Warning: Permanently added '10.128.10.33' (ED25519) to the list of known hosts. 1970/01/01 00:01:25 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:26 parsed 1 programs [ 89.032519][ T4464] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 99.472970][ T333] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.475119][ T333] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.477900][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 99.488851][ T333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.491057][ T333] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.494542][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 99.906244][ T4496] chnl_net:caif_netlink_parms(): no params data found [ 99.940841][ T4496] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.943784][ T4496] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.947208][ T4496] device bridge_slave_0 entered promiscuous mode [ 99.950773][ T4496] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.952923][ T4496] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.955534][ T4496] device bridge_slave_1 entered promiscuous mode [ 99.972929][ T4496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.977166][ T4496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.991895][ T4496] team0: Port device team_slave_0 added [ 99.996835][ T4496] team0: Port device team_slave_1 added [ 100.008884][ T4496] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.010799][ T4496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.018283][ T4496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.022534][ T4496] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.024419][ T4496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.031247][ T4496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.083918][ T4496] device hsr_slave_0 entered promiscuous mode [ 100.122497][ T4496] device hsr_slave_1 entered promiscuous mode [ 100.945599][ T4496] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 100.993813][ T4496] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 101.043751][ T4496] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 101.064968][ T4496] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 101.161478][ T4496] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.174857][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 101.177604][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 101.184956][ T4496] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.189505][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 101.192904][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 101.195907][ T1702] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.197895][ T1702] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.200741][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 101.210091][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 101.213850][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 101.216493][ T1702] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.218456][ T1702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.220839][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 101.235656][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 101.239041][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 101.243191][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 101.250041][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 101.254964][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 101.257774][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 101.260483][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 101.268635][ T4496] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 101.272563][ T4496] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 101.276381][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 101.278913][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 101.281930][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 101.383657][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.386015][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 101.393987][ T4496] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.408082][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 101.410916][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 101.425280][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 101.428080][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 101.431013][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 101.437034][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 101.445104][ T4496] device veth0_vlan entered promiscuous mode [ 101.469692][ T4496] device veth1_vlan entered promiscuous mode [ 101.483589][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 101.497599][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 101.500373][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 101.513743][ T4496] device veth0_macvtap entered promiscuous mode [ 101.517692][ T4496] device veth1_macvtap entered promiscuous mode [ 101.530460][ T4496] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.534075][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 101.536864][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 101.539397][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 101.542957][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 101.548524][ T4496] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.551838][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 101.556217][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 101.559674][ T4496] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.562764][ T4496] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.565175][ T4496] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.567488][ T4496] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:42 executed programs: 0 [ 103.083518][ T4692] chnl_net:caif_netlink_parms(): no params data found [ 103.119766][ T4692] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.121720][ T4692] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.127609][ T4692] device bridge_slave_0 entered promiscuous mode [ 103.131190][ T4692] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.133352][ T4692] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.135973][ T4692] device bridge_slave_1 entered promiscuous mode [ 103.154792][ T4692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.159965][ T4692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.188823][ T4692] team0: Port device team_slave_0 added [ 103.192236][ T4692] team0: Port device team_slave_1 added [ 103.205656][ T4692] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.207554][ T4692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.218040][ T4692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.222746][ T4692] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.224852][ T4692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.231683][ T4692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.284046][ T4692] device hsr_slave_0 entered promiscuous mode [ 103.312400][ T4692] device hsr_slave_1 entered promiscuous mode [ 103.362213][ T4692] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 103.364509][ T4692] Cannot create hsr debugfs directory [ 103.423905][ T4692] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.002118][ T4129] Bluetooth: hci0: command 0x0409 tx timeout [ 106.457904][ T4692] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.518619][ T4692] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.570759][ T4692] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.730567][ T4692] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.803969][ T4692] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.834462][ T4692] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.874002][ T4692] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.988240][ T4692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.995103][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 106.997754][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 107.003319][ T4692] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.007508][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 107.010258][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 107.013015][ T1702] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.014863][ T1702] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.017382][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 107.026053][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 107.028810][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 107.031367][ T1702] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.033410][ T1702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.036444][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 107.040816][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 107.050263][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 107.054014][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 107.056811][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 107.061742][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 107.068162][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 107.074193][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 107.076886][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 107.081669][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 107.084733][ T4129] Bluetooth: hci0: command 0x041b tx timeout [ 107.087661][ T1702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 107.092168][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 107.168591][ T4692] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.170775][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 107.173401][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 107.207496][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 107.210371][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 107.225285][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 107.228079][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 107.230949][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 107.235112][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 107.239465][ T4692] device veth0_vlan entered promiscuous mode [ 107.249144][ T4692] device veth1_vlan entered promiscuous mode [ 107.262880][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 107.265577][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 107.268194][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 107.270943][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 107.275955][ T4692] device veth0_macvtap entered promiscuous mode [ 107.279959][ T4692] device veth1_macvtap entered promiscuous mode [ 107.289479][ T4692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.292811][ T4692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.296554][ T4692] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.298940][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 107.301635][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 107.305261][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 107.307993][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 107.312873][ T4692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.315875][ T4692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.319646][ T4692] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.321845][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 107.325546][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 107.330173][ T4692] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.333293][ T4692] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.335730][ T4692] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.338327][ T4692] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.381282][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.388260][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.391092][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.400825][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.404693][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.408034][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.443870][ T4905] loop0: detected capacity change from 0 to 128 [ 107.451573][ T4905] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.456767][ T4905] Bad inode number on dev loop0: 2 is out of range [ 107.458653][ T4905] SysV FS: get root inode failed [ 107.460629][ T4905] oldfs: cannot read superblock [ 107.478275][ C1] ------------[ cut here ]------------ [ 107.479865][ C1] VFS: brelse: Trying to free free buffer [ 107.481611][ C1] WARNING: CPU: 1 PID: 4907 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.484256][ C1] Modules linked in: [ 107.485274][ C1] CPU: 1 PID: 4907 Comm: syz.0.17 Not tainted 5.15.187-syzkaller #0 [ 107.487551][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 107.490442][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.492711][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 107.494184][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 107.495686][ C1] sp : ffff800008017de0 [ 107.496818][ C1] x29: ffff800008017de0 x28: ffff0000d7eb51c0 x27: 1fffe0003421c65c [ 107.499036][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 107.501263][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcfb8230 [ 107.503434][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 107.505666][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 107.507896][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.510094][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : d1ef507b0fd35d00 [ 107.512328][ C1] x8 : d1ef507b0fd35d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.514571][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 107.516780][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 107.519015][ C1] Call trace: [ 107.519880][ C1] invalidate_bh_lru+0x128/0x234 [ 107.521318][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 107.522919][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 107.524817][ C1] ipi_handler+0x10c/0x710 [ 107.526060][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 107.527500][ C1] handle_domain_irq+0x144/0x1fc [ 107.528894][ C1] gic_handle_irq+0x78/0x1c8 [ 107.530288][ C1] call_on_irq_stack+0x24/0x30 [ 107.531580][ C1] do_interrupt_handler+0x6c/0x88 [ 107.532903][ C1] el1_interrupt+0x30/0x58 [ 107.534116][ C1] el1h_64_irq_handler+0x18/0x24 [ 107.535415][ C1] el1h_64_irq+0x78/0x7c [ 107.536582][ C1] charge_memcg+0x198/0x220 [ 107.537766][ C1] __mem_cgroup_charge+0x38/0xb0 [ 107.539081][ C1] handle_mm_fault+0x193c/0x2950 [ 107.540424][ C1] do_page_fault+0x694/0xad4 [ 107.541650][ C1] do_translation_fault+0xe0/0x130 [ 107.543010][ C1] do_mem_abort+0x6c/0x1ac [ 107.544212][ C1] el0_da+0x90/0x1fc [ 107.545236][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 107.546621][ C1] el0t_64_sync+0x1a0/0x1a4 [ 107.547807][ C1] irq event stamp: 214 [ 107.548998][ C1] hardirqs last enabled at (213): [] charge_memcg+0x190/0x220 [ 107.551542][ C1] hardirqs last disabled at (214): [] enter_el1_irq_or_nmi+0x10/0x1c [ 107.554159][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 107.556780][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 107.559325][ C1] ---[ end trace 66aa56eb2031fbcc ]--- [ 107.598507][ T4907] loop0: detected capacity change from 0 to 128 [ 107.634768][ T4907] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.636741][ T4907] Bad inode number on dev loop0: 2 is out of range [ 107.638503][ T4907] SysV FS: get root inode failed [ 107.639836][ T4907] oldfs: cannot read superblock [ 107.659694][ C1] ------------[ cut here ]------------ [ 107.661320][ C1] VFS: brelse: Trying to free free buffer [ 107.662964][ C1] WARNING: CPU: 1 PID: 9 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.665331][ C1] Modules linked in: [ 107.666391][ C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Tainted: G W 5.15.187-syzkaller #0 [ 107.669026][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 107.671779][ C1] Workqueue: netns cleanup_net [ 107.673110][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.675275][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 107.676684][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 107.678166][ C1] sp : ffff800008017de0 [ 107.679271][ C1] x29: ffff800008017de0 x28: ffff0000c0948000 x27: 1fffe0003421c65c [ 107.681496][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 107.683790][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcfb85d0 [ 107.686003][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 107.688197][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 107.690425][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.692628][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a68948eb3b42c000 [ 107.694871][ C1] x8 : a68948eb3b42c000 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.697073][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 107.699327][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 107.701568][ C1] Call trace: [ 107.702456][ C1] invalidate_bh_lru+0x128/0x234 [ 107.703782][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 107.705430][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 107.707290][ C1] ipi_handler+0x10c/0x710 [ 107.708499][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 107.709954][ C1] handle_domain_irq+0x144/0x1fc [ 107.711332][ C1] gic_handle_irq+0x78/0x1c8 [ 107.712613][ C1] call_on_irq_stack+0x24/0x30 [ 107.713906][ C1] do_interrupt_handler+0x6c/0x88 [ 107.715320][ C1] el1_interrupt+0x30/0x58 [ 107.716576][ C1] el1h_64_irq_handler+0x18/0x24 [ 107.717911][ C1] el1h_64_irq+0x78/0x7c [ 107.719086][ C1] kernfs_remove_by_name_ns+0xd8/0x158 [ 107.720538][ C1] sysfs_unmerge_group+0xd8/0x138 [ 107.722027][ C1] dpm_sysfs_remove+0x6c/0xd4 [ 107.723291][ C1] device_del+0x258/0x964 [ 107.724517][ C1] netdev_unregister_kobject+0x13c/0x204 [ 107.726026][ C1] unregister_netdevice_many+0x121c/0x17d0 [ 107.727567][ C1] vti6_exit_batch_net+0x3ac/0x3fc [ 107.728960][ C1] cleanup_net+0x644/0xa98 [ 107.730142][ C1] process_one_work+0x79c/0x1140 [ 107.731485][ C1] worker_thread+0x8f4/0x101c [ 107.732712][ C1] kthread+0x374/0x454 [ 107.733816][ C1] ret_from_fork+0x10/0x20 [ 107.735063][ C1] irq event stamp: 904670 [ 107.736229][ C1] hardirqs last enabled at (904669): [] _raw_spin_unlock_irq+0x98/0x128 [ 107.738862][ C1] hardirqs last disabled at (904670): [] enter_el1_irq_or_nmi+0x10/0x1c [ 107.741572][ C1] softirqs last enabled at (904612): [] dev_mc_flush+0x1b0/0x1f4 [ 107.744073][ C1] softirqs last disabled at (904610): [] local_bh_disable+0x10/0x34 [ 107.746611][ C1] ---[ end trace 66aa56eb2031fbcd ]--- [ 107.787557][ T4909] loop0: detected capacity change from 0 to 128 [ 107.803334][ T4909] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.805463][ T4909] Bad inode number on dev loop0: 2 is out of range [ 107.807311][ T4909] SysV FS: get root inode failed [ 107.808716][ T4909] oldfs: cannot read superblock [ 107.818062][ C1] ------------[ cut here ]------------ [ 107.819637][ C1] VFS: brelse: Trying to free free buffer [ 107.821339][ C1] WARNING: CPU: 1 PID: 9 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.823769][ C1] Modules linked in: [ 107.824820][ C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Tainted: G W 5.15.187-syzkaller #0 [ 107.827441][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 107.830236][ C1] Workqueue: netns cleanup_net [ 107.831565][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.833741][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 107.835185][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 107.836611][ C1] sp : ffff800008017de0 [ 107.837722][ C1] x29: ffff800008017de0 x28: ffff0000c0948000 x27: 1fffe0003421c65c [ 107.839880][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 107.842049][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de35e400 [ 107.844159][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 107.846313][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 107.848457][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.850794][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : a68948eb3b42c000 [ 107.852913][ C1] x8 : a68948eb3b42c000 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.855185][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 107.857375][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 107.859700][ C1] Call trace: [ 107.860616][ C1] invalidate_bh_lru+0x128/0x234 [ 107.861994][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 107.863649][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 107.865619][ C1] ipi_handler+0x10c/0x710 [ 107.866813][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 107.868311][ C1] handle_domain_irq+0x144/0x1fc [ 107.869669][ C1] gic_handle_irq+0x78/0x1c8 [ 107.870920][ C1] call_on_irq_stack+0x24/0x30 [ 107.872224][ C1] do_interrupt_handler+0x6c/0x88 [ 107.873604][ C1] el1_interrupt+0x30/0x58 [ 107.874851][ C1] el1h_64_irq_handler+0x18/0x24 [ 107.876175][ C1] el1h_64_irq+0x78/0x7c [ 107.877423][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 107.878998][ C1] __wake_up+0x110/0x16c [ 107.880175][ C1] netlink_broadcast_filtered+0xd68/0xe64 [ 107.881828][ C1] nlmsg_notify+0x100/0x1f0 [ 107.883051][ C1] rtmsg_ifinfo+0xec/0x12c [ 107.884324][ C1] dev_close_many+0x23c/0x440 [ 107.885753][ C1] unregister_netdevice_many+0x3d4/0x17d0 [ 107.887394][ C1] xfrmi_exit_batch_net+0x234/0x284 [ 107.888864][ C1] cleanup_net+0x644/0xa98 [ 107.890065][ C1] process_one_work+0x79c/0x1140 [ 107.891450][ C1] worker_thread+0x8f4/0x101c [ 107.892704][ C1] kthread+0x374/0x454 [ 107.893797][ C1] ret_from_fork+0x10/0x20 [ 107.895064][ C1] irq event stamp: 914110 [ 107.896265][ C1] hardirqs last enabled at (914109): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 107.899250][ C1] hardirqs last disabled at (914110): [] enter_el1_irq_or_nmi+0x10/0x1c [ 107.902109][ C1] softirqs last enabled at (914092): [] inet6_fill_ifla6_attrs+0xf64/0x1f30 [ 107.905093][ C1] softirqs last disabled at (914090): [] inet6_fill_ifla6_attrs+0xf3c/0x1f30 [ 107.907939][ C1] ---[ end trace 66aa56eb2031fbce ]--- 1970/01/01 00:01:47 executed programs: 5 [ 107.982226][ T4911] loop0: detected capacity change from 0 to 128 [ 108.025277][ T4911] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.027339][ T4911] Bad inode number on dev loop0: 2 is out of range [ 108.029093][ T4911] SysV FS: get root inode failed [ 108.030360][ T4911] oldfs: cannot read superblock [ 108.049997][ C0] ------------[ cut here ]------------ [ 108.051498][ C0] VFS: brelse: Trying to free free buffer [ 108.053141][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.055536][ C0] Modules linked in: [ 108.056656][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 108.059335][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.062181][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.064334][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 108.065768][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 108.067312][ C0] sp : ffff800008007de0 [ 108.068472][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 108.070660][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 108.072909][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7661d10 [ 108.075072][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 108.077256][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 108.079426][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.081568][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 108.083837][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.086060][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 108.088288][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 