Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts. 1970/01/01 00:01:02 parsed 1 programs [ 64.152604][ T4387] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 65.473283][ T4511] chnl_net:caif_netlink_parms(): no params data found [ 65.490678][ T4511] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.491822][ T4511] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.493357][ T4511] device bridge_slave_0 entered promiscuous mode [ 65.495402][ T4511] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.496534][ T4511] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.498085][ T4511] device bridge_slave_1 entered promiscuous mode [ 65.506326][ T4511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.508822][ T4511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.516449][ T4511] team0: Port device team_slave_0 added [ 65.518735][ T4511] team0: Port device team_slave_1 added [ 65.525009][ T4511] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.526448][ T4511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.531429][ T4511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.534927][ T4511] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.535984][ T4511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.540455][ T4511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.601641][ T4511] device hsr_slave_0 entered promiscuous mode [ 65.650697][ T4511] device hsr_slave_1 entered promiscuous mode [ 66.285676][ T4511] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.323130][ T4511] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.362328][ T4511] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.391872][ T4511] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.429808][ T4511] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.431277][ T4511] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.432490][ T4511] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.433797][ T4511] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.451084][ T4511] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.485709][ T4511] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.491657][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.493300][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.494932][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 66.497029][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 66.508635][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 66.510374][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 66.516881][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 66.523151][ T4511] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 66.524747][ T4511] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.526969][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.528484][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 66.530332][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.534567][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 66.536161][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 66.538108][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 66.539731][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.544618][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 66.610100][ T4511] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.612318][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 66.613635][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 66.619579][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 66.621155][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 66.632265][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 66.634162][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 66.635720][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 66.637009][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 66.639559][ T4511] device veth0_vlan entered promiscuous mode [ 66.644586][ T4511] device veth1_vlan entered promiscuous mode [ 66.652470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 66.654013][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 66.655407][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 66.656953][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 66.659805][ T4511] device veth0_macvtap entered promiscuous mode [ 66.670983][ T4511] device veth1_macvtap entered promiscuous mode [ 66.687636][ T4511] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.688907][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 66.690412][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 66.692296][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 66.693907][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.697651][ T4511] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.701891][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 66.703491][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.705606][ T4511] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.706909][ T4511] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.708240][ T4511] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.709582][ T4511] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.425765][ T148] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.597243][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.598634][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.600185][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.608424][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.609728][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.611793][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:07 executed programs: 0 [ 67.874096][ T4794] chnl_net:caif_netlink_parms(): no params data found [ 67.892511][ T4794] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.893853][ T4794] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.895486][ T4794] device bridge_slave_0 entered promiscuous mode [ 67.897511][ T4794] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.898722][ T4794] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.900205][ T4794] device bridge_slave_1 entered promiscuous mode [ 67.909527][ T4794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.912528][ T4794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.921799][ T4794] team0: Port device team_slave_0 added [ 67.923616][ T4794] team0: Port device team_slave_1 added [ 67.929899][ T4794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.931126][ T4794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.935505][ T4794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.938064][ T4794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.939131][ T4794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.944883][ T4794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.002180][ T4794] device hsr_slave_0 entered promiscuous mode [ 68.040877][ T4794] device hsr_slave_1 entered promiscuous mode [ 68.060905][ T4794] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.062094][ T4794] Cannot create hsr debugfs directory [ 69.621836][ T2064] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.623356][ T2064] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.625199][ T1539] cfg80211: failed to load regulatory.db [ 69.860624][ T1539] Bluetooth: hci0: command 0x0409 tx timeout [ 70.233575][ T148] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.950539][ T4066] Bluetooth: hci0: command 0x041b tx timeout [ 72.243343][ T148] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.285131][ T148] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.315476][ T4794] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.363459][ T4794] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.411973][ T4794] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.471605][ T4794] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.552333][ T4794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.555930][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 73.557472][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 73.560809][ T4794] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.563255][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 73.564930][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 73.566543][ T1710] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.567694][ T1710] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.569099][ T1710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.573977][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 73.575600][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 73.577048][ T344] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.578224][ T344] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.581099][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 73.583803][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 73.586728][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 73.588827][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 73.590450][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 73.593364][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 73.594890][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 73.597573][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 73.599074][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 73.602245][ T4794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.604453][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 73.606938][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 73.608573][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 73.644203][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 73.645674][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 73.649002][ T4794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.655513][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.657267][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.663308][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.664974][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.666654][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 73.668168][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 73.670735][ T4794] device veth0_vlan entered promiscuous mode [ 73.674302][ T4794] device veth1_vlan entered promiscuous mode [ 73.682547][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 73.684351][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 73.685801][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.687395][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.690157][ T4794] device veth0_macvtap entered promiscuous mode [ 73.693098][ T4794] device veth1_macvtap entered promiscuous mode [ 73.698194][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.699881][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.702382][ T4794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.703679][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 73.705225][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 73.706726][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 73.708333][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 73.710938][ T4794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.712576][ T4794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.714648][ T4794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.715904][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 73.717536][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 73.720121][ T4794] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.721568][ T4794] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.723009][ T4794] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.724452][ T4794] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.744632][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.746788][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.748206][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 73.755477][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.756885][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.758488][ T344] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:13 executed programs: 2 [ 73.786754][ T4957] loop0: detected capacity change from 0 to 128 [ 73.803594][ T4957] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.804928][ T4957] Bad inode number on dev loop0: 2 is out of range [ 73.806000][ T4957] SysV FS: get root inode failed [ 73.806792][ T4957] oldfs: cannot read superblock [ 73.826282][ C1] ------------[ cut here ]------------ [ 73.827267][ C1] VFS: brelse: Trying to free free buffer [ 73.828292][ C1] WARNING: CPU: 1 PID: 4961 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.829691][ C1] Modules linked in: [ 73.830331][ C1] CPU: 1 PID: 4961 Comm: syz.0.17 Not tainted syzkaller #0 [ 73.831505][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 73.833187][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.834558][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 73.835461][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 73.836442][ C1] sp : ffff800008017de0 [ 73.837141][ C1] x29: ffff800008017de0 x28: ffff0000cd203680 x27: 1fffe000341f645c [ 73.838527][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 73.839785][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedaa230 [ 73.841257][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 73.842650][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 73.844007][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 73.845425][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 1a1409afea91c500 [ 73.846709][ C1] x8 : 1a1409afea91c500 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.848063][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 73.849462][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.850787][ C1] Call trace: [ 73.851369][ C1] invalidate_bh_lru+0x128/0x22c [ 73.852243][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.853261][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.854505][ C1] ipi_handler+0x10c/0x6fc [ 73.855229][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 73.856076][ C1] handle_domain_irq+0x144/0x1fc [ 73.856948][ C1] gic_handle_irq+0x78/0x1b8 [ 73.857678][ C1] call_on_irq_stack+0x30/0x48 [ 73.858478][ C1] do_interrupt_handler+0x6c/0x88 [ 73.859365][ C1] el1_interrupt+0x30/0x58 [ 73.860146][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.860976][ C1] el1h_64_irq+0x78/0x7c [ 73.861670][ C1] seqcount_lockdep_reader_access+0x15c/0x22c [ 73.862650][ C1] bad_range+0xa0/0x2a0 [ 73.863317][ C1] get_page_from_freelist+0x2910/0x2a68 [ 73.864256][ C1] __alloc_pages+0x1a0/0x470 [ 73.865081][ C1] alloc_pages_vma+0x284/0x790 [ 73.865815][ C1] shmem_alloc_and_acct_page+0x3e0/0xb48 [ 73.866620][ C1] shmem_getpage_gfp+0x1038/0x1f10 [ 73.867355][ C1] shmem_write_begin+0xe0/0x29c [ 73.868071][ C1] generic_perform_write+0x208/0x488 [ 73.868897][ C1] __generic_file_write_iter+0x23c/0x454 [ 73.869815][ C1] generic_file_write_iter+0xb0/0x1b4 [ 73.870670][ C1] vfs_write+0x590/0xa60 [ 73.871294][ C1] ksys_write+0x12c/0x224 [ 73.871930][ C1] __arm64_sys_write+0x7c/0x90 [ 73.872644][ C1] invoke_syscall+0x98/0x2b0 [ 73.873409][ C1] el0_svc_common+0x138/0x258 [ 73.874102][ C1] do_el0_svc+0x58/0x13c [ 73.874787][ C1] el0_svc+0x78/0x1d0 [ 73.875390][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.876195][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.876929][ C1] irq event stamp: 414 [ 73.877561][ C1] hardirqs last enabled at (413): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 73.879179][ C1] hardirqs last disabled at (414): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.880737][ C1] softirqs last enabled at (92): [] local_bh_enable+0x10/0x34 [ 73.882315][ C1] softirqs last disabled at (90): [] local_bh_disable+0x10/0x34 [ 73.883866][ C1] ---[ end trace ef99201762a031bf ]--- [ 73.934554][ T4961] loop0: detected capacity change from 0 to 128 [ 73.937498][ T4961] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.938756][ T4961] Bad inode number on dev loop0: 2 is out of range [ 73.939883][ T4961] SysV FS: get root inode failed [ 73.942368][ T4961] oldfs: cannot read superblock [ 73.949426][ C1] ------------[ cut here ]------------ [ 73.950296][ C1] VFS: brelse: Trying to free free buffer [ 73.951351][ C1] WARNING: CPU: 1 PID: 4962 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.952845][ C1] Modules linked in: [ 73.953569][ C1] CPU: 1 PID: 4962 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.955245][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 73.957013][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.958433][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 73.959316][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 73.960211][ C1] sp : ffff800008017de0 [ 73.960904][ C1] x29: ffff800008017de0 x28: ffff0000d0b59b40 x27: 1fffe000341f645c [ 73.962253][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 73.963637][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedaa5d0 [ 73.964920][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 73.966168][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 73.967528][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 73.968921][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 0b7b6cd96cba5400 [ 73.970321][ C1] x8 : 0b7b6cd96cba5400 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.971701][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 73.973090][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 73.974469][ C1] Call trace: [ 73.975006][ C1] invalidate_bh_lru+0x128/0x22c [ 73.975856][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.976884][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.978130][ C1] ipi_handler+0x10c/0x6fc [ 73.978899][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 73.979741][ C1] handle_domain_irq+0x144/0x1fc [ 73.980532][ C1] gic_handle_irq+0x78/0x1b8 [ 73.981264][ C1] call_on_irq_stack+0x30/0x48 [ 73.982070][ C1] do_interrupt_handler+0x6c/0x88 [ 73.982951][ C1] el1_interrupt+0x30/0x58 [ 73.983728][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.984514][ C1] el1h_64_irq+0x78/0x7c [ 73.985172][ C1] ___slab_alloc+0x2e4/0xd8c [ 73.985953][ C1] __slab_alloc+0x68/0xc0 [ 73.986711][ C1] __kmalloc+0x2e4/0x43c [ 73.987514][ C1] tomoyo_encode+0x26c/0x49c [ 73.988310][ C1] tomoyo_realpath_from_path+0x4bc/0x510 [ 73.989240][ C1] tomoyo_check_open_permission+0x19c/0x35c [ 73.990236][ C1] tomoyo_file_open+0x130/0x1a8 [ 73.990917][ C1] security_file_open+0x6c/0xac [ 73.991754][ C1] do_dentry_open+0x29c/0xe9c [ 73.992533][ C1] vfs_open+0x7c/0x90 [ 73.993161][ C1] path_openat+0x1fc4/0x2718 [ 73.993892][ C1] do_filp_open+0x184/0x368 [ 73.994714][ C1] do_sys_openat2+0x134/0x3f4 [ 73.995444][ C1] __arm64_sys_openat+0x118/0x14c [ 73.996214][ C1] invoke_syscall+0x98/0x2b0 [ 73.996910][ C1] el0_svc_common+0x138/0x258 [ 73.997679][ C1] do_el0_svc+0x58/0x13c [ 73.998400][ C1] el0_svc+0x78/0x1d0 [ 73.998995][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.999662][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.000261][ C1] irq event stamp: 1118 [ 74.000809][ C1] hardirqs last enabled at (1117): [] ___slab_alloc+0x2d4/0xd8c [ 74.002047][ C1] hardirqs last disabled at (1118): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.003352][ C1] softirqs last enabled at (730): [] local_bh_enable+0x10/0x34 [ 74.004644][ C1] softirqs last disabled at (728): [] local_bh_disable+0x10/0x34 [ 74.006007][ C1] ---[ end trace ef99201762a031c0 ]--- [ 74.030618][ T4117] Bluetooth: hci0: command 0x040f tx timeout [ 74.035732][ T4963] loop0: detected capacity change from 0 to 128 [ 74.038278][ T4963] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.039411][ T4963] Bad inode number on dev loop0: 2 is out of range [ 74.041216][ T4963] SysV FS: get root inode failed [ 74.042090][ T4963] oldfs: cannot read superblock [ 74.051749][ C1] ------------[ cut here ]------------ [ 74.052675][ C1] VFS: brelse: Trying to free free buffer [ 74.053730][ C1] WARNING: CPU: 1 PID: 1710 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.055134][ C1] Modules linked in: [ 74.055750][ C1] CPU: 1 PID: 1710 Comm: kworker/u4:6 Tainted: G W syzkaller #0 [ 74.057279][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.058910][ C1] Workqueue: bat_events batadv_nc_worker [ 74.059763][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.060894][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 74.061709][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 74.062478][ C1] sp : ffff800008017de0 [ 74.063074][ C1] x29: ffff800008017de0 x28: ffff0000cd629b40 x27: 1fffe000341f645b [ 74.064360][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 74.065633][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedaa970 [ 74.066961][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.068248][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.069544][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.070744][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 1aea719a81b49800 [ 74.071920][ C1] x8 : 1aea719a81b49800 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.073083][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.074308][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.075438][ C1] Call trace: [ 74.075925][ C1] invalidate_bh_lru+0x128/0x22c [ 74.076656][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.077544][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.078586][ C1] ipi_handler+0x10c/0x6fc [ 74.079277][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 74.080222][ C1] handle_domain_irq+0x144/0x1fc [ 74.081056][ C1] gic_handle_irq+0x78/0x1b8 [ 74.081770][ C1] call_on_irq_stack+0x30/0x48 [ 74.082632][ C1] do_interrupt_handler+0x6c/0x88 [ 74.083449][ C1] el1_interrupt+0x30/0x58 [ 74.084193][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.085013][ C1] el1h_64_irq+0x78/0x7c [ 74.085787][ C1] __local_bh_enable_ip+0x200/0x37c [ 74.086650][ C1] _raw_spin_unlock_bh+0xec/0x174 [ 74.087516][ C1] batadv_nc_purge_paths+0x300/0x388 [ 74.088367][ C1] batadv_nc_worker+0x300/0x554 [ 74.089224][ C1] process_one_work+0x79c/0x1138 [ 74.090086][ C1] worker_thread+0x8f4/0x1034 [ 74.090947][ C1] kthread+0x374/0x454 [ 74.091597][ C1] ret_from_fork+0x10/0x20 [ 74.092405][ C1] irq event stamp: 1504638 [ 74.093242][ C1] hardirqs last enabled at (1504637): [] __local_bh_enable_ip+0x1f8/0x37c [ 74.094999][ C1] hardirqs last disabled at (1504638): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.096750][ C1] softirqs last enabled at (1504636): [] batadv_nc_purge_paths+0x300/0x388 [ 74.098525][ C1] softirqs last disabled at (1504634): [] batadv_nc_purge_paths+0xd0/0x388 [ 74.100238][ C1] ---[ end trace ef99201762a031c1 ]--- [ 74.143257][ T4965] loop0: detected capacity change from 0 to 128 [ 74.146179][ T4965] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.147369][ T4965] Bad inode number on dev loop0: 2 is out of range [ 74.148409][ T4965] SysV FS: get root inode failed [ 74.149263][ T4965] oldfs: cannot read superblock [ 74.164916][ C0] ------------[ cut here ]------------ [ 74.165833][ C0] VFS: brelse: Trying to free free buffer [ 74.166813][ C0] WARNING: CPU: 0 PID: 4387 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.168282][ C0] Modules linked in: [ 74.168943][ C0] CPU: 0 PID: 4387 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.170443][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.172211][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.173550][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.174502][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.175388][ C0] sp : ffff800008007de0 [ 74.176161][ C0] x29: ffff800008007de0 x28: ffff0000c2469b40 x27: 1fffe000341f225c [ 74.177492][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.178735][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0676400 [ 74.180072][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.181380][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.182698][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.184084][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : ea5cbb9fa7cb7000 [ 74.185511][ C0] x8 : ea5cbb9fa7cb7000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.186901][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.188253][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.189596][ C0] Call trace: [ 74.190089][ C0] invalidate_bh_lru+0x128/0x22c [ 74.190966][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.191998][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.193138][ C0] ipi_handler+0x10c/0x6fc [ 74.193890][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.194839][ C0] handle_domain_irq+0x144/0x1fc [ 74.195671][ C0] gic_handle_irq+0x78/0x1b8 [ 74.196445][ C0] call_on_irq_stack+0x30/0x48 [ 74.197237][ C0] do_interrupt_handler+0x6c/0x88 [ 74.198053][ C0] el1_interrupt+0x30/0x58 [ 74.198817][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.199603][ C0] el1h_64_irq+0x78/0x7c [ 74.200309][ C0] sock_poll+0xa8/0x33c [ 74.200962][ C0] do_select+0xd40/0x13b4 [ 74.201754][ C0] core_sys_select+0x58c/0x718 [ 74.202584][ C0] __arm64_sys_pselect6+0x4f4/0x5d4 [ 74.203465][ C0] invoke_syscall+0x98/0x2b0 [ 74.204224][ C0] el0_svc_common+0x138/0x258 [ 74.204961][ C0] do_el0_svc+0x58/0x13c [ 74.205762][ C0] el0_svc+0x78/0x1d0 [ 74.206453][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.207225][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.207966][ C0] irq event stamp: 593242 [ 74.208769][ C0] hardirqs last enabled at (593241): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 74.210419][ C0] hardirqs last disabled at (593242): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.212033][ C0] softirqs last enabled at (593206): [] release_sock+0x1d0/0x258 [ 74.213444][ C0] softirqs last disabled at (593204): [] release_sock+0x34/0x258 [ 74.214886][ C0] ---[ end trace ef99201762a031c2 ]--- [ 74.247136][ T4969] loop0: detected capacity change from 0 to 128 [ 74.250039][ T4969] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.251955][ T4969] Bad inode number on dev loop0: 2 is out of range [ 74.253009][ T4969] SysV FS: get root inode failed [ 74.253750][ T4969] oldfs: cannot read superblock [ 74.262914][ T4520] ------------[ cut here ]------------ [ 74.263888][ T4520] VFS: brelse: Trying to free free buffer [ 74.264796][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.266213][ T4520] Modules linked in: [ 74.266795][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 74.268171][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.269845][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.271082][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 74.271997][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 74.272946][ T4520] sp : ffff80001f6977c0 [ 74.273632][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 74.274961][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 74.276321][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedaad10 [ 74.277616][ T4520] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 74.278942][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.280282][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.281674][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 74.283137][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.284520][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.285885][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.287277][ T4520] Call trace: [ 74.287832][ T4520] invalidate_bh_lru+0x128/0x22c [ 74.288636][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 74.289579][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.290425][ T4520] invalidate_bh_lrus+0x34/0x40 [ 74.291279][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 74.292156][ T4520] blkdev_put+0x490/0x6ac [ 74.292882][ T4520] blkdev_close+0x74/0xb0 [ 74.293641][ T4520] __fput+0x1c0/0x7e8 [ 74.294314][ T4520] ____fput+0x20/0x30 [ 74.294991][ T4520] task_work_run+0x12c/0x1d8 [ 74.295728][ T4520] do_notify_resume+0x2450/0x309c [ 74.296608][ T4520] el0_svc+0xf0/0x1d0 [ 74.297317][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 74.298160][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 74.298934][ T4520] irq event stamp: 72298 [ 74.299642][ T4520] hardirqs last enabled at (72297): [] kasan_quarantine_put+0xc4/0x200 [ 74.301993][ T4520] hardirqs last disabled at (72298): [] smp_call_function_many_cond+0xa44/0xeac [ 74.303703][ T4520] softirqs last enabled at (72092): [] local_bh_enable+0x10/0x34 [ 74.305126][ T4520] softirqs last disabled at (72090): [] local_bh_disable+0x10/0x34 [ 74.306783][ T4520] ---[ end trace ef99201762a031c3 ]--- [ 74.326835][ T4971] loop0: detected capacity change from 0 to 128 [ 74.331801][ T4971] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.333117][ T4971] Bad inode number on dev loop0: 2 is out of range [ 74.334291][ T4971] SysV FS: get root inode failed [ 74.335164][ T4971] oldfs: cannot read superblock [ 74.341338][ C0] ------------[ cut here ]------------ [ 74.342239][ C0] VFS: brelse: Trying to free free buffer [ 