] ---[ end trace 062e6fe66ca8d2bd ]--- [ 87.386371][ T5102] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.387666][ T5102] Bad inode number on dev loop0: 2 is out of range [ 87.388812][ T5102] SysV FS: get root inode failed [ 87.389587][ T5102] oldfs: cannot read superblock [ 87.395021][ C0] ------------[ cut here ]------------ [ 87.395917][ C0] VFS: brelse: Trying to free free buffer [ 87.396838][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.398199][ C0] Modules linked in: [ 87.398828][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.400198][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.401789][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.403098][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 87.403945][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 87.404873][ C0] sp : ffff800008007de0 [ 87.405546][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225c [ 87.406924][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 87.408354][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fcb40 [ 87.409623][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 87.410903][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.412189][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 87.413552][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 87.414826][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.416205][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.417602][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.418833][ C0] Call trace: [ 87.419333][ C0] invalidate_bh_lru+0x128/0x22c [ 87.420072][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.421098][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.422181][ C0] ipi_handler+0x10c/0x6fc [ 87.422881][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 87.423739][ C0] handle_domain_irq+0x144/0x1fc [ 87.424523][ C0] gic_handle_irq+0x78/0x1b8 [ 87.425262][ C0] call_on_irq_stack+0x30/0x48 [ 87.426055][ C0] do_interrupt_handler+0x6c/0x88 [ 87.426881][ C0] el1_interrupt+0x30/0x58 [ 87.427622][ C0] el1h_64_irq_handler+0x18/0x24 [ 87.428381][ C0] el1h_64_irq+0x78/0x7c [ 87.429080][ C0] put_cpu_partial+0x198/0x214 [ 87.429812][ C0] __slab_free+0x180/0x248 [ 87.430535][ C0] ___cache_free+0x174/0x1b8 [ 87.431177][ C0] qlink_free+0x5c/0xa0 [ 87.431818][ C0] qlist_free_all+0x40/0xa8 [ 87.432501][ C0] kasan_quarantine_reduce+0x124/0x130 [ 87.433349][ C0] __kasan_slab_alloc+0x34/0xcc [ 87.434165][ C0] slab_post_alloc_hook+0x74/0x3f8 [ 87.435035][ C0] kmem_cache_alloc+0x1d8/0x3d4 [ 87.435867][ C0] getname_flags+0xb8/0x450 [ 87.436577][ C0] __arm64_sys_unlinkat+0xb4/0xfc [ 87.437449][ C0] invoke_syscall+0x98/0x2b0 [ 87.438163][ C0] el0_svc_common+0x138/0x258 [ 87.438949][ C0] do_el0_svc+0x58/0x13c [ 87.439643][ C0] el0_svc+0x78/0x1d0 [ 87.440335][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 87.441137][ C0] el0t_64_sync+0x1a0/0x1a4 [ 87.441884][ C0] irq event stamp: 414710 [ 87.442516][ C0] hardirqs last enabled at (414709): [] put_cpu_partial+0x188/0x214 [ 87.444136][ C0] hardirqs last disabled at (414710): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.445721][ C0] softirqs last enabled at (414520): [] local_bh_enable+0x10/0x34 [ 87.447286][ C0] softirqs last disabled at (414518): [] local_bh_disable+0x10/0x34 [ 87.448834][ C0] ---[ end trace 062e6fe66ca8d2be ]--- [ 87.493202][ T5104] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.494458][ T5104] Bad inode number on dev loop0: 2 is out of range [ 87.495543][ T5104] SysV FS: get root inode failed [ 87.496493][ T5104] oldfs: cannot read superblock [ 87.504786][ C1] ------------[ cut here ]------------ [ 87.505687][ C1] VFS: brelse: Trying to free free buffer [ 87.506684][ C1] WARNING: CPU: 1 PID: 5105 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.508133][ C1] Modules linked in: [ 87.508740][ C1] CPU: 1 PID: 5105 Comm: syz.0.98 Tainted: G W syzkaller #0 [ 