[ 69.614764][ T13] cfg80211: failed to load regulatory.db [ 69.616686][ T2063] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.617738][ T2063] ieee802154 phy1 wpan1: encryption failed: -22 Warning: Permanently added '10.128.0.23' (ED25519) to the list of known hosts. 1970/01/01 00:01:11 parsed 1 programs [ 72.716645][ T4464] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 75.608762][ T4483] chnl_net:caif_netlink_parms(): no params data found [ 75.626842][ T4483] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.628050][ T4483] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.629565][ T4483] device bridge_slave_0 entered promiscuous mode [ 75.632094][ T4483] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.636526][ T4483] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.638106][ T4483] device bridge_slave_1 entered promiscuous mode [ 75.646223][ T4483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.648694][ T4483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.658018][ T4483] team0: Port device team_slave_0 added [ 75.660252][ T4483] team0: Port device team_slave_1 added [ 75.667445][ T4483] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.668520][ T4483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.672228][ T4483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.676868][ T4483] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.677974][ T4483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.681942][ T4483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.744014][ T4483] device hsr_slave_0 entered promiscuous mode [ 75.782844][ T4483] device hsr_slave_1 entered promiscuous mode [ 76.386324][ T4483] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.414087][ T4483] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.465874][ T4483] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.504171][ T4483] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.543774][ T4483] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.545047][ T4483] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.546576][ T4483] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.547725][ T4483] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.569860][ T4483] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.575348][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.577107][ T561] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.578675][ T561] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.580537][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 76.587741][ T4483] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.590427][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.592065][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.593913][ T561] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.595019][ T561] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.605911][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 76.607594][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.608981][ T148] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.610126][ T148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.611474][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 76.614837][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 76.616569][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 76.619387][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 76.621034][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 76.623891][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 76.684375][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 76.689085][ T4483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 76.690689][ T4483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.693329][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 76.694883][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 76.696475][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 76.698018][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 76.700183][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 76.775926][ T4483] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.784141][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 76.785444][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 76.786612][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 76.788363][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 76.796760][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 76.798320][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 76.800044][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.801385][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.814718][ T4483] device veth0_vlan entered promiscuous mode [ 76.818045][ T4483] device veth1_vlan entered promiscuous mode [ 76.836222][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.837816][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.839191][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.840602][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.845248][ T4483] device veth0_macvtap entered promiscuous mode [ 76.854780][ T4483] device veth1_macvtap entered promiscuous mode [ 76.863813][ T4483] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.865017][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.866670][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.868205][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.869849][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.872629][ T4483] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.875568][ T4483] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.876754][ T4483] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.878044][ T4483] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.879315][ T4483] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.891215][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.892853][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.163483][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.164826][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.166117][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.176630][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.177782][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.179018][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.587723][ T1607] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.616410][ T1607] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.096121][ T1607] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.157008][ T1607] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:22 executed programs: 0 [ 82.887364][ T4940] chnl_net:caif_netlink_parms(): no params data found [ 82.908260][ T4940] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.909478][ T4940] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.911073][ T4940] device bridge_slave_0 entered promiscuous mode [ 82.913622][ T4940] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.914757][ T4940] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.917165][ T4940] device bridge_slave_1 entered promiscuous mode [ 82.926383][ T4940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.929271][ T4940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.946803][ T4940] team0: Port device team_slave_0 added [ 82.955492][ T4940] team0: Port device team_slave_1 added [ 82.965538][ T4940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.966746][ T4940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.970788][ T4940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.983657][ T4940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.984751][ T4940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.988469][ T4940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.065591][ T4940] device hsr_slave_0 entered promiscuous mode [ 83.102914][ T4940] device hsr_slave_1 entered promiscuous mode [ 83.142783][ T4940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.144038][ T4940] Cannot create hsr debugfs directory [ 83.662177][ T4940] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.710667][ T4940] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.734753][ T4940] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.774481][ T4940] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 83.822205][ T4940] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.823431][ T4940] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.824626][ T4940] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.825803][ T4940] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.846276][ T4940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.850711][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.852625][ T561] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.857064][ T561] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.859992][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 83.875115][ T4940] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.884960][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.886513][ T561] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.887663][ T561] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.889032][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.890770][ T561] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.891949][ T561] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.897852][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.899826][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.901497][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.903226][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.905312][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 83.908033][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.909723][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.914183][ T4940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.916232][ T4940] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 83.919890][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.921487][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.973467][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 83.974849][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 83.977903][ T4940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.987181][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 83.988876][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 83.997574][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 83.999082][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 84.000862][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 84.002303][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 84.006514][ T4940] device veth0_vlan entered promiscuous mode [ 84.010137][ T4940] device veth1_vlan entered promiscuous mode [ 84.020563][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 84.022213][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 84.023788][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 84.025359][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 84.028515][ T4940] device veth0_macvtap entered promiscuous mode [ 84.031219][ T4940] device veth1_macvtap entered promiscuous mode [ 84.036990][ T4940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 84.038762][ T4940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.040948][ T4940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.042180][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 84.043934][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 84.045307][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 84.046848][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 84.049750][ T4940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.051239][ T4940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.054275][ T4940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.055910][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 84.057550][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 84.060152][ T4940] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.061689][ T4940] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.064545][ T4940] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.065886][ T4940] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.119780][ T561] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.121072][ T561] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.122455][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 84.132405][ T561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.133909][ T561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.135984][ T561] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 84.167126][ T5063] loop0: detected capacity change from 0 to 128 [ 84.207109][ T5063] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.208382][ T5063] Bad inode number on dev loop0: 2 is out of range [ 84.209330][ T5063] SysV FS: get root inode failed [ 84.210065][ T5063] oldfs: cannot read superblock [ 84.210812][ T5063] ------------[ cut here ]------------ [ 84.211573][ T5063] VFS: brelse: Trying to free free buffer [ 84.212409][ T5063] WARNING: CPU: 1 PID: 5063 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.213686][ T5063] Modules linked in: [ 84.214269][ T5063] CPU: 1 PID: 5063 Comm: syz.0.16 Not tainted syzkaller #0 [ 84.215328][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.216817][ T5063] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.217980][ T5063] pc : invalidate_bh_lru+0x128/0x22c [ 84.218678][ T5063] lr : invalidate_bh_lru+0x128/0x22c [ 84.219446][ T5063] sp : ffff80001ff976e0 [ 84.220048][ T5063] x29: ffff80001ff976e0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 84.221253][ T5063] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 84.222465][ T5063] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05eca58 [ 84.223601][ T5063] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 84.224826][ T5063] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 84.225987][ T5063] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 84.227143][ T5063] x11: 0000000000000002 x10: 0000000000000000 x9 : 1d2b8aeab594a500 [ 84.228350][ T5063] x8 : 1d2b8aeab594a500 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.229519][ T5063] x5 : ffff80001ff96ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 84.230769][ T5063] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.231982][ T5063] Call trace: [ 84.232471][ T5063] invalidate_bh_lru+0x128/0x22c [ 84.233224][ T5063] smp_call_function_many_cond+0xa50/0xeac [ 84.234100][ T5063] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.234912][ T5063] invalidate_bh_lrus+0x34/0x40 [ 84.235671][ T5063] blkdev_flush_mapping+0x16c/0x334 [ 84.236437][ T5063] blkdev_put+0x490/0x6ac [ 84.237080][ T5063] kill_block_super+0x98/0xdc [ 84.237816][ T5063] deactivate_locked_super+0xb8/0x134 [ 84.238600][ T5063] mount_bdev+0x284/0x358 [ 84.239204][ T5063] sysv_mount+0x44/0x58 [ 84.239834][ T5063] legacy_get_tree+0xd4/0x16c [ 84.240488][ T5063] vfs_get_tree+0x90/0x274 [ 84.241134][ T5063] do_new_mount+0x228/0x810 [ 84.241770][ T5063] path_mount+0x5bc/0x1008 [ 84.242400][ T5063] __arm64_sys_mount+0x514/0x5f0 [ 84.243305][ T5063] invoke_syscall+0x98/0x2b0 [ 84.244030][ T5063] el0_svc_common+0x138/0x258 [ 84.244860][ T5063] do_el0_svc+0x58/0x13c [ 84.245491][ T5063] el0_svc+0x78/0x1d0 [ 84.246025][ T5063] el0t_64_sync_handler+0xcc/0xe4 [ 84.246809][ T5063] el0t_64_sync+0x1a0/0x1a4 [ 84.247504][ T5063] irq event stamp: 1296 [ 84.248127][ T5063] hardirqs last enabled at (1295): [] kasan_quarantine_put+0xc4/0x200 [ 84.249599][ T5063] hardirqs last disabled at (1296): [] smp_call_function_many_cond+0xa44/0xeac [ 84.251118][ T5063] softirqs last enabled at (1010): [] local_bh_enable+0x10/0x34 [ 84.252413][ T5063] softirqs last disabled at (1008): [] local_bh_disable+0x10/0x34 [ 84.253738][ T5063] ---[ end trace 337cf78d76a9fde3 ]--- [ 84.352455][ T5073] loop0: detected capacity change from 0 to 128 [ 84.360968][ T5073] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.362165][ T5073] Bad inode number on dev loop0: 2 is out of range [ 84.364859][ T5073] SysV FS: get root inode failed [ 84.365680][ T5073] oldfs: cannot read superblock [ 84.382373][ T1607] device hsr_slave_0 left promiscuous mode [ 84.386540][ C1] ------------[ cut here ]------------ [ 84.387470][ C1] VFS: brelse: Trying to free free buffer [ 84.388423][ C1] WARNING: CPU: 1 PID: 4464 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.389854][ C1] Modules linked in: [ 84.390469][ C1] CPU: 1 PID: 4464 Comm: syz-executor Tainted: G W syzkaller #0 [ 84.391820][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.393297][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.394421][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 84.395189][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 84.395988][ C1] sp : ffff800008017de0 [ 84.396636][ C1] x29: ffff800008017de0 x28: ffff0000ca6051c0 x27: 1fffe000341f665c [ 84.397867][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 84.399091][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05ec6b8 [ 84.400331][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 84.401573][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 84.402831][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 84.404019][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : d90cf9610314ca00 [ 84.405208][ C1] x8 : d90cf9610314ca00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.406479][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 84.407736][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.408927][ C1] Call trace: [ 84.409413][ C1] invalidate_bh_lru+0x128/0x22c [ 84.410195][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.411120][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.412197][ C1] ipi_handler+0x10c/0x6fc [ 84.412839][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 84.413634][ C1] handle_domain_irq+0x144/0x1fc [ 84.414397][ C1] gic_handle_irq+0x78/0x1b8 [ 84.415071][ C1] call_on_irq_stack+0x30/0x48 [ 84.415827][ C1] do_interrupt_handler+0x6c/0x88 [ 84.416601][ C1] el1_interrupt+0x30/0x58 [ 84.417264][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.418028][ C1] el1h_64_irq+0x78/0x7c [ 84.418662][ C1] slab_post_alloc_hook+0x370/0x3f8 [ 84.419428][ C1] kmem_cache_alloc_node+0x1fc/0x40c [ 84.420197][ C1] __alloc_skb+0x130/0x678 [ 84.420859][ C1] sk_stream_alloc_skb+0x17c/0x870 [ 84.421625][ C1] tcp_sendmsg_locked+0x970/0x2cfc [ 84.422401][ C1] tcp_sendmsg+0x40/0x64 [ 84.423058][ C1] inet_sendmsg+0x154/0x284 [ 84.423725][ C1] sock_write_iter+0x250/0x340 [ 84.424441][ C1] vfs_write+0x590/0xa60 [ 84.425094][ C1] ksys_write+0x12c/0x224 [ 84.425749][ C1] __arm64_sys_write+0x7c/0x90 [ 84.426481][ C1] invoke_syscall+0x98/0x2b0 [ 84.427170][ C1] el0_svc_common+0x138/0x258 [ 84.427855][ C1] do_el0_svc+0x58/0x13c [ 84.428481][ C1] el0_svc+0x78/0x1d0 [ 84.429093][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 84.429862][ C1] el0t_64_sync+0x1a0/0x1a4 [ 84.430562][ C1] irq event stamp: 658512 [ 84.431222][ C1] hardirqs last enabled at (658511): [] __local_bh_enable_ip+0x1f8/0x37c [ 84.432761][ C1] hardirqs last disabled at (658512): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.434238][ C1] softirqs last enabled at (658510): [] lock_sock_nested+0x14c/0x1d4 [ 84.435706][ C1] softirqs last disabled at (658508): [] lock_sock_nested+0xf4/0x1d4 [ 84.437091][ C1] ---[ end trace 337cf78d76a9fde4 ]--- [ 84.473506][ T1607] device hsr_slave_1 left promiscuous mode [ 84.493822][ T5085] loop0: detected capacity change from 0 to 128 [ 84.497073][ T5085] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.498228][ T5085] Bad inode number on dev loop0: 2 is out of range [ 84.499179][ T5085] SysV FS: get root inode failed [ 84.500081][ T5085] oldfs: cannot read superblock [ 84.524881][ T4880] ------------[ cut here ]------------ [ 84.525640][ T4880] VFS: brelse: Trying to free free buffer [ 84.526524][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.527895][ T4880] Modules linked in: [ 84.528502][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 84.529719][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.531175][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.532339][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 84.533150][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 84.533980][ T4880] sp : ffff80001f6d77c0 [ 84.534582][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f2463 [ 84.535746][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000008 [ 84.536912][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e6148 [ 84.538124][ T4880] x20: ffff0001a0f92318 x19: ffff80001145af60 x18: 0000000000000003 [ 84.539362][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 84.540622][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 84.541865][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 84.543150][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.544367][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 84.545568][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.546749][ T4880] Call trace: [ 84.547225][ T4880] invalidate_bh_lru+0x128/0x22c [ 84.547945][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 84.548804][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.549541][ T4880] invalidate_bh_lrus+0x34/0x40 [ 84.550222][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 84.550991][ T4880] blkdev_put+0x490/0x6ac [ 84.551665][ T4880] blkdev_close+0x74/0xb0 [ 84.552272][ T4880] __fput+0x1c0/0x7e8 [ 84.552802][ T4880] ____fput+0x20/0x30 [ 84.553395][ T4880] task_work_run+0x12c/0x1d8 [ 84.554086][ T4880] do_notify_resume+0x2450/0x309c [ 84.554874][ T4880] el0_svc+0xf0/0x1d0 [ 84.555459][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 84.556253][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 84.556958][ T4880] irq event stamp: 64076 [ 84.557558][ T4880] hardirqs last enabled at (64075): [] kasan_quarantine_put+0xc4/0x200 [ 84.558941][ T4880] hardirqs last disabled at (64076): [] smp_call_function_many_cond+0xa44/0xeac [ 84.560553][ T4880] softirqs last enabled at (63928): [] handle_softirqs+0xa40/0xbe4 [ 84.562036][ T4880] softirqs last disabled at (63783): [] __irq_exit_rcu+0x240/0x43c [ 84.563365][ T4880] ---[ end trace 337cf78d76a9fde5 ]--- [ 84.583490][ T1607] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.584688][ T1607] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 84.586185][ T1607] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.587343][ T1607] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 84.588855][ T1607] device bridge_slave_1 left promiscuous mode [ 84.589912][ T1607] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.600413][ T5090] loop0: detected capacity change from 0 to 128 [ 84.606767][ T5090] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.607968][ T5090] Bad inode number on dev loop0: 2 is out of range [ 84.608927][ T5090] SysV FS: get root inode failed [ 84.609708][ T5090] oldfs: cannot read superblock [ 84.612219][ C0] ------------[ cut here ]------------ [ 84.613197][ C0] VFS: brelse: Trying to free free buffer [ 84.614140][ C0] WARNING: CPU: 0 PID: 5090 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.615527][ C0] Modules linked in: [ 84.616142][ C0] CPU: 0 PID: 5090 Comm: syz.0.21 Tainted: G W syzkaller #0 [ 84.617371][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.618873][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.619981][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 84.620785][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 84.621619][ C0] sp : ffff800008007de0 [ 84.622218][ C0] x29: ffff800008007de0 x28: ffff0000d5b63680 x27: 1fffe000341f245c [ 84.623466][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 84.624654][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e64e8 [ 84.625886][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 84.627095][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 84.628289][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 84.629467][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 15f97bfa763fed00 [ 84.630744][ C0] x8 : 15f97bfa763fed00 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.631949][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 84.633143][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 84.634331][ C0] Call trace: [ 84.634844][ C0] invalidate_bh_lru+0x128/0x22c [ 84.635615][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 84.636552][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.637561][ C0] ipi_handler+0x10c/0x6fc [ 84.638236][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 84.639034][ C0] handle_domain_irq+0x144/0x1fc [ 84.639830][ C0] gic_handle_irq+0x78/0x1b8 [ 84.640493][ C0] call_on_irq_stack+0x30/0x48 [ 84.641186][ C0] do_interrupt_handler+0x6c/0x88 [ 84.641898][ C0] el1_interrupt+0x30/0x58 [ 84.642583][ C0] el1h_64_irq_handler+0x18/0x24 [ 84.643276][ C0] el1h_64_irq+0x78/0x7c [ 84.643877][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 84.644730][ C0] debug_check_no_obj_freed+0x450/0x46c [ 84.645509][ C0] free_unref_page_prepare+0x2f8/0xa84 [ 84.646367][ C0] free_unref_page_list+0xdc/0x730 [ 84.647092][ C0] release_pages+0x13bc/0x16dc [ 84.647765][ C0] free_pages_and_swap_cache+0x9c/0xb4 [ 84.648526][ C0] tlb_finish_mmu+0x16c/0x32c [ 84.649281][ C0] exit_mmap+0x2e0/0x508 [ 84.649892][ C0] __mmput+0xec/0x3a8 [ 84.650503][ C0] mmput+0x80/0xc0 [ 84.651044][ C0] exit_mm+0x4ac/0x664 [ 84.651636][ C0] do_exit+0x4f0/0x1f50 [ 84.652274][ C0] do_group_exit+0x100/0x268 [ 84.652947][ C0] get_signal+0x73c/0x1334 [ 84.653635][ C0] do_notify_resume+0x354/0x309c [ 84.654371][ C0] el0_svc+0xf0/0x1d0 [ 84.655018][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 84.655826][ C0] el0t_64_sync+0x1a0/0x1a4 [ 84.656492][ C0] irq event stamp: 2786 [ 84.657076][ C0] hardirqs last enabled at (2785): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 84.658584][ C0] hardirqs last disabled at (2786): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.659994][ C0] softirqs last enabled at (1230): [] local_bh_enable+0x10/0x34 [ 84.661292][ C0] softirqs last disabled at (1228): [] local_bh_disable+0x10/0x34 [ 84.662604][ C0] ---[ end trace 337cf78d76a9fde6 ]--- [ 84.684364][ T1607] device bridge_slave_0 left promiscuous mode [ 84.685417][ T1607] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.702636][ T5092] loop0: detected capacity change from 0 to 128 [ 84.754171][ T5092] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.755326][ T5092] Bad inode number on dev loop0: 2 is out of range [ 84.756368][ T5092] SysV FS: get root inode failed [ 84.757511][ T5092] oldfs: cannot read superblock [ 84.761120][ C1] ------------[ cut here ]------------ [ 84.761970][ C1] VFS: brelse: Trying to free free buffer [ 84.762901][ C1] WARNING: CPU: 1 PID: 3661 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.764246][ C1] Modules linked in: [ 84.764849][ C1] CPU: 1 PID: 3661 Comm: udevd Tainted: G W syzkaller #0 [ 84.766057][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.767505][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.768665][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 84.769495][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 84.770262][ C1] sp : ffff800008017de0 [ 84.770856][ C1] x29: ffff800008017de0 x28: ffff0000d67a8000 x27: 1fffe000341f665b [ 84.772123][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 84.773390][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05ec318 [ 84.774590][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010002 [ 84.775773][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 84.776938][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 84.778222][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : eca722db6c66c400 [ 84.779437][ C1] x8 : eca722db6c66c400 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.780618][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 84.781790][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 84.783066][ C1] Call trace: [ 84.783595][ C1] invalidate_bh_lru+0x128/0x22c [ 84.784360][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 84.785244][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 84.786245][ C1] ipi_handler+0x10c/0x6fc [ 84.786856][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 84.787625][ C1] handle_domain_irq+0x144/0x1fc [ 84.788430][ C1] gic_handle_irq+0x78/0x1b8 [ 84.789071][ C1] call_on_irq_stack+0x30/0x48 [ 84.789746][ C1] do_interrupt_handler+0x6c/0x88 [ 84.790495][ C1] el1_interrupt+0x30/0x58 [ 84.791191][ C1] el1h_64_irq_handler+0x18/0x24 [ 84.791998][ C1] el1h_64_irq+0x78/0x7c [ 84.792644][ C1] lock_release+0x4a0/0x8e0 [ 84.793275][ C1] __might_fault+0xf4/0x128 [ 84.793891][ C1] filldir64+0x2bc/0x9e4 [ 84.794522][ C1] kernfs_fop_readdir+0x4b8/0x760 [ 84.795225][ C1] iterate_dir+0x1f0/0x4cc [ 84.795834][ C1] __arm64_sys_getdents64+0x11c/0x348 [ 84.796610][ C1] invoke_syscall+0x98/0x2b0 [ 84.797246][ C1] el0_svc_common+0x138/0x258 [ 84.797924][ C1] do_el0_svc+0x58/0x13c [ 84.798588][ C1] el0_svc+0x78/0x1d0 [ 84.799167][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 84.799883][ C1] el0t_64_sync+0x1a0/0x1a4 [ 84.800574][ C1] irq event stamp: 1148432 [ 84.801178][ C1] hardirqs last enabled at (1148431): [] el0_svc_common+0x9c/0x258 [ 84.802599][ C1] hardirqs last disabled at (1148432): [] enter_el1_irq_or_nmi+0x10/0x1c [ 84.804042][ C1] softirqs last enabled at (1148358): [] local_bh_enable+0x10/0x34 [ 84.805428][ C1] softirqs last disabled at (1148356): [] local_bh_disable+0x10/0x34 [ 84.806872][ C1] ---[ end trace 337cf78d76a9fde7 ]--- [ 84.843106][ T1607] device veth1_macvtap left promiscuous mode [ 84.844145][ T1607] device veth0_macvtap left promiscuous mode [ 84.845143][ T1607] device veth1_vlan left promiscuous mode [ 84.845947][ T1607] device veth0_vlan left promiscuous mode [ 84.856398][ T5094] loop0: detected capacity change from 0 to 128 [ 84.885057][ T5094] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 84.886244][ T5094] Bad inode number on dev loop0: 2 is out of range [ 84.887190][ T5094] SysV FS: get root inode failed [ 84.887947][ T5094] oldfs: cannot read superblock [ 84.888761][ T5094] ------------[ cut here ]------------ [ 84.889590][ T5094] VFS: brelse: Trying to free free buffer [ 84.890438][ T5094] WARNING: CPU: 1 PID: 5094 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 84.891696][ T5094] Modules linked in: [ 84.892251][ T5094] CPU: 1 PID: 5094 Comm: syz.0.23 Tainted: G W syzkaller #0 [ 84.893537][ T5094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 84.895073][ T5094] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 84.896255][ T5094] pc : invalidate_bh_lru+0x128/0x22c [ 84.897105][ T5094] lr : invalidate_bh_lru+0x128/0x22c [ 84.897877][ T5094] sp : ffff80001ffd76e0 [ 84.898494][ T5094] x29: ffff80001ffd76e0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 84.899678][ T5094] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 84.900891][ T5094] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05ebee0 [ 84.902085][ T5094] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 84.903320][ T5094] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 84.904516][ T5094] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 84.905710][ T5094] x11: 0000000000000002 x10: 0000000000000000 x9 : 16a9b869d8f6f800 [ 84.907072][ T5094] x8 : 16a9b869d8f6f800 x7 : 0000000000000001 x6 : 0000000000000001 [ 84.908372][ T5094] x5 : ffff80001ffd6ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 84.909607][ T5094] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 84.910810][ T5094] Call trace: [ 84.911319][ T5094] invalidate_bh_lru+0x128/0x22c [ 84.912094][ T5094] smp_call_function_many_cond+0xa50/0xeac [ 84.912942][ T5094] on_each_cpu_cond_mask+0x5c/0xc4 [ 84.913705][ T5094] invalidate_bh_lrus+0x34/0x40 [ 84.914430][ T5094] blkdev_flush_mapping+0x16c/0x334 [ 84.915211][ T5094] blkdev_put+0x490/0x6ac [ 84.915830][ T5094] kill_block_super+0x98/0xdc [ 84.916472][ T5094] deactivate_locked_super+0xb8/0x134 [ 84.917263][ T5094] mount_bdev+0x284/0x358 [ 84.917859][ T5094] sysv_mount+0x44/0x58 [ 84.918467][ T5094] legacy_get_tree+0xd4/0x16c [ 84.919142][ T5094] vfs_get_tree+0x90/0x274 [ 84.919802][ T5094] do_new_mount+0x228/0x810 [ 84.920511][ T5094] path_mount+0x5bc/0x1008 [ 84.921189][ T5094] __arm64_sys_mount+0x514/0x5f0 [ 84.921929][ T5094] invoke_syscall+0x98/0x2b0 [ 84.922599][ T5094] el0_svc_common+0x138/0x258 [ 84.923302][ T5094] do_el0_svc+0x58/0x13c [ 84.923966][ T5094] el0_svc+0x78/0x1d0 [ 84.924549][ T5094] el0t_64_sync_handler+0xcc/0xe4 [ 84.925360][ T5094] el0t_64_sync+0x1a0/0x1a4 [ 84.926502][ T5094] irq event stamp: 1262 [ 84.927139][ T5094] hardirqs last enabled at (1261): [] kasan_quarantine_put+0xc4/0x200 [ 84.928558][ T5094] hardirqs last disabled at (1262): [] smp_call_function_many_cond+0xa44/0xeac [ 84.930101][ T5094] softirqs last enabled at (1024): [] local_bh_enable+0x10/0x34 [ 84.931731][ T5094] softirqs last disabled at (1022): [] local_bh_disable+0x10/0x34 [ 84.933237][ T5094] ---[ end trace 337cf78d76a9fde8 ]--- [ 84.934723][ T1541] Bluetooth: hci0: command 0x0409 tx timeout [ 85.031177][ T1607] team0 (unregistering): Port device team_slave_1 removed [ 85.036897][ T1607] team0 (unregistering): Port device team_slave_0 removed [ 85.041397][ T1607] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 85.061782][ T5098] loop0: detected capacity change from 0 to 128 [ 85.066347][ T5098] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.066542][ T1607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 85.067449][ T5098] Bad inode number on dev loop0: 2 is out of range [ 85.069810][ T5098] SysV FS: get root inode failed [ 85.070609][ T5098] oldfs: cannot read superblock [ 85.077706][ C1] ------------[ cut here ]------------ [ 85.078601][ C1] VFS: brelse: Trying to free free buffer [ 85.079538][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.080886][ C1] Modules linked in: [ 85.081480][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.082834][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.084393][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.085498][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.086330][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.087098][ C1] sp : ffff800008017de0 [ 85.087698][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665c [ 85.088866][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 85.090033][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05ebb40 [ 85.091271][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 85.092469][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.093785][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 85.095040][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 85.096268][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.097499][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.098638][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.099880][ C1] Call trace: [ 85.100336][ C1] invalidate_bh_lru+0x128/0x22c [ 85.101075][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.101991][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.103023][ C1] ipi_handler+0x10c/0x6fc [ 85.103646][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.104437][ C1] handle_domain_irq+0x144/0x1fc [ 85.105194][ C1] gic_handle_irq+0x78/0x1b8 [ 85.105899][ C1] call_on_irq_stack+0x30/0x48 [ 85.106659][ C1] do_interrupt_handler+0x6c/0x88 [ 85.107410][ C1] el1_interrupt+0x30/0x58 [ 85.108107][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.108852][ C1] el1h_64_irq+0x78/0x7c [ 85.109496][ C1] lock_acquire+0x80/0x618 [ 85.110183][ C1] rcu_lock_acquire+0x38/0x44 [ 85.110975][ C1] get_mem_cgroup_from_objcg+0x24/0x144 [ 85.111802][ C1] obj_cgroup_charge_pages+0x80/0x1a4 [ 85.112627][ C1] __memcg_kmem_charge_page+0x3c0/0x59c [ 85.113490][ C1] __alloc_pages+0x1d0/0x470 [ 85.114162][ C1] alloc_pages+0x34c/0x5c0 [ 85.114846][ C1] __get_free_pages+0x18/0x84 [ 85.115527][ C1] pgd_alloc+0x20/0x2c [ 85.116133][ C1] mm_init+0x3c8/0x5e8 [ 85.116771][ C1] copy_mm+0x168/0x105c [ 85.117378][ C1] copy_process+0x1500/0x34c8 [ 85.118036][ C1] kernel_clone+0x1ec/0x9e8 [ 85.118691][ C1] __arm64_sys_clone+0x14c/0x1b8 [ 85.119422][ C1] invoke_syscall+0x98/0x2b0 [ 85.120092][ C1] el0_svc_common+0x138/0x258 [ 85.120766][ C1] do_el0_svc+0x58/0x13c [ 85.121371][ C1] el0_svc+0x78/0x1d0 [ 85.121999][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.122766][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.123447][ C1] irq event stamp: 210926 [ 85.124103][ C1] hardirqs last enabled at (210925): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 85.125738][ C1] hardirqs last disabled at (210926): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.127215][ C1] softirqs last enabled at (210866): [] local_bh_enable+0x10/0x34 [ 85.128629][ C1] softirqs last disabled at (210864): [] local_bh_disable+0x10/0x34 [ 85.129939][ C1] ---[ end trace 337cf78d76a9fde9 ]--- [ 85.157390][ T5100] loop0: detected capacity change from 0 to 128 [ 85.219018][ T5100] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.220206][ T5100] Bad inode number on dev loop0: 2 is out of range [ 85.221153][ T5100] SysV FS: get root inode failed [ 85.221854][ T5100] oldfs: cannot read superblock [ 85.228998][ C0] ------------[ cut here ]------------ [ 85.229927][ C0] VFS: brelse: Trying to free free buffer [ 85.230830][ C0] WARNING: CPU: 0 PID: 1607 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.232048][ C0] Modules linked in: [ 85.232654][ C0] CPU: 0 PID: 1607 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 85.233995][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.235526][ C0] Workqueue: netns cleanup_net [ 85.236220][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.237336][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 85.238110][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 85.238854][ C0] sp : ffff800008007de0 [ 85.239529][ C0] x29: ffff800008007de0 x28: ffff0000cd463680 x27: 1fffe000341f245c [ 85.240741][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 85.241921][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e6888 [ 85.243121][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 85.244323][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.245530][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 85.246732][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 2f5a81b6c0df1200 [ 85.247849][ C0] x8 : 2f5a81b6c0df1200 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.248984][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.250098][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.251250][ C0] Call trace: [ 85.251629][ C0] invalidate_bh_lru+0x128/0x22c [ 85.252336][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.253143][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.254155][ C0] ipi_handler+0x10c/0x6fc [ 85.254807][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 85.255586][ C0] handle_domain_irq+0x144/0x1fc [ 85.256301][ C0] gic_handle_irq+0x78/0x1b8 [ 85.256940][ C0] call_on_irq_stack+0x30/0x48 [ 85.257605][ C0] do_interrupt_handler+0x6c/0x88 [ 85.258396][ C0] el1_interrupt+0x30/0x58 [ 85.259022][ C0] el1h_64_irq_handler+0x18/0x24 [ 85.259707][ C0] el1h_64_irq+0x78/0x7c [ 85.260281][ C0] queue_work_on+0x110/0x170 [ 85.260894][ C0] netdevice_event+0x69c/0x78c [ 85.261532][ C0] raw_notifier_call_chain+0xd4/0x164 [ 85.262283][ C0] unregister_netdevice_many+0xe74/0x183c [ 85.263092][ C0] default_device_exit_batch+0x464/0x4c4 [ 85.263923][ C0] cleanup_net+0x654/0xaa4 [ 85.264554][ C0] process_one_work+0x79c/0x1138 [ 85.265269][ C0] worker_thread+0x8f4/0x1034 [ 85.266068][ C0] kthread+0x374/0x454 [ 85.266717][ C0] ret_from_fork+0x10/0x20 [ 85.267431][ C0] irq event stamp: 810100 [ 85.268050][ C0] hardirqs last enabled at (810099): [] queue_work_on+0xf0/0x170 [ 85.269446][ C0] hardirqs last disabled at (810100): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.270914][ C0] softirqs last enabled at (808398): [] handle_softirqs+0xa40/0xbe4 [ 85.272317][ C0] softirqs last disabled at (808383): [] __irq_exit_rcu+0x240/0x43c [ 85.273685][ C0] ---[ end trace 337cf78d76a9fdea ]--- [ 85.279687][ T1607] bond0 (unregistering): Released all slaves [ 85.322487][ T5102] loop0: detected capacity change from 0 to 128 [ 85.325321][ T5102] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.326401][ T5102] Bad inode number on dev loop0: 2 is out of range [ 85.327772][ T5102] SysV FS: get root inode failed [ 85.328561][ T5102] oldfs: cannot read superblock [ 85.337664][ T4880] ------------[ cut here ]------------ [ 85.338568][ T4880] VFS: brelse: Trying to free free buffer [ 85.339568][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.340912][ T4880] Modules linked in: [ 85.341524][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 85.342756][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.344256][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.345497][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 85.346310][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 85.347062][ T4880] sp : ffff80001f6d77c0 [ 85.347689][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 85.348881][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 85.350088][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2a0230 [ 85.351269][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 85.352504][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.353678][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 85.354865][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 85.356022][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.357228][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.358483][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.359639][ T4880] Call trace: [ 85.360093][ T4880] invalidate_bh_lru+0x128/0x22c [ 85.360869][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 85.361697][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.362474][ T4880] invalidate_bh_lrus+0x34/0x40 [ 85.363223][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 85.363962][ T4880] blkdev_put+0x490/0x6ac [ 85.364634][ T4880] blkdev_close+0x74/0xb0 [ 85.365238][ T4880] __fput+0x1c0/0x7e8 [ 85.365807][ T4880] ____fput+0x20/0x30 [ 85.366384][ T4880] task_work_run+0x12c/0x1d8 [ 85.367053][ T4880] do_notify_resume+0x2450/0x309c [ 85.367816][ T4880] el0_svc+0xf0/0x1d0 [ 85.368411][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 85.369123][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 85.369816][ T4880] irq event stamp: 102600 [ 85.370412][ T4880] hardirqs last enabled at (102599): [] kasan_quarantine_put+0xc4/0x200 [ 85.371894][ T4880] hardirqs last disabled at (102600): [] smp_call_function_many_cond+0xa44/0xeac [ 85.373489][ T4880] softirqs last enabled at (102334): [] local_bh_enable+0x10/0x34 [ 85.374973][ T4880] softirqs last disabled at (102332): [] local_bh_disable+0x10/0x34 [ 85.376377][ T4880] ---[ end trace 337cf78d76a9fdeb ]--- [ 85.409290][ T5104] loop0: detected capacity change from 0 to 128 [ 85.414376][ T5104] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.415573][ T5104] Bad inode number on dev loop0: 2 is out of range [ 85.416616][ T5104] SysV FS: get root inode failed [ 85.417505][ T5104] oldfs: cannot read superblock [ 85.419816][ T4880] ------------[ cut here ]------------ [ 85.420704][ T4880] VFS: brelse: Trying to free free buffer [ 85.421638][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.423035][ T4880] Modules linked in: [ 85.423637][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 85.424851][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.426321][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.427461][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 85.428284][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 85.429030][ T4880] sp : ffff80001f6d77c0 [ 85.429621][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 85.430872][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 85.432145][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcab46b8 [ 85.433346][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 85.434542][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.435711][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 85.436885][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 85.438061][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.439320][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.440531][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.441720][ T4880] Call trace: [ 85.442192][ T4880] invalidate_bh_lru+0x128/0x22c [ 85.442982][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 85.443866][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.444573][ T4880] invalidate_bh_lrus+0x34/0x40 [ 85.445289][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 85.446063][ T4880] blkdev_put+0x490/0x6ac [ 85.446738][ T4880] blkdev_close+0x74/0xb0 [ 85.447357][ T4880] __fput+0x1c0/0x7e8 [ 85.447936][ T4880] ____fput+0x20/0x30 [ 85.448547][ T4880] task_work_run+0x12c/0x1d8 [ 85.449209][ T4880] do_notify_resume+0x2450/0x309c [ 85.449929][ T4880] el0_svc+0xf0/0x1d0 [ 85.450498][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 85.451225][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 85.451896][ T4880] irq event stamp: 107594 [ 85.452559][ T4880] hardirqs last enabled at (107593): [] kasan_quarantine_put+0xc4/0x200 [ 85.454063][ T4880] hardirqs last disabled at (107594): [] smp_call_function_many_cond+0xa44/0xeac [ 85.455758][ T4880] softirqs last enabled at (107316): [] local_bh_enable+0x10/0x34 [ 85.457198][ T4880] softirqs last disabled at (107314): [] local_bh_disable+0x10/0x34 [ 85.458584][ T4880] ---[ end trace 337cf78d76a9fdec ]--- [ 85.524109][ T5106] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.532852][ T5106] Bad inode number on dev loop0: 2 is out of range [ 85.533930][ T5106] SysV FS: get root inode failed [ 85.534710][ T5106] oldfs: cannot read superblock [ 85.539274][ C1] ------------[ cut here ]------------ [ 85.540141][ C1] VFS: brelse: Trying to free free buffer [ 85.541097][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.542470][ C1] Modules linked in: [ 85.543079][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.544501][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.546035][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.547240][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.548092][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.548901][ C1] sp : ffff800008017de0 [ 85.549523][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665b [ 85.550812][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 85.552014][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de329318 [ 85.553233][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010002 [ 85.554537][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.555769][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 85.557004][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 85.558267][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.559553][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.560784][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.561998][ C1] Call trace: [ 85.562519][ C1] invalidate_bh_lru+0x128/0x22c [ 85.563249][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.564104][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.565138][ C1] ipi_handler+0x10c/0x6fc [ 85.565777][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.566516][ C1] handle_domain_irq+0x144/0x1fc [ 85.567200][ C1] gic_handle_irq+0x78/0x1b8 [ 85.567839][ C1] call_on_irq_stack+0x30/0x48 [ 85.568492][ C1] do_interrupt_handler+0x6c/0x88 [ 85.569216][ C1] el1_interrupt+0x30/0x58 [ 85.569860][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.570515][ C1] el1h_64_irq+0x78/0x7c [ 85.571082][ C1] __local_bh_enable_ip+0x200/0x37c [ 85.571783][ C1] local_bh_enable+0x28/0x34 [ 85.572450][ C1] do_sve_acc+0x3a8/0x634 [ 85.573105][ C1] el0_sve_acc+0x84/0x1dc [ 85.573740][ C1] el0t_64_sync_handler+0x6c/0xe4 [ 85.574451][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.575141][ C1] irq event stamp: 221938 [ 85.575810][ C1] hardirqs last enabled at (221937): [] __local_bh_enable_ip+0x1f8/0x37c [ 85.577307][ C1] hardirqs last disabled at (221938): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.578771][ C1] softirqs last enabled at (221936): [] local_bh_enable+0x10/0x34 [ 85.580088][ C1] softirqs last disabled at (221934): [] local_bh_disable+0x10/0x34 [ 85.581449][ C1] ---[ end trace 337cf78d76a9fded ]--- [ 85.630036][ T5108] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.631131][ T5108] Bad inode number on dev loop0: 2 is out of range [ 85.632133][ T5108] SysV FS: get root inode failed [ 85.633416][ T5108] oldfs: cannot read superblock [ 85.641249][ T4880] ------------[ cut here ]------------ [ 85.642076][ T4880] VFS: brelse: Trying to free free buffer [ 85.642977][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.644265][ T4880] Modules linked in: [ 85.644793][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 85.646019][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.647492][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.648556][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 85.649359][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 85.650110][ T4880] sp : ffff80001f6d77c0 [ 85.650714][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 85.652016][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 85.653274][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e6c28 [ 85.654462][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 85.655716][ T4880] x17: 0000000000000000 x16: ffff800008304ad4 x15: 00000000ffffffff [ 85.656883][ T4880] x14: 0000000000000001 x13: 1ffff00003edae18 x12: 0000000000ff0100 [ 85.658005][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 85.659180][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.660409][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008304be4 [ 85.661636][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 85.662760][ T4880] Call trace: [ 85.663264][ T4880] invalidate_bh_lru+0x128/0x22c [ 85.664011][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 85.664896][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 85.665727][ T4880] invalidate_bh_lrus+0x34/0x40 [ 85.666466][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 85.667199][ T4880] blkdev_put+0x490/0x6ac [ 85.667848][ T4880] blkdev_close+0x74/0xb0 [ 85.668523][ T4880] __fput+0x1c0/0x7e8 [ 85.669122][ T4880] ____fput+0x20/0x30 [ 85.669702][ T4880] task_work_run+0x12c/0x1d8 [ 85.670357][ T4880] do_notify_resume+0x2450/0x309c [ 85.671113][ T4880] el0_svc+0xf0/0x1d0 [ 85.671666][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 85.672390][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 85.673043][ T4880] irq event stamp: 118596 [ 85.673659][ T4880] hardirqs last enabled at (118595): [] kasan_quarantine_put+0xc4/0x200 [ 85.675133][ T4880] hardirqs last disabled at (118596): [] smp_call_function_many_cond+0xa44/0xeac [ 85.676677][ T4880] softirqs last enabled at (118342): [] local_bh_enable+0x10/0x34 [ 85.678064][ T4880] softirqs last disabled at (118340): [] local_bh_disable+0x10/0x34 [ 85.679555][ T4880] ---[ end trace 337cf78d76a9fdee ]--- [ 85.707909][ T5110] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.709199][ T5110] Bad inode number on dev loop0: 2 is out of range [ 85.710301][ T5110] SysV FS: get root inode failed [ 85.711129][ T5110] oldfs: cannot read superblock [ 85.720582][ C1] ------------[ cut here ]------------ [ 85.721430][ C1] VFS: brelse: Trying to free free buffer [ 85.722309][ C1] WARNING: CPU: 1 PID: 5111 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.723650][ C1] Modules linked in: [ 85.724222][ C1] CPU: 1 PID: 5111 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.725601][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.727132][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.728293][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.729024][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.729814][ C1] sp : ffff800008017de0 [ 85.730420][ C1] x29: ffff800008017de0 x28: ffff0000d1778000 x27: 1fffe000341f665c [ 85.731635][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 85.732778][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de3296b8 [ 85.733995][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 85.735159][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.736445][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 85.737604][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : fd529c63b893ed00 [ 85.738819][ C1] x8 : fd529c63b893ed00 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.740001][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.741234][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.742413][ C1] Call trace: [ 85.742892][ C1] invalidate_bh_lru+0x128/0x22c [ 85.743625][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.744501][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.745554][ C1] ipi_handler+0x10c/0x6fc [ 85.746180][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.746971][ C1] handle_domain_irq+0x144/0x1fc [ 85.747734][ C1] gic_handle_irq+0x78/0x1b8 [ 85.748410][ C1] call_on_irq_stack+0x30/0x48 [ 85.749093][ C1] do_interrupt_handler+0x6c/0x88 [ 85.749804][ C1] el1_interrupt+0x30/0x58 [ 85.750463][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.751154][ C1] el1h_64_irq+0x78/0x7c [ 85.751780][ C1] lock_acquire+0x234/0x618 [ 85.752465][ C1] fs_reclaim_acquire+0x118/0x1c4 [ 85.753248][ C1] slab_pre_alloc_hook+0x38/0xe8 [ 85.754025][ C1] __kmalloc_track_caller+0x70/0x358 [ 85.754808][ C1] kmemdup+0xcc/0x144 [ 85.755412][ C1] shmem_symlink+0x148/0x498 [ 85.756053][ C1] vfs_symlink+0x238/0x3b0 [ 85.756720][ C1] do_symlinkat+0x188/0x5b4 [ 85.757413][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 85.758164][ C1] invoke_syscall+0x98/0x2b0 [ 85.758848][ C1] el0_svc_common+0x138/0x258 [ 85.759545][ C1] do_el0_svc+0x58/0x13c [ 85.760188][ C1] el0_svc+0x78/0x1d0 [ 85.760735][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.761477][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.762130][ C1] irq event stamp: 740 [ 85.762726][ C1] hardirqs last enabled at (739): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 85.764289][ C1] hardirqs last disabled at (740): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.765648][ C1] softirqs last enabled at (672): [] local_bh_enable+0x10/0x34 [ 85.766976][ C1] softirqs last disabled at (670): [] local_bh_disable+0x10/0x34 [ 85.768326][ C1] ---[ end trace 337cf78d76a9fdef ]--- [ 85.834210][ T5112] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.835759][ T5112] Bad inode number on dev loop0: 2 is out of range [ 85.836824][ T5112] SysV FS: get root inode failed [ 85.837648][ T5112] oldfs: cannot read superblock [ 85.846885][ C0] ------------[ cut here ]------------ [ 85.847764][ C0] VFS: brelse: Trying to free free buffer [ 85.848702][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.850120][ C0] Modules linked in: [ 85.850739][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.852035][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.853592][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.854763][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 85.855526][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 85.856331][ C0] sp : ffff800008007de0 [ 85.856936][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 85.858061][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 85.859214][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e7ee0 [ 85.860432][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 85.861660][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.862848][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 85.864095][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 85.865296][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.866566][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.867806][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.869125][ C0] Call trace: [ 85.869587][ C0] invalidate_bh_lru+0x128/0x22c [ 85.870348][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 85.871241][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.872313][ C0] ipi_handler+0x10c/0x6fc [ 85.873028][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 85.873802][ C0] handle_domain_irq+0x144/0x1fc [ 85.874563][ C0] gic_handle_irq+0x78/0x1b8 [ 85.875254][ C0] call_on_irq_stack+0x30/0x48 [ 85.875917][ C0] do_interrupt_handler+0x6c/0x88 [ 85.876699][ C0] el0_interrupt+0x94/0x248 [ 85.877336][ C0] __el0_irq_handler_common+0x18/0x24 [ 85.878102][ C0] el0t_64_irq_handler+0x10/0x1c [ 85.878807][ C0] el0t_64_irq+0x1a0/0x1a4 [ 85.879453][ C0] irq event stamp: 234464 [ 85.880074][ C0] hardirqs last enabled at (234463): [] el0t_64_sync_handler+0xcc/0xe4 [ 85.881514][ C0] hardirqs last disabled at (234464): [] __el0_irq_handler_common+0x18/0x24 [ 85.882968][ C0] softirqs last enabled at (234274): [] local_bh_enable+0x10/0x34 [ 85.884426][ C0] softirqs last disabled at (234272): [] local_bh_disable+0x10/0x34 [ 85.885777][ C0] ---[ end trace 337cf78d76a9fdf0 ]--- [ 85.917342][ T5114] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 85.918519][ T5114] Bad inode number on dev loop0: 2 is out of range [ 85.919635][ T5114] SysV FS: get root inode failed [ 85.920318][ T5114] oldfs: cannot read superblock [ 85.933323][ C1] ------------[ cut here ]------------ [ 85.934215][ C1] VFS: brelse: Trying to free free buffer [ 85.935065][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 85.936293][ C1] Modules linked in: [ 85.936883][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 85.938258][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 85.939762][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 85.940988][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 85.941733][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 85.942471][ C1] sp : ffff800008017de0 [ 85.943125][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665b [ 85.944343][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 85.945608][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de329a58 [ 85.946839][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010002 [ 85.948153][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 85.949414][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 85.950628][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 85.951836][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 85.953126][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 85.954384][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 85.955625][ C1] Call trace: [ 85.956088][ C1] invalidate_bh_lru+0x128/0x22c [ 85.956826][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 85.957735][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 85.958694][ C1] ipi_handler+0x10c/0x6fc [ 85.959343][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 85.960168][ C1] handle_domain_irq+0x144/0x1fc [ 85.960883][ C1] gic_handle_irq+0x78/0x1b8 [ 85.961589][ C1] call_on_irq_stack+0x30/0x48 [ 85.962310][ C1] do_interrupt_handler+0x6c/0x88 [ 85.963045][ C1] el1_interrupt+0x30/0x58 [ 85.963681][ C1] el1h_64_irq_handler+0x18/0x24 [ 85.964456][ C1] el1h_64_irq+0x78/0x7c [ 85.965063][ C1] call_rcu+0x580/0x8f4 [ 85.965668][ C1] dentry_free+0xa4/0x178 [ 85.966347][ C1] __dentry_kill+0x45c/0x598 [ 85.967079][ C1] dentry_kill+0xc8/0x248 [ 85.967782][ C1] dput+0x23c/0x458 [ 85.968394][ C1] do_unlinkat+0x334/0x618 [ 85.969034][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 85.969793][ C1] invoke_syscall+0x98/0x2b0 [ 85.970480][ C1] el0_svc_common+0x138/0x258 [ 85.971150][ C1] do_el0_svc+0x58/0x13c [ 85.971830][ C1] el0_svc+0x78/0x1d0 [ 85.972432][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 85.973214][ C1] el0t_64_sync+0x1a0/0x1a4 [ 85.973905][ C1] irq event stamp: 235588 [ 85.974554][ C1] hardirqs last enabled at (235587): [] call_rcu+0x570/0x8f4 [ 85.975922][ C1] hardirqs last disabled at (235588): [] enter_el1_irq_or_nmi+0x10/0x1c [ 85.977410][ C1] softirqs last enabled at (235558): [] local_bh_enable+0x10/0x34 [ 85.978888][ C1] softirqs last disabled at (235556): [] local_bh_disable+0x10/0x34 [ 85.980328][ C1] ---[ end trace 337cf78d76a9fdf1 ]--- [ 86.064342][ T5116] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.065594][ T5116] Bad inode number on dev loop0: 2 is out of range [ 86.066627][ T5116] SysV FS: get root inode failed [ 86.067396][ T5116] oldfs: cannot read superblock [ 86.076907][ C0] ------------[ cut here ]------------ [ 86.077832][ C0] VFS: brelse: Trying to free free buffer [ 86.078752][ C0] WARNING: CPU: 0 PID: 5117 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.080096][ C0] Modules linked in: [ 86.080707][ C0] CPU: 0 PID: 5117 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.082045][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.083558][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.084777][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 86.085549][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 86.086337][ C0] sp : ffff800008007de0 [ 86.086888][ C0] x29: ffff800008007de0 x28: ffff0000ef3c51c0 x27: 1fffe000341f245c [ 86.088139][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 86.089298][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e7318 [ 86.090489][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 86.091672][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.092852][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 86.094028][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 83c03b74201eaa00 [ 86.095178][ C0] x8 : 83c03b74201eaa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.096393][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.097527][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.098725][ C0] Call trace: [ 86.099193][ C0] invalidate_bh_lru+0x128/0x22c [ 86.099904][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 86.100806][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.101860][ C0] ipi_handler+0x10c/0x6fc [ 86.102547][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 86.103366][ C0] handle_domain_irq+0x144/0x1fc [ 86.104089][ C0] gic_handle_irq+0x78/0x1b8 [ 86.104749][ C0] call_on_irq_stack+0x30/0x48 [ 86.105478][ C0] do_interrupt_handler+0x6c/0x88 [ 86.106232][ C0] el1_interrupt+0x30/0x58 [ 86.106861][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.107532][ C0] el1h_64_irq+0x78/0x7c [ 86.108127][ C0] __sanitizer_cov_trace_pc+0x10/0xac [ 86.108868][ C0] tomoyo_path_perm+0x2a4/0x49c [ 86.109553][ C0] tomoyo_path_symlink+0xac/0xf8 [ 86.110310][ C0] security_path_symlink+0xec/0x13c [ 86.111112][ C0] do_symlinkat+0x10c/0x5b4 [ 86.111760][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 86.112489][ C0] invoke_syscall+0x98/0x2b0 [ 86.113153][ C0] el0_svc_common+0x138/0x258 [ 86.113857][ C0] do_el0_svc+0x58/0x13c [ 86.114517][ C0] el0_svc+0x78/0x1d0 [ 86.115123][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 86.115863][ C0] el0t_64_sync+0x1a0/0x1a4 [ 86.116516][ C0] irq event stamp: 772 [ 86.117107][ C0] hardirqs last enabled at (771): [] kasan_quarantine_put+0xc4/0x200 [ 86.118554][ C0] hardirqs last disabled at (772): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.120011][ C0] softirqs last enabled at (742): [] local_bh_enable+0x10/0x34 [ 86.121351][ C0] softirqs last disabled at (740): [] local_bh_disable+0x10/0x34 [ 86.122765][ C0] ---[ end trace 337cf78d76a9fdf2 ]--- [ 86.167696][ T5118] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.168950][ T5118] Bad inode number on dev loop0: 2 is out of range [ 86.169920][ T5118] SysV FS: get root inode failed [ 86.170647][ T5118] oldfs: cannot read superblock [ 86.175311][ C1] ------------[ cut here ]------------ [ 86.176238][ C1] VFS: brelse: Trying to free free buffer [ 86.177185][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.178543][ C1] Modules linked in: [ 86.179138][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.180489][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.181942][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.183017][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.183854][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.184629][ C1] sp : ffff800008017de0 [ 86.185251][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665c [ 86.186479][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 86.187696][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de329df8 [ 86.188878][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 86.190055][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.191206][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 86.192329][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 4492d4acac152100 [ 