74.343226][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.344620][ C0] Modules linked in: [ 74.345245][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.346740][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.348276][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.349475][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.350269][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.351089][ C0] sp : ffff800008007de0 [ 74.351820][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 74.353202][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.354634][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0676060 [ 74.355934][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 74.357349][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.358734][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.360005][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 74.361318][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.362536][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.363810][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 74.365223][ C0] Call trace: [ 74.365756][ C0] invalidate_bh_lru+0x128/0x22c [ 74.366572][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.367525][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.368715][ C0] ipi_handler+0x10c/0x6fc [ 74.369411][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.370270][ C0] handle_domain_irq+0x144/0x1fc [ 74.371078][ C0] gic_handle_irq+0x78/0x1b8 [ 74.371830][ C0] call_on_irq_stack+0x30/0x48 [ 74.372645][ C0] do_interrupt_handler+0x6c/0x88 [ 74.373478][ C0] el1_interrupt+0x30/0x58 [ 74.374169][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.374965][ C0] el1h_64_irq+0x78/0x7c [ 74.375657][ C0] __sanitizer_cov_trace_pc+0xc/0xac [ 74.376537][ C0] check_preemption_disabled+0x28/0x164 [ 74.377479][ C0] debug_smp_processor_id+0x20/0x2c [ 74.378363][ C0] rcu_is_watching+0x50/0x134 [ 74.379108][ C0] lock_acquire+0xc4/0x618 [ 74.379842][ C0] rcu_lock_acquire+0x38/0x44 [ 74.380621][ C0] slab_post_alloc_hook+0x1a8/0x3f8 [ 74.381432][ C0] kmem_cache_alloc+0x1d8/0x3d4 [ 74.382207][ C0] __d_alloc+0x3c/0x65c [ 74.382928][ C0] d_alloc_pseudo+0x28/0x8c [ 74.383650][ C0] alloc_file_pseudo+0xd8/0x1f4 [ 74.384418][ C0] sock_alloc_file+0xb4/0x22c [ 74.385184][ C0] __sys_socket+0x13c/0x18c [ 74.385893][ C0] __arm64_sys_socket+0x7c/0x94 [ 74.386661][ C0] invoke_syscall+0x98/0x2b0 [ 74.387347][ C0] el0_svc_common+0x138/0x258 [ 74.388126][ C0] do_el0_svc+0x58/0x13c [ 74.388790][ C0] el0_svc+0x78/0x1d0 [ 74.389298][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.390126][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.390865][ C0] irq event stamp: 139138 [ 74.391557][ C0] hardirqs last enabled at (139137): [] ___slab_alloc+0xc18/0xd8c [ 74.393122][ C0] hardirqs last disabled at (139138): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.394674][ C0] softirqs last enabled at (139106): [] release_sock+0x1d0/0x258 [ 74.396091][ C0] softirqs last disabled at (139104): [] release_sock+0x34/0x258 [ 74.397515][ C0] ---[ end trace ef99201762a031c4 ]--- [ 74.433103][ T4973] loop0: detected capacity change from 0 to 128 [ 74.436249][ T4973] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.437441][ T4973] Bad inode number on dev loop0: 2 is out of range [ 74.438547][ T4973] SysV FS: get root inode failed [ 74.439265][ T4973] oldfs: cannot read superblock [ 74.457514][ C1] ------------[ cut here ]------------ [ 74.458478][ C1] VFS: brelse: Trying to free free buffer [ 74.459494][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.460958][ C1] Modules linked in: [ 74.461604][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.463047][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.464728][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.465945][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 74.466896][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 74.467779][ C1] sp : ffff800008017de0 [ 74.468505][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 74.469846][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 74.471238][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda6148 [ 74.472617][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.474043][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.475439][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 74.476858][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 74.478240][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.479495][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.480838][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.482217][ C1] Call trace: [ 74.482775][ C1] invalidate_bh_lru+0x128/0x22c [ 74.483677][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.484670][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.485859][ C1] ipi_handler+0x10c/0x6fc [ 74.486606][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 74.487533][ C1] handle_domain_irq+0x144/0x1fc [ 74.488343][ C1] gic_handle_irq+0x78/0x1b8 [ 74.489118][ C1] call_on_irq_stack+0x30/0x48 [ 74.489923][ C1] do_interrupt_handler+0x6c/0x88 [ 74.490843][ C1] el1_interrupt+0x30/0x58 [ 74.491579][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.492364][ C1] el1h_64_irq+0x78/0x7c [ 74.493080][ C1] kasan_quarantine_put+0xd4/0x200 [ 74.493864][ C1] ____kasan_slab_free+0x124/0x164 [ 74.494733][ C1] __kasan_slab_free+0x18/0x28 [ 74.495485][ C1] slab_free_freelist_hook+0x128/0x1e4 [ 74.496349][ C1] kmem_cache_free+0xdc/0x3b0 [ 74.497045][ C1] user_path_at_empty+0x144/0x1a0 [ 74.497773][ C1] vfs_statx+0xf8/0x490 [ 74.498389][ C1] __arm64_sys_newfstatat+0x124/0x1bc [ 74.499212][ C1] invoke_syscall+0x98/0x2b0 [ 74.499901][ C1] el0_svc_common+0x138/0x258 [ 74.500585][ C1] do_el0_svc+0x58/0x13c [ 74.501233][ C1] el0_svc+0x78/0x1d0 [ 74.501825][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.502567][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.503224][ C1] irq event stamp: 143990 [ 74.503933][ C1] hardirqs last enabled at (143989): [] kasan_quarantine_put+0xc4/0x200 [ 74.505656][ C1] hardirqs last disabled at (143990): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.507261][ C1] softirqs last enabled at (143972): [] local_bh_enable+0x10/0x34 [ 74.508835][ C1] softirqs last disabled at (143970): [] local_bh_disable+0x10/0x34 [ 74.510253][ C1] ---[ end trace ef99201762a031c5 ]--- [ 74.569717][ T4977] loop0: detected capacity change from 0 to 128 [ 74.612538][ T4977] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.613755][ T4977] Bad inode number on dev loop0: 2 is out of range [ 74.614827][ T4977] SysV FS: get root inode failed [ 74.615701][ T4977] oldfs: cannot read superblock [ 74.625398][ T4520] ------------[ cut here ]------------ [ 74.626306][ T4520] VFS: brelse: Trying to free free buffer [ 74.627254][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.628616][ T4520] Modules linked in: [ 74.629201][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 74.630556][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.632199][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.633578][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 74.634490][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 74.635378][ T4520] sp : ffff80001f6977c0 [ 74.636124][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 74.637456][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.638865][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0676c28 [ 74.640303][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 74.641663][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.643033][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.644398][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 74.645691][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.647189][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.648553][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.649960][ T4520] Call trace: [ 74.650535][ T4520] invalidate_bh_lru+0x128/0x22c [ 74.651381][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 74.652377][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.653259][ T4520] invalidate_bh_lrus+0x34/0x40 [ 74.654023][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 74.654872][ T4520] blkdev_put+0x490/0x6ac [ 74.655573][ T4520] blkdev_close+0x74/0xb0 [ 74.656197][ T4520] __fput+0x1c0/0x7e8 [ 74.656861][ T4520] ____fput+0x20/0x30 [ 74.657443][ T4520] task_work_run+0x12c/0x1d8 [ 74.658184][ T4520] do_notify_resume+0x2450/0x309c [ 74.659049][ T4520] el0_svc+0xf0/0x1d0 [ 74.659712][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 74.660552][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 74.661330][ T4520] irq event stamp: 86826 [ 74.662080][ T4520] hardirqs last enabled at (86825): [] kasan_quarantine_put+0xc4/0x200 [ 74.663685][ T4520] hardirqs last disabled at (86826): [] smp_call_function_many_cond+0xa44/0xeac [ 74.665367][ T4520] softirqs last enabled at (86626): [] local_bh_enable+0x10/0x34 [ 74.666926][ T4520] softirqs last disabled at (86624): [] local_bh_disable+0x10/0x34 [ 74.668512][ T4520] ---[ end trace ef99201762a031c6 ]--- [ 74.695299][ T4979] loop0: detected capacity change from 0 to 128 [ 74.801539][ T4979] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.802824][ T4979] Bad inode number on dev loop0: 2 is out of range [ 74.803969][ T4979] SysV FS: get root inode failed [ 74.804840][ T4979] oldfs: cannot read superblock [ 74.814709][ T4520] ------------[ cut here ]------------ [ 74.815590][ T4520] VFS: brelse: Trying to free free buffer [ 74.816574][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.818095][ T4520] Modules linked in: [ 74.818724][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 74.820198][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.821906][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.823170][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 74.824064][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 74.824846][ T4520] sp : ffff80001f6977c0 [ 74.825479][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 74.826835][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.828185][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedd9060 [ 74.829550][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 74.830920][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.832418][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.833728][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 74.835096][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.836472][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.837811][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.839220][ T4520] Call trace: [ 74.839830][ T4520] invalidate_bh_lru+0x128/0x22c [ 74.840712][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 74.841688][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.842615][ T4520] invalidate_bh_lrus+0x34/0x40 [ 74.843413][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 74.844267][ T4520] blkdev_put+0x490/0x6ac [ 74.844947][ T4520] blkdev_close+0x74/0xb0 [ 74.845620][ T4520] __fput+0x1c0/0x7e8 [ 74.846298][ T4520] ____fput+0x20/0x30 [ 74.846984][ T4520] task_work_run+0x12c/0x1d8 [ 74.847778][ T4520] do_notify_resume+0x2450/0x309c [ 74.848725][ T4520] el0_svc+0xf0/0x1d0 [ 74.849419][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 74.850362][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 74.851158][ T4520] irq event stamp: 90078 [ 74.851866][ T4520] hardirqs last enabled at (90077): [] kasan_quarantine_put+0xc4/0x200 [ 74.853569][ T4520] hardirqs last disabled at (90078): [] smp_call_function_many_cond+0xa44/0xeac [ 74.855350][ T4520] softirqs last enabled at (89860): [] local_bh_enable+0x10/0x34 [ 74.856910][ T4520] softirqs last disabled at (89858): [] local_bh_disable+0x10/0x34 [ 74.858452][ T4520] ---[ end trace ef99201762a031c7 ]--- [ 74.904030][ T4981] loop0: detected capacity change from 0 to 128 [ 74.911847][ T4981] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.913003][ T4981] Bad inode number on dev loop0: 2 is out of range [ 74.913957][ T4981] SysV FS: get root inode failed [ 74.914718][ T4981] oldfs: cannot read superblock [ 74.922623][ C0] ------------[ cut here ]------------ [ 74.923577][ C0] VFS: brelse: Trying to free free buffer [ 74.924552][ C0] WARNING: CPU: 0 PID: 4982 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.925935][ C0] Modules linked in: [ 74.926544][ C0] CPU: 0 PID: 4982 Comm: syz.0.28 Tainted: G W syzkaller #0 [ 74.927792][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 74.929385][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.930674][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.931532][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.932453][ C0] sp : ffff800008007de0 [ 74.933102][ C0] x29: ffff800008007de0 x28: ffff0000d95b1b40 x27: 1fffe000341f225c [ 74.934489][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 74.935879][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31104e8 [ 74.937193][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 74.938526][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 74.939939][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 74.941349][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 1ce21734d6421200 [ 74.942712][ C0] x8 : 1ce21734d6421200 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.944134][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 74.945406][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.946799][ C0] Call trace: [ 74.947370][ C0] invalidate_bh_lru+0x128/0x22c [ 74.948251][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.949263][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.950314][ C0] ipi_handler+0x10c/0x6fc [ 74.951062][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.951986][ C0] handle_domain_irq+0x144/0x1fc [ 74.952840][ C0] gic_handle_irq+0x78/0x1b8 [ 74.953624][ C0] call_on_irq_stack+0x30/0x48 [ 74.954456][ C0] do_interrupt_handler+0x6c/0x88 [ 74.955316][ C0] el1_interrupt+0x30/0x58 [ 74.956053][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.956904][ C0] el1h_64_irq+0x78/0x7c [ 74.957631][ C0] arch_local_irq_restore+0x8/0x10 [ 74.958506][ C0] ___might_sleep+0x48/0x4d4 [ 74.959232][ C0] __might_sleep+0x98/0x124 [ 74.959984][ C0] lock_page+0x38/0x124 [ 74.960649][ C0] __do_fault+0x2c8/0x5d0 [ 74.961389][ C0] handle_mm_fault+0x1bb0/0x2a28 [ 74.962199][ C0] do_page_fault+0x67c/0xab0 [ 74.962930][ C0] do_translation_fault+0xe0/0x130 [ 74.963729][ C0] do_mem_abort+0x6c/0x1ac [ 74.964427][ C0] el0_ia+0xe0/0x2b8 [ 74.965034][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 74.965868][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.966631][ C0] irq event stamp: 964 [ 74.967329][ C0] hardirqs last enabled at (963): [] count_memcg_event_mm+0x1b0/0x300 [ 74.968935][ C0] hardirqs last disabled at (964): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.970456][ C0] softirqs last enabled at (902): [] local_bh_enable+0x10/0x34 [ 74.971939][ C0] softirqs last disabled at (900): [] local_bh_disable+0x10/0x34 [ 74.973439][ C0] ---[ end trace ef99201762a031c8 ]--- [ 75.005354][ T4983] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.006746][ T4983] Bad inode number on dev loop0: 2 is out of range [ 75.007789][ T4983] SysV FS: get root inode failed [ 75.008586][ T4983] oldfs: cannot read superblock [ 75.013888][ C0] ------------[ cut here ]------------ [ 75.014687][ C0] VFS: brelse: Trying to free free buffer [ 75.015714][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.017017][ C0] Modules linked in: [ 75.017628][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.019152][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.020804][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.022170][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 75.023077][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 75.023970][ C0] sp : ffff800008007de0 [ 75.024619][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 75.025990][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 75.027369][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3110888 [ 75.028732][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 75.030193][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.031566][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 75.032917][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 75.034269][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.035657][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.037081][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.038405][ C0] Call trace: [ 75.038876][ C0] invalidate_bh_lru+0x128/0x22c [ 75.039678][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.040630][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.041694][ C0] ipi_handler+0x10c/0x6fc [ 75.042420][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 75.043432][ C0] handle_domain_irq+0x144/0x1fc [ 75.044268][ C0] gic_handle_irq+0x78/0x1b8 [ 75.045057][ C0] call_on_irq_stack+0x30/0x48 [ 75.045861][ C0] do_interrupt_handler+0x6c/0x88 [ 75.046771][ C0] el1_interrupt+0x30/0x58 [ 75.047538][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.048361][ C0] el1h_64_irq+0x78/0x7c [ 75.049033][ C0] lock_acquire+0x234/0x618 [ 75.049719][ C0] __mutex_lock_common+0x194/0x1f14 [ 75.050567][ C0] mutex_lock_nested+0xac/0x11c [ 75.051404][ C0] nf_getsockopt+0x4c/0x284 [ 75.052147][ C0] ipv6_getsockopt+0x588/0x2538 [ 75.052966][ C0] tcp_getsockopt+0x210/0x2eec [ 75.053856][ C0] sock_common_getsockopt+0xa8/0xc4 [ 75.054822][ C0] __sys_getsockopt+0x1b8/0x250 [ 75.055680][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 75.056542][ C0] invoke_syscall+0x98/0x2b0 [ 75.057393][ C0] el0_svc_common+0x138/0x258 [ 75.058217][ C0] do_el0_svc+0x58/0x13c [ 75.058865][ C0] el0_svc+0x78/0x1d0 [ 75.059504][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 75.060323][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.061060][ C0] irq event stamp: 156964 [ 75.061855][ C0] hardirqs last enabled at (156963): [] el0_svc_common+0x9c/0x258 [ 75.063506][ C0] hardirqs last disabled at (156964): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.065151][ C0] softirqs last enabled at (156940): [] local_bh_enable+0x10/0x34 [ 75.066773][ C0] softirqs last disabled at (156938): [] local_bh_disable+0x10/0x34 [ 75.068299][ C0] ---[ end trace ef99201762a031c9 ]--- [ 75.182780][ T4985] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.184009][ T4985] Bad inode number on dev loop0: 2 is out of range [ 75.185232][ T4985] SysV FS: get root inode failed [ 75.186361][ T4985] oldfs: cannot read superblock [ 75.193310][ C1] ------------[ cut here ]------------ [ 75.194286][ C1] VFS: brelse: Trying to free free buffer [ 75.195232][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.196538][ C1] Modules linked in: [ 75.197198][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.198737][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.200501][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.201779][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.202624][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.203483][ C1] sp : ffff800008017de0 [ 75.204109][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 75.205495][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.206860][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda64e8 [ 75.208202][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 75.209641][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.211046][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.212363][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 75.213835][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.215155][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.216430][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.217841][ C1] Call trace: [ 75.218378][ C1] invalidate_bh_lru+0x128/0x22c [ 75.219228][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.220250][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.221456][ C1] ipi_handler+0x10c/0x6fc [ 75.222161][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.223118][ C1] handle_domain_irq+0x144/0x1fc [ 75.223995][ C1] gic_handle_irq+0x78/0x1b8 [ 75.224831][ C1] call_on_irq_stack+0x30/0x48 [ 75.225638][ C1] do_interrupt_handler+0x6c/0x88 [ 75.226502][ C1] el1_interrupt+0x30/0x58 [ 75.227230][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.228079][ C1] el1h_64_irq+0x78/0x7c [ 75.228709][ C1] stack_trace_consume_entry+0x38/0x208 [ 75.229534][ C1] arch_stack_walk+0x1f0/0x2bc [ 75.230260][ C1] stack_trace_save+0x9c/0xf0 [ 75.230944][ C1] __kasan_slab_alloc+0x8c/0xcc [ 75.231677][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 75.232420][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 75.233119][ C1] pte_alloc_one+0x78/0x254 [ 75.233784][ C1] __pte_alloc+0x34/0x214 [ 75.234411][ C1] copy_page_range+0x1e1c/0x2328 [ 75.235128][ C1] copy_mm+0x9d8/0x105c [ 75.235777][ C1] copy_process+0x1500/0x34c8 [ 75.236547][ C1] kernel_clone+0x1ec/0x9e8 [ 75.237297][ C1] __arm64_sys_clone+0x14c/0x1b8 [ 75.238144][ C1] invoke_syscall+0x98/0x2b0 [ 75.238889][ C1] el0_svc_common+0x138/0x258 [ 75.239630][ C1] do_el0_svc+0x58/0x13c [ 75.240349][ C1] el0_svc+0x78/0x1d0 [ 75.240954][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.241777][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.242467][ C1] irq event stamp: 160588 [ 75.243190][ C1] hardirqs last enabled at (160587): [] try_charge_memcg+0x1d4/0x11a0 [ 75.244872][ C1] hardirqs last disabled at (160588): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.246543][ C1] softirqs last enabled at (160456): [] local_bh_enable+0x10/0x34 [ 75.248119][ C1] softirqs last disabled at (160454): [] local_bh_disable+0x10/0x34 [ 75.249687][ C1] ---[ end trace ef99201762a031ca ]--- [ 75.311830][ T4987] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.313127][ T4987] Bad inode number on dev loop0: 2 is out of range [ 75.314257][ T4987] SysV FS: get root inode failed [ 75.315164][ T4987] oldfs: cannot read superblock [ 75.321505][ C0] ------------[ cut here ]------------ [ 75.322429][ C0] VFS: brelse: Trying to free free buffer [ 75.323366][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.324661][ C0] Modules linked in: [ 75.325232][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.326596][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.328178][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.329454][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 75.330279][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 75.331104][ C0] sp : ffff800008007de0 [ 75.331749][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 75.333049][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 75.334386][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31d9230 [ 75.335782][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 75.337254][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.338586][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 75.339923][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 75.341115][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.342358][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.343564][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.344902][ C0] Call trace: [ 75.345459][ C0] invalidate_bh_lru+0x128/0x22c [ 75.346303][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.347310][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.348491][ C0] ipi_handler+0x10c/0x6fc [ 75.349256][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 75.350244][ C0] handle_domain_irq+0x144/0x1fc [ 75.351090][ C0] gic_handle_irq+0x78/0x1b8 [ 75.351903][ C0] call_on_irq_stack+0x30/0x48 [ 75.352647][ C0] do_interrupt_handler+0x6c/0x88 [ 75.353491][ C0] el1_interrupt+0x30/0x58 [ 75.354198][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.354992][ C0] el1h_64_irq+0x78/0x7c [ 75.355648][ C0] seqcount_lockdep_reader_access+0x21c/0x2c0 [ 75.356619][ C0] ktime_get_with_offset+0x114/0x2f8 [ 75.357521][ C0] copy_process+0x23b0/0x34c8 [ 75.358272][ C0] kernel_clone+0x1ec/0x9e8 [ 75.359040][ C0] __arm64_sys_clone+0x14c/0x1b8 [ 75.359809][ C0] invoke_syscall+0x98/0x2b0 [ 75.360580][ C0] el0_svc_common+0x138/0x258 [ 75.361366][ C0] do_el0_svc+0x58/0x13c [ 75.362108][ C0] el0_svc+0x78/0x1d0 [ 75.362801][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 75.363738][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.364485][ C0] irq event stamp: 163064 [ 75.365200][ C0] hardirqs last enabled at (163063): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 75.367030][ C0] hardirqs last disabled at (163064): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.368713][ C0] softirqs last enabled at (162906): [] local_bh_enable+0x10/0x34 [ 75.370351][ C0] softirqs last disabled at (162904): [] local_bh_disable+0x10/0x34 [ 75.372001][ C0] ---[ end trace ef99201762a031cb ]--- [ 75.441723][ T4989] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.443000][ T4989] Bad inode number on dev loop0: 2 is out of range [ 75.443956][ T4989] SysV FS: get root inode failed [ 75.444697][ T4989] oldfs: cannot read superblock [ 75.474365][ C0] ------------[ cut here ]------------ [ 75.475250][ C0] VFS: brelse: Trying to free free buffer [ 75.476266][ C0] WARNING: CPU: 0 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.477655][ C0] Modules linked in: [ 75.478329][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W syzkaller #0 [ 75.479675][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.481373][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.482768][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 75.483697][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 75.484631][ C0] sp : ffff800008007de0 [ 75.485305][ C0] x29: ffff800008007de0 x28: ffff8000142c3740 x27: 1fffe000341f225c [ 75.486692][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 75.488160][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31d95d0 [ 75.489535][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 75.490914][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.492279][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 75.493489][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 8a07f6bfbcc94700 [ 75.494846][ C0] x8 : 8a07f6bfbcc94700 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.496206][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.497539][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.498746][ C0] Call trace: [ 75.499219][ C0] invalidate_bh_lru+0x128/0x22c [ 75.499999][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.501061][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.502207][ C0] ipi_handler+0x10c/0x6fc [ 75.502989][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 75.503928][ C0] handle_domain_irq+0x144/0x1fc [ 75.504710][ C0] gic_handle_irq+0x78/0x1b8 [ 75.505530][ C0] call_on_irq_stack+0x30/0x48 [ 75.506285][ C0] do_interrupt_handler+0x6c/0x88 [ 75.507114][ C0] el1_interrupt+0x30/0x58 [ 75.507831][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.508593][ C0] el1h_64_irq+0x78/0x7c [ 75.509387][ C0] arch_local_irq_enable+0xc/0x18 [ 75.510214][ C0] default_idle_call+0xcc/0x40c [ 75.511064][ C0] do_idle+0x2f8/0x56c [ 75.511741][ C0] cpu_startup_entry+0x24/0x28 [ 75.512513][ C0] rest_init+0x360/0x390 [ 75.513231][ C0] arch_call_rest_init+0x14/0x20 [ 75.514156][ C0] start_kernel+0x484/0x530 [ 75.514859][ C0] __primary_switched+0xa8/0xb0 [ 75.515639][ C0] irq event stamp: 443798 [ 75.516285][ C0] hardirqs last enabled at (443797): [] default_idle_call+0xb8/0x40c [ 75.517940][ C0] hardirqs last disabled at (443798): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.519564][ C0] softirqs last enabled at (443698): [] handle_softirqs+0xa40/0xbe4 [ 75.521197][ C0] softirqs last disabled at (443677): [] __irq_exit_rcu+0x240/0x43c [ 75.522773][ C0] ---[ end trace ef99201762a031cc ]--- [ 75.565476][ T4996] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.566758][ T4996] Bad inode number on dev loop0: 2 is out of range [ 75.567860][ T4996] SysV FS: get root inode failed [ 75.568709][ T4996] oldfs: cannot read superblock [ 75.578979][ T4520] ------------[ cut here ]------------ [ 75.579848][ T4520] VFS: brelse: Trying to free free buffer [ 75.580814][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.582349][ T4520] Modules linked in: [ 75.582988][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 75.584256][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.586165][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.587556][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 75.588490][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 75.589374][ T4520] sp : ffff80001f6977c0 [ 75.590134][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 75.591611][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 75.593003][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31d9970 [ 75.594409][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 