108.090586][ C0] Call trace: [ 108.091484][ C0] invalidate_bh_lru+0x128/0x234 [ 108.092870][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 108.094583][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.096505][ C0] ipi_handler+0x10c/0x710 [ 108.097702][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 108.099220][ C0] handle_domain_irq+0x144/0x1fc [ 108.100535][ C0] gic_handle_irq+0x78/0x1c8 [ 108.101798][ C0] call_on_irq_stack+0x24/0x30 [ 108.103134][ C0] do_interrupt_handler+0x6c/0x88 [ 108.104568][ C0] el1_interrupt+0x30/0x58 [ 108.105758][ C0] el1h_64_irq_handler+0x18/0x24 [ 108.107134][ C0] el1h_64_irq+0x78/0x7c [ 108.108328][ C0] lock_release+0x4a0/0x8e8 [ 108.109547][ C0] __might_fault+0xf4/0x128 [ 108.110850][ C0] xt_data_to_user+0x80/0x314 [ 108.112092][ C0] xt_target_to_user+0xfc/0x1a8 [ 108.113427][ C0] do_ip6t_get_ctl+0xfc0/0x13a8 [ 108.114763][ C0] nf_getsockopt+0x264/0x284 [ 108.116010][ C0] ipv6_getsockopt+0x52c/0x2584 [ 108.117312][ C0] tcp_getsockopt+0x214/0x2e74 [ 108.118625][ C0] sock_common_getsockopt+0xa8/0xc4 [ 108.120148][ C0] __sys_getsockopt+0x1e0/0x45c [ 108.121490][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 108.123027][ C0] invoke_syscall+0x98/0x2b8 [ 108.124282][ C0] el0_svc_common+0x138/0x258 [ 108.125616][ C0] do_el0_svc+0x58/0x14c [ 108.126750][ C0] el0_svc+0x78/0x1e0 [ 108.127931][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 108.129310][ C0] el0t_64_sync+0x1a0/0x1a4 [ 108.130522][ C0] irq event stamp: 129440 [ 108.131644][ C0] hardirqs last enabled at (129439): [] alloc_counters+0x3d4/0x7a4 [ 108.134199][ C0] hardirqs last disabled at (129440): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.137083][ C0] softirqs last enabled at (129362): [] release_sock+0x1d0/0x258 [ 108.139742][ C0] softirqs last disabled at (129360): [] release_sock+0x34/0x258 [ 108.142317][ C0] ---[ end trace 66aa56eb2031fbcf ]--- [ 108.177451][ T4913] loop0: detected capacity change from 0 to 128 [ 108.187054][ T4913] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.189153][ T4913] Bad inode number on dev loop0: 2 is out of range [ 108.191018][ T4913] SysV FS: get root inode failed [ 108.192932][ T4913] oldfs: cannot read superblock [ 108.215161][ C1] ------------[ cut here ]------------ [ 108.216732][ C1] VFS: brelse: Trying to free free buffer [ 108.218447][ C1] WARNING: CPU: 1 PID: 3656 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.220849][ C1] Modules linked in: [ 108.221921][ C1] CPU: 1 PID: 3656 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 108.224520][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.227309][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.229392][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 108.230911][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 108.232407][ C1] sp : ffff800008017de0 [ 108.233551][ C1] x29: ffff800008017de0 x28: ffff0000d5ce9b40 x27: 1fffe0003421c65c [ 108.235817][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 108.237965][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de35e7a0 [ 108.240241][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 108.242437][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 108.244625][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.246827][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : be8ba9485b4c4000 [ 108.249102][ C1] x8 : be8ba9485b4c4000 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.251324][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 108.253626][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 108.255869][ C1] Call trace: [ 108.256766][ C1] invalidate_bh_lru+0x128/0x234 [ 108.258124][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 108.259802][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.261791][ C1] ipi_handler+0x10c/0x710 [ 108.262975][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 108.264451][ C1] handle_domain_irq+0x144/0x1fc [ 108.265831][ C1] gic_handle_irq+0x78/0x1c8 [ 108.267080][ C1] call_on_irq_stack+0x24/0x30 [ 108.268526][ C1] do_interrupt_handler+0x6c/0x88 [ 108.270073][ C1] el1_interrupt+0x30/0x58 [ 108.271369][ C1] el1h_64_irq_handler+0x18/0x24 [ 108.272773][ C1] el1h_64_irq+0x78/0x7c [ 108.273927][ C1] __sanitizer_cov_trace_const_cmp8+0x40/0xc0 [ 108.275634][ C1] walk_stackframe+0x6c/0xa8 [ 108.277006][ C1] return_address+0xd0/0x144 [ 108.278256][ C1] preempt_count_add+0x13c/0x3bc [ 108.279600][ C1] _raw_spin_lock+0x24/0x10c [ 108.280852][ C1] kernfs_iop_permission+0x6c/0x2e0 [ 108.282316][ C1] inode_permission+0x1d0/0x3c0 [ 108.283654][ C1] may_open+0x274/0x3b8 [ 108.284796][ C1] path_openat+0x1e54/0x26e4 [ 108.286054][ C1] do_filp_open+0x164/0x330 [ 108.287311][ C1] do_sys_openat2+0x128/0x3d8 [ 108.288664][ C1] __arm64_sys_openat+0x120/0x154 [ 108.290064][ C1] invoke_syscall+0x98/0x2b8 [ 108.291353][ C1] el0_svc_common+0x138/0x258 [ 108.293082][ C1] do_el0_svc+0x58/0x14c [ 108.294249][ C1] el0_svc+0x78/0x1e0 [ 108.295375][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 108.296785][ C1] el0t_64_sync+0x1a0/0x1a4 [ 108.298055][ C1] irq event stamp: 1022464 [ 108.299212][ C1] hardirqs last enabled at (1022463): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 108.302324][ C1] hardirqs last disabled at (1022464): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.305197][ C1] softirqs last enabled at (1022114): [] local_bh_enable+0x10/0x34 [ 108.307878][ C1] softirqs last disabled at (1022112): [] local_bh_disable+0x10/0x34 [ 108.310546][ C1] ---[ end trace 66aa56eb2031fbd0 ]--- [ 108.385589][ T4917] loop0: detected capacity change from 0 to 128 [ 108.396357][ T4917] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.398421][ T4917] Bad inode number on dev loop0: 2 is out of range [ 108.400272][ T4917] SysV FS: get root inode failed [ 108.401652][ T4917] oldfs: cannot read superblock [ 108.408585][ C0] ------------[ cut here ]------------ [ 108.410259][ C0] VFS: brelse: Trying to free free buffer [ 108.411973][ C0] WARNING: CPU: 0 PID: 4917 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.414573][ C0] Modules linked in: [ 108.415686][ C0] CPU: 0 PID: 4917 Comm: syz.0.22 Tainted: G W 5.15.187-syzkaller #0 [ 108.418238][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.420988][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.423198][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 108.424672][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 108.426156][ C0] sp : ffff800008007de0 [ 108.427320][ C0] x29: ffff800008007de0 x28: ffff0000d5e70000 x27: 1fffe0003421845c [ 108.429538][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 108.431839][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c065f888 [ 108.434038][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 108.436246][ C0] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 108.438550][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.440832][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 68d531ef8098c600 [ 108.443028][ C0] x8 : 68d531ef8098c600 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.445185][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 108.447485][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 108.449701][ C0] Call trace: [ 108.450652][ C0] invalidate_bh_lru+0x128/0x234 [ 108.452038][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 108.453707][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.455599][ C0] ipi_handler+0x10c/0x710 [ 108.456798][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 108.458270][ C0] handle_domain_irq+0x144/0x1fc [ 108.459682][ C0] gic_handle_irq+0x78/0x1c8 [ 108.461073][ C0] call_on_irq_stack+0x24/0x30 [ 108.462408][ C0] do_interrupt_handler+0x6c/0x88 [ 108.463714][ C0] el1_interrupt+0x30/0x58 [ 108.464938][ C0] el1h_64_irq_handler+0x18/0x24 [ 108.466312][ C0] el1h_64_irq+0x78/0x7c [ 108.467510][ C0] lock_release+0x4a0/0x8e8 [ 108.468768][ C0] rcu_lock_release+0x24/0x30 [ 108.470001][ C0] __unlock_page_memcg+0xe0/0xf8 [ 108.471382][ C0] unlock_page_memcg+0x4c/0x5c [ 108.472684][ C0] page_remove_rmap+0xb2c/0xfd0 [ 108.474076][ C0] unmap_page_range+0xbb4/0x1958 [ 108.475438][ C0] unmap_single_vma+0x13c/0x1e4 [ 108.476900][ C0] unmap_vmas+0x104/0x200 [ 108.478056][ C0] exit_mmap+0x2a8/0x4e0 [ 108.479228][ C0] __mmput+0xec/0x3b8 [ 108.480349][ C0] mmput+0x80/0xc8 [ 108.481335][ C0] exit_mm+0x4a0/0x684 [ 108.482408][ C0] do_exit+0x4ec/0x1f58 [ 108.483562][ C0] do_group_exit+0x100/0x268 [ 108.484810][ C0] get_signal+0x73c/0x1340 [ 108.486028][ C0] do_notify_resume+0x35c/0x3128 [ 108.487407][ C0] el0_svc+0xf0/0x1e0 [ 108.488491][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 108.489863][ C0] el0t_64_sync+0x1a0/0x1a4 [ 108.491101][ C0] irq event stamp: 2044 [ 108.492214][ C0] hardirqs last enabled at (2043): [] lock_page_memcg+0x110/0x234 [ 108.494827][ C0] hardirqs last disabled at (2044): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.497516][ C0] softirqs last enabled at (1626): [] local_bh_enable+0x10/0x34 [ 108.500133][ C0] softirqs last disabled at (1624): [] local_bh_disable+0x10/0x34 [ 108.502816][ C0] ---[ end trace 66aa56eb2031fbd1 ]--- [ 108.576544][ T4919] loop0: detected capacity change from 0 to 128 [ 108.583277][ T4919] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.585309][ T4919] Bad inode number on dev loop0: 2 is out of range [ 108.587271][ T4919] SysV FS: get root inode failed [ 108.589002][ T4919] oldfs: cannot read superblock [ 108.607832][ T4472] ------------[ cut here ]------------ [ 108.609427][ T4472] VFS: brelse: Trying to free free buffer [ 108.611115][ T4472] WARNING: CPU: 0 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.613599][ T4472] Modules linked in: [ 108.614661][ T4472] CPU: 0 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 108.617030][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.619805][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.621889][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 108.623321][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 108.624795][ T4472] sp : ffff80001f7377c0 [ 108.625903][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 108.628147][ T4472] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 108.630242][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7663230 [ 108.632573][ T4472] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 108.634752][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 108.636848][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.639054][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 108.641320][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.643536][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 108.645792][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 108.648037][ T4472] Call trace: [ 108.648912][ T4472] invalidate_bh_lru+0x128/0x234 [ 108.650304][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 108.651831][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 108.653221][ T4472] invalidate_bh_lrus+0x34/0x40 [ 108.654589][ T4472] blkdev_flush_mapping+0x168/0x31c [ 108.656015][ T4472] blkdev_put+0x490/0x6ac [ 108.657230][ T4472] blkdev_close+0x74/0xb0 [ 108.658384][ T4472] __fput+0x1c0/0x7f8 [ 108.659519][ T4472] ____fput+0x20/0x30 [ 108.660616][ T4472] task_work_run+0x12c/0x1e0 [ 108.661860][ T4472] do_notify_resume+0x24b4/0x3128 [ 108.663294][ T4472] el0_svc+0xf0/0x1e0 [ 108.664406][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 108.665807][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 108.667050][ T4472] irq event stamp: 81158 [ 108.668173][ T4472] hardirqs last enabled at (81157): [] kasan_quarantine_put+0xc4/0x204 [ 108.670902][ T4472] hardirqs last disabled at (81158): [] smp_call_function_many_cond+0xa44/0xeb0 [ 108.673816][ T4472] softirqs last enabled at (80174): [] local_bh_enable+0x10/0x34 [ 108.676457][ T4472] softirqs last disabled at (80172): [] local_bh_disable+0x10/0x34 [ 108.679007][ T4472] ---[ end trace 66aa56eb2031fbd2 ]--- [ 108.713439][ T4921] loop0: detected capacity change from 0 to 128 [ 108.722308][ T4921] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.724416][ T4921] Bad inode number on dev loop0: 2 is out of range [ 108.732115][ T4921] SysV FS: get root inode failed [ 108.733488][ T4921] oldfs: cannot read superblock [ 108.739207][ C0] ------------[ cut here ]------------ [ 108.740769][ C0] VFS: brelse: Trying to free free buffer [ 108.742394][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.744854][ C0] Modules linked in: [ 108.746070][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 108.748870][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.751710][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.753944][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 108.755486][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 108.756953][ C0] sp : ffff800008007de0 [ 108.758116][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845b [ 108.760344][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 108.762521][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e76635d0 [ 108.764698][ C0] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000010003 [ 108.767083][ C0] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 108.769436][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.771682][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 76fb6547b08c6800 [ 108.773884][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.776134][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 108.778471][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 108.780715][ C0] Call trace: [ 108.781623][ C0] invalidate_bh_lru+0x128/0x234 [ 108.782963][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 108.784639][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.786531][ C0] ipi_handler+0x10c/0x710 [ 108.787771][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 108.789344][ C0] handle_domain_irq+0x144/0x1fc [ 108.790743][ C0] gic_handle_irq+0x78/0x1c8 [ 108.792088][ C0] call_on_irq_stack+0x24/0x30 [ 108.793435][ C0] do_interrupt_handler+0x6c/0x88 [ 108.794876][ C0] el1_interrupt+0x30/0x58 [ 108.796081][ C0] el1h_64_irq_handler+0x18/0x24 [ 108.797429][ C0] el1h_64_irq+0x78/0x7c [ 108.798602][ C0] ___slab_alloc+0xc44/0xda8 [ 108.799906][ C0] __slab_alloc+0x68/0xc0 [ 108.801108][ C0] kmem_cache_alloc+0x2ac/0x3e4 [ 108.802446][ C0] getname_flags+0xb8/0x450 [ 108.803729][ C0] getname+0x28/0x38 [ 108.804866][ C0] do_sys_openat2+0xd0/0x3d8 [ 108.806179][ C0] __arm64_sys_openat+0x120/0x154 [ 108.807539][ C0] invoke_syscall+0x98/0x2b8 [ 108.808834][ C0] el0_svc_common+0x138/0x258 [ 108.810186][ C0] do_el0_svc+0x58/0x14c [ 108.811351][ C0] el0_svc+0x78/0x1e0 [ 108.812443][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 108.813962][ C0] el0t_64_sync+0x1a0/0x1a4 [ 108.815195][ C0] irq event stamp: 140794 [ 108.816444][ C0] hardirqs last enabled at (140793): [] ___slab_alloc+0xc34/0xda8 [ 108.819230][ C0] hardirqs last disabled at (140794): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.821975][ C0] softirqs last enabled at (140658): [] local_bh_enable+0x10/0x34 [ 108.824622][ C0] softirqs last disabled at (140656): [] local_bh_disable+0x10/0x34 [ 108.827338][ C0] ---[ end trace 66aa56eb2031fbd3 ]--- [ 108.890017][ T4923] loop0: detected capacity change from 0 to 128 [ 108.899017][ T4923] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.901291][ T4923] Bad inode number on dev loop0: 2 is out of range [ 108.903581][ T4923] SysV FS: get root inode failed [ 108.904971][ T4923] oldfs: cannot read superblock [ 108.910558][ C0] ------------[ cut here ]------------ [ 108.912094][ C0] VFS: brelse: Trying to free free buffer [ 108.913784][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.916412][ C0] Modules linked in: [ 108.917494][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 108.920306][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.923167][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.925373][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 108.926880][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 108.928428][ C0] sp : ffff800008007de0 [ 108.929576][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 108.931853][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 108.934108][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7663970 [ 108.936394][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 108.938682][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 108.940932][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.943173][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 108.945439][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.947719][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 108.949960][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 108.952369][ C0] Call trace: [ 108.953315][ C0] invalidate_bh_lru+0x128/0x234 [ 108.954755][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 108.956388][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.958353][ C0] ipi_handler+0x10c/0x710 [ 108.959593][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 108.961132][ C0] handle_domain_irq+0x144/0x1fc [ 108.962509][ C0] gic_handle_irq+0x78/0x1c8 [ 108.963857][ C0] call_on_irq_stack+0x24/0x30 [ 108.965211][ C0] do_interrupt_handler+0x6c/0x88 [ 108.966631][ C0] el1_interrupt+0x30/0x58 [ 108.967838][ C0] el1h_64_irq_handler+0x18/0x24 [ 108.969178][ C0] el1h_64_irq+0x78/0x7c [ 108.970365][ C0] kmem_cache_free+0x4/0x3b4 [ 108.971596][ C0] __arm64_sys_umount+0xf4/0x178 [ 108.973155][ C0] invoke_syscall+0x98/0x2b8 [ 108.974469][ C0] el0_svc_common+0x138/0x258 [ 108.975776][ C0] do_el0_svc+0x58/0x14c [ 108.976967][ C0] el0_svc+0x78/0x1e0 [ 108.978102][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 108.979507][ C0] el0t_64_sync+0x1a0/0x1a4 [ 108.980739][ C0] irq event stamp: 142968 [ 108.981923][ C0] hardirqs last enabled at (142967): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 108.985062][ C0] hardirqs last disabled at (142968): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.987826][ C0] softirqs last enabled at (142950): [] local_bh_enable+0x10/0x34 [ 108.990463][ C0] softirqs last disabled at (142948): [] local_bh_disable+0x10/0x34 [ 108.993151][ C0] ---[ end trace 66aa56eb2031fbd4 ]--- [ 109.046256][ T4925] loop0: detected capacity change from 0 to 128 [ 109.050808][ T4925] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.053937][ T4925] Bad inode number on dev loop0: 2 is out of range [ 109.055749][ T4925] SysV FS: get root inode failed [ 109.057057][ T4925] oldfs: cannot read superblock [ 109.067213][ C1] ------------[ cut here ]------------ [ 109.068719][ C1] VFS: brelse: Trying to free free buffer [ 109.070458][ C1] WARNING: CPU: 1 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.073004][ C1] Modules linked in: [ 109.074107][ C1] CPU: 1 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 109.076742][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.079565][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.081799][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 109.083273][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 109.084685][ C1] sp : ffff800008017de0 [ 109.085824][ C1] x29: ffff800008017de0 x28: ffff0000d424d1c0 x27: 1fffe0003421c65c [ 109.088017][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 109.090178][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dceba318 [ 109.092429][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 109.094638][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 109.096863][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.099041][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 109.101289][ C1] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.103459][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 109.105806][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 109.108075][ C1] Call trace: [ 109.108977][ C1] invalidate_bh_lru+0x128/0x234 [ 109.110407][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 109.112042][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.113929][ C1] ipi_handler+0x10c/0x710 [ 109.115189][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 109.116662][ C1] handle_domain_irq+0x144/0x1fc [ 109.118032][ C1] gic_handle_irq+0x78/0x1c8 [ 109.119214][ C1] call_on_irq_stack+0x24/0x30 [ 109.120479][ C1] do_interrupt_handler+0x6c/0x88 [ 109.121826][ C1] el1_interrupt+0x30/0x58 [ 109.123009][ C1] el1h_64_irq_handler+0x18/0x24 [ 109.124377][ C1] el1h_64_irq+0x78/0x7c [ 109.125542][ C1] count_memcg_event_mm+0x1d0/0x308 [ 109.126943][ C1] handle_mm_fault+0x1a0/0x2950 [ 109.128289][ C1] do_page_fault+0x694/0xad4 [ 109.129553][ C1] do_mem_abort+0x6c/0x1ac [ 109.130765][ C1] el0_da+0x90/0x1fc [ 109.131793][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 109.133146][ C1] el0t_64_sync+0x1a0/0x1a4 [ 109.134411][ C1] irq event stamp: 147532 [ 109.135608][ C1] hardirqs last enabled at (147531): [] count_memcg_event_mm+0x1b0/0x308 [ 109.138394][ C1] hardirqs last disabled at (147532): [] enter_el1_irq_or_nmi+0x10/0x1c [ 109.141132][ C1] softirqs last enabled at (147476): [] local_bh_enable+0x10/0x34 [ 109.143806][ C1] softirqs last disabled at (147474): [] local_bh_disable+0x10/0x34 [ 109.146441][ C1] ---[ end trace 66aa56eb2031fbd5 ]--- [ 109.162391][ T4129] Bluetooth: hci0: command 0x040f tx timeout [ 109.206760][ T4927] loop0: detected capacity change from 0 to 128 [ 109.250204][ T4927] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.252526][ T4927] Bad inode number on dev loop0: 2 is out of range [ 109.254279][ T4927] SysV FS: get root inode failed [ 109.255619][ T4927] oldfs: cannot read superblock [ 109.277131][ C1] ------------[ cut here ]------------ [ 109.278661][ C1] VFS: brelse: Trying to free free buffer [ 109.280237][ C1] WARNING: CPU: 1 PID: 4929 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.282790][ C1] Modules linked in: [ 109.283804][ C1] CPU: 1 PID: 4929 Comm: syz.0.28 Tainted: G W 5.15.187-syzkaller #0 [ 109.286325][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.289217][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.291394][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 109.292920][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 109.294283][ C1] sp : ffff800008017de0 [ 109.295422][ C1] x29: ffff800008017de0 x28: ffff0000cce70000 x27: 1fffe0003421c65c [ 109.297743][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 109.299934][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dceba6b8 [ 109.302087][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 109.304258][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 109.306430][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.308668][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : d652835eb0c07a00 [ 109.310956][ C1] x8 : d652835eb0c07a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.313171][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 109.315342][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 109.317527][ C1] Call trace: [ 109.318418][ C1] invalidate_bh_lru+0x128/0x234 [ 109.319771][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 109.321476][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.323386][ C1] ipi_handler+0x10c/0x710 [ 109.324578][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 109.326083][ C1] handle_domain_irq+0x144/0x1fc [ 109.327459][ C1] gic_handle_irq+0x78/0x1c8 [ 109.328717][ C1] call_on_irq_stack+0x24/0x30 [ 109.329970][ C1] do_interrupt_handler+0x6c/0x88 [ 109.331361][ C1] el0_interrupt+0x94/0x260 [ 109.332555][ C1] __el0_irq_handler_common+0x18/0x24 [ 109.333989][ C1] el0t_64_irq_handler+0x10/0x1c [ 109.335331][ C1] el0t_64_irq+0x1a0/0x1a4 [ 109.336572][ C1] irq