86.193469][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.194616][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.195787][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 86.196939][ C1] Call trace: [ 86.197426][ C1] invalidate_bh_lru+0x128/0x22c [ 86.198089][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.198997][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.200026][ C1] ipi_handler+0x10c/0x6fc [ 86.200638][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.201358][ C1] handle_domain_irq+0x144/0x1fc [ 86.202077][ C1] gic_handle_irq+0x78/0x1b8 [ 86.202760][ C1] call_on_irq_stack+0x30/0x48 [ 86.203430][ C1] do_interrupt_handler+0x6c/0x88 [ 86.204186][ C1] el1_interrupt+0x30/0x58 [ 86.204873][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.205639][ C1] el1h_64_irq+0x78/0x7c [ 86.206273][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 86.207108][ C1] debug_check_no_obj_freed+0x450/0x46c [ 86.207885][ C1] slab_free_freelist_hook+0x9c/0x1e4 [ 86.208657][ C1] kmem_cache_free+0xdc/0x3b0 [ 86.209330][ C1] putname+0x104/0x15c [ 86.209891][ C1] do_sys_openat2+0x1cc/0x3f4 [ 86.210635][ C1] __arm64_sys_openat+0x118/0x14c [ 86.211371][ C1] invoke_syscall+0x98/0x2b0 [ 86.212040][ C1] el0_svc_common+0x138/0x258 [ 86.212711][ C1] do_el0_svc+0x58/0x13c [ 86.213372][ C1] el0_svc+0x78/0x1d0 [ 86.213947][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.214707][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.215367][ C1] irq event stamp: 240724 [ 86.215968][ C1] hardirqs last enabled at (240723): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 86.217516][ C1] hardirqs last disabled at (240724): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.218967][ C1] softirqs last enabled at (240638): [] local_bh_enable+0x10/0x34 [ 86.220311][ C1] softirqs last disabled at (240636): [] local_bh_disable+0x10/0x34 [ 86.221702][ C1] ---[ end trace 337cf78d76a9fdf3 ]--- [ 86.316649][ T5120] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.317853][ T5120] Bad inode number on dev loop0: 2 is out of range [ 86.318844][ T5120] SysV FS: get root inode failed [ 86.319611][ T5120] oldfs: cannot read superblock [ 86.327339][ C0] ------------[ cut here ]------------ [ 86.328202][ C0] VFS: brelse: Trying to free free buffer [ 86.329113][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.330393][ C0] Modules linked in: [ 86.330935][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 86.332252][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.333638][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.334791][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 86.335535][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 86.336333][ C0] sp : ffff800008007de0 [ 86.336929][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 86.338162][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 86.339326][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e76b8 [ 86.340547][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 86.341747][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.342861][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 86.344091][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 86.345309][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.346534][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.347747][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.348956][ C0] Call trace: [ 86.349450][ C0] invalidate_bh_lru+0x128/0x22c [ 86.350168][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 86.351026][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.352054][ C0] ipi_handler+0x10c/0x6fc [ 86.352711][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 86.353547][ C0] handle_domain_irq+0x144/0x1fc [ 86.354234][ C0] gic_handle_irq+0x78/0x1b8 [ 86.354909][ C0] call_on_irq_stack+0x30/0x48 [ 86.355610][ C0] do_interrupt_handler+0x6c/0x88 [ 86.356332][ C0] el1_interrupt+0x30/0x58 [ 86.356957][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.357705][ C0] el1h_64_irq+0x78/0x7c [ 86.358292][ C0] unwind_frame+0x2d4/0x68c [ 86.358917][ C0] arch_stack_walk+0x200/0x2bc [ 86.359591][ C0] stack_trace_save+0x9c/0xf0 [ 86.360293][ C0] __kasan_slab_alloc+0x8c/0xcc [ 86.361013][ C0] slab_post_alloc_hook+0x74/0x3f8 [ 86.361776][ C0] kmem_cache_alloc_node+0x1fc/0x40c [ 86.362528][ C0] alloc_vmap_area+0x140/0x16c4 [ 86.363281][ C0] __get_vm_area_node+0x17c/0x2e8 [ 86.364012][ C0] __vmalloc_node_range+0xe8/0x8c8 [ 86.364727][ C0] vzalloc+0x110/0x188 [ 86.365322][ C0] alloc_counters+0x84/0x7a0 [ 86.366041][ C0] do_ipt_get_ctl+0xb68/0x143c [ 86.366817][ C0] nf_getsockopt+0x264/0x284 [ 86.367548][ C0] ip_getsockopt+0x122c/0x1664 [ 86.368198][ C0] tcp_getsockopt+0x210/0x2eec [ 86.368944][ C0] sock_common_getsockopt+0xa8/0xc4 [ 86.369660][ C0] __sys_getsockopt+0x1b8/0x250 [ 86.370360][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 86.371121][ C0] invoke_syscall+0x98/0x2b0 [ 86.371784][ C0] el0_svc_common+0x138/0x258 [ 86.372484][ C0] do_el0_svc+0x58/0x13c [ 86.373085][ C0] el0_svc+0x78/0x1d0 [ 86.373654][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 86.374393][ C0] el0t_64_sync+0x1a0/0x1a4 [ 86.375119][ C0] irq event stamp: 245614 [ 86.375746][ C0] hardirqs last enabled at (245613): [] ___slab_alloc+0xc18/0xd8c [ 86.377120][ C0] hardirqs last disabled at (245614): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.378533][ C0] softirqs last enabled at (245606): [] release_sock+0x1d0/0x258 [ 86.379930][ C0] softirqs last disabled at (245604): [] release_sock+0x34/0x258 [ 86.381295][ C0] ---[ end trace 337cf78d76a9fdf4 ]--- [ 86.431208][ T5122] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.432427][ T5122] Bad inode number on dev loop0: 2 is out of range [ 86.433734][ T5122] SysV FS: get root inode failed [ 86.434606][ T5122] oldfs: cannot read superblock [ 86.436295][ C1] ------------[ cut here ]------------ [ 86.437128][ C1] VFS: brelse: Trying to free free buffer [ 86.437971][ C1] WARNING: CPU: 1 PID: 5122 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.439288][ C1] Modules linked in: [ 86.439878][ C1] CPU: 1 PID: 5122 Comm: syz.0.37 Tainted: G W syzkaller #0 [ 86.441163][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.442617][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.443721][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.444492][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.445312][ C1] sp : ffff800008017de0 [ 86.445912][ C1] x29: ffff800008017de0 x28: ffff0000c2530000 x27: 1fffe000341f665c [ 86.447127][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 86.448357][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de32a230 [ 86.449606][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 86.450830][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.452011][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 86.453204][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : ab0c3e61774d3300 [ 86.454402][ C1] x8 : ab0c3e61774d3300 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.455592][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.456795][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 86.457996][ C1] Call trace: [ 86.458454][ C1] invalidate_bh_lru+0x128/0x22c [ 86.459184][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.460170][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.461258][ C1] ipi_handler+0x10c/0x6fc [ 86.461991][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.462794][ C1] handle_domain_irq+0x144/0x1fc [ 86.463499][ C1] gic_handle_irq+0x78/0x1b8 [ 86.464166][ C1] call_on_irq_stack+0x30/0x48 [ 86.464817][ C1] do_interrupt_handler+0x6c/0x88 [ 86.465550][ C1] el1_interrupt+0x30/0x58 [ 86.466250][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.467055][ C1] el1h_64_irq+0x78/0x7c [ 86.467667][ C1] lock_page_memcg+0x120/0x22c [ 86.468337][ C1] page_remove_rmap+0x3c/0xf90 [ 86.469160][ C1] unmap_page_range+0xb78/0x1908 [ 86.469863][ C1] unmap_single_vma+0x13c/0x1e4 [ 86.470527][ C1] unmap_vmas+0x10c/0x214 [ 86.471157][ C1] exit_mmap+0x2c4/0x508 [ 86.471865][ C1] __mmput+0xec/0x3a8 [ 86.472487][ C1] mmput+0x80/0xc0 [ 86.473033][ C1] exit_mm+0x4ac/0x664 [ 86.473639][ C1] do_exit+0x4f0/0x1f50 [ 86.474211][ C1] do_group_exit+0x100/0x268 [ 86.474835][ C1] get_signal+0x73c/0x1334 [ 86.475488][ C1] do_notify_resume+0x354/0x309c [ 86.476206][ C1] el0_svc+0xf0/0x1d0 [ 86.476749][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.477491][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.478146][ C1] irq event stamp: 2164 [ 86.478810][ C1] hardirqs last enabled at (2163): [] lock_page_memcg+0x110/0x22c [ 86.480176][ C1] hardirqs last disabled at (2164): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.481621][ C1] softirqs last enabled at (1890): [] local_bh_enable+0x10/0x34 [ 86.483024][ C1] softirqs last disabled at (1888): [] local_bh_disable+0x10/0x34 [ 86.484320][ C1] ---[ end trace 337cf78d76a9fdf5 ]--- [ 86.523380][ T5124] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.524512][ T5124] Bad inode number on dev loop0: 2 is out of range [ 86.525790][ T5124] SysV FS: get root inode failed [ 86.527519][ T5124] oldfs: cannot read superblock [ 86.539163][ C0] ------------[ cut here ]------------ [ 86.540007][ C0] VFS: brelse: Trying to free free buffer [ 86.540882][ C0] WARNING: CPU: 0 PID: 3661 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.542151][ C0] Modules linked in: [ 86.542713][ C0] CPU: 0 PID: 3661 Comm: udevd Tainted: G W syzkaller #0 [ 86.543902][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.545326][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.546494][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 86.547223][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 86.548006][ C0] sp : ffff800008007de0 [ 86.548616][ C0] x29: ffff800008007de0 x28: ffff0000d67a8000 x27: 1fffe000341f245c [ 86.549780][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 86.550907][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e72e7a58 [ 86.552040][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 86.553237][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.554429][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 86.555642][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : eca722db6c66c400 [ 86.556829][ C0] x8 : eca722db6c66c400 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.558030][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.559193][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.560357][ C0] Call trace: [ 86.560852][ C0] invalidate_bh_lru+0x128/0x22c [ 86.561610][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 86.562437][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.563423][ C0] ipi_handler+0x10c/0x6fc [ 86.564105][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 86.564992][ C0] handle_domain_irq+0x144/0x1fc [ 86.565729][ C0] gic_handle_irq+0x78/0x1b8 [ 86.566435][ C0] call_on_irq_stack+0x30/0x48 [ 86.567181][ C0] do_interrupt_handler+0x6c/0x88 [ 86.567941][ C0] el1_interrupt+0x30/0x58 [ 86.568611][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.569307][ C0] el1h_64_irq+0x78/0x7c [ 86.569938][ C0] netlink_deliver_tap+0xd8/0x1b0 [ 86.570644][ C0] netlink_sendskb+0x78/0x170 [ 86.571303][ C0] netlink_unicast+0x2d8/0x890 [ 86.571983][ C0] netlink_sendmsg+0x6f4/0x9d8 [ 86.572660][ C0] ____sys_sendmsg+0x62c/0x940 [ 86.573335][ C0] ___sys_sendmsg+0x1f0/0x27c [ 86.574057][ C0] __arm64_sys_sendmsg+0x1bc/0x278 [ 86.574798][ C0] invoke_syscall+0x98/0x2b0 [ 86.575448][ C0] el0_svc_common+0x138/0x258 [ 86.576129][ C0] do_el0_svc+0x58/0x13c [ 86.576730][ C0] el0_svc+0x78/0x1d0 [ 86.577308][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 86.578063][ C0] el0t_64_sync+0x1a0/0x1a4 [ 86.578697][ C0] irq event stamp: 1204544 [ 86.579371][ C0] hardirqs last enabled at (1204543): [] el0_svc_common+0x9c/0x258 [ 86.580764][ C0] hardirqs last disabled at (1204544): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.582229][ C0] softirqs last enabled at (1204538): [] local_bh_enable+0x10/0x34 [ 86.583577][ C0] softirqs last disabled at (1204536): [] local_bh_disable+0x10/0x34 [ 86.584953][ C0] ---[ end trace 337cf78d76a9fdf6 ]--- [ 86.635052][ T5128] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.636319][ T5128] Bad inode number on dev loop0: 2 is out of range [ 86.637352][ T5128] SysV FS: get root inode failed [ 86.638161][ T5128] oldfs: cannot read superblock [ 86.640382][ C1] ------------[ cut here ]------------ [ 86.641270][ C1] VFS: brelse: Trying to free free buffer [ 86.642224][ C1] WARNING: CPU: 1 PID: 5128 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.643670][ C1] Modules linked in: [ 86.644270][ C1] CPU: 1 PID: 5128 Comm: syz.0.40 Tainted: G W syzkaller #0 [ 86.645566][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.647140][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.648294][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 86.649123][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 86.649846][ C1] sp : ffff800008017de0 [ 86.650414][ C1] x29: ffff800008017de0 x28: ffff0000d17b51c0 x27: 1fffe000341f665c [ 86.651609][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 86.652780][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c8b40 [ 86.653980][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 86.655100][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.656314][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 86.657464][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : f84a1db9f9fe1300 [ 86.658651][ C1] x8 : f84a1db9f9fe1300 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.659879][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.661089][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 86.662269][ C1] Call trace: [ 86.662770][ C1] invalidate_bh_lru+0x128/0x22c [ 86.663500][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 86.664373][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.665415][ C1] ipi_handler+0x10c/0x6fc [ 86.666073][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 86.666842][ C1] handle_domain_irq+0x144/0x1fc [ 86.667582][ C1] gic_handle_irq+0x78/0x1b8 [ 86.668276][ C1] call_on_irq_stack+0x30/0x48 [ 86.668960][ C1] do_interrupt_handler+0x6c/0x88 [ 86.669729][ C1] el1_interrupt+0x30/0x58 [ 86.670371][ C1] el1h_64_irq_handler+0x18/0x24 [ 86.671074][ C1] el1h_64_irq+0x78/0x7c [ 86.671689][ C1] lock_page_memcg+0x120/0x22c [ 86.672406][ C1] page_remove_rmap+0x3c/0xf90 [ 86.673066][ C1] unmap_page_range+0xb78/0x1908 [ 86.673790][ C1] unmap_single_vma+0x13c/0x1e4 [ 86.674537][ C1] unmap_vmas+0x10c/0x214 [ 86.675144][ C1] exit_mmap+0x2c4/0x508 [ 86.675729][ C1] __mmput+0xec/0x3a8 [ 86.676313][ C1] mmput+0x80/0xc0 [ 86.676862][ C1] exit_mm+0x4ac/0x664 [ 86.677454][ C1] do_exit+0x4f0/0x1f50 [ 86.678062][ C1] do_group_exit+0x100/0x268 [ 86.678788][ C1] get_signal+0x73c/0x1334 [ 86.679430][ C1] do_notify_resume+0x354/0x309c [ 86.680227][ C1] el0_svc+0xf0/0x1d0 [ 86.680792][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 86.681517][ C1] el0t_64_sync+0x1a0/0x1a4 [ 86.682132][ C1] irq event stamp: 2882 [ 86.682742][ C1] hardirqs last enabled at (2881): [] lock_page_memcg+0x110/0x22c [ 86.684176][ C1] hardirqs last disabled at (2882): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.685615][ C1] softirqs last enabled at (904): [] local_bh_enable+0x10/0x34 [ 86.686947][ C1] softirqs last disabled at (902): [] local_bh_disable+0x10/0x34 [ 86.688335][ C1] ---[ end trace 337cf78d76a9fdf7 ]--- [ 86.776819][ T5130] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.778235][ T5130] Bad inode number on dev loop0: 2 is out of range [ 86.779218][ T5130] SysV FS: get root inode failed [ 86.780065][ T5130] oldfs: cannot read superblock [ 86.786702][ C0] ------------[ cut here ]------------ [ 86.787612][ C0] VFS: brelse: Trying to free free buffer [ 86.788428][ C0] WARNING: CPU: 0 PID: 1607 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.789689][ C0] Modules linked in: [ 86.790236][ C0] CPU: 0 PID: 1607 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 86.791554][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.793092][ C0] Workqueue: netns cleanup_net [ 86.793772][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.794955][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 86.795760][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 86.796465][ C0] sp : ffff800008007de0 [ 86.797014][ C0] x29: ffff800008007de0 x28: ffff0000cd463680 x27: 1fffe000341f245c [ 86.798162][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 86.799318][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de274148 [ 86.800454][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 86.801595][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.802767][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 86.803857][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 2f5a81b6c0df1200 [ 86.805067][ C0] x8 : 2f5a81b6c0df1200 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.806248][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.807431][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 86.808622][ C0] Call trace: [ 86.809097][ C0] invalidate_bh_lru+0x128/0x22c [ 86.809804][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 86.810670][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 86.811660][ C0] ipi_handler+0x10c/0x6fc [ 86.812285][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 86.813059][ C0] handle_domain_irq+0x144/0x1fc [ 86.813787][ C0] gic_handle_irq+0x78/0x1b8 [ 86.814455][ C0] call_on_irq_stack+0x30/0x48 [ 86.815156][ C0] do_interrupt_handler+0x6c/0x88 [ 86.815850][ C0] el1_interrupt+0x30/0x58 [ 86.816477][ C0] el1h_64_irq_handler+0x18/0x24 [ 86.817132][ C0] el1h_64_irq+0x78/0x7c [ 86.817703][ C0] lock_acquire+0x234/0x618 [ 86.818299][ C0] rcu_lock_acquire+0x40/0x4c [ 86.818942][ C0] inet_twsk_purge+0x110/0x7c4 [ 86.819726][ C0] dccp_v6_exit_batch+0x20/0x2c [ 86.820420][ C0] cleanup_net+0x654/0xaa4 [ 86.821041][ C0] process_one_work+0x79c/0x1138 [ 86.821771][ C0] worker_thread+0x8f4/0x1034 [ 86.822494][ C0] kthread+0x374/0x454 [ 86.823081][ C0] ret_from_fork+0x10/0x20 [ 86.823718][ C0] irq event stamp: 842414 [ 86.824305][ C0] hardirqs last enabled at (842413): [] call_rcu+0x570/0x8f4 [ 86.825651][ C0] hardirqs last disabled at (842414): [] enter_el1_irq_or_nmi+0x10/0x1c [ 86.827043][ C0] softirqs last enabled at (842390): [] local_bh_enable+0x10/0x34 [ 86.828441][ C0] softirqs last disabled at (842354): [] local_bh_disable+0x10/0x34 [ 86.829810][ C0] ---[ end trace 337cf78d76a9fdf8 ]--- [ 86.964923][ T5132] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 86.966047][ T5132] Bad inode number on dev loop0: 2 is out of range [ 86.967074][ T5132] SysV FS: get root inode failed [ 86.967833][ T5132] oldfs: cannot read superblock [ 86.973143][ T1541] Bluetooth: hci0: command 0x041b tx timeout [ 86.977898][ T4880] ------------[ cut here ]------------ [ 86.978715][ T4880] VFS: brelse: Trying to free free buffer [ 86.979568][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 86.980874][ T4880] Modules linked in: [ 86.981424][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 86.982704][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 86.984241][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 86.985415][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 86.986172][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 86.986924][ T4880] sp : ffff80001f6d77c0 [ 86.987541][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 86.988781][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 86.989975][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c8ee0 [ 86.991188][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 86.992333][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 86.993533][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 86.994744][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 86.995884][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 86.997093][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 86.998299][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 86.999604][ T4880] Call trace: [ 87.000180][ T4880] invalidate_bh_lru+0x128/0x22c [ 87.000947][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 87.001818][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.002571][ T4880] invalidate_bh_lrus+0x34/0x40 [ 87.003288][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 87.004042][ T4880] blkdev_put+0x490/0x6ac [ 87.004704][ T4880] blkdev_close+0x74/0xb0 [ 87.005382][ T4880] __fput+0x1c0/0x7e8 [ 87.005991][ T4880] ____fput+0x20/0x30 [ 87.006589][ T4880] task_work_run+0x12c/0x1d8 [ 87.007236][ T4880] do_notify_resume+0x2450/0x309c [ 87.007984][ T4880] el0_svc+0xf0/0x1d0 [ 87.008567][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 87.009287][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 87.009906][ T4880] irq event stamp: 173224 [ 87.010509][ T4880] hardirqs last enabled at (173223): [] kasan_quarantine_put+0xc4/0x200 [ 87.011982][ T4880] hardirqs last disabled at (173224): [] smp_call_function_many_cond+0xa44/0xeac [ 87.013580][ T4880] softirqs last enabled at (172960): [] local_bh_enable+0x10/0x34 [ 87.015026][ T4880] softirqs last disabled at (172958): [] local_bh_disable+0x10/0x34 [ 87.016479][ T4880] ---[ end trace 337cf78d76a9fdf9 ]--- [ 87.093843][ T5134] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.095114][ T5134] Bad inode number on dev loop0: 2 is out of range [ 87.096177][ T5134] SysV FS: get root inode failed [ 87.096994][ T5134] oldfs: cannot read superblock [ 87.100467][ T4880] ------------[ cut here ]------------ [ 87.101336][ T4880] VFS: brelse: Trying to free free buffer [ 87.102303][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.103683][ T4880] Modules linked in: [ 87.104296][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 87.105493][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.106929][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.108051][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 87.108808][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 87.109567][ T4880] sp : ffff80001f6d77c0 [ 87.110194][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 87.111397][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 87.112682][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2744e8 [ 87.113933][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 87.115130][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.116302][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 87.117479][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 87.118646][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.119837][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.121019][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.122206][ T4880] Call trace: [ 87.122664][ T4880] invalidate_bh_lru+0x128/0x22c [ 87.123378][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 87.124278][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.125051][ T4880] invalidate_bh_lrus+0x34/0x40 [ 87.125725][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 87.126449][ T4880] blkdev_put+0x490/0x6ac [ 87.127073][ T4880] blkdev_close+0x74/0xb0 [ 87.127732][ T4880] __fput+0x1c0/0x7e8 [ 87.128333][ T4880] ____fput+0x20/0x30 [ 87.128921][ T4880] task_work_run+0x12c/0x1d8 [ 87.129646][ T4880] do_notify_resume+0x2450/0x309c [ 87.130446][ T4880] el0_svc+0xf0/0x1d0 [ 87.131069][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 87.131863][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 87.132518][ T4880] irq event stamp: 178484 [ 87.133201][ T4880] hardirqs last enabled at (178483): [] kasan_quarantine_put+0xc4/0x200 [ 87.134636][ T4880] hardirqs last disabled at (178484): [] smp_call_function_many_cond+0xa44/0xeac [ 87.136192][ T4880] softirqs last enabled at (178206): [] local_bh_enable+0x10/0x34 [ 87.137636][ T4880] softirqs last disabled at (178204): [] local_bh_disable+0x10/0x34 [ 87.139073][ T4880] ---[ end trace 337cf78d76a9fdfa ]--- [ 87.191250][ T5136] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.192555][ T5136] Bad inode number on dev loop0: 2 is out of range [ 87.194047][ T5136] SysV FS: get root inode failed [ 87.194886][ T5136] oldfs: cannot read superblock [ 87.200515][ C1] ------------[ cut here ]------------ [ 87.201385][ C1] VFS: brelse: Trying to free free buffer [ 87.202306][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.203689][ C1] Modules linked in: [ 87.204297][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.205658][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.207177][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.208370][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 87.209187][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 87.210017][ C1] sp : ffff800008017de0 [ 87.210646][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665c [ 87.211901][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 87.213084][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0623b40 [ 87.214274][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 87.215403][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.216550][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 87.217743][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 87.218921][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.220107][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.221248][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.222344][ C1] Call trace: [ 87.222782][ C1] invalidate_bh_lru+0x128/0x22c [ 87.223464][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 87.224316][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.225341][ C1] ipi_handler+0x10c/0x6fc [ 87.225942][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 87.226723][ C1] handle_domain_irq+0x144/0x1fc [ 87.227413][ C1] gic_handle_irq+0x78/0x1b8 [ 87.228051][ C1] call_on_irq_stack+0x30/0x48 [ 87.228834][ C1] do_interrupt_handler+0x6c/0x88 [ 87.229616][ C1] el0_interrupt+0x94/0x248 [ 87.230339][ C1] __el0_irq_handler_common+0x18/0x24 [ 87.231215][ C1] el0t_64_irq_handler+0x10/0x1c [ 87.231995][ C1] el0t_64_irq+0x1a0/0x1a4 [ 87.232725][ C1] irq event stamp: 271760 [ 87.233338][ C1] hardirqs last enabled at (271759): [] el0t_64_sync_handler+0xcc/0xe4 [ 87.234728][ C1] hardirqs last disabled at (271760): [] __el0_irq_handler_common+0x18/0x24 [ 87.236225][ C1] softirqs last enabled at (271756): [] release_sock+0x1d0/0x258 [ 87.237605][ C1] softirqs last disabled at (271754): [] release_sock+0x34/0x258 [ 87.238991][ C1] ---[ end trace 337cf78d76a9fdfb ]--- [ 87.296910][ T5138] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.298152][ T5138] Bad inode number on dev loop0: 2 is out of range [ 87.299200][ T5138] SysV FS: get root inode failed [ 87.299961][ T5138] oldfs: cannot read superblock [ 87.304759][ C0] ------------[ cut here ]------------ [ 87.305631][ C0] VFS: brelse: Trying to free free buffer [ 87.306502][ C0] WARNING: CPU: 0 PID: 4437 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.307835][ C0] Modules linked in: [ 87.308413][ C0] CPU: 0 PID: 4437 Comm: syz-execprog Tainted: G W syzkaller #0 [ 87.309748][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.311147][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.312286][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 87.313088][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 87.313914][ C0] sp : ffff800008007de0 [ 87.314513][ C0] x29: ffff800008007de0 x28: ffff0000d1d6b680 x27: 1fffe000341f245c [ 87.315648][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 87.316789][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de274888 [ 87.317992][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 87.319186][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.320361][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 87.321535][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 065c70a32cfcd000 [ 87.322691][ C0] x8 : 065c70a32cfcd000 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.323885][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.325084][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 87.326278][ C0] Call trace: [ 87.326781][ C0] invalidate_bh_lru+0x128/0x22c [ 87.327513][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.328397][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.329413][ C0] ipi_handler+0x10c/0x6fc [ 87.330121][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 87.330923][ C0] handle_domain_irq+0x144/0x1fc [ 87.331611][ C0] gic_handle_irq+0x78/0x1b8 [ 87.332314][ C0] call_on_irq_stack+0x30/0x48 [ 87.332965][ C0] do_interrupt_handler+0x6c/0x88 [ 87.333613][ C0] el1_interrupt+0x30/0x58 [ 87.334243][ C0] el1h_64_irq_handler+0x18/0x24 [ 87.334917][ C0] el1h_64_irq+0x78/0x7c [ 87.335482][ C0] do_notify_resume+0x110/0x309c [ 87.336147][ C0] el0_svc+0xf0/0x1d0 [ 87.336729][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 87.337424][ C0] el0t_64_sync+0x1a0/0x1a4 [ 87.338052][ C0] irq event stamp: 111926 [ 87.338685][ C0] hardirqs last enabled at (111925): [] do_notify_resume+0x104/0x309c [ 87.340087][ C0] hardirqs last disabled at (111926): [] enter_el1_irq_or_nmi+0x10/0x1c [ 87.341534][ C0] softirqs last enabled at (111888): [] release_sock+0x1d0/0x258 [ 87.342898][ C0] softirqs last disabled at (111886): [] release_sock+0x34/0x258 [ 87.344282][ C0] ---[ end trace 337cf78d76a9fdfc ]--- [ 87.523698][ T5140] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.524997][ T5140] Bad inode number on dev loop0: 2 is out of range [ 87.526057][ T5140] SysV FS: get root inode failed [ 87.526843][ T5140] oldfs: cannot read superblock [ 87.541944][ T5142] ------------[ cut here ]------------ [ 87.542756][ T5142] VFS: brelse: Trying to free free buffer [ 87.543596][ T5142] WARNING: CPU: 1 PID: 5142 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.544958][ T5142] Modules linked in: [ 87.545537][ T5142] CPU: 1 PID: 5142 Comm: syz.0.47 Tainted: G W syzkaller #0 [ 87.546842][ T5142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.548329][ T5142] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.549519][ T5142] pc : invalidate_bh_lru+0x128/0x22c [ 87.550324][ T5142] lr : invalidate_bh_lru+0x128/0x22c [ 87.551097][ T5142] sp : ffff8000200777c0 [ 87.551713][ T5142] x29: ffff8000200777c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 87.552897][ T5142] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 87.554086][ T5142] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2e2ee0 [ 87.555337][ T5142] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 87.556556][ T5142] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.557736][ T5142] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 87.558913][ T5142] x11: 0000000000000002 x10: 0000000000000000 x9 : 1ee2a752c2873900 [ 87.560257][ T5142] x8 : 1ee2a752c2873900 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.561571][ T5142] x5 : ffff8000200770d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.562866][ T5142] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.564070][ T5142] Call trace: [ 87.564576][ T5142] invalidate_bh_lru+0x128/0x22c [ 87.565263][ T5142] smp_call_function_many_cond+0xa50/0xeac [ 87.566156][ T5142] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.566845][ T5142] invalidate_bh_lrus+0x34/0x40 [ 87.567521][ T5142] blkdev_flush_mapping+0x16c/0x334 [ 87.568343][ T5142] blkdev_put+0x490/0x6ac [ 87.568958][ T5142] blkdev_close+0x74/0xb0 [ 87.569592][ T5142] __fput+0x1c0/0x7e8 [ 87.570154][ T5142] ____fput+0x20/0x30 [ 87.570762][ T5142] task_work_run+0x12c/0x1d8 [ 87.571492][ T5142] do_notify_resume+0x2450/0x309c [ 87.572234][ T5142] el0_svc+0xf0/0x1d0 [ 87.572846][ T5142] el0t_64_sync_handler+0xcc/0xe4 [ 87.573633][ T5142] el0t_64_sync+0x1a0/0x1a4 [ 87.574381][ T5142] irq event stamp: 812 [ 87.574997][ T5142] hardirqs last enabled at (811): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 87.576552][ T5142] hardirqs last disabled at (812): [] smp_call_function_many_cond+0xa44/0xeac [ 87.578145][ T5142] softirqs last enabled at (784): [] local_bh_enable+0x10/0x34 [ 87.579516][ T5142] softirqs last disabled at (782): [] local_bh_disable+0x10/0x34 [ 87.580881][ T5142] ---[ end trace 337cf78d76a9fdfd ]--- [ 87.642860][ T5144] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.644222][ T5144] Bad inode number on dev loop0: 2 is out of range [ 87.645214][ T5144] SysV FS: get root inode failed [ 87.646050][ T5144] oldfs: cannot read superblock [ 87.659290][ T4880] ------------[ cut here ]------------ [ 87.660206][ T4880] VFS: brelse: Trying to free free buffer [ 87.661193][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.662553][ T4880] Modules linked in: [ 87.663189][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 87.664493][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.666066][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.667270][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 87.668075][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 87.668849][ T4880] sp : ffff80001f6d77c0 [ 87.669476][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 87.670752][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 87.671975][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2de318 [ 87.673130][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 87.674300][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.675500][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 87.676667][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 87.677826][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.678976][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.680160][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.681288][ T4880] Call trace: [ 87.681778][ T4880] invalidate_bh_lru+0x128/0x22c [ 87.682487][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 87.683369][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.684185][ T4880] invalidate_bh_lrus+0x34/0x40 [ 87.684880][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 87.685583][ T4880] blkdev_put+0x490/0x6ac [ 87.686229][ T4880] blkdev_close+0x74/0xb0 [ 87.686827][ T4880] __fput+0x1c0/0x7e8 [ 87.687398][ T4880] ____fput+0x20/0x30 [ 87.687998][ T4880] task_work_run+0x12c/0x1d8 [ 87.688700][ T4880] do_notify_resume+0x2450/0x309c [ 87.689439][ T4880] el0_svc+0xf0/0x1d0 [ 87.689997][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 87.690732][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 87.691374][ T4880] irq event stamp: 210974 [ 87.691977][ T4880] hardirqs last enabled at (210973): [] kasan_quarantine_put+0xc4/0x200 [ 87.693507][ T4880] hardirqs last disabled at (210974): [] smp_call_function_many_cond+0xa44/0xeac [ 87.695036][ T4880] softirqs last enabled at (210724): [] local_bh_enable+0x10/0x34 [ 87.696473][ T4880] softirqs last disabled at (210722): [] local_bh_disable+0x10/0x34 [ 87.697869][ T4880] ---[ end trace 337cf78d76a9fdfe ]--- [ 87.754642][ T5147] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.755819][ T5147] Bad inode number on dev loop0: 2 is out of range [ 87.756745][ T5147] SysV FS: get root inode failed [ 87.757460][ T5147] oldfs: cannot read superblock [ 87.766857][ T4880] ------------[ cut here ]------------ [ 87.767723][ T4880] VFS: brelse: Trying to free free buffer [ 87.768652][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.769963][ T4880] Modules linked in: [ 87.770523][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 87.771774][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.773225][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.774338][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 87.775061][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 87.775827][ T4880] sp : ffff80001f6d77c0 [ 87.776447][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 87.777643][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 87.778851][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de274c28 [ 87.780019][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 87.781206][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.782383][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 87.783569][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 87.784752][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.785948][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.787127][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.788325][ T4880] Call trace: [ 87.788823][ T4880] invalidate_bh_lru+0x128/0x22c [ 87.789527][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 87.790312][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.791085][ T4880] invalidate_bh_lrus+0x34/0x40 [ 87.791803][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 87.792528][ T4880] blkdev_put+0x490/0x6ac [ 87.793174][ T4880] blkdev_close+0x74/0xb0 [ 87.793848][ T4880] __fput+0x1c0/0x7e8 [ 87.794411][ T4880] ____fput+0x20/0x30 [ 87.794979][ T4880] task_work_run+0x12c/0x1d8 [ 87.795613][ T4880] do_notify_resume+0x2450/0x309c [ 87.796314][ T4880] el0_svc+0xf0/0x1d0 [ 87.796913][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 87.797591][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 87.798242][ T4880] irq event stamp: 215158 [ 87.798814][ T4880] hardirqs last enabled at (215157): [] kasan_quarantine_put+0xc4/0x200 [ 87.800340][ T4880] hardirqs last disabled at (215158): [] smp_call_function_many_cond+0xa44/0xeac [ 87.801924][ T4880] softirqs last enabled at (214884): [] local_bh_enable+0x10/0x34 [ 87.803317][ T4880] softirqs last disabled at (214882): [] local_bh_disable+0x10/0x34 [ 87.804643][ T4880] ---[ end trace 337cf78d76a9fdff ]--- 1970/01/01 00:01:27 executed programs: 36 [ 87.849582][ T5149] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.850857][ T5149] Bad inode number on dev loop0: 2 is out of range [ 87.851870][ T5149] SysV FS: get root inode failed [ 87.852887][ T5149] oldfs: cannot read superblock [ 87.863802][ T4880] ------------[ cut here ]------------ [ 87.864724][ T4880] VFS: brelse: Trying to free free buffer [ 87.865739][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.866919][ T4880] Modules linked in: [ 87.867476][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 87.868621][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.870098][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.871172][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 87.871907][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 87.872589][ T4880] sp : ffff80001f6d77c0 [ 87.873188][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 87.874505][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 87.875743][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2de6b8 [ 87.876992][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 87.878279][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.879416][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 87.880667][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 87.881894][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.883095][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.884287][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 87.885502][ T4880] Call trace: [ 87.885986][ T4880] invalidate_bh_lru+0x128/0x22c [ 87.886720][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 87.887592][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 87.888392][ T4880] invalidate_bh_lrus+0x34/0x40 [ 87.889082][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 87.889829][ T4880] blkdev_put+0x490/0x6ac [ 87.890508][ T4880] blkdev_close+0x74/0xb0 [ 87.891145][ T4880] __fput+0x1c0/0x7e8 [ 87.891724][ T4880] ____fput+0x20/0x30 [ 87.892317][ T4880] task_work_run+0x12c/0x1d8 [ 87.893047][ T4880] do_notify_resume+0x2450/0x309c [ 87.893755][ T4880] el0_svc+0xf0/0x1d0 [ 87.894368][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 87.895073][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 87.895725][ T4880] irq event stamp: 219312 [ 87.896403][ T4880] hardirqs last enabled at (219311): [] kasan_quarantine_put+0xc4/0x200 [ 87.897825][ T4880] hardirqs last disabled at (219312): [] smp_call_function_many_cond+0xa44/0xeac [ 87.899443][ T4880] softirqs last enabled at (219148): [] local_bh_enable+0x10/0x34 [ 87.900809][ T4880] softirqs last disabled at (219146): [] local_bh_disable+0x10/0x34 [ 87.902236][ T4880] ---[ end trace 337cf78d76a9fe00 ]--- [ 87.958090][ T5151] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 87.959175][ T5151] Bad inode number on dev loop0: 2 is out of range [ 87.960285][ T5151] SysV FS: get root inode failed [ 87.961038][ T5151] oldfs: cannot read superblock [ 87.969689][ C0] ------------[ cut here ]------------ [ 87.970556][ C0] VFS: brelse: Trying to free free buffer [ 87.971524][ C0] WARNING: CPU: 0 PID: 5152 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 87.972854][ C0] Modules linked in: [ 87.973465][ C0] CPU: 0 PID: 5152 Comm: syz-executor Tainted: G W syzkaller #0 [ 87.974833][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 87.976283][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 87.977454][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 87.978218][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 87.979045][ C0] sp : ffff800008007de0 [ 87.979668][ C0] x29: ffff800008007de0 x28: ffff0000c9f31b40 x27: 1fffe000341f245c [ 87.980840][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 87.982115][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de053060 [ 87.983249][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 87.984383][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 87.985750][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 87.986989][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : e8e9e7d98bdd2a00 [ 87.988218][ C0] x8 : e8e9e7d98bdd2a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 87.989329][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 87.990561][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 87.991751][ C0] Call trace: [ 87.992223][ C0] invalidate_bh_lru+0x128/0x22c [ 87.992938][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 87.993849][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 87.994930][ C0] ipi_handler+0x10c/0x6fc [ 87.995609][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 87.996408][ C0] handle_domain_irq+0x144/0x1fc [ 87.997169][ C0] gic_handle_irq+0x78/0x1b8 [ 87.997851][ C0] call_on_irq_stack+0x30/0x48 [ 87.998577][ C0] do_interrupt_handler+0x6c/0x88 [ 87.999312][ C0] el1_interrupt+0x30/0x58 [ 87.999950][ C0] el1h_64_irq_handler+0x18/0x24 [ 88.000661][ C0] el1h_64_irq+0x78/0x7c [ 88.001262][ C0] next_uptodate_page+0x214/0x724 [ 88.002010][ C0] filemap_map_pages+0x96c/0xc54 [ 88.002737][ C0] handle_mm_fault+0x188c/0x2a28 [ 88.003536][ C0] do_page_fault+0x67c/0xab0 [ 88.004265][ C0] do_translation_fault+0xe0/0x130 [ 88.005092][ C0] do_mem_abort+0x6c/0x1ac [ 88.005720][ C0] el0_ia+0xe0/0x2b8 [ 88.006283][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 88.007007][ C0] el0t_64_sync+0x1a0/0x1a4 [ 88.007695][ C0] irq event stamp: 486 [ 88.008282][ C0] hardirqs last enabled at (485): [] lock_page_memcg+0x110/0x22c [ 88.009753][ C0] hardirqs last disabled at (486): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.011202][ C0] softirqs last enabled at (66): [] local_bh_enable+0x10/0x34 [ 88.012557][ C0] softirqs last disabled at (64): [] local_bh_disable+0x10/0x34 [ 88.013942][ C0] ---[ end trace 337cf78d76a9fe01 ]--- [ 88.097473][ T5153] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.098655][ T5153] Bad inode number on dev loop0: 2 is out of range [ 88.099632][ T5153] SysV FS: get root inode failed [ 88.100339][ T5153] oldfs: cannot read superblock [ 88.117526][ T4880] ------------[ cut here ]------------ [ 88.118449][ T4880] VFS: brelse: Trying to free free buffer [ 88.119410][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.120821][ T4880] Modules linked in: [ 88.121380][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 88.122608][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.123963][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.125055][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 88.125757][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 88.126521][ T4880] sp : ffff80001f6d77c0 [ 88.127121][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 88.128306][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 88.129431][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2dea58 [ 88.130584][ T4880] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 88.131759][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.132924][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 88.134109][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 88.135261][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.136390][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.137499][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 88.138625][ T4880] Call trace: [ 88.139102][ T4880] invalidate_bh_lru+0x128/0x22c [ 88.139784][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 88.140586][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 88.141302][ T4880] invalidate_bh_lrus+0x34/0x40 [ 88.142026][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 88.142703][ T4880] blkdev_put+0x490/0x6ac [ 88.143282][ T4880] blkdev_close+0x74/0xb0 [ 88.143889][ T4880] __fput+0x1c0/0x7e8 [ 88.144466][ T4880] ____fput+0x20/0x30 [ 88.145057][ T4880] task_work_run+0x12c/0x1d8 [ 88.145736][ T4880] do_notify_resume+0x2450/0x309c [ 88.146514][ T4880] el0_svc+0xf0/0x1d0 [ 88.147124][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 88.147870][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 88.148551][ T4880] irq event stamp: 227160 [ 88.149185][ T4880] hardirqs last enabled at (227159): [] kasan_quarantine_put+0xc4/0x200 [ 88.150659][ T4880] hardirqs last disabled at (227160): [] smp_call_function_many_cond+0xa44/0xeac [ 88.152264][ T4880] softirqs last enabled at (226894): [] local_bh_enable+0x10/0x34 [ 88.153585][ T4880] softirqs last disabled at (226892): [] local_bh_disable+0x10/0x34 [ 88.154987][ T4880] ---[ end trace 337cf78d76a9fe02 ]--- [ 88.198829][ T5157] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.200130][ T5157] Bad inode number on dev loop0: 2 is out of range [ 88.201099][ T5157] SysV FS: get root inode failed [ 88.201809][ T5157] oldfs: cannot read superblock [ 88.225994][ C0] ------------[ cut here ]------------ [ 88.226808][ C0] VFS: brelse: Trying to free free buffer [ 88.227651][ C0] WARNING: CPU: 0 PID: 5160 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.228980][ C0] Modules linked in: [ 88.229573][ C0] CPU: 0 PID: 5160 Comm: syz-executor Tainted: G W syzkaller #0 [ 88.230796][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.232246][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.233376][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 88.234151][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 88.234994][ C0] sp : ffff800008007de0 [ 88.235591][ C0] x29: ffff800008007de0 x28: ffff0000ce4c9b40 x27: 1fffe000341f245c [ 88.236792][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 88.238092][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de053400 [ 88.239298][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 88.240503][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.241678][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 88.242831][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 87a089ad15035700 [ 88.244048][ C0] x8 : 87a089ad15035700 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.245190][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.246263][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 88.247405][ C0] Call trace: [ 88.247833][ C0] invalidate_bh_lru+0x128/0x22c [ 88.248527][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 88.249351][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.250351][ C0] ipi_handler+0x10c/0x6fc [ 88.250958][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 88.251762][ C0] handle_domain_irq+0x144/0x1fc [ 88.252470][ C0] gic_handle_irq+0x78/0x1b8 [ 88.253141][ C0] call_on_irq_stack+0x30/0x48 [ 88.253893][ C0] do_interrupt_handler+0x6c/0x88 [ 88.254615][ C0] el1_interrupt+0x30/0x58 [ 88.255252][ C0] el1h_64_irq_handler+0x18/0x24 [ 88.255912][ C0] el1h_64_irq+0x78/0x7c [ 88.256504][ C0] page_memcg+0x15c/0x1f0 [ 88.257077][ C0] unlock_page_memcg+0x48/0x5c [ 88.257764][ C0] page_add_file_rmap+0x658/0x8c4 [ 88.258480][ C0] do_set_pte+0x390/0x4dc [ 88.259125][ C0] filemap_map_pages+0x9d0/0xc54 [ 88.259856][ C0] handle_mm_fault+0x188c/0x2a28 [ 88.260588][ C0] do_page_fault+0x67c/0xab0 [ 88.261225][ C0] do_translation_fault+0xe0/0x130 [ 88.262014][ C0] do_mem_abort+0x6c/0x1ac [ 88.262644][ C0] el0_ia+0xe0/0x2b8 [ 88.263172][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 88.263866][ C0] el0t_64_sync+0x1a0/0x1a4 [ 88.264484][ C0] irq event stamp: 442 [ 88.265068][ C0] hardirqs last enabled at (441): [] lock_page_memcg+0x110/0x22c [ 88.266444][ C0] hardirqs last disabled at (442): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.267802][ C0] softirqs last enabled at (64): [] local_bh_enable+0x10/0x34 [ 88.269200][ C0] softirqs last disabled at (62): [] local_bh_disable+0x10/0x34 [ 88.270503][ C0] ---[ end trace 337cf78d76a9fe03 ]--- [ 88.309277][ T5161] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.310512][ T5161] Bad inode number on dev loop0: 2 is out of range [ 88.311502][ T5161] SysV FS: get root inode failed [ 88.312307][ T5161] oldfs: cannot read superblock [ 88.322888][ C1] ------------[ cut here ]------------ [ 88.323808][ C1] VFS: brelse: Trying to free free buffer [ 88.324709][ C1] WARNING: CPU: 1 PID: 1541 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.325944][ C1] Modules linked in: [ 88.326501][ C1] CPU: 1 PID: 1541 Comm: kworker/1:2 Tainted: G W syzkaller #0 [ 88.327709][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.329020][ C1] Workqueue: rcu_gp srcu_invoke_callbacks [ 88.329794][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.330821][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 88.331507][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 88.332279][ C1] sp : ffff800008017de0 [ 88.332855][ C1] x29: ffff800008017de0 x28: ffff0000ccfb3680 x27: 1fffe000341f665b [ 88.334057][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 88.335252][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de2dedf8 [ 88.336381][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010203 [ 88.337610][ C1] x17: 0000000000010203 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.338778][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 88.339983][ C1] x11: 0000000000010202 x10: 0000000000010202 x9 : 7ac425edb75b4600 [ 88.341139][ C1] x8 : 7ac425edb75b4600 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.342291][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.343459][ C1] x2 : 0000000000000001 x1 : 0000000100010202 x0 : 0000000000000027 [ 88.344644][ C1] Call trace: [ 88.345125][ C1] invalidate_bh_lru+0x128/0x22c [ 88.345869][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 88.346830][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.347853][ C1] ipi_handler+0x10c/0x6fc [ 88.348493][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 88.349282][ C1] handle_domain_irq+0x144/0x1fc [ 88.349986][ C1] gic_handle_irq+0x78/0x1b8 [ 88.350716][ C1] call_on_irq_stack+0x30/0x48 [ 88.351412][ C1] do_interrupt_handler+0x6c/0x88 [ 88.352129][ C1] el1_interrupt+0x30/0x58 [ 88.352713][ C1] el1h_64_irq_handler+0x18/0x24 [ 88.353451][ C1] el1h_64_irq+0x78/0x7c [ 88.354011][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 88.354762][ C1] complete+0x68/0xbc [ 88.355289][ C1] wakeme_after_rcu+0x14/0x20 [ 88.355933][ C1] srcu_invoke_callbacks+0x168/0x348 [ 88.356682][ C1] process_one_work+0x79c/0x1138 [ 88.357401][ C1] worker_thread+0x8f4/0x1034 [ 88.358108][ C1] kthread+0x374/0x454 [ 88.358722][ C1] ret_from_fork+0x10/0x20 [ 88.359357][ C1] irq event stamp: 74691 [ 88.359978][ C1] hardirqs last enabled at (74690): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 88.361385][ C1] hardirqs last disabled at (74691): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.362725][ C1] softirqs last enabled at (74652): [] local_bh_enable+0xc/0x2c [ 88.364065][ C1] softirqs last disabled at (74688): [] local_bh_disable+0xc/0x2c [ 88.365434][ C1] ---[ end trace 337cf78d76a9fe04 ]--- [ 88.423472][ T5163] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.425053][ T5163] Bad inode number on dev loop0: 2 is out of range [ 88.426191][ T5163] SysV FS: get root inode failed [ 88.426971][ T5163] oldfs: cannot read superblock [ 88.433581][ T4880] ------------[ cut here ]------------ [ 88.434416][ T4880] VFS: brelse: Trying to free free buffer [ 88.435475][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.436787][ T4880] Modules linked in: [ 88.437373][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 88.438619][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.440121][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.441362][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 88.442086][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 88.442867][ T4880] sp : ffff80001f6d77c0 [ 88.443470][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 88.444673][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 88.445927][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de37c970 [ 88.447162][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 88.448357][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.449547][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 88.450778][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 88.451944][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.453035][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.454118][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 88.455327][ T4880] Call trace: [ 88.455771][ T4880] invalidate_bh_lru+0x128/0x22c [ 88.456426][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 88.457230][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 88.457961][ T4880] invalidate_bh_lrus+0x34/0x40 [ 88.458685][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 88.459393][ T4880] blkdev_put+0x490/0x6ac [ 88.459973][ T4880] blkdev_close+0x74/0xb0 [ 88.460605][ T4880] __fput+0x1c0/0x7e8 [ 88.461170][ T4880] ____fput+0x20/0x30 [ 88.461753][ T4880] task_work_run+0x12c/0x1d8 [ 88.462463][ T4880] do_notify_resume+0x2450/0x309c [ 88.463193][ T4880] el0_svc+0xf0/0x1d0 [ 88.463801][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 88.464548][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 88.465205][ T4880] irq event stamp: 251136 [ 88.465827][ T4880] hardirqs last enabled at (251135): [] kasan_quarantine_put+0xc4/0x200 [ 88.467264][ T4880] hardirqs last disabled at (251136): [] smp_call_function_many_cond+0xa44/0xeac [ 88.468755][ T4880] softirqs last enabled at (250870): [] local_bh_enable+0x10/0x34 [ 88.470054][ T4880] softirqs last disabled at (250868): [] local_bh_disable+0x10/0x34 [ 88.471347][ T4880] ---[ end trace 337cf78d76a9fe05 ]--- [ 88.498071][ T5165] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.499297][ T5165] Bad inode number on dev loop0: 2 is out of range [ 88.500355][ T5165] SysV FS: get root inode failed [ 88.501082][ T5165] oldfs: cannot read superblock [ 88.505450][ C0] ------------[ cut here ]------------ [ 88.506294][ C0] VFS: brelse: Trying to free free buffer [ 88.507212][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.508441][ C0] Modules linked in: [ 88.509071][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 88.510317][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.511795][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.512958][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 88.513780][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 88.514577][ C0] sp : ffff800008007de0 [ 88.515145][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 88.516229][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 88.517446][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de0537a0 [ 88.518668][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 88.519907][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.521147][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 88.522452][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 4492d4acac152100 [ 88.523706][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.524982][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.526202][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 88.527316][ C0] Call trace: [ 88.527799][ C0] invalidate_bh_lru+0x128/0x22c [ 88.528555][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 88.529461][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.530504][ C0] ipi_handler+0x10c/0x6fc [ 88.531095][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 88.531850][ C0] handle_domain_irq+0x144/0x1fc [ 88.532592][ C0] gic_handle_irq+0x78/0x1b8 [ 88.533248][ C0] call_on_irq_stack+0x30/0x48 [ 88.533912][ C0] do_interrupt_handler+0x6c/0x88 [ 88.534675][ C0] el1_interrupt+0x30/0x58 [ 88.535331][ C0] el1h_64_irq_handler+0x18/0x24 [ 88.536078][ C0] el1h_64_irq+0x78/0x7c [ 88.536782][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 88.537622][ C0] debug_object_activate+0x258/0x4b4 [ 88.538396][ C0] call_rcu+0x54/0x8f4 [ 88.539082][ C0] dentry_free+0xa4/0x178 [ 88.539703][ C0] __dentry_kill+0x45c/0x598 [ 88.540364][ C0] dentry_kill+0xc8/0x248 [ 88.540987][ C0] dput+0x23c/0x458 [ 88.541540][ C0] dcache_dir_close+0x40/0x54 [ 88.542214][ C0] __fput+0x1c0/0x7e8 [ 88.542819][ C0] ____fput+0x20/0x30 [ 88.543432][ C0] task_work_run+0x12c/0x1d8 [ 88.544127][ C0] do_notify_resume+0x2450/0x309c [ 88.544885][ C0] el0_svc+0xf0/0x1d0 [ 88.545433][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 88.546129][ C0] el0t_64_sync+0x1a0/0x1a4 [ 88.546759][ C0] irq event stamp: 313890 [ 88.547404][ C0] hardirqs last enabled at (313889): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 88.548968][ C0] hardirqs last disabled at (313890): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.550453][ C0] softirqs last enabled at (313742): [] local_bh_enable+0x10/0x34 [ 88.551866][ C0] softirqs last disabled at (313740): [] local_bh_disable+0x10/0x34 [ 88.553258][ C0] ---[ end trace 337cf78d76a9fe06 ]--- [ 88.603868][ T5167] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.605059][ T5167] Bad inode number on dev loop0: 2 is out of range [ 88.606096][ T5167] SysV FS: get root inode failed [ 88.606830][ T5167] oldfs: cannot read superblock [ 88.616492][ C1] ------------[ cut here ]------------ [ 88.617456][ C1] VFS: brelse: Trying to free free buffer [ 88.618465][ C1] WARNING: CPU: 1 PID: 5169 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.619835][ C1] Modules linked in: [ 88.620440][ C1] CPU: 1 PID: 5169 Comm: syz.0.60 Tainted: G W syzkaller #0 [ 88.621789][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.623376][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.624575][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 88.625301][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 88.626033][ C1] sp : ffff800008017de0 [ 88.626641][ C1] x29: ffff800008017de0 x28: ffff0000c2feb680 x27: 1fffe000341f665c [ 88.627921][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 88.629173][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de37cd10 [ 88.630367][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 88.631614][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.632816][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 88.634003][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 6c09042cf016df00 [ 88.635109][ C1] x8 : 6c09042cf016df00 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.636227][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.637473][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 88.638634][ C1] Call trace: [ 88.639071][ C1] invalidate_bh_lru+0x128/0x22c [ 88.639792][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 88.640660][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.641729][ C1] ipi_handler+0x10c/0x6fc [ 88.642392][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 88.643250][ C1] handle_domain_irq+0x144/0x1fc [ 88.644008][ C1] gic_handle_irq+0x78/0x1b8 [ 88.644689][ C1] call_on_irq_stack+0x30/0x48 [ 88.645453][ C1] do_interrupt_handler+0x6c/0x88 [ 88.646220][ C1] el0_interrupt+0x94/0x248 [ 88.646897][ C1] __el0_irq_handler_common+0x18/0x24 [ 88.647731][ C1] el0t_64_irq_handler+0x10/0x1c [ 88.648444][ C1] el0t_64_irq+0x1a0/0x1a4 [ 88.649152][ C1] irq event stamp: 190 [ 88.649748][ C1] hardirqs last enabled at (189): [] el0t_64_sync_handler+0xd8/0xe4 [ 88.651041][ C1] hardirqs last disabled at (190): [] __el0_irq_handler_common+0x18/0x24 [ 88.652481][ C1] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 88.653837][ C1] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 88.655245][ C1] ---[ end trace 337cf78d76a9fe07 ]--- [ 88.669086][ T5169] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.670628][ T5169] Bad inode number on dev loop0: 2 is out of range [ 88.671624][ T5169] SysV FS: get root inode failed [ 88.672381][ T5169] oldfs: cannot read superblock [ 88.679926][ C0] ------------[ cut here ]------------ [ 88.680831][ C0] VFS: brelse: Trying to free free buffer [ 88.681761][ C0] WARNING: CPU: 0 PID: 5170 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.683023][ C0] Modules linked in: [ 88.683570][ C0] CPU: 0 PID: 5170 Comm: syz-executor Tainted: G W syzkaller #0 [ 88.684914][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.686429][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.687590][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 88.688318][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 88.689133][ C0] sp : ffff800008007de0 [ 88.689749][ C0] x29: ffff800008007de0 x28: ffff0000ca600000 x27: 1fffe000341f245c [ 88.690884][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 88.691990][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de053b40 [ 88.693142][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 88.694414][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.695677][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 88.696774][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 7bd745ecbe07b900 [ 88.697945][ C0] x8 : 7bd745ecbe07b900 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.699126][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.700311][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 88.701556][ C0] Call trace: [ 88.702048][ C0] invalidate_bh_lru+0x128/0x22c [ 88.702765][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 88.703643][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.704663][ C0] ipi_handler+0x10c/0x6fc [ 88.705335][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 88.706139][ C0] handle_domain_irq+0x144/0x1fc [ 88.706837][ C0] gic_handle_irq+0x78/0x1b8 [ 88.707566][ C0] call_on_irq_stack+0x30/0x48 [ 88.708257][ C0] do_interrupt_handler+0x6c/0x88 [ 88.708973][ C0] el1_interrupt+0x30/0x58 [ 88.709587][ C0] el1h_64_irq_handler+0x18/0x24 [ 88.710285][ C0] el1h_64_irq+0x78/0x7c [ 88.710943][ C0] lock_acquire+0x234/0x618 [ 88.711609][ C0] rcu_lock_acquire+0x38/0x44 [ 88.712312][ C0] lock_page_memcg+0x50/0x22c [ 88.712976][ C0] page_add_file_rmap+0x148/0x8c4 [ 88.713657][ C0] do_set_pte+0x390/0x4dc [ 88.714271][ C0] filemap_map_pages+0x9d0/0xc54 [ 88.714979][ C0] handle_mm_fault+0x188c/0x2a28 [ 88.715719][ C0] do_page_fault+0x67c/0xab0 [ 88.716382][ C0] do_translation_fault+0xe0/0x130 [ 88.717162][ C0] do_mem_abort+0x6c/0x1ac [ 88.717812][ C0] el0_ia+0xe0/0x2b8 [ 88.718390][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 88.719171][ C0] el0t_64_sync+0x1a0/0x1a4 [ 88.719783][ C0] irq event stamp: 210 [ 88.720329][ C0] hardirqs last enabled at (209): [] count_memcg_event_mm+0x1b0/0x300 [ 88.721746][ C0] hardirqs last disabled at (210): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.723232][ C0] softirqs last enabled at (64): [] local_bh_enable+0x10/0x34 [ 88.724565][ C0] softirqs last disabled at (62): [] local_bh_disable+0x10/0x34 [ 88.725904][ C0] ---[ end trace 337cf78d76a9fe08 ]--- [ 88.835628][ T5171] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 88.836820][ T5171] Bad inode number on dev loop0: 2 is out of range [ 88.837833][ T5171] SysV FS: get root inode failed [ 88.838556][ T5171] oldfs: cannot read superblock [ 88.847580][ C0] ------------[ cut here ]------------ [ 88.848390][ C0] VFS: brelse: Trying to free free buffer [ 88.849260][ C0] WARNING: CPU: 0 PID: 5172 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 88.850607][ C0] Modules linked in: [ 88.851157][ C0] CPU: 0 PID: 5172 Comm: syz.0.62 Tainted: G W syzkaller #0 [ 88.852473][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.853980][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 88.855125][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 