75.595823][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.597276][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 75.598594][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 75.599954][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.601366][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.602729][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.604104][ T4520] Call trace: [ 75.604609][ T4520] invalidate_bh_lru+0x128/0x22c [ 75.605403][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 75.606385][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.607278][ T4520] invalidate_bh_lrus+0x34/0x40 [ 75.608047][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 75.608903][ T4520] blkdev_put+0x490/0x6ac [ 75.609608][ T4520] blkdev_close+0x74/0xb0 [ 75.610310][ T4520] __fput+0x1c0/0x7e8 [ 75.610985][ T4520] ____fput+0x20/0x30 [ 75.611676][ T4520] task_work_run+0x12c/0x1d8 [ 75.612453][ T4520] do_notify_resume+0x2450/0x309c [ 75.613309][ T4520] el0_svc+0xf0/0x1d0 [ 75.613967][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 75.614827][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 75.615622][ T4520] irq event stamp: 125154 [ 75.616409][ T4520] hardirqs last enabled at (125153): [] kasan_quarantine_put+0xc4/0x200 [ 75.618044][ T4520] hardirqs last disabled at (125154): [] smp_call_function_many_cond+0xa44/0xeac [ 75.619788][ T4520] softirqs last enabled at (124460): [] local_bh_enable+0x10/0x34 [ 75.621449][ T4520] softirqs last disabled at (124458): [] local_bh_disable+0x10/0x34 [ 75.623075][ T4520] ---[ end trace ef99201762a031cd ]--- [ 75.655822][ T4998] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.657230][ T4998] Bad inode number on dev loop0: 2 is out of range [ 75.658445][ T4998] SysV FS: get root inode failed [ 75.659261][ T4998] oldfs: cannot read superblock [ 75.664263][ C1] ------------[ cut here ]------------ [ 75.665090][ C1] VFS: brelse: Trying to free free buffer [ 75.666026][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.667535][ C1] Modules linked in: [ 75.668184][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.669650][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.671399][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.672788][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.673728][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.674560][ C1] sp : ffff800008017de0 [ 75.675243][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 75.676662][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.678075][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda6888 [ 75.679467][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 75.680874][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.682217][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.683553][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 75.684920][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.686260][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.687646][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.689002][ C1] Call trace: [ 75.689539][ C1] invalidate_bh_lru+0x128/0x22c [ 75.690359][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.691404][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.692612][ C1] ipi_handler+0x10c/0x6fc [ 75.693401][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.694351][ C1] handle_domain_irq+0x144/0x1fc [ 75.695169][ C1] gic_handle_irq+0x78/0x1b8 [ 75.695997][ C1] call_on_irq_stack+0x30/0x48 [ 75.696834][ C1] do_interrupt_handler+0x6c/0x88 [ 75.697688][ C1] el1_interrupt+0x30/0x58 [ 75.698424][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.699223][ C1] el1h_64_irq+0x78/0x7c [ 75.699898][ C1] __sanitizer_cov_trace_pc+0xa8/0xac [ 75.700816][ C1] __check_object_size+0x70/0x4f0 [ 75.701675][ C1] xt_obj_to_user+0x16c/0x3c8 [ 75.702408][ C1] xt_target_to_user+0x88/0x1a8 [ 75.703238][ C1] do_ipt_get_ctl+0x104c/0x143c [ 75.704043][ C1] nf_getsockopt+0x264/0x284 [ 75.704781][ C1] ip_getsockopt+0x122c/0x1664 [ 75.705548][ C1] tcp_getsockopt+0x210/0x2eec [ 75.706377][ C1] sock_common_getsockopt+0xa8/0xc4 [ 75.707199][ C1] __sys_getsockopt+0x1b8/0x250 [ 75.708059][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 75.708935][ C1] invoke_syscall+0x98/0x2b0 [ 75.709706][ C1] el0_svc_common+0x138/0x258 [ 75.710406][ C1] do_el0_svc+0x58/0x13c [ 75.711083][ C1] el0_svc+0x78/0x1d0 [ 75.711817][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.712667][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.713461][ C1] irq event stamp: 173610 [ 75.714181][ C1] hardirqs last enabled at (173609): [] alloc_counters+0x3d4/0x7a0 [ 75.715837][ C1] hardirqs last disabled at (173610): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.717582][ C1] softirqs last enabled at (173580): [] release_sock+0x1d0/0x258 [ 75.719324][ C1] softirqs last disabled at (173578): [] release_sock+0x34/0x258 [ 75.720933][ C1] ---[ end trace ef99201762a031ce ]--- [ 75.791742][ T5000] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.792967][ T5000] Bad inode number on dev loop0: 2 is out of range [ 75.794015][ T5000] SysV FS: get root inode failed [ 75.794829][ T5000] oldfs: cannot read superblock [ 75.803186][ C1] ------------[ cut here ]------------ [ 75.804059][ C1] VFS: brelse: Trying to free free buffer [ 75.805029][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.806344][ C1] Modules linked in: [ 75.807008][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.808353][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.809915][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.811246][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.812219][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.813124][ C1] sp : ffff800008017de0 [ 75.813850][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645b [ 75.815296][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 75.816670][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda6c28 [ 75.818139][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 75.819652][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.821021][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.822342][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 75.823738][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.825138][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.826537][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.827753][ C1] Call trace: [ 75.828324][ C1] invalidate_bh_lru+0x128/0x22c [ 75.829150][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.830136][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.831326][ C1] ipi_handler+0x10c/0x6fc [ 75.832033][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.832924][ C1] handle_domain_irq+0x144/0x1fc [ 75.833752][ C1] gic_handle_irq+0x78/0x1b8 [ 75.834532][ C1] call_on_irq_stack+0x30/0x48 [ 75.835357][ C1] do_interrupt_handler+0x6c/0x88 [ 75.836195][ C1] el1_interrupt+0x30/0x58 [ 75.836877][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.837655][ C1] el1h_64_irq+0x78/0x7c [ 75.838322][ C1] stack_depot_save+0x184/0x494 [ 75.839194][ C1] __kasan_slab_alloc+0xa8/0xcc [ 75.840018][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 75.840926][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 75.841761][ C1] copy_fs_struct+0x58/0x214 [ 75.842534][ C1] copy_fs+0x64/0x148 [ 75.843221][ C1] copy_process+0x13c8/0x34c8 [ 75.844077][ C1] kernel_clone+0x1ec/0x9e8 [ 75.844823][ C1] __arm64_sys_clone+0x14c/0x1b8 [ 75.845686][ C1] invoke_syscall+0x98/0x2b0 [ 75.846442][ C1] el0_svc_common+0x138/0x258 [ 75.847245][ C1] do_el0_svc+0x58/0x13c [ 75.847937][ C1] el0_svc+0x78/0x1d0 [ 75.848587][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.849432][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.850187][ C1] irq event stamp: 177132 [ 75.850930][ C1] hardirqs last enabled at (177131): [] mod_objcg_mlstate+0x13c/0x220 [ 75.852593][ C1] hardirqs last disabled at (177132): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.854264][ C1] softirqs last enabled at (177106): [] local_bh_enable+0x10/0x34 [ 75.855914][ C1] softirqs last disabled at (177104): [] local_bh_disable+0x10/0x34 [ 75.857573][ C1] ---[ end trace ef99201762a031cf ]--- [ 75.952199][ T5002] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.953462][ T5002] Bad inode number on dev loop0: 2 is out of range [ 75.954552][ T5002] SysV FS: get root inode failed [ 75.961791][ T5002] oldfs: cannot read superblock [ 75.964504][ T4520] ------------[ cut here ]------------ [ 75.965387][ T4520] VFS: brelse: Trying to free free buffer [ 75.966372][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.968023][ T4520] Modules linked in: [ 75.968641][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 75.970076][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 75.971819][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.973210][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 75.974061][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 75.974885][ T4520] sp : ffff80001f6977c0 [ 75.975671][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 75.976961][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 75.978427][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda2060 [ 75.979825][ T4520] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 75.981126][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 75.982455][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 75.983749][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 75.985000][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.986228][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 75.987491][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.988920][ T4520] Call trace: [ 75.989481][ T4520] invalidate_bh_lru+0x128/0x22c [ 75.990352][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 75.991333][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.992160][ T4520] invalidate_bh_lrus+0x34/0x40 [ 75.993036][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 75.993958][ T4520] blkdev_put+0x490/0x6ac [ 75.994694][ T4520] blkdev_close+0x74/0xb0 [ 75.995441][ T4520] __fput+0x1c0/0x7e8 [ 75.996098][ T4520] ____fput+0x20/0x30 [ 75.996789][ T4520] task_work_run+0x12c/0x1d8 [ 75.997533][ T4520] do_notify_resume+0x2450/0x309c [ 75.998405][ T4520] el0_svc+0xf0/0x1d0 [ 75.999140][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 75.999954][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 76.000795][ T4520] irq event stamp: 135766 [ 76.001534][ T4520] hardirqs last enabled at (135765): [] kasan_quarantine_put+0xc4/0x200 [ 76.003143][ T4520] hardirqs last disabled at (135766): [] smp_call_function_many_cond+0xa44/0xeac [ 76.004936][ T4520] softirqs last enabled at (135626): [] local_bh_enable+0x10/0x34 [ 76.006499][ T4520] softirqs last disabled at (135624): [] local_bh_disable+0x10/0x34 [ 76.008155][ T4520] ---[ end trace ef99201762a031d0 ]--- [ 76.011934][ T148] device hsr_slave_0 left promiscuous mode [ 76.050669][ T148] device hsr_slave_1 left promiscuous mode [ 76.060950][ T5004] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.062266][ T5004] Bad inode number on dev loop0: 2 is out of range [ 76.063437][ T5004] SysV FS: get root inode failed [ 76.064291][ T5004] oldfs: cannot read superblock [ 76.072634][ C1] ------------[ cut here ]------------ [ 76.073473][ C1] VFS: brelse: Trying to free free buffer [ 76.074349][ C1] WARNING: CPU: 1 PID: 5006 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.075716][ C1] Modules linked in: [ 76.076318][ C1] CPU: 1 PID: 5006 Comm: syz.0.39 Tainted: G W syzkaller #0 [ 76.077798][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.079550][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.080939][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.081838][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.082716][ C1] sp : ffff800008017de0 [ 76.083400][ C1] x29: ffff800008017de0 x28: ffff0000cd4f51c0 x27: 1fffe000341f645c [ 76.084662][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 76.086063][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda2400 [ 76.087250][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.088627][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.090001][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.091450][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : d7d657e3e0c1e600 [ 76.092827][ C1] x8 : d7d657e3e0c1e600 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.094042][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.095415][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.096745][ C1] Call trace: [ 76.097259][ C1] invalidate_bh_lru+0x128/0x22c [ 76.098059][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.099068][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.100224][ C1] ipi_handler+0x10c/0x6fc [ 76.100964][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.101924][ C1] handle_domain_irq+0x144/0x1fc [ 76.102766][ C1] gic_handle_irq+0x78/0x1b8 [ 76.103557][ C1] call_on_irq_stack+0x30/0x48 [ 76.104280][ C1] do_interrupt_handler+0x6c/0x88 [ 76.105202][ C1] el0_interrupt+0x94/0x248 [ 76.105946][ C1] __el0_irq_handler_common+0x18/0x24 [ 76.106870][ C1] el0t_64_irq_handler+0x10/0x1c [ 76.107673][ C1] el0t_64_irq+0x1a0/0x1a4 [ 76.108371][ C1] irq event stamp: 124 [ 76.109052][ C1] hardirqs last enabled at (123): [] el0t_64_sync_handler+0xd8/0xe4 [ 76.110697][ C1] hardirqs last disabled at (124): [] __el0_irq_handler_common+0x18/0x24 [ 76.112381][ C1] softirqs last enabled at (92): [] local_bh_enable+0x10/0x34 [ 76.113961][ C1] softirqs last disabled at (90): [] local_bh_disable+0x10/0x34 [ 76.115433][ C1] ---[ end trace ef99201762a031d1 ]--- [ 76.120892][ T4117] Bluetooth: hci0: command 0x0419 tx timeout [ 76.140572][ T5006] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.141756][ T5006] Bad inode number on dev loop0: 2 is out of range [ 76.142883][ T5006] SysV FS: get root inode failed [ 76.143677][ T5006] oldfs: cannot read superblock [ 76.150831][ T148] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 76.152092][ T148] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.154136][ T148] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 76.155409][ T148] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.156796][ T148] device bridge_slave_1 left promiscuous mode [ 76.157765][ T148] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.158911][ C0] ------------[ cut here ]------------ [ 76.158917][ C0] VFS: brelse: Trying to free free buffer [ 76.158966][ C0] WARNING: CPU: 0 PID: 148 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.158986][ C0] Modules linked in: [ 76.158993][ C0] CPU: 0 PID: 148 Comm: kworker/u4:2 Tainted: G W syzkaller #0 [ 76.158999][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.159003][ C0] Workqueue: netns cleanup_net [ 76.159013][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.159021][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.159026][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.159031][ C0] sp : ffff800008007de0 [ 76.159034][ C0] x29: ffff800008007de0 x28: ffff0000c2c08000 x27: 1fffe000341f225c [ 76.159043][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 76.159051][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31d9d10 [ 76.159059][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010203 [ 76.159067][ C0] x17: 0000000000010203 x16: ffff80001125f448 x15: 0000000000000063 [ 76.159075][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.159082][ C0] x11: 0000000000010203 x10: 0000000000010203 x9 : 39ead5cc2dc73000 [ 76.159090][ C0] x8 : 39ead5cc2dc73000 x7 : ffff8000082f96c4 x6 : 0000000000000000 [ 76.159102][ C0] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff800008509220 [ 76.159111][ C0] x2 : 0000000000000001 x1 : 0000000000010203 x0 : 0000000000000027 [ 76.159119][ C0] Call trace: [ 76.159122][ C0] invalidate_bh_lru+0x128/0x22c [ 76.159127][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.159134][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.159139][ C0] ipi_handler+0x10c/0x6fc [ 76.159145][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.159151][ C0] handle_domain_irq+0x144/0x1fc [ 76.159156][ C0] gic_handle_irq+0x78/0x1b8 [ 76.159160][ C0] call_on_irq_stack+0x30/0x48 [ 76.159165][ C0] do_interrupt_handler+0x6c/0x88 [ 76.159170][ C0] el1_interrupt+0x30/0x58 [ 76.159176][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.159181][ C0] el1h_64_irq+0x78/0x7c [ 76.159185][ C0] console_unlock+0xb60/0x1208 [ 76.159190][ C0] vprintk_emit+0x150/0x22c [ 76.159195][ C0] vprintk_default+0x54/0x80 [ 76.159200][ C0] vprintk+0x200/0x2a0 [ 76.159204][ C0] _printk+0xe0/0x130 [ 76.159209][ C0] br_set_state+0x280/0x46c [ 76.159215][ C0] br_stp_disable_port+0x78/0x19c [ 76.159219][ C0] del_nbp+0x128/0x944 [ 76.159224][ C0] br_dev_delete+0x70/0x108 [ 76.159228][ C0] default_device_exit_batch+0x284/0x4c4 [ 76.159233][ C0] cleanup_net+0x654/0xaa4 [ 76.159237][ C0] process_one_work+0x79c/0x1138 [ 76.159243][ C0] worker_thread+0x8f4/0x1034 [ 76.159248][ C0] kthread+0x374/0x454 [ 76.159252][ C0] ret_from_fork+0x10/0x20 [ 76.159257][ C0] irq event stamp: 1081031 [ 76.159259][ C0] hardirqs last enabled at (1081030): [] console_unlock+0xb40/0x1208 [ 76.159266][ C0] hardirqs last disabled at (1081031): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.159273][ C0] softirqs last enabled at (1081018): [] dev_set_rx_mode+0x1bc/0x25c [ 76.159279][ C0] softirqs last disabled at (1081020): [] del_nbp+0x120/0x944 [ 76.159284][ C0] ---[ end trace ef99201762a031d2 ]--- [ 76.241765][ T148] device bridge_slave_0 left promiscuous mode [ 76.242745][ T148] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.331622][ T5008] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.332916][ T5008] Bad inode number on dev loop0: 2 is out of range [ 76.334001][ T5008] SysV FS: get root inode failed [ 76.334901][ T5008] oldfs: cannot read superblock [ 76.344865][ T4520] ------------[ cut here ]------------ [ 76.345896][ T4520] VFS: brelse: Trying to free free buffer [ 76.346927][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.348310][ T4520] Modules linked in: [ 76.348925][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 76.350213][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.351862][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.353118][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 76.354092][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 76.354955][ T4520] sp : ffff80001f6977c0 [ 76.355688][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 76.357064][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 76.358553][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda27a0 [ 76.359931][ T4520] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.361305][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.362638][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.364040][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 76.365362][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.366673][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.368056][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.369477][ T4520] Call trace: [ 76.370018][ T4520] invalidate_bh_lru+0x128/0x22c [ 76.370820][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 76.371705][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.372572][ T4520] invalidate_bh_lrus+0x34/0x40 [ 76.373452][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 76.374302][ T4520] blkdev_put+0x490/0x6ac [ 76.375045][ T4520] blkdev_close+0x74/0xb0 [ 76.375777][ T4520] __fput+0x1c0/0x7e8 [ 76.376441][ T4520] ____fput+0x20/0x30 [ 76.377115][ T4520] task_work_run+0x12c/0x1d8 [ 76.377834][ T4520] do_notify_resume+0x2450/0x309c [ 76.378665][ T4520] el0_svc+0xf0/0x1d0 [ 76.379303][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 76.380056][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 76.380779][ T4520] irq event stamp: 150276 [ 76.381455][ T4520] hardirqs last enabled at (150275): [] kasan_quarantine_put+0xc4/0x200 [ 76.383050][ T4520] hardirqs last disabled at (150276): [] smp_call_function_many_cond+0xa44/0xeac [ 76.384908][ T4520] softirqs last enabled at (149822): [] local_bh_enable+0x10/0x34 [ 76.386567][ T4520] softirqs last disabled at (149820): [] local_bh_disable+0x10/0x34 [ 76.388058][ T4520] ---[ end trace ef99201762a031d3 ]--- [ 76.390807][ T148] device veth1_macvtap left promiscuous mode [ 76.391852][ T148] device veth0_macvtap left promiscuous mode [ 76.392844][ T148] device veth1_vlan left promiscuous mode [ 76.393849][ T148] device veth0_vlan left promiscuous mode [ 76.451409][ T5010] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.452740][ T5010] Bad inode number on dev loop0: 2 is out of range [ 76.453833][ T5010] SysV FS: get root inode failed [ 76.454619][ T5010] oldfs: cannot read superblock [ 76.467596][ T4520] ------------[ cut here ]------------ [ 76.468521][ T4520] VFS: brelse: Trying to free free buffer [ 76.469544][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.471080][ T4520] Modules linked in: [ 76.471704][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 76.473166][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.474966][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.476368][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 76.477284][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 76.478145][ T4520] sp : ffff80001f6977c0 [ 76.478826][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 76.480241][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 76.481544][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda2b40 [ 76.482999][ T4520] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.484434][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.485848][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.487215][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 76.488645][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.489993][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.491368][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.492695][ T4520] Call trace: [ 76.493290][ T4520] invalidate_bh_lru+0x128/0x22c [ 76.494176][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 76.495155][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.496042][ T4520] invalidate_bh_lrus+0x34/0x40 [ 76.496860][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 76.497778][ T4520] blkdev_put+0x490/0x6ac [ 76.498559][ T4520] blkdev_close+0x74/0xb0 [ 76.499351][ T4520] __fput+0x1c0/0x7e8 [ 76.499978][ T4520] ____fput+0x20/0x30 [ 76.500581][ T4520] task_work_run+0x12c/0x1d8 [ 76.501305][ T4520] do_notify_resume+0x2450/0x309c [ 76.502114][ T4520] el0_svc+0xf0/0x1d0 [ 76.502786][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 76.503632][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 76.504403][ T4520] irq event stamp: 156080 [ 76.505079][ T4520] hardirqs last enabled at (156079): [] kasan_quarantine_put+0xc4/0x200 [ 76.506814][ T4520] hardirqs last disabled at (156080): [] smp_call_function_many_cond+0xa44/0xeac [ 76.508601][ T4520] softirqs last enabled at (155880): [] local_bh_enable+0x10/0x34 [ 76.510226][ T4520] softirqs last disabled at (155878): [] local_bh_disable+0x10/0x34 [ 76.511755][ T4520] ---[ end trace ef99201762a031d4 ]--- [ 76.541964][ T148] team0 (unregistering): Port device team_slave_1 removed [ 76.546130][ T148] team0 (unregistering): Port device team_slave_0 removed [ 76.556349][ T148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 76.564889][ T5015] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.565992][ T5015] Bad inode number on dev loop0: 2 is out of range [ 76.567003][ T5015] SysV FS: get root inode failed [ 76.567780][ T5015] oldfs: cannot read superblock [ 76.568828][ C1] ------------[ cut here ]------------ [ 76.569647][ C1] VFS: brelse: Trying to free free buffer [ 76.570605][ C1] WARNING: CPU: 1 PID: 5014 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.572173][ C1] Modules linked in: [ 76.572861][ C1] CPU: 1 PID: 5014 Comm: syz.0.43 Tainted: G W syzkaller #0 [ 76.574367][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.576135][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.577440][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.578305][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.579150][ C1] sp : ffff800008017de0 [ 76.579833][ C1] x29: ffff800008017de0 x28: ffff0000d0b70000 x27: 1fffe000341f645b [ 76.581247][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 76.582548][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000deda2ee0 [ 76.583867][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.585208][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.586608][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.588021][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : bec6613e69cb3400 [ 76.589438][ C1] x8 : bec6613e69cb3400 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.590874][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.592353][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.593761][ C1] Call trace: [ 76.594316][ C1] invalidate_bh_lru+0x128/0x22c [ 76.595153][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.596174][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.597287][ C1] ipi_handler+0x10c/0x6fc [ 76.598010][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.598926][ C1] handle_domain_irq+0x144/0x1fc [ 76.599686][ C1] gic_handle_irq+0x78/0x1b8 [ 76.600450][ C1] call_on_irq_stack+0x30/0x48 [ 76.601163][ C1] do_interrupt_handler+0x6c/0x88 [ 76.601937][ C1] el1_interrupt+0x30/0x58 [ 76.602682][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.603513][ C1] el1h_64_irq+0x78/0x7c [ 76.604228][ C1] debug_object_free+0x0/0x450 [ 76.605096][ C1] futex_wait+0x3b4/0x494 [ 76.605786][ C1] do_futex+0x1738/0x2650 [ 76.606532][ C1] __arm64_sys_futex+0x394/0x41c [ 76.607357][ C1] invoke_syscall+0x98/0x2b0 [ 76.608138][ C1] el0_svc_common+0x138/0x258 [ 76.608929][ C1] do_el0_svc+0x58/0x13c [ 76.609613][ C1] el0_svc+0x78/0x1d0 [ 76.610248][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.611069][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.611848][ C1] irq event stamp: 1764 [ 76.612495][ C1] hardirqs last enabled at (1763): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 76.614180][ C1] hardirqs last disabled at (1764): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.615694][ C1] softirqs last enabled at (1688): [] local_bh_enable+0x10/0x34 [ 76.617245][ C1] softirqs last disabled at (1686): [] local_bh_disable+0x10/0x34 [ 76.618812][ C1] ---[ end trace ef99201762a031d5 ]--- [ 76.644590][ T148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 76.663393][ T5017] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.664709][ T5017] Bad inode number on dev loop0: 2 is out of range [ 76.665657][ T5017] SysV FS: get root inode failed [ 76.666472][ T5017] oldfs: cannot read superblock [ 76.672797][ T4520] ------------[ cut here ]------------ [ 76.673654][ T4520] VFS: brelse: Trying to free free buffer [ 76.674578][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.676126][ T4520] Modules linked in: [ 76.676726][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 76.678200][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.679914][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.681246][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 76.682075][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 76.682939][ T4520] sp : ffff80001f6977c0 [ 76.683715][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 76.685076][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 76.686414][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9f318 [ 76.687708][ T4520] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.689020][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.690347][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 76.691621][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 76.692967][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.694211][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.695640][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.697014][ T4520] Call trace: [ 76.697595][ T4520] invalidate_bh_lru+0x128/0x22c [ 76.698456][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 76.699397][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.700286][ T4520] invalidate_bh_lrus+0x34/0x40 [ 76.701116][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 76.701980][ T4520] blkdev_put+0x490/0x6ac [ 76.702692][ T4520] blkdev_close+0x74/0xb0 [ 76.703424][ T4520] __fput+0x1c0/0x7e8 [ 76.704132][ T4520] ____fput+0x20/0x30 [ 76.704813][ T4520] task_work_run+0x12c/0x1d8 [ 76.705582][ T4520] do_notify_resume+0x2450/0x309c [ 76.706496][ T4520] el0_svc+0xf0/0x1d0 [ 76.707232][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 76.708209][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 76.709057][ T4520] irq event