event stamp: 252 [ 109.337700][ C1] hardirqs last enabled at (251): [] el0t_64_sync_handler+0xd8/0xe4 [ 109.340372][ C1] hardirqs last disabled at (252): [] __el0_irq_handler_common+0x18/0x24 [ 109.343101][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 109.345682][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 109.348310][ C1] ---[ end trace 66aa56eb2031fbd6 ]--- [ 109.386566][ T4929] loop0: detected capacity change from 0 to 128 [ 109.390616][ T4929] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.392819][ T4929] Bad inode number on dev loop0: 2 is out of range [ 109.394646][ T4929] SysV FS: get root inode failed [ 109.395981][ T4929] oldfs: cannot read superblock [ 109.416127][ C0] ------------[ cut here ]------------ [ 109.417640][ C0] VFS: brelse: Trying to free free buffer [ 109.419240][ C0] WARNING: CPU: 0 PID: 4930 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.421717][ C0] Modules linked in: [ 109.422805][ C0] CPU: 0 PID: 4930 Comm: syz.0.29 Tainted: G W 5.15.187-syzkaller #0 [ 109.425416][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.428128][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.430293][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 109.431817][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 109.433220][ C0] sp : ffff800008007de0 [ 109.434333][ C0] x29: ffff800008007de0 x28: ffff0000d5e73680 x27: 1fffe0003421845c [ 109.436574][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 109.438767][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e76657a0 [ 109.441034][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 109.443169][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 109.445340][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.447571][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 8826b0b47adfb200 [ 109.449869][ C0] x8 : 8826b0b47adfb200 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.452121][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 109.454444][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 109.456673][ C0] Call trace: [ 109.457556][ C0] invalidate_bh_lru+0x128/0x234 [ 109.458928][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 109.460576][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.462403][ C0] ipi_handler+0x10c/0x710 [ 109.463699][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 109.465176][ C0] handle_domain_irq+0x144/0x1fc [ 109.466613][ C0] gic_handle_irq+0x78/0x1c8 [ 109.467888][ C0] call_on_irq_stack+0x24/0x30 [ 109.469179][ C0] do_interrupt_handler+0x6c/0x88 [ 109.470694][ C0] el1_interrupt+0x30/0x58 [ 109.471912][ C0] el1h_64_irq_handler+0x18/0x24 [ 109.473209][ C0] el1h_64_irq+0x78/0x7c [ 109.474383][ C0] rcu_is_watching+0x34/0x134 [ 109.475702][ C0] rcu_read_lock_held+0x18/0x50 [ 109.477014][ C0] __cgroup_throttle_swaprate+0x218/0x55c [ 109.478577][ C0] handle_mm_fault+0x1e50/0x2950 [ 109.479911][ C0] do_page_fault+0x694/0xad4 [ 109.481137][ C0] do_translation_fault+0xe0/0x130 [ 109.482555][ C0] do_mem_abort+0x6c/0x1ac [ 109.483792][ C0] el0_da+0x90/0x1fc [ 109.484916][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 109.486436][ C0] el0t_64_sync+0x1a0/0x1a4 [ 109.487793][ C0] irq event stamp: 1212 [ 109.488929][ C0] hardirqs last enabled at (1211): [] charge_memcg+0x190/0x220 [ 109.491539][ C0] hardirqs last disabled at (1212): [] enter_el1_irq_or_nmi+0x10/0x1c [ 109.494160][ C0] softirqs last enabled at (50): [] local_bh_enable+0x10/0x34 [ 109.496684][ C0] softirqs last disabled at (48): [] local_bh_disable+0x10/0x34 [ 109.499210][ C0] ---[ end trace 66aa56eb2031fbd7 ]--- [ 109.544764][ T4931] loop0: detected capacity change from 0 to 128 [ 109.623476][ T4931] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.625418][ T4931] Bad inode number on dev loop0: 2 is out of range [ 109.627117][ T4931] SysV FS: get root inode failed [ 109.628534][ T4931] oldfs: cannot read superblock [ 109.675718][ T4472] ------------[ cut here ]------------ [ 109.677188][ T4472] VFS: brelse: Trying to free free buffer [ 109.678883][ T4472] WARNING: CPU: 1 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.681267][ T4472] Modules linked in: [ 109.682337][ T4472] CPU: 1 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 109.684866][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.687619][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.689700][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 109.691066][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 109.692500][ T4472] sp : ffff80001f7377c0 [ 109.693574][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 109.695917][ T4472] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 109.698177][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de068148 [ 109.700518][ T4472] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 109.702750][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 109.705024][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.707221][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 109.709514][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.711718][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 109.713900][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 109.716142][ T4472] Call trace: [ 109.717036][ T4472] invalidate_bh_lru+0x128/0x234 [ 109.718372][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 109.719927][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 109.721333][ T4472] invalidate_bh_lrus+0x34/0x40 [ 109.722640][ T4472] blkdev_flush_mapping+0x168/0x31c [ 109.724113][ T4472] blkdev_put+0x490/0x6ac [ 109.725288][ T4472] blkdev_close+0x74/0xb0 [ 109.726514][ T4472] __fput+0x1c0/0x7f8 [ 109.727647][ T4472] ____fput+0x20/0x30 [ 109.728788][ T4472] task_work_run+0x12c/0x1e0 [ 109.730071][ T4472] do_notify_resume+0x24b4/0x3128 [ 109.731500][ T4472] el0_svc+0xf0/0x1e0 [ 109.732582][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 109.734018][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 109.735291][ T4472] irq event stamp: 105268 [ 109.736673][ T4472] hardirqs last enabled at (105267): [] kasan_quarantine_put+0xc4/0x204 [ 109.739430][ T4472] hardirqs last disabled at (105268): [] smp_call_function_many_cond+0xa44/0xeb0 [ 109.742349][ T4472] softirqs last enabled at (103856): [] local_bh_enable+0x10/0x34 [ 109.745012][ T4472] softirqs last disabled at (103854): [] local_bh_disable+0x10/0x34 [ 109.747561][ T4472] ---[ end trace 66aa56eb2031fbd8 ]--- [ 109.806551][ T4937] loop0: detected capacity change from 0 to 128 [ 109.810278][ T4937] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.814028][ T4937] Bad inode number on dev loop0: 2 is out of range [ 109.816918][ T4937] SysV FS: get root inode failed [ 109.818357][ T4937] oldfs: cannot read superblock [ 109.836271][ C1] ------------[ cut here ]------------ [ 109.837776][ C1] VFS: brelse: Trying to free free buffer [ 109.839473][ C1] WARNING: CPU: 1 PID: 4938 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.841993][ C1] Modules linked in: [ 109.843041][ C1] CPU: 1 PID: 4938 Comm: syz.0.33 Tainted: G W 5.15.187-syzkaller #0 [ 109.845696][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.848523][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.850678][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 109.852117][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 109.853595][ C1] sp : ffff800008017de0 [ 109.854770][ C1] x29: ffff800008017de0 x28: ffff0000d825d1c0 x27: 1fffe0003421c65c [ 109.856974][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 109.859205][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de0684e8 [ 109.861362][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 109.863583][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 109.865772][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.867942][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 1a6a6fec579cac00 [ 109.870283][ C1] x8 : 1a6a6fec579cac00 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.872516][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 109.874813][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 109.876932][ C1] Call trace: [ 109.877898][ C1] invalidate_bh_lru+0x128/0x234 [ 109.879331][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 109.880984][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.882899][ C1] ipi_handler+0x10c/0x710 [ 109.884079][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 109.885594][ C1] handle_domain_irq+0x144/0x1fc [ 109.886977][ C1] gic_handle_irq+0x78/0x1c8 [ 109.888208][ C1] call_on_irq_stack+0x24/0x30 [ 109.889595][ C1] do_interrupt_handler+0x6c/0x88 [ 109.891024][ C1] el1_interrupt+0x30/0x58 [ 109.892199][ C1] el1h_64_irq_handler+0x18/0x24 [ 109.893507][ C1] el1h_64_irq+0x78/0x7c [ 109.894691][ C1] _raw_spin_unlock_irq+0xa0/0x128 [ 109.896068][ C1] cgroup_can_fork+0x4a4/0xdc4 [ 109.897388][ C1] copy_process+0x231c/0x34ac [ 109.898645][ C1] kernel_clone+0x1d8/0x9d4 [ 109.900056][ C1] __arm64_sys_clone+0x138/0x190 [ 109.901500][ C1] invoke_syscall+0x98/0x2b8 [ 109.902888][ C1] el0_svc_common+0x138/0x258 [ 109.904144][ C1] do_el0_svc+0x58/0x14c [ 109.905361][ C1] el0_svc+0x78/0x1e0 [ 109.906466][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 109.907864][ C1] el0t_64_sync+0x1a0/0x1a4 [ 109.909104][ C1] irq event stamp: 1958 [ 109.910314][ C1] hardirqs last enabled at (1957): [] _raw_spin_unlock_irq+0x98/0x128 [ 109.913151][ C1] hardirqs last disabled at (1958): [] enter_el1_irq_or_nmi+0x10/0x1c [ 109.915948][ C1] softirqs last enabled at (1922): [] local_bh_enable+0x10/0x34 [ 109.918648][ C1] softirqs last disabled at (1920): [] local_bh_disable+0x10/0x34 [ 109.921311][ C1] ---[ end trace 66aa56eb2031fbd9 ]--- [ 109.971151][ T4939] loop0: detected capacity change from 0 to 128 [ 109.978632][ T4939] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.980715][ T4939] Bad inode number on dev loop0: 2 is out of range [ 109.984287][ T4939] SysV FS: get root inode failed [ 109.985624][ T4939] oldfs: cannot read superblock [ 110.013935][ T4472] ------------[ cut here ]------------ [ 110.015402][ T4472] VFS: brelse: Trying to free free buffer [ 110.017056][ T4472] WARNING: CPU: 1 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.019562][ T4472] Modules linked in: [ 110.020647][ T4472] CPU: 1 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 110.023269][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 110.026085][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.028265][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 110.029737][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 110.031175][ T4472] sp : ffff80001f7377c0 [ 110.032316][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 110.034500][ T4472] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 110.036763][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcebb318 [ 110.038993][ T4472] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 110.041142][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 110.043403][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.045634][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 110.047806][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.050002][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 110.052131][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 110.054355][ T4472] Call trace: [ 110.055249][ T4472] invalidate_bh_lru+0x128/0x234 [ 110.056590][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 110.058210][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 110.059570][ T4472] invalidate_bh_lrus+0x34/0x40 [ 110.060933][ T4472] blkdev_flush_mapping+0x168/0x31c [ 110.062350][ T4472] blkdev_put+0x490/0x6ac [ 110.063559][ T4472] blkdev_close+0x74/0xb0 [ 110.064755][ T4472] __fput+0x1c0/0x7f8 [ 110.065906][ T4472] ____fput+0x20/0x30 [ 110.067027][ T4472] task_work_run+0x12c/0x1e0 [ 110.068364][ T4472] do_notify_resume+0x24b4/0x3128 [ 110.069763][ T4472] el0_svc+0xf0/0x1e0 [ 110.070867][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 110.072159][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 110.073384][ T4472] irq event stamp: 115554 [ 110.074568][ T4472] hardirqs last enabled at (115553): [] kasan_quarantine_put+0xc4/0x204 [ 110.077353][ T4472] hardirqs last disabled at (115554): [] smp_call_function_many_cond+0xa44/0xeb0 [ 110.080309][ T4472] softirqs last enabled at (115020): [] handle_softirqs+0xa4c/0xbf0 [ 110.083008][ T4472] softirqs last disabled at (115007): [] __irq_exit_rcu+0x240/0x440 [ 110.085680][ T4472] ---[ end trace 66aa56eb2031fbda ]--- [ 110.126966][ T4943] loop0: detected capacity change from 0 to 128 [ 110.205822][ T4943] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.207867][ T4943] Bad inode number on dev loop0: 2 is out of range [ 110.209740][ T4943] SysV FS: get root inode failed [ 110.211044][ T4943] oldfs: cannot read superblock [ 110.230011][ C1] ------------[ cut here ]------------ [ 110.231582][ C1] VFS: brelse: Trying to free free buffer [ 110.233271][ C1] WARNING: CPU: 1 PID: 4945 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.235733][ C1] Modules linked in: [ 110.236816][ C1] CPU: 1 PID: 4945 Comm: syz.0.36 Tainted: G W 5.15.187-syzkaller #0 [ 110.239442][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 110.242211][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.244356][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 110.245768][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 110.247195][ C1] sp : ffff800008017de0 [ 110.248287][ C1] x29: ffff800008017de0 x28: ffff0000da2d1b40 x27: 1fffe0003421c65c [ 110.250452][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 110.252668][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcebb6b8 [ 110.254879][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 110.257097][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 110.259256][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.261510][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c397973c49bb0c00 [ 110.263702][ C1] x8 : c397973c49bb0c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.265916][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 110.268093][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 110.270303][ C1] Call trace: [ 110.271179][ C1] invalidate_bh_lru+0x128/0x234 [ 110.272461][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 110.274133][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.276023][ C1] ipi_handler+0x10c/0x710 [ 110.277229][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 110.278788][ C1] handle_domain_irq+0x144/0x1fc [ 110.280138][ C1] gic_handle_irq+0x78/0x1c8 [ 110.281447][ C1] call_on_irq_stack+0x24/0x30 [ 110.282761][ C1] do_interrupt_handler+0x6c/0x88 [ 110.284156][ C1] el1_interrupt+0x30/0x58 [ 110.285389][ C1] el1h_64_irq_handler+0x18/0x24 [ 110.286713][ C1] el1h_64_irq+0x78/0x7c [ 110.287898][ C1] __sanitizer_cov_trace_const_cmp8+0xb4/0xc0 [ 110.289574][ C1] shmem_getpage_gfp+0x1028/0x1ef0 [ 110.290956][ C1] shmem_write_begin+0xe0/0x29c [ 110.292278][ C1] generic_perform_write+0x204/0x480 [ 110.293766][ C1] __generic_file_write_iter+0x23c/0x454 [ 110.295275][ C1] generic_file_write_iter+0xb0/0x1b4 [ 110.296690][ C1] vfs_write+0x7c8/0xa2c [ 110.298010][ C1] ksys_write+0x120/0x210 [ 110.299281][ C1] __arm64_sys_write+0x7c/0x90 [ 110.300576][ C1] invoke_syscall+0x98/0x2b8 [ 110.301794][ C1] el0_svc_common+0x138/0x258 [ 110.303076][ C1] do_el0_svc+0x58/0x14c [ 110.304241][ C1] el0_svc+0x78/0x1e0 [ 110.305413][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 110.307122][ C1] el0t_64_sync+0x1a0/0x1a4 [ 110.308432][ C1] irq event stamp: 340 [ 110.309522][ C1] hardirqs last enabled at (339): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 110.312661][ C1] hardirqs last disabled at (340): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.315339][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 110.317900][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 110.320384][ C1] ---[ end trace 66aa56eb2031fbdb ]--- [ 110.347406][ T4945] loop0: detected capacity change from 0 to 128 [ 110.351421][ T4945] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.353714][ T4945] Bad inode number on dev loop0: 2 is out of range [ 110.355551][ T4945] SysV FS: get root inode failed [ 110.356965][ T4945] oldfs: cannot read superblock [ 110.384354][ C0] ------------[ cut here ]------------ [ 110.385874][ C0] VFS: brelse: Trying to free free buffer [ 110.387528][ C0] WARNING: CPU: 0 PID: 148 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.389941][ C0] Modules linked in: [ 110.390963][ C0] CPU: 0 PID: 148 Comm: kworker/u4:2 Tainted: G W 5.15.187-syzkaller #0 [ 110.393578][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 110.396439][ C0] Workqueue: bat_events batadv_nc_worker [ 110.397938][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.400143][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 110.401746][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 110.403190][ C0] sp : ffff800008007de0 [ 110.404391][ C0] x29: ffff800008007de0 x28: ffff0000c2d351c0 x27: 1fffe0003421845b [ 110.406633][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 110.408855][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7665b40 [ 110.411018][ C0] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000010002 [ 110.413123][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 110.415236][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.417319][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cfa5bc6fb1fc9700 [ 110.419573][ C0] x8 : cfa5bc6fb1fc9700 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.421737][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 110.424024][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 110.426354][ C0] Call trace: [ 110.427263][ C0] invalidate_bh_lru+0x128/0x234 [ 110.428630][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 110.430247][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.432250][ C0] ipi_handler+0x10c/0x710 [ 110.433450][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 110.435018][ C0] handle_domain_irq+0x144/0x1fc [ 110.436501][ C0] gic_handle_irq+0x78/0x1c8 [ 110.437794][ C0] call_on_irq_stack+0x24/0x30 [ 110.439141][ C0] do_interrupt_handler+0x6c/0x88 [ 110.440595][ C0] el1_interrupt+0x30/0x58 [ 110.441876][ C0] el1h_64_irq_handler+0x18/0x24 [ 110.443238][ C0] el1h_64_irq+0x78/0x7c [ 110.444472][ C0] __local_bh_enable_ip+0x200/0x380 [ 110.446059][ C0] _raw_spin_unlock_bh+0xec/0x174 [ 110.447453][ C0] batadv_nc_purge_paths+0x308/0x390 [ 110.448912][ C0] batadv_nc_worker+0x300/0x554 [ 110.450317][ C0] process_one_work+0x79c/0x1140 [ 110.451665][ C0] worker_thread+0x8f4/0x101c [ 110.452930][ C0] kthread+0x374/0x454 [ 110.454058][ C0] ret_from_fork+0x10/0x20 [ 110.455242][ C0] irq event stamp: 284024 [ 110.456388][ C0] hardirqs last enabled at (284023): [] __local_bh_enable_ip+0x1f8/0x380 [ 110.459098][ C0] hardirqs last disabled at (284024): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.461721][ C0] softirqs last enabled at (284022): [] batadv_nc_purge_paths+0x308/0x390 [ 110.464353][ C0] softirqs last disabled at (284020): [] batadv_nc_purge_paths+0xd0/0x390 [ 110.466993][ C0] ---[ end trace 66aa56eb2031fbdc ]--- [ 110.549488][ T4949] loop0: detected capacity change from 0 to 128 [ 110.645942][ T4949] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.648008][ T4949] Bad inode number on dev loop0: 2 is out of range [ 110.649914][ T4949] SysV FS: get root inode failed [ 110.651234][ T4949] oldfs: cannot read superblock [ 110.676695][ C1] ------------[ cut here ]------------ [ 110.678346][ C1] VFS: brelse: Trying to free free buffer [ 110.679961][ C1] WARNING: CPU: 1 PID: 4951 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.682422][ C1] Modules linked in: [ 110.683507][ C1] CPU: 1 PID: 4951 Comm: syz.0.39 Tainted: G W 5.15.187-syzkaller #0 [ 110.686110][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 110.689017][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.691141][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 110.692613][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 110.694146][ C1] sp : ffff800008017de0 [ 110.695276][ C1] x29: ffff800008017de0 x28: ffff0000cc0db680 x27: 1fffe0003421c65c [ 110.697507][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 110.699719][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcee37a0 [ 110.701943][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 110.704209][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 110.706370][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.708663][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 3aeb89572aebfd00 [ 110.710869][ C1] x8 : 3aeb89572aebfd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.713101][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 110.715392][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 110.717647][ C1] Call trace: [ 110.718546][ C1] invalidate_bh_lru+0x128/0x234 [ 110.719893][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 110.721514][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.723426][ C1] ipi_handler+0x10c/0x710 [ 110.724716][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 110.726224][ C1] handle_domain_irq+0x144/0x1fc [ 110.727576][ C1] gic_handle_irq+0x78/0x1c8 [ 110.728913][ C1] call_on_irq_stack+0x24/0x30 [ 110.730198][ C1] do_interrupt_handler+0x6c/0x88 [ 110.731595][ C1] el1_interrupt+0x30/0x58 [ 110.732789][ C1] el1h_64_irq_handler+0x18/0x24 [ 110.734110][ C1] el1h_64_irq+0x78/0x7c [ 110.735390][ C1] lock_page_memcg+0x120/0x234 [ 110.736700][ C1] page_remove_rmap+0x3c/0xfd0 [ 110.738045][ C1] unmap_page_range+0xbb4/0x1958 [ 110.739414][ C1] unmap_single_vma+0x13c/0x1e4 [ 110.740837][ C1] unmap_vmas+0x104/0x200 [ 110.742041][ C1] exit_mmap+0x2a8/0x4e0 [ 110.743239][ C1] __mmput+0xec/0x3b8 [ 110.744308][ C1] mmput+0x80/0xc8 [ 110.745407][ C1] exit_mm+0x4a0/0x684 [ 110.746573][ C1] do_exit+0x4ec/0x1f58 [ 110.747815][ C1] do_group_exit+0x100/0x268 [ 110.749108][ C1] get_signal+0x73c/0x1340 [ 110.750437][ C1] do_notify_resume+0x35c/0x3128 [ 110.751804][ C1] el0_svc+0xf0/0x1e0 [ 110.752931][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 110.754246][ C1] el0t_64_sync+0x1a0/0x1a4 [ 110.755505][ C1] irq event stamp: 1586 [ 110.756613][ C1] hardirqs last enabled at (1585): [] lock_page_memcg+0x110/0x234 [ 110.759213][ C1] hardirqs last disabled at (1586): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.761978][ C1] softirqs last enabled at (666): [] local_bh_enable+0x10/0x34 [ 110.764578][ C1] softirqs last disabled at (664): [] local_bh_disable+0x10/0x34 [ 110.767125][ C1] ---[ end trace 66aa56eb2031fbdd ]--- [ 110.850099][ T4953] loop0: detected capacity change from 0 to 128 [ 110.884597][ T4953] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.886628][ T4953] Bad inode number on dev loop0: 2 is out of range [ 110.888411][ T4953] SysV FS: get root inode failed [ 110.889771][ T4953] oldfs: cannot read superblock [ 110.891062][ T4953] ------------[ cut here ]------------ [ 110.892731][ T4953] VFS: brelse: Trying to free free buffer [ 110.894452][ T4953] WARNING: CPU: 0 PID: 4953 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.896923][ T4953] Modules linked in: [ 110.898009][ T4953] CPU: 0 PID: 4953 Comm: syz.0.40 Tainted: G W 5.15.187-syzkaller #0 [ 110.900489][ T4953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 110.903270][ T4953] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.905545][ T4953] pc : invalidate_bh_lru+0x128/0x234 [ 110.906991][ T4953] lr : invalidate_bh_lru+0x128/0x234 [ 110.908450][ T4953] sp : ffff80001fb376e0 [ 110.909628][ T4953] x29: ffff80001fb376e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 110.911839][ T4953] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 110.914001][ T4953] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e7665ee0 [ 110.916113][ T4953] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 110.918267][ T4953] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 110.920399][ T4953] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.922670][ T4953] x11: 0000000000000002 x10: 0000000000000000 x9 : 6f51f0a5fce04900 [ 110.924898][ T4953] x8 : 6f51f0a5fce04900 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.927081][ T4953] x5 : ffff80001fb36fd8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 110.929310][ T4953] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 110.931551][ T4953] Call trace: [ 110.932439][ T4953] invalidate_bh_lru+0x128/0x234 [ 110.933755][ T4953] smp_call_function_many_cond+0xa50/0xeb0 [ 110.935355][ T4953] on_each_cpu_cond_mask+0x5c/0xc4 [ 110.936772][ T4953] invalidate_bh_lrus+0x34/0x40 [ 110.938085][ T4953] blkdev_flush_mapping+0x168/0x31c [ 110.939470][ T4953] blkdev_put+0x490/0x6ac [ 110.940722][ T4953] kill_block_super+0x98/0xdc [ 110.941996][ T4953] deactivate_locked_super+0xb8/0x13c [ 110.943515][ T4953] mount_bdev+0x284/0x358 [ 110.944688][ T4953] sysv_mount+0x44/0x58 [ 110.945771][ T4953] legacy_get_tree+0xd4/0x16c [ 110.947119][ T4953] vfs_get_tree+0x90/0x274 [ 110.948406][ T4953] do_new_mount+0x228/0x810 [ 110.949681][ T4953] path_mount+0x5b4/0x1000 [ 110.950952][ T4953] __arm64_sys_mount+0x514/0x5e4 [ 110.952232][ T4953] invoke_syscall+0x98/0x2b8 [ 110.953502][ T4953] el0_svc_common+0x138/0x258 [ 110.954764][ T4953] do_el0_svc+0x58/0x14c [ 110.955927][ T4953] el0_svc+0x78/0x1e0 [ 110.957017][ T4953] el0t_64_sync_handler+0xcc/0xe4 [ 110.958439][ T4953] el0t_64_sync+0x1a0/0x1a4 [ 110.959605][ T4953] irq event stamp: 1290 [ 110.960705][ T4953] hardirqs last enabled at (1289): [] kasan_quarantine_put+0xc4/0x204 [ 110.963433][ T4953] hardirqs last disabled at (1290): [] smp_call_function_many_cond+0xa44/0xeb0 [ 110.966200][ T4953] softirqs last enabled at (772): [] local_bh_enable+0x10/0x34 [ 110.968716][ T4953] softirqs last disabled at (770): [] local_bh_disable+0x10/0x34 [ 110.971381][ T4953] ---[ end trace 66aa56eb2031fbde ]--- [ 111.035469][ T9] device hsr_slave_0 left promiscuous mode [ 111.073133][ T9] device hsr_slave_1 left promiscuous mode [ 111.103395][ T4955] loop0: detected capacity change from 0 to 128 [ 111.142225][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.144317][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.147820][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.149910][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.155606][ T4955] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.156076][ T9] device bridge_slave_1 left promiscuous mode [ 111.157554][ T4955] Bad inode number on dev loop0: 2 is out of range [ 111.159361][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.161008][ T4955] SysV FS: get root inode failed [ 111.164949][ T4955] oldfs: cannot read superblock [ 111.177577][ T4472] ------------[ cut here ]------------ [ 111.179208][ T4472] VFS: brelse: Trying to free free buffer [ 111.180933][ T4472] WARNING: CPU: 1 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.183373][ T4472] Modules linked in: [ 111.184438][ T4472] CPU: 1 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 111.186932][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.189751][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.191882][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 111.193373][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 111.194883][ T4472] sp : ffff80001f7377c0 [ 111.196038][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 111.198195][ T4472] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 111.200427][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcee3b40 [ 111.202686][ T4472] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 111.205042][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 111.207287][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.209520][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 111.211749][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.214086][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 111.216314][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 111.218551][ T4472] Call trace: [ 111.219438][ T4472] invalidate_bh_lru+0x128/0x234 [ 111.220806][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 111.222459][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 111.223932][ T4472] invalidate_bh_lrus+0x34/0x40 [ 111.225320][ T4472] blkdev_flush_mapping+0x168/0x31c [ 111.226784][ T4472] blkdev_put+0x490/0x6ac [ 111.227945][ T4472] blkdev_close+0x74/0xb0 [ 111.229232][ T4472] __fput+0x1c0/0x7f8 [ 111.230283][ T4472] ____fput+0x20/0x30 [ 111.231370][ T4472] task_work_run+0x12c/0x1e0 [ 111.232647][ T4472] do_notify_resume+0x24b4/0x3128 [ 111.233988][ T4472] el0_svc+0xf0/0x1e0 [ 111.235186][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 111.236521][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 111.237751][ T4472] irq event stamp: 142876 [ 111.238949][ T4472] hardirqs last enabled at (142875): [] kasan_quarantine_put+0xc4/0x204 [ 111.241703][ T4472] hardirqs last disabled at (142876): [] smp_call_function_many_cond+0xa44/0xeb0 [ 111.244666][ T4472] softirqs last enabled at (141896): [] handle_softirqs+0xa4c/0xbf0 [ 111.247343][ T4472] softirqs last disabled at (141857): [] __irq_exit_rcu+0x240/0x440 [ 111.249968][ T4472] ---[ end trace 66aa56eb2031fbdf ]--- [ 111.252988][ T7] Bluetooth: hci0: command 0x0419 tx timeout [ 111.263114][ T9] device bridge_slave_0 left promiscuous mode [ 111.265161][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.286396][ T4957] loop0: detected capacity change from 0 to 128 [ 111.290967][ T4957] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.293459][ T4957] Bad inode number on dev loop0: 2 is out of range [ 111.295206][ T4957] SysV FS: get root inode failed [ 111.296514][ T4957] oldfs: cannot read superblock [ 111.314722][ T4472] ------------[ cut here ]------------ [ 111.316304][ T4472] VFS: brelse: Trying to free free buffer [ 111.317925][ T4472] WARNING: CPU: 1 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.320383][ T4472] Modules linked in: [ 111.321416][ T4472] CPU: 1 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 111.323873][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.326602][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.328743][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 111.330176][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 111.331576][ T4472] sp : ffff80001f7377c0 [ 111.332709][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 111.334911][ T4472] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 111.337135][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcee3ee0 [ 111.339314][ T4472] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 111.341475][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 111.343674][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.345921][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 111.348173][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.350421][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 111.352504][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 111.354720][ T4472] Call trace: [ 111.355599][ T4472] invalidate_bh_lru+0x128/0x234 [ 111.356961][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 111.358570][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 111.359981][ T4472] invalidate_bh_lrus+0x34/0x40 [ 111.361337][ T4472] blkdev_flush_mapping+0x168/0x31c [ 111.362722][ T4472] blkdev_put+0x490/0x6ac [ 111.363870][ T4472] blkdev_close+0x74/0xb0 [ 111.365129][ T4472] __fput+0x1c0/0x7f8 [ 111.366294][ T4472] ____fput+0x20/0x30 [ 111.367392][ T4472] task_work_run+0x12c/0x1e0 [ 111.368649][ T4472] do_notify_resume+0x24b4/0x3128 [ 111.370037][ T4472] el0_svc+0xf0/0x1e0 [ 111.371140][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 111.372549][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 111.373737][ T4472] irq event stamp: 146070 [ 111.374992][ T4472] hardirqs last enabled at (146069): [] kasan_quarantine_put+0xc4/0x204 [ 111.377625][ T4472] hardirqs last disabled at (146070): [] smp_call_function_many_cond+0xa44/0xeb0 [ 111.380473][ T4472] softirqs last enabled at (146058): [] handle_softirqs+0xa4c/0xbf0 [ 111.383065][ T4472] softirqs last disabled at (146029): [] __irq_exit_rcu+0x240/0x440 [ 111.385685][ T4472] ---[ end trace 66aa56eb2031fbe0 ]--- [ 111.408107][ T4959] loop0: detected capacity change from 0 to 128 [ 111.412442][ T9] device veth1_macvtap left promiscuous mode [ 111.414149][ T9] device veth0_macvtap left promiscuous mode [ 111.415821][ T9] device veth1_vlan left promiscuous mode [ 111.417436][ T9] device veth0_vlan left promiscuous mode [ 111.462011][ T4959] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.464118][ T4959] Bad inode number on dev loop0: 2 is out of range [ 111.465956][ T4959] SysV FS: get root inode failed [ 111.467290][ T4959] oldfs: cannot read superblock [ 111.518493][ T4472] ------------[ cut here ]------------ [ 111.520006][ T4472] VFS: brelse: Trying to free free buffer [ 111.521765][ T4472] WARNING: CPU: 0 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.524193][ T4472] Modules linked in: [ 111.525225][ T4472] CPU: 0 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 111.527668][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.530415][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.532525][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 111.534029][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 111.535514][ T4472] sp : ffff80001f7377c0 [ 111.536637][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 111.538867][ T4472] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 111.541065][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de267060 [ 111.543267][ T4472] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 111.545411][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 111.547531][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.549806][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 111.552058][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.554248][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 111.556433][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 111.558637][ T4472] Call trace: [ 111.559536][ T4472] invalidate_bh_lru+0x128/0x234 [ 111.560912][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 111.562579][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 111.564015][ T4472] invalidate_bh_lrus+0x34/0x40 [ 111.565388][ T4472] blkdev_flush_mapping+0x168/0x31c [ 111.566777][ T4472] blkdev_put+0x490/0x6ac [ 111.567934][ T4472] blkdev_close+0x74/0xb0 [ 111.569084][ T4472] __fput+0x1c0/0x7f8 [ 111.570202][ T4472] ____fput+0x20/0x30 [ 111.571353][ T4472] task_work_run+0x12c/0x1e0 [ 111.572642][ T4472] do_notify_resume+0x24b4/0x3128 [ 111.574000][ T4472] el0_svc+0xf0/0x1e0 [ 111.575105][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 111.576503][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 111.577698][ T4472] irq event stamp: 152746 [ 111.578910][ T4472] hardirqs last enabled at (152745): [] kasan_quarantine_put+0xc4/0x204 [ 111.581625][ T4472] hardirqs last disabled at (152746): [] smp_call_function_many_cond+0xa44/0xeb0 [ 111.584553][ T4472] softirqs last enabled at (151416): [] handle_softirqs+0xa4c/0xbf0 [ 111.587283][ T4472] softirqs last disabled at (151149): [] __irq_exit_rcu+0x240/0x440 [ 111.589986][ T4472] ---[ end trace 66aa56eb2031fbe1 ]--- [ 111.655911][ T4965] loop0: detected capacity change from 0 to 128 [ 111.691664][ T4965] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.694675][ T4965] Bad inode number on dev loop0: 2 is out of range [ 111.696520][ T4965] SysV FS: get root inode failed [ 111.697854][ T4965] oldfs: cannot read superblock [ 111.705432][ C1] ------------[ cut here ]------------ [ 111.707033][ C1] VFS: brelse: Trying to free free buffer [ 111.708741][ C1] WARNING: CPU: 1 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.711190][ C1] Modules linked in: [ 111.712236][ C1] CPU: 1 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 111.714939][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.717765][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.720026][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 111.721542][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 111.723038][ C1] sp : ffff800008017de0 [ 111.724190][ C1] x29: ffff800008017de0 x28: ffff0000d424d1c0 x27: 1fffe0003421c65c [ 111.726411][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 111.728644][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de067df8 [ 111.730820][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 111.733018][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 111.735307][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.737460][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 76fb6547b08c6800 [ 111.739654][ C1] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.741869][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 111.744148][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 111.746391][ C1] Call trace: [ 111.747314][ C1] invalidate_bh_lru+0x128/0x234 [ 111.748705][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 111.750342][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 111.752279][ C1] ipi_handler+0x10c/0x710 [ 111.753520][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 111.754983][ C1] handle_domain_irq+0x144/0x1fc [ 111.756380][ C1] gic_handle_irq+0x78/0x1c8 [ 111.757666][ C1] call_on_irq_stack+0x24/0x30 [ 111.758935][ C1] do_interrupt_handler+0x6c/0x88 [ 111.760335][ C1] el1_interrupt+0x30/0x58 [ 111.761606][ C1] el1h_64_irq_handler+0x18/0x24 [ 111.762995][ C1] el1h_64_irq+0x78/0x7c [ 111.764199][ C1] _raw_write_unlock_irq+0xa0/0x128 [ 111.765610][ C1] release_task+0x1494/0x16a0 [ 111.766956][ C1] wait_consider_task+0x1508/0x27cc [ 111.768442][ C1] do_wait+0x2f8/0xa98 [ 111.769576][ C1] kernel_wait4+0x1d0/0x318 [ 111.770892][ C1] __arm64_sys_wait4+0x120/0x2d0 [ 111.772304][ C1] invoke_syscall+0x98/0x2b8 [ 111.773548][ C1] el0_svc_common+0x138/0x258 [ 111.774805][ C1] do_el0_svc+0x58/0x14c [ 111.775937][ C1] el0_svc+0x78/0x1e0 [ 111.777024][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 111.778365][ C1] el0t_64_sync+0x1a0/0x1a4 [ 111.779891][ C1] irq event stamp: 193630 [ 111.781106][ C1] hardirqs last enabled at (193629): [] _raw_write_unlock_irq+0x98/0x128 [ 111.783867][ C1] hardirqs last disabled at (193630): [] enter_el1_irq_or_nmi+0x10/0x1c [ 111.786612][ C1] softirqs last enabled at (193610): [] local_bh_enable+0x10/0x34 [ 111.789405][ C1] softirqs last disabled at (193608): [] local_bh_disable+0x10/0x34 [ 111.792082][ C1] ---[ end trace 66aa56eb2031fbe2 ]--- [ 111.849305][ T4967] loop0: detected capacity change from 0 to 128 [ 111.871674][ T9] team0 (unregistering): Port device team_slave_1 removed [ 111.880575][ T9] team0 (unregistering): Port device team_slave_0 removed [ 111.885764][ T4967] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.887798][ T4967] Bad inode number on dev loop0: 2 is out of range [ 111.889667][ T4967] SysV FS: get root inode failed [ 111.891418][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 111.893951][ T4967] oldfs: cannot read superblock [ 111.893996][ C1] ------------[ cut here ]------------ [ 111.894023][ C1] VFS: brelse: Trying to free free buffer [ 111.894112][ C1] WARNING: CPU: 1 PID: 9 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.894135][ C1] Modules linked in: [ 111.894143][ C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Tainted: G W 5.15.187-syzkaller #0 [ 111.894155][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.894162][ C1] Workqueue: netns cleanup_net [ 111.894175][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.894186][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 111.894195][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 111.894204][ C1] sp : ffff800008017200 [ 111.894208][ C1] x29: ffff800008017200 x28: ffff0000c0948000 x27: 1fffe0003421c65b [ 111.894225][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 111.894241][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de067318 [ 111.894256][ C1] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000010102 [ 111.894273][ C1] x17: 0000000000010102 x16: ffff8000082d6448 x15: 0000000000000063 [ 111.894310][ C1] x14: 0000000000ff0100 x13: 1ffff0000283006b x12: 0000000000ff0100 [ 111.894327][ C1] x11: 0000000000010102 x10: 0000000000010102 x9 : a68948eb3b42c000 [ 111.894342][ C1] x8 : a68948eb3b42c000 x7 : ffff8000082f6fc4 x6 : 0000000000000000 [ 111.894358][ C1] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff8000082d655c [ 111.894373][ C1] x2 : 0000000000000001 x1 : 0000000000010102 x0 : 0000000000000027 [ 111.894388][ C1] Call trace: [ 111.894393][ C1] invalidate_bh_lru+0x128/0x234 [ 111.894403][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 111.894413][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 111.894423][ C1] ipi_handler+0x10c/0x710 [ 111.894433][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 111.894443][ C1] handle_domain_irq+0x144/0x1fc [ 111.894452][ C1] gic_handle_irq+0x78/0x1c8 [ 111.894460][ C1] do_interrupt_handler+0x74/0x88 [ 111.894469][ C1] el1_interrupt+0x30/0x58 [ 111.894478][ C1] el1h_64_irq_handler+0x18/0x24 [ 111.894486][ C1] el1h_64_irq+0x78/0x7c [ 111.894493][ C1] __sanitizer_cov_trace_cmp8+0x6c/0xc0 [ 111.894503][ C1] arch_stack_walk+0x200/0x2b4 [ 111.894511][ C1] stack_trace_save+0x94/0xd8 [ 111.894521][ C1] kasan_set_track+0x4c/0x84 [ 111.894532][ C1] kasan_set_free_info+0x28/0x4c [ 111.894540][ C1] ____kasan_slab_free+0x118/0x164 [ 111.894549][ C1] __kasan_slab_free+0x18/0x28 [ 111.894558][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 111.894567][ C1] kfree+0x170/0x40c [ 111.894575][ C1] free_fib_info_rcu+0x2cc/0x378 [ 111.894584][ C1] rcu_core+0x7c8/0x1764 [ 111.894593][ C1] rcu_core_si+0x10/0x1c [ 111.894600][ C1] handle_softirqs+0x344/0xbf0 [ 111.894610][ C1] __irq_exit_rcu+0x240/0x440 [ 111.894619][ C1] irq_exit+0x14/0x88 [ 111.894628][ C1] handle_domain_irq+0x14c/0x1fc [ 111.894636][ C1] gic_handle_irq+0x78/0x1c8 [ 111.894650][ C1] call_on_irq_stack+0x24/0x30 [ 111.894658][ C1] do_interrupt_handler+0x6c/0x88 [ 111.894667][ C1] el1_interrupt+0x30/0x58 [ 111.894674][ C1] el1h_64_irq_handler+0x18/0x24 [ 111.894682][ C1] el1h_64_irq+0x78/0x7c [ 111.894690][ C1] console_unlock+0xc90/0x133c [ 111.894700][ C1] vprintk_emit+0x13c/0x218 [ 111.894709][ C1] vprintk_default+0x54/0x80 [ 111.894718][ C1] vprintk+0x1e8/0x284 [ 111.894725][ C1] _printk+0xd0/0x118 [ 111.894733][ C1] __netdev_printk+0x1f8/0x39c [ 111.894743][ C1] netdev_info+0xec/0x138 [ 111.894752][ C1] __bond_release_one+0x478/0xf50 [ 111.894763][ C1] bond_netdev_event+0x554/0xc5c [ 111.894771][ C1] raw_notifier_call_chain+0xd4/0x164 [ 111.894780][ C1] unregister_netdevice_many+0xe10/0x17d0 [ 111.894790][ C1] default_device_exit_batch+0x444/0x4a4 [ 111.894798][ C1] cleanup_net+0x644/0xa98 [ 111.894806][ C1] process_one_work+0x79c/0x1140 [ 111.894816][ C1] worker_thread+0x8f4/0x101c [ 111.894825][ C1] kthread+0x374/0x454 [ 111.894833][ C1] ret_from_fork+0x10/0x20 [ 111.894842][ C1] irq event stamp: 1093929 [ 111.894845][ C1] hardirqs last enabled at (1093928): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 111.894859][ C1] hardirqs last disabled at (1093929): [] enter_el1_irq_or_nmi+0x10/0x1c [ 111.894871][ C1] softirqs last enabled at (1093876): [] clusterip_netdev_event+0x384/0x3ac [ 111.894883][ C1] softirqs last disabled at (1093885): [] __irq_exit_rcu+0x240/0x440 [ 111.894896][ C1] ---[ end trace 66aa56eb2031fbe3 ]--- [ 112.051056][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.086746][ T4971] loop0: detected capacity change from 0 to 128 [ 112.101442][ T4971] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.106892][ T4971] Bad inode number on dev loop0: 2 is out of range [ 112.108933][ T4971] SysV FS: get root inode failed [ 112.110223][ T4971] oldfs: cannot read superblock [ 112.175341][ T4971] ------------[ cut here ]------------ [ 112.176903][ T4971] VFS: brelse: Trying to free free buffer [ 112.178652][ T4971] WARNING: CPU: 0 PID: 4971 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.180413][ T9] bond0 (unregistering): Released all slaves [ 112.181246][ T4971] Modules linked in: [ 112.183982][ T4971] CPU: 0 PID: 4971 Comm: syz.0.49 Tainted: G W 5.15.187-syzkaller #0 [ 112.186583][ T4971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.189452][ T4971] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.191608][ T4971] pc : invalidate_bh_lru+0x128/0x234 [ 112.193142][ T4971] lr : invalidate_bh_lru+0x128/0x234 [ 112.194705][ T4971] sp : ffff80001fbd6f70 [ 112.195875][ T4971] x29: ffff80001fbd6f70 x28: ffff80001417d000 x27: 1fffe0003421845b [ 112.198132][ T4971] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 112.200424][ T4971] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de267400 [ 112.202503][ T4971] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 112.204620][ T4971] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 112.206853][ T4971] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.209050][ T4971] x11: 0000000000000002 x10: 0000000000000000 x9 : 59c1e702a5979500 [ 112.211313][ T4971] x8 : 59c1e702a5979500 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.213506][ T4971] x5 : ffff80001fbd6858 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 112.215814][ T4971] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 112.218045][ T4971] Call trace: [ 112.218960][ T4971] invalidate_bh_lru+0x128/0x234 [ 112.220277][ T4971] smp_call_function_many_cond+0xa50/0xeb0 [ 112.221898][ T4971] on_each_cpu_cond_mask+0x5c/0xc4 [ 112.223367][ T4971] invalidate_bh_lrus+0x34/0x40 [ 112.224754][ T4971] invalidate_bdev+0x90/0xc0 [ 112.226075][ T4971] __loop_clr_fd+0x4e4/0x978 [ 112.227424][ T4971] lo_ioctl+0xd90/0x1c08 [ 112.228571][ T4971] blkdev_ioctl+0x5f8/0xbb8 [ 112.229847][ T4971] block_ioctl+0xa4/0x118 [ 112.231024][ T4971] __arm64_sys_ioctl+0x14c/0x1c8 [ 112.232372][ T4971] invoke_syscall+0x98/0x2b8 [ 112.233721][ T4971] el0_svc_common+0x138/0x258 [ 112.235066][ T4971] do_el0_svc+0x58/0x14c [ 112.236269][ T4971] el0_svc+0x78/0x1e0 [ 112.237466][ T4971] el0t_64_sync_handler+0xcc/0xe4 [ 112.238856][ T4971] el0t_64_sync+0x1a0/0x1a4 [ 112.240075][ T4971] irq event stamp: 1350 [ 112.241224][ T4971] hardirqs last enabled at (1349): [] _raw_spin_unlock_irq+0x98/0x128 [ 112.243935][ T4971] hardirqs last disabled at (1350): [] smp_call_function_many_cond+0xa44/0xeb0 [ 112.246897][ T4971] softirqs last enabled at (1306): [] handle_softirqs+0xa4c/0xbf0 [ 112.249478][ T4971] softirqs last disabled at (1263): [] __irq_exit_rcu+0x240/0x440 [ 112.252096][ T4971] ---[ end trace 66aa56eb2031fbe4 ]--- [ 112.287598][ T4973] loop0: detected capacity change from 0 to 128 [ 112.303219][ T4973] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.305184][ T4973] Bad inode number on dev loop0: 2 is out of range [ 112.307020][ T4973] SysV FS: get root inode failed [ 112.308413][ T4973] oldfs: cannot read superblock [ 112.337313][ C0] ------------[ cut here ]------------ [ 112.338833][ C0] VFS: brelse: Trying to free free buffer [ 112.340506][ C0] WARNING: CPU: 0 PID: 3656 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.343089][ C0] Modules linked in: [ 112.344147][ C0] CPU: 0 PID: 3656 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 