88.855907][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 88.856702][ C0] sp : ffff800008007de0 [ 88.857316][ C0] x29: ffff800008007de0 x28: ffff0000d1798000 x27: 1fffe000341f245c [ 88.858509][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 88.859653][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de053ee0 [ 88.860837][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 88.861988][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 88.863156][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 88.864380][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 39525087b2862d00 [ 88.865583][ C0] x8 : 39525087b2862d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 88.866766][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 88.867979][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 88.869155][ C0] Call trace: [ 88.869644][ C0] invalidate_bh_lru+0x128/0x22c [ 88.870345][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 88.871226][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 88.872261][ C0] ipi_handler+0x10c/0x6fc [ 88.872904][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 88.873760][ C0] handle_domain_irq+0x144/0x1fc [ 88.874442][ C0] gic_handle_irq+0x78/0x1b8 [ 88.875103][ C0] call_on_irq_stack+0x30/0x48 [ 88.875788][ C0] do_interrupt_handler+0x6c/0x88 [ 88.876495][ C0] el1_interrupt+0x30/0x58 [ 88.877168][ C0] el1h_64_irq_handler+0x18/0x24 [ 88.877855][ C0] el1h_64_irq+0x78/0x7c [ 88.878512][ C0] check_preemption_disabled+0x34/0x164 [ 88.879285][ C0] debug_smp_processor_id+0x20/0x2c [ 88.879990][ C0] rcu_is_watching+0x50/0x134 [ 88.880662][ C0] rcu_read_lock_held+0x18/0x50 [ 88.881387][ C0] mem_cgroup_from_task+0x98/0x120 [ 88.882026][ C0] count_memcg_event_mm+0x120/0x300 [ 88.882768][ C0] handle_mm_fault+0x19c/0x2a28 [ 88.883452][ C0] do_page_fault+0x67c/0xab0 [ 88.884100][ C0] do_mem_abort+0x6c/0x1ac [ 88.884715][ C0] el0_da+0x90/0x1ec [ 88.885281][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 88.885962][ C0] el0t_64_sync+0x1a0/0x1a4 [ 88.886570][ C0] irq event stamp: 1454 [ 88.887165][ C0] hardirqs last enabled at (1453): [] local_daif_restore+0x1c/0x3c [ 88.888497][ C0] hardirqs last disabled at (1454): [] enter_el1_irq_or_nmi+0x10/0x1c [ 88.889905][ C0] softirqs last enabled at (1240): [] local_bh_enable+0x10/0x34 [ 88.891240][ C0] softirqs last disabled at (1238): [] local_bh_disable+0x10/0x34 [ 88.892695][ C0] ---[ end trace 337cf78d76a9fe09 ]--- [ 89.013793][ T5173] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.014884][ T5173] Bad inode number on dev loop0: 2 is out of range [ 89.015800][ T5173] SysV FS: get root inode failed [ 89.016520][ T5173] oldfs: cannot read superblock [ 89.025575][ C1] ------------[ cut here ]------------ [ 89.026476][ C1] VFS: brelse: Trying to free free buffer [ 89.027400][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.028815][ C1] Modules linked in: [ 89.029450][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 89.030852][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.032275][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.033489][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 89.034296][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 89.035103][ C1] sp : ffff800008017de0 [ 89.035723][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665c [ 89.036915][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 89.038065][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de37f888 [ 89.039262][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 89.040436][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.041613][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 89.042822][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 89.043998][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.045135][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.046306][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 89.047518][ C1] Call trace: [ 89.048018][ C1] invalidate_bh_lru+0x128/0x22c [ 89.048746][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 89.049663][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 89.050700][ C1] ipi_handler+0x10c/0x6fc [ 89.051342][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 89.052195][ C1] handle_domain_irq+0x144/0x1fc [ 89.052959][ C1] gic_handle_irq+0x78/0x1b8 [ 89.053632][ C1] call_on_irq_stack+0x30/0x48 [ 89.054403][ C1] do_interrupt_handler+0x6c/0x88 [ 89.055109][ C1] el1_interrupt+0x30/0x58 [ 89.055780][ C1] el1h_64_irq_handler+0x18/0x24 [ 89.056478][ C1] el1h_64_irq+0x78/0x7c [ 89.057069][ C1] kasan_quarantine_put+0xd4/0x200 [ 89.057831][ C1] ____kasan_slab_free+0x124/0x164 [ 89.058583][ C1] __kasan_slab_free+0x18/0x28 [ 89.059318][ C1] slab_free_freelist_hook+0x128/0x1e4 [ 89.060069][ C1] kmem_cache_free+0xdc/0x3b0 [ 89.060769][ C1] dentry_free+0xbc/0x178 [ 89.061417][ C1] __dentry_kill+0x45c/0x598 [ 89.062081][ C1] dentry_kill+0xc8/0x248 [ 89.062751][ C1] dput+0x23c/0x458 [ 89.063290][ C1] __fput+0x494/0x7e8 [ 89.063898][ C1] ____fput+0x20/0x30 [ 89.064462][ C1] task_work_run+0x12c/0x1d8 [ 89.065102][ C1] do_notify_resume+0x2450/0x309c [ 89.065806][ C1] el0_svc+0xf0/0x1d0 [ 89.066363][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 89.067054][ C1] el0t_64_sync+0x1a0/0x1a4 [ 89.067649][ C1] irq event stamp: 328346 [ 89.068278][ C1] hardirqs last enabled at (328345): [] kasan_quarantine_put+0xc4/0x200 [ 89.069688][ C1] hardirqs last disabled at (328346): [] enter_el1_irq_or_nmi+0x10/0x1c [ 89.071107][ C1] softirqs last enabled at (328318): [] release_sock+0x1d0/0x258 [ 89.072426][ C1] softirqs last disabled at (328316): [] release_sock+0x34/0x258 [ 89.073796][ C1] ---[ end trace 337cf78d76a9fe0a ]--- [ 89.076718][ T25] Bluetooth: hci0: command 0x040f tx timeout [ 89.146286][ T5175] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.147441][ T5175] Bad inode number on dev loop0: 2 is out of range [ 89.148399][ T5175] SysV FS: get root inode failed [ 89.149135][ T5175] oldfs: cannot read superblock [ 89.158104][ C0] ------------[ cut here ]------------ [ 89.159006][ C0] VFS: brelse: Trying to free free buffer [ 89.159910][ C0] WARNING: CPU: 0 PID: 5176 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.161264][ C0] Modules linked in: [ 89.161803][ C0] CPU: 0 PID: 5176 Comm: syz.0.64 Tainted: G W syzkaller #0 [ 89.163049][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.164583][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.165842][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 89.166666][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 89.167411][ C0] sp : ffff800008007de0 [ 89.167977][ C0] x29: ffff800008007de0 x28: ffff0000cb0f51c0 x27: 1fffe000341f245c [ 89.169113][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 89.170230][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb11318 [ 89.171499][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 89.172786][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.173924][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 89.175072][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : d0c527a73377c700 [ 89.176220][ C0] x8 : d0c527a73377c700 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.177416][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.178642][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 89.179792][ C0] Call trace: [ 89.180228][ C0] invalidate_bh_lru+0x128/0x22c [ 89.180946][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 89.181801][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 89.182838][ C0] ipi_handler+0x10c/0x6fc [ 89.183538][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 89.184369][ C0] handle_domain_irq+0x144/0x1fc [ 89.185080][ C0] gic_handle_irq+0x78/0x1b8 [ 89.185750][ C0] call_on_irq_stack+0x30/0x48 [ 89.186466][ C0] do_interrupt_handler+0x6c/0x88 [ 89.187246][ C0] el1_interrupt+0x30/0x58 [ 89.187896][ C0] el1h_64_irq_handler+0x18/0x24 [ 89.188643][ C0] el1h_64_irq+0x78/0x7c [ 89.189252][ C0] __memcg_kmem_charge_page+0x2d4/0x59c [ 89.190033][ C0] __alloc_pages+0x1d0/0x470 [ 89.190739][ C0] alloc_pages+0x34c/0x5c0 [ 89.191387][ C0] pte_alloc_one+0x2c/0x254 [ 89.192014][ C0] __pte_alloc+0x34/0x214 [ 89.192679][ C0] handle_mm_fault+0x2444/0x2a28 [ 89.193357][ C0] do_page_fault+0x67c/0xab0 [ 89.194005][ C0] do_translation_fault+0xe0/0x130 [ 89.194726][ C0] do_mem_abort+0x6c/0x1ac [ 89.195356][ C0] el0_da+0x90/0x1ec [ 89.195928][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 89.196669][ C0] el0t_64_sync+0x1a0/0x1a4 [ 89.197329][ C0] irq event stamp: 1276 [ 89.197920][ C0] hardirqs last enabled at (1275): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 89.199466][ C0] hardirqs last disabled at (1276): [] enter_el1_irq_or_nmi+0x10/0x1c [ 89.200909][ C0] softirqs last enabled at (1256): [] local_bh_enable+0x10/0x34 [ 89.202289][ C0] softirqs last disabled at (1254): [] local_bh_disable+0x10/0x34 [ 89.203575][ C0] ---[ end trace 337cf78d76a9fe0b ]--- [ 89.236315][ T5177] set_capacity_and_notify: 31 callbacks suppressed [ 89.236324][ T5177] loop0: detected capacity change from 0 to 128 [ 89.240133][ T5177] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.241299][ T5177] Bad inode number on dev loop0: 2 is out of range [ 89.242308][ T5177] SysV FS: get root inode failed [ 89.243664][ T5177] oldfs: cannot read superblock [ 89.252835][ T4880] ------------[ cut here ]------------ [ 89.253667][ T4880] VFS: brelse: Trying to free free buffer [ 89.254595][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.255855][ T4880] Modules linked in: [ 89.256402][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 89.257621][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.258998][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.260166][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 89.260893][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 89.261690][ T4880] sp : ffff80001f6d77c0 [ 89.262324][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 89.263542][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 89.264763][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de37fc28 [ 89.265950][ T4880] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 89.267206][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.268420][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 89.269659][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 89.270812][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.272028][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.273211][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 89.274300][ T4880] Call trace: [ 89.274806][ T4880] invalidate_bh_lru+0x128/0x22c [ 89.275527][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 89.276384][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 89.277182][ T4880] invalidate_bh_lrus+0x34/0x40 [ 89.277910][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 89.278655][ T4880] blkdev_put+0x490/0x6ac [ 89.279326][ T4880] blkdev_close+0x74/0xb0 [ 89.279936][ T4880] __fput+0x1c0/0x7e8 [ 89.280509][ T4880] ____fput+0x20/0x30 [ 89.281160][ T4880] task_work_run+0x12c/0x1d8 [ 89.281875][ T4880] do_notify_resume+0x2450/0x309c [ 89.282580][ T4880] el0_svc+0xf0/0x1d0 [ 89.283144][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 89.283873][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 89.284550][ T4880] irq event stamp: 281480 [ 89.285203][ T4880] hardirqs last enabled at (281479): [] kasan_quarantine_put+0xc4/0x200 [ 89.286654][ T4880] hardirqs last disabled at (281480): [] smp_call_function_many_cond+0xa44/0xeac [ 89.288139][ T4880] softirqs last enabled at (281416): [] handle_softirqs+0xa40/0xbe4 [ 89.289585][ T4880] softirqs last disabled at (281403): [] __irq_exit_rcu+0x240/0x43c [ 89.291137][ T4880] ---[ end trace 337cf78d76a9fe0c ]--- [ 89.312595][ T5179] loop0: detected capacity change from 0 to 128 [ 89.353924][ T5179] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.355091][ T5179] Bad inode number on dev loop0: 2 is out of range [ 89.356090][ T5179] SysV FS: get root inode failed [ 89.356798][ T5179] oldfs: cannot read superblock [ 89.366671][ C0] ------------[ cut here ]------------ [ 89.367515][ C0] VFS: brelse: Trying to free free buffer [ 89.368377][ C0] WARNING: CPU: 0 PID: 5180 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.369714][ C0] Modules linked in: [ 89.370332][ C0] CPU: 0 PID: 5180 Comm: syz.0.66 Tainted: G W syzkaller #0 [ 89.371539][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.372903][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.374032][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 89.374811][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 89.375616][ C0] sp : ffff800008007de0 [ 89.376214][ C0] x29: ffff800008007de0 x28: ffff0000ce920000 x27: 1fffe000341f245c [ 89.377404][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 89.378599][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb116b8 [ 89.379821][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 89.381024][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.382151][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 89.383241][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 74839f8d01ca5700 [ 89.384435][ C0] x8 : 74839f8d01ca5700 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.385525][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.386716][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 89.387936][ C0] Call trace: [ 89.388415][ C0] invalidate_bh_lru+0x128/0x22c [ 89.389146][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 89.390029][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 89.391016][ C0] ipi_handler+0x10c/0x6fc [ 89.391692][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 89.392465][ C0] handle_domain_irq+0x144/0x1fc [ 89.393148][ C0] gic_handle_irq+0x78/0x1b8 [ 89.393749][ C0] call_on_irq_stack+0x30/0x48 [ 89.394377][ C0] do_interrupt_handler+0x6c/0x88 [ 89.395057][ C0] el1_interrupt+0x30/0x58 [ 89.395662][ C0] el1h_64_irq_handler+0x18/0x24 [ 89.396362][ C0] el1h_64_irq+0x78/0x7c [ 89.396979][ C0] seqcount_lockdep_reader_access+0x15c/0x22c [ 89.397868][ C0] bad_range+0xa0/0x2a0 [ 89.398432][ C0] get_page_from_freelist+0x2910/0x2a68 [ 89.399253][ C0] __alloc_pages+0x1a0/0x470 [ 89.399908][ C0] alloc_pages+0x34c/0x5c0 [ 89.400577][ C0] __get_free_pages+0x18/0x84 [ 89.401229][ C0] kasan_populate_vmalloc_pte+0x38/0xd8 [ 89.401997][ C0] __apply_to_page_range+0x804/0xb74 [ 89.402791][ C0] apply_to_page_range+0x4c/0x64 [ 89.403462][ C0] kasan_populate_vmalloc+0x5c/0x6c [ 89.404152][ C0] alloc_vmap_area+0x157c/0x16c4 [ 89.404861][ C0] __get_vm_area_node+0x17c/0x2e8 [ 89.405561][ C0] __vmalloc_node_range+0xe8/0x8c8 [ 89.406255][ C0] dup_task_struct+0x5d0/0xc14 [ 89.406913][ C0] copy_process+0x4e0/0x34c8 [ 89.407536][ C0] kernel_clone+0x1ec/0x9e8 [ 89.408171][ C0] __arm64_sys_clone3+0x33c/0x374 [ 89.408895][ C0] invoke_syscall+0x98/0x2b0 [ 89.409519][ C0] el0_svc_common+0x138/0x258 [ 89.410162][ C0] do_el0_svc+0x58/0x13c [ 89.410789][ C0] el0_svc+0x78/0x1d0 [ 89.411380][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 89.412080][ C0] el0t_64_sync+0x1a0/0x1a4 [ 89.412679][ C0] irq event stamp: 1916 [ 89.413256][ C0] hardirqs last enabled at (1915): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 89.414809][ C0] hardirqs last disabled at (1916): [] enter_el1_irq_or_nmi+0x10/0x1c [ 89.416154][ C0] softirqs last enabled at (1888): [] local_bh_enable+0x10/0x34 [ 89.417381][ C0] softirqs last disabled at (1886): [] local_bh_disable+0x10/0x34 [ 89.418665][ C0] ---[ end trace 337cf78d76a9fe0d ]--- [ 89.465796][ T5181] loop0: detected capacity change from 0 to 128 [ 89.554829][ T5181] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.556151][ T5181] Bad inode number on dev loop0: 2 is out of range [ 89.557175][ T5181] SysV FS: get root inode failed [ 89.558040][ T5181] oldfs: cannot read superblock [ 89.565867][ C0] ------------[ cut here ]------------ [ 89.566799][ C0] VFS: brelse: Trying to free free buffer [ 89.567697][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.568948][ C0] Modules linked in: [ 89.569529][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 89.570775][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.572201][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.573309][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 89.574049][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 89.574776][ C0] sp : ffff800008007de0 [ 89.575349][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 89.576577][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 89.577754][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb11a58 [ 89.578893][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 89.580046][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.581206][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 89.582330][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 89.583513][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.584744][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.585942][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 89.587068][ C0] Call trace: [ 89.587538][ C0] invalidate_bh_lru+0x128/0x22c [ 89.588234][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 89.589140][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 89.590138][ C0] ipi_handler+0x10c/0x6fc [ 89.590771][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 89.591552][ C0] handle_domain_irq+0x144/0x1fc [ 89.592292][ C0] gic_handle_irq+0x78/0x1b8 [ 89.592968][ C0] call_on_irq_stack+0x30/0x48 [ 89.593640][ C0] do_interrupt_handler+0x6c/0x88 [ 89.594398][ C0] el1_interrupt+0x30/0x58 [ 89.595076][ C0] el1h_64_irq_handler+0x18/0x24 [ 89.595816][ C0] el1h_64_irq+0x78/0x7c [ 89.596419][ C0] __sanitizer_cov_trace_const_cmp8+0xbc/0xc0 [ 89.597337][ C0] stack_trace_save+0x9c/0xf0 [ 89.598005][ C0] __kasan_kmalloc+0xb0/0xf0 [ 89.598673][ C0] __kmalloc+0x290/0x43c [ 89.599272][ C0] xt_replace_table+0x9c/0x758 [ 89.599931][ C0] __do_replace+0x134/0x998 [ 89.600617][ C0] do_ip6t_set_ctl+0xb14/0xe60 [ 89.601302][ C0] nf_setsockopt+0x270/0x290 [ 89.601965][ C0] ipv6_setsockopt+0x1bb0/0x37ac [ 89.602686][ C0] tcp_setsockopt+0x1e0/0x1c3c [ 89.603402][ C0] sock_common_setsockopt+0xb0/0xcc [ 89.604101][ C0] __sys_setsockopt+0x260/0x36c [ 89.604762][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 89.605501][ C0] invoke_syscall+0x98/0x2b0 [ 89.606158][ C0] el0_svc_common+0x138/0x258 [ 89.606817][ C0] do_el0_svc+0x58/0x13c [ 89.607459][ C0] el0_svc+0x78/0x1d0 [ 89.608012][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 89.608691][ C0] el0t_64_sync+0x1a0/0x1a4 [ 89.609316][ C0] irq event stamp: 341050 [ 89.609912][ C0] hardirqs last enabled at (341049): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 89.611510][ C0] hardirqs last disabled at (341050): [] enter_el1_irq_or_nmi+0x10/0x1c [ 89.612908][ C0] softirqs last enabled at (341036): [] release_sock+0x1d0/0x258 [ 89.614194][ C0] softirqs last disabled at (341034): [] release_sock+0x34/0x258 [ 89.615522][ C0] ---[ end trace 337cf78d76a9fe0e ]--- [ 89.675054][ T5183] loop0: detected capacity change from 0 to 128 [ 89.678078][ T5183] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.679234][ T5183] Bad inode number on dev loop0: 2 is out of range [ 89.680291][ T5183] SysV FS: get root inode failed [ 89.681040][ T5183] oldfs: cannot read superblock [ 89.689628][ C0] ------------[ cut here ]------------ [ 89.690529][ C0] VFS: brelse: Trying to free free buffer [ 89.691477][ C0] WARNING: CPU: 0 PID: 5184 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.692864][ C0] Modules linked in: [ 89.693539][ C0] CPU: 0 PID: 5184 Comm: syz-executor Tainted: G W syzkaller #0 [ 89.694973][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.696511][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.697778][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 89.698533][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 89.699302][ C0] sp : ffff800008007de0 [ 89.699916][ C0] x29: ffff800008007de0 x28: ffff0000c7e19b40 x27: 1fffe000341f245b [ 89.701102][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 89.702271][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb11df8 [ 89.703454][ C0] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000010003 [ 89.704630][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.705767][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 89.706954][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : f408db0d39665900 [ 89.708125][ C0] x8 : f408db0d39665900 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.709347][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.710564][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 89.711789][ C0] Call trace: [ 89.712247][ C0] invalidate_bh_lru+0x128/0x22c [ 89.712951][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 89.713813][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 89.714834][ C0] ipi_handler+0x10c/0x6fc [ 89.715525][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 89.716406][ C0] handle_domain_irq+0x144/0x1fc [ 89.717119][ C0] gic_handle_irq+0x78/0x1b8 [ 89.717789][ C0] call_on_irq_stack+0x30/0x48 [ 89.718464][ C0] do_interrupt_handler+0x6c/0x88 [ 89.719178][ C0] el1_interrupt+0x30/0x58 [ 89.719775][ C0] el1h_64_irq_handler+0x18/0x24 [ 89.720516][ C0] el1h_64_irq+0x78/0x7c [ 89.721176][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 89.721951][ C0] debug_check_no_obj_freed+0x450/0x46c [ 89.722753][ C0] slab_free_freelist_hook+0x9c/0x1e4 [ 89.723500][ C0] kfree+0x16c/0x400 [ 89.724065][ C0] kfree_link+0x20/0x30 [ 89.724664][ C0] walk_component+0x158/0x3a8 [ 89.725332][ C0] link_path_walk+0x590/0xbe0 [ 89.725986][ C0] path_openat+0x1cc/0x2718 [ 89.726624][ C0] do_filp_open+0x184/0x368 [ 89.727297][ C0] do_sys_openat2+0x134/0x3f4 [ 89.727972][ C0] __arm64_sys_openat+0x118/0x14c [ 89.728758][ C0] invoke_syscall+0x98/0x2b0 [ 89.729422][ C0] el0_svc_common+0x138/0x258 [ 89.730083][ C0] do_el0_svc+0x58/0x13c [ 89.730670][ C0] el0_svc+0x78/0x1d0 [ 89.731241][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 89.731934][ C0] el0t_64_sync+0x1a0/0x1a4 [ 89.732592][ C0] irq event stamp: 902 [ 89.733133][ C0] hardirqs last enabled at (901): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 89.734574][ C0] hardirqs last disabled at (902): [] enter_el1_irq_or_nmi+0x10/0x1c [ 89.735908][ C0] softirqs last enabled at (868): [] local_bh_enable+0x10/0x34 [ 89.737175][ C0] softirqs last disabled at (866): [] local_bh_disable+0x10/0x34 [ 89.738447][ C0] ---[ end trace 337cf78d76a9fe0f ]--- [ 89.775365][ T5185] loop0: detected capacity change from 0 to 128 [ 89.777930][ T5185] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.779045][ T5185] Bad inode number on dev loop0: 2 is out of range [ 89.779978][ T5185] SysV FS: get root inode failed [ 89.780743][ T5185] oldfs: cannot read superblock [ 89.786020][ T4880] ------------[ cut here ]------------ [ 89.786850][ T4880] VFS: brelse: Trying to free free buffer [ 89.787669][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.788903][ T4880] Modules linked in: [ 89.789419][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 89.790534][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.791963][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.793105][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 89.793864][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 89.794606][ T4880] sp : ffff80001f6d77c0 [ 89.795215][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 89.796448][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 89.797668][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb18230 [ 89.798837][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 89.800036][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.801167][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 89.802338][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 89.803477][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.804641][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.805810][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 89.806976][ T4880] Call trace: [ 89.807456][ T4880] invalidate_bh_lru+0x128/0x22c [ 89.808179][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 89.809063][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 89.809803][ T4880] invalidate_bh_lrus+0x34/0x40 [ 89.810475][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 89.811214][ T4880] blkdev_put+0x490/0x6ac [ 89.811820][ T4880] blkdev_close+0x74/0xb0 [ 89.812451][ T4880] __fput+0x1c0/0x7e8 [ 89.813065][ T4880] ____fput+0x20/0x30 [ 89.813671][ T4880] task_work_run+0x12c/0x1d8 [ 89.814329][ T4880] do_notify_resume+0x2450/0x309c [ 89.815006][ T4880] el0_svc+0xf0/0x1d0 [ 89.815583][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 89.816319][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 89.817022][ T4880] irq event stamp: 300184 [ 89.817601][ T4880] hardirqs last enabled at (300183): [] kasan_quarantine_put+0xc4/0x200 [ 89.818947][ T4880] hardirqs last disabled at (300184): [] smp_call_function_many_cond+0xa44/0xeac [ 89.820394][ T4880] softirqs last enabled at (299912): [] local_bh_enable+0x10/0x34 [ 89.821729][ T4880] softirqs last disabled at (299910): [] local_bh_disable+0x10/0x34 [ 89.823071][ T4880] ---[ end trace 337cf78d76a9fe10 ]--- [ 89.866936][ T5187] loop0: detected capacity change from 0 to 128 [ 89.873637][ T5187] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 89.874776][ T5187] Bad inode number on dev loop0: 2 is out of range [ 89.875786][ T5187] SysV FS: get root inode failed [ 89.876553][ T5187] oldfs: cannot read superblock [ 89.904599][ C0] ------------[ cut here ]------------ [ 89.905449][ C0] VFS: brelse: Trying to free free buffer [ 89.906414][ C0] WARNING: CPU: 0 PID: 5189 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 89.907615][ C0] Modules linked in: [ 89.908153][ C0] CPU: 0 PID: 5189 Comm: syz.0.70 Tainted: G W syzkaller #0 [ 89.909343][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 89.910844][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 89.912000][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 89.912713][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 89.913502][ C0] sp : ffff800008007de0 [ 89.914116][ C0] x29: ffff800008007de0 x28: ffff0000d17551c0 x27: 1fffe000341f245c [ 89.915333][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 89.916476][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb185d0 [ 89.917570][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 89.918766][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 89.919932][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 89.921096][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 9d22c58e9d10ba00 [ 89.922288][ C0] x8 : 9d22c58e9d10ba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 89.923460][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 89.924637][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 89.925875][ C0] Call trace: [ 89.926346][ C0] invalidate_bh_lru+0x128/0x22c [ 89.927031][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 89.927837][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 89.928817][ C0] ipi_handler+0x10c/0x6fc [ 89.929513][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 89.930396][ C0] handle_domain_irq+0x144/0x1fc [ 89.931125][ C0] gic_handle_irq+0x78/0x1b8 [ 89.931801][ C0] call_on_irq_stack+0x30/0x48 [ 89.932523][ C0] do_interrupt_handler+0x6c/0x88 [ 89.933274][ C0] el1_interrupt+0x30/0x58 [ 89.933976][ C0] el1h_64_irq_handler+0x18/0x24 [ 89.934675][ C0] el1h_64_irq+0x78/0x7c [ 89.935272][ C0] lock_page_memcg+0x120/0x22c [ 89.936015][ C0] page_remove_rmap+0x3c/0xf90 [ 89.936691][ C0] unmap_page_range+0xb78/0x1908 [ 89.937411][ C0] unmap_single_vma+0x13c/0x1e4 [ 89.938160][ C0] unmap_vmas+0x10c/0x214 [ 89.938781][ C0] exit_mmap+0x2c4/0x508 [ 89.939464][ C0] __mmput+0xec/0x3a8 [ 89.940044][ C0] mmput+0x80/0xc0 [ 89.940582][ C0] exit_mm+0x4ac/0x664 [ 89.941166][ C0] do_exit+0x4f0/0x1f50 [ 89.941738][ C0] do_group_exit+0x100/0x268 [ 89.942376][ C0] get_signal+0x73c/0x1334 [ 89.943110][ C0] do_notify_resume+0x354/0x309c [ 89.943805][ C0] el0_svc+0xf0/0x1d0 [ 89.944374][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 89.945083][ C0] el0t_64_sync+0x1a0/0x1a4 [ 89.945698][ C0] irq event stamp: 1642 [ 89.946291][ C0] hardirqs last enabled at (1641): [] lock_page_memcg+0x110/0x22c [ 89.947687][ C0] hardirqs last disabled at (1642): [] enter_el1_irq_or_nmi+0x10/0x1c [ 89.949054][ C0] softirqs last enabled at (834): [] local_bh_enable+0x10/0x34 [ 89.950384][ C0] softirqs last disabled at (832): [] local_bh_disable+0x10/0x34 [ 89.951780][ C0] ---[ end trace 337cf78d76a9fe11 ]--- [ 90.002646][ T5191] loop0: detected capacity change from 0 to 128 [ 90.005161][ T5191] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.006373][ T5191] Bad inode number on dev loop0: 2 is out of range [ 90.007305][ T5191] SysV FS: get root inode failed [ 90.008013][ T5191] oldfs: cannot read superblock [ 90.020876][ C1] ------------[ cut here ]------------ [ 90.021778][ C1] VFS: brelse: Trying to free free buffer [ 90.022778][ C1] WARNING: CPU: 1 PID: 5193 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.024133][ C1] Modules linked in: [ 90.024771][ C1] CPU: 1 PID: 5193 Comm: syz.0.72 Tainted: G W syzkaller #0 [ 90.026168][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.027759][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.028865][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 90.029656][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 90.030467][ C1] sp : ffff800008017de0 [ 90.031091][ C1] x29: ffff800008017de0 x28: ffff0000db43b680 x27: 1fffe000341f665c [ 90.032319][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 90.033569][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de37f060 [ 90.034761][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 90.035910][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.037096][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 90.038348][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b6fbdeb90d68c300 [ 90.039578][ C1] x8 : b6fbdeb90d68c300 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.040806][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.042046][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 90.043266][ C1] Call trace: [ 90.043761][ C1] invalidate_bh_lru+0x128/0x22c [ 90.044482][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 90.045434][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 90.046475][ C1] ipi_handler+0x10c/0x6fc [ 90.047130][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 90.047955][ C1] handle_domain_irq+0x144/0x1fc [ 90.048663][ C1] gic_handle_irq+0x78/0x1b8 [ 90.049319][ C1] call_on_irq_stack+0x30/0x48 [ 90.050007][ C1] do_interrupt_handler+0x6c/0x88 [ 90.050697][ C1] el1_interrupt+0x30/0x58 [ 90.051299][ C1] el1h_64_irq_handler+0x18/0x24 [ 90.051975][ C1] el1h_64_irq+0x78/0x7c [ 90.052571][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 90.053331][ C1] debug_check_no_obj_freed+0x450/0x46c [ 90.054101][ C1] slab_free_freelist_hook+0x9c/0x1e4 [ 90.054849][ C1] kmem_cache_free+0xdc/0x3b0 [ 90.055516][ C1] unlink_anon_vmas+0x224/0x534 [ 90.056175][ C1] free_pgtables+0x7c/0x278 [ 90.056824][ C1] exit_mmap+0x2d8/0x508 [ 90.057438][ C1] __mmput+0xec/0x3a8 [ 90.058031][ C1] mmput+0x80/0xc0 [ 90.058606][ C1] exit_mm+0x4ac/0x664 [ 90.059200][ C1] do_exit+0x4f0/0x1f50 [ 90.059783][ C1] do_group_exit+0x100/0x268 [ 90.060460][ C1] get_signal+0x73c/0x1334 [ 90.061106][ C1] do_notify_resume+0x354/0x309c [ 90.061861][ C1] el0_svc+0xf0/0x1d0 [ 90.062429][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 90.063147][ C1] el0t_64_sync+0x1a0/0x1a4 [ 90.063797][ C1] irq event stamp: 2214 [ 90.064368][ C1] hardirqs last enabled at (2213): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 90.065836][ C1] hardirqs last disabled at (2214): [] enter_el1_irq_or_nmi+0x10/0x1c [ 90.067299][ C1] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 90.068628][ C1] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 90.069969][ C1] ---[ end trace 337cf78d76a9fe12 ]--- [ 90.089253][ T5195] loop0: detected capacity change from 0 to 128 [ 90.092220][ T5195] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.094903][ T5195] Bad inode number on dev loop0: 2 is out of range [ 90.096082][ T5195] SysV FS: get root inode failed [ 90.096799][ T5195] oldfs: cannot read superblock [ 90.106278][ C0] ------------[ cut here ]------------ [ 90.107183][ C0] VFS: brelse: Trying to free free buffer [ 90.108149][ C0] WARNING: CPU: 0 PID: 5196 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.109516][ C0] Modules linked in: [ 90.110095][ C0] CPU: 0 PID: 5196 Comm: syz-executor Tainted: G W syzkaller #0 [ 90.111376][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.112815][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.113939][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 90.114715][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 90.115507][ C0] sp : ffff800008007de0 [ 90.116101][ C0] x29: ffff800008007de0 x28: ffff0000cc98b680 x27: 1fffe000341f245c [ 90.117312][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 90.118502][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb18970 [ 90.119670][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 90.120830][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.122283][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 90.123486][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : b4d284ee58c5fd00 [ 90.124686][ C0] x8 : b4d284ee58c5fd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.125871][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.127067][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 90.128291][ C0] Call trace: [ 90.128810][ C0] invalidate_bh_lru+0x128/0x22c [ 90.129576][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 90.130429][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 90.131416][ C0] ipi_handler+0x10c/0x6fc [ 90.132066][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 90.132862][ C0] handle_domain_irq+0x144/0x1fc [ 90.133554][ C0] gic_handle_irq+0x78/0x1b8 [ 90.134191][ C0] call_on_irq_stack+0x30/0x48 [ 90.134882][ C0] do_interrupt_handler+0x6c/0x88 [ 90.135594][ C0] el1_interrupt+0x30/0x58 [ 90.136235][ C0] el1h_64_irq_handler+0x18/0x24 [ 90.136976][ C0] el1h_64_irq+0x78/0x7c [ 90.137536][ C0] count_memcg_event_mm+0x1d0/0x300 [ 90.138264][ C0] handle_mm_fault+0x19c/0x2a28 [ 90.138949][ C0] do_page_fault+0x67c/0xab0 [ 90.139582][ C0] do_mem_abort+0x6c/0x1ac [ 90.140203][ C0] el0_da+0x90/0x1ec [ 90.140754][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 90.141447][ C0] el0t_64_sync+0x1a0/0x1a4 [ 90.142113][ C0] irq event stamp: 1060 [ 90.142748][ C0] hardirqs last enabled at (1059): [] count_memcg_event_mm+0x1b0/0x300 [ 90.144210][ C0] hardirqs last disabled at (1060): [] enter_el1_irq_or_nmi+0x10/0x1c [ 90.145555][ C0] softirqs last enabled at (860): [] local_bh_enable+0x10/0x34 [ 90.146830][ C0] softirqs last disabled at (858): [] local_bh_disable+0x10/0x34 [ 90.148131][ C0] ---[ end trace 337cf78d76a9fe13 ]--- [ 90.177165][ T5197] loop0: detected capacity change from 0 to 128 [ 90.179953][ T5197] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.181088][ T5197] Bad inode number on dev loop0: 2 is out of range [ 90.182112][ T5197] SysV FS: get root inode failed [ 90.184502][ T5197] oldfs: cannot read superblock [ 90.192652][ T4880] ------------[ cut here ]------------ [ 90.193522][ T4880] VFS: brelse: Trying to free free buffer [ 90.194594][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.196002][ T4880] Modules linked in: [ 90.196587][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 90.197852][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.199301][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.200441][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 90.201210][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 90.201963][ T4880] sp : ffff80001f6d77c0 [ 90.202577][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 90.203762][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 90.204920][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb18d10 [ 90.206047][ T4880] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 90.207305][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.208567][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 90.209745][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 90.210941][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.212095][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.213264][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 90.214405][ T4880] Call trace: [ 90.214879][ T4880] invalidate_bh_lru+0x128/0x22c [ 90.215605][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 90.216416][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 90.217128][ T4880] invalidate_bh_lrus+0x34/0x40 [ 90.217855][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 90.218563][ T4880] blkdev_put+0x490/0x6ac [ 90.219170][ T4880] blkdev_close+0x74/0xb0 [ 90.219829][ T4880] __fput+0x1c0/0x7e8 [ 90.220371][ T4880] ____fput+0x20/0x30 [ 90.220925][ T4880] task_work_run+0x12c/0x1d8 [ 90.221560][ T4880] do_notify_resume+0x2450/0x309c [ 90.222369][ T4880] el0_svc+0xf0/0x1d0 [ 90.222964][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 90.223697][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 90.224377][ T4880] irq event stamp: 327956 [ 90.225023][ T4880] hardirqs last enabled at (327955): [] kasan_quarantine_put+0xc4/0x200 [ 90.226567][ T4880] hardirqs last disabled at (327956): [] smp_call_function_many_cond+0xa44/0xeac [ 90.228073][ T4880] softirqs last enabled at (327692): [] local_bh_enable+0x10/0x34 [ 90.229337][ T4880] softirqs last disabled at (327690): [] local_bh_disable+0x10/0x34 [ 90.230671][ T4880] ---[ end trace 337cf78d76a9fe14 ]--- [ 90.256636][ T5199] loop0: detected capacity change from 0 to 128 [ 90.259623][ T5199] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.260776][ T5199] Bad inode number on dev loop0: 2 is out of range [ 90.261859][ T5199] SysV FS: get root inode failed [ 90.262634][ T5199] oldfs: cannot read superblock [ 90.271920][ T4880] ------------[ cut here ]------------ [ 90.272820][ T4880] VFS: brelse: Trying to free free buffer [ 90.273754][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.275151][ T4880] Modules linked in: [ 90.275787][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 90.277030][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.278610][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.279739][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 90.280492][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 90.281290][ T4880] sp : ffff80001f6d77c0 [ 90.281866][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 90.283075][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 90.284248][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05f2148 [ 90.285425][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 90.286578][ T4880] x17: 0000000000000000 x16: ffff800008304ad4 x15: 00000000ffffffff [ 90.287739][ T4880] x14: 0000000000000001 x13: 1ffff00003edae18 x12: 0000000000ff0100 [ 90.288873][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 90.290024][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.291236][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008304be4 [ 90.292397][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 90.293652][ T4880] Call trace: [ 90.294136][ T4880] invalidate_bh_lru+0x128/0x22c [ 90.294887][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 90.295786][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 90.296501][ T4880] invalidate_bh_lrus+0x34/0x40 [ 90.297178][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 90.297931][ T4880] blkdev_put+0x490/0x6ac [ 90.298565][ T4880] blkdev_close+0x74/0xb0 [ 90.299203][ T4880] __fput+0x1c0/0x7e8 [ 90.299763][ T4880] ____fput+0x20/0x30 [ 90.300389][ T4880] task_work_run+0x12c/0x1d8 [ 90.301050][ T4880] do_notify_resume+0x2450/0x309c [ 90.301817][ T4880] el0_svc+0xf0/0x1d0 [ 90.302413][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 90.303174][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 90.303809][ T4880] irq event stamp: 332088 [ 90.304414][ T4880] hardirqs last enabled at (332087): [] kasan_quarantine_put+0xc4/0x200 [ 90.305847][ T4880] hardirqs last disabled at (332088): [] smp_call_function_many_cond+0xa44/0xeac [ 90.307510][ T4880] softirqs last enabled at (331822): [] local_bh_enable+0x10/0x34 [ 90.308966][ T4880] softirqs last disabled at (331820): [] local_bh_disable+0x10/0x34 [ 90.310343][ T4880] ---[ end trace 337cf78d76a9fe15 ]--- [ 90.388521][ T5201] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.389688][ T5201] Bad inode number on dev loop0: 2 is out of range [ 90.390746][ T5201] SysV FS: get root inode failed [ 90.391484][ T5201] oldfs: cannot read superblock [ 90.400358][ T4880] ------------[ cut here ]------------ [ 90.401262][ T4880] VFS: brelse: Trying to free free buffer [ 90.402195][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.403517][ T4880] Modules linked in: [ 90.404153][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 90.405444][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.406926][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.408062][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 90.408851][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 90.409627][ T4880] sp : ffff80001f6d77c0 [ 90.410191][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 90.411400][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 90.412652][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05f24e8 [ 90.413781][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 90.415000][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.416198][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 90.417424][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 90.418718][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.419934][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.421090][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 90.422344][ T4880] Call trace: [ 90.422854][ T4880] invalidate_bh_lru+0x128/0x22c [ 90.423590][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 90.424479][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 90.425216][ T4880] invalidate_bh_lrus+0x34/0x40 [ 90.425888][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 90.426681][ T4880] blkdev_put+0x490/0x6ac [ 90.427362][ T4880] blkdev_close+0x74/0xb0 [ 90.428000][ T4880] __fput+0x1c0/0x7e8 [ 90.428590][ T4880] ____fput+0x20/0x30 [ 90.429141][ T4880] task_work_run+0x12c/0x1d8 [ 90.429824][ T4880] do_notify_resume+0x2450/0x309c [ 90.430540][ T4880] el0_svc+0xf0/0x1d0 [ 90.431141][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 90.431878][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 90.432504][ T4880] irq event stamp: 336252 [ 90.433121][ T4880] hardirqs last enabled at (336251): [] kasan_quarantine_put+0xc4/0x200 [ 90.434641][ T4880] hardirqs last disabled at (336252): [] smp_call_function_many_cond+0xa44/0xeac [ 90.436111][ T4880] softirqs last enabled at (335954): [] local_bh_enable+0x10/0x34 [ 90.437495][ T4880] softirqs last disabled at (335952): [] local_bh_disable+0x10/0x34 [ 90.438853][ T4880] ---[ end trace 337cf78d76a9fe16 ]--- [ 90.487398][ T5203] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.488524][ T5203] Bad inode number on dev loop0: 2 is out of range [ 90.489440][ T5203] SysV FS: get root inode failed [ 90.490200][ T5203] oldfs: cannot read superblock [ 90.497932][ C0] ------------[ cut here ]------------ [ 90.498768][ C0] VFS: brelse: Trying to free free buffer [ 90.499701][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.500954][ C0] Modules linked in: [ 90.501514][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 90.502791][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.504316][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.505462][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 90.506243][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 90.507001][ C0] sp : ffff800008007de0 [ 90.507535][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 90.508689][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 90.509843][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05f2888 [ 90.510973][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 90.512168][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.513345][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 90.514570][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 4492d4acac152100 [ 90.515705][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.516732][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.517938][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 90.519094][ C0] Call trace: [ 90.519578][ C0] invalidate_bh_lru+0x128/0x22c [ 90.520332][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 90.521175][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 90.522116][ C0] ipi_handler+0x10c/0x6fc [ 90.522745][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 90.523553][ C0] handle_domain_irq+0x144/0x1fc [ 90.524271][ C0] gic_handle_irq+0x78/0x1b8 [ 90.524904][ C0] call_on_irq_stack+0x30/0x48 [ 90.525582][ C0] do_interrupt_handler+0x6c/0x88 [ 90.526290][ C0] el1_interrupt+0x30/0x58 [ 90.526929][ C0] el1h_64_irq_handler+0x18/0x24 [ 90.527586][ C0] el1h_64_irq+0x78/0x7c [ 90.528192][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 90.529082][ C0] pcpu_alloc+0x9b8/0x1878 [ 90.529740][ C0] __alloc_percpu+0x30/0x40 [ 90.530432][ C0] xt_percpu_counter_alloc+0x144/0x1e4 [ 90.531207][ C0] translate_table+0xe8c/0x1878 [ 90.531884][ C0] do_ipt_set_ctl+0xa1c/0xe60 [ 90.532528][ C0] nf_setsockopt+0x270/0x290 [ 90.533212][ C0] ip_setsockopt+0x1db8/0x29fc [ 90.533899][ C0] tcp_setsockopt+0x1e0/0x1c3c [ 90.534594][ C0] sock_common_setsockopt+0xb0/0xcc [ 90.535329][ C0] __sys_setsockopt+0x260/0x36c [ 90.536056][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 90.536773][ C0] invoke_syscall+0x98/0x2b0 [ 90.537414][ C0] el0_svc_common+0x138/0x258 [ 90.538071][ C0] do_el0_svc+0x58/0x13c [ 90.538687][ C0] el0_svc+0x78/0x1d0 [ 90.539273][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 90.540027][ C0] el0t_64_sync+0x1a0/0x1a4 [ 90.540739][ C0] irq event stamp: 376082 [ 90.541354][ C0] hardirqs last enabled at (376081): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 90.542966][ C0] hardirqs last disabled at (376082): [] enter_el1_irq_or_nmi+0x10/0x1c [ 90.544415][ C0] softirqs last enabled at (376072): [] release_sock+0x1d0/0x258 [ 90.545706][ C0] softirqs last disabled at (376070): [] release_sock+0x34/0x258 [ 90.547115][ C0] ---[ end trace 337cf78d76a9fe17 ]--- [ 90.604139][ T5205] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.605380][ T5205] Bad inode number on dev loop0: 2 is out of range [ 90.606343][ T5205] SysV FS: get root inode failed [ 90.607096][ T5205] oldfs: cannot read superblock [ 90.619306][ T4880] ------------[ cut here ]------------ [ 90.620218][ T4880] VFS: brelse: Trying to free free buffer [ 90.621100][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.622404][ T4880] Modules linked in: [ 90.622983][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 90.624238][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.625770][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.626934][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 90.627731][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 90.628521][ T4880] sp : ffff80001f6d77c0 [ 90.629167][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 90.630353][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 90.631516][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e712a6b8 [ 90.632682][ T4880] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 90.633913][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.635181][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 90.636353][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 90.637522][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.638718][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.639903][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 90.641039][ T4880] Call trace: [ 90.641494][ T4880] invalidate_bh_lru+0x128/0x22c [ 90.642257][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 90.643138][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 90.643961][ T4880] invalidate_bh_lrus+0x34/0x40 [ 90.644631][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 90.645374][ T4880] blkdev_put+0x490/0x6ac [ 90.646000][ T4880] blkdev_close+0x74/0xb0 [ 90.646645][ T4880] __fput+0x1c0/0x7e8 [ 90.647250][ T4880] ____fput+0x20/0x30 [ 90.647832][ T4880] task_work_run+0x12c/0x1d8 [ 90.648520][ T4880] do_notify_resume+0x2450/0x309c [ 90.649254][ T4880] el0_svc+0xf0/0x1d0 [ 90.649827][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 90.650553][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 90.651175][ T4880] irq event stamp: 344502 [ 90.651744][ T4880] hardirqs last enabled at (344501): [] kasan_quarantine_put+0xc4/0x200 [ 90.653205][ T4880] hardirqs last disabled at (344502): [] smp_call_function_many_cond+0xa44/0xeac [ 90.654708][ T4880] softirqs last enabled at (344226): [] local_bh_enable+0x10/0x34 [ 90.656040][ T4880] softirqs last disabled at (344224): [] local_bh_disable+0x10/0x34 [ 90.657412][ T4880] ---[ end trace 337cf78d76a9fe18 ]--- [ 90.734827][ T5207] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.736067][ T5207] Bad inode number on dev loop0: 2 is out of range [ 90.737083][ T5207] SysV FS: get root inode failed [ 90.737895][ T5207] oldfs: cannot read superblock [ 90.748086][ C1] ------------[ cut here ]------------ [ 90.749025][ C1] VFS: brelse: Trying to free free buffer [ 90.749939][ C1] WARNING: CPU: 1 PID: 5208 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.751255][ C1] Modules linked in: [ 90.751828][ C1] CPU: 1 PID: 5208 Comm: syz-executor Tainted: G W syzkaller #0 [ 90.753161][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.754648][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.755774][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 90.756621][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 90.757412][ C1] sp : ffff800008017de0 [ 90.758041][ C1] x29: ffff800008017de0 x28: ffff0000cebab680 x27: 1fffe000341f665b [ 90.759270][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 90.760417][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e712aa58 [ 90.761590][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010003 [ 90.762819][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.764102][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 90.765303][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 446a00be629d8f00 [ 90.766539][ C1] x8 : 446a00be629d8f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.767760][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.768957][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 90.770103][ C1] Call trace: [ 90.770577][ C1] invalidate_bh_lru+0x128/0x22c [ 90.771332][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 90.772264][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 90.773257][ C1] ipi_handler+0x10c/0x6fc [ 90.773919][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 90.774696][ C1] handle_domain_irq+0x144/0x1fc [ 90.775401][ C1] gic_handle_irq+0x78/0x1b8 [ 90.776095][ C1] call_on_irq_stack+0x30/0x48 [ 90.776785][ C1] do_interrupt_handler+0x6c/0x88 [ 90.777577][ C1] el1_interrupt+0x30/0x58 [ 90.778239][ C1] el1h_64_irq_handler+0x18/0x24 [ 90.778987][ C1] el1h_64_irq+0x78/0x7c [ 90.779592][ C1] __sanitizer_cov_trace_pc+0xc/0xac [ 90.780335][ C1] __arm64_sys_prctl+0x60c/0xf20 [ 90.781100][ C1] invoke_syscall+0x98/0x2b0 [ 90.781837][ C1] el0_svc_common+0x138/0x258 [ 90.782550][ C1] do_el0_svc+0x58/0x13c [ 90.783220][ C1] el0_svc+0x78/0x1d0 [ 90.783820][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 90.784590][ C1] el0t_64_sync+0x1a0/0x1a4 [ 90.785247][ C1] irq event stamp: 1642 [ 90.785851][ C1] hardirqs last enabled at (1641): [] el0_svc_common+0x9c/0x258 [ 90.787201][ C1] hardirqs last disabled at (1642): [] enter_el1_irq_or_nmi+0x10/0x1c [ 90.788650][ C1] softirqs last enabled at (1636): [] local_bh_enable+0x10/0x34 [ 90.789998][ C1] softirqs last disabled at (1634): [] local_bh_disable+0x10/0x34 [ 90.791463][ C1] ---[ end trace 337cf78d76a9fe19 ]--- [ 90.915561][ T5209] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 90.916845][ T5209] Bad inode number on dev loop0: 2 is out of range [ 90.917849][ T5209] SysV FS: get root inode failed [ 90.918558][ T5209] oldfs: cannot read superblock [ 90.926981][ C0] ------------[ cut here ]------------ [ 90.927951][ C0] VFS: brelse: Trying to free free buffer [ 90.928911][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 90.930143][ C0] Modules linked in: [ 90.930756][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 90.932035][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 90.933489][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 90.934603][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 90.935398][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 90.936191][ C0] sp : ffff800008007de0 [ 90.936783][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 90.937987][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 90.939128][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05f2c28 [ 90.940290][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 90.941451][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 90.942620][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 90.943786][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 4492d4acac152100 [ 90.944987][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 90.946080][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 90.947167][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 90.948303][ C0] Call trace: [ 90.948778][ C0] invalidate_bh_lru+0x128/0x22c [ 90.949467][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 90.950316][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 90.951350][ C0] ipi_handler+0x10c/0x6fc [ 90.951988][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 90.952766][ C0] handle_domain_irq+0x144/0x1fc [ 90.953498][ C0] gic_handle_irq+0x78/0x1b8 [ 90.954167][ C0] call_on_irq_stack+0x30/0x48 [ 90.954862][ C0] do_interrupt_handler+0x6c/0x88 [ 90.955607][ C0] el1_interrupt+0x30/0x58 [ 90.956279][ C0] el1h_64_irq_handler+0x18/0x24 [ 90.957030][ C0] el1h_64_irq+0x78/0x7c [ 90.957664][ C0] _raw_write_unlock_irq+0xa0/0x128 [ 90.958421][ C0] copy_process+0x3150/0x34c8 [ 90.959056][ C0] kernel_clone+0x1ec/0x9e8 [ 90.959705][ C0] __arm64_sys_clone+0x14c/0x1b8 [ 90.960423][ C0] invoke_syscall+0x98/0x2b0 [ 90.961040][ C0] el0_svc_common+0x138/0x258 [ 90.961654][ C0] do_el0_svc+0x58/0x13c [ 90.962282][ C0] el0_svc+0x78/0x1d0 [ 90.962836][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 90.963561][ C0] el0t_64_sync+0x1a0/0x1a4 [ 90.964182][ C0] irq event stamp: 388076 [ 90.964846][ C0] hardirqs last enabled at (388075): [] _raw_write_unlock_irq+0x98/0x128 [ 90.966263][ C0] hardirqs last disabled at (388076): [] enter_el1_irq_or_nmi+0x10/0x1c [ 90.967698][ C0] softirqs last enabled at (387900): [] local_bh_enable+0x10/0x34 [ 90.969098][ C0] softirqs last disabled at (387898): [] local_bh_disable+0x10/0x34 [ 90.970484][ C0] ---[ end trace 337cf78d76a9fe1a ]--- [ 91.044181][ T5211] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.045347][ T5211] Bad inode number on dev loop0: 2 is out of range [ 91.046313][ T5211] SysV FS: get root inode failed [ 91.047163][ T5211] oldfs: cannot read superblock [ 91.056693][ T4880] ------------[ cut here ]------------ [ 91.057626][ T4880] VFS: brelse: Trying to free free buffer [ 91.058527][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.059875][ T4880] Modules linked in: [ 91.060524][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 91.061735][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.063142][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.064292][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 91.065109][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 91.065936][ T4880] sp : ffff80001f6d77c0 [ 91.066567][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 91.067764][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 91.069015][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e712adf8 [ 91.070218][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 91.071441][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 91.072700][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 91.073913][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 91.075099][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 91.076256][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 91.077390][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 91.078609][ T4880] Call trace: [ 91.079110][ T4880] invalidate_bh_lru+0x128/0x22c [ 91.079815][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 91.080816][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 91.081539][ T4880] invalidate_bh_lrus+0x34/0x40 [ 91.082217][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 91.083024][ T4880] blkdev_put+0x490/0x6ac [ 91.083712][ T4880] blkdev_close+0x74/0xb0 [ 91.084426][ T4880] __fput+0x1c0/0x7e8 [ 91.085059][ T4880] ____fput+0x20/0x30 [ 91.085630][ T4880] task_work_run+0x12c/0x1d8 [ 91.086301][ T4880] do_notify_resume+0x2450/0x309c [ 91.087078][ T4880] el0_svc+0xf0/0x1d0 [ 91.087676][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 91.088434][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 91.089116][ T4880] irq event stamp: 357664 [ 91.089798][ T4880] hardirqs last enabled at (357663): [] kasan_quarantine_put+0xc4/0x200 [ 91.091287][ T4880] hardirqs last disabled at (357664): [] smp_call_function_many_cond+0xa44/0xeac [ 91.092790][ T4880] softirqs last enabled at (357402): [] local_bh_enable+0x10/0x34 [ 91.094201][ T4880] softirqs last disabled at (357400): [] local_bh_disable+0x10/0x34 [ 91.095539][ T4880] ---[ end trace 337cf78d76a9fe1b ]--- [ 91.132802][ T4145] Bluetooth: hci0: command 0x0419 tx timeout [ 91.146240][ T5213] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.147445][ T5213] Bad inode number on dev loop0: 2 is out of range [ 91.148457][ T5213] SysV FS: get root inode failed [ 91.149507][ T5213] oldfs: cannot read superblock [ 91.150326][ T5213] ------------[ cut here ]------------ [ 91.151117][ T5213] VFS: brelse: Trying to free free buffer [ 91.151957][ T5213] WARNING: CPU: 0 PID: 5213 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.153190][ T5213] Modules linked in: [ 91.153777][ T5213] CPU: 0 PID: 5213 Comm: syz.0.82 Tainted: G W syzkaller #0 [ 91.154971][ T5213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.156404][ T5213] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.157624][ T5213] pc : invalidate_bh_lru+0x128/0x22c [ 91.158430][ T5213] lr : invalidate_bh_lru+0x128/0x22c [ 91.159222][ T5213] sp : ffff8000205d76e0 [ 91.159883][ T5213] x29: ffff8000205d76e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 91.161122][ T5213] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 91.162336][ T5213] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c1060 [ 91.163539][ T5213] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 91.164735][ T5213] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 91.165996][ T5213] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 91.167231][ T5213] x11: 0000000000000002 x10: 0000000000000000 x9 : 3b55fb7c2a38b300 [ 91.168519][ T5213] x8 : 3b55fb7c2a38b300 x7 : 0000000000000001 x6 : 0000000000000001 [ 91.169875][ T5213] x5 : ffff8000205d6ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 91.171020][ T5213] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 91.172130][ T5213] Call trace: [ 91.172648][ T5213] invalidate_bh_lru+0x128/0x22c [ 91.173341][ T5213] smp_call_function_many_cond+0xa50/0xeac [ 91.174233][ T5213] on_each_cpu_cond_mask+0x5c/0xc4 [ 91.175029][ T5213] invalidate_bh_lrus+0x34/0x40 [ 91.175755][ T5213] blkdev_flush_mapping+0x16c/0x334 [ 91.176526][ T5213] blkdev_put+0x490/0x6ac [ 91.177116][ T5213] kill_block_super+0x98/0xdc [ 91.177796][ T5213] deactivate_locked_super+0xb8/0x134 [ 91.178572][ T5213] mount_bdev+0x284/0x358 [ 91.179234][ T5213] sysv_mount+0x44/0x58 [ 91.179889][ T5213] legacy_get_tree+0xd4/0x16c [ 91.180559][ T5213] vfs_get_tree+0x90/0x274 [ 91.181246][ T5213] do_new_mount+0x228/0x810 [ 91.181887][ T5213] path_mount+0x5bc/0x1008 [ 91.182532][ T5213] __arm64_sys_mount+0x514/0x5f0 [ 91.183253][ T5213] invoke_syscall+0x98/0x2b0 [ 91.183936][ T5213] el0_svc_common+0x138/0x258 [ 91.184582][ T5213] do_el0_svc+0x58/0x13c [ 91.185200][ T5213] el0_svc+0x78/0x1d0 [ 91.185836][ T5213] el0t_64_sync_handler+0xcc/0xe4 [ 91.186587][ T5213] el0t_64_sync+0x1a0/0x1a4 [ 91.187288][ T5213] irq event stamp: 1180 [ 91.187906][ T5213] hardirqs last enabled at (1179): [] kasan_quarantine_put+0xc4/0x200 [ 91.189327][ T5213] hardirqs last disabled at (1180): [] smp_call_function_many_cond+0xa44/0xeac [ 91.190848][ T5213] softirqs last enabled at (1162): [] handle_softirqs+0xa40/0xbe4 [ 91.192274][ T5213] softirqs last disabled at (1099): [] __irq_exit_rcu+0x240/0x43c [ 91.193592][ T5213] ---[ end trace 337cf78d76a9fe1c ]--- [ 91.346031][ T5219] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.348144][ T5219] Bad inode number on dev loop0: 2 is out of range [ 91.349061][ T5219] SysV FS: get root inode failed [ 91.349783][ T5219] oldfs: cannot read superblock [ 91.360722][ C1] ------------[ cut here ]------------ [ 91.361592][ C1] VFS: brelse: Trying to free free buffer [ 91.362435][ C1] WARNING: CPU: 1 PID: 5221 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.363794][ C1] Modules linked in: [ 91.364399][ C1] CPU: 1 PID: 5221 Comm: syz.0.86 Tainted: G W syzkaller #0 [ 91.365679][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.367115][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.368299][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 91.369033][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 91.369754][ C1] sp : ffff800008017de0 [ 91.370382][ C1] x29: ffff800008017de0 x28: ffff0000caeb8000 x27: 1fffe000341f665c [ 91.371607][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 91.372721][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de3b9230 [ 91.373929][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 91.375160][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 91.376361][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 91.377593][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a19e20d6c806c600 [ 91.378754][ C1] x8 : a19e20d6c806c600 x7 : 0000000000000001 x6 : 0000000000000001 [ 91.379933][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 91.381101][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 91.382254][ C1] Call trace: [ 91.382712][ C1] invalidate_bh_lru+0x128/0x22c [ 91.383471][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 91.384319][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 91.385263][ C1] ipi_handler+0x10c/0x6fc [ 91.385893][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 91.386670][ C1] handle_domain_irq+0x144/0x1fc [ 91.387424][ C1] gic_handle_irq+0x78/0x1b8 [ 91.388136][ C1] call_on_irq_stack+0x30/0x48 [ 91.388921][ C1] do_interrupt_handler+0x6c/0x88 [ 91.389667][ C1] el1_interrupt+0x30/0x58 [ 91.390343][ C1] el1h_64_irq_handler+0x18/0x24 [ 91.391062][ C1] el1h_64_irq+0x78/0x7c [ 91.391665][ C1] arch_local_irq_restore+0x8/0x10 [ 91.392415][ C1] find_vma+0x64/0x22c [ 91.393051][ C1] do_page_fault+0x5fc/0xab0 [ 91.393730][ C1] do_translation_fault+0xe0/0x130 [ 91.394445][ C1] do_mem_abort+0x6c/0x1ac [ 91.395144][ C1] el0_da+0x90/0x1ec [ 91.395739][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 91.396513][ C1] el0t_64_sync+0x1a0/0x1a4 [ 91.397187][ C1] irq event stamp: 252 [ 91.397800][ C1] hardirqs last enabled at (251): [] local_daif_restore+0x1c/0x3c [ 91.399120][ C1] hardirqs last disabled at (252): [] enter_el1_irq_or_nmi+0x10/0x1c [ 91.400557][ C1] softirqs last enabled at (54): [] local_bh_enable+0x10/0x34 [ 91.401925][ C1] softirqs last disabled at (52): [] local_bh_disable+0x10/0x34 [ 91.403229][ C1] ---[ end trace 337cf78d76a9fe1d ]--- [ 91.499276][ T5221] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.500463][ T5221] Bad inode number on dev loop0: 2 is out of range [ 91.501401][ T5221] SysV FS: get root inode failed [ 91.502082][ T5221] oldfs: cannot read superblock [ 91.509629][ C0] ------------[ cut here ]------------ [ 91.510529][ C0] VFS: brelse: Trying to free free buffer [ 91.511443][ C0] WARNING: CPU: 0 PID: 5222 