stamp: 166966 [ 76.709768][ T4520] hardirqs last enabled at (166965): [] kasan_quarantine_put+0xc4/0x200 [ 76.711562][ T4520] hardirqs last disabled at (166966): [] smp_call_function_many_cond+0xa44/0xeac [ 76.713370][ T4520] softirqs last enabled at (166754): [] local_bh_enable+0x10/0x34 [ 76.714890][ T4520] softirqs last disabled at (166752): [] local_bh_disable+0x10/0x34 [ 76.716599][ T4520] ---[ end trace ef99201762a031d6 ]--- [ 76.762623][ T5019] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.763904][ T5019] Bad inode number on dev loop0: 2 is out of range [ 76.764959][ T5019] SysV FS: get root inode failed [ 76.765942][ T5019] oldfs: cannot read superblock [ 76.766843][ T5019] ------------[ cut here ]------------ [ 76.767631][ T5019] VFS: brelse: Trying to free free buffer [ 76.768573][ T5019] WARNING: CPU: 0 PID: 5019 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.769951][ T5019] Modules linked in: [ 76.770645][ T5019] CPU: 0 PID: 5019 Comm: syz.0.45 Tainted: G W syzkaller #0 [ 76.772172][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.773838][ T5019] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.775097][ T5019] pc : invalidate_bh_lru+0x128/0x22c [ 76.775898][ T5019] lr : invalidate_bh_lru+0x128/0x22c [ 76.776753][ T5019] sp : ffff80001f9876e0 [ 76.777406][ T5019] x29: ffff80001f9876e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 76.778785][ T5019] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 76.780197][ T5019] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3364318 [ 76.781580][ T5019] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 76.782892][ T5019] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.784163][ T5019] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.785472][ T5019] x11: 0000000000000002 x10: 0000000000000000 x9 : da1375372077db00 [ 76.786855][ T5019] x8 : da1375372077db00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.788275][ T5019] x5 : ffff80001f986ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.789705][ T5019] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.791045][ T5019] Call trace: [ 76.791554][ T5019] invalidate_bh_lru+0x128/0x22c [ 76.792323][ T5019] smp_call_function_many_cond+0xa50/0xeac [ 76.793282][ T5019] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.794140][ T5019] invalidate_bh_lrus+0x34/0x40 [ 76.794985][ T5019] blkdev_flush_mapping+0x16c/0x334 [ 76.795837][ T5019] blkdev_put+0x490/0x6ac [ 76.796509][ T5019] kill_block_super+0x98/0xdc [ 76.797280][ T5019] deactivate_locked_super+0xb8/0x134 [ 76.798230][ T5019] mount_bdev+0x284/0x358 [ 76.799005][ T5019] sysv_mount+0x44/0x58 [ 76.799679][ T5019] legacy_get_tree+0xd4/0x16c [ 76.800452][ T5019] vfs_get_tree+0x90/0x274 [ 76.801206][ T5019] do_new_mount+0x228/0x810 [ 76.801971][ T5019] path_mount+0x5bc/0x1008 [ 76.802743][ T5019] __arm64_sys_mount+0x514/0x5f0 [ 76.803544][ T5019] invoke_syscall+0x98/0x2b0 [ 76.804331][ T5019] el0_svc_common+0x138/0x258 [ 76.805050][ T5019] do_el0_svc+0x58/0x13c [ 76.805803][ T5019] el0_svc+0x78/0x1d0 [ 76.806460][ T5019] el0t_64_sync_handler+0xcc/0xe4 [ 76.807205][ T5019] el0t_64_sync+0x1a0/0x1a4 [ 76.808009][ T5019] irq event stamp: 1096 [ 76.808682][ T5019] hardirqs last enabled at (1095): [] kasan_quarantine_put+0xc4/0x200 [ 76.810250][ T5019] hardirqs last disabled at (1096): [] smp_call_function_many_cond+0xa44/0xeac [ 76.812000][ T5019] softirqs last enabled at (916): [] local_bh_enable+0x10/0x34 [ 76.813615][ T5019] softirqs last disabled at (914): [] local_bh_disable+0x10/0x34 [ 76.815225][ T5019] ---[ end trace ef99201762a031d7 ]--- [ 76.833891][ T148] bond0 (unregistering): Released all slaves [ 76.915466][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.916646][ T5023] Bad inode number on dev loop0: 2 is out of range [ 76.917817][ T5023] SysV FS: get root inode failed [ 76.918637][ T5023] oldfs: cannot read superblock [ 76.928267][ C0] ------------[ cut here ]------------ [ 76.929174][ C0] VFS: brelse: Trying to free free buffer [ 76.930158][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.931607][ C0] Modules linked in: [ 76.932224][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.933740][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 76.935313][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.936666][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.937513][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.938370][ C0] sp : ffff800008007de0 [ 76.939017][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 76.940343][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 76.941758][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e33646b8 [ 76.943154][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 76.944479][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 76.945823][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 76.947190][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 76.948501][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.949845][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 76.951261][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.952513][ C0] Call trace: [ 76.953107][ C0] invalidate_bh_lru+0x128/0x22c [ 76.953949][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.954897][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.955945][ C0] ipi_handler+0x10c/0x6fc [ 76.956680][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.957505][ C0] handle_domain_irq+0x144/0x1fc [ 76.958253][ C0] gic_handle_irq+0x78/0x1b8 [ 76.959010][ C0] call_on_irq_stack+0x30/0x48 [ 76.959750][ C0] do_interrupt_handler+0x6c/0x88 [ 76.960540][ C0] el1_interrupt+0x30/0x58 [ 76.961337][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.962236][ C0] el1h_64_irq+0x78/0x7c [ 76.962984][ C0] crng_make_state+0x398/0x5d0 [ 76.963772][ C0] _get_random_bytes+0xf4/0x22c [ 76.964521][ C0] get_random_bytes+0x28/0x38 [ 76.965246][ C0] copy_thread+0x384/0x388 [ 76.966012][ C0] copy_process+0x160c/0x34c8 [ 76.966833][ C0] kernel_clone+0x1ec/0x9e8 [ 76.967586][ C0] __arm64_sys_clone+0x14c/0x1b8 [ 76.968506][ C0] invoke_syscall+0x98/0x2b0 [ 76.969331][ C0] el0_svc_common+0x138/0x258 [ 76.970154][ C0] do_el0_svc+0x58/0x13c [ 76.970823][ C0] el0_svc+0x78/0x1d0 [ 76.971490][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 76.972341][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.973045][ C0] irq event stamp: 202134 [ 76.973681][ C0] hardirqs last enabled at (202133): [] crng_make_state+0x378/0x5d0 [ 76.975278][ C0] hardirqs last disabled at (202134): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.976857][ C0] softirqs last enabled at (201532): [] local_bh_enable+0x10/0x34 [ 76.978442][ C0] softirqs last disabled at (201530): [] local_bh_disable+0x10/0x34 [ 76.979917][ C0] ---[ end trace ef99201762a031d8 ]--- [ 77.021752][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.023002][ T5025] Bad inode number on dev loop0: 2 is out of range [ 77.024070][ T5025] SysV FS: get root inode failed [ 77.024838][ T5025] oldfs: cannot read superblock [ 77.031517][ T4520] ------------[ cut here ]------------ [ 77.032436][ T4520] VFS: brelse: Trying to free free buffer [ 77.033367][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.034723][ T4520] Modules linked in: [ 77.035368][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 77.036731][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.038368][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.039770][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 77.040680][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 77.041604][ T4520] sp : ffff80001f6977c0 [ 77.042358][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 77.043739][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 77.045153][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3364a58 [ 77.046590][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 77.047950][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.049262][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.050641][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 77.051916][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.053201][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.054515][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.055892][ T4520] Call trace: [ 77.056432][ T4520] invalidate_bh_lru+0x128/0x22c [ 77.057184][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 77.058253][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.059164][ T4520] invalidate_bh_lrus+0x34/0x40 [ 77.059957][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 77.060804][ T4520] blkdev_put+0x490/0x6ac [ 77.061563][ T4520] blkdev_close+0x74/0xb0 [ 77.062218][ T4520] __fput+0x1c0/0x7e8 [ 77.062883][ T4520] ____fput+0x20/0x30 [ 77.063514][ T4520] task_work_run+0x12c/0x1d8 [ 77.064298][ T4520] do_notify_resume+0x2450/0x309c [ 77.065160][ T4520] el0_svc+0xf0/0x1d0 [ 77.065855][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 77.066669][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 77.067466][ T4520] irq event stamp: 182406 [ 77.068215][ T4520] hardirqs last enabled at (182405): [] kasan_quarantine_put+0xc4/0x200 [ 77.069931][ T4520] hardirqs last disabled at (182406): [] smp_call_function_many_cond+0xa44/0xeac [ 77.071647][ T4520] softirqs last enabled at (182290): [] local_bh_enable+0x10/0x34 [ 77.073223][ T4520] softirqs last disabled at (182288): [] local_bh_disable+0x10/0x34 [ 77.074886][ T4520] ---[ end trace ef99201762a031d9 ]--- [ 77.110534][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.111810][ T5027] Bad inode number on dev loop0: 2 is out of range [ 77.112887][ T5027] SysV FS: get root inode failed [ 77.113653][ T5027] oldfs: cannot read superblock [ 77.119368][ C0] ------------[ cut here ]------------ [ 77.120164][ C0] VFS: brelse: Trying to free free buffer [ 77.121095][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.122590][ C0] Modules linked in: [ 77.123227][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.124781][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.126473][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.127813][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.128727][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.129540][ C0] sp : ffff800008007de0 [ 77.130216][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 77.131678][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 77.133077][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3364df8 [ 77.134535][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 77.135826][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.137204][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.138569][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 77.139938][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.141408][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.142756][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.144044][ C0] Call trace: [ 77.144594][ C0] invalidate_bh_lru+0x128/0x22c [ 77.145331][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.146300][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.147463][ C0] ipi_handler+0x10c/0x6fc [ 77.148244][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.149157][ C0] handle_domain_irq+0x144/0x1fc [ 77.150067][ C0] gic_handle_irq+0x78/0x1b8 [ 77.150838][ C0] call_on_irq_stack+0x30/0x48 [ 77.151694][ C0] do_interrupt_handler+0x6c/0x88 [ 77.152552][ C0] el1_interrupt+0x30/0x58 [ 77.153221][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.154024][ C0] el1h_64_irq+0x78/0x7c [ 77.154701][ C0] ___slab_alloc+0xc28/0xd8c [ 77.155435][ C0] __slab_alloc+0x68/0xc0 [ 77.156161][ C0] __kmalloc_node+0x300/0x508 [ 77.156937][ C0] __vmalloc_node_range+0x2b8/0x8c8 [ 77.157813][ C0] vzalloc+0x110/0x188 [ 77.158544][ C0] xt_counters_alloc+0x50/0x60 [ 77.159325][ C0] __do_replace+0xa8/0x998 [ 77.160103][ C0] do_ip6t_set_ctl+0xb14/0xe60 [ 77.160949][ C0] nf_setsockopt+0x270/0x290 [ 77.161808][ C0] ipv6_setsockopt+0x1bb0/0x37ac [ 77.162674][ C0] tcp_setsockopt+0x1e0/0x1c3c [ 77.163503][ C0] sock_common_setsockopt+0xb0/0xcc [ 77.164355][ C0] __sys_setsockopt+0x260/0x36c [ 77.165171][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 77.166058][ C0] invoke_syscall+0x98/0x2b0 [ 77.166837][ C0] el0_svc_common+0x138/0x258 [ 77.167641][ C0] do_el0_svc+0x58/0x13c [ 77.168425][ C0] el0_svc+0x78/0x1d0 [ 77.169084][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.169927][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.170650][ C0] irq event stamp: 206266 [ 77.171361][ C0] hardirqs last enabled at (206265): [] ___slab_alloc+0xc18/0xd8c [ 77.172995][ C0] hardirqs last disabled at (206266): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.174734][ C0] softirqs last enabled at (206254): [] release_sock+0x1d0/0x258 [ 77.176414][ C0] softirqs last disabled at (206252): [] release_sock+0x34/0x258 [ 77.177946][ C0] ---[ end trace ef99201762a031da ]--- [ 77.258503][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.259881][ T5029] Bad inode number on dev loop0: 2 is out of range [ 77.262204][ T5029] SysV FS: get root inode failed [ 77.263094][ T5029] oldfs: cannot read superblock [ 77.268729][ T4520] ------------[ cut here ]------------ [ 77.269628][ T4520] VFS: brelse: Trying to free free buffer [ 77.270544][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.272056][ T4520] Modules linked in: [ 77.272707][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 77.274050][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.275643][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.276940][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 77.277825][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 77.278731][ T4520] sp : ffff80001f6977c0 [ 77.279423][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 77.280730][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 77.282125][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9f6b8 [ 77.283529][ T4520] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 77.285011][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.286404][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 77.287808][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 77.289213][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.290629][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.292064][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.293466][ T4520] Call trace: [ 77.294028][ T4520] invalidate_bh_lru+0x128/0x22c [ 77.294880][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 77.295884][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.296784][ T4520] invalidate_bh_lrus+0x34/0x40 [ 77.297593][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 77.298464][ T4520] blkdev_put+0x490/0x6ac [ 77.299196][ T4520] blkdev_close+0x74/0xb0 [ 77.299945][ T4520] __fput+0x1c0/0x7e8 [ 77.300615][ T4520] ____fput+0x20/0x30 [ 77.301271][ T4520] task_work_run+0x12c/0x1d8 [ 77.302092][ T4520] do_notify_resume+0x2450/0x309c [ 77.302945][ T4520] el0_svc+0xf0/0x1d0 [ 77.303605][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 77.304391][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 77.305081][ T4520] irq event stamp: 194308 [ 77.305850][ T4520] hardirqs last enabled at (194307): [] kasan_quarantine_put+0xc4/0x200 [ 77.307604][ T4520] hardirqs last disabled at (194308): [] smp_call_function_many_cond+0xa44/0xeac [ 77.309315][ T4520] softirqs last enabled at (194096): [] local_bh_enable+0x10/0x34 [ 77.310918][ T4520] softirqs last disabled at (194094): [] local_bh_disable+0x10/0x34 [ 77.312645][ T4520] ---[ end trace ef99201762a031db ]--- [ 77.382713][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.383962][ T5031] Bad inode number on dev loop0: 2 is out of range [ 77.384984][ T5031] SysV FS: get root inode failed [ 77.385765][ T5031] oldfs: cannot read superblock [ 77.389099][ C1] ------------[ cut here ]------------ [ 77.390071][ C1] VFS: brelse: Trying to free free buffer [ 77.391069][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.392526][ C1] Modules linked in: [ 77.393177][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 77.394454][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.396193][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.397536][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 77.398430][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 77.399286][ C1] sp : ffff800008017de0 [ 77.399948][ C1] x29: ffff800008017de0 x28: ffff0000d6dd9b40 x27: 1fffe000341f645b [ 77.401325][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 77.402672][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9fa58 [ 77.403993][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 77.405306][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.406653][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 77.408032][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b2b9babd895b1a00 [ 77.409389][ C1] x8 : b2b9babd895b1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.410779][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.412124][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.413463][ C1] Call trace: [ 77.414096][ C1] invalidate_bh_lru+0x128/0x22c [ 77.414941][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.415913][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.417105][ C1] ipi_handler+0x10c/0x6fc [ 77.417916][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 77.418848][ C1] handle_domain_irq+0x144/0x1fc [ 77.419696][ C1] gic_handle_irq+0x78/0x1b8 [ 77.420514][ C1] call_on_irq_stack+0x30/0x48 [ 77.421303][ C1] do_interrupt_handler+0x6c/0x88 [ 77.422190][ C1] el1_interrupt+0x30/0x58 [ 77.422963][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.423816][ C1] el1h_64_irq+0x78/0x7c [ 77.424553][ C1] ___slab_alloc+0xc28/0xd8c [ 77.425337][ C1] __slab_alloc+0x68/0xc0 [ 77.426124][ C1] kmem_cache_alloc+0x2a4/0x3d4 [ 77.426952][ C1] getname_flags+0xb8/0x450 [ 77.427688][ C1] getname+0x28/0x38 [ 77.428350][ C1] do_sys_openat2+0xdc/0x3f4 [ 77.429124][ C1] __arm64_sys_openat+0x118/0x14c [ 77.429971][ C1] invoke_syscall+0x98/0x2b0 [ 77.430713][ C1] el0_svc_common+0x138/0x258 [ 77.431416][ C1] do_el0_svc+0x58/0x13c [ 77.432122][ C1] el0_svc+0x78/0x1d0 [ 77.432760][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.433607][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.434381][ C1] irq event stamp: 925310 [ 77.435114][ C1] hardirqs last enabled at (925309): [] ___slab_alloc+0xc18/0xd8c [ 77.436724][ C1] hardirqs last disabled at (925310): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.438437][ C1] softirqs last enabled at (925272): [] local_bh_enable+0x10/0x34 [ 77.440031][ C1] softirqs last disabled at (925270): [] local_bh_disable+0x10/0x34 [ 77.441728][ C1] ---[ end trace ef99201762a031dc ]--- [ 77.492802][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.494140][ T5033] Bad inode number on dev loop0: 2 is out of range [ 77.495294][ T5033] SysV FS: get root inode failed [ 77.496139][ T5033] oldfs: cannot read superblock [ 77.505395][ C1] ------------[ cut here ]------------ [ 77.506238][ C1] VFS: brelse: Trying to free free buffer [ 77.507267][ C1] WARNING: CPU: 1 PID: 5034 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.508666][ C1] Modules linked in: [ 77.509293][ C1] CPU: 1 PID: 5034 Comm: syz.0.53 Tainted: G W syzkaller #0 [ 77.510754][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.512399][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.513664][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 77.514482][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 77.515305][ C1] sp : ffff800008017de0 [ 77.515944][ C1] x29: ffff800008017de0 x28: ffff0000ce03d1c0 x27: 1fffe000341f645c [ 77.517270][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 77.518673][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9fdf8 [ 77.520047][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 77.521389][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.522793][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 77.524229][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 8f1b208d7ac40d00 [ 77.525600][ C1] x8 : 8f1b208d7ac40d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.527039][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.528356][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.529699][ C1] Call trace: [ 77.530274][ C1] invalidate_bh_lru+0x128/0x22c [ 77.531101][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.532063][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.533219][ C1] ipi_handler+0x10c/0x6fc [ 77.533939][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 77.534849][ C1] handle_domain_irq+0x144/0x1fc [ 77.535693][ C1] gic_handle_irq+0x78/0x1b8 [ 77.536463][ C1] call_on_irq_stack+0x30/0x48 [ 77.537292][ C1] do_interrupt_handler+0x6c/0x88 [ 77.538220][ C1] el1_interrupt+0x30/0x58 [ 77.538956][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.539846][ C1] el1h_64_irq+0x78/0x7c [ 77.540550][ C1] ___slab_alloc+0xc28/0xd8c [ 77.541262][ C1] __slab_alloc+0x68/0xc0 [ 77.541906][ C1] kmem_cache_alloc+0x2a4/0x3d4 [ 77.542692][ C1] alloc_pid+0xac/0xa10 [ 77.543348][ C1] copy_process+0x17d0/0x34c8 [ 77.544102][ C1] kernel_clone+0x1ec/0x9e8 [ 77.544740][ C1] __arm64_sys_clone3+0x33c/0x374 [ 77.545562][ C1] invoke_syscall+0x98/0x2b0 [ 77.546355][ C1] el0_svc_common+0x138/0x258 [ 77.547151][ C1] do_el0_svc+0x58/0x13c [ 77.547868][ C1] el0_svc+0x78/0x1d0 [ 77.548489][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.549335][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.550156][ C1] irq event stamp: 1354 [ 77.550844][ C1] hardirqs last enabled at (1353): [] ___slab_alloc+0xc18/0xd8c [ 77.552341][ C1] hardirqs last disabled at (1354): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.554000][ C1] softirqs last enabled at (1322): [] local_bh_enable+0x10/0x34 [ 77.555573][ C1] softirqs last disabled at (1320): [] local_bh_disable+0x10/0x34 [ 77.557189][ C1] ---[ end trace ef99201762a031dd ]--- [ 77.591779][ T5035] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.593039][ T5035] Bad inode number on dev loop0: 2 is out of range [ 77.594218][ T5035] SysV FS: get root inode failed [ 77.595013][ T5035] oldfs: cannot read superblock [ 77.599266][ T4520] ------------[ cut here ]------------ [ 77.600138][ T4520] VFS: brelse: Trying to free free buffer [ 77.601099][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.602547][ T4520] Modules linked in: [ 77.603155][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 77.604487][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.606195][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.607484][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 77.608338][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 77.609140][ T4520] sp : ffff80001f6977c0 [ 77.609778][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 77.611130][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 77.612523][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9b230 [ 77.613894][ T4520] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 77.615143][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.616511][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 77.617888][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 77.619343][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.620687][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.621954][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.623353][ T4520] Call trace: [ 77.623871][ T4520] invalidate_bh_lru+0x128/0x22c [ 77.624700][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 77.625627][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.626433][ T4520] invalidate_bh_lrus+0x34/0x40 [ 77.627225][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 77.628121][ T4520] blkdev_put+0x490/0x6ac [ 77.628874][ T4520] blkdev_close+0x74/0xb0 [ 77.629636][ T4520] __fput+0x1c0/0x7e8 [ 77.630323][ T4520] ____fput+0x20/0x30 [ 77.630943][ T4520] task_work_run+0x12c/0x1d8 [ 77.631593][ T4520] do_notify_resume+0x2450/0x309c [ 77.632316][ T4520] el0_svc+0xf0/0x1d0 [ 77.633107][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 77.633849][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 77.634601][ T4520] irq event stamp: 204586 [ 77.635312][ T4520] hardirqs last enabled at (204585): [] kasan_quarantine_put+0xc4/0x200 [ 77.636988][ T4520] hardirqs last disabled at (204586): [] smp_call_function_many_cond+0xa44/0xeac [ 77.638746][ T4520] softirqs last enabled at (204380): [] local_bh_enable+0x10/0x34 [ 77.640261][ T4520] softirqs last disabled at (204378): [] local_bh_disable+0x10/0x34 [ 77.641852][ T4520] ---[ end trace ef99201762a031de ]--- [ 77.733017][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.734237][ T5037] Bad inode number on dev loop0: 2 is out of range [ 77.735411][ T5037] SysV FS: get root inode failed [ 77.736257][ T5037] oldfs: cannot read superblock [ 77.743514][ T4520] ------------[ cut here ]------------ [ 77.744400][ T4520] VFS: brelse: Trying to free free buffer [ 77.745382][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.746725][ T4520] Modules linked in: [ 77.747372][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 77.748709][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.750393][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.751722][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 77.752618][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 77.753585][ T4520] sp : ffff80001f6977c0 [ 77.754312][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 77.755664][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 77.756944][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c065fee0 [ 77.758276][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 77.759550][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.760930][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.762328][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 77.763708][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.765019][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.766406][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.767845][ T4520] Call trace: [ 77.768396][ T4520] invalidate_bh_lru+0x128/0x22c [ 77.769284][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 77.770248][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.771127][ T4520] invalidate_bh_lrus+0x34/0x40 [ 77.771955][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 77.772823][ T4520] blkdev_put+0x490/0x6ac [ 77.773523][ T4520] blkdev_close+0x74/0xb0 [ 77.774287][ T4520] __fput+0x1c0/0x7e8 [ 77.774919][ T4520] ____fput+0x20/0x30 [ 77.775564][ T4520] task_work_run+0x12c/0x1d8 [ 77.776420][ T4520] do_notify_resume+0x2450/0x309c [ 77.777258][ T4520] el0_svc+0xf0/0x1d0 [ 77.777877][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 77.778795][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 77.779556][ T4520] irq event stamp: 208902 [ 77.780279][ T4520] hardirqs last enabled at (208901): [] kasan_quarantine_put+0xc4/0x200 [ 77.782027][ T4520] hardirqs last disabled at (208902): [] smp_call_function_many_cond+0xa44/0xeac [ 77.783931][ T4520] softirqs last enabled at (208696): [] local_bh_enable+0x10/0x34 [ 77.785472][ T4520] softirqs last disabled at (208694): [] local_bh_disable+0x10/0x34 [ 77.787017][ T4520] ---[ end trace ef99201762a031df ]--- [ 77.851804][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.853103][ T5039] Bad inode number on dev loop0: 2 is out of range [ 77.854120][ T5039] SysV FS: get root inode failed [ 77.854871][ T5039] oldfs: cannot read superblock [ 77.863841][ C0] ------------[ cut here ]------------ [ 77.864824][ C0] VFS: brelse: Trying to free free buffer [ 77.865795][ C0] WARNING: CPU: 0 PID: 5040 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.867162][ C0] Modules linked in: [ 77.867866][ C0] CPU: 0 PID: 5040 Comm: syz.0.56 Tainted: G W syzkaller #0 [ 77.869282][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 77.870946][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.872329][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.873194][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.874072][ C0] sp : ffff800008007de0 [ 77.874716][ C0] x29: ffff800008007de0 x28: ffff0000d5fcb680 x27: 1fffe000341f225c [ 77.876122][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 77.877547][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c065fb40 [ 77.878848][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 77.880129][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 77.881436][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 77.882772][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c7bc2a57fe081400 [ 77.884188][ C0] x8 : c7bc2a57fe081400 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.885615][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 77.886965][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.888335][ C0] Call trace: [ 77.888831][ C0] invalidate_bh_lru+0x128/0x22c [ 77.889678][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.890659][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.891884][ C0] ipi_handler+0x10c/0x6fc [ 77.892630][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.893577][ C0] handle_domain_irq+0x144/0x1fc [ 77.894414][ C0] gic_handle_irq+0x78/0x1b8 [ 77.895224][ C0] call_on_irq_stack+0x30/0x48 [ 77.896085][ C0] do_interrupt_handler+0x6c/0x88 [ 77.896983][ C0] el1_interrupt+0x30/0x58 [ 77.897737][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.898550][ C0] el1h_64_irq+0x78/0x7c [ 77.899288][ C0] local_daif_restore+0x20/0x3c [ 77.900134][ C0] el0_da+0x80/0x1ec [ 77.900734][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 77.901608][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.902369][ C0] irq event stamp: 1066 [ 77.903123][ C0] hardirqs last enabled at (1065): [] local_daif_restore+0x1c/0x3c [ 77.904826][ C0] hardirqs last disabled at (1066): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.906537][ C0] softirqs last enabled at (1028): [] local_bh_enable+0x10/0x34 [ 77.908103][ C0] softirqs last disabled at (1026): [] local_bh_disable+0x10/0x34 [ 77.909673][ C0] ---[ end trace ef99201762a031e0 ]--- [ 77.981735][ T5041] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.982995][ T5041] Bad inode number on dev loop0: 2 is out of range [ 77.984068][ T5041] SysV FS: get root inode failed [ 77.984879][ T5041] oldfs: cannot read superblock [ 77.997973][ C1] ------------[ cut here ]------------ [ 77.998988][ C1] VFS: brelse: Trying to free free buffer [ 78.000006][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.001560][ C1] Modules linked in: [ 78.002180][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.003606][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.005266][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.006557][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.007400][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.008212][ C1] sp : ffff800008017de0 [ 78.008777][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 78.010110][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 78.011362][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9b5d0 [ 78.012662][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 78.013941][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.015186][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.016463][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 78.017876][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.019318][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.020606][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.021937][ C1] Call trace: [ 78.022490][ C1] invalidate_bh_lru+0x128/0x22c [ 78.023398][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.024392][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.025623][ C1] ipi_handler+0x10c/0x6fc [ 78.026347][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.027295][ C1] handle_domain_irq+0x144/0x1fc [ 78.028122][ C1] gic_handle_irq+0x78/0x1b8 [ 78.028944][ C1] call_on_irq_stack+0x30/0x48 [ 78.029774][ C1] do_interrupt_handler+0x6c/0x88 [ 78.030680][ C1] el1_interrupt+0x30/0x58 [ 78.031479][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.032377][ C1] el1h_64_irq+0x78/0x7c [ 78.033152][ C1] wake_up_bit+0xc0/0x140 [ 78.033893][ C1] evict+0x640/0x828 [ 78.034579][ C1] iput+0x6ac/0x764 [ 78.035236][ C1] dentry_unlink_inode+0x360/0x438 [ 78.036161][ C1] __dentry_kill+0x320/0x598 [ 78.036977][ C1] shrink_dentry_list+0x400/0x7b8 [ 78.037770][ C1] shrink_dcache_parent+0xb4/0x364 [ 78.038677][ C1] d_invalidate+0x10c/0x24c [ 78.039443][ C1] proc_invalidate_siblings_dcache+0x3c0/0x664 [ 78.040570][ C1] proc_flush_pid+0x24/0x34 [ 78.041361][ C1] release_task+0x14a0/0x1688 [ 78.042152][ C1] wait_consider_task+0x1538/0x27dc [ 78.043063][ C1] do_wait+0x2f8/0xa94 [ 78.043743][ C1] kernel_wait4+0x1f8/0x340 [ 78.044549][ C1] __arm64_sys_wait4+0x138/0x2fc [ 78.045429][ C1] invoke_syscall+0x98/0x2b0 [ 78.046181][ C1] el0_svc_common+0x138/0x258 [ 78.047021][ C1] do_el0_svc+0x58/0x13c [ 78.047717][ C1] el0_svc+0x78/0x1d0 [ 78.048363][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.049159][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.049978][ C1] irq event stamp: 224598 [ 78.050695][ C1] hardirqs last enabled at (224597): [] _raw_spin_unlock_irq+0x98/0x128 [ 78.052330][ C1] hardirqs last disabled at (224598): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.053947][ C1] softirqs last enabled at (224568): [] local_bh_enable+0x10/0x34 [ 78.055537][ C1] softirqs last disabled at (224566): [] local_bh_disable+0x10/0x34 [ 78.057295][ C1] ---[ end trace ef99201762a031e1 ]--- [ 78.125497][ T5045] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.126735][ T5045] Bad inode number on dev loop0: 2 is out of range [ 78.128157][ T5045] SysV FS: get root inode failed [ 78.128952][ T5045] oldfs: cannot read superblock [ 78.142999][ T4520] ------------[ cut here ]------------ [ 78.143905][ T4520] VFS: brelse: Trying to free free buffer [ 78.144873][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.146294][ T4520] Modules linked in: [ 78.146973][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 78.148363][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.150118][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.151485][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 78.152454][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 78.153408][ T4520] sp : ffff80001f6977c0 [ 78.154090][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 78.155417][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 78.156830][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c065f7a0 [ 78.158141][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.159556][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.160990][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.162507][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 78.163934][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.165431][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.166783][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.168247][ T4520] Call trace: [ 78.168819][ T4520] invalidate_bh_lru+0x128/0x22c [ 78.169620][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 78.170661][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.171634][ T4520] invalidate_bh_lrus+0x34/0x40 [ 78.172451][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 78.173330][ T4520] blkdev_put+0x490/0x6ac [ 78.174070][ T4520] blkdev_close+0x74/0xb0 [ 78.174827][ T4520] __fput+0x1c0/0x7e8 [ 78.175509][ T4520] ____fput+0x20/0x30 [ 78.176196][ T4520] task_work_run+0x12c/0x1d8 [ 78.176962][ T4520] do_notify_resume+0x2450/0x309c [ 78.177743][ T4520] el0_svc+0xf0/0x1d0 [ 78.178384][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 78.179170][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 78.179907][ T4520] irq event stamp: 223452 [ 78.180569][ T4520] hardirqs last enabled at (223451): [] kasan_quarantine_put+0xc4/0x200 [ 78.182143][ T4520] hardirqs last disabled at (223452): [] smp_call_function_many_cond+0xa44/0xeac [ 78.183861][ T4520] softirqs last enabled at (223266): [] local_bh_enable+0x10/0x34 [ 78.185321][ T4520] softirqs last disabled at (223264): [] local_bh_disable+0x10/0x34 [ 78.186833][ T4520] ---[ end trace ef99201762a031e2 ]--- [ 78.265639][ T5047] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.266927][ T5047] Bad inode number on dev loop0: 2 is out of range [ 78.267988][ T5047] SysV FS: get root inode failed [ 78.268882][ T5047] oldfs: cannot read superblock [ 78.269743][ T5047] ------------[ cut here ]------------ [ 78.270575][ T5047] VFS: brelse: Trying to free free buffer [ 78.271645][ T5047] WARNING: CPU: 1 PID: 5047 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.273130][ T5047] Modules linked in: [ 78.273836][ T5047] CPU: 1 PID: 5047 Comm: syz.0.59 Tainted: G W syzkaller #0 [ 78.275311][ T5047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.276874][ T5047] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.278129][ T5047] pc : invalidate_bh_lru+0x128/0x22c [ 78.279144][ T5047] lr : invalidate_bh_lru+0x128/0x22c [ 78.280056][ T5047] sp : ffff80001f9476e0 [ 78.280720][ T5047] x29: ffff80001f9476e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 78.281955][ T5047] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 78.283312][ T5047] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9b970 [ 78.284738][ T5047] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.286177][ T5047] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.287464][ T5047] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.288708][ T5047] x11: 0000000000000002 x10: 0000000000000000 x9 : ddbfcc27f0c42200 [ 78.289996][ T5047] x8 : ddbfcc27f0c42200 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.291227][ T5047] x5 : ffff80001f946ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.292596][ T5047] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.293931][ T5047] Call trace: [ 78.294496][ T5047] invalidate_bh_lru+0x128/0x22c [ 78.295344][ T5047] smp_call_function_many_cond+0xa50/0xeac [ 78.296365][ T5047] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.297226][ T5047] invalidate_bh_lrus+0x34/0x40 [ 78.298012][ T5047] blkdev_flush_mapping+0x16c/0x334 [ 78.298875][ T5047] blkdev_put+0x490/0x6ac [ 78.299610][ T5047] kill_block_super+0x98/0xdc [ 78.300438][ T5047] deactivate_locked_super+0xb8/0x134 [ 78.301342][ T5047] mount_bdev+0x284/0x358 [ 78.302035][ T5047] sysv_mount+0x44/0x58 [ 78.302667][ T5047] legacy_get_tree+0xd4/0x16c [ 78.303470][ T5047] vfs_get_tree+0x90/0x274 [ 78.304217][ T5047] do_new_mount+0x228/0x810 [ 78.304953][ T5047] path_mount+0x5bc/0x1008 [ 78.305684][ T5047] __arm64_sys_mount+0x514/0x5f0 [ 78.306544][ T5047] invoke_syscall+0x98/0x2b0 [ 78.307336][ T5047] el0_svc_common+0x138/0x258 [ 78.308138][ T5047] do_el0_svc+0x58/0x13c [ 78.308766][ T5047] el0_svc+0x78/0x1d0 [ 78.309379][ T5047] el0t_64_sync_handler+0xcc/0xe4 [ 78.310172][ T5047] el0t_64_sync+0x1a0/0x1a4 [ 78.310869][ T5047] irq event stamp: 1368 [ 78.311537][ T5047] hardirqs last enabled at (1367): [] kasan_quarantine_put+0xc4/0x200 [ 78.313147][ T5047] hardirqs last disabled at (1368): [] smp_call_function_many_cond+0xa44/0xeac [ 78.314889][ T5047] softirqs last enabled at (1174): [] local_bh_enable+0x10/0x34 [ 78.316441][ T5047] softirqs last disabled at (1172): [] local_bh_disable+0x10/0x34 [ 78.318168][ T5047] ---[ end trace ef99201762a031e3 ]--- [ 78.404576][ T5049] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.405745][ T5049] Bad inode number on dev loop0: 2 is out of range [ 78.406836][ T5049] SysV FS: get root inode failed [ 78.407621][ T5049] oldfs: cannot read superblock [ 78.416970][ T4520] ------------[ cut here ]------------ [ 78.417843][ T4520] VFS: brelse: Trying to free free buffer [ 78.418798][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.420319][ T4520] Modules linked in: [ 78.421029][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 78.422406][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.424122][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.425532][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 78.426433][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 78.427323][ T4520] sp : ffff80001f6977c0 [ 78.428093][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 78.429526][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 78.430875][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d147cb40 [ 78.432235][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.433604][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.435064][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.436412][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 78.437746][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.439132][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.440541][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.441844][ T4520] Call trace: [ 78.442404][ T4520] invalidate_bh_lru+0x128/0x22c [ 78.443197][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 78.444091][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.444909][ T4520] invalidate_bh_lrus+0x34/0x40 [ 78.445643][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 78.446503][ T4520] blkdev_put+0x490/0x6ac [ 78.447161][ T4520] blkdev_close+0x74/0xb0 [ 78.447960][ T4520] __fput+0x1c0/0x7e8 [ 78.448682][ T4520] ____fput+0x20/0x30 [ 78.449345][ T4520] task_work_run+0x12c/0x1d8 [ 78.450108][ T4520] do_notify_resume+0x2450/0x309c [ 78.450930][ T4520] el0_svc+0xf0/0x1d0 [ 78.451602][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 78.452446][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 78.453184][ T4520] irq event stamp: 233426 [ 78.453963][ T4520] hardirqs last enabled at (233425): [] kasan_quarantine_put+0xc4/0x200 [ 78.455481][ T4520] hardirqs last disabled at (233426): [] smp_call_function_many_cond+0xa44/0xeac [ 78.457253][ T4520] softirqs last enabled at (233208): [] local_bh_enable+0x10/0x34 [ 78.458884][ T4520] softirqs last disabled at (233206): [] local_bh_disable+0x10/0x34 [ 78.460457][ T4520] ---[ end trace ef99201762a031e4 ]--- [ 78.541673][ T5051] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.542978][ T5051] Bad inode number on dev loop0: 2 is out of range [ 78.544016][ T5051] SysV FS: get root inode failed [ 78.544814][ T5051] oldfs: cannot read superblock [ 78.545614][ T5051] ------------[ cut here ]------------ [ 78.546518][ T5051] VFS: brelse: Trying to free free buffer [ 78.547465][ T5051] WARNING: CPU: 0 PID: 5051 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.548947][ T5051] Modules linked in: [ 78.549631][ T5051] CPU: 0 PID: 5051 Comm: syz.0.61 Tainted: G W syzkaller #0 [ 78.551013][ T5051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.552698][ T5051] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.553968][ T5051] pc : invalidate_bh_lru+0x128/0x22c [ 78.554803][ T5051] lr : invalidate_bh_lru+0x128/0x22c [ 78.555635][ T5051] sp : ffff80001f9c76e0 [ 78.556351][ T5051] x29: ffff80001f9c76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 78.557661][ T5051] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 78.558970][ T5051] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d147cee0 [ 78.560314][ T5051] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.561658][ T5051] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.562956][ T5051] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 78.564147][ T5051] x11: 0000000000000002 x10: 0000000000000000 x9 : 41f48aba2d1d5100 [ 78.565567][ T5051] x8 : 41f48aba2d1d5100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.566913][ T5051] x5 : ffff80001f9c6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.568246][ T5051] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.569652][ T5051] Call trace: [ 78.570207][ T5051] invalidate_bh_lru+0x128/0x22c [ 78.571015][ T5051] smp_call_function_many_cond+0xa50/0xeac [ 78.572025][ T5051] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.572886][ T5051] invalidate_bh_lrus+0x34/0x40 [ 78.573683][ T5051] blkdev_flush_mapping+0x16c/0x334 [ 78.574496][ T5051] blkdev_put+0x490/0x6ac [ 78.575188][ T5051] kill_block_super+0x98/0xdc [ 78.575931][ T5051] deactivate_locked_super+0xb8/0x134 [ 78.576804][ T5051] mount_bdev+0x284/0x358 [ 78.577480][ T5051] sysv_mount+0x44/0x58 [ 78.578161][ T5051] legacy_get_tree+0xd4/0x16c [ 78.578901][ T5051] vfs_get_tree+0x90/0x274 [ 78.579716][ T5051] do_new_mount+0x228/0x810 [ 78.580404][ T5051] path_mount+0x5bc/0x1008 [ 78.581035][ T5051] __arm64_sys_mount+0x514/0x5f0 [ 78.581777][ T5051] invoke_syscall+0x98/0x2b0 [ 78.582463][ T5051] el0_svc_common+0x138/0x258 [ 78.583228][ T5051] do_el0_svc+0x58/0x13c [ 78.583921][ T5051] el0_svc+0x78/0x1d0 [ 78.584559][ T5051] el0t_64_sync_handler+0xcc/0xe4 [ 78.585333][ T5051] el0t_64_sync+0x1a0/0x1a4 [ 78.586049][ T5051] irq event stamp: 1024 [ 78.586746][ T5051] hardirqs last enabled at (1023): [] kasan_quarantine_put+0xc4/0x200 [ 78.588289][ T5051] hardirqs last disabled at (1024): [] smp_call_function_many_cond+0xa44/0xeac [ 78.589869][ T5051] softirqs last enabled at (874): [] local_bh_enable+0x10/0x34 [ 78.591327][ T5051] softirqs last disabled at (872): [] local_bh_disable+0x10/0x34 [ 78.592774][ T5051] ---[ end trace ef99201762a031e5 ]--- [ 78.774187][ T5053] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.775372][ T5053] Bad inode number on dev loop0: 2 is out of range [ 78.776354][ T5053] SysV FS: get root inode failed [ 78.777140][ T5053] oldfs: cannot read superblock [ 78.784414][ T5053] ------------[ cut here ]------------ [ 78.785382][ T5053] VFS: brelse: Trying to free free buffer [ 78.786418][ T5053] WARNING: CPU: 1 PID: 5053 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.787956][ T5053] Modules linked in: [ 78.788610][ T5053] CPU: 1 PID: 5053 Comm: syz.0.62 Tainted: G W syzkaller #0 [ 78.790004][ T5053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.791666][ T5053] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.792987][ T5053] pc : invalidate_bh_lru+0x128/0x22c [ 78.793857][ T5053] lr : invalidate_bh_lru+0x128/0x22c [ 78.794797][ T5053] sp : ffff80001f9c76e0 [ 78.795521][ T5053] x29: ffff80001f9c76e0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 78.796885][ T5053] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 78.798218][ T5053] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded9bd10 [ 78.799485][ T5053] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.800830][ T5053] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.802133][ T5053] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.803510][ T5053] x11: 0000000000000002 x10: 0000000000000000 x9 : 70cd6e8c4c558a00 [ 78.804895][ T5053] x8 : 70cd6e8c4c558a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.806289][ T5053] x5 : ffff80001f9c6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.807654][ T5053] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.809117][ T5053] Call trace: [ 78.809672][ T5053] invalidate_bh_lru+0x128/0x22c [ 78.810519][ T5053] smp_call_function_many_cond+0xa50/0xeac [ 78.811503][ T5053] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.812416][ T5053] invalidate_bh_lrus+0x34/0x40 [ 78.813226][ T5053] blkdev_flush_mapping+0x16c/0x334 [ 78.814121][ T5053] blkdev_put+0x490/0x6ac [ 78.814794][ T5053] kill_block_super+0x98/0xdc [ 78.815502][ T5053] deactivate_locked_super+0xb8/0x134 [ 78.816341][ T5053] mount_bdev+0x284/0x358 [ 78.817054][ T5053] sysv_mount+0x44/0x58 [ 78.817703][ T5053] legacy_get_tree+0xd4/0x16c [ 78.818427][ T5053] vfs_get_tree+0x90/0x274 [ 78.819138][ T5053] do_new_mount+0x228/0x810 [ 78.819876][ T5053] path_mount+0x5bc/0x1008 [ 78.820544][ T5053] __arm64_sys_mount+0x514/0x5f0 [ 78.821336][ T5053] invoke_syscall+0x98/0x2b0 [ 78.822002][ T5053] el0_svc_common+0x138/0x258 [ 78.822697][ T5053] do_el0_svc+0x58/0x13c [ 78.823439][ T5053] el0_svc+0x78/0x1d0 [ 78.824121][ T5053] el0t_64_sync_handler+0xcc/0xe4 [ 78.824977][ T5053] el0t_64_sync+0x1a0/0x1a4 [ 78.825786][ T5053] irq event stamp: 1088 [ 78.826490][ T5053] hardirqs last enabled at (1087): [] kasan_quarantine_put+0xc4/0x200 [ 78.828071][ T5053] hardirqs last disabled at (1088): [] smp_call_function_many_cond+0xa44/0xeac [ 78.829976][ T5053] softirqs last enabled at (924): [] local_bh_enable+0x10/0x34 [ 78.831594][ T5053] softirqs last disabled at (922): [] local_bh_disable+0x10/0x34 [ 78.833197][ T5053] ---[ end trace ef99201762a031e6 ]--- [ 78.924241][ T5055] set_capacity_and_notify: 30 callbacks suppressed [ 78.924250][ T5055] loop0: detected capacity change from 0 to 128 1970/01/01 00:01:18 executed programs: 50 [ 78.962816][ T5055] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.964060][ T5055] Bad inode number on dev loop0: 2 is out of range [ 78.965223][ T5055] SysV FS: get root inode failed [ 78.966150][ T5055] oldfs: cannot read superblock [ 78.974286][ T4520] ------------[ cut here ]------------ [ 78.975193][ T4520] VFS: brelse: Trying to free free buffer [ 78.976176][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.977527][ T4520] Modules linked in: [ 78.978105][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 78.979490][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 78.981218][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.982541][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 78.983419][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 78.984351][ T4520] sp : ffff80001f6977c0 [ 78.985032][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 78.986372][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 78.987773][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303b148 [ 78.989318][ T4520] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 78.990637][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 78.991951][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 78.993348][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 78.994710][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.996109][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 78.997466][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.998790][ T4520] Call trace: [ 78.999411][ T4520] invalidate_bh_lru+0x128/0x22c [ 79.000275][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 79.001262][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.002102][ T4520] invalidate_bh_lrus+0x34/0x40 [ 79.002890][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 79.003800][ T4520] blkdev_put+0x490/0x6ac [ 79.004518][ T4520] blkdev_close+0x74/0xb0 [ 79.005240][ T4520] __fput+0x1c0/0x7e8 [ 79.005893][ T4520] ____fput+0x20/0x30 [ 79.006534][ T4520] task_work_run+0x12c/0x1d8 [ 79.007235][ T4520] do_notify_resume+0x2450/0x309c [ 79.007974][ T4520] el0_svc+0xf0/0x1d0 [ 79.008582][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 79.009388][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 79.010168][ T4520] irq event stamp: 251498 [ 79.010875][ T4520] hardirqs last enabled at (251497): [] kasan_quarantine_put+0xc4/0x200 [ 79.012559][ T4520] hardirqs last disabled at (251498): [] smp_call_function_many_cond+0xa44/0xeac [ 79.014306][ T4520] softirqs last enabled at (251286): [] local_bh_enable+0x10/0x34 [ 79.015914][ T4520] softirqs last disabled at (251284): [] local_bh_disable+0x10/0x34 [ 79.017609][ T4520] ---[ end trace ef99201762a031e7 ]--- [ 79.051472][ T5057] loop0: detected capacity change from 0 to 128 [ 79.145527][ T5057] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.146761][ T5057] Bad inode number on dev loop0: 2 is out of range [ 79.147821][ T5057] SysV FS: get root inode failed [ 79.148614][ T5057] oldfs: cannot read superblock [ 79.154148][ C0] ------------[ cut here ]------------ [ 79.155053][ C0] VFS: brelse: Trying to free free buffer [ 79.156057][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.157393][ C0] Modules linked in: [ 79.158015][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.159465][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.161067][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.162409][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.163374][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.164266][ C0] sp : ffff800008007de0 [ 79.164968][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 79.166330][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.167693][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd30e318 [ 79.169056][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.170278][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.171661][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.173014][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 79.174290][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.175645][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.176918][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.178307][ C0] Call trace: [ 79.178861][ C0] invalidate_bh_lru+0x128/0x22c [ 79.179742][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.180847][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.182016][ C0] ipi_handler+0x10c/0x6fc [ 79.182751][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.183745][ C0] handle_domain_irq+0x144/0x1fc [ 79.184560][ C0] gic_handle_irq+0x78/0x1b8 [ 79.185341][ C0] call_on_irq_stack+0x30/0x48 [ 79.186179][ C0] do_interrupt_handler+0x6c/0x88 [ 79.187053][ C0] el1_interrupt+0x30/0x58 [ 79.187817][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.188634][ C0] el1h_64_irq+0x78/0x7c [ 79.189354][ C0] arch_local_irq_restore+0x8/0x10 [ 79.190216][ C0] ___might_sleep+0x98/0x4d4 [ 79.190992][ C0] __might_sleep+0x98/0x124 [ 79.191726][ C0] __might_fault+0x80/0x128 [ 79.192465][ C0] xt_obj_to_user+0x58/0x3c8 [ 79.193195][ C0] xt_target_to_user+0x88/0x1a8 [ 79.194081][ C0] do_ip6t_get_ctl+0x104c/0x143c [ 79.194869][ C0] nf_getsockopt+0x264/0x284 [ 79.195669][ C0] ipv6_getsockopt+0x588/0x2538 [ 79.196547][ C0] tcp_getsockopt+0x210/0x2eec [ 79.197381][ C0] sock_common_getsockopt+0xa8/0xc4 [ 79.198298][ C0] __sys_getsockopt+0x1b8/0x250 [ 79.199063][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 79.199933][ C0] invoke_syscall+0x98/0x2b0 [ 79.200727][ C0] el0_svc_common+0x138/0x258 [ 79.201499][ C0] do_el0_svc+0x58/0x13c [ 79.202194][ C0] el0_svc+0x78/0x1d0 [ 79.202910][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.203734][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.204431][ C0] irq event stamp: 242566 [ 79.205114][ C0] hardirqs last enabled at (242565): [] alloc_counters+0x3d4/0x7a0 [ 79.206589][ C0] hardirqs last disabled at (242566): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.208117][ C0] softirqs last enabled at (242516): [] local_bh_enable+0x10/0x34 [ 79.209572][ C0] softirqs last disabled at (242514): [] local_bh_disable+0x10/0x34 [ 79.211157][ C0] ---[ end trace ef99201762a031e8 ]--- [ 79.263443][ T5059] loop0: detected capacity change from 0 to 128 [ 79.266208][ T5059] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.267366][ T5059] Bad inode number on dev loop0: 2 is out of range [ 79.268456][ T5059] SysV FS: get root inode failed [ 79.269321][ T5059] oldfs: cannot read superblock [ 79.281513][ T4520] ------------[ cut here ]------------ [ 79.282439][ T4520] VFS: brelse: Trying to free free buffer [ 79.283349][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.284875][ T4520] Modules linked in: [ 79.285551][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 79.286947][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.288727][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.290071][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 79.290969][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 79.291830][ T4520] sp : ffff80001f6977c0 [ 79.292494][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 79.293826][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.295245][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd30e6b8 [ 79.296600][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.297945][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.299355][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.300661][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 79.302021][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.303351][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.304828][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.306155][ T4520] Call trace: [ 79.306672][ T4520] invalidate_bh_lru+0x128/0x22c [ 79.307506][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 79.308401][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.309206][ T4520] invalidate_bh_lrus+0x34/0x40 [ 79.309962][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 79.310800][ T4520] blkdev_put+0x490/0x6ac [ 79.311545][ T4520] blkdev_close+0x74/0xb0 [ 79.312272][ T4520] __fput+0x1c0/0x7e8 [ 79.312904][ T4520] ____fput+0x20/0x30 [ 79.313496][ T4520] task_work_run+0x12c/0x1d8 [ 79.314214][ T4520] do_notify_resume+0x2450/0x309c [ 79.314957][ T4520] el0_svc+0xf0/0x1d0 [ 79.315566][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 79.316346][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 79.317004][ T4520] irq event stamp: 262318 [ 79.317619][ T4520] hardirqs last enabled at (262317): [] kasan_quarantine_put+0xc4/0x200 [ 79.319174][ T4520] hardirqs last disabled at (262318): [] smp_call_function_many_cond+0xa44/0xeac [ 79.320770][ T4520] softirqs last enabled at (261730): [] local_bh_enable+0x10/0x34 [ 79.322313][ T4520] softirqs last disabled at (261728): [] local_bh_disable+0x10/0x34 [ 79.323875][ T4520] ---[ end trace ef99201762a031e9 ]--- [ 79.387771][ T5067] loop0: detected capacity change from 0 to 128 [ 79.390393][ T5067] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.391725][ T5067] Bad inode number on dev loop0: 2 is out of range [ 79.392656][ T5067] SysV FS: get root inode failed [ 79.393366][ T5067] oldfs: cannot