87.510087][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.511734][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.513027][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 87.513946][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 87.514793][ C1] sp : ffff800008017de0 [ 87.515469][ C1] x29: ffff800008017de0 x28: ffff0000d1619b40 x27: 1fffe000341f645c [ 87.516862][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 87.518084][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd3017a0 [ 87.519428][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 87.520601][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.521818][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 87.523051][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7a884b256f930b00 [ 87.524418][ C1] x8 : 7a884b256f930b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.525689][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.526982][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.528296][ C1] Call trace: [ 87.528790][ C1] invalidate_bh_lru+0x128/0x22c [ 87.529586][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.530523][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.531650][ C1] ipi_handler+0x10c/0x6fc [ 87.532342][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 87.533273][ C1] handle_domain_irq+0x144/0x1fc [ 87.534036][ C1] gic_handle_irq+0x78/0x1b8 [ 87.534811][ C1] call_on_irq_stack+0x30/0x48 [ 87.535655][ C1] do_interrupt_handler+0x6c/0x88 [ 87.536482][ C1] el1_interrupt+0x30/0x58 [ 87.537247][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.538045][ C1] el1h_64_irq+0x78/0x7c [ 87.538731][ C1] __ext4_get_inode_loc+0x138/0xad4 [ 87.539499][ C1] ext4_reserve_inode_write+0x104/0x290 [ 87.540352][ C1] __ext4_mark_inode_dirty+0x1e4/0x79c [ 87.541257][ C1] ext4_dirty_inode+0xd0/0x100 [ 87.542023][ C1] __mark_inode_dirty+0x2b0/0xf8c [ 87.542761][ C1] generic_update_time+0x208/0x230 [ 87.543487][ C1] file_update_time+0x31c/0x39c [ 87.544294][ C1] ext4_page_mkwrite+0x174/0x10c0 [ 87.545131][ C1] do_page_mkwrite+0x13c/0x358 [ 87.545918][ C1] handle_mm_fault+0x14e8/0x2a28 [ 87.546762][ C1] do_page_fault+0x67c/0xab0 [ 87.547476][ C1] do_translation_fault+0xe0/0x130 [ 87.548336][ C1] do_mem_abort+0x6c/0x1ac [ 87.549006][ C1] el0_da+0x90/0x1ec [ 87.549613][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 87.550427][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.551136][ C1] irq event stamp: 1166 [ 87.551728][ C1] hardirqs last enabled at (1165): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 87.553361][ C1] hardirqs last disabled at (1166): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.554986][ C1] softirqs last enabled at (1120): [] local_bh_enable+0x10/0x34 [ 87.556494][ C1] softirqs last disabled at (1118): [] local_bh_disable+0x10/0x34 [ 87.558028][ C1] ---[ end trace 062e6fe66ca8d2bf ]--- [ 87.618114][ T5106] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.619433][ T5106] Bad inode number on dev loop0: 2 is out of range [ 87.620584][ T5106] SysV FS: get root inode failed [ 87.621367][ T5106] oldfs: cannot read superblock [ 87.638650][ T4515] ------------[ cut here ]------------ [ 87.639589][ T4515] VFS: brelse: Trying to free free buffer [ 87.640555][ T4515] WARNING: CPU: 1 PID: 4515 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.642029][ T4515] Modules linked in: [ 87.642699][ T4515] CPU: 1 PID: 4515 Comm: udevd Tainted: G W syzkaller #0 [ 87.644076][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.645804][ T4515] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.647134][ T4515] pc : invalidate_bh_lru+0x128/0x22c [ 87.647953][ T4515] lr : invalidate_bh_lru+0x128/0x22c [ 87.648790][ T4515] sp : ffff80001f8c77c0 [ 87.649427][ T4515] x29: ffff80001f8c77c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 87.650713][ T4515] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 87.652018][ T4515] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd301b40 [ 87.653322][ T4515] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 87.654695][ T4515] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.656143][ T4515] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 87.657492][ T4515] x11: 0000000000000002 x10: 0000000000000000 x9 : 17525238b6555000 [ 87.658836][ T4515] x8 : 17525238b6555000 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.660112][ T4515] x5 : ffff80001f8c70d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.661399][ T4515] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.662692][ T4515] Call trace: [ 87.663191][ T4515] invalidate_bh_lru+0x128/0x22c [ 87.664009][ T4515] smp_call_function_many_cond+0xa50/0xeac [ 87.664918][ T4515] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.665765][ T4515] invalidate_bh_lrus+0x34/0x40 [ 87.666582][ T4515] blkdev_flush_mapping+0x16c/0x334 [ 87.667396][ T4515] blkdev_put+0x490/0x6ac [ 87.668052][ T4515] blkdev_close+0x74/0xb0 [ 87.668760][ T4515] __fput+0x1c0/0x7e8 [ 87.669376][ T4515] ____fput+0x20/0x30 [ 87.669994][ T4515] task_work_run+0x12c/0x1d8 [ 87.670682][ T4515] do_notify_resume+0x2450/0x309c [ 87.671457][ T4515] el0_svc+0xf0/0x1d0 [ 87.672096][ T4515] el0t_64_sync_handler+0xcc/0xe4 [ 87.672865][ T4515] el0t_64_sync+0x1a0/0x1a4 [ 87.673538][ T4515] irq event stamp: 510706 [ 87.674265][ T4515] hardirqs last enabled at (510705): [] kasan_quarantine_put+0xc4/0x200 [ 87.675919][ T4515] hardirqs last disabled at (510706): [] smp_call_function_many_cond+0xa44/0xeac [ 87.677620][ T4515] softirqs last enabled at (510450): [] local_bh_enable+0x10/0x34 [ 87.679233][ T4515] softirqs last disabled at (510448): [] local_bh_disable+0x10/0x34 [ 87.680701][ T4515] ---[ end trace 062e6fe66ca8d2c0 ]--- [ 87.708084][ T5110] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.709290][ T5110] Bad inode number on dev loop0: 2 is out of range [ 87.710317][ T5110] SysV FS: get root inode failed [ 87.711073][ T5110] oldfs: cannot read superblock [ 87.716812][ C1] ------------[ cut here ]------------ [ 87.717744][ C1] VFS: brelse: Trying to free free buffer [ 87.718704][ C1] WARNING: CPU: 1 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.720048][ C1] Modules linked in: [ 87.720695][ C1] CPU: 1 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.722186][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.723865][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.725143][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 87.725919][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 87.726809][ C1] sp : ffff800008017de0 [ 87.727494][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f645c [ 87.728878][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 87.730232][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd301ee0 [ 87.731589][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 87.732787][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.734091][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 87.735435][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c7b2545b7035fa00 [ 87.736776][ C1] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.738136][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.739504][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.740794][ C1] Call trace: [ 87.741332][ C1] invalidate_bh_lru+0x128/0x22c [ 87.742157][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.743109][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.744166][ C1] ipi_handler+0x10c/0x6fc [ 87.744901][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 87.745792][ C1] handle_domain_irq+0x144/0x1fc [ 87.746651][ C1] gic_handle_irq+0x78/0x1b8 [ 87.747459][ C1] call_on_irq_stack+0x30/0x48 [ 87.748217][ C1] do_interrupt_handler+0x6c/0x88 [ 87.749009][ C1] el1_interrupt+0x30/0x58 [ 87.749737][ C1] el1h_64_irq_handler+0x18/0x24 [ 87.750551][ C1] el1h_64_irq+0x78/0x7c [ 87.751252][ C1] __memset+0x24/0x1c0 [ 87.751887][ C1] __get_vm_area_node+0x1c0/0x2e8 [ 87.752637][ C1] __vmalloc_node_range+0xe8/0x8c8 [ 87.753404][ C1] vzalloc+0x110/0x188 [ 87.754040][ C1] alloc_counters+0x84/0x7a0 [ 87.754709][ C1] do_ipt_get_ctl+0xb68/0x143c [ 87.755514][ C1] nf_getsockopt+0x264/0x284 [ 87.756300][ C1] ip_getsockopt+0x122c/0x1664 [ 87.757077][ C1] tcp_getsockopt+0x210/0x2eec [ 87.757850][ C1] sock_common_getsockopt+0xa8/0xc4 [ 87.758671][ C1] __sys_getsockopt+0x1b8/0x250 [ 87.759444][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 87.760282][ C1] invoke_syscall+0x98/0x2b0 [ 87.761040][ C1] el0_svc_common+0x138/0x258 [ 87.761787][ C1] do_el0_svc+0x58/0x13c [ 87.762431][ C1] el0_svc+0x78/0x1d0 [ 87.763117][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 87.763979][ C1] el0t_64_sync+0x1a0/0x1a4 [ 87.764663][ C1] irq event stamp: 427252 [ 87.765382][ C1] hardirqs last enabled at (427251): [] __local_bh_enable_ip+0x1f8/0x37c [ 87.767007][ C1] hardirqs last disabled at (427252): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.768648][ C1] softirqs last enabled at (427250): [] release_sock+0x1d0/0x258 [ 87.770166][ C1] softirqs last disabled at (427248): [] release_sock+0x34/0x258 [ 87.771687][ C1] ---[ end trace 062e6fe66ca8d2c1 ]--- [ 87.855411][ T5112] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.856646][ T5112] Bad inode number on dev loop0: 2 is out of range [ 87.857852][ T5112] SysV FS: get root inode failed [ 87.858665][ T5112] oldfs: cannot read superblock [ 87.865248][ C0] ------------[ cut here ]------------ [ 87.866179][ C0] VFS: brelse: Trying to free free buffer [ 87.867178][ C0] WARNING: CPU: 0 PID: 4740 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.868714][ C0] Modules linked in: [ 87.869374][ C0] CPU: 0 PID: 4740 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.870766][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 87.872411][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.873655][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 87.874553][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 87.875339][ C0] sp : ffff800008007de0 [ 87.876085][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe000341f225b [ 87.877442][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 87.878800][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fcee0 [ 87.880112][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 87.881375][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 87.882703][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 87.883995][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : c7b2545b7035fa00 [ 87.885293][ C0] x8 : c7b2545b7035fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.886574][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 87.887852][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 87.889177][ C0] Call trace: [ 87.889730][ C0] invalidate_bh_lru+0x128/0x22c [ 87.890702][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.891677][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.892769][ C0] ipi_handler+0x10c/0x6fc [ 87.893456][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 87.894399][ C0] handle_domain_irq+0x144/0x1fc [ 87.895240][ C0] gic_handle_irq+0x78/0x1b8 [ 87.896010][ C0] call_on_irq_stack+0x30/0x48 [ 87.896728][ C0] do_interrupt_handler+0x6c/0x88 [ 87.897540][ C0] el1_interrupt+0x30/0x58 [ 87.898294][ C0] el1h_64_irq_handler+0x18/0x24 [ 87.899113][ C0] el1h_64_irq+0x78/0x7c [ 87.899778][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 87.900630][ C0] debug_check_no_obj_freed+0x450/0x46c [ 87.901486][ C0] free_unref_page_prepare+0x2f8/0xa84 [ 87.902340][ C0] free_unref_page+0x78/0x1f8 [ 87.903089][ C0] __free_pages+0x17c/0x1d0 [ 87.903858][ C0] __free_slab+0x174/0x38c [ 87.904631][ C0] discard_slab+0x64/0xd8 [ 87.905323][ C0] __unfreeze_partials+0x150/0x190 [ 87.906172][ C0] put_cpu_partial+0x1a8/0x214 [ 87.906976][ C0] __slab_free+0x180/0x248 [ 87.907720][ C0] ___cache_free+0x174/0x1b8 [ 87.908479][ C0] qlink_free+0x5c/0xa0 [ 87.909181][ C0] qlist_free_all+0x40/0xa8 [ 87.909803][ C0] kasan_quarantine_reduce+0x124/0x130 [ 87.910545][ C0] __kasan_slab_alloc+0x34/0xcc [ 87.911338][ C0] slab_post_alloc_hook+0x74/0x3f8 [ 87.912206][ C0] __kmalloc_node+0x21c/0x508 [ 87.912849][ C0] __vmalloc_node_range+0x2b8/0x8c8 [ 87.913656][ C0] vzalloc+0x110/0x188 [ 87.914319][ C0] alloc_counters+0x84/0x7a0 [ 87.915110][ C0] do_ipt_get_ctl+0xb68/0x143c [ 87.915888][ C0] nf_getsockopt+0x264/0x284 [ 87.916568][ C0] ip_getsockopt+0x122c/0x1664 [ 87.917198][ C0] tcp_getsockopt+0x210/0x2eec [ 87.917826][ C0] sock_common_getsockopt+0xa8/0xc4 [ 87.918665][ C0] __sys_getsockopt+0x1b8/0x250 [ 87.919466][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 87.920330][ C0] invoke_syscall+0x98/0x2b0 [ 87.921056][ C0] el0_svc_common+0x138/0x258 [ 87.921927][ C0] do_el0_svc+0x58/0x13c [ 87.922628][ C0] el0_svc+0x78/0x1d0 [ 87.923252][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 87.924038][ C0] el0t_64_sync+0x1a0/0x1a4 [ 87.924782][ C0] irq event stamp: 431060 [ 87.925500][ C0] hardirqs last enabled at (431059): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 87.927266][ C0] hardirqs last disabled at (431060): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.928932][ C0] softirqs last enabled at (430832): [] release_sock+0x1d0/0x258 [ 87.930402][ C0] softirqs last disabled at (430830): [] release_sock+0x34/0x258 [ 87.932021][ C0] ---[ end trace 062e6fe66ca8d2c2 ]--- [ 87.993562][ T5114] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.994868][ T5114] Bad inode number on dev loop0: 2 is out of range [ 87.995853][ T5114] SysV FS: get root inode failed [ 87.996639][ T5114] oldfs: cannot read superblock [ 87.997449][ T5114] ------------[ cut here ]------------ [ 87.998254][ T5114] VFS: brelse: Trying to free free buffer [ 87.999201][ T5114] WARNING: CPU: 1 PID: 5114 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.000613][ T5114] Modules linked in: [ 88.001258][ T5114] CPU: 1 PID: 5114 Comm: syz.0.102 Tainted: G W syzkaller #0 [ 88.002664][ T5114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 88.004351][ T5114] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.005579][ T5114] pc : invalidate_bh_lru+0x128/0x22c [ 88.006413][ T5114] lr : invalidate_bh_lru+0x128/0x22c [ 88.007298][ T5114] sp : ffff8000202c76e0 [ 88.007995][ T5114] x29: ffff8000202c76e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 88.009265][ T5114] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 88.010542][ T5114] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deb39318 [ 88.011830][ T5114] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 88.013121][ T5114] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 88.014419][ T5114] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 88.015716][ T5114] x11: 0000000000000002 x10: 0000000000000000 x9 : 0a1ef3c460c7ae00 [ 88.017042][ T5114] x8 : 0a1ef3c460c7ae00 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.018351][ T5114] x5 : ffff8000202c6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 88.019650][ T5114] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 88.021012][ T5114] Call trace: [ 88.021520][ T5114] invalidate_bh_lru+0x128/0x22c [ 88.022286][ T5114] smp_call_function_many_cond+0xa50/0xeac [ 88.023187][ T5114] on_each_cpu_cond_mask+0x5c/0xc4 [ 88.024040][ T5114] invalidate_bh_lrus+0x34/0x40 [ 88.024811][ T5114] blkdev_flush_mapping+0x16c/0x334 [ 88.025692][ T5114] blkdev_put+0x490/0x6ac [ 88.026421][ T5114] kill_block_super+0x98/0xdc [ 88.027263][ T5114] deactivate_locked_super+0xb8/0x134 [ 88.028162][ T5114] mount_bdev+0x284/0x358 [ 88.028889][ T5114] sysv_mount+0x44/0x58 [ 88.029527][ T5114] legacy_get_tree+0xd4/0x16c [ 88.030258][ T5114] vfs_get_tree+0x90/0x274 [ 88.030976][ T5114] do_new_mount+0x228/0x810 [ 88.031739][ T5114] path_mount+0x5bc/0x1008 [ 88.032496][ T5114] __arm64_sys_mount+0x514/0x5f0 [ 88.033343][ T5114] invoke_syscall+0x98/0x2b0 [ 88.034178][ T5114] el0_svc_common+0x138/0x258 [ 88.034956][ T5114] do_el0_svc+0x58/0x13c [ 88.035655][ T5114] el0_svc+0x78/0x1d0 [ 88.036317][ T5114] el0t_64_sync_handler+0xcc/0xe4 [ 88.037140][ T5114] el0t_64_sync+0x1a0/0x1a4 [ 88.037853][ T5114] irq event stamp: 1102 [ 88.038511][ T5114] hardirqs last enabled at (1101): [] kasan_quarantine_put+0xc4/0x200 [ 88.040060][ T5114] hardirqs last disabled at (1102): [] smp_call_function_many_cond+0xa44/0xeac [ 88.041768][ T5114] softirqs last enabled at (936): [] local_bh_enable+0x10/0x34 [ 88.043200][ T5114] softirqs last disabled at (934): [] local_bh_disable+0x10/0x34 [ 88.044718][ T5114] ---[ end trace 062e6fe66ca8d2c3 ]--- [ 88.146167][ T5116] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.147327][ T5116] Bad inode number on dev loop0: 2 is out of range [ 88.148349][ T5116] SysV FS: get root inode failed [ 88.149154][ T5116] oldfs: cannot read superblock [ 88.157407][ C0] ------------[ cut here ]------------ [ 88.158312][ C0] VFS: brelse: Trying to free free buffer [ 88.159293][ C0] WARNING: CPU: 0 PID: 5117 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.160790][ C0] Modules linked in: [ 88.161429][ C0] CPU: 0 PID: 5117 Comm: syz-executor Tainted: G W syzkaller #0 [ 88.162982][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 88.164708][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.166023][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 88.166919][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 88.167781][ C0] sp : ffff800008007de0 [ 88.168510][ C0] x29: ffff800008007de0 x28: ffff0000d4cd9b40 x27: 1fffe000341f225b [ 88.169927][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 88.171188][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e285f318 [ 88.172498][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 88.173848][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 88.175075][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 88.176367][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 8cb8dad33bb0b900 [ 88.177685][ C0] x8 : 8cb8dad33bb0b900 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.178933][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 88.180133][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 88.181367][ C0] Call trace: [ 88.181865][ C0] invalidate_bh_lru+0x128/0x22c [ 88.182694][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 88.183656][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.184760][ C0] ipi_handler+0x10c/0x6fc [ 88.185493][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 88.186374][ C0] handle_domain_irq+0x144/0x1fc [ 88.187206][ C0] gic_handle_irq+0x78/0x1b8 [ 88.187975][ C0] call_on_irq_stack+0x30/0x48 [ 88.188766][ C0] do_interrupt_handler+0x6c/0x88 [ 88.189590][ C0] el1_interrupt+0x30/0x58 [ 88.190301][ C0] el1h_64_irq_handler+0x18/0x24 [ 88.191060][ C0] el1h_64_irq+0x78/0x7c [ 88.191742][ C0] lock_page_memcg+0x120/0x22c [ 88.192542][ C0] page_add_file_rmap+0x148/0x8c4 [ 88.193309][ C0] do_set_pte+0x390/0x4dc [ 88.193992][ C0] filemap_map_pages+0x9d0/0xc54 [ 88.194808][ C0] handle_mm_fault+0x188c/0x2a28 [ 88.195635][ C0] do_page_fault+0x67c/0xab0 [ 88.196368][ C0] do_translation_fault+0xe0/0x130 [ 88.197218][ C0] do_mem_abort+0x6c/0x1ac [ 88.197904][ C0] el0_ia+0xe0/0x2b8 [ 88.198569][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 88.199442][ C0] el0t_64_sync+0x1a0/0x1a4 [ 88.200192][ C0] irq event stamp: 630 [ 88.200819][ C0] hardirqs last enabled at (629): [] lock_page_memcg+0x110/0x22c [ 88.202261][ C0] hardirqs last disabled at (630): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.203765][ C0] softirqs last enabled at (64): [] local_bh_enable+0x10/0x34 [ 88.205271][ C0] softirqs last disabled at (62): [] local_bh_disable+0x10/0x34 [ 88.206703][ C0] ---[ end trace 062e6fe66ca8d2c4 ]---