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.512673][ C0] Modules linked in: [ 91.513251][ C0] CPU: 0 PID: 5222 Comm: syz-executor Tainted: G W syzkaller #0 [ 91.514558][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.516002][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.517104][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 91.517935][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 91.518703][ C0] sp : ffff800008007de0 [ 91.519318][ C0] x29: ffff800008007de0 x28: ffff0000d6ee51c0 x27: 1fffe000341f245c [ 91.520541][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 91.521756][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c1400 [ 91.522991][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 91.524210][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 91.525394][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 91.526539][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 7a792be4610dd100 [ 91.527647][ C0] x8 : 7a792be4610dd100 x7 : 0000000000000001 x6 : 0000000000000001 [ 91.528783][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 91.529950][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 91.531118][ C0] Call trace: [ 91.531612][ C0] invalidate_bh_lru+0x128/0x22c [ 91.532289][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 91.533104][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 91.534103][ C0] ipi_handler+0x10c/0x6fc [ 91.534700][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 91.535446][ C0] handle_domain_irq+0x144/0x1fc [ 91.536135][ C0] gic_handle_irq+0x78/0x1b8 [ 91.536771][ C0] call_on_irq_stack+0x30/0x48 [ 91.537468][ C0] do_interrupt_handler+0x6c/0x88 [ 91.538176][ C0] el1_interrupt+0x30/0x58 [ 91.538784][ C0] el1h_64_irq_handler+0x18/0x24 [ 91.539464][ C0] el1h_64_irq+0x78/0x7c [ 91.540067][ C0] account_kernel_stack+0x150/0x26c [ 91.540805][ C0] put_task_stack+0xa0/0x174 [ 91.541470][ C0] finish_task_switch+0x344/0x69c [ 91.542176][ C0] schedule_tail+0x20/0x150 [ 91.542828][ C0] ret_from_fork+0x4/0x20 [ 91.543480][ C0] irq event stamp: 10 [ 91.544094][ C0] hardirqs last enabled at (9): [] account_kernel_stack+0x130/0x26c [ 91.545485][ C0] hardirqs last disabled at (10): [] enter_el1_irq_or_nmi+0x10/0x1c [ 91.546860][ C0] softirqs last enabled at (0): [] copy_process+0x1140/0x34c8 [ 91.548076][ C0] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.549016][ C0] ---[ end trace 337cf78d76a9fe1e ]--- [ 91.674334][ T5223] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.675474][ T5223] Bad inode number on dev loop0: 2 is out of range [ 91.676426][ T5223] SysV FS: get root inode failed [ 91.677136][ T5223] oldfs: cannot read superblock [ 91.687405][ T4880] ------------[ cut here ]------------ [ 91.688301][ T4880] VFS: brelse: Trying to free free buffer [ 91.689131][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.690384][ T4880] Modules linked in: [ 91.690955][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 91.692193][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.693628][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.694866][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 91.695638][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 91.696400][ T4880] sp : ffff80001f6d77c0 [ 91.697006][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 91.698220][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 91.699361][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e70b4318 [ 91.700538][ T4880] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 91.701722][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 91.702905][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 91.704112][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 91.705276][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 91.706456][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 91.707621][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 91.708817][ T4880] Call trace: [ 91.709276][ T4880] invalidate_bh_lru+0x128/0x22c [ 91.710195][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 91.711177][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 91.711972][ T4880] invalidate_bh_lrus+0x34/0x40 [ 91.712748][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 91.713564][ T4880] blkdev_put+0x490/0x6ac [ 91.714282][ T4880] blkdev_close+0x74/0xb0 [ 91.714956][ T4880] __fput+0x1c0/0x7e8 [ 91.715544][ T4880] ____fput+0x20/0x30 [ 91.716178][ T4880] task_work_run+0x12c/0x1d8 [ 91.716848][ T4880] do_notify_resume+0x2450/0x309c [ 91.717596][ T4880] el0_svc+0xf0/0x1d0 [ 91.718200][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 91.718936][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 91.719653][ T4880] irq event stamp: 382952 [ 91.720332][ T4880] hardirqs last enabled at (382951): [] kasan_quarantine_put+0xc4/0x200 [ 91.721733][ T4880] hardirqs last disabled at (382952): [] smp_call_function_many_cond+0xa44/0xeac [ 91.723243][ T4880] softirqs last enabled at (382674): [] local_bh_enable+0x10/0x34 [ 91.724633][ T4880] softirqs last disabled at (382672): [] local_bh_disable+0x10/0x34 [ 91.726123][ T4880] ---[ end trace 337cf78d76a9fe1f ]--- [ 91.846559][ T5225] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.847938][ T5225] Bad inode number on dev loop0: 2 is out of range [ 91.848876][ T5225] SysV FS: get root inode failed [ 91.849627][ T5225] oldfs: cannot read superblock [ 91.857907][ C0] ------------[ cut here ]------------ [ 91.858816][ C0] VFS: brelse: Trying to free free buffer [ 91.859769][ C0] WARNING: CPU: 0 PID: 5226 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.861075][ C0] Modules linked in: [ 91.861612][ C0] CPU: 0 PID: 5226 Comm: syz.0.89 Tainted: G W syzkaller #0 [ 91.862895][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.864377][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.865602][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 91.866403][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 91.867210][ C0] sp : ffff800008007de0 [ 91.867825][ C0] x29: ffff800008007de0 x28: ffff0000d5391b40 x27: 1fffe000341f245c [ 91.868961][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 91.870185][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c17a0 [ 91.871403][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 91.872566][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 91.873790][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 91.874993][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 098692959b0dc300 [ 91.876188][ C0] x8 : 098692959b0dc300 x7 : 0000000000000001 x6 : 0000000000000001 [ 91.877385][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 91.878542][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 91.879720][ C0] Call trace: [ 91.880230][ C0] invalidate_bh_lru+0x128/0x22c [ 91.880986][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 91.881891][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 91.882968][ C0] ipi_handler+0x10c/0x6fc [ 91.883593][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 91.884368][ C0] handle_domain_irq+0x144/0x1fc [ 91.885127][ C0] gic_handle_irq+0x78/0x1b8 [ 91.885773][ C0] call_on_irq_stack+0x30/0x48 [ 91.886456][ C0] do_interrupt_handler+0x6c/0x88 [ 91.887221][ C0] el1_interrupt+0x30/0x58 [ 91.887832][ C0] el1h_64_irq_handler+0x18/0x24 [ 91.888573][ C0] el1h_64_irq+0x78/0x7c [ 91.889166][ C0] rcu_is_watching+0x20/0x134 [ 91.889826][ C0] lock_release+0xb4/0x8e0 [ 91.890498][ C0] fs_reclaim_acquire+0x130/0x1c4 [ 91.891251][ C0] prepare_alloc_pages+0x134/0x45c [ 91.891996][ C0] __alloc_pages+0x108/0x470 [ 91.892679][ C0] alloc_pages+0x34c/0x5c0 [ 91.893339][ C0] pte_alloc_one+0x2c/0x254 [ 91.894057][ C0] __pte_alloc+0x34/0x214 [ 91.894635][ C0] handle_mm_fault+0x2444/0x2a28 [ 91.895324][ C0] do_page_fault+0x67c/0xab0 [ 91.895971][ C0] do_translation_fault+0xe0/0x130 [ 91.896691][ C0] do_mem_abort+0x6c/0x1ac [ 91.897337][ C0] el0_da+0x90/0x1ec [ 91.897865][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 91.898563][ C0] el0t_64_sync+0x1a0/0x1a4 [ 91.899241][ C0] irq event stamp: 1296 [ 91.899824][ C0] hardirqs last enabled at (1295): [] __pmd_alloc+0x1f8/0x48c [ 91.901126][ C0] hardirqs last disabled at (1296): [] enter_el1_irq_or_nmi+0x10/0x1c [ 91.902553][ C0] softirqs last enabled at (1280): [] local_bh_enable+0x10/0x34 [ 91.903825][ C0] softirqs last disabled at (1278): [] local_bh_disable+0x10/0x34 [ 91.905213][ C0] ---[ end trace 337cf78d76a9fe20 ]--- [ 91.974013][ T5227] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 91.975173][ T5227] Bad inode number on dev loop0: 2 is out of range [ 91.976094][ T5227] SysV FS: get root inode failed [ 91.976767][ T5227] oldfs: cannot read superblock [ 91.989813][ T4880] ------------[ cut here ]------------ [ 91.990763][ T4880] VFS: brelse: Trying to free free buffer [ 91.991714][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 91.993057][ T4880] Modules linked in: [ 91.993686][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 91.994935][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 91.996487][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 91.997621][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 91.998381][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 91.999165][ T4880] sp : ffff80001f6d77c0 [ 91.999788][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 92.001001][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 92.002201][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de31d060 [ 92.003349][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 92.004617][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.005841][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 92.007038][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 92.008315][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.009505][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.010743][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 92.011992][ T4880] Call trace: [ 92.012465][ T4880] invalidate_bh_lru+0x128/0x22c [ 92.013186][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 92.014035][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 92.014833][ T4880] invalidate_bh_lrus+0x34/0x40 [ 92.015607][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 92.016393][ T4880] blkdev_put+0x490/0x6ac [ 92.017042][ T4880] blkdev_close+0x74/0xb0 [ 92.017665][ T4880] __fput+0x1c0/0x7e8 [ 92.018237][ T4880] ____fput+0x20/0x30 [ 92.018792][ T4880] task_work_run+0x12c/0x1d8 [ 92.019472][ T4880] do_notify_resume+0x2450/0x309c [ 92.020227][ T4880] el0_svc+0xf0/0x1d0 [ 92.020856][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 92.021628][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 92.022330][ T4880] irq event stamp: 392838 [ 92.022986][ T4880] hardirqs last enabled at (392837): [] kasan_quarantine_put+0xc4/0x200 [ 92.024404][ T4880] hardirqs last disabled at (392838): [] smp_call_function_many_cond+0xa44/0xeac [ 92.025896][ T4880] softirqs last enabled at (392550): [] local_bh_enable+0x10/0x34 [ 92.027257][ T4880] softirqs last disabled at (392548): [] local_bh_disable+0x10/0x34 [ 92.028726][ T4880] ---[ end trace 337cf78d76a9fe21 ]--- [ 92.068653][ T5229] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.069912][ T5229] Bad inode number on dev loop0: 2 is out of range [ 92.071172][ T5229] SysV FS: get root inode failed [ 92.071945][ T5229] oldfs: cannot read superblock [ 92.075298][ C0] ------------[ cut here ]------------ [ 92.076156][ C0] VFS: brelse: Trying to free free buffer [ 92.077114][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.078430][ C0] Modules linked in: [ 92.078996][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 92.080225][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.081571][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.082682][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 92.083481][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 92.084243][ C0] sp : ffff800008007de0 [ 92.084797][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245c [ 92.086026][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 92.087233][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c1b40 [ 92.088466][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 92.089647][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.090886][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 92.092092][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 92.093385][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.094525][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.095758][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 92.096935][ C0] Call trace: [ 92.097427][ C0] invalidate_bh_lru+0x128/0x22c [ 92.098119][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 92.098976][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 92.099994][ C0] ipi_handler+0x10c/0x6fc [ 92.100622][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 92.101450][ C0] handle_domain_irq+0x144/0x1fc [ 92.102163][ C0] gic_handle_irq+0x78/0x1b8 [ 92.102816][ C0] call_on_irq_stack+0x30/0x48 [ 92.103496][ C0] do_interrupt_handler+0x6c/0x88 [ 92.104195][ C0] el1_interrupt+0x30/0x58 [ 92.104805][ C0] el1h_64_irq_handler+0x18/0x24 [ 92.105471][ C0] el1h_64_irq+0x78/0x7c [ 92.106064][ C0] arch_local_irq_restore+0x8/0x10 [ 92.106802][ C0] ___might_sleep+0x98/0x4d4 [ 92.107484][ C0] __might_sleep+0x98/0x124 [ 92.108156][ C0] __might_fault+0x80/0x128 [ 92.108864][ C0] __arm64_sys_rt_sigreturn+0x338/0x20c0 [ 92.109738][ C0] invoke_syscall+0x98/0x2b0 [ 92.110435][ C0] el0_svc_common+0x138/0x258 [ 92.111113][ C0] do_el0_svc+0x58/0x13c [ 92.111733][ C0] el0_svc+0x78/0x1d0 [ 92.112358][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 92.113121][ C0] el0t_64_sync+0x1a0/0x1a4 [ 92.113799][ C0] irq event stamp: 414380 [ 92.114405][ C0] hardirqs last enabled at (414379): [] _raw_spin_unlock_irq+0x98/0x128 [ 92.115948][ C0] hardirqs last disabled at (414380): [] enter_el1_irq_or_nmi+0x10/0x1c [ 92.117351][ C0] softirqs last enabled at (414372): [] local_bh_enable+0x10/0x34 [ 92.118755][ C0] softirqs last disabled at (414370): [] local_bh_disable+0x10/0x34 [ 92.120228][ C0] ---[ end trace 337cf78d76a9fe22 ]--- [ 92.163583][ T5231] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.164828][ T5231] Bad inode number on dev loop0: 2 is out of range [ 92.165797][ T5231] SysV FS: get root inode failed [ 92.166571][ T5231] oldfs: cannot read superblock [ 92.183490][ C1] ------------[ cut here ]------------ [ 92.184386][ C1] VFS: brelse: Trying to free free buffer [ 92.185316][ C1] WARNING: CPU: 1 PID: 5233 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.186559][ C1] Modules linked in: [ 92.187130][ C1] CPU: 1 PID: 5233 Comm: syz.0.92 Tainted: G W syzkaller #0 [ 92.188380][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.189787][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.190931][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 92.191680][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 92.192475][ C1] sp : ffff800008017de0 [ 92.193113][ C1] x29: ffff800008017de0 x28: ffff0000d7868000 x27: 1fffe000341f665c [ 92.194257][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 92.195491][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de31d400 [ 92.196697][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 92.197904][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.199108][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 92.200324][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 8559bd2651d8fa00 [ 92.201459][ C1] x8 : 8559bd2651d8fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.202630][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.203816][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 92.205091][ C1] Call trace: [ 92.205643][ C1] invalidate_bh_lru+0x128/0x22c [ 92.206395][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 92.207312][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 92.208264][ C1] ipi_handler+0x10c/0x6fc [ 92.208927][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 92.209819][ C1] handle_domain_irq+0x144/0x1fc [ 92.210568][ C1] gic_handle_irq+0x78/0x1b8 [ 92.211294][ C1] call_on_irq_stack+0x30/0x48 [ 92.211983][ C1] do_interrupt_handler+0x6c/0x88 [ 92.212766][ C1] el1_interrupt+0x30/0x58 [ 92.213406][ C1] el1h_64_irq_handler+0x18/0x24 [ 92.214207][ C1] el1h_64_irq+0x78/0x7c [ 92.214865][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 92.215661][ C1] debug_check_no_obj_freed+0x450/0x46c [ 92.216487][ C1] slab_free_freelist_hook+0x9c/0x1e4 [ 92.217302][ C1] kmem_cache_free+0xdc/0x3b0 [ 92.217995][ C1] __put_anon_vma+0x124/0x2e4 [ 92.218687][ C1] unlink_anon_vmas+0x3e4/0x534 [ 92.219449][ C1] free_pgtables+0x14c/0x278 [ 92.220110][ C1] exit_mmap+0x2d8/0x508 [ 92.220754][ C1] __mmput+0xec/0x3a8 [ 92.221383][ C1] mmput+0x80/0xc0 [ 92.221869][ C1] exit_mm+0x4ac/0x664 [ 92.222482][ C1] do_exit+0x4f0/0x1f50 [ 92.223097][ C1] do_group_exit+0x100/0x268 [ 92.223756][ C1] get_signal+0x73c/0x1334 [ 92.224393][ C1] do_notify_resume+0x354/0x309c [ 92.225081][ C1] el0_svc+0xf0/0x1d0 [ 92.225633][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 92.226319][ C1] el0t_64_sync+0x1a0/0x1a4 [ 92.226977][ C1] irq event stamp: 2264 [ 92.227591][ C1] hardirqs last enabled at (2263): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 92.229142][ C1] hardirqs last disabled at (2264): [] enter_el1_irq_or_nmi+0x10/0x1c [ 92.230641][ C1] softirqs last enabled at (1172): [] handle_softirqs+0xa40/0xbe4 [ 92.232023][ C1] softirqs last disabled at (1161): [] __irq_exit_rcu+0x240/0x43c [ 92.233389][ C1] ---[ end trace 337cf78d76a9fe23 ]--- [ 92.324312][ T5235] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.325524][ T5235] Bad inode number on dev loop0: 2 is out of range [ 92.326887][ T5235] SysV FS: get root inode failed [ 92.327580][ T5235] oldfs: cannot read superblock [ 92.332572][ C0] ------------[ cut here ]------------ [ 92.333498][ C0] VFS: brelse: Trying to free free buffer [ 92.334404][ C0] WARNING: CPU: 0 PID: 3661 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.335784][ C0] Modules linked in: [ 92.336423][ C0] CPU: 0 PID: 3661 Comm: udevd Tainted: G W syzkaller #0 [ 92.337657][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.339176][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.340343][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 92.341194][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 92.342022][ C0] sp : ffff800008007de0 [ 92.342610][ C0] x29: ffff800008007de0 x28: ffff0000d67a8000 x27: 1fffe000341f245c [ 92.343765][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 92.344946][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d08c1ee0 [ 92.346048][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 92.347169][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.348339][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 92.349440][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : eca722db6c66c400 [ 92.350560][ C0] x8 : eca722db6c66c400 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.351701][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.352842][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 92.354003][ C0] Call trace: [ 92.354431][ C0] invalidate_bh_lru+0x128/0x22c [ 92.355122][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 92.356036][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 92.357056][ C0] ipi_handler+0x10c/0x6fc [ 92.357690][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 92.358512][ C0] handle_domain_irq+0x144/0x1fc [ 92.359169][ C0] gic_handle_irq+0x78/0x1b8 [ 92.359819][ C0] call_on_irq_stack+0x30/0x48 [ 92.360502][ C0] do_interrupt_handler+0x6c/0x88 [ 92.361215][ C0] el1_interrupt+0x30/0x58 [ 92.361828][ C0] el1h_64_irq_handler+0x18/0x24 [ 92.362511][ C0] el1h_64_irq+0x78/0x7c [ 92.363118][ C0] __memset+0x170/0x1c0 [ 92.363730][ C0] __kasan_unpoison_pages+0x44/0x54 [ 92.364621][ C0] post_alloc_hook+0xcc/0x1f8 [ 92.365381][ C0] get_page_from_freelist+0x2928/0x2a68 [ 92.366235][ C0] __alloc_pages+0x1a0/0x470 [ 92.366944][ C0] alloc_pages+0x34c/0x5c0 [ 92.367600][ C0] new_slab+0xe0/0x544 [ 92.368233][ C0] ___slab_alloc+0x6b4/0xd8c [ 92.368958][ C0] __slab_alloc+0x68/0xc0 [ 92.369605][ C0] kmem_cache_alloc+0x2a4/0x3d4 [ 92.370326][ C0] getname_flags+0xb8/0x450 [ 92.370961][ C0] user_path_at_empty+0x40/0x1a0 [ 92.371692][ C0] do_readlinkat+0xe0/0x3fc [ 92.372364][ C0] __arm64_sys_readlinkat+0x9c/0xb8 [ 92.373147][ C0] invoke_syscall+0x98/0x2b0 [ 92.373856][ C0] el0_svc_common+0x138/0x258 [ 92.374645][ C0] do_el0_svc+0x58/0x13c [ 92.375308][ C0] el0_svc+0x78/0x1d0 [ 92.375930][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 92.376691][ C0] el0t_64_sync+0x1a0/0x1a4 [ 92.377413][ C0] irq event stamp: 1400664 [ 92.378016][ C0] hardirqs last enabled at (1400663): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 92.379594][ C0] hardirqs last disabled at (1400664): [] enter_el1_irq_or_nmi+0x10/0x1c [ 92.381089][ C0] softirqs last enabled at (1400638): [] local_bh_enable+0x10/0x34 [ 92.382536][ C0] softirqs last disabled at (1400636): [] local_bh_disable+0x10/0x34 [ 92.383937][ C0] ---[ end trace 337cf78d76a9fe24 ]--- [ 92.465337][ T5237] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.466519][ T5237] Bad inode number on dev loop0: 2 is out of range [ 92.467530][ T5237] SysV FS: get root inode failed [ 92.468283][ T5237] oldfs: cannot read superblock [ 92.487487][ T4880] ------------[ cut here ]------------ [ 92.488437][ T4880] VFS: brelse: Trying to free free buffer [ 92.489443][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.490875][ T4880] Modules linked in: [ 92.491486][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 92.492722][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.494219][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.495340][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 92.496135][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 92.496860][ T4880] sp : ffff80001f6d77c0 [ 92.497443][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 92.498643][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 92.499815][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de358400 [ 92.501015][ T4880] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 92.502178][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.503370][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 92.504552][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 92.505731][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.506849][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.508001][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 92.509207][ T4880] Call trace: [ 92.509700][ T4880] invalidate_bh_lru+0x128/0x22c [ 92.510482][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 92.511331][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 92.512071][ T4880] invalidate_bh_lrus+0x34/0x40 [ 92.512764][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 92.513577][ T4880] blkdev_put+0x490/0x6ac [ 92.514265][ T4880] blkdev_close+0x74/0xb0 [ 92.514874][ T4880] __fput+0x1c0/0x7e8 [ 92.515427][ T4880] ____fput+0x20/0x30 [ 92.515990][ T4880] task_work_run+0x12c/0x1d8 [ 92.516591][ T4880] do_notify_resume+0x2450/0x309c [ 92.517279][ T4880] el0_svc+0xf0/0x1d0 [ 92.517866][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 92.518593][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 92.519236][ T4880] irq event stamp: 432208 [ 92.519902][ T4880] hardirqs last enabled at (432207): [] kasan_quarantine_put+0xc4/0x200 [ 92.521335][ T4880] hardirqs last disabled at (432208): [] smp_call_function_many_cond+0xa44/0xeac [ 92.523001][ T4880] softirqs last enabled at (431946): [] local_bh_enable+0x10/0x34 [ 92.524398][ T4880] softirqs last disabled at (431944): [] local_bh_disable+0x10/0x34 [ 92.525761][ T4880] ---[ end trace 337cf78d76a9fe25 ]--- [ 92.597693][ T5241] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.598930][ T5241] Bad inode number on dev loop0: 2 is out of range [ 92.599953][ T5241] SysV FS: get root inode failed [ 92.600704][ T5241] oldfs: cannot read superblock [ 92.610082][ C0] ------------[ cut here ]------------ [ 92.610941][ C0] VFS: brelse: Trying to free free buffer [ 92.611822][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.613257][ C0] Modules linked in: [ 92.613887][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 92.615348][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.616790][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.617907][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 92.618682][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 92.619488][ C0] sp : ffff800008007de0 [ 92.620116][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245b [ 92.621299][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 92.622471][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de3587a0 [ 92.623569][ C0] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000010002 [ 92.624670][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.625839][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 92.626968][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 4492d4acac152100 [ 92.628155][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.629332][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.630512][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 92.631695][ C0] Call trace: [ 92.632134][ C0] invalidate_bh_lru+0x128/0x22c [ 92.632809][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 92.633654][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 92.634662][ C0] ipi_handler+0x10c/0x6fc [ 92.635313][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 92.636132][ C0] handle_domain_irq+0x144/0x1fc [ 92.636858][ C0] gic_handle_irq+0x78/0x1b8 [ 92.637514][ C0] call_on_irq_stack+0x30/0x48 [ 92.638166][ C0] do_interrupt_handler+0x6c/0x88 [ 92.638831][ C0] el1_interrupt+0x30/0x58 [ 92.639442][ C0] el1h_64_irq_handler+0x18/0x24 [ 92.640090][ C0] el1h_64_irq+0x78/0x7c [ 92.640716][ C0] alloc_counters+0x3f8/0x7a0 [ 92.641367][ C0] do_ip6t_get_ctl+0xb68/0x143c [ 92.642090][ C0] nf_getsockopt+0x264/0x284 [ 92.642805][ C0] ipv6_getsockopt+0x588/0x2538 [ 92.643536][ C0] tcp_getsockopt+0x210/0x2eec [ 92.644239][ C0] sock_common_getsockopt+0xa8/0xc4 [ 92.644977][ C0] __sys_getsockopt+0x1b8/0x250 [ 92.645719][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 92.646402][ C0] invoke_syscall+0x98/0x2b0 [ 92.647041][ C0] el0_svc_common+0x138/0x258 [ 92.647755][ C0] do_el0_svc+0x58/0x13c [ 92.648397][ C0] el0_svc+0x78/0x1d0 [ 92.648935][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 92.649642][ C0] el0t_64_sync+0x1a0/0x1a4 [ 92.650290][ C0] irq event stamp: 434184 [ 92.650901][ C0] hardirqs last enabled at (434183): [] alloc_counters+0x3d4/0x7a0 [ 92.652368][ C0] hardirqs last disabled at (434184): [] enter_el1_irq_or_nmi+0x10/0x1c [ 92.653786][ C0] softirqs last enabled at (433896): [] release_sock+0x1d0/0x258 [ 92.655154][ C0] softirqs last disabled at (433894): [] release_sock+0x34/0x258 [ 92.656569][ C0] ---[ end trace 337cf78d76a9fe26 ]--- [ 92.826662][ T5243] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.827882][ T5243] Bad inode number on dev loop0: 2 is out of range [ 92.828881][ T5243] SysV FS: get root inode failed [ 92.829721][ T5243] oldfs: cannot read superblock [ 92.835536][ C1] ------------[ cut here ]------------ [ 92.836369][ C1] VFS: brelse: Trying to free free buffer [ 92.837292][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.838652][ C1] Modules linked in: [ 92.839253][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 92.840580][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.842046][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.843205][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 92.843966][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 92.844685][ C1] sp : ffff800008017de0 [ 92.845236][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665c [ 92.846425][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 92.847617][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de31d970 [ 92.848780][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 92.849937][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.851139][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 92.852368][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 4492d4acac152100 [ 92.853556][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.854714][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.855958][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 92.857072][ C1] Call trace: [ 92.857536][ C1] invalidate_bh_lru+0x128/0x22c [ 92.858280][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 92.859190][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 92.860150][ C1] ipi_handler+0x10c/0x6fc [ 92.860766][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 92.861535][ C1] handle_domain_irq+0x144/0x1fc [ 92.862224][ C1] gic_handle_irq+0x78/0x1b8 [ 92.862903][ C1] call_on_irq_stack+0x30/0x48 [ 92.863634][ C1] do_interrupt_handler+0x6c/0x88 [ 92.864343][ C1] el1_interrupt+0x30/0x58 [ 92.864951][ C1] el1h_64_irq_handler+0x18/0x24 [ 92.865631][ C1] el1h_64_irq+0x78/0x7c [ 92.866217][ C1] __percpu_read_32+0xc/0x58 [ 92.866873][ C1] ___might_sleep+0x48/0x4d4 [ 92.867537][ C1] __might_sleep+0x98/0x124 [ 92.868263][ C1] __might_fault+0x80/0x128 [ 92.868899][ C1] xt_obj_to_user+0x2a0/0x3c8 [ 92.869579][ C1] xt_target_to_user+0x88/0x1a8 [ 92.870264][ C1] do_ip6t_get_ctl+0x104c/0x143c [ 92.871008][ C1] nf_getsockopt+0x264/0x284 [ 92.871681][ C1] ipv6_getsockopt+0x588/0x2538 [ 92.872405][ C1] tcp_getsockopt+0x210/0x2eec [ 92.873066][ C1] sock_common_getsockopt+0xa8/0xc4 [ 92.873825][ C1] __sys_getsockopt+0x1b8/0x250 [ 92.874552][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 92.875291][ C1] invoke_syscall+0x98/0x2b0 [ 92.875975][ C1] el0_svc_common+0x138/0x258 [ 92.876683][ C1] do_el0_svc+0x58/0x13c [ 92.877348][ C1] el0_svc+0x78/0x1d0 [ 92.877921][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 92.878618][ C1] el0t_64_sync+0x1a0/0x1a4 [ 92.879236][ C1] irq event stamp: 437016 [ 92.879838][ C1] hardirqs last enabled at (437015): [] alloc_counters+0x3d4/0x7a0 [ 92.881163][ C1] hardirqs last disabled at (437016): [] enter_el1_irq_or_nmi+0x10/0x1c [ 92.882809][ C1] softirqs last enabled at (436924): [] release_sock+0x1d0/0x258 [ 92.884268][ C1] softirqs last disabled at (436922): [] release_sock+0x34/0x258 [ 92.885676][ C1] ---[ end trace 337cf78d76a9fe27 ]--- 1970/01/01 00:01:32 executed programs: 84 [ 92.928230][ T5245] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 92.929489][ T5245] Bad inode number on dev loop0: 2 is out of range [ 92.930531][ T5245] SysV FS: get root inode failed [ 92.931340][ T5245] oldfs: cannot read superblock [ 92.939227][ T4880] ------------[ cut here ]------------ [ 92.940026][ T4880] VFS: brelse: Trying to free free buffer [ 92.940815][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 92.942020][ T4880] Modules linked in: [ 92.942532][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 92.943714][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 92.945094][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.946160][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 92.946900][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 92.947629][ T4880] sp : ffff80001f6d77c0 [ 92.948222][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 92.949378][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 92.950566][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de31dd10 [ 92.951802][ T4880] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 92.952997][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 92.954221][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 92.955425][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 92.956622][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 92.957796][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 92.958946][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 92.960086][ T4880] Call trace: [ 92.960548][ T4880] invalidate_bh_lru+0x128/0x22c [ 92.961221][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 92.962027][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 92.962715][ T4880] invalidate_bh_lrus+0x34/0x40 [ 92.963375][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 92.964121][ T4880] blkdev_put+0x490/0x6ac [ 92.964730][ T4880] blkdev_close+0x74/0xb0 [ 92.965335][ T4880] __fput+0x1c0/0x7e8 [ 92.965867][ T4880] ____fput+0x20/0x30 [ 92.966415][ T4880] task_work_run+0x12c/0x1d8 [ 92.967039][ T4880] do_notify_resume+0x2450/0x309c [ 92.967731][ T4880] el0_svc+0xf0/0x1d0 [ 92.968320][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 92.969053][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 92.969687][ T4880] irq event stamp: 445634 [ 92.970309][ T4880] hardirqs last enabled at (445633): [] kasan_quarantine_put+0xc4/0x200 [ 92.971772][ T4880] hardirqs last disabled at (445634): [] smp_call_function_many_cond+0xa44/0xeac [ 92.973361][ T4880] softirqs last enabled at (445342): [] local_bh_enable+0x10/0x34 [ 92.974731][ T4880] softirqs last disabled at (445340): [] local_bh_disable+0x10/0x34 [ 92.976076][ T4880] ---[ end trace 337cf78d76a9fe28 ]--- [ 93.018025][ T5247] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.019218][ T5247] Bad inode number on dev loop0: 2 is out of range [ 93.020322][ T5247] SysV FS: get root inode failed [ 93.021033][ T5247] oldfs: cannot read superblock [ 93.029695][ C1] ------------[ cut here ]------------ [ 93.030485][ C1] VFS: brelse: Trying to free free buffer [ 93.031301][ C1] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.032461][ C1] Modules linked in: [ 93.032997][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W syzkaller #0 [ 93.034161][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.035541][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.036618][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 93.037343][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 93.038117][ C1] sp : ffff800008017de0 [ 93.038716][ C1] x29: ffff800008017de0 x28: ffff0000c0a68000 x27: 1fffe000341f665b [ 93.039886][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 93.040970][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcabd148 [ 93.042107][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010003 [ 93.043217][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.044369][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 93.045568][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 06578d3fbfee6400 [ 93.046759][ C1] x8 : 06578d3fbfee6400 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.047896][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.049070][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 93.050185][ C1] Call trace: [ 93.050650][ C1] invalidate_bh_lru+0x128/0x22c [ 93.051324][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 93.052128][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 93.053094][ C1] ipi_handler+0x10c/0x6fc [ 93.053661][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 93.054457][ C1] handle_domain_irq+0x144/0x1fc [ 93.055165][ C1] gic_handle_irq+0x78/0x1b8 [ 93.055785][ C1] call_on_irq_stack+0x30/0x48 [ 93.056450][ C1] do_interrupt_handler+0x6c/0x88 [ 93.057180][ C1] el1_interrupt+0x30/0x58 [ 93.057796][ C1] el1h_64_irq_handler+0x18/0x24 [ 93.058529][ C1] el1h_64_irq+0x78/0x7c [ 93.059156][ C1] arch_local_irq_enable+0xc/0x18 [ 93.059894][ C1] default_idle_call+0xcc/0x40c [ 93.060642][ C1] do_idle+0x1c8/0x48c [ 93.061241][ C1] cpu_startup_entry+0x24/0x28 [ 93.061954][ C1] secondary_start_kernel+0x23c/0x28c [ 93.062759][ C1] __secondary_switched+0x94/0x98 [ 93.063482][ C1] irq event stamp: 563640 [ 93.064108][ C1] hardirqs last enabled at (563639): [] default_idle_call+0xb8/0x40c [ 93.065518][ C1] hardirqs last disabled at (563640): [] enter_el1_irq_or_nmi+0x10/0x1c [ 93.066920][ C1] softirqs last enabled at (563524): [] handle_softirqs+0xa40/0xbe4 [ 93.068307][ C1] softirqs last disabled at (563309): [] __irq_exit_rcu+0x240/0x43c [ 93.069714][ C1] ---[ end trace 337cf78d76a9fe29 ]--- [ 93.174171][ T5249] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.175312][ T5249] Bad inode number on dev loop0: 2 is out of range [ 93.176318][ T5249] SysV FS: get root inode failed [ 93.177205][ T5249] oldfs: cannot read superblock [ 93.209287][ T4880] ------------[ cut here ]------------ [ 93.210097][ T4880] VFS: brelse: Trying to free free buffer [ 93.211005][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.212248][ T4880] Modules linked in: [ 93.212810][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 93.214039][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.215493][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.216651][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 93.217421][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 93.218273][ T4880] sp : ffff80001f6d77c0 [ 93.218917][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 93.220138][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 93.221332][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de358b40 [ 93.222460][ T4880] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 93.223643][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.224828][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 93.225984][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 93.227148][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.228253][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.229401][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 93.230564][ T4880] Call trace: [ 93.231056][ T4880] invalidate_bh_lru+0x128/0x22c [ 93.231785][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 93.232663][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 93.233419][ T4880] invalidate_bh_lrus+0x34/0x40 [ 93.234129][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 93.234881][ T4880] blkdev_put+0x490/0x6ac [ 93.235543][ T4880] blkdev_close+0x74/0xb0 [ 93.236174][ T4880] __fput+0x1c0/0x7e8 [ 93.236773][ T4880] ____fput+0x20/0x30 [ 93.237327][ T4880] task_work_run+0x12c/0x1d8 [ 93.238011][ T4880] do_notify_resume+0x2450/0x309c [ 93.238758][ T4880] el0_svc+0xf0/0x1d0 [ 93.239425][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 93.240155][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 93.240843][ T4880] irq event stamp: 460896 [ 93.241520][ T4880] hardirqs last enabled at (460895): [] kasan_quarantine_put+0xc4/0x200 [ 93.242921][ T4880] hardirqs last disabled at (460896): [] smp_call_function_many_cond+0xa44/0xeac [ 93.244455][ T4880] softirqs last enabled at (460660): [] local_bh_enable+0x10/0x34 [ 93.245778][ T4880] softirqs last disabled at (460658): [] local_bh_disable+0x10/0x34 [ 93.247055][ T4880] ---[ end trace 337cf78d76a9fe2a ]--- [ 93.286888][ T5255] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.288069][ T5255] Bad inode number on dev loop0: 2 is out of range [ 93.289142][ T5255] SysV FS: get root inode failed [ 93.289845][ T5255] oldfs: cannot read superblock [ 93.301857][ T4880] ------------[ cut here ]------------ [ 93.302757][ T4880] VFS: brelse: Trying to free free buffer [ 93.303722][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.305055][ T4880] Modules linked in: [ 93.305637][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 93.306897][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.308470][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.309660][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 93.310395][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 93.311179][ T4880] sp : ffff80001f6d77c0 [ 93.311793][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 93.313000][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 93.314252][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de358ee0 [ 93.315400][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 93.316628][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.317860][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 93.319073][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 93.320303][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.321436][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.322538][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 93.323675][ T4880] Call trace: [ 93.324150][ T4880] invalidate_bh_lru+0x128/0x22c [ 93.324838][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 93.325670][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 93.326418][ T4880] invalidate_bh_lrus+0x34/0x40 [ 93.327150][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 93.327875][ T4880] blkdev_put+0x490/0x6ac [ 93.328476][ T4880] blkdev_close+0x74/0xb0 [ 93.329085][ T4880] __fput+0x1c0/0x7e8 [ 93.329691][ T4880] ____fput+0x20/0x30 [ 93.330272][ T4880] task_work_run+0x12c/0x1d8 [ 93.330970][ T4880] do_notify_resume+0x2450/0x309c [ 93.331653][ T4880] el0_svc+0xf0/0x1d0 [ 93.332231][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 93.333059][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 93.333676][ T4880] irq event stamp: 469998 [ 93.334283][ T4880] hardirqs last enabled at (469997): [] kasan_quarantine_put+0xc4/0x200 [ 93.335767][ T4880] hardirqs last disabled at (469998): [] smp_call_function_many_cond+0xa44/0xeac [ 93.337389][ T4880] softirqs last enabled at (469730): [] local_bh_enable+0x10/0x34 [ 93.338742][ T4880] softirqs last disabled at (469728): [] local_bh_disable+0x10/0x34 [ 93.340163][ T4880] ---[ end trace 337cf78d76a9fe2b ]--- [ 93.348664][ T5257] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.349814][ T5257] Bad inode number on dev loop0: 2 is out of range [ 93.350774][ T5257] SysV FS: get root inode failed [ 93.351667][ T5257] oldfs: cannot read superblock [ 93.357424][ C1] ------------[ cut here ]------------ [ 93.358343][ C1] VFS: brelse: Trying to free free buffer [ 93.359265][ C1] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.360526][ C1] Modules linked in: [ 93.361102][ C1] CPU: 1 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 93.362382][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.363899][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.365021][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 93.365792][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 93.366563][ C1] sp : ffff800008017de0 [ 93.367160][ C1] x29: ffff800008017de0 x28: ffff0000cec31b40 x27: 1fffe000341f665b [ 93.368375][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 93.369597][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcabd4e8 [ 93.370803][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010003 [ 93.371972][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.373113][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 93.374327][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 4492d4acac152100 [ 93.375463][ C1] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.376650][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.377833][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 93.379078][ C1] Call trace: [ 93.379574][ C1] invalidate_bh_lru+0x128/0x22c [ 93.380344][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 93.381269][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 93.382303][ C1] ipi_handler+0x10c/0x6fc [ 93.382987][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 93.383807][ C1] handle_domain_irq+0x144/0x1fc [ 93.384516][ C1] gic_handle_irq+0x78/0x1b8 [ 93.385240][ C1] call_on_irq_stack+0x30/0x48 [ 93.385959][ C1] do_interrupt_handler+0x6c/0x88 [ 93.386667][ C1] el1_interrupt+0x30/0x58 [ 93.387367][ C1] el1h_64_irq_handler+0x18/0x24 [ 93.388049][ C1] el1h_64_irq+0x78/0x7c [ 93.388725][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 93.389574][ C1] debug_check_no_obj_freed+0x450/0x46c [ 93.390359][ C1] slab_free_freelist_hook+0x9c/0x1e4 [ 93.391051][ C1] kmem_cache_free+0xdc/0x3b0 [ 93.391700][ C1] do_unlinkat+0x574/0x618 [ 93.392311][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 93.393032][ C1] invoke_syscall+0x98/0x2b0 [ 93.393692][ C1] el0_svc_common+0x138/0x258 [ 93.394335][ C1] do_el0_svc+0x58/0x13c [ 93.394970][ C1] el0_svc+0x78/0x1d0 [ 93.395545][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 93.396276][ C1] el0t_64_sync+0x1a0/0x1a4 [ 93.396941][ C1] irq event stamp: 454848 [ 93.397538][ C1] hardirqs last enabled at (454847): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 93.399015][ C1] hardirqs last disabled at (454848): [] enter_el1_irq_or_nmi+0x10/0x1c [ 93.400528][ C1] softirqs last enabled at (454748): [] local_bh_enable+0x10/0x34 [ 93.401834][ C1] softirqs last disabled at (454746): [] local_bh_disable+0x10/0x34 [ 93.403232][ C1] ---[ end trace 337cf78d76a9fe2c ]--- [ 93.443130][ T5259] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.444423][ T5259] Bad inode number on dev loop0: 2 is out of range [ 93.445469][ T5259] SysV FS: get root inode failed [ 93.446228][ T5259] oldfs: cannot read superblock [ 93.447034][ T5259] ------------[ cut here ]------------ [ 93.447885][ T5259] VFS: brelse: Trying to free free buffer [ 93.448862][ T5259] WARNING: CPU: 0 PID: 5259 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.450210][ T5259] Modules linked in: [ 93.450822][ T5259] CPU: 0 PID: 5259 Comm: syz.0.105 Tainted: G W syzkaller #0 [ 93.452112][ T5259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.453662][ T5259] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.454858][ T5259] pc : invalidate_bh_lru+0x128/0x22c [ 93.455662][ T5259] lr : invalidate_bh_lru+0x128/0x22c [ 93.456511][ T5259] sp : ffff8000219576e0 [ 93.457117][ T5259] x29: ffff8000219576e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 93.458331][ T5259] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 93.459537][ T5259] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcac5318 [ 93.460719][ T5259] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 93.461892][ T5259] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.463136][ T5259] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 93.464330][ T5259] x11: 0000000000000002 x10: 0000000000000000 x9 : 78d5bb784c008200 [ 93.465466][ T5259] x8 : 78d5bb784c008200 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.466687][ T5259] x5 : ffff800021956ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.467830][ T5259] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 93.469048][ T5259] Call trace: [ 93.469511][ T5259] invalidate_bh_lru+0x128/0x22c [ 93.470238][ T5259] smp_call_function_many_cond+0xa50/0xeac [ 93.471101][ T5259] on_each_cpu_cond_mask+0x5c/0xc4 [ 93.471851][ T5259] invalidate_bh_lrus+0x34/0x40 [ 93.472569][ T5259] blkdev_flush_mapping+0x16c/0x334 [ 93.473318][ T5259] blkdev_put+0x490/0x6ac [ 93.473930][ T5259] kill_block_super+0x98/0xdc [ 93.474550][ T5259] deactivate_locked_super+0xb8/0x134 [ 93.475337][ T5259] mount_bdev+0x284/0x358 [ 93.475996][ T5259] sysv_mount+0x44/0x58 [ 93.476647][ T5259] legacy_get_tree+0xd4/0x16c [ 93.477300][ T5259] vfs_get_tree+0x90/0x274 [ 93.477988][ T5259] do_new_mount+0x228/0x810 [ 93.478704][ T5259] path_mount+0x5bc/0x1008 [ 93.479453][ T5259] __arm64_sys_mount+0x514/0x5f0 [ 93.480167][ T5259] invoke_syscall+0x98/0x2b0 [ 93.480896][ T5259] el0_svc_common+0x138/0x258 [ 93.481643][ T5259] do_el0_svc+0x58/0x13c [ 93.482265][ T5259] el0_svc+0x78/0x1d0 [ 93.482843][ T5259] el0t_64_sync_handler+0xcc/0xe4 [ 93.483608][ T5259] el0t_64_sync+0x1a0/0x1a4 [ 93.484231][ T5259] irq event stamp: 1084 [ 93.484836][ T5259] hardirqs last enabled at (1083): [] kasan_quarantine_put+0xc4/0x200 [ 93.486264][ T5259] hardirqs last disabled at (1084): [] smp_call_function_many_cond+0xa44/0xeac [ 93.487821][ T5259] softirqs last enabled at (874): [] local_bh_enable+0x10/0x34 [ 93.489190][ T5259] softirqs last disabled at (872): [] local_bh_disable+0x10/0x34 [ 93.490493][ T5259] ---[ end trace 337cf78d76a9fe2d ]--- [ 93.593864][ T5261] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.595046][ T5261] Bad inode number on dev loop0: 2 is out of range [ 93.596033][ T5261] SysV FS: get root inode failed [ 93.596720][ T5261] oldfs: cannot read superblock [ 93.604493][ T4880] ------------[ cut here ]------------ [ 93.605440][ T4880] VFS: brelse: Trying to free free buffer [ 93.606368][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.607815][ T4880] Modules linked in: [ 93.608423][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 93.609614][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.611124][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.612305][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 93.613046][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 93.613823][ T4880] sp : ffff80001f6d77c0 [ 93.614414][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 93.615639][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 93.616766][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcac56b8 [ 93.617935][ T4880] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 93.619038][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.620182][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 93.621376][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 93.622557][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.623824][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.624991][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 93.626206][ T4880] Call trace: [ 93.626681][ T4880] invalidate_bh_lru+0x128/0x22c [ 93.627423][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 93.628283][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 93.628996][ T4880] invalidate_bh_lrus+0x34/0x40 [ 93.629747][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 93.630530][ T4880] blkdev_put+0x490/0x6ac [ 93.631182][ T4880] blkdev_close+0x74/0xb0 [ 93.631843][ T4880] __fput+0x1c0/0x7e8 [ 93.632475][ T4880] ____fput+0x20/0x30 [ 93.633091][ T4880] task_work_run+0x12c/0x1d8 [ 93.633786][ T4880] do_notify_resume+0x2450/0x309c [ 93.634496][ T4880] el0_svc+0xf0/0x1d0 [ 93.635130][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 93.635880][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 93.636565][ T4880] irq event stamp: 488024 [ 93.637245][ T4880] hardirqs last enabled at (488023): [] kasan_quarantine_put+0xc4/0x200 [ 93.638691][ T4880] hardirqs last disabled at (488024): [] smp_call_function_many_cond+0xa44/0xeac [ 93.640325][ T4880] softirqs last enabled at (487732): [] local_bh_enable+0x10/0x34 [ 93.641760][ T4880] softirqs last disabled at (487730): [] local_bh_disable+0x10/0x34 [ 93.643111][ T4880] ---[ end trace 337cf78d76a9fe2e ]--- [ 93.705822][ T5263] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.707184][ T5263] Bad inode number on dev loop0: 2 is out of range [ 93.708241][ T5263] SysV FS: get root inode failed [ 93.709017][ T5263] oldfs: cannot read superblock [ 93.714277][ T4880] ------------[ cut here ]------------ [ 93.715101][ T4880] VFS: brelse: Trying to free free buffer [ 93.715980][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.717252][ T4880] Modules linked in: [ 93.717790][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 93.719059][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.720519][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.721685][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 93.722430][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 93.723220][ T4880] sp : ffff80001f6d77c0 [ 93.723816][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 93.725000][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 93.726194][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcabd888 [ 93.727316][ T4880] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 93.728485][ T4880] x17: 0000000000000000 x16: ffff800008304ad4 x15: 00000000ffffffff [ 93.729701][ T4880] x14: 0000000000000001 x13: 1ffff00003edae18 x12: 0000000000ff0100 [ 93.730858][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 93.732047][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.733264][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008304be4 [ 93.734475][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 93.735675][ T4880] Call trace: [ 93.736188][ T4880] invalidate_bh_lru+0x128/0x22c [ 93.736905][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 93.737767][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 93.738539][ T4880] invalidate_bh_lrus+0x34/0x40 [ 93.739298][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 93.740082][ T4880] blkdev_put+0x490/0x6ac [ 93.740724][ T4880] blkdev_close+0x74/0xb0 [ 93.741349][ T4880] __fput+0x1c0/0x7e8 [ 93.741941][ T4880] ____fput+0x20/0x30 [ 93.742525][ T4880] task_work_run+0x12c/0x1d8 [ 93.743184][ T4880] do_notify_resume+0x2450/0x309c [ 93.743898][ T4880] el0_svc+0xf0/0x1d0 [ 93.744498][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 93.745265][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 93.745948][ T4880] irq event stamp: 494410 [ 93.746548][ T4880] hardirqs last enabled at (494409): [] kasan_quarantine_put+0xc4/0x200 [ 93.747984][ T4880] hardirqs last disabled at (494410): [] smp_call_function_many_cond+0xa44/0xeac [ 93.749545][ T4880] softirqs last enabled at (494154): [] local_bh_enable+0x10/0x34 [ 93.750872][ T4880] softirqs last disabled at (494152): [] local_bh_disable+0x10/0x34 [ 93.752224][ T4880] ---[ end trace 337cf78d76a9fe2f ]--- [ 93.791553][ T5265] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.792786][ T5265] Bad inode number on dev loop0: 2 is out of range [ 93.793796][ T5265] SysV FS: get root inode failed [ 93.794557][ T5265] oldfs: cannot read superblock [ 93.800860][ T4880] ------------[ cut here ]------------ [ 93.801834][ T4880] VFS: brelse: Trying to free free buffer [ 93.802731][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.804093][ T4880] Modules linked in: [ 93.804700][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 93.805946][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.807434][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.808606][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 93.809340][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 93.810071][ T4880] sp : ffff80001f6d77c0 [ 93.810694][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 93.811852][ T4880] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 93.813054][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcabdc28 [ 93.814282][ T4880] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 93.815463][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.816652][ T4880] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 93.817835][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 93.819005][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.820198][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.821405][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 93.822670][ T4880] Call trace: [ 93.823158][ T4880] invalidate_bh_lru+0x128/0x22c [ 93.823919][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 93.824782][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 93.825587][ T4880] invalidate_bh_lrus+0x34/0x40 [ 93.826354][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 93.827158][ T4880] blkdev_put+0x490/0x6ac [ 93.827797][ T4880] blkdev_close+0x74/0xb0 [ 93.828434][ T4880] __fput+0x1c0/0x7e8 [ 93.829016][ T4880] ____fput+0x20/0x30 [ 93.829591][ T4880] task_work_run+0x12c/0x1d8 [ 93.830247][ T4880] do_notify_resume+0x2450/0x309c [ 93.830960][ T4880] el0_svc+0xf0/0x1d0 [ 93.831527][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 93.832231][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 93.832873][ T4880] irq event stamp: 500826 [ 93.833478][ T4880] hardirqs last enabled at (500825): [] kasan_quarantine_put+0xc4/0x200 [ 93.834905][ T4880] hardirqs last disabled at (500826): [] smp_call_function_many_cond+0xa44/0xeac [ 93.836507][ T4880] softirqs last enabled at (500558): [] local_bh_enable+0x10/0x34 [ 93.837886][ T4880] softirqs last disabled at (500556): [] local_bh_disable+0x10/0x34 [ 93.839324][ T4880] ---[ end trace 337cf78d76a9fe30 ]--- [ 93.868252][ T5267] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 93.869706][ T5267] Bad inode number on dev loop0: 2 is out of range [ 93.870755][ T5267] SysV FS: get root inode failed [ 93.871428][ T5267] oldfs: cannot read superblock [ 93.879846][ C1] ------------[ cut here ]------------ [ 93.880650][ C1] VFS: brelse: Trying to free free buffer [ 93.881531][ C1] WARNING: CPU: 1 PID: 5268 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 93.882756][ C1] Modules linked in: [ 93.883311][ C1] CPU: 1 PID: 5268 Comm: syz-executor Tainted: G W syzkaller #0 [ 93.884596][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 93.886100][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.887290][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 93.888106][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 93.888931][ C1] sp : ffff800008017de0 [ 93.889534][ C1] x29: ffff800008017de0 x28: ffff0000d47eb680 x27: 1fffe000341f665c [ 93.890714][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 93.891894][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e71c9ee0 [ 93.893103][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 93.894350][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 93.895608][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 93.896853][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a95c79d7d9763600 [ 93.898001][ C1] x8 : a95c79d7d9763600 x7 : 0000000000000001 x6 : 0000000000000001 [ 93.899308][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 93.900558][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 93.901890][ C1] Call trace: [ 93.902346][ C1] invalidate_bh_lru+0x128/0x22c [ 93.903041][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 93.903911][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 93.904939][ C1] ipi_handler+0x10c/0x6fc [ 93.905621][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 93.906490][ C1] handle_domain_irq+0x144/0x1fc [ 93.907218][ C1] gic_handle_irq+0x78/0x1b8 [ 93.907914][ C1] call_on_irq_stack+0x30/0x48 [ 93.908650][ C1] do_interrupt_handler+0x6c/0x88 [ 93.909425][ C1] el0_interrupt+0x94/0x248 [ 93.910126][ C1] __el0_irq_handler_common+0x18/0x24 [ 93.910908][ C1] el0t_64_irq_handler+0x10/0x1c [ 93.911666][ C1] el0t_64_irq+0x1a0/0x1a4 [ 93.912305][ C1] irq event stamp: 990 [ 93.912918][ C1] hardirqs last enabled at (989): [] el0t_64_sync_handler+0xcc/0xe4 [ 93.914370][ C1] hardirqs last disabled at (990): [] __el0_irq_handler_common+0x18/0x24 [ 93.915786][ C1] softirqs last enabled at (892): [] local_bh_enable+0x10/0x34 [ 93.917164][ C1] softirqs last disabled at (890): [] local_bh_disable+0x10/0x34 [ 93.918583][ C1] ---[ end trace 337cf78d76a9fe31 ]--- [ 94.008566][ T5269] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 94.009732][ T5269] Bad inode number on dev loop0: 2 is out of range [ 94.010685][ T5269] SysV FS: get root inode failed [ 94.011535][ T5269] oldfs: cannot read superblock [ 94.018471][ C0] ------------[ cut here ]------------ [ 94.019450][ C0] VFS: brelse: Trying to free free buffer [ 94.020328][ C0] WARNING: CPU: 0 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 94.021579][ C0] Modules linked in: [ 94.022186][ C0] CPU: 0 PID: 4940 Comm: syz-executor Tainted: G W syzkaller #0 [ 94.023440][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 94.024941][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.026198][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 94.027086][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 94.027897][ C0] sp : ffff800008007de0 [ 94.028498][ C0] x29: ffff800008007de0 x28: ffff0000cec31b40 x27: 1fffe000341f245b [ 94.029711][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 94.031001][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcac5a58 [ 94.032280][ C0] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000010204 [ 94.033510][ C0] x17: 0000000000010204 x16: ffff800011254fd8 x15: 00000000ffffffff [ 94.034793][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 94.036084][ C0] x11: 0000000000010203 x10: 0000000000010203 x9 : 4492d4acac152100 [ 94.037303][ C0] x8 : 4492d4acac152100 x7 : 0000000000000001 x6 : 0000000000000001 [ 94.038491][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 94.039730][ C0] x2 : 0000000000000001 x1 : 0000000100010203 x0 : 0000000000000027 [ 94.040904][ C0] Call trace: [ 94.041381][ C0] invalidate_bh_lru+0x128/0x22c [ 94.042074][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 94.042924][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 94.043911][ C0] ipi_handler+0x10c/0x6fc [ 94.044562][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 94.045397][ C0] handle_domain_irq+0x144/0x1fc [ 94.046075][ C0] gic_handle_irq+0x78/0x1b8 [ 94.046735][ C0] call_on_irq_stack+0x30/0x48 [ 94.047455][ C0] do_interrupt_handler+0x6c/0x88 [ 94.048189][ C0] el1_interrupt+0x30/0x58 [ 94.048804][ C0] el1h_64_irq_handler+0x18/0x24 [ 94.049547][ C0] el1h_64_irq+0x78/0x7c [ 94.050129][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 94.051015][ C0] skb_queue_purge+0x17c/0x1a0 [ 94.051712][ C0] sk_stream_kill_queues+0x158/0x2a0 [ 94.052542][ C0] inet_csk_destroy_sock+0x150/0x3f8 [ 94.053324][ C0] __tcp_close+0xc94/0x1020 [ 94.053967][ C0] tcp_close+0x38/0x150 [ 94.054504][ C0] inet_release+0x120/0x16c [ 94.055177][ C0] inet6_release+0x5c/0x78 [ 94.055865][ C0] sock_close+0xb4/0x1f8 [ 94.056477][ C0] __fput+0x1c0/0x7e8 [ 94.057064][ C0] ____fput+0x20/0x30 [ 94.057652][ C0] task_work_run+0x12c/0x1d8 [ 94.058315][ C0] do_notify_resume+0x2450/0x309c [ 94.059074][ C0] el0_svc+0xf0/0x1d0 [ 94.059691][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 94.060470][ C0] el0t_64_sync+0x1a0/0x1a4 [ 94.061152][ C0] irq event stamp: 473593 [ 94.061816][ C0] hardirqs last enabled at (473592): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 94.063281][ C0] hardirqs last disabled at (473593): [] enter_el1_irq_or_nmi+0x10/0x1c [ 94.064782][ C0] softirqs last enabled at (473582): [] __tcp_close+0x748/0x1020 [ 94.066116][ C0] softirqs last disabled at (473584): [] local_bh_disable+0x10/0x34 [ 94.067600][ C0] ---[ end trace 337cf78d76a9fe32 ]--- [ 94.164837][ T5271] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 94.166395][ T5271] Bad inode number on dev loop0: 2 is out of range [ 94.167793][ T5271] SysV FS: get root inode failed [ 94.168522][ T5271] oldfs: cannot read superblock [ 94.177685][ T4880] ------------[ cut here ]------------ [ 94.178599][ T4880] VFS: brelse: Trying to free free buffer [ 94.179516][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 94.180879][ T4880] Modules linked in: [ 94.181468][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 94.182721][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 94.184259][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.185468][ T4880] pc : invalidate_bh_lru+0x128/0x22c [ 94.186250][ T4880] lr : invalidate_bh_lru+0x128/0x22c [ 94.187021][ T4880] sp : ffff80001f6d77c0 [ 94.187625][ T4880] x29: ffff80001f6d77c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 94.188783][ T4880] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 94.190031][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcac5df8 [ 94.191199][ T4880] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 94.192434][ T4880] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 94.193554][ T4880] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 94.194716][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : 51fe4b9253011e00 [ 94.195925][ T4880] x8 : 51fe4b9253011e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 94.197122][ T4880] x5 : ffff80001f6d70d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 94.198385][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 94.199650][ T4880] Call trace: [ 94.200109][ T4880] invalidate_bh_lru+0x128/0x22c [ 94.200842][ T4880] smp_call_function_many_cond+0xa50/0xeac [ 94.201709][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 94.202448][ T4880] invalidate_bh_lrus+0x34/0x40 [ 94.203188][ T4880] blkdev_flush_mapping+0x16c/0x334 [ 94.203985][ T4880] blkdev_put+0x490/0x6ac [ 94.204571][ T4880] blkdev_close+0x74/0xb0 [ 94.205237][ T4880] __fput+0x1c0/0x7e8 [ 94.205827][ T4880] ____fput+0x20/0x30 [ 94.206444][ T4880] task_work_run+0x12c/0x1d8 [ 94.207153][ T4880] do_notify_resume+0x2450/0x309c [ 94.207870][ T4880] el0_svc+0xf0/0x1d0 [ 94.208412][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 94.209134][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 94.209830][ T4880] irq event stamp: 514840 [ 94.210470][ T4880] hardirqs last enabled at (514839): [] kasan_quarantine_put+0xc4/0x200 [ 94.211957][ T4880] hardirqs last disabled at (514840): [] smp_call_function_many_cond+0xa44/0xeac [ 94.213555][ T4880] softirqs last enabled at (514578): [] local_bh_enable+0x10/0x34 [ 94.214980][ T4880] softirqs last disabled at (514576): [] local_bh_disable+0x10/0x34