read superblock [ 79.397117][ C0] ------------[ cut here ]------------ [ 79.398092][ C0] VFS: brelse: Trying to free free buffer [ 79.399101][ C0] WARNING: CPU: 0 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.400555][ C0] Modules linked in: [ 79.401198][ C0] CPU: 0 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 79.402646][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.404335][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.405629][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.406481][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.407390][ C0] sp : ffff800008007de0 [ 79.408085][ C0] x29: ffff800008007de0 x28: ffff0000d6dd9b40 x27: 1fffe000341f225c [ 79.409532][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.410940][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303a148 [ 79.412367][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.413815][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.415122][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.416399][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : b2b9babd895b1a00 [ 79.417733][ C0] x8 : b2b9babd895b1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.419056][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.420453][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.421772][ C0] Call trace: [ 79.422253][ C0] invalidate_bh_lru+0x128/0x22c [ 79.423062][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.424028][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.425119][ C0] ipi_handler+0x10c/0x6fc [ 79.425805][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.426671][ C0] handle_domain_irq+0x144/0x1fc [ 79.427431][ C0] gic_handle_irq+0x78/0x1b8 [ 79.428174][ C0] call_on_irq_stack+0x30/0x48 [ 79.428877][ C0] do_interrupt_handler+0x6c/0x88 [ 79.429692][ C0] el1_interrupt+0x30/0x58 [ 79.430414][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.431199][ C0] el1h_64_irq+0x78/0x7c [ 79.431881][ C0] kasan_quarantine_put+0xd4/0x200 [ 79.432692][ C0] ____kasan_slab_free+0x124/0x164 [ 79.433576][ C0] __kasan_slab_free+0x18/0x28 [ 79.434361][ C0] slab_free_freelist_hook+0x128/0x1e4 [ 79.435312][ C0] kfree+0x16c/0x400 [ 79.435974][ C0] tomoyo_check_open_permission+0x274/0x35c [ 79.437029][ C0] tomoyo_file_open+0x130/0x1a8 [ 79.437811][ C0] security_file_open+0x6c/0xac [ 79.438594][ C0] do_dentry_open+0x29c/0xe9c [ 79.439323][ C0] vfs_open+0x7c/0x90 [ 79.440020][ C0] path_openat+0x1fc4/0x2718 [ 79.440740][ C0] do_filp_open+0x184/0x368 [ 79.441433][ C0] do_sys_openat2+0x134/0x3f4 [ 79.442171][ C0] __arm64_sys_openat+0x118/0x14c [ 79.442973][ C0] invoke_syscall+0x98/0x2b0 [ 79.443646][ C0] el0_svc_common+0x138/0x258 [ 79.444444][ C0] do_el0_svc+0x58/0x13c [ 79.445168][ C0] el0_svc+0x78/0x1d0 [ 79.445806][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.446607][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.447345][ C0] irq event stamp: 972678 [ 79.448097][ C0] hardirqs last enabled at (972677): [] kasan_quarantine_put+0xc4/0x200 [ 79.449697][ C0] hardirqs last disabled at (972678): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.451410][ C0] softirqs last enabled at (972644): [] local_bh_enable+0x10/0x34 [ 79.452943][ C0] softirqs last disabled at (972642): [] local_bh_disable+0x10/0x34 [ 79.454601][ C0] ---[ end trace ef99201762a031ea ]--- [ 79.488410][ T5069] loop0: detected capacity change from 0 to 128 [ 79.490453][ T5069] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.492422][ T5069] Bad inode number on dev loop0: 2 is out of range [ 79.493495][ T5069] SysV FS: get root inode failed [ 79.494321][ T5069] oldfs: cannot read superblock [ 79.501334][ T4520] ------------[ cut here ]------------ [ 79.502193][ T4520] VFS: brelse: Trying to free free buffer [ 79.503146][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.504528][ T4520] Modules linked in: [ 79.505111][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 79.506475][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.508184][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.509590][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 79.510542][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 79.511478][ T4520] sp : ffff80001f6977c0 [ 79.512192][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 79.513532][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.514860][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303a4e8 [ 79.516434][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 79.517825][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.519131][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.520357][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 79.521617][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.523042][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.524378][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.525625][ T4520] Call trace: [ 79.526079][ T4520] invalidate_bh_lru+0x128/0x22c [ 79.526824][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 79.527746][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.528587][ T4520] invalidate_bh_lrus+0x34/0x40 [ 79.529393][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 79.530263][ T4520] blkdev_put+0x490/0x6ac [ 79.531062][ T4520] blkdev_close+0x74/0xb0 [ 79.531771][ T4520] __fput+0x1c0/0x7e8 [ 79.532481][ T4520] ____fput+0x20/0x30 [ 79.533244][ T4520] task_work_run+0x12c/0x1d8 [ 79.534052][ T4520] do_notify_resume+0x2450/0x309c [ 79.534830][ T4520] el0_svc+0xf0/0x1d0 [ 79.535475][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 79.536336][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 79.537094][ T4520] irq event stamp: 270492 [ 79.537882][ T4520] hardirqs last enabled at (270491): [] kasan_quarantine_put+0xc4/0x200 [ 79.539617][ T4520] hardirqs last disabled at (270492): [] smp_call_function_many_cond+0xa44/0xeac [ 79.541331][ T4520] softirqs last enabled at (270286): [] local_bh_enable+0x10/0x34 [ 79.542719][ T4520] softirqs last disabled at (270284): [] local_bh_disable+0x10/0x34 [ 79.544355][ T4520] ---[ end trace ef99201762a031eb ]--- [ 79.573277][ T5071] loop0: detected capacity change from 0 to 128 [ 79.575891][ T5071] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.577159][ T5071] Bad inode number on dev loop0: 2 is out of range [ 79.578177][ T5071] SysV FS: get root inode failed [ 79.578977][ T5071] oldfs: cannot read superblock [ 79.587488][ C0] ------------[ cut here ]------------ [ 79.588371][ C0] VFS: brelse: Trying to free free buffer [ 79.589396][ C0] WARNING: CPU: 0 PID: 5072 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.590752][ C0] Modules linked in: [ 79.591345][ C0] CPU: 0 PID: 5072 Comm: syz.0.70 Tainted: G W syzkaller #0 [ 79.592683][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.594429][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.595723][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.596561][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.597466][ C0] sp : ffff800008007de0 [ 79.598166][ C0] x29: ffff800008007de0 x28: ffff0000d1a39b40 x27: 1fffe000341f225c [ 79.599626][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.601102][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303a888 [ 79.602482][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.603886][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.605237][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.606517][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 44253ebe6575c500 [ 79.607893][ C0] x8 : 44253ebe6575c500 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.609261][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.610645][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.612090][ C0] Call trace: [ 79.612666][ C0] invalidate_bh_lru+0x128/0x22c [ 79.613515][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.614557][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.615684][ C0] ipi_handler+0x10c/0x6fc [ 79.616443][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.617399][ C0] handle_domain_irq+0x144/0x1fc [ 79.618156][ C0] gic_handle_irq+0x78/0x1b8 [ 79.618825][ C0] call_on_irq_stack+0x30/0x48 [ 79.619615][ C0] do_interrupt_handler+0x6c/0x88 [ 79.620471][ C0] el1_interrupt+0x30/0x58 [ 79.621211][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.622036][ C0] el1h_64_irq+0x78/0x7c [ 79.622751][ C0] el0_svc_common+0xa8/0x258 [ 79.623569][ C0] do_el0_svc+0x58/0x13c [ 79.624270][ C0] el0_svc+0x78/0x1d0 [ 79.624948][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.625796][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.626511][ C0] irq event stamp: 1282 [ 79.627204][ C0] hardirqs last enabled at (1281): [] el0_svc_common+0x9c/0x258 [ 79.628694][ C0] hardirqs last disabled at (1282): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.630352][ C0] softirqs last enabled at (1066): [] local_bh_enable+0x10/0x34 [ 79.631947][ C0] softirqs last disabled at (1064): [] local_bh_disable+0x10/0x34 [ 79.633589][ C0] ---[ end trace ef99201762a031ec ]--- [ 79.684427][ T5073] loop0: detected capacity change from 0 to 128 [ 79.686595][ T5073] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.688136][ T5073] Bad inode number on dev loop0: 2 is out of range [ 79.689293][ T5073] SysV FS: get root inode failed [ 79.690202][ T5073] oldfs: cannot read superblock [ 79.697873][ C1] ------------[ cut here ]------------ [ 79.698770][ C1] VFS: brelse: Trying to free free buffer [ 79.699749][ C1] WARNING: CPU: 1 PID: 5074 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.701316][ C1] Modules linked in: [ 79.701948][ C1] CPU: 1 PID: 5074 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.703476][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.705218][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.706604][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.707548][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.708475][ C1] sp : ffff800008017de0 [ 79.709166][ C1] x29: ffff800008017de0 x28: ffff0000dc0c8000 x27: 1fffe000341f645c [ 79.710602][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 79.711913][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303b4e8 [ 79.713289][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 79.714651][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.716100][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.717534][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : e14ed7ff68b86d00 [ 79.718904][ C1] x8 : e14ed7ff68b86d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.720257][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.721475][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.722854][ C1] Call trace: [ 79.723430][ C1] invalidate_bh_lru+0x128/0x22c [ 79.724209][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.725252][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.726388][ C1] ipi_handler+0x10c/0x6fc [ 79.727089][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.727916][ C1] handle_domain_irq+0x144/0x1fc [ 79.728743][ C1] gic_handle_irq+0x78/0x1b8 [ 79.729488][ C1] call_on_irq_stack+0x30/0x48 [ 79.730262][ C1] do_interrupt_handler+0x6c/0x88 [ 79.731066][ C1] el1_interrupt+0x30/0x58 [ 79.731786][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.732674][ C1] el1h_64_irq+0x78/0x7c [ 79.733406][ C1] arch_local_irq_restore+0x8/0x10 [ 79.734288][ C1] xas_find+0x480/0x8f8 [ 79.735024][ C1] xas_next_entry+0x344/0x394 [ 79.735849][ C1] filemap_map_pages+0x95c/0xc54 [ 79.736700][ C1] handle_mm_fault+0x188c/0x2a28 [ 79.737514][ C1] do_page_fault+0x67c/0xab0 [ 79.738342][ C1] do_translation_fault+0xe0/0x130 [ 79.739243][ C1] do_mem_abort+0x6c/0x1ac [ 79.739938][ C1] el0_ia+0xe0/0x2b8 [ 79.740599][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 79.741467][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.742270][ C1] irq event stamp: 424 [ 79.742964][ C1] hardirqs last enabled at (423): [] lock_page_memcg+0x110/0x22c [ 79.744617][ C1] hardirqs last disabled at (424): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.746199][ C1] softirqs last enabled at (60): [] local_bh_enable+0x10/0x34 [ 79.747800][ C1] softirqs last disabled at (58): [] local_bh_disable+0x10/0x34 [ 79.749248][ C1] ---[ end trace ef99201762a031ed ]--- [ 79.792646][ T5075] loop0: detected capacity change from 0 to 128 [ 79.800205][ T5075] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.801654][ T5075] Bad inode number on dev loop0: 2 is out of range [ 79.802867][ T5075] SysV FS: get root inode failed [ 79.803724][ T5075] oldfs: cannot read superblock [ 79.808660][ C1] ------------[ cut here ]------------ [ 79.809497][ C1] VFS: brelse: Trying to free free buffer [ 79.810556][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.812076][ C1] Modules linked in: [ 79.812750][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.814348][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.816184][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.817558][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.818405][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.819340][ C1] sp : ffff800008017de0 [ 79.820041][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 79.821336][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 79.822674][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303b888 [ 79.824089][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.825499][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.826959][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 79.828406][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 79.829761][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.831155][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.832586][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.833872][ C1] Call trace: [ 79.834416][ C1] invalidate_bh_lru+0x128/0x22c [ 79.835286][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.836364][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.837557][ C1] ipi_handler+0x10c/0x6fc [ 79.838345][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.839272][ C1] handle_domain_irq+0x144/0x1fc [ 79.840125][ C1] gic_handle_irq+0x78/0x1b8 [ 79.840869][ C1] call_on_irq_stack+0x30/0x48 [ 79.841689][ C1] do_interrupt_handler+0x6c/0x88 [ 79.842578][ C1] el1_interrupt+0x30/0x58 [ 79.843293][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.844113][ C1] el1h_64_irq+0x78/0x7c [ 79.844795][ C1] __sanitizer_cov_trace_cmp8+0xbc/0xc0 [ 79.845664][ C1] arch_stack_walk+0x200/0x2bc [ 79.846391][ C1] stack_trace_save+0x9c/0xf0 [ 79.847249][ C1] __kasan_kmalloc+0xb0/0xf0 [ 79.848088][ C1] __kmalloc_node+0x2ac/0x508 [ 79.848913][ C1] __vmalloc_node_range+0x2b8/0x8c8 [ 79.849832][ C1] vzalloc+0x110/0x188 [ 79.850496][ C1] alloc_counters+0x84/0x7a0 [ 79.851314][ C1] do_ip6t_get_ctl+0xb68/0x143c [ 79.852150][ C1] nf_getsockopt+0x264/0x284 [ 79.852922][ C1] ipv6_getsockopt+0x588/0x2538 [ 79.853764][ C1] tcp_getsockopt+0x210/0x2eec [ 79.854596][ C1] sock_common_getsockopt+0xa8/0xc4 [ 79.855472][ C1] __sys_getsockopt+0x1b8/0x250 [ 79.856354][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 79.857269][ C1] invoke_syscall+0x98/0x2b0 [ 79.858009][ C1] el0_svc_common+0x138/0x258 [ 79.858753][ C1] do_el0_svc+0x58/0x13c [ 79.859423][ C1] el0_svc+0x78/0x1d0 [ 79.860100][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.860899][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.861617][ C1] irq event stamp: 259170 [ 79.862371][ C1] hardirqs last enabled at (259169): [] ___slab_alloc+0xc18/0xd8c [ 79.863837][ C1] hardirqs last disabled at (259170): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.865534][ C1] softirqs last enabled at (259130): [] local_bh_enable+0x10/0x34 [ 79.867148][ C1] softirqs last disabled at (259128): [] local_bh_disable+0x10/0x34 [ 79.868717][ C1] ---[ end trace ef99201762a031ee ]--- [ 79.891927][ T5077] loop0: detected capacity change from 0 to 128 [ 79.896481][ T5077] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.898167][ T5077] Bad inode number on dev loop0: 2 is out of range [ 79.899176][ T5077] SysV FS: get root inode failed [ 79.899980][ T5077] oldfs: cannot read superblock [ 79.905974][ C0] ------------[ cut here ]------------ [ 79.906832][ C0] VFS: brelse: Trying to free free buffer [ 79.907869][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.909309][ C0] Modules linked in: [ 79.909933][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.911556][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 79.913252][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.914504][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.915390][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.916278][ C0] sp : ffff800008007de0 [ 79.916979][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 79.918264][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 79.919694][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303ac28 [ 79.921052][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 79.922552][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 79.923962][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 79.925367][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 79.926774][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.928200][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 79.929510][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.930932][ C0] Call trace: [ 79.931518][ C0] invalidate_bh_lru+0x128/0x22c [ 79.932342][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.933410][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.934506][ C0] ipi_handler+0x10c/0x6fc [ 79.935216][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.936106][ C0] handle_domain_irq+0x144/0x1fc [ 79.936857][ C0] gic_handle_irq+0x78/0x1b8 [ 79.937631][ C0] call_on_irq_stack+0x30/0x48 [ 79.938418][ C0] do_interrupt_handler+0x6c/0x88 [ 79.939236][ C0] el1_interrupt+0x30/0x58 [ 79.940012][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.940825][ C0] el1h_64_irq+0x78/0x7c [ 79.941537][ C0] get_page_from_freelist+0x2210/0x2a68 [ 79.942512][ C0] __alloc_pages+0x1a0/0x470 [ 79.943288][ C0] alloc_pages+0x34c/0x5c0 [ 79.944096][ C0] __vmalloc_node_range+0x50c/0x8c8 [ 79.945028][ C0] vzalloc+0x110/0x188 [ 79.945733][ C0] alloc_counters+0x84/0x7a0 [ 79.946520][ C0] do_ipt_get_ctl+0xb68/0x143c [ 79.947324][ C0] nf_getsockopt+0x264/0x284 [ 79.948016][ C0] ip_getsockopt+0x122c/0x1664 [ 79.948834][ C0] tcp_getsockopt+0x210/0x2eec [ 79.949692][ C0] sock_common_getsockopt+0xa8/0xc4 [ 79.950626][ C0] __sys_getsockopt+0x1b8/0x250 [ 79.951464][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 79.952371][ C0] invoke_syscall+0x98/0x2b0 [ 79.953187][ C0] el0_svc_common+0x138/0x258 [ 79.953926][ C0] do_el0_svc+0x58/0x13c [ 79.954635][ C0] el0_svc+0x78/0x1d0 [ 79.955320][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.956137][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.956847][ C0] irq event stamp: 261456 [ 79.957555][ C0] hardirqs last enabled at (261455): [] get_page_from_freelist+0x2200/0x2a68 [ 79.959410][ C0] hardirqs last disabled at (261456): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.961144][ C0] softirqs last enabled at (261446): [] release_sock+0x1d0/0x258 [ 79.962593][ C0] softirqs last disabled at (261444): [] release_sock+0x34/0x258 [ 79.964175][ C0] ---[ end trace ef99201762a031ef ]--- [ 80.003748][ T5079] loop0: detected capacity change from 0 to 128 [ 80.005751][ T5079] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.007007][ T5079] Bad inode number on dev loop0: 2 is out of range [ 80.008118][ T5079] SysV FS: get root inode failed [ 80.008990][ T5079] oldfs: cannot read superblock [ 80.038122][ T4520] ------------[ cut here ]------------ [ 80.039047][ T4520] VFS: brelse: Trying to free free buffer [ 80.040081][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.041479][ T4520] Modules linked in: [ 80.042111][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 80.043442][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.044977][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.046181][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 80.046957][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 80.047842][ T4520] sp : ffff80001f6977c0 [ 80.048488][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 80.049922][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 80.051320][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dede4060 [ 80.052605][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.053968][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.055339][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.056742][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 80.058165][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.059419][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.060751][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.062130][ T4520] Call trace: [ 80.062686][ T4520] invalidate_bh_lru+0x128/0x22c [ 80.063546][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 80.064545][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.065412][ T4520] invalidate_bh_lrus+0x34/0x40 [ 80.066240][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 80.067112][ T4520] blkdev_put+0x490/0x6ac [ 80.067885][ T4520] blkdev_close+0x74/0xb0 [ 80.068615][ T4520] __fput+0x1c0/0x7e8 [ 80.069250][ T4520] ____fput+0x20/0x30 [ 80.069881][ T4520] task_work_run+0x12c/0x1d8 [ 80.070601][ T4520] do_notify_resume+0x2450/0x309c [ 80.071368][ T4520] el0_svc+0xf0/0x1d0 [ 80.071977][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 80.072743][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 80.073428][ T4520] irq event stamp: 293332 [ 80.074125][ T4520] hardirqs last enabled at (293331): [] kasan_quarantine_put+0xc4/0x200 [ 80.075711][ T4520] hardirqs last disabled at (293332): [] smp_call_function_many_cond+0xa44/0xeac [ 80.077380][ T4520] softirqs last enabled at (293110): [] local_bh_enable+0x10/0x34 [ 80.078834][ T4520] softirqs last disabled at (293108): [] local_bh_disable+0x10/0x34 [ 80.080379][ T4520] ---[ end trace ef99201762a031f0 ]--- [ 80.114582][ T5083] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.115780][ T5083] Bad inode number on dev loop0: 2 is out of range [ 80.116853][ T5083] SysV FS: get root inode failed [ 80.117706][ T5083] oldfs: cannot read superblock [ 80.120437][ C0] ------------[ cut here ]------------ [ 80.121337][ C0] VFS: brelse: Trying to free free buffer [ 80.122233][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.123551][ C0] Modules linked in: [ 80.124198][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.125755][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.127476][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.128826][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 80.129746][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 80.130638][ C0] sp : ffff800008007de0 [ 80.131384][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 80.132743][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 80.134115][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dede4400 [ 80.135419][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 80.136789][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.138169][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.139548][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 80.140946][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.142268][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.143554][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.144896][ C0] Call trace: [ 80.145453][ C0] invalidate_bh_lru+0x128/0x22c [ 80.146289][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.147270][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.148383][ C0] ipi_handler+0x10c/0x6fc [ 80.149136][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 80.150038][ C0] handle_domain_irq+0x144/0x1fc [ 80.150909][ C0] gic_handle_irq+0x78/0x1b8 [ 80.151698][ C0] call_on_irq_stack+0x30/0x48 [ 80.152479][ C0] do_interrupt_handler+0x6c/0x88 [ 80.153295][ C0] el1_interrupt+0x30/0x58 [ 80.154014][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.154836][ C0] el1h_64_irq+0x78/0x7c [ 80.155521][ C0] account_kernel_stack+0x150/0x26c [ 80.156394][ C0] put_task_stack+0xa0/0x174 [ 80.157220][ C0] finish_task_switch+0x344/0x69c [ 80.158026][ C0] __schedule+0xe00/0x1bc4 [ 80.158765][ C0] schedule+0x11c/0x1c8 [ 80.159418][ C0] do_nanosleep+0x1a8/0x668 [ 80.160172][ C0] hrtimer_nanosleep+0x184/0x2f8 [ 80.161104][ C0] common_nsleep+0xa0/0xb8 [ 80.161882][ C0] __arm64_sys_clock_nanosleep+0x33c/0x378 [ 80.162957][ C0] invoke_syscall+0x98/0x2b0 [ 80.163771][ C0] el0_svc_common+0x138/0x258 [ 80.164578][ C0] do_el0_svc+0x58/0x13c [ 80.165318][ C0] el0_svc+0x78/0x1d0 [ 80.166039][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.166848][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.167584][ C0] irq event stamp: 266536 [ 80.168252][ C0] hardirqs last enabled at (266535): [] account_kernel_stack+0x130/0x26c [ 80.169891][ C0] hardirqs last disabled at (266536): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.171498][ C0] softirqs last enabled at (266464): [] local_bh_enable+0x10/0x34 [ 80.172986][ C0] softirqs last disabled at (266462): [] local_bh_disable+0x10/0x34 [ 80.174656][ C0] ---[ end trace ef99201762a031f1 ]--- [ 80.233970][ T5085] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.235223][ T5085] Bad inode number on dev loop0: 2 is out of range [ 80.236288][ T5085] SysV FS: get root inode failed [ 80.237255][ T5085] oldfs: cannot read superblock [ 80.243860][ C0] ------------[ cut here ]------------ [ 80.244706][ C0] VFS: brelse: Trying to free free buffer [ 80.245734][ C0] WARNING: CPU: 0 PID: 5086 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.247111][ C0] Modules linked in: [ 80.247757][ C0] CPU: 0 PID: 5086 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.249209][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.250883][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.252135][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 80.252995][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 80.253823][ C0] sp : ffff800008007de0 [ 80.254532][ C0] x29: ffff800008007de0 x28: ffff0000ce8d9b40 x27: 1fffe000341f225c [ 80.255924][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 80.257342][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dede47a0 [ 80.258746][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.260087][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.261516][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.262871][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cd97baa84ea40900 [ 80.264134][ C0] x8 : cd97baa84ea40900 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.265424][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.266689][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.268102][ C0] Call trace: [ 80.268651][ C0] invalidate_bh_lru+0x128/0x22c [ 80.269478][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.270437][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.271641][ C0] ipi_handler+0x10c/0x6fc [ 80.272359][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 80.273325][ C0] handle_domain_irq+0x144/0x1fc [ 80.274137][ C0] gic_handle_irq+0x78/0x1b8 [ 80.274922][ C0] call_on_irq_stack+0x30/0x48 [ 80.275740][ C0] do_interrupt_handler+0x6c/0x88 [ 80.276579][ C0] el1_interrupt+0x30/0x58 [ 80.277317][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.278140][ C0] el1h_64_irq+0x78/0x7c [ 80.278883][ C0] seqcount_lockdep_reader_access+0x21c/0x2c0 [ 80.279805][ C0] ktime_get_coarse_real_ts64+0x44/0x134 [ 80.280721][ C0] current_time+0x94/0x2a0 [ 80.281483][ C0] shmem_get_inode+0x334/0x964 [ 80.282310][ C0] shmem_symlink+0xa4/0x498 [ 80.283120][ C0] vfs_symlink+0x238/0x3b0 [ 80.283895][ C0] do_symlinkat+0x188/0x5b4 [ 80.284667][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 80.285488][ C0] invoke_syscall+0x98/0x2b0 [ 80.286222][ C0] el0_svc_common+0x138/0x258 [ 80.287076][ C0] do_el0_svc+0x58/0x13c [ 80.287785][ C0] el0_svc+0x78/0x1d0 [ 80.288520][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.289362][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.290083][ C0] irq event stamp: 830 [ 80.290748][ C0] hardirqs last enabled at (829): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 80.292318][ C0] hardirqs last disabled at (830): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.293811][ C0] softirqs last enabled at (702): [] local_bh_enable+0x10/0x34 [ 80.295191][ C0] softirqs last disabled at (700): [] local_bh_disable+0x10/0x34 [ 80.296615][ C0] ---[ end trace ef99201762a031f2 ]--- [ 80.395281][ T5087] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.396526][ T5087] Bad inode number on dev loop0: 2 is out of range [ 80.397595][ T5087] SysV FS: get root inode failed [ 80.398448][ T5087] oldfs: cannot read superblock [ 80.399319][ C1] ------------[ cut here ]------------ [ 80.400305][ C1] VFS: brelse: Trying to free free buffer [ 80.401291][ C1] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.402734][ C1] Modules linked in: [ 80.403387][ C1] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 80.404800][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.406492][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.407678][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.408503][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.409375][ C1] sp : ffff800008017de0 [ 80.410082][ C1] x29: ffff800008017de0 x28: ffff0000d66bb680 x27: 1fffe000341f645b [ 80.411378][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 80.412709][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e303bc28 [ 80.414027][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.415349][ C1] x17: 0000000000010002 x16: ffff800008304af8 x15: 00000000ffffffff [ 80.416756][ C1] x14: 0000000000000001 x13: 1ffff00001002edc x12: 0000000000ff0100 [ 80.418086][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 982a2391685bd900 [ 80.419543][ C1] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.420857][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008304c08 [ 80.422188][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.423581][ C1] Call trace: [ 80.424079][ C1] invalidate_bh_lru+0x128/0x22c [ 80.424890][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.425836][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.426970][ C1] ipi_handler+0x10c/0x6fc [ 80.427749][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.428653][ C1] handle_domain_irq+0x144/0x1fc [ 80.429499][ C1] gic_handle_irq+0x78/0x1b8 [ 80.430284][ C1] call_on_irq_stack+0x30/0x48 [ 80.431043][ C1] do_interrupt_handler+0x6c/0x88 [ 80.431829][ C1] el1_interrupt+0x30/0x58 [ 80.432535][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.433336][ C1] el1h_64_irq+0x78/0x7c [ 80.434068][ C1] __netlink_lookup+0x400/0x790 [ 80.434909][ C1] netlink_lookup+0xd8/0x228 [ 80.435710][ C1] netlink_unicast+0x12c/0x890 [ 80.436471][ C1] netlink_sendmsg+0x6f4/0x9d8 [ 80.437268][ C1] ____sys_sendmsg+0x62c/0x940 [ 80.438183][ C1] ___sys_sendmsg+0x1f0/0x27c [ 80.438961][ C1] __arm64_sys_sendmsg+0x1bc/0x278 [ 80.439827][ C1] invoke_syscall+0x98/0x2b0 [ 80.440511][ C1] el0_svc_common+0x138/0x258 [ 80.441272][ C1] do_el0_svc+0x58/0x13c [ 80.441997][ C1] el0_svc+0x78/0x1d0 [ 80.442637][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.443487][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.444274][ C1] irq event stamp: 302832 [ 80.444904][ C1] hardirqs last enabled at (302831): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.446583][ C1] hardirqs last disabled at (302832): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.448132][ C1] softirqs last enabled at (302820): [] local_bh_enable+0x10/0x34 [ 80.449520][ C1] softirqs last disabled at (302818): [] local_bh_disable+0x10/0x34 [ 80.450964][ C1] ---[ end trace ef99201762a031f3 ]--- [ 80.582500][ T5089] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.583802][ T5089] Bad inode number on dev loop0: 2 is out of range [ 80.584842][ T5089] SysV FS: get root inode failed [ 80.585659][ T5089] oldfs: cannot read superblock [ 80.594185][ C1] ------------[ cut here ]------------ [ 80.595178][ C1] VFS: brelse: Trying to free free buffer [ 80.596158][ C1] WARNING: CPU: 1 PID: 5091 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.597680][ C1] Modules linked in: [ 80.598314][ C1] CPU: 1 PID: 5091 Comm: syz.0.79 Tainted: G W syzkaller #0 [ 80.599773][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.601436][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.602807][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.603694][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.604543][ C1] sp : ffff800008017de0 [ 80.605174][ C1] x29: ffff800008017de0 x28: ffff0000d2eb0000 x27: 1fffe000341f645c [ 80.606472][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.607823][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3112060 [ 80.609114][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.610488][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.611772][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.612942][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : d45a64f87841a600 [ 80.614251][ C1] x8 : d45a64f87841a600 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.615540][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.616894][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.618205][ C1] Call trace: [ 80.618746][ C1] invalidate_bh_lru+0x128/0x22c [ 80.619608][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.620670][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.621854][ C1] ipi_handler+0x10c/0x6fc [ 80.622565][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.623343][ C1] handle_domain_irq+0x144/0x1fc [ 80.624070][ C1] gic_handle_irq+0x78/0x1b8 [ 80.624929][ C1] call_on_irq_stack+0x30/0x48 [ 80.625714][ C1] do_interrupt_handler+0x6c/0x88 [ 80.626575][ C1] el0_interrupt+0x94/0x248 [ 80.627294][ C1] __el0_irq_handler_common+0x18/0x24 [ 80.628224][ C1] el0t_64_irq_handler+0x10/0x1c [ 80.628996][ C1] el0t_64_irq+0x1a0/0x1a4 [ 80.629733][ C1] irq event stamp: 222 [ 80.630471][ C1] hardirqs last enabled at (221): [] el0t_64_sync_handler+0xd8/0xe4 [ 80.632192][ C1] hardirqs last disabled at (222): [] __el0_irq_handler_common+0x18/0x24 [ 80.633845][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 80.635328][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 80.636930][ C1] ---[ end trace ef99201762a031f4 ]--- [ 80.733340][ T5091] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.734548][ T5091] Bad inode number on dev loop0: 2 is out of range [ 80.735704][ T5091] SysV FS: get root inode failed [ 80.736520][ T5091] oldfs: cannot read superblock [ 80.742320][ T4520] ------------[ cut here ]------------ [ 80.743304][ T4520] VFS: brelse: Trying to free free buffer [ 80.744315][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.745772][ T4520] Modules linked in: [ 80.746452][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 80.747884][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.749617][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.751000][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 80.751899][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 80.752762][ T4520] sp : ffff80001f6977c0 [ 80.753478][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 80.754815][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 80.756119][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dede4b40 [ 80.757475][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 80.758818][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.760218][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.761525][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 80.762928][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.764282][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.765601][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.766988][ T4520] Call trace: [ 80.767487][ T4520] invalidate_bh_lru+0x128/0x22c [ 80.768290][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 80.769194][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.770003][ T4520] invalidate_bh_lrus+0x34/0x40 [ 80.770840][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 80.771743][ T4520] blkdev_put+0x490/0x6ac [ 80.772473][ T4520] blkdev_close+0x74/0xb0 [ 80.773183][ T4520] __fput+0x1c0/0x7e8 [ 80.773856][ T4520] ____fput+0x20/0x30 [ 80.774518][ T4520] task_work_run+0x12c/0x1d8 [ 80.775331][ T4520] do_notify_resume+0x2450/0x309c [ 80.776188][ T4520] el0_svc+0xf0/0x1d0 [ 80.776860][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 80.777685][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 80.778420][ T4520] irq event stamp: 312240 [ 80.779104][ T4520] hardirqs last enabled at (312239): [] kasan_quarantine_put+0xc4/0x200 [ 80.780629][ T4520] hardirqs last disabled at (312240): [] smp_call_function_many_cond+0xa44/0xeac [ 80.782288][ T4520] softirqs last enabled at (312022): [] local_bh_enable+0x10/0x34 [ 80.783865][ T4520] softirqs last disabled at (312020): [] local_bh_disable+0x10/0x34 [ 80.785311][ T4520] ---[ end trace ef99201762a031f5 ]--- [ 80.853828][ T5093] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.855054][ T5093] Bad inode number on dev loop0: 2 is out of range [ 80.856009][ T5093] SysV FS: get root inode failed [ 80.856861][ T5093] oldfs: cannot read superblock [ 80.865935][ C0] ------------[ cut here ]------------ [ 80.866875][ C0] VFS: brelse: Trying to free free buffer [ 80.867816][ C0] WARNING: CPU: 0 PID: 5095 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.869339][ C0] Modules linked in: [ 80.870075][ C0] CPU: 0 PID: 5095 Comm: syz.0.81 Tainted: G W syzkaller #0 [ 80.871427][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.873142][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.874532][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 80.875447][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 80.876306][ C0] sp : ffff800008007de0 [ 80.877057][ C0] x29: ffff800008007de0 x28: ffff0000e8751b40 x27: 1fffe000341f225c [ 80.878396][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 80.879641][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dede4ee0 [ 80.880966][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 80.882193][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.883427][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 80.884731][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 4b2cb5d8f9a52100 [ 80.886010][ C0] x8 : 4b2cb5d8f9a52100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.887405][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.888822][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.890220][ C0] Call trace: [ 80.890756][ C0] invalidate_bh_lru+0x128/0x22c [ 80.891519][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.892377][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.893391][ C0] ipi_handler+0x10c/0x6fc [ 80.894106][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 80.894979][ C0] handle_domain_irq+0x144/0x1fc [ 80.895812][ C0] gic_handle_irq+0x78/0x1b8 [ 80.896662][ C0] call_on_irq_stack+0x30/0x48 [ 80.897394][ C0] do_interrupt_handler+0x6c/0x88 [ 80.898218][ C0] el1_interrupt+0x30/0x58 [ 80.898907][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.899671][ C0] el1h_64_irq+0x78/0x7c [ 80.900288][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 80.901218][ C0] release_pages+0x1390/0x16dc [ 80.901958][ C0] free_pages_and_swap_cache+0x9c/0xb4 [ 80.902939][ C0] tlb_finish_mmu+0x1a0/0x37c [ 80.903696][ C0] unmap_region+0x2cc/0x328 [ 80.904477][ C0] __do_munmap+0x87c/0xc10 [ 80.905229][ C0] __vm_munmap+0x130/0x234 [ 80.905973][ C0] __arm64_sys_munmap+0x74/0x8c [ 80.906794][ C0] invoke_syscall+0x98/0x2b0 [ 80.907593][ C0] el0_svc_common+0x138/0x258 [ 80.908352][ C0] do_el0_svc+0x58/0x13c [ 80.909102][ C0] el0_svc+0x78/0x1d0 [ 80.909712][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.910544][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.911258][ C0] irq event stamp: 626 [ 80.911918][ C0] hardirqs last enabled at (625): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.913691][ C0] hardirqs last disabled at (626): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.915287][ C0] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 80.916806][ C0] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 80.918269][ C0] ---[ end trace ef99201762a031f6 ]--- [ 80.944490][ T5095] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.945757][ T5095] Bad inode number on dev loop0: 2 is out of range [ 80.946897][ T5095] SysV FS: get root inode failed [ 80.947724][ T5095] oldfs: cannot read superblock [ 80.952299][ C1] ------------[ cut here ]------------ [ 80.953182][ C1] VFS: brelse: Trying to free free buffer [ 80.954219][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 80.955615][ C1] Modules linked in: [ 80.956236][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.957719][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 80.959225][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.960516][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 80.961365][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 80.962266][ C1] sp : ffff800008017de0 [ 80.962984][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 80.964450][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 80.965805][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3112400 [ 80.967226][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 80.968592][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 80.969947][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 80.971379][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 80.972774][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.974139][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 80.975530][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.976839][ C1] Call trace: [ 80.977338][ C1] invalidate_bh_lru+0x128/0x22c [ 80.978108][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.979052][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.980164][ C1] ipi_handler+0x10c/0x6fc [ 80.980818][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 80.981715][ C1] handle_domain_irq+0x144/0x1fc [ 80.982589][ C1] gic_handle_irq+0x78/0x1b8 [ 80.983310][ C1] call_on_irq_stack+0x30/0x48 [ 80.984010][ C1] do_interrupt_handler+0x6c/0x88 [ 80.984785][ C1] el1_interrupt+0x30/0x58 [ 80.985513][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.986312][ C1] el1h_64_irq+0x78/0x7c [ 80.987025][ C1] call_rcu+0x580/0x8f4 [ 80.987692][ C1] dentry_free+0xa4/0x178 [ 80.988400][ C1] __dentry_kill+0x45c/0x598 [ 80.989218][ C1] dentry_kill+0xc8/0x248 [ 80.989901][ C1] dput+0x23c/0x458 [ 80.990501][ C1] do_rmdir+0x258/0x64c [ 80.991147][ C1] __arm64_sys_unlinkat+0xcc/0xfc [ 80.991935][ C1] invoke_syscall+0x98/0x2b0 [ 80.992723][ C1] el0_svc_common+0x138/0x258 [ 80.993448][ C1] do_el0_svc+0x58/0x13c [ 80.994163][ C1] el0_svc+0x78/0x1d0 [ 80.994882][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.995731][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.996483][ C1] irq event stamp: 280388 [ 80.997275][ C1] hardirqs last enabled at (280387): [] call_rcu+0x570/0x8f4 [ 80.998839][ C1] hardirqs last disabled at (280388): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.000558][ C1] softirqs last enabled at (280262): [] local_bh_enable+0x10/0x34 [ 81.002119][ C1] softirqs last disabled at (280260): [] local_bh_disable+0x10/0x34 [ 81.003751][ C1] ---[ end trace ef99201762a031f7 ]--- [ 81.048268][ T5097] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.049498][ T5097] Bad inode number on dev loop0: 2 is out of range [ 81.050909][ T5097] SysV FS: get root inode failed [ 81.051670][ T5097] oldfs: cannot read superblock [ 81.055659][ C0] ------------[ cut here ]------------ [ 81.056501][ C0] VFS: brelse: Trying to free free buffer [ 81.057504][ C0] WARNING: CPU: 0 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.058895][ C0] Modules linked in: [ 81.059469][ C0] CPU: 0 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.060953][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.062600][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.063882][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 81.064704][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 81.065582][ C0] sp : ffff800008007de0 [ 81.066267][ C0] x29: ffff800008007de0 x28: ffff0000ce893680 x27: 1fffe000341f225c [ 81.067648][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.068915][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded1f318 [ 81.070313][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 81.071661][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.073061][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.074467][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 81.075757][ C0] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.077014][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.078207][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.079476][ C0] Call trace: [ 81.080022][ C0] invalidate_bh_lru+0x128/0x22c [ 81.080863][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.081850][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.083060][ C0] ipi_handler+0x10c/0x6fc [ 81.083843][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 81.084852][ C0] handle_domain_irq+0x144/0x1fc [ 81.085705][ C0] gic_handle_irq+0x78/0x1b8 [ 81.086510][ C0] call_on_irq_stack+0x30/0x48 [ 81.087355][ C0] do_interrupt_handler+0x6c/0x88 [ 81.088258][ C0] el1_interrupt+0x30/0x58 [ 81.088985][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.089733][ C0] el1h_64_irq+0x78/0x7c [ 81.090421][ C0] __sanitizer_cov_trace_const_cmp4+0x14/0xc8 [ 81.091407][ C0] walk_stackframe+0x5c/0xa8 [ 81.092201][ C0] return_address+0xd8/0x15c [ 81.092903][ C0] preempt_count_add+0x14c/0x41c [ 81.093756][ C0] _raw_spin_lock+0x24/0x10c [ 81.094536][ C0] lockref_get_not_dead+0x30/0xd4 [ 81.095330][ C0] try_to_unlazy+0x110/0x600 [ 81.096083][ C0] complete_walk+0xe4/0x308 [ 81.096865][ C0] path_lookupat+0x1ec/0x3d0 [ 81.097600][ C0] filename_lookup+0x1b4/0x464 [ 81.098391][ C0] user_path_at_empty+0x5c/0x1a0 [ 81.099181][ C0] __arm64_sys_umount+0xf8/0x184 [ 81.099967][ C0] invoke_syscall+0x98/0x2b0 [ 81.100735][ C0] el0_svc_common+0x138/0x258 [ 81.101426][ C0] do_el0_svc+0x58/0x13c [ 81.102126][ C0] el0_svc+0x78/0x1d0 [ 81.102762][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.103637][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.104358][ C0] irq event stamp: 282616 [ 81.105002][ C0] hardirqs last enabled at (282615): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 81.106668][ C0] hardirqs last disabled at (282616): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.108243][ C0] softirqs last enabled at (282598): [] local_bh_enable+0x10/0x34 [ 81.109735][ C0] softirqs last disabled at (282596): [] local_bh_disable+0x10/0x34 [ 81.111303][ C0] ---[ end trace ef99201762a031f8 ]--- [ 81.159013][ T5099] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.160315][ T5099] Bad inode number on dev loop0: 2 is out of range [ 81.161862][ T5099] SysV FS: get root inode failed [ 81.162652][ T5099] oldfs: cannot read superblock [ 81.167267][ C1] ------------[ cut here ]------------ [ 81.168131][ C1] VFS: brelse: Trying to free free buffer [ 81.169100][ C1] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.170631][ C1] Modules linked in: [ 81.171342][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W syzkaller #0 [ 81.172703][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.174344][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.175651][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.176513][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.177379][ C1] sp : ffff800008017de0 [ 81.177994][ C1] x29: ffff800008017de0 x28: ffff0000c0a68000 x27: 1fffe000341f645c [ 81.179257][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.180588][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31127a0 [ 81.181829][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 81.183193][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.184554][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.185793][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : ef64b6a6361fbd00 [ 81.187061][ C1] x8 : ef64b6a6361fbd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.188465][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.189817][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.191133][ C1] Call trace: [ 81.191667][ C1] invalidate_bh_lru+0x128/0x22c [ 81.192509][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.193538][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.194697][ C1] ipi_handler+0x10c/0x6fc [ 81.195443][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.196360][ C1] handle_domain_irq+0x144/0x1fc [ 81.197186][ C1] gic_handle_irq+0x78/0x1b8 [ 81.197915][ C1] call_on_irq_stack+0x30/0x48 [ 81.198783][ C1] do_interrupt_handler+0x6c/0x88 [ 81.199666][ C1] el1_interrupt+0x30/0x58 [ 81.200389][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.201207][ C1] el1h_64_irq+0x78/0x7c [ 81.201923][ C1] arch_local_irq_enable+0xc/0x18 [ 81.202676][ C1] default_idle_call+0xcc/0x40c [ 81.203419][ C1] do_idle+0x2f8/0x56c [ 81.204088][ C1] cpu_startup_entry+0x24/0x28 [ 81.204827][ C1] secondary_start_kernel+0x23c/0x28c [ 81.205693][ C1] __secondary_switched+0x94/0x98 [ 81.206605][ C1] irq event stamp: 495386 [ 81.207326][ C1] hardirqs last enabled at (495385): [] default_idle_call+0xb8/0x40c [ 81.208908][ C1] hardirqs last disabled at (495386): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.210505][ C1] softirqs last enabled at (495328): [] handle_softirqs+0xa40/0xbe4 [ 81.212136][ C1] softirqs last disabled at (495287): [] __irq_exit_rcu+0x240/0x43c [ 81.213878][ C1] ---[ end trace ef99201762a031f9 ]--- [ 81.311983][ T5101] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.313254][ T5101] Bad inode number on dev loop0: 2 is out of range [ 81.314477][ T5101] SysV FS: get root inode failed [ 81.315300][ T5101] oldfs: cannot read superblock [ 81.324448][ T4520] ------------[ cut here ]------------ [ 81.325376][ T4520] VFS: brelse: Trying to free free buffer [ 81.326345][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.327906][ T4520] Modules linked in: [ 81.328601][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 81.330025][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.331809][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.333193][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 81.334072][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 81.335033][ T4520] sp : ffff80001f6977c0 [ 81.335681][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 81.337021][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.338408][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded1f6b8 [ 81.339719][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.341097][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.342389][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.343798][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 81.345225][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.346585][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.347889][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.349305][ T4520] Call trace: [ 81.349889][ T4520] invalidate_bh_lru+0x128/0x22c [ 81.350853][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 81.351799][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.352611][ T4520] invalidate_bh_lrus+0x34/0x40 [ 81.353422][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 81.354212][ T4520] blkdev_put+0x490/0x6ac [ 81.354947][ T4520] blkdev_close+0x74/0xb0 [ 81.355712][ T4520] __fput+0x1c0/0x7e8 [ 81.356463][ T4520] ____fput+0x20/0x30 [ 81.357159][ T4520] task_work_run+0x12c/0x1d8 [ 81.357979][ T4520] do_notify_resume+0x2450/0x309c [ 81.358838][ T4520] el0_svc+0xf0/0x1d0 [ 81.359539][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 81.360384][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 81.361170][ T4520] irq event stamp: 330092 [ 81.361823][ T4520] hardirqs last enabled at (330091): [] kasan_quarantine_put+0xc4/0x200 [ 81.363457][ T4520] hardirqs last disabled at (330092): [] smp_call_function_many_cond+0xa44/0xeac [ 81.365108][ T4520] softirqs last enabled at (329906): [] local_bh_enable+0x10/0x34 [ 81.366546][ T4520] softirqs last disabled at (329904): [] local_bh_disable+0x10/0x34 [ 81.368029][ T4520] ---[ end trace ef99201762a031fa ]--- [ 81.463630][ T5103] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.464891][ T5103] Bad inode number on dev loop0: 2 is out of range [ 81.465896][ T5103] SysV FS: get root inode failed [ 81.466706][ T5103] oldfs: cannot read superblock [ 81.471319][ C0] ------------[ cut here ]------------ [ 81.472222][ C0] VFS: brelse: Trying to free free buffer [ 81.473240][ C0] WARNING: CPU: 0 PID: 136 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.474791][ C0] Modules linked in: [ 81.475426][ C0] CPU: 0 PID: 136 Comm: kworker/u4:1 Tainted: G W syzkaller #0 [ 81.476815][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.478373][ C0] Workqueue: bat_events batadv_nc_worker [ 81.479317][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.480512][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 81.481408][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 81.482241][ C0] sp : ffff800008007de0 [ 81.482909][ C0] x29: ffff800008007de0 x28: ffff0000c25e8000 x27: 1fffe000341f225c [ 81.484166][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.485267][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded1fa58 [ 81.486361][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 81.487722][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.489126][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.490535][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 5cbeb70a164cb600 [ 81.491936][ C0] x8 : 5cbeb70a164cb600 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.493334][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.494635][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.496030][ C0] Call trace: [ 81.496620][ C0] invalidate_bh_lru+0x128/0x22c [ 81.497498][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.498535][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.499715][ C0] ipi_handler+0x10c/0x6fc [ 81.500407][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 81.501252][ C0] handle_domain_irq+0x144/0x1fc [ 81.502084][ C0] gic_handle_irq+0x78/0x1b8 [ 81.502894][ C0] call_on_irq_stack+0x30/0x48 [ 81.503701][ C0] do_interrupt_handler+0x6c/0x88 [ 81.504611][ C0] el1_interrupt+0x30/0x58 [ 81.505391][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.506255][ C0] el1h_64_irq+0x78/0x7c [ 81.506912][ C0] __local_bh_enable_ip+0x200/0x37c [ 81.507740][ C0] _raw_spin_unlock_bh+0xec/0x174 [ 81.508655][ C0] batadv_nc_purge_paths+0x300/0x388 [ 81.509544][ C0] batadv_nc_worker+0x300/0x554 [ 81.510303][ C0] process_one_work+0x79c/0x1138 [ 81.511166][ C0] worker_thread+0x8f4/0x1034 [ 81.511998][ C0] kthread+0x374/0x454 [ 81.512796][ C0] ret_from_fork+0x10/0x20 [ 81.513638][ C0] irq event stamp: 1921082 [ 81.514393][ C0] hardirqs last enabled at (1921081): [] __local_bh_enable_ip+0x1f8/0x37c [ 81.516142][ C0] hardirqs last disabled at (1921082): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.517771][ C0] softirqs last enabled at (1921080): [] batadv_nc_purge_paths+0x300/0x388 [ 81.519419][ C0] softirqs last disabled at (1921078): [] batadv_nc_purge_paths+0xd0/0x388 [ 81.521095][ C0] ---[ end trace ef99201762a031fb ]--- [ 81.560933][ T5105] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.562137][ T5105] Bad inode number on dev loop0: 2 is out of range [ 81.563197][ T5105] SysV FS: get root inode failed [ 81.563984][ T5105] oldfs: cannot read superblock [ 81.570459][ C1] ------------[ cut here ]------------ [ 81.571369][ C1] VFS: brelse: Trying to free free buffer [ 81.572336][ C1] WARNING: CPU: 1 PID: 5106 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.573786][ C1] Modules linked in: [ 81.574381][ C1] CPU: 1 PID: 5106 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.575636][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.577274][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.578456][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 81.579278][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 81.580207][ C1] sp : ffff800008017de0 [ 81.580919][ C1] x29: ffff800008017de0 x28: ffff0000de023680 x27: 1fffe000341f645c [ 81.582323][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 81.583535][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3112b40 [ 81.584774][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 81.586125][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.587544][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 81.588858][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : d20de01cbebea300 [ 81.590212][ C1] x8 : d20de01cbebea300 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.591606][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.592987][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.594425][ C1] Call trace: [ 81.594984][ C1] invalidate_bh_lru+0x128/0x22c [ 81.595867][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.596922][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.598139][ C1] ipi_handler+0x10c/0x6fc [ 81.598859][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 81.599826][ C1] handle_domain_irq+0x144/0x1fc [ 81.600687][ C1] gic_handle_irq+0x78/0x1b8 [ 81.601403][ C1] call_on_irq_stack+0x30/0x48 [ 81.602188][ C1] do_interrupt_handler+0x6c/0x88 [ 81.603022][ C1] el1_interrupt+0x30/0x58 [ 81.603705][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.604551][ C1] el1h_64_irq+0x78/0x7c [ 