112.346686][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.349436][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.351587][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 112.353050][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 112.354492][ C0] sp : ffff800008007de0 [ 112.355710][ C0] x29: ffff800008007de0 x28: ffff0000d5ce9b40 x27: 1fffe0003421845b [ 112.358023][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 112.360311][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2677a0 [ 112.362488][ C0] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000010003 [ 112.364699][ C0] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 112.366969][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.369176][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : be8ba9485b4c4000 [ 112.371490][ C0] x8 : be8ba9485b4c4000 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.373748][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 112.376107][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 112.378323][ C0] Call trace: [ 112.379245][ C0] invalidate_bh_lru+0x128/0x234 [ 112.380683][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 112.382405][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.384314][ C0] ipi_handler+0x10c/0x710 [ 112.385503][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 112.387030][ C0] handle_domain_irq+0x144/0x1fc [ 112.388405][ C0] gic_handle_irq+0x78/0x1c8 [ 112.389766][ C0] call_on_irq_stack+0x24/0x30 [ 112.391089][ C0] do_interrupt_handler+0x6c/0x88 [ 112.392554][ C0] el1_interrupt+0x30/0x58 [ 112.393770][ C0] el1h_64_irq_handler+0x18/0x24 [ 112.395145][ C0] el1h_64_irq+0x78/0x7c [ 112.396368][ C0] finish_lock_switch+0xb8/0x1c4 [ 112.397762][ C0] finish_task_switch+0x120/0x6b0 [ 112.399187][ C0] __schedule+0xe04/0x1c0c [ 112.400427][ C0] schedule+0x11c/0x1c8 [ 112.401612][ C0] schedule_hrtimeout_range_clock+0x18c/0x340 [ 112.403330][ C0] schedule_hrtimeout_range+0x38/0x4c [ 112.404806][ C0] ep_poll+0x1328/0x1598 [ 112.405904][ C0] do_epoll_wait+0x1a0/0x218 [ 112.407213][ C0] do_epoll_pwait+0x70/0x19c [ 112.408457][ C0] __arm64_sys_epoll_pwait+0x1e0/0x234 [ 112.409945][ C0] invoke_syscall+0x98/0x2b8 [ 112.411174][ C0] el0_svc_common+0x138/0x258 [ 112.412512][ C0] do_el0_svc+0x58/0x14c [ 112.413653][ C0] el0_svc+0x78/0x1e0 [ 112.414750][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 112.416074][ C0] el0t_64_sync+0x1a0/0x1a4 [ 112.417388][ C0] irq event stamp: 1095814 [ 112.418575][ C0] hardirqs last enabled at (1095813): [] finish_lock_switch+0xb0/0x1c4 [ 112.421227][ C0] hardirqs last disabled at (1095814): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.424172][ C0] softirqs last enabled at (1093872): [] local_bh_enable+0x10/0x34 [ 112.426874][ C0] softirqs last disabled at (1093870): [] local_bh_disable+0x10/0x34 [ 112.429752][ C0] ---[ end trace 66aa56eb2031fbe5 ]--- [ 112.486886][ T4977] loop0: detected capacity change from 0 to 128 [ 112.491689][ T4977] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.494103][ T4977] Bad inode number on dev loop0: 2 is out of range [ 112.495912][ T4977] SysV FS: get root inode failed [ 112.497213][ T4977] oldfs: cannot read superblock [ 112.507522][ C0] ------------[ cut here ]------------ [ 112.509085][ C0] VFS: brelse: Trying to free free buffer [ 112.510841][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.513303][ C0] Modules linked in: [ 112.514420][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 112.517103][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.519822][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.521998][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 112.523472][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 112.524957][ C0] sp : ffff800008007de0 [ 112.526076][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 112.528341][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 112.530574][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de267b40 [ 112.532789][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 112.535061][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 112.537309][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.539514][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 112.541825][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.544027][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 112.546246][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 112.548494][ C0] Call trace: [ 112.549408][ C0] invalidate_bh_lru+0x128/0x234 [ 112.550760][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 112.552461][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.554482][ C0] ipi_handler+0x10c/0x710 [ 112.555694][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 112.557153][ C0] handle_domain_irq+0x144/0x1fc [ 112.558504][ C0] gic_handle_irq+0x78/0x1c8 [ 112.559745][ C0] call_on_irq_stack+0x24/0x30 [ 112.561063][ C0] do_interrupt_handler+0x6c/0x88 [ 112.562447][ C0] el1_interrupt+0x30/0x58 [ 112.563651][ C0] el1h_64_irq_handler+0x18/0x24 [ 112.565009][ C0] el1h_64_irq+0x78/0x7c [ 112.566147][ C0] anon_vma_clone+0xac/0x470 [ 112.567404][ C0] anon_vma_fork+0x80/0x49c [ 112.568637][ C0] copy_mm+0x7bc/0x1084 [ 112.569760][ C0] copy_process+0x14d8/0x34ac [ 112.571005][ C0] kernel_clone+0x1d8/0x9d4 [ 112.572199][ C0] __arm64_sys_clone+0x138/0x190 [ 112.573578][ C0] invoke_syscall+0x98/0x2b8 [ 112.574844][ C0] el0_svc_common+0x138/0x258 [ 112.576237][ C0] do_el0_svc+0x58/0x14c [ 112.577429][ C0] el0_svc+0x78/0x1e0 [ 112.578543][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 112.579954][ C0] el0t_64_sync+0x1a0/0x1a4 [ 112.581209][ C0] irq event stamp: 210778 [ 112.582427][ C0] hardirqs last enabled at (210777): [] pte_alloc_one+0x194/0x258 [ 112.585049][ C0] hardirqs last disabled at (210778): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.587775][ C0] softirqs last enabled at (210644): [] local_bh_enable+0x10/0x34 [ 112.590391][ C0] softirqs last disabled at (210642): [] local_bh_disable+0x10/0x34 [ 112.593053][ C0] ---[ end trace 66aa56eb2031fbe6 ]--- [ 112.646376][ T4979] loop0: detected capacity change from 0 to 128 [ 112.650563][ T4979] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.653140][ T4979] Bad inode number on dev loop0: 2 is out of range [ 112.654945][ T4979] SysV FS: get root inode failed [ 112.656317][ T4979] oldfs: cannot read superblock [ 112.665834][ C1] ------------[ cut here ]------------ [ 112.667350][ C1] VFS: brelse: Trying to free free buffer [ 112.668952][ C1] WARNING: CPU: 1 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.671333][ C1] Modules linked in: [ 112.672367][ C1] CPU: 1 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 112.675046][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.677872][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.680042][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 112.681538][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 112.683038][ C1] sp : ffff800008017de0 [ 112.684203][ C1] x29: ffff800008017de0 x28: ffff0000d424d1c0 x27: 1fffe0003421c65c [ 112.686476][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 112.688755][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de0676b8 [ 112.690990][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 112.693333][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 112.695503][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.697847][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 112.700218][ C1] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.702643][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 112.704885][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 112.707171][ C1] Call trace: [ 112.708068][ C1] invalidate_bh_lru+0x128/0x234 [ 112.709456][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 112.711161][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.713079][ C1] ipi_handler+0x10c/0x710 [ 112.714305][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 112.715870][ C1] handle_domain_irq+0x144/0x1fc [ 112.717222][ C1] gic_handle_irq+0x78/0x1c8 [ 112.718512][ C1] call_on_irq_stack+0x24/0x30 [ 112.719880][ C1] do_interrupt_handler+0x6c/0x88 [ 112.721289][ C1] el1_interrupt+0x30/0x58 [ 112.722537][ C1] el1h_64_irq_handler+0x18/0x24 [ 112.723886][ C1] el1h_64_irq+0x78/0x7c [ 112.725109][ C1] do_notify_resume+0x11c/0x3128 [ 112.726458][ C1] el0_svc+0xf0/0x1e0 [ 112.727524][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 112.728986][ C1] el0t_64_sync+0x1a0/0x1a4 [ 112.730309][ C1] irq event stamp: 212500 [ 112.731488][ C1] hardirqs last enabled at (212499): [] do_notify_resume+0x110/0x3128 [ 112.734221][ C1] hardirqs last disabled at (212500): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.737081][ C1] softirqs last enabled at (212458): [] release_sock+0x1d0/0x258 [ 112.739665][ C1] softirqs last disabled at (212456): [] release_sock+0x34/0x258 [ 112.742143][ C1] ---[ end trace 66aa56eb2031fbe7 ]--- [ 112.776003][ T4981] loop0: detected capacity change from 0 to 128 [ 112.780606][ T4981] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.782972][ T4981] Bad inode number on dev loop0: 2 is out of range [ 112.784916][ T4981] SysV FS: get root inode failed [ 112.786261][ T4981] oldfs: cannot read superblock [ 112.803724][ C0] ------------[ cut here ]------------ [ 112.805280][ C0] VFS: brelse: Trying to free free buffer [ 112.807104][ C0] WARNING: CPU: 0 PID: 4983 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.809666][ C0] Modules linked in: [ 112.810694][ C0] CPU: 0 PID: 4983 Comm: syz.0.55 Tainted: G W 5.15.187-syzkaller #0 [ 112.813241][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.816083][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.818272][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 112.819844][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 112.821289][ C0] sp : ffff800008007de0 [ 112.822454][ C0] x29: ffff800008007de0 x28: ffff0000c65ab680 x27: 1fffe0003421845c [ 112.824599][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 112.826847][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de267ee0 [ 112.829074][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 112.831340][ C0] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 112.833482][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.835706][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 6e4e7bd723be8100 [ 112.838003][ C0] x8 : 6e4e7bd723be8100 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.840200][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 112.842506][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 112.844694][ C0] Call trace: [ 112.845568][ C0] invalidate_bh_lru+0x128/0x234 [ 112.846893][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 112.848575][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.850548][ C0] ipi_handler+0x10c/0x710 [ 112.851820][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 112.853250][ C0] handle_domain_irq+0x144/0x1fc [ 112.854829][ C0] gic_handle_irq+0x78/0x1c8 [ 112.856116][ C0] call_on_irq_stack+0x24/0x30 [ 112.857474][ C0] do_interrupt_handler+0x6c/0x88 [ 112.858898][ C0] el1_interrupt+0x30/0x58 [ 112.860141][ C0] el1h_64_irq_handler+0x18/0x24 [ 112.861495][ C0] el1h_64_irq+0x78/0x7c [ 112.862591][ C0] _raw_spin_unlock_irq+0xa0/0x128 [ 112.863999][ C0] shmem_add_to_page_cache+0xcbc/0x134c [ 112.865533][ C0] shmem_getpage_gfp+0x1258/0x1ef0 [ 112.866880][ C0] shmem_write_begin+0xe0/0x29c [ 112.868219][ C0] generic_perform_write+0x204/0x480 [ 112.869670][ C0] __generic_file_write_iter+0x23c/0x454 [ 112.871226][ C0] generic_file_write_iter+0xb0/0x1b4 [ 112.872743][ C0] vfs_write+0x7c8/0xa2c [ 112.873901][ C0] ksys_write+0x120/0x210 [ 112.875106][ C0] __arm64_sys_write+0x7c/0x90 [ 112.876419][ C0] invoke_syscall+0x98/0x2b8 [ 112.877678][ C0] el0_svc_common+0x138/0x258 [ 112.878961][ C0] do_el0_svc+0x58/0x14c [ 112.880122][ C0] el0_svc+0x78/0x1e0 [ 112.881263][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 112.882675][ C0] el0t_64_sync+0x1a0/0x1a4 [ 112.883865][ C0] irq event stamp: 394 [ 112.884995][ C0] hardirqs last enabled at (393): [] _raw_spin_unlock_irq+0x98/0x128 [ 112.887719][ C0] hardirqs last disabled at (394): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.890340][ C0] softirqs last enabled at (78): [] handle_softirqs+0xa4c/0xbf0 [ 112.892929][ C0] softirqs last disabled at (27): [] __irq_exit_rcu+0x240/0x440 [ 112.895584][ C0] ---[ end trace 66aa56eb2031fbe8 ]--- [ 112.936456][ T4983] loop0: detected capacity change from 0 to 128 [ 112.940976][ T4983] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.943313][ T4983] Bad inode number on dev loop0: 2 is out of range [ 112.945145][ T4983] SysV FS: get root inode failed [ 112.946510][ T4983] oldfs: cannot read superblock [ 112.972183][ T4985] ------------[ cut here ]------------ [ 112.973733][ T4985] VFS: brelse: Trying to free free buffer [ 112.975384][ T4985] WARNING: CPU: 0 PID: 4985 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.977813][ T4985] Modules linked in: [ 112.978865][ T4985] CPU: 0 PID: 4985 Comm: syz.0.56 Tainted: G W 5.15.187-syzkaller #0 [ 112.981382][ T4985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.984219][ T4985] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.986436][ T4985] pc : invalidate_bh_lru+0x128/0x234 [ 112.987913][ T4985] lr : invalidate_bh_lru+0x128/0x234 [ 112.989384][ T4985] sp : ffff80001fbf77c0 [ 112.990485][ T4985] x29: ffff80001fbf77c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 112.992751][ T4985] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 112.994985][ T4985] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de263318 [ 112.997221][ T4985] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 112.999439][ T4985] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 113.001700][ T4985] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.003823][ T4985] x11: 0000000000000002 x10: 0000000000000000 x9 : 6e8858ebdfa9cc00 [ 113.006055][ T4985] x8 : 6e8858ebdfa9cc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.008321][ T4985] x5 : ffff80001fbf70b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 113.010535][ T4985] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 113.012709][ T4985] Call trace: [ 113.013614][ T4985] invalidate_bh_lru+0x128/0x234 [ 113.014926][ T4985] smp_call_function_many_cond+0xa50/0xeb0 [ 113.016601][ T4985] on_each_cpu_cond_mask+0x5c/0xc4 [ 113.018024][ T4985] invalidate_bh_lrus+0x34/0x40 [ 113.019387][ T4985] blkdev_flush_mapping+0x168/0x31c [ 113.020816][ T4985] blkdev_put+0x490/0x6ac [ 113.021992][ T4985] blkdev_close+0x74/0xb0 [ 113.023164][ T4985] __fput+0x1c0/0x7f8 [ 113.024311][ T4985] ____fput+0x20/0x30 [ 113.025416][ T4985] task_work_run+0x12c/0x1e0 [ 113.026714][ T4985] do_notify_resume+0x24b4/0x3128 [ 113.028065][ T4985] el0_svc+0xf0/0x1e0 [ 113.029126][ T4985] el0t_64_sync_handler+0xcc/0xe4 [ 113.030498][ T4985] el0t_64_sync+0x1a0/0x1a4 [ 113.031696][ T4985] irq event stamp: 680 [ 113.032773][ T4985] hardirqs last enabled at (679): [] finish_lock_switch+0xb0/0x1c4 [ 113.035257][ T4985] hardirqs last disabled at (680): [] smp_call_function_many_cond+0xa44/0xeb0 [ 113.038272][ T4985] softirqs last enabled at (100): [] handle_softirqs+0xa4c/0xbf0 [ 113.040849][ T4985] softirqs last disabled at (85): [] __irq_exit_rcu+0x240/0x440 [ 113.043384][ T4985] ---[ end trace 66aa56eb2031fbe9 ]--- 1970/01/01 00:01:53 executed programs: 42 [ 113.094930][ T4987] loop0: detected capacity change from 0 to 128 [ 113.100763][ T4987] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 113.103169][ T4987] Bad inode number on dev loop0: 2 is out of range [ 113.105191][ T4987] SysV FS: get root inode failed [ 113.106587][ T4987] oldfs: cannot read superblock [ 113.116814][ C0] ------------[ cut here ]------------ [ 113.118323][ C0] VFS: brelse: Trying to free free buffer [ 113.120038][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 113.122416][ C0] Modules linked in: [ 113.123510][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 113.126162][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.128885][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 113.131043][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 113.132528][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 113.133979][ C0] sp : ffff800008007de0 [ 113.135032][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 113.137212][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 113.139534][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2636b8 [ 113.141797][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 113.143939][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 113.146313][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.148486][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 113.150758][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.153001][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 113.155145][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 113.157355][ C0] Call trace: [ 113.158252][ C0] invalidate_bh_lru+0x128/0x234 [ 113.159639][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 113.161256][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 113.163136][ C0] ipi_handler+0x10c/0x710 [ 113.164494][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 113.166055][ C0] handle_domain_irq+0x144/0x1fc [ 113.167407][ C0] gic_handle_irq+0x78/0x1c8 [ 113.168713][ C0] call_on_irq_stack+0x24/0x30 [ 113.170010][ C0] do_interrupt_handler+0x6c/0x88 [ 113.171396][ C0] el1_interrupt+0x30/0x58 [ 113.172639][ C0] el1h_64_irq_handler+0x18/0x24 [ 113.174031][ C0] el1h_64_irq+0x78/0x7c [ 113.175197][ C0] kasan_quarantine_put+0xd4/0x204 [ 113.176610][ C0] ____kasan_slab_free+0x124/0x164 [ 113.177976][ C0] __kasan_slab_free+0x18/0x28 [ 113.179279][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 113.180843][ C0] kmem_cache_free+0xdc/0x3b4 [ 113.182182][ C0] security_file_free+0xc8/0xe4 [ 113.183570][ C0] __fput+0x4b8/0x7f8 [ 113.184759][ C0] ____fput+0x20/0x30 [ 113.185870][ C0] task_work_run+0x12c/0x1e0 [ 113.187216][ C0] do_notify_resume+0x24b4/0x3128 [ 113.188677][ C0] el0_svc+0xf0/0x1e0 [ 113.189835][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 113.191210][ C0] el0t_64_sync+0x1a0/0x1a4 [ 113.192470][ C0] irq event stamp: 222294 [ 113.193691][ C0] hardirqs last enabled at (222293): [] kasan_quarantine_put+0xc4/0x204 [ 113.196546][ C0] hardirqs last disabled at (222294): [] enter_el1_irq_or_nmi+0x10/0x1c [ 113.199334][ C0] softirqs last enabled at (222278): [] release_sock+0x1d0/0x258 [ 113.201976][ C0] softirqs last disabled at (222276): [] release_sock+0x34/0x258 [ 113.204535][ C0] ---[ end trace 66aa56eb2031fbea ]--- [ 113.253535][ T4989] loop0: detected capacity change from 0 to 128 [ 113.341538][ T4989] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 113.343919][ T4989] Bad inode number on dev loop0: 2 is out of range [ 113.345729][ T4989] SysV FS: get root inode failed [ 113.347089][ T4989] oldfs: cannot read superblock [ 113.355470][ T4472] ------------[ cut here ]------------ [ 113.356949][ T4472] VFS: brelse: Trying to free free buffer [ 113.358667][ T4472] WARNING: CPU: 0 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 113.361133][ T4472] Modules linked in: [ 113.362179][ T4472] CPU: 0 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 113.364725][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.367510][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 113.369644][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 113.371204][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 113.372673][ T4472] sp : ffff80001f7377c0 [ 113.373808][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 113.375982][ T4472] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 113.378200][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de263a58 [ 113.380523][ T4472] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 113.382827][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 113.385016][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.387113][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 113.389330][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.391566][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 113.393824][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 113.396169][ T4472] Call trace: [ 113.397029][ T4472] invalidate_bh_lru+0x128/0x234 [ 113.398410][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 113.399955][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 113.401344][ T4472] invalidate_bh_lrus+0x34/0x40 [ 113.402695][ T4472] blkdev_flush_mapping+0x168/0x31c [ 113.404172][ T4472] blkdev_put+0x490/0x6ac [ 113.405354][ T4472] blkdev_close+0x74/0xb0 [ 113.406560][ T4472] __fput+0x1c0/0x7f8 [ 113.407621][ T4472] ____fput+0x20/0x30 [ 113.408667][ T4472] task_work_run+0x12c/0x1e0 [ 113.409929][ T4472] do_notify_resume+0x24b4/0x3128 [ 113.411348][ T4472] el0_svc+0xf0/0x1e0 [ 113.412450][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 113.413882][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 113.415097][ T4472] irq event stamp: 198818 [ 113.416292][ T4472] hardirqs last enabled at (198817): [] kasan_quarantine_put+0xc4/0x204 [ 113.419087][ T4472] hardirqs last disabled at (198818): [] smp_call_function_many_cond+0xa44/0xeb0 [ 113.422392][ T4472] softirqs last enabled at (198034): [] local_bh_enable+0x10/0x34 [ 113.425087][ T4472] softirqs last disabled at (198032): [] local_bh_disable+0x10/0x34 [ 113.427832][ T4472] ---[ end trace 66aa56eb2031fbeb ]--- [ 113.474213][ T4991] loop0: detected capacity change from 0 to 128 [ 113.480685][ T4991] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 113.483423][ T4991] Bad inode number on dev loop0: 2 is out of range [ 113.485239][ T4991] SysV FS: get root inode failed [ 113.486613][ T4991] oldfs: cannot read superblock [ 113.510261][ T4472] ------------[ cut here ]------------ [ 113.511826][ T4472] VFS: brelse: Trying to free free buffer [ 113.513480][ T4472] WARNING: CPU: 0 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 113.515913][ T4472] Modules linked in: [ 113.517032][ T4472] CPU: 0 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 113.519472][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.522311][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 113.524371][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 113.525858][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 113.527235][ T4472] sp : ffff80001f7377c0 [ 113.528356][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 113.530583][ T4472] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 113.532812][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de263df8 [ 113.534981][ T4472] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 113.537199][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 113.539412][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.541581][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 113.543727][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.545882][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 113.548069][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 113.550414][ T4472] Call trace: [ 113.551285][ T4472] invalidate_bh_lru+0x128/0x234 [ 113.552675][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 113.554269][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 113.555641][ T4472] invalidate_bh_lrus+0x34/0x40 [ 113.556903][ T4472] blkdev_flush_mapping+0x168/0x31c [ 113.558390][ T4472] blkdev_put+0x490/0x6ac [ 113.559590][ T4472] blkdev_close+0x74/0xb0 [ 113.560801][ T4472] __fput+0x1c0/0x7f8 [ 113.561939][ T4472] ____fput+0x20/0x30 [ 113.563037][ T4472] task_work_run+0x12c/0x1e0 [ 113.564388][ T4472] do_notify_resume+0x24b4/0x3128 [ 113.565786][ T4472] el0_svc+0xf0/0x1e0 [ 113.566878][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 113.568196][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 113.569471][ T4472] irq event stamp: 201872 [ 113.570726][ T4472] hardirqs last enabled at (201871): [] kasan_quarantine_put+0xc4/0x204 [ 113.573435][ T4472] hardirqs last disabled at (201872): [] smp_call_function_many_cond+0xa44/0xeb0 [ 113.576443][ T4472] softirqs last enabled at (200408): [] handle_softirqs+0xa4c/0xbf0 [ 113.579150][ T4472] softirqs last disabled at (200355): [] __irq_exit_rcu+0x240/0x440 [ 113.581782][ T4472] ---[ end trace 66aa56eb2031fbec ]--- [ 113.627512][ T4995] loop0: detected capacity change from 0 to 128 [ 113.638062][ T4995] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 113.640171][ T4995] Bad inode number on dev loop0: 2 is out of range [ 113.641939][ T4995] SysV FS: get root inode failed [ 113.643549][ T4995] oldfs: cannot read superblock [ 113.649831][ C0] ------------[ cut here ]------------ [ 113.651309][ C0] VFS: brelse: Trying to free free buffer [ 113.653066][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 113.655527][ C0] Modules linked in: [ 113.656607][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 113.659356][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.662235][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 113.664394][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 113.665873][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 113.667318][ C0] sp : ffff800008007de0 [ 113.668492][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 113.670769][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 113.673016][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25f230 [ 113.675284][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 113.677615][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 113.679816][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.682006][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 113.684210][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.686465][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 113.688655][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 113.690894][ C0] Call trace: [ 113.691797][ C0] invalidate_bh_lru+0x128/0x234 [ 113.693207][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 113.694973][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 113.696915][ C0] ipi_handler+0x10c/0x710 [ 113.698211][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 113.699682][ C0] handle_domain_irq+0x144/0x1fc [ 113.701068][ C0] gic_handle_irq+0x78/0x1c8 [ 113.702337][ C0] call_on_irq_stack+0x24/0x30 [ 113.703588][ C0] do_interrupt_handler+0x6c/0x88 [ 113.704950][ C0] el1_interrupt+0x30/0x58 [ 113.706322][ C0] el1h_64_irq_handler+0x18/0x24 [ 113.707753][ C0] el1h_64_irq+0x78/0x7c [ 113.708875][ C0] __sanitizer_cov_trace_cmp8+0x74/0xc0 [ 113.710399][ C0] arch_stack_walk+0x200/0x2b4 [ 113.711764][ C0] stack_trace_save+0x94/0xd8 [ 113.713085][ C0] kasan_set_track+0x4c/0x84 [ 113.714384][ C0] kasan_set_free_info+0x28/0x4c [ 113.715742][ C0] ____kasan_slab_free+0x118/0x164 [ 113.717202][ C0] __kasan_slab_free+0x18/0x28 [ 113.718503][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 113.719939][ C0] kfree+0x170/0x40c [ 113.721049][ C0] tomoyo_realpath_from_path+0x4c8/0x510 [ 113.722664][ C0] tomoyo_path_number_perm+0x1b0/0x518 [ 113.724141][ C0] tomoyo_path_mkdir+0xa8/0xec [ 113.725450][ C0] security_path_mkdir+0xec/0x13c [ 113.726848][ C0] do_mkdirat+0x154/0x508 [ 113.728029][ C0] __arm64_sys_mkdirat+0x90/0xa8 [ 113.729360][ C0] invoke_syscall+0x98/0x2b8 [ 113.730641][ C0] el0_svc_common+0x138/0x258 [ 113.731926][ C0] do_el0_svc+0x58/0x14c [ 113.733145][ C0] el0_svc+0x78/0x1e0 [ 113.734294][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 113.735809][ C0] el0t_64_sync+0x1a0/0x1a4 [ 113.737062][ C0] irq event stamp: 230380 [ 113.738177][ C0] hardirqs last enabled at (230379): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 113.741374][ C0] hardirqs last disabled at (230380): [] enter_el1_irq_or_nmi+0x10/0x1c [ 113.744077][ C0] softirqs last enabled at (229770): [] local_bh_enable+0x10/0x34 [ 113.746812][ C0] softirqs last disabled at (229768): [] local_bh_disable+0x10/0x34 [ 113.749464][ C0] ---[ end trace 66aa56eb2031fbed ]--- [ 113.786912][ T4997] loop0: detected capacity change from 0 to 128 [ 113.831739][ T4997] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 113.834487][ T4997] Bad inode number on dev loop0: 2 is out of range [ 113.842050][ T4997] SysV FS: get root inode failed [ 113.843446][ T4997] oldfs: cannot read superblock [ 113.848248][ C1] ------------[ cut here ]------------ [ 113.849786][ C1] VFS: brelse: Trying to free free buffer [ 113.851345][ C1] WARNING: CPU: 1 PID: 9 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 113.853683][ C1] Modules linked in: [ 113.854776][ C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Tainted: G W 5.15.187-syzkaller #0 [ 113.857506][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.860344][ C1] Workqueue: netns cleanup_net [ 113.861796][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 113.864076][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 113.865570][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 113.866967][ C1] sp : ffff800008017de0 [ 113.868099][ C1] x29: ffff800008017de0 x28: ffff0000c0948000 x27: 1fffe0003421c65b [ 113.870293][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 113.872598][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de35d148 [ 113.874866][ C1] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000010002 [ 113.876982][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 113.879061][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.881261][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a68948eb3b42c000 [ 113.883588][ C1] x8 : a68948eb3b42c000 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.885857][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 113.888076][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 113.890365][ C1] Call trace: [ 113.891284][ C1] invalidate_bh_lru+0x128/0x234 [ 113.892612][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 113.894251][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 113.896053][ C1] ipi_handler+0x10c/0x710 [ 113.897333][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 113.898820][ C1] handle_domain_irq+0x144/0x1fc [ 113.900157][ C1] gic_handle_irq+0x78/0x1c8 [ 113.901694][ C1] call_on_irq_stack+0x24/0x30 [ 113.903031][ C1] do_interrupt_handler+0x6c/0x88 [ 113.904429][ C1] el1_interrupt+0x30/0x58 [ 113.905659][ C1] el1h_64_irq_handler+0x18/0x24 [ 113.906984][ C1] el1h_64_irq+0x78/0x7c [ 113.908249][ C1] __local_bh_enable_ip+0x200/0x380 [ 113.909768][ C1] _raw_spin_unlock_bh+0xec/0x174 [ 113.911174][ C1] batadv_tt_free+0x224/0x778 [ 113.912544][ C1] batadv_mesh_free+0x90/0x13c [ 113.913886][ C1] batadv_softif_free+0x20/0x34 [ 113.915304][ C1] netdev_run_todo+0x7d0/0x9cc [ 113.916634][ C1] rtnl_unlock+0x14/0x20 [ 113.917794][ C1] default_device_exit_batch+0x448/0x4a4 [ 113.919321][ C1] cleanup_net+0x644/0xa98 [ 113.920642][ C1] process_one_work+0x79c/0x1140 [ 113.921976][ C1] worker_thread+0x8f4/0x101c [ 113.923250][ C1] kthread+0x374/0x454 [ 113.924381][ C1] ret_from_fork+0x10/0x20 [ 113.925655][ C1] irq event stamp: 1143814 [ 113.926919][ C1] hardirqs last enabled at (1143813): [] __local_bh_enable_ip+0x1f8/0x380 [ 113.929716][ C1] hardirqs last disabled at (1143814): [] enter_el1_irq_or_nmi+0x10/0x1c [ 113.932551][ C1] softirqs last enabled at (1143812): [] batadv_tt_free+0x224/0x778 [ 113.935190][ C1] softirqs last disabled at (1143810): [] batadv_tt_free+0x120/0x778 [ 113.937817][ C1] ---[ end trace 66aa56eb2031fbee ]--- [ 114.005387][ T4999] loop0: detected capacity change from 0 to 128 [ 114.009424][ T4999] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 114.011396][ T4999] Bad inode number on dev loop0: 2 is out of range [ 114.013817][ T4999] SysV FS: get root inode failed [ 114.015192][ T4999] oldfs: cannot read superblock [ 114.028215][ T4472] ------------[ cut here ]------------ [ 114.029737][ T4472] VFS: brelse: Trying to free free buffer [ 114.031395][ T4472] WARNING: CPU: 0 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 114.033849][ T4472] Modules linked in: [ 114.034895][ T4472] CPU: 0 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 114.037336][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.040218][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 114.042415][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 114.043840][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 114.045264][ T4472] sp : ffff80001f7377c0 [ 114.046435][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 114.048612][ T4472] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 114.050720][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25f970 [ 114.052832][ T4472] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 114.054925][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 114.057026][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 114.059206][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 114.061373][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 114.063510][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 114.065889][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 114.068151][ T4472] Call trace: [ 114.069056][ T4472] invalidate_bh_lru+0x128/0x234 [ 114.070389][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 114.072050][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 114.073437][ T4472] invalidate_bh_lrus+0x34/0x40 [ 114.074748][ T4472] blkdev_flush_mapping+0x168/0x31c [ 114.076136][ T4472] blkdev_put+0x490/0x6ac [ 114.077332][ T4472] blkdev_close+0x74/0xb0 [ 114.078498][ T4472] __fput+0x1c0/0x7f8 [ 114.079555][ T4472] ____fput+0x20/0x30 [ 114.080598][ T4472] task_work_run+0x12c/0x1e0 [ 114.081788][ T4472] do_notify_resume+0x24b4/0x3128 [ 114.083116][ T4472] el0_svc+0xf0/0x1e0 [ 114.084195][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 114.085542][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 114.086747][ T4472] irq event stamp: 219222 [ 114.087902][ T4472] hardirqs last enabled at (219221): [] kasan_quarantine_put+0xc4/0x204 [ 114.090573][ T4472] hardirqs last disabled at (219222): [] smp_call_function_many_cond+0xa44/0xeb0 [ 114.093424][ T4472] softirqs last enabled at (217982): [] local_bh_enable+0x10/0x34 [ 114.096014][ T4472] softirqs last disabled at (217980): [] local_bh_disable+0x10/0x34 [ 114.098618][ T4472] ---[ end trace 66aa56eb2031fbef ]--- [ 114.138159][ T5001] loop0: detected capacity change from 0 to 128 [ 114.145848][ T5001] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 114.147810][ T5001] Bad inode number on dev loop0: 2 is out of range [ 114.149501][ T5001] SysV FS: get root inode failed [ 114.150778][ T5001] oldfs: cannot read superblock [ 114.162864][ C0] ------------[ cut here ]------------ [ 114.164427][ C0] VFS: brelse: Trying to free free buffer [ 114.166032][ C0] WARNING: CPU: 0 PID: 5002 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 114.168435][ C0] Modules linked in: [ 114.169460][ C0] CPU: 0 PID: 5002 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 114.171980][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.174617][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 114.176680][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 114.178106][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 114.179448][ C0] sp : ffff800008007de0 [ 114.180586][ C0] x29: ffff800008007de0 x28: ffff0000ca598000 x27: 1fffe0003421845c [ 114.182710][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 114.184853][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25fd10 [ 114.186949][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 114.189050][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 114.191219][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 114.193424][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 2f2c9c8623015900 [ 114.195602][ C0] x8 : 2f2c9c8623015900 x7 : 0000000000000001 x6 : 0000000000000001 [ 114.197792][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 114.199915][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 114.202050][ C0] Call trace: [ 114.202919][ C0] invalidate_bh_lru+0x128/0x234 [ 114.204290][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 114.205896][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 114.207805][ C0] ipi_handler+0x10c/0x710 [ 114.209010][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 114.210431][ C0] handle_domain_irq+0x144/0x1fc [ 114.211756][ C0] gic_handle_irq+0x78/0x1c8 [ 114.212971][ C0] call_on_irq_stack+0x24/0x30 [ 114.214252][ C0] do_interrupt_handler+0x6c/0x88 [ 114.215661][ C0] el1_interrupt+0x30/0x58 [ 114.216896][ C0] el1h_64_irq_handler+0x18/0x24 [ 114.218234][ C0] el1h_64_irq+0x78/0x7c [ 114.219365][ C0] el0_svc_common+0xa8/0x258 [ 114.220594][ C0] do_el0_svc+0x58/0x14c [ 114.221786][ C0] el0_svc+0x78/0x1e0 [ 114.222890][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 114.224240][ C0] el0t_64_sync+0x1a0/0x1a4 [ 114.225542][ C0] irq event stamp: 626 [ 114.226675][ C0] hardirqs last enabled at (625): [] el0_svc_common+0x9c/0x258 [ 114.229185][ C0] hardirqs last disabled at (626): [] enter_el1_irq_or_nmi+0x10/0x1c [ 114.231801][ C0] softirqs last enabled at (248): [] handle_softirqs+0xa4c/0xbf0 [ 114.234390][ C0] softirqs last disabled at (243): [] __irq_exit_rcu+0x240/0x440 [ 114.236924][ C0] ---[ end trace 66aa56eb2031fbf0 ]--- [ 114.268106][ T5003] loop0: detected capacity change from 0 to 128 [ 114.271577][ T5003] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 114.273758][ T5003] Bad inode number on dev loop0: 2 is out of range [ 114.275731][ T5003] SysV FS: get root inode failed [ 114.277144][ T5003] oldfs: cannot read superblock [ 114.285016][ C1] ------------[ cut here ]------------ [ 114.286490][ C1] VFS: brelse: Trying to free free buffer [ 114.288112][ C1] WARNING: CPU: 1 PID: 4464 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 114.290547][ C1] Modules linked in: [ 114.291610][ C1] CPU: 1 PID: 4464 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 114.294188][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.296951][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 114.299029][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 114.300415][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 114.301889][ C1] sp : ffff800008017de0 [ 114.303036][ C1] x29: ffff800008017de0 x28: ffff0000dbb851c0 x27: 1fffe0003421c65e [ 114.305238][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000003 [ 114.307404][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de06e230 [ 114.309670][ C1] x20: ffff0001a10e32f0 x19: ffff8000113daee0 x18: 0000000000010003 [ 114.311802][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 114.314073][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 114.316277][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : d64f4992810af800 [ 114.318411][ C1] x8 : d64f4992810af800 x7 : 0000000000000001 x6 : 0000000000000001 [ 114.320682][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 114.322898][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 114.325058][ C1] Call trace: [ 114.325969][ C1] invalidate_bh_lru+0x128/0x234 [ 114.327302][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 114.328935][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 114.330835][ C1] ipi_handler+0x10c/0x710 [ 114.332037][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 114.333562][ C1] handle_domain_irq+0x144/0x1fc [ 114.334864][ C1] gic_handle_irq+0x78/0x1c8 [ 114.336130][ C1] call_on_irq_stack+0x24/0x30 [ 114.337433][ C1] do_interrupt_handler+0x6c/0x88 [ 114.338807][ C1] el1_interrupt+0x30/0x58 [ 114.340024][ C1] el1h_64_irq_handler+0x18/0x24 [ 114.341449][ C1] el1h_64_irq+0x78/0x7c [ 114.342631][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 114.344195][ C1] __wake_up_sync_key+0x11c/0x178 [ 114.345584][ C1] pipe_write+0xe20/0x1930 [ 114.346800][ C1] vfs_write+0x7c8/0xa2c [ 114.348001][ C1] ksys_write+0x120/0x210 [ 114.349182][ C1] __arm64_sys_write+0x7c/0x90 [ 114.350522][ C1] invoke_syscall+0x98/0x2b8 [ 114.351772][ C1] el0_svc_common+0x138/0x258 [ 114.353003][ C1] do_el0_svc+0x58/0x14c [ 114.354253][ C1] el0_svc+0x78/0x1e0 [ 114.355354][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 114.356754][ C1] el0t_64_sync+0x1a0/0x1a4 [ 114.358058][ C1] irq event stamp: 608990 [ 114.359240][ C1] hardirqs last enabled at (608989): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 114.362203][ C1] hardirqs last disabled at (608990): [] enter_el1_irq_or_nmi+0x10/0x1c [ 114.364936][ C1] softirqs last enabled at (608980): [] release_sock+0x1d0/0x258 [ 114.367522][ C1] softirqs last disabled at (608978): [] release_sock+0x34/0x258 [ 114.370019][ C1] ---[ end trace 66aa56eb2031fbf1 ]--- [ 114.423583][ T5005] loop0: detected capacity change from 0 to 128 [ 114.427179][ T5005] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 114.429199][ T5005] Bad inode number on dev loop0: 2 is out of range [ 114.430971][ T5005] SysV FS: get root inode failed [ 114.432625][ T5005] oldfs: cannot read superblock [ 114.473705][ C0] ------------[ cut here ]------------ [ 114.475275][ C0] VFS: brelse: Trying to free free buffer [ 114.476925][ C0] WARNING: CPU: 0 PID: 9 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 114.479330][ C0] Modules linked in: [ 114.480312][ C0] CPU: 0 PID: 9 Comm: kworker/u4:0 Tainted: G W 5.15.187-syzkaller #0 [ 114.483048][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.485828][ C0] Workqueue: netns cleanup_net [ 114.487206][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 114.489400][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 114.490824][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 114.492350][ C0] sp : ffff800008007de0 [ 114.493609][ C0] x29: ffff800008007de0 x28: ffff0000c0948000 x27: 1fffe0003421845c [ 114.495803][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 114.498046][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25c148 [ 114.500308][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 114.502583][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 114.504738][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 114.506888][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : a68948eb3b42c000 [ 114.509108][ C0] x8 : a68948eb3b42c000 x7 : 0000000000000001 x6 : 0000000000000001 [ 114.511310][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 114.513429][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 114.515536][ C0] Call trace: [ 114.516444][ C0] invalidate_bh_lru+0x128/0x234 [ 114.517799][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 114.519437][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 114.521311][ C0] ipi_handler+0x10c/0x710 [ 114.522512][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 114.523965][ C0] handle_domain_irq+0x144/0x1fc [ 114.525309][ C0] gic_handle_irq+0x78/0x1c8 [ 114.526544][ C0] call_on_irq_stack+0x24/0x30 [ 114.527795][ C0] do_interrupt_handler+0x6c/0x88 [ 114.529147][ C0] el1_interrupt+0x30/0x58 [ 114.530320][ C0] el1h_64_irq_handler+0x18/0x24 [ 114.531682][ C0] el1h_64_irq+0x78/0x7c [ 114.532884][ C0] arch_local_irq_restore+0x8/0x10 [ 114.534228][ C0] ___might_sleep+0x48/0x4d4 [ 114.535533][ C0] inet_twsk_purge+0x104/0x7ac [ 114.536803][ C0] dccp_v6_exit_batch+0x20/0x2c [ 114.538159][ C0] cleanup_net+0x644/0xa98 [ 114.539330][ C0] process_one_work+0x79c/0x1140 [ 114.540772][ C0] worker_thread+0x8f4/0x101c [ 114.542050][ C0] kthread+0x374/0x454 [ 114.543155][ C0] ret_from_fork+0x10/0x20 [ 114.544371][ C0] irq event stamp: 1151188 [ 114.545583][ C0] hardirqs last enabled at (1151187): [] exit_to_kernel_mode+0xe0/0x168 [ 114.548357][ C0] hardirqs last disabled at (1151188): [] enter_el1_irq_or_nmi+0x10/0x1c [ 114.551049][ C0] softirqs last enabled at (1151186): [] handle_softirqs+0xa4c/0xbf0 [ 114.553729][ C0] softirqs last disabled at (1151177): [] __irq_exit_rcu+0x240/0x440 [ 114.556445][ C0] ---[ end trace 66aa56eb2031fbf2 ]--- [ 114.604338][ T5009] loop0: detected capacity change from 0 to 128 [ 114.618188][ T5009] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 114.620242][ T5009] Bad inode number on dev loop0: 2 is out of range [ 114.621926][ T5009] SysV FS: get root inode failed [ 114.623785][ T5009] oldfs: cannot read superblock [ 114.637551][ C0] ------------[ cut here ]------------ [ 114.639132][ C0] VFS: brelse: Trying to free free buffer [ 114.640896][ C0] WARNING: CPU: 0 PID: 5010 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 114.643625][ C0] Modules linked in: [ 114.644740][ C0] CPU: 0 PID: 5010 Comm: syz.0.69 Tainted: G W 5.15.187-syzkaller #0 [ 114.647427][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.650278][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 114.652418][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 114.653879][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 114.655371][ C0] sp : ffff800008007de0 [ 114.656455][ C0] x29: ffff800008007de0 x28: ffff0000c72c0000 x27: 1fffe0003421845c [ 114.658717][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 114.660983][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25c4e8 [ 114.663260][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 114.665472][ C0] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 114.667681][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 114.669935][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : d7ac78f75f266500 [ 114.672204][ C0] x8 : d7ac78f75f266500 x7 : 0000000000000001 x6 : 0000000000000001 [ 114.674470][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 114.676891][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 114.679126][ C0] Call trace: [ 114.680061][ C0] invalidate_bh_lru+0x128/0x234 [ 114.681429][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 114.683046][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 114.684949][ C0] ipi_handler+0x10c/0x710 [ 114.686133][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 114.687574][ C0] handle_domain_irq+0x144/0x1fc [ 114.688976][ C0] gic_handle_irq+0x78/0x1c8 [ 114.690254][ C0] call_on_irq_stack+0x24/0x30 [ 114.691652][ C0] do_interrupt_handler+0x6c/0x88 [ 114.693047][ C0] el1_interrupt+0x30/0x58 [ 114.694237][ C0] el1h_64_irq_handler+0x18/0x24 [ 114.695729][ C0] el1h_64_irq+0x78/0x7c [ 114.696909][ C0] next_uptodate_page+0x3c4/0x734 [ 114.698349][ C0] filemap_map_pages+0x968/0xc50 [ 114.699687][ C0] handle_mm_fault+0x19c0/0x2950 [ 114.701110][ C0] do_page_fault+0x694/0xad4 [ 114.702375][ C0] do_translation_fault+0xe0/0x130 [ 114.703805][ C0] do_mem_abort+0x6c/0x1ac [ 114.705045][ C0] el0_da+0x90/0x1fc [ 114.706131][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 114.707533][ C0] el0t_64_sync+0x1a0/0x1a4 [ 114.708776][ C0] irq event stamp: 982 [ 114.709924][ C0] hardirqs last enabled at (981): [] lock_page_memcg+0x110/0x234 [ 114.712542][ C0] hardirqs last disabled at (982): [] enter_el1_irq_or_nmi+0x10/0x1c [ 114.715258][ C0] softirqs last enabled at (50): [] local_bh_enable+0x10/0x34 [ 114.717805][ C0] softirqs last disabled at (48): [] local_bh_disable+0x10/0x34 [ 114.720441][ C0] ---[ end trace 66aa56eb2031fbf3 ]--- [ 114.771823][ T5011] loop0: detected capacity change from 0 to 128 [ 114.805245][ T5011] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 114.807127][ T5011] Bad inode number on dev loop0: 2 is out of range [ 114.808849][ T5011] SysV FS: get root inode failed [ 114.810146][ T5011] oldfs: cannot read superblock [ 114.811475][ T5011] ------------[ cut here ]------------ [ 114.812982][ T5011] VFS: brelse: Trying to free free buffer [ 114.814585][ T5011] WARNING: CPU: 0 PID: 5011 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 114.816998][ T5011] Modules linked in: [ 114.818089][ T5011] CPU: 0 PID: 5011 Comm: syz.0.69 Tainted: G W 5.15.187-syzkaller #0 [ 114.820681][ T5011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.823454][ T5011] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 114.825511][ T5011] pc : invalidate_bh_lru+0x128/0x234 [ 114.826880][ T5011] lr : invalidate_bh_lru+0x128/0x234 [ 114.828259][ T5011] sp : ffff80001fc676e0 [ 114.829364][ T5011] x29: ffff80001fc676e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 114.831512][ T5011] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 114.833738][ T5011] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25c888 [ 114.835867][ T5011] x20: ffff0001a10c22d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 114.838034][ T5011] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 114.840287][ T5011] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 114.842487][ T5011] x11: 0000000000000002 x10: 0000000000000000 x9 : 1fb3a65fcf32f300 [ 114.844691][ T5011] x8 : 1fb3a65fcf32f300 x7 : 0000000000000001 x6 : 0000000000000001 [ 114.846921][ T5011] x5 : ffff80001fc66fd8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 114.849145][ T5011] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 114.851312][ T5011] Call trace: [ 114.852219][ T5011] invalidate_bh_lru+0x128/0x234 [ 114.853512][ T5011] smp_call_function_many_cond+0xa50/0xeb0 [ 114.855095][ T5011] on_each_cpu_cond_mask+0x5c/0xc4 [ 114.856438][ T5011] invalidate_bh_lrus+0x34/0x40 [ 114.857776][ T5011] blkdev_flush_mapping+0x168/0x31c [ 114.859136][ T5011] blkdev_put+0x490/0x6ac [ 114.860273][ T5011] kill_block_super+0x98/0xdc [ 114.861523][ T5011] deactivate_locked_super+0xb8/0x13c [ 114.863025][ T5011] mount_bdev+0x284/0x358 [ 114.864239][ T5011] sysv_mount+0x44/0x58 [ 114.865436][ T5011] legacy_get_tree+0xd4/0x16c [ 114.866678][ T5011] vfs_get_tree+0x90/0x274 [ 114.867897][ T5011] do_new_mount+0x228/0x810 [ 114.869130][ T5011] path_mount+0x5b4/0x1000 [ 114.870358][ T5011] __arm64_sys_mount+0x514/0x5e4 [ 114.871674][ T5011] invoke_syscall+0x98/0x2b8 [ 114.872956][ T5011] el0_svc_common+0x138/0x258 [ 114.874234][ T5011] do_el0_svc+0x58/0x14c [ 114.875441][ T5011] el0_svc+0x78/0x1e0 [ 114.876506][ T5011] el0t_64_sync_handler+0xcc/0xe4 [ 114.877874][ T5011] el0t_64_sync+0x1a0/0x1a4 [ 114.879166][ T5011] irq event stamp: 988 [ 114.880224][ T5011] hardirqs last enabled at (987): [] kasan_quarantine_put+0xc4/0x204 [ 114.882976][ T5011] hardirqs last disabled at (988): [] smp_call_function_many_cond+0xa44/0xeb0 [ 114.885811][ T5011] softirqs last enabled at (802): [] local_bh_enable+0x10/0x34 [ 114.888395][ T5011] softirqs last disabled at (800): [] local_bh_disable+0x10/0x34 [ 114.890931][ T5011] ---[ end trace 66aa56eb2031fbf4 ]--- [ 115.019135][ T5013] loop0: detected capacity change from 0 to 128 [ 115.086777][ T5013] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 115.088663][ T5013] Bad inode number on dev loop0: 2 is out of range [ 115.090392][ T5013] SysV FS: get root inode failed [ 115.091714][ T5013] oldfs: cannot read superblock [ 115.107408][ C1] ------------[ cut here ]------------ [ 115.108912][ C1] VFS: brelse: Trying to free free buffer [ 115.110621][ C1] WARNING: CPU: 1 PID: 9 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 115.112892][ C1] Modules linked in: [ 115.113924][ C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Tainted: G W 5.15.187-syzkaller #0 [ 115.116529][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.119355][ C1] Workqueue: netns cleanup_net [ 115.120695][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.122838][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 115.124424][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 115.125870][ C1] sp : ffff800008017de0 [ 115.126993][ C1] x29: ffff800008017de0 x28: ffff0000c0948000 x27: 1fffe0003421c65b [ 115.129239][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 115.131509][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de06eee0 [ 115.133794][ C1] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000010002 [ 115.135997][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 115.138269][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 115.140561][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a68948eb3b42c000 [ 115.142759][ C1] x8 : a68948eb3b42c000 x7 : 0000000000000001 x6 : 0000000000000001 [ 115.144939][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 115.147277][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 115.149612][ C1] Call trace: [ 115.150541][ C1] invalidate_bh_lru+0x128/0x234 [ 115.151886][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 115.153571][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 115.155480][ C1] ipi_handler+0x10c/0x710 [ 115.156741][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 115.158303][ C1] handle_domain_irq+0x144/0x1fc [ 115.159665][ C1] gic_handle_irq+0x78/0x1c8 [ 115.160948][ C1] call_on_irq_stack+0x24/0x30 [ 115.162311][ C1] do_interrupt_handler+0x6c/0x88 [ 115.163805][ C1] el1_interrupt+0x30/0x58 [ 115.165065][ C1] el1h_64_irq_handler+0x18/0x24 [ 115.166454][ C1] el1h_64_irq+0x78/0x7c [ 115.167611][ C1] arch_local_irq_save+0x18/0x38 [ 115.169012][ C1] ___might_sleep+0x98/0x4d4 [ 115.170323][ C1] inet_twsk_purge+0x104/0x7ac [ 115.171655][ C1] dccp_v4_exit_batch+0x20/0x2c [ 115.173038][ C1] cleanup_net+0x644/0xa98 [ 115.174290][ C1] process_one_work+0x79c/0x1140 [ 115.175678][ C1] worker_thread+0x8f4/0x101c [ 115.177021][ C1] kthread+0x374/0x454 [ 115.178180][ C1] ret_from_fork+0x10/0x20 [ 115.179470][ C1] irq event stamp: 1153352 [ 115.180713][ C1] hardirqs last enabled at (1153351): [] exit_to_kernel_mode+0xe0/0x168 [ 115.183592][ C1] hardirqs last disabled at (1153352): [] enter_el1_irq_or_nmi+0x10/0x1c [ 115.186388][ C1] softirqs last enabled at (1153350): [] handle_softirqs+0xa4c/0xbf0 [ 115.189175][ C1] softirqs last disabled at (1153335): [] __irq_exit_rcu+0x240/0x440 [ 115.191894][ C1] ---[ end trace 66aa56eb2031fbf5 ]--- [ 115.272709][ T5015] loop0: detected capacity change from 0 to 128 [ 115.323955][ T5015] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 115.326947][ T5015] Bad inode number on dev loop0: 2 is out of range [ 115.329771][ T5015] SysV FS: get root inode failed [ 115.331127][ T5015] oldfs: cannot read superblock [ 115.356188][ C1] ------------[ cut here ]------------ [ 115.357829][ C1] VFS: brelse: Trying to free free buffer [ 115.359659][ C1] WARNING: CPU: 1 PID: 5016 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 115.362263][ C1] Modules linked in: [ 115.363443][ C1] CPU: 1 PID: 5016 Comm: syz.0.72 Tainted: G W 5.15.187-syzkaller #0 [ 115.366137][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.369095][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.371425][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 115.372990][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 115.374547][ C1] sp : ffff800008017de0 [ 115.375780][ C1] x29: ffff800008017de0 x28: ffff0000c8721b40 x27: 1fffe0003421c65c [ 115.378086][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 115.380465][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de06a318 [ 115.382788][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 115.385122][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 115.387506][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 115.389864][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 9ff4939ec1093800 [ 115.392203][ C1] x8 : 9ff4939ec1093800 x7 : 0000000000000001 x6 : 0000000000000001 [ 115.394559][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 115.396927][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 115.399265][ C1] Call trace: [ 115.400240][ C1] invalidate_bh_lru+0x128/0x234 [ 115.401676][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 115.403434][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 115.405481][ C1] ipi_handler+0x10c/0x710 [ 115.406809][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 115.408394][ C1] handle_domain_irq+0x144/0x1fc [ 115.409821][ C1] gic_handle_irq+0x78/0x1c8 [ 115.411153][ C1] call_on_irq_stack+0x24/0x30 [ 115.412598][ C1] do_interrupt_handler+0x6c/0x88 [ 115.414073][ C1] el1_interrupt+0x30/0x58 [ 115.415289][ C1] el1h_64_irq_handler+0x18/0x24 [ 115.416785][ C1] el1h_64_irq+0x78/0x7c [ 115.418096][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 115.419779][ C1] wake_up_new_task+0x4b8/0x818 [ 115.421214][ C1] kernel_clone+0x46c/0x9d4 [ 115.422512][ C1] __arm64_sys_clone+0x138/0x190 [ 115.423899][ C1] invoke_syscall+0x98/0x2b8 [ 115.425244][ C1] el0_svc_common+0x138/0x258 [ 115.426580][ C1] do_el0_svc+0x58/0x14c [ 115.427877][ C1] el0_svc+0x78/0x1e0 [ 115.429044][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 115.430547][ C1] el0t_64_sync+0x1a0/0x1a4 [ 115.431851][ C1] irq event stamp: 1446 [ 115.433140][ C1] hardirqs last enabled at (1445): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 115.436264][ C1] hardirqs last disabled at (1446): [] enter_el1_irq_or_nmi+0x10/0x1c [ 115.439159][ C1] softirqs last enabled at (1388): [] local_bh_enable+0x10/0x34 [ 115.441924][ C1] softirqs last disabled at (1386): [] local_bh_disable+0x10/0x34 [ 115.444689][ C1] ---[ end trace 66aa56eb2031fbf6 ]--- [ 115.488394][ T5017] loop0: detected capacity change from 0 to 128 [ 115.526118][ T5017] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 115.528327][ T5017] Bad inode number on dev loop0: 2 is out of range [ 115.530214][ T5017] SysV FS: get root inode failed [ 115.531660][ T5017] oldfs: cannot read superblock [ 115.551863][ C1] ------------[ cut here ]------------ [ 115.553469][ C1] VFS: brelse: Trying to free free buffer [ 115.555274][ C1] WARNING: CPU: 1 PID: 5019 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 115.557849][ C1] Modules linked in: [ 115.558897][ C1] CPU: 1 PID: 5019 Comm: syz.0.73 Tainted: G W 5.15.187-syzkaller #0 [ 115.561706][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.564632][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.567039][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 115.568540][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 115.570070][ C1] sp : ffff800008017de0 [ 115.571246][ C1] x29: ffff800008017de0 x28: ffff0000c2280000 x27: 1fffe0003421c65c [ 115.573582][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 115.575952][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de06a6b8 [ 115.578342][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 115.580781][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 115.583085][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 115.585443][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 41670ddddb2bcd00 [ 115.587879][ C1] x8 : 41670ddddb2bcd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 115.590441][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 115.592712][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 115.595052][ C1] Call trace: [ 115.596005][ C1] invalidate_bh_lru+0x128/0x234 [ 115.597506][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 115.599242][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 115.601322][ C1] ipi_handler+0x10c/0x710 [ 115.602582][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 115.604214][ C1] handle_domain_irq+0x144/0x1fc [ 115.605689][ C1] gic_handle_irq+0x78/0x1c8 [ 115.607047][ C1] call_on_irq_stack+0x24/0x30 [ 115.608402][ C1] do_interrupt_handler+0x6c/0x88 [ 115.609948][ C1] el1_interrupt+0x30/0x58 [ 115.611394][ C1] el1h_64_irq_handler+0x18/0x24 [ 115.612892][ C1] el1h_64_irq+0x78/0x7c [ 115.614159][ C1] seqcount_lockdep_reader_access+0x15c/0x230 [ 115.616105][ C1] bad_range+0xa0/0x2a0 [ 115.617393][ C1] get_page_from_freelist+0x2954/0x2aa8 [ 115.619086][ C1] __alloc_pages+0x1a0/0x470 [ 115.620547][ C1] alloc_pages+0x34c/0x5c0 [ 115.621928][ C1] pte_alloc_one+0x2c/0x258 [ 115.623241][ C1] __pte_alloc+0x34/0x21c [ 115.624522][ C1] handle_mm_fault+0x2388/0x2950 [ 115.625986][ C1] do_page_fault+0x694/0xad4 [ 115.627358][ C1] do_translation_fault+0xe0/0x130 [ 115.628850][ C1] do_mem_abort+0x6c/0x1ac [ 115.630156][ C1] el0_da+0x90/0x1fc [ 115.631330][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 115.632763][ C1] el0t_64_sync+0x1a0/0x1a4 [ 115.634062][ C1] irq event stamp: 82 [ 115.635201][ C1] hardirqs last enabled at (81): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 115.638412][ C1] hardirqs last disabled at (82): [] enter_el1_irq_or_nmi+0x10/0x1c [ 115.641273][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 115.643891][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 115.646574][ C1] ---[ end trace 66aa56eb2031fbf7 ]--- [ 115.707757][ T5019] loop0: detected capacity change from 0 to 128 [ 115.744942][ T5019] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 115.753444][ T5019] Bad inode number on dev loop0: 2 is out of range [ 115.755473][ T5019] SysV FS: get root inode failed [ 115.756883][ T5019] oldfs: cannot read superblock [ 115.773383][ C1] ------------[ cut here ]------------ [ 115.774903][ C1] VFS: brelse: Trying to free free buffer [ 115.776665][ C1] WARNING: CPU: 1 PID: 4579 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 115.779149][ C1] Modules linked in: [ 115.780322][ C1] CPU: 1 PID: 4579 Comm: kworker/1:6 Tainted: G W 5.15.187-syzkaller #0 [ 115.783108][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.786089][ C1] Workqueue: rcu_gp process_srcu [ 115.787615][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.789944][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 115.791492][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 115.793016][ C1] sp : ffff800008017de0 [ 115.794254][ C1] x29: ffff800008017de0 x28: ffff0000c6a2d1c0 x27: 1fffe0003421c65c [ 115.796643][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 115.799047][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de06aa58 [ 115.801407][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 115.803712][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 115.806070][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 115.808418][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : a6261b9495d09700 [ 115.810743][ C1] x8 : a6261b9495d09700 x7 : 0000000000000001 x6 : 0000000000000001 [ 115.813041][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 115.815381][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 115.817679][ C1] Call trace: [ 115.818613][ C1] invalidate_bh_lru+0x128/0x234 [ 115.820068][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 115.821804][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 115.823683][ C1] ipi_handler+0x10c/0x710 [ 115.824885][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 115.826460][ C1] handle_domain_irq+0x144/0x1fc [ 115.827849][ C1] gic_handle_irq+0x78/0x1c8 [ 115.829136][ C1] call_on_irq_stack+0x24/0x30 [ 115.830510][ C1] do_interrupt_handler+0x6c/0x88 [ 115.831959][ C1] el1_interrupt+0x30/0x58 [ 115.833207][ C1] el1h_64_irq_handler+0x18/0x24 [ 115.834583][ C1] el1h_64_irq+0x78/0x7c [ 115.835750][ C1] _raw_spin_unlock_irq+0xa0/0x128 [ 115.837220][ C1] process_one_work+0x678/0x1140 [ 115.838614][ C1] worker_thread+0x8f4/0x101c [ 115.839922][ C1] kthread+0x374/0x454 [ 115.841032][ C1] ret_from_fork+0x10/0x20 [ 115.842279][ C1] irq event stamp: 21820 [ 115.843479][ C1] hardirqs last enabled at (21819): [] _raw_spin_unlock_irq+0x98/0x128 [ 115.846265][ C1] hardirqs last disabled at (21820): [] enter_el1_irq_or_nmi+0x10/0x1c [ 115.849043][ C1] softirqs last enabled at (21810): [] local_bh_enable+0xc/0x2c [ 115.851600][ C1] softirqs last disabled at (21806): [] local_bh_disable+0xc/0x2c [ 115.854244][ C1] ---[ end trace 66aa56eb2031fbf8 ]--- [ 115.902920][ T5021] loop0: detected capacity change from 0 to 128 [ 115.909610][ T5021] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 115.911655][ T5021] Bad inode number on dev loop0: 2 is out of range [ 115.913518][ T5021] SysV FS: get root inode failed [ 115.914836][ T5021] oldfs: cannot read superblock [ 115.931046][ C0] ------------[ cut here ]------------ [ 115.932629][ C0] VFS: brelse: Trying to free free buffer [ 115.934273][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 115.936713][ C0] Modules linked in: [ 115.937821][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 115.940499][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.943242][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 115.945482][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 115.946963][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 115.948486][ C0] sp : ffff800008007de0 [ 115.949595][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 115.951830][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 115.954031][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de25cc28 [ 115.956240][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 115.958440][ C0] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 115.960691][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 115.963029][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 115.965346][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 115.967627][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 115.969875][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 115.972123][ C0] Call trace: [ 115.973071][ C0] invalidate_bh_lru+0x128/0x234 [ 115.974544][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 115.976222][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 115.978175][ C0] ipi_handler+0x10c/0x710 [ 115.979446][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 115.980967][ C0] handle_domain_irq+0x144/0x1fc [ 115.982372][ C0] gic_handle_irq+0x78/0x1c8 [ 115.983640][ C0] call_on_irq_stack+0x24/0x30 [ 115.984952][ C0] do_interrupt_handler+0x6c/0x88 [ 115.986408][ C0] el1_interrupt+0x30/0x58 [ 115.987673][ C0] el1h_64_irq_handler+0x18/0x24 [ 115.989074][ C0] el1h_64_irq+0x78/0x7c [ 115.990224][ C0] free_unref_page+0x158/0x1fc [ 115.991584][ C0] __free_pages+0x180/0x1d4 [ 115.992862][ C0] __free_slab+0x178/0x398 [ 115.994029][ C0] discard_slab+0x64/0xe0 [ 115.995251][ C0] __slab_free+0x1c4/0x254 [ 115.996540][ C0] ___cache_free+0x178/0x1bc [ 115.997849][ C0] qlink_free+0x5c/0xa4 [ 115.999032][ C0] qlist_free_all+0x40/0xa8 [ 116.000283][ C0] kasan_quarantine_reduce+0x124/0x130 [ 116.001840][ C0] __kasan_slab_alloc+0x34/0xcc [ 116.003177][ C0] slab_post_alloc_hook+0x74/0x408 [ 116.004565][ C0] kmem_cache_alloc+0x1e0/0x3e4 [ 116.005941][ C0] anon_vma_fork+0xdc/0x49c [ 116.007261][ C0] copy_mm+0x7bc/0x1084 [ 116.008419][ C0] copy_process+0x14d8/0x34ac [ 116.009711][ C0] kernel_clone+0x1d8/0x9d4 [ 116.011024][ C0] __arm64_sys_clone+0x138/0x190 [ 116.012421][ C0] invoke_syscall+0x98/0x2b8 [ 116.013706][ C0] el0_svc_common+0x138/0x258 [ 116.014941][ C0] do_el0_svc+0x58/0x14c [ 116.016115][ C0] el0_svc+0x78/0x1e0 [ 116.017243][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 116.018567][ C0] el0t_64_sync+0x1a0/0x1a4 [ 116.019786][ C0] irq event stamp: 260432 [ 116.020977][ C0] hardirqs last enabled at (260431): [] free_unref_page+0x148/0x1fc [ 116.023755][ C0] hardirqs last disabled at (260432): [] enter_el1_irq_or_nmi+0x10/0x1c [ 116.026688][ C0] softirqs last enabled at (260188): [] local_bh_enable+0x10/0x34 [ 116.029481][ C0] softirqs last disabled at (260186): [] local_bh_disable+0x10/0x34 [ 116.032256][ C0] ---[ end trace 66aa56eb2031fbf9 ]--- [ 116.086256][ T5023] loop0: detected capacity change from 0 to 128 [ 116.090554][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 116.092772][ T5023] Bad inode number on dev loop0: 2 is out of range [ 116.094615][ T5023] SysV FS: get root inode failed [ 116.095938][ T5023] oldfs: cannot read superblock [ 116.109497][ T4472] ------------[ cut here ]------------ [ 116.111110][ T4472] VFS: brelse: Trying to free free buffer [ 116.112914][ T4472] WARNING: CPU: 1 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 116.115493][ T4472] Modules linked in: [ 116.116632][ T4472] CPU: 1 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 116.119308][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.122261][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 116.124523][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 116.126094][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 116.127632][ T4472] sp : ffff80001f7377c0 [ 116.128791][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 116.131123][ T4472] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 116.133544][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de06adf8 [ 116.135949][ T4472] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 116.138368][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 116.140685][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 116.143145][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 116.145613][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 116.147956][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 116.150385][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 116.152777][ T4472] Call trace: [ 116.153736][ T4472] invalidate_bh_lru+0x128/0x234 [ 116.155205][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 116.156923][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 116.158465][ T4472] invalidate_bh_lrus+0x34/0x40 [ 116.159939][ T4472] blkdev_flush_mapping+0x168/0x31c [ 116.161452][ T4472] blkdev_put+0x490/0x6ac [ 116.162718][ T4472] blkdev_close+0x74/0xb0 [ 116.163994][ T4472] __fput+0x1c0/0x7f8 [ 116.165208][ T4472] ____fput+0x20/0x30 [ 116.166345][ T4472] task_work_run+0x12c/0x1e0 [ 116.167727][ T4472] do_notify_resume+0x24b4/0x3128 [ 116.169200][ T4472] el0_svc+0xf0/0x1e0 [ 116.170370][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 116.171886][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 116.173202][ T4472] irq event stamp: 259222 [ 116.174446][ T4472] hardirqs last enabled at (259221): [] kasan_quarantine_put+0xc4/0x204 [ 116.177383][ T4472] hardirqs last disabled at (259222): [] smp_call_function_many_cond+0xa44/0xeb0 [ 116.180491][ T4472] softirqs last enabled at (257286): [] local_bh_enable+0x10/0x34 [ 116.183547][ T4472] softirqs last disabled at (257284): [] local_bh_disable+0x10/0x34 [ 116.186397][ T4472] ---[ end trace 66aa56eb2031fbfa ]--- [ 116.235834][ T5025] loop0: detected capacity change from 0 to 128 [ 116.239387][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 116.241402][ T5025] Bad inode number on dev loop0: 2 is out of range [ 116.244965][ T5025] SysV FS: get root inode failed [ 116.246322][ T5025] oldfs: cannot read superblock [ 116.262844][ T4472] ------------[ cut here ]------------ [ 116.264333][ T4472] VFS: brelse: Trying to free free buffer [ 116.266039][ T4472] WARNING: CPU: 1 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 116.268663][ T4472] Modules linked in: [ 116.269785][ T4472] CPU: 1 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 116.272546][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.275505][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 116.277797][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 116.279281][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 116.280739][ T4472] sp : ffff80001f7377c0 [ 116.281906][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 116.284277][ T4472] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 116.286647][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c56cf230 [ 116.288983][ T4472] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 116.291336][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 116.293641][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 116.295895][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 116.298216][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 116.300525][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 116.302855][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 116.305068][ T4472] Call trace: [ 116.306008][ T4472] invalidate_bh_lru+0x128/0x234 [ 116.307422][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 116.309148][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 116.310610][ T4472] invalidate_bh_lrus+0x34/0x40 [ 116.312007][ T4472] blkdev_flush_mapping+0x168/0x31c [ 116.313530][ T4472] blkdev_put+0x490/0x6ac [ 116.314827][ T4472] blkdev_close+0x74/0xb0 [ 116.316101][ T4472] __fput+0x1c0/0x7f8 [ 116.317229][ T4472] ____fput+0x20/0x30 [ 116.318376][ T4472] task_work_run+0x12c/0x1e0 [ 116.319726][ T4472] do_notify_resume+0x24b4/0x3128 [ 116.321201][ T4472] el0_svc+0xf0/0x1e0 [ 116.322370][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 116.323823][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 116.325117][ T4472] irq event stamp: 263780 [ 116.326364][ T4472] hardirqs last enabled at (263779): [] kasan_quarantine_put+0xc4/0x204 [ 116.329213][ T4472] hardirqs last disabled at (263780): [] smp_call_function_many_cond+0xa44/0xeb0 [ 116.332427][ T4472] softirqs last enabled at (263572): [] local_bh_enable+0x10/0x34 [ 116.335131][ T4472] softirqs last disabled at (263570): [] local_bh_disable+0x10/0x34 [ 116.337798][ T4472] ---[ end trace 66aa56eb2031fbfb ]--- [ 116.383631][ T5027] loop0: detected capacity change from 0 to 128 [ 116.404048][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 116.406051][ T5027] Bad inode number on dev loop0: 2 is out of range [ 116.407874][ T5027] SysV FS: get root inode failed [ 116.409216][ T5027] oldfs: cannot read superblock [ 116.433902][ C1] ------------[ cut here ]------------ [ 116.435464][ C1] VFS: brelse: Trying to free free buffer [ 116.437034][ C1] WARNING: CPU: 1 PID: 5029 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 116.439472][ C1] Modules linked in: [ 116.440513][ C1] CPU: 1 PID: 5029 Comm: syz.0.78 Tainted: G W 5.15.187-syzkaller #0 [ 116.443232][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.445977][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 116.448167][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 116.449784][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 116.451261][ C1] sp : ffff800008017de0 [ 116.452413][ C1] x29: ffff800008017de0 x28: ffff0000d312d1c0 x27: 1fffe0003421c65c [ 116.454600][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 116.456819][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c56cf5d0 [ 116.459008][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 116.461271][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 116.463627][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 116.465773][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a726bd3b4f02ee00 [ 116.467935][ C1] x8 : a726bd3b4f02ee00 x7 : 0000000000000001 x6 : 0000000000000001 [ 116.470232][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 116.472467][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 116.474631][ C1] Call trace: [ 116.475556][ C1] invalidate_bh_lru+0x128/0x234 [ 116.476944][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 116.478659][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 116.480689][ C1] ipi_handler+0x10c/0x710 [ 116.481903][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 116.483437][ C1] handle_domain_irq+0x144/0x1fc [ 116.484833][ C1] gic_handle_irq+0x78/0x1c8 [ 116.486061][ C1] call_on_irq_stack+0x24/0x30 [ 116.487357][ C1] do_interrupt_handler+0x6c/0x88 [ 116.488720][ C1] el0_interrupt+0x94/0x260 [ 116.489940][ C1] __el0_irq_handler_common+0x18/0x24 [ 116.491334][ C1] el0t_64_irq_handler+0x10/0x1c [ 116.492727][ C1] el0t_64_irq+0x1a0/0x1a4 [ 116.493925][ C1] irq event stamp: 70 [ 116.495012][ C1] hardirqs last enabled at (69): [] el0t_64_sync_handler+0xcc/0xe4 [ 116.497674][ C1] hardirqs last disabled at (70): [] __el0_irq_handler_common+0x18/0x24 [ 116.500446][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 116.503018][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 116.505436][ C1] ---[ end trace 66aa56eb2031fbfc ]--- [ 116.565387][ T5029] loop0: detected capacity change from 0 to 128 [ 116.570863][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 116.581152][ T5029] Bad inode number on dev loop0: 2 is out of range [ 116.583195][ T5029] SysV FS: get root inode failed [ 116.584549][ T5029] oldfs: cannot read superblock [ 116.589085][ C1] ------------[ cut here ]------------ [ 116.590558][ C1] VFS: brelse: Trying to free free buffer [ 116.592125][ C1] WARNING: CPU: 1 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 116.594641][ C1] Modules linked in: [ 116.595727][ C1] CPU: 1 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 116.598378][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.601112][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 116.603256][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 116.604713][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 116.606144][ C1] sp : ffff800008017de0 [ 116.607242][ C1] x29: ffff800008017de0 x28: ffff0000d424d1c0 x27: 1fffe0003421c65c [ 116.609504][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 116.611761][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c56cf970 [ 116.614010][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 116.616089][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 116.618306][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 116.620528][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 116.622645][ C1] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 116.624820][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 116.627007][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 116.629209][ C1] Call trace: [ 116.630084][ C1] invalidate_bh_lru+0x128/0x234 [ 116.631390][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 116.632945][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 116.634815][ C1] ipi_handler+0x10c/0x710 [ 116.636001][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 116.637547][ C1] handle_domain_irq+0x144/0x1fc [ 116.638904][ C1] gic_handle_irq+0x78/0x1c8 [ 116.640222][ C1] call_on_irq_stack+0x24/0x30 [ 116.641517][ C1] do_interrupt_handler+0x6c/0x88 [ 116.642930][ C1] el1_interrupt+0x30/0x58 [ 116.644107][ C1] el1h_64_irq_handler+0x18/0x24 [ 116.645462][ C1] el1h_64_irq+0x78/0x7c [ 116.646574][ C1] call_rcu+0x580/0x8fc [ 116.647767][ C1] security_inode_free+0xbc/0xd8 [ 116.649062][ C1] __destroy_inode+0x2f0/0x80c [ 116.650411][ C1] evict+0x6b0/0x810 [ 116.651545][ C1] iput+0x6c4/0x77c [ 116.652609][ C1] proc_invalidate_siblings_dcache+0x420/0x66c [ 116.654343][ C1] proc_flush_pid+0x24/0x34 [ 116.655678][ C1] release_task+0x14a4/0x16a0 [ 116.656944][ C1] wait_consider_task+0x1508/0x27cc [ 116.658408][ C1] do_wait+0x2f8/0xa98 [ 116.659518][ C1] kernel_wait4+0x1d0/0x318 [ 116.660707][ C1] __arm64_sys_wait4+0x120/0x2d0 [ 116.662117][ C1] invoke_syscall+0x98/0x2b8 [ 116.663358][ C1] el0_svc_common+0x138/0x258 [ 116.664662][ C1] do_el0_svc+0x58/0x14c [ 116.665871][ C1] el0_svc+0x78/0x1e0 [ 116.666958][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 116.668362][ C1] el0t_64_sync+0x1a0/0x1a4 [ 116.669626][ C1] irq event stamp: 268136 [ 116.670819][ C1] hardirqs last enabled at (268135): [] call_rcu+0x570/0x8fc [ 116.673394][ C1] hardirqs last disabled at (268136): [] enter_el1_irq_or_nmi+0x10/0x1c [ 116.676086][ C1] softirqs last enabled at (268096): [] local_bh_enable+0x10/0x34 [ 116.678721][ C1] softirqs last disabled at (268094): [] local_bh_disable+0x10/0x34 [ 116.681328][ C1] ---[ end trace 66aa56eb2031fbfd ]--- [ 116.725915][ T5031] loop0: detected capacity change from 0 to 128 [ 116.763575][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 116.765623][ T5031] Bad inode number on dev loop0: 2 is out of range [ 116.767392][ T5031] SysV FS: get root inode failed [ 116.768758][ T5031] oldfs: cannot read superblock [ 116.785789][ C1] ------------[ cut here ]------------ [ 116.787315][ C1] VFS: brelse: Trying to free free buffer [ 116.788937][ C1] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 116.791363][ C1] Modules linked in: [ 116.792429][ C1] CPU: 1 PID: 5032 Comm: syz.0.80 Tainted: G W 5.15.187-syzkaller #0 [ 116.795008][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.797824][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 116.799869][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 116.801321][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 116.802851][ C1] sp : ffff800008017de0 [ 116.803920][ C1] x29: ffff800008017de0 x28: ffff0000d07bd1c0 x27: 1fffe0003421c65c [ 116.806099][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 116.808249][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c56cfd10 [ 116.810420][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 116.812678][ C1] x17: 0000000000010002 x16: ffff8000111d162c x15: 00000000ffffffff [ 116.814817][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 116.816977][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a9ef58eb4f69bc00 [ 116.819161][ C1] x8 : a9ef58eb4f69bc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 116.821388][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 116.823595][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 116.825836][ C1] Call trace: [ 116.826731][ C1] invalidate_bh_lru+0x128/0x234 [ 116.828077][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 116.829840][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 116.831788][ C1] ipi_handler+0x10c/0x710 [ 116.833009][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 116.834608][ C1] handle_domain_irq+0x144/0x1fc [ 116.836018][ C1] gic_handle_irq+0x78/0x1c8 [ 116.837292][ C1] call_on_irq_stack+0x24/0x30 [ 116.838724][ C1] do_interrupt_handler+0x6c/0x88 [ 116.840064][ C1] el1_interrupt+0x30/0x58 [ 116.841258][ C1] el1h_64_irq_handler+0x18/0x24 [ 116.842588][ C1] el1h_64_irq+0x78/0x7c [ 116.843728][ C1] account_kernel_stack+0x150/0x274 [ 116.845156][ C1] dup_task_struct+0x768/0xc44 [ 116.846433][ C1] copy_process+0x4c8/0x34ac [ 116.847748][ C1] kernel_clone+0x1d8/0x9d4 [ 116.849002][ C1] __arm64_sys_clone+0x138/0x190 [ 116.850394][ C1] invoke_syscall+0x98/0x2b8 [ 116.851688][ C1] el0_svc_common+0x138/0x258 [ 116.853122][ C1] do_el0_svc+0x58/0x14c [ 116.854272][ C1] el0_svc+0x78/0x1e0 [ 116.855402][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 116.856847][ C1] el0t_64_sync+0x1a0/0x1a4 [ 116.858139][ C1] irq event stamp: 1420 [ 116.859251][ C1] hardirqs last enabled at (1419): [] account_kernel_stack+0x130/0x274 [ 116.861941][ C1] hardirqs last disabled at (1420): [] enter_el1_irq_or_nmi+0x10/0x1c [ 116.864603][ C1] softirqs last enabled at (1410): [] local_bh_enable+0x10/0x34 [ 116.867184][ C1] softirqs last disabled at (1408): [] local_bh_disable+0x10/0x34 [ 116.869872][ C1] ---[ end trace 66aa56eb2031fbfe ]--- [ 116.902808][ T5033] loop0: detected capacity change from 0 to 128 [ 116.909295][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 116.911380][ T5033] Bad inode number on dev loop0: 2 is out of range [ 116.914808][ T5033] SysV FS: get root inode failed [ 116.916358][ T5033] oldfs: cannot read superblock [ 116.925742][ C0] ------------[ cut here ]------------ [ 116.927253][ C0] VFS: brelse: Trying to free free buffer [ 116.928885][ C0] WARNING: CPU: 0 PID: 4692 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 116.931221][ C0] Modules linked in: [ 116.932275][ C0] CPU: 0 PID: 4692 Comm: syz-executor Tainted: G W 5.15.187-syzkaller #0 [ 116.934997][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.937795][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 116.939955][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 116.941403][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 116.942867][ C0] sp : ffff800008007de0 [ 116.943983][ C0] x29: ffff800008007de0 x28: ffff0000d424d1c0 x27: 1fffe0003421845c [ 116.946169][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 116.948387][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e74d44e8 [ 116.950560][ C0] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000010002 [ 116.952734][ C0] x17: 0000000000010002 x16: ffff8000083020fc x15: 00000000ffffffff [ 116.954869][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 116.956999][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 76fb6547b08c6800 [ 116.959225][ C0] x8 : 76fb6547b08c6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 116.961418][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f400 x3 : ffff80000830220c [ 116.963612][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 116.965774][ C0] Call trace: [ 116.966653][ C0] invalidate_bh_lru+0x128/0x234 [ 116.967975][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 116.969604][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 116.971506][ C0] ipi_handler+0x10c/0x710 [ 116.972831][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 116.974379][ C0] handle_domain_irq+0x144/0x1fc [ 116.975795][ C0] gic_handle_irq+0x78/0x1c8 [ 116.977086][ C0] call_on_irq_stack+0x24/0x30 [ 116.978474][ C0] do_interrupt_handler+0x6c/0x88 [ 116.979825][ C0] el1_interrupt+0x30/0x58 [ 116.981020][ C0] el1h_64_irq_handler+0x18/0x24 [ 116.982378][ C0] el1h_64_irq+0x78/0x7c [ 116.983700][ C0] __sanitizer_cov_trace_pc+0xa0/0xac [ 116.985148][ C0] ip_getsockopt+0x1024/0x158c [ 116.986451][ C0] tcp_getsockopt+0x214/0x2e74 [ 116.987842][ C0] sock_common_getsockopt+0xa8/0xc4 [ 116.989238][ C0] __sys_getsockopt+0x1e0/0x45c [ 116.990592][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 116.991988][ C0] invoke_syscall+0x98/0x2b8 [ 116.993308][ C0] el0_svc_common+0x138/0x258 [ 116.994700][ C0] do_el0_svc+0x58/0x14c [ 116.995850][ C0] el0_svc+0x78/0x1e0 [ 116.996963][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 116.998347][ C0] el0t_64_sync+0x1a0/0x1a4 [ 116.999550][ C0] irq event stamp: 274716 [ 117.000724][ C0] hardirqs last enabled at (274715): [] kasan_quarantine_put+0xc4/0x204 [ 117.003485][ C0] hardirqs last disabled at (274716): [] enter_el1_irq_or_nmi+0x10/0x1c [ 117.006194][ C0] softirqs last enabled at (274688): [] release_sock+0x1d0/0x258 [ 117.008819][ C0] softirqs last disabled at (274686): [] release_sock+0x34/0x258 [ 117.011324][ C0] ---[ end trace 66aa56eb2031fbff ]--- [ 117.053808][ T5035] loop0: detected capacity change from 0 to 128 [ 117.057082][ T5035] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 117.059039][ T5035] Bad inode number on dev loop0: 2 is out of range [ 117.060782][ T5035] SysV FS: get root inode failed [ 117.062536][ T5035] oldfs: cannot read superblock [ 117.076401][ C1] ------------[ cut here ]------------ [ 117.077952][ C1] VFS: brelse: Trying to free free buffer [ 117.079601][ C1] WARNING: CPU: 1 PID: 5036 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 117.082083][ C1] Modules linked in: [ 117.083181][ C1] CPU: 1 PID: 5036 Comm: syz.0.82 Tainted: G W 5.15.187-syzkaller #0 [ 117.085696][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.088409][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 117.090493][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 117.091901][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 117.093316][ C1] sp : ffff800008017de0 [ 117.094432][ C1] x29: ffff800008017de0 x28: ffff0000c8723680 x27: 1fffe0003421c65c [ 117.096647][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 117.098831][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de0bc148 [ 117.101060][ C1] x20: ffff0001a10e32e0 x19: ffff8000113daee0 x18: 0000000000010003 [ 117.103223][ C1] x17: 0000000000010003 x16: ffff8000111d162c x15: 00000000ffffffff [ 117.105495][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 117.107701][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : bdea7deccd082800 [ 117.109924][ C1] x8 : bdea7deccd082800 x7 : 0000000000000001 x6 : 0000000000000001 [ 117.112141][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 117.114342][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 117.116591][ C1] Call trace: [ 117.117494][ C1] invalidate_bh_lru+0x128/0x234 [ 117.118833][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 117.120505][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 117.122407][ C1] ipi_handler+0x10c/0x710 [ 117.123610][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 117.125095][ C1] handle_domain_irq+0x144/0x1fc [ 117.126416][ C1] gic_handle_irq+0x78/0x1c8 [ 117.127677][ C1] call_on_irq_stack+0x24/0x30 [ 117.128967][ C1] do_interrupt_handler+0x6c/0x88 [ 117.130347][ C1] el1_interrupt+0x30/0x58 [ 117.131557][ C1] el1h_64_irq_handler+0x18/0x24 [ 117.132940][ C1] el1h_64_irq+0x78/0x7c [ 117.134079][ C1] lock_page_memcg+0x120/0x234 [ 117.135358][ C1] page_add_file_rmap+0x148/0x8e4 [ 117.136780][ C1] do_set_pte+0x394/0x4e0 [ 117.137987][ C1] filemap_map_pages+0x9c4/0xc50 [ 117.139369][ C1] handle_mm_fault+0x19c0/0x2950 [ 117.140710][ C1] do_page_fault+0x694/0xad4 [ 117.142035][ C1] do_translation_fault+0xe0/0x130 [ 117.143442][ C1] do_mem_abort+0x6c/0x1ac [ 117.144659][ C1] el0_ia+0xe0/0x2d0 [ 117.145696][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 117.147051][ C1] el0t_64_sync+0x1a0/0x1a4 [ 117.148265][ C1] irq event stamp: 1200 [ 117.149376][ C1] hardirqs last enabled at (1199): [] lock_page_memcg+0x110/0x234 [ 117.151917][ C1] hardirqs last disabled at (1200): [] enter_el1_irq_or_nmi+0x10/0x1c [ 117.154563][ C1] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 117.157023][ C1] softirqs last disabled at (12): [] local_bh_disable+0x10/0x34 [ 117.159537][ C1] ---[ end trace 66aa56eb2031fc00 ]--- [ 117.185610][ T5037] loop0: detected capacity change from 0 to 128 [ 117.189612][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 117.191686][ T5037] Bad inode number on dev loop0: 2 is out of range [ 117.194359][ T5037] SysV FS: get root inode failed [ 117.196536][ T5037] oldfs: cannot read superblock [ 117.210963][ T4472] ------------[ cut here ]------------ [ 117.212439][ T4472] VFS: brelse: Trying to free free buffer [ 117.214001][ T4472] WARNING: CPU: 0 PID: 4472 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 117.216348][ T4472] Modules linked in: [ 117.217433][ T4472] CPU: 0 PID: 4472 Comm: udevd Tainted: G W 5.15.187-syzkaller #0 [ 117.219984][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.222701][ T4472] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 117.224989][ T4472] pc : invalidate_bh_lru+0x128/0x234 [ 117.226417][ T4472] lr : invalidate_bh_lru+0x128/0x234 [ 117.227849][ T4472] sp : ffff80001f7377c0 [ 117.229044][ T4472] x29: ffff80001f7377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 117.231168][ T4472] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 117.233366][ T4472] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e74d4888 [ 117.235459][ T4472] x20: ffff0001a10c22e0 x19: ffff8000113daee0 x18: 0000000000000003 [ 117.237593][ T4472] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 117.239683][ T4472] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 117.241771][ T4472] x11: 0000000000000002 x10: 0000000000000000 x9 : 9265214de862f400 [ 117.243983][ T4472] x8 : 9265214de862f400 x7 : 0000000000000001 x6 : 0000000000000001 [ 117.246144][ T4472] x5 : ffff80001f7370b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 117.248322][ T4472] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 117.250539][ T4472] Call trace: [ 117.251426][ T4472] invalidate_bh_lru+0x128/0x234 [ 117.252817][ T4472] smp_call_function_many_cond+0xa50/0xeb0 [ 117.254422][ T4472] on_each_cpu_cond_mask+0x5c/0xc4 [ 117.255714][ T4472] invalidate_bh_lrus+0x34/0x40 [ 117.257037][ T4472] blkdev_flush_mapping+0x168/0x31c [ 117.258493][ T4472] blkdev_put+0x490/0x6ac [ 117.259844][ T4472] blkdev_close+0x74/0xb0 [ 117.261065][ T4472] __fput+0x1c0/0x7f8 [ 117.262173][ T4472] ____fput+0x20/0x30 [ 117.263219][ T4472] task_work_run+0x12c/0x1e0 [ 117.264501][ T4472] do_notify_resume+0x24b4/0x3128 [ 117.265844][ T4472] el0_svc+0xf0/0x1e0 [ 117.266950][ T4472] el0t_64_sync_handler+0xcc/0xe4 [ 117.268384][ T4472] el0t_64_sync+0x1a0/0x1a4 [ 117.269607][ T4472] irq event stamp: 293998 [ 117.270820][ T4472] hardirqs last enabled at (293997): [] kasan_quarantine_put+0xc4/0x204 [ 117.273582][ T4472] hardirqs last disabled at (293998): [] smp_call_function_many_cond+0xa44/0xeb0 [ 117.276631][ T4472] softirqs last enabled at (292750): [] local_bh_enable+0x10/0x34 [ 117.279271][ T4472] softirqs last disabled at (292748): [] local_bh_disable+0x10/0x34 [ 117.281903][ T4472] ---[ end trace 66aa56eb2031fc01 ]--- [ 117.336416][ T5039] loop0: detected capacity change from 0 to 128 [ 117.380267][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 117.382481][ T5039] Bad inode number on dev loop0: 2 is out of range [ 117.384243][ T5039] SysV FS: get root inode failed [ 117.385592][ T5039] oldfs: cannot read superblock [ 117.392765][ T5039] ------------[ cut here ]------------ [ 117.394391][ T5039] VFS: brelse: Trying to free free buffer [ 117.395988][ T5039] WARNING: CPU: 1 PID: 5039 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 117.398429][ T5039] Modules linked in: [ 117.399473][ T5039] CPU: 1 PID: 5039 Comm: syz.0.83 Tainted: G W 5.15.187-syzkaller #0 [ 117.402330][ T5039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.405144][ T5039] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 117.407276][ T5039] pc : invalidate_bh_lru+0x128/0x234 [ 117.408843][ T5039] lr : invalidate_bh_lru+0x128/0x234 [ 117.410311][ T5039] sp : ffff80001fbe77c0 [ 117.411443][ T5039] x29: ffff80001fbe77c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 117.413733][ T5039] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 117.415894][ T5039] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de0bc4e8 [ 117.418061][ T5039] x20: ffff0001a10e32d8 x19: ffff8000113daee0 x18: 0000000000000003 [ 117.420219][ T5039] x17: 0000000000000000 x16: ffff8000111d162c x15: 00000000ffffffff [ 117.422423][ T5039] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 117.424598][ T5039] x11: 0000000000000002 x10: 0000000000000000 x9 : f4a531a4d5752500 [ 117.426867][ T5039] x8 : f4a531a4d5752500 x7 : 0000000000000001 x6 : 0000000000000001 [ 117.429089][ T5039] x5 : ffff80001fbe70b8 x4 : ffff80001425f400 x3 : ffff8000085051a4 [ 117.431312][ T5039] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 117.433421][ T5039] Call trace: [ 117.434293][ T5039] invalidate_bh_lru+0x128/0x234 [ 117.435675][ T5039] smp_call_function_many_cond+0xa50/0xeb0 [ 117.437224][ T5039] on_each_cpu_cond_mask+0x5c/0xc4 [ 117.438585][ T5039] invalidate_bh_lrus+0x34/0x40 [ 117.439902][ T5039] blkdev_flush_mapping+0x168/0x31c [ 117.441368][ T5039] blkdev_put+0x490/0x6ac [ 117.442592][ T5039] blkdev_close+0x74/0xb0 [ 117.443767][ T5039] __fput+0x1c0/0x7f8 [ 117.444820][ T5039] ____fput+0x20/0x30 [ 117.445946][ T5039] task_work_run+0x12c/0x1e0 [ 117.447249][ T5039] do_notify_resume+0x24b4/0x3128 [ 117.448688][ T5039] el0_svc+0xf0/0x1e0 [ 117.449764][ T5039] el0t_64_sync_handler+0xcc/0xe4 [ 117.451119][ T5039] el0t_64_sync+0x1a0/0x1a4 [ 117.452339][ T5039] irq event stamp: 1058 [ 117.453444][ T5039] hardirqs last enabled at (1057): [] finish_lock_switch+0xb0/0x1c4 [ 117.456044][ T5039] hardirqs last disabled at (1058): [] smp_call_function_many_cond+0xa44/0xeb0 [ 117.458916][ T5039] softirqs last enabled at (1014): [] local_bh_enable+0x10/0x34 [ 117.461413][ T5039] softirqs last disabled at (1012): [] local_bh_disable+0x10/0x34 [ 117.464040][ T5039] ---[ end trace 66aa56eb2031fc02 ]---