81.605302][ C1] do_raw_spin_lock+0x144/0x2fc [ 81.606093][ C1] _raw_spin_lock+0xb8/0x10c [ 81.606871][ C1] __d_add+0x44/0x610 [ 81.607505][ C1] d_add+0x4c/0x5c [ 81.608069][ C1] simple_lookup+0xcc/0xf0 [ 81.608802][ C1] lookup_one_qstr_excl+0x108/0x230 [ 81.609686][ C1] filename_create+0x1d0/0x3a8 [ 81.610563][ C1] do_symlinkat+0xc8/0x5b4 [ 81.611334][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 81.612206][ C1] invoke_syscall+0x98/0x2b0 [ 81.612971][ C1] el0_svc_common+0x138/0x258 [ 81.613755][ C1] do_el0_svc+0x58/0x13c [ 81.614411][ C1] el0_svc+0x78/0x1d0 [ 81.615067][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.615903][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.616637][ C1] irq event stamp: 696 [ 81.617272][ C1] hardirqs last enabled at (695): [] read_seqbegin+0x1fc/0x300 [ 81.618670][ C1] hardirqs last disabled at (696): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.620164][ C1] softirqs last enabled at (686): [] local_bh_enable+0x10/0x34 [ 81.621618][ C1] softirqs last disabled at (684): [] local_bh_disable+0x10/0x34 [ 81.623015][ C1] ---[ end trace ef99201762a031fc ]--- [ 81.691776][ T5107] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.693014][ T5107] Bad inode number on dev loop0: 2 is out of range [ 81.694108][ T5107] SysV FS: get root inode failed [ 81.694913][ T5107] oldfs: cannot read superblock [ 81.704295][ T4520] ------------[ cut here ]------------ [ 81.705234][ T4520] VFS: brelse: Trying to free free buffer [ 81.706203][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.707674][ T4520] Modules linked in: [ 81.708253][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 81.709598][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.711364][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.712740][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 81.713616][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 81.714531][ T4520] sp : ffff80001f6977c0 [ 81.715213][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 81.716478][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 81.717814][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ded1fdf8 [ 81.719168][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.720515][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.721826][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.723169][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 81.724498][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.725860][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.727199][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.728565][ T4520] Call trace: [ 81.729095][ T4520] invalidate_bh_lru+0x128/0x22c [ 81.729870][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 81.730848][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.731663][ T4520] invalidate_bh_lrus+0x34/0x40 [ 81.732476][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 81.733278][ T4520] blkdev_put+0x490/0x6ac [ 81.733932][ T4520] blkdev_close+0x74/0xb0 [ 81.734560][ T4520] __fput+0x1c0/0x7e8 [ 81.735225][ T4520] ____fput+0x20/0x30 [ 81.735890][ T4520] task_work_run+0x12c/0x1d8 [ 81.736636][ T4520] do_notify_resume+0x2450/0x309c [ 81.737481][ T4520] el0_svc+0xf0/0x1d0 [ 81.738167][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 81.739075][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 81.739798][ T4520] irq event stamp: 341312 [ 81.740559][ T4520] hardirqs last enabled at (341311): [] kasan_quarantine_put+0xc4/0x200 [ 81.742321][ T4520] hardirqs last disabled at (341312): [] smp_call_function_many_cond+0xa44/0xeac [ 81.744152][ T4520] softirqs last enabled at (341130): [] local_bh_enable+0x10/0x34 [ 81.745749][ T4520] softirqs last disabled at (341128): [] local_bh_disable+0x10/0x34 [ 81.747390][ T4520] ---[ end trace ef99201762a031fd ]--- [ 81.902044][ T5109] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.903175][ T5109] Bad inode number on dev loop0: 2 is out of range [ 81.904336][ T5109] SysV FS: get root inode failed [ 81.905064][ T5109] oldfs: cannot read superblock [ 81.913402][ T4520] ------------[ cut here ]------------ [ 81.914272][ T4520] VFS: brelse: Trying to free free buffer [ 81.915273][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 81.916799][ T4520] Modules linked in: [ 81.917465][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 81.918934][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 81.920594][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.921895][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 81.922744][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 81.923559][ T4520] sp : ffff80001f6977c0 [ 81.924155][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 81.925436][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 81.926791][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd30d230 [ 81.928108][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 81.929447][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 81.930769][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 81.932088][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 81.933387][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.934663][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 81.936073][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.937349][ T4520] Call trace: [ 81.937851][ T4520] invalidate_bh_lru+0x128/0x22c [ 81.938658][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 81.939671][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.940535][ T4520] invalidate_bh_lrus+0x34/0x40 [ 81.941357][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 81.942244][ T4520] blkdev_put+0x490/0x6ac [ 81.942965][ T4520] blkdev_close+0x74/0xb0 [ 81.943672][ T4520] __fput+0x1c0/0x7e8 [ 81.944334][ T4520] ____fput+0x20/0x30 [ 81.944981][ T4520] task_work_run+0x12c/0x1d8 [ 81.945708][ T4520] do_notify_resume+0x2450/0x309c [ 81.946534][ T4520] el0_svc+0xf0/0x1d0 [ 81.947172][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 81.947978][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 81.948684][ T4520] irq event stamp: 344752 [ 81.949360][ T4520] hardirqs last enabled at (344751): [] kasan_quarantine_put+0xc4/0x200 [ 81.951111][ T4520] hardirqs last disabled at (344752): [] smp_call_function_many_cond+0xa44/0xeac [ 81.952853][ T4520] softirqs last enabled at (344534): [] local_bh_enable+0x10/0x34 [ 81.954399][ T4520] softirqs last disabled at (344532): [] local_bh_disable+0x10/0x34 [ 81.955949][ T4520] ---[ end trace ef99201762a031fe ]--- [ 82.008017][ T5111] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.009194][ T5111] Bad inode number on dev loop0: 2 is out of range [ 82.010248][ T5111] SysV FS: get root inode failed [ 82.011964][ T5111] oldfs: cannot read superblock [ 82.018654][ C0] ------------[ cut here ]------------ [ 82.019550][ C0] VFS: brelse: Trying to free free buffer [ 82.020509][ C0] WARNING: CPU: 0 PID: 5112 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.021856][ C0] Modules linked in: [ 82.022513][ C0] CPU: 0 PID: 5112 Comm: syz.0.90 Tainted: G W syzkaller #0 [ 82.023975][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.025651][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.026835][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.027764][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.028623][ C0] sp : ffff800008007de0 [ 82.029336][ C0] x29: ffff800008007de0 x28: ffff0000ce89d1c0 x27: 1fffe000341f225c [ 82.030691][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 82.032025][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd30d5d0 [ 82.033361][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.034753][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.036179][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.037526][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 386f217b37105f00 [ 82.038828][ C0] x8 : 386f217b37105f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.040051][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.041296][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.042501][ C0] Call trace: [ 82.042998][ C0] invalidate_bh_lru+0x128/0x22c [ 82.043771][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.044614][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.045637][ C0] ipi_handler+0x10c/0x6fc [ 82.046318][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.047129][ C0] handle_domain_irq+0x144/0x1fc [ 82.047861][ C0] gic_handle_irq+0x78/0x1b8 [ 82.048667][ C0] call_on_irq_stack+0x30/0x48 [ 82.049431][ C0] do_interrupt_handler+0x6c/0x88 [ 82.050231][ C0] el1_interrupt+0x30/0x58 [ 82.050942][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.051766][ C0] el1h_64_irq+0x78/0x7c [ 82.052445][ C0] down_read+0xe4/0x38c [ 82.053126][ C0] validate_mm+0x94/0x86c [ 82.053796][ C0] __vma_adjust+0x14bc/0x184c [ 82.054534][ C0] vma_merge+0x8e0/0xaac [ 82.055248][ C0] mmap_region+0x884/0x1428 [ 82.055968][ C0] do_mmap+0x6ec/0xe40 [ 82.056615][ C0] vm_mmap_pgoff+0x190/0x294 [ 82.057397][ C0] ksys_mmap_pgoff+0x11c/0x634 [ 82.058128][ C0] __arm64_sys_mmap+0xf8/0x110 [ 82.058950][ C0] invoke_syscall+0x98/0x2b0 [ 82.059710][ C0] el0_svc_common+0x138/0x258 [ 82.060390][ C0] do_el0_svc+0x58/0x13c [ 82.061090][ C0] el0_svc+0x78/0x1d0 [ 82.061771][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.062559][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.063254][ C0] irq event stamp: 1270 [ 82.063888][ C0] hardirqs last enabled at (1269): [] el0_svc_common+0x9c/0x258 [ 82.065321][ C0] hardirqs last disabled at (1270): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.066884][ C0] softirqs last enabled at (1050): [] local_bh_enable+0x10/0x34 [ 82.068428][ C0] softirqs last disabled at (1048): [] local_bh_disable+0x10/0x34 [ 82.070091][ C0] ---[ end trace ef99201762a031ff ]--- [ 82.212024][ T5113] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.213192][ T5113] Bad inode number on dev loop0: 2 is out of range [ 82.214081][ T5113] SysV FS: get root inode failed [ 82.214961][ T5113] oldfs: cannot read superblock [ 82.226768][ C1] ------------[ cut here ]------------ [ 82.227663][ C1] VFS: brelse: Trying to free free buffer [ 82.228671][ C1] WARNING: CPU: 1 PID: 5115 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.230159][ C1] Modules linked in: [ 82.230855][ C1] CPU: 1 PID: 5115 Comm: syz.0.91 Tainted: G W syzkaller #0 [ 82.232296][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.233904][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.235116][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.235937][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.236721][ C1] sp : ffff800008017de0 [ 82.237338][ C1] x29: ffff800008017de0 x28: ffff0000ce5cd1c0 x27: 1fffe000341f645c [ 82.238524][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.239835][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e3112ee0 [ 82.241152][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.242498][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.243827][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.245194][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : ad9d3b26755b2a00 [ 82.246575][ C1] x8 : ad9d3b26755b2a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.247939][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.249283][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.250636][ C1] Call trace: [ 82.251201][ C1] invalidate_bh_lru+0x128/0x22c [ 82.252030][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.252988][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.254085][ C1] ipi_handler+0x10c/0x6fc [ 82.254763][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.255706][ C1] handle_domain_irq+0x144/0x1fc [ 82.256571][ C1] gic_handle_irq+0x78/0x1b8 [ 82.257384][ C1] call_on_irq_stack+0x30/0x48 [ 82.258178][ C1] do_interrupt_handler+0x6c/0x88 [ 82.259015][ C1] el1_interrupt+0x30/0x58 [ 82.259823][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.260642][ C1] el1h_64_irq+0x78/0x7c [ 82.261314][ C1] __memset+0xcc/0x1c0 [ 82.261977][ C1] __kasan_poison_pages+0x48/0x58 [ 82.262790][ C1] free_unref_page_prepare+0x324/0xa84 [ 82.263730][ C1] free_unref_page_list+0xdc/0x730 [ 82.264600][ C1] release_pages+0x13bc/0x16dc [ 82.265448][ C1] free_pages_and_swap_cache+0x9c/0xb4 [ 82.266372][ C1] tlb_finish_mmu+0x1a0/0x37c [ 82.267237][ C1] exit_mmap+0x2e0/0x508 [ 82.267973][ C1] __mmput+0xec/0x3a8 [ 82.268617][ C1] mmput+0x80/0xc0 [ 82.269188][ C1] exit_mm+0x4ac/0x664 [ 82.269823][ C1] do_exit+0x4f0/0x1f50 [ 82.270510][ C1] do_group_exit+0x100/0x268 [ 82.271361][ C1] get_signal+0x73c/0x1334 [ 82.272104][ C1] do_notify_resume+0x354/0x309c [ 82.272946][ C1] el0_svc+0xf0/0x1d0 [ 82.273602][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.274440][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.275181][ C1] irq event stamp: 1914 [ 82.275848][ C1] hardirqs last enabled at (1913): [] uncharge_batch+0x1cc/0x324 [ 82.277451][ C1] hardirqs last disabled at (1914): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.279102][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 82.280740][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 82.282329][ C1] ---[ end trace ef99201762a03200 ]--- [ 82.328970][ T5117] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.330203][ T5117] Bad inode number on dev loop0: 2 is out of range [ 82.332471][ T5117] SysV FS: get root inode failed [ 82.333601][ T5117] oldfs: cannot read superblock [ 82.342281][ T4520] ------------[ cut here ]------------ [ 82.343201][ T4520] VFS: brelse: Trying to free free buffer [ 82.344091][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.345494][ T4520] Modules linked in: [ 82.346188][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 82.347462][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.348997][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.350202][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 82.351116][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 82.351981][ T4520] sp : ffff80001f6977c0 [ 82.352631][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225c [ 82.354028][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 82.355314][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd30d970 [ 82.356731][ T4520] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.358126][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.359548][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.360956][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 82.362368][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.363784][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.365284][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.366593][ T4520] Call trace: [ 82.367154][ T4520] invalidate_bh_lru+0x128/0x22c [ 82.368024][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 82.369041][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.369901][ T4520] invalidate_bh_lrus+0x34/0x40 [ 82.370720][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 82.371626][ T4520] blkdev_put+0x490/0x6ac [ 82.372319][ T4520] blkdev_close+0x74/0xb0 [ 82.373060][ T4520] __fput+0x1c0/0x7e8 [ 82.373680][ T4520] ____fput+0x20/0x30 [ 82.374350][ T4520] task_work_run+0x12c/0x1d8 [ 82.375085][ T4520] do_notify_resume+0x2450/0x309c [ 82.375872][ T4520] el0_svc+0xf0/0x1d0 [ 82.376542][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 82.377449][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 82.378210][ T4520] irq event stamp: 361802 [ 82.378945][ T4520] hardirqs last enabled at (361801): [] kasan_quarantine_put+0xc4/0x200 [ 82.380442][ T4520] hardirqs last disabled at (361802): [] smp_call_function_many_cond+0xa44/0xeac [ 82.382249][ T4520] softirqs last enabled at (361596): [] local_bh_enable+0x10/0x34 [ 82.383758][ T4520] softirqs last disabled at (361594): [] local_bh_disable+0x10/0x34 [ 82.385346][ T4520] ---[ end trace ef99201762a03201 ]--- [ 82.452725][ T5119] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.454001][ T5119] Bad inode number on dev loop0: 2 is out of range [ 82.454970][ T5119] SysV FS: get root inode failed [ 82.455797][ T5119] oldfs: cannot read superblock [ 82.458705][ C0] ------------[ cut here ]------------ [ 82.459572][ C0] VFS: brelse: Trying to free free buffer [ 82.460614][ C0] WARNING: CPU: 0 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.462046][ C0] Modules linked in: [ 82.462784][ C0] CPU: 0 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 82.463993][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.465521][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.466833][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.467665][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.468652][ C0] sp : ffff800008007de0 [ 82.469322][ C0] x29: ffff800008007de0 x28: ffff0000d6dd9b40 x27: 1fffe000341f225b [ 82.470649][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 82.472031][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd30dd10 [ 82.473445][ C0] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.474731][ C0] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.475947][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.477358][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : b2b9babd895b1a00 [ 82.478762][ C0] x8 : b2b9babd895b1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.480170][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.481507][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.482901][ C0] Call trace: [ 82.483497][ C0] invalidate_bh_lru+0x128/0x22c [ 82.484405][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.485404][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.486584][ C0] ipi_handler+0x10c/0x6fc [ 82.487341][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.488219][ C0] handle_domain_irq+0x144/0x1fc [ 82.489024][ C0] gic_handle_irq+0x78/0x1b8 [ 82.489822][ C0] call_on_irq_stack+0x30/0x48 [ 82.490634][ C0] do_interrupt_handler+0x6c/0x88 [ 82.491523][ C0] el0_interrupt+0x94/0x248 [ 82.492239][ C0] __el0_irq_handler_common+0x18/0x24 [ 82.493073][ C0] el0t_64_irq_handler+0x10/0x1c [ 82.493907][ C0] el0t_64_irq+0x1a0/0x1a4 [ 82.494552][ C0] irq event stamp: 1033144 [ 82.495252][ C0] hardirqs last enabled at (1033143): [] el0t_64_sync_handler+0xcc/0xe4 [ 82.496884][ C0] hardirqs last disabled at (1033144): [] __el0_irq_handler_common+0x18/0x24 [ 82.498418][ C0] softirqs last enabled at (1033126): [] local_bh_enable+0x10/0x34 [ 82.500018][ C0] softirqs last disabled at (1033124): [] local_bh_disable+0x10/0x34 [ 82.501716][ C0] ---[ end trace ef99201762a03202 ]--- [ 82.560379][ T5121] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.561864][ T5121] Bad inode number on dev loop0: 2 is out of range [ 82.562977][ T5121] SysV FS: get root inode failed [ 82.563827][ T5121] oldfs: cannot read superblock [ 82.567952][ C1] ------------[ cut here ]------------ [ 82.568836][ C1] VFS: brelse: Trying to free free buffer [ 82.569757][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.571288][ C1] Modules linked in: [ 82.571930][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.573457][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.575161][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.576512][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.577376][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.578274][ C1] sp : ffff800008017de0 [ 82.578987][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 82.580401][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.581785][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd32c970 [ 82.583174][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.584453][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.585884][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.587340][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 82.588728][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.590128][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.591439][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.592731][ C1] Call trace: [ 82.593229][ C1] invalidate_bh_lru+0x128/0x22c [ 82.594035][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.594894][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.595921][ C1] ipi_handler+0x10c/0x6fc [ 82.596673][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.597668][ C1] handle_domain_irq+0x144/0x1fc [ 82.598465][ C1] gic_handle_irq+0x78/0x1b8 [ 82.599229][ C1] call_on_irq_stack+0x30/0x48 [ 82.599935][ C1] do_interrupt_handler+0x6c/0x88 [ 82.600794][ C1] el1_interrupt+0x30/0x58 [ 82.601514][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.602345][ C1] el1h_64_irq+0x78/0x7c [ 82.603082][ C1] seqcount_lockdep_reader_access+0x21c/0x2c0 [ 82.604007][ C1] ktime_get_coarse_real_ts64+0x44/0x134 [ 82.604920][ C1] current_time+0x94/0x2a0 [ 82.605667][ C1] shmem_mknod+0x11c/0x1b8 [ 82.606373][ C1] shmem_mkdir+0x38/0x78 [ 82.607108][ C1] vfs_mkdir+0x314/0x4d4 [ 82.607855][ C1] do_mkdirat+0x1c0/0x514 [ 82.608592][ C1] __arm64_sys_mkdirat+0x90/0xa8 [ 82.609457][ C1] invoke_syscall+0x98/0x2b0 [ 82.610243][ C1] el0_svc_common+0x138/0x258 [ 82.611114][ C1] do_el0_svc+0x58/0x13c [ 82.611860][ C1] el0_svc+0x78/0x1d0 [ 82.612567][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.613457][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.614250][ C1] irq event stamp: 310158 [ 82.615013][ C1] hardirqs last enabled at (310157): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 82.616775][ C1] hardirqs last disabled at (310158): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.618429][ C1] softirqs last enabled at (310122): [] local_bh_enable+0x10/0x34 [ 82.620011][ C1] softirqs last disabled at (310120): [] local_bh_disable+0x10/0x34 [ 82.621575][ C1] ---[ end trace ef99201762a03203 ]--- [ 82.654851][ T5123] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.656182][ T5123] Bad inode number on dev loop0: 2 is out of range [ 82.657615][ T5123] SysV FS: get root inode failed [ 82.658507][ T5123] oldfs: cannot read superblock [ 82.664430][ T4520] ------------[ cut here ]------------ [ 82.665415][ T4520] VFS: brelse: Trying to free free buffer [ 82.666323][ T4520] WARNING: CPU: 0 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.667758][ T4520] Modules linked in: [ 82.668389][ T4520] CPU: 0 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 82.669789][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.671509][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.672760][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 82.673630][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 82.674483][ T4520] sp : ffff80001f6977c0 [ 82.675185][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 82.676734][ T4520] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 82.678184][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b4400 [ 82.679499][ T4520] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 82.680820][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.682115][ T4520] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.683507][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 82.684862][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.686171][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.687509][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 82.688861][ T4520] Call trace: [ 82.689360][ T4520] invalidate_bh_lru+0x128/0x22c [ 82.690138][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 82.691050][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 82.691853][ T4520] invalidate_bh_lrus+0x34/0x40 [ 82.692646][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 82.693533][ T4520] blkdev_put+0x490/0x6ac [ 82.694180][ T4520] blkdev_close+0x74/0xb0 [ 82.694975][ T4520] __fput+0x1c0/0x7e8 [ 82.695624][ T4520] ____fput+0x20/0x30 [ 82.696294][ T4520] task_work_run+0x12c/0x1d8 [ 82.697090][ T4520] do_notify_resume+0x2450/0x309c [ 82.697962][ T4520] el0_svc+0xf0/0x1d0 [ 82.698617][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 82.699588][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 82.700389][ T4520] irq event stamp: 375466 [ 82.701034][ T4520] hardirqs last enabled at (375465): [] kasan_quarantine_put+0xc4/0x200 [ 82.702853][ T4520] hardirqs last disabled at (375466): [] smp_call_function_many_cond+0xa44/0xeac [ 82.704684][ T4520] softirqs last enabled at (375244): [] local_bh_enable+0x10/0x34 [ 82.706271][ T4520] softirqs last disabled at (375242): [] local_bh_disable+0x10/0x34 [ 82.707898][ T4520] ---[ end trace ef99201762a03204 ]--- [ 82.729892][ T5125] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.731367][ T5125] Bad inode number on dev loop0: 2 is out of range [ 82.732387][ T5125] SysV FS: get root inode failed [ 82.733241][ T5125] oldfs: cannot read superblock [ 82.736239][ C1] ------------[ cut here ]------------ [ 82.737096][ C1] VFS: brelse: Trying to free free buffer [ 82.738082][ C1] WARNING: CPU: 1 PID: 4385 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.739597][ C1] Modules linked in: [ 82.740215][ C1] CPU: 1 PID: 4385 Comm: syz-execprog Tainted: G W syzkaller #0 [ 82.741749][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.743432][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.744788][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.745714][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.746602][ C1] sp : ffff800008017de0 [ 82.747306][ C1] x29: ffff800008017de0 x28: ffff0000ccc2d1c0 x27: 1fffe000341f645c [ 82.748590][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.749952][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd32cd10 [ 82.751291][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 82.752734][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.754101][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.755387][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : bd9b362492071500 [ 82.756643][ C1] x8 : bd9b362492071500 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.757960][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.759376][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 82.760717][ C1] Call trace: [ 82.761270][ C1] invalidate_bh_lru+0x128/0x22c [ 82.762097][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.763030][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.764109][ C1] ipi_handler+0x10c/0x6fc [ 82.764898][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.765842][ C1] handle_domain_irq+0x144/0x1fc [ 82.766661][ C1] gic_handle_irq+0x78/0x1b8 [ 82.767479][ C1] call_on_irq_stack+0x30/0x48 [ 82.768374][ C1] do_interrupt_handler+0x6c/0x88 [ 82.769237][ C1] el1_interrupt+0x30/0x58 [ 82.770053][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.770910][ C1] el1h_64_irq+0x78/0x7c [ 82.771605][ C1] __sanitizer_cov_trace_pc+0xa8/0xac [ 82.772465][ C1] vfs_read+0x1f4/0xa44 [ 82.773187][ C1] ksys_read+0x12c/0x224 [ 82.773962][ C1] __arm64_sys_read+0x7c/0x90 [ 82.774728][ C1] invoke_syscall+0x98/0x2b0 [ 82.775482][ C1] el0_svc_common+0x138/0x258 [ 82.776234][ C1] do_el0_svc+0x58/0x13c [ 82.776891][ C1] el0_svc+0x78/0x1d0 [ 82.777509][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.778389][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.779108][ C1] irq event stamp: 12898 [ 82.779804][ C1] hardirqs last enabled at (12897): [] el0_svc_common+0x9c/0x258 [ 82.781305][ C1] hardirqs last disabled at (12898): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.782975][ C1] softirqs last enabled at (12892): [] release_sock+0x1d0/0x258 [ 82.784626][ C1] softirqs last disabled at (12890): [] release_sock+0x34/0x258 [ 82.786162][ C1] ---[ end trace ef99201762a03205 ]--- [ 82.830305][ T5127] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.831613][ T5127] Bad inode number on dev loop0: 2 is out of range [ 82.832683][ T5127] SysV FS: get root inode failed [ 82.833498][ T5127] oldfs: cannot read superblock [ 82.841510][ C0] ------------[ cut here ]------------ [ 82.842345][ C0] VFS: brelse: Trying to free free buffer [ 82.843305][ C0] WARNING: CPU: 0 PID: 5129 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.844628][ C0] Modules linked in: [ 82.845262][ C0] CPU: 0 PID: 5129 Comm: syz.0.98 Tainted: G W syzkaller #0 [ 82.846696][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.848414][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.849737][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 82.850556][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 82.851430][ C0] sp : ffff800008007de0 [ 82.852103][ C0] x29: ffff800008007de0 x28: ffff0000d821b680 x27: 1fffe000341f225c [ 82.853472][ C0] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000001 [ 82.854793][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b47a0 [ 82.856092][ C0] x20: ffff0001a0f912e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.857483][ C0] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.858714][ C0] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 82.860096][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56cc6d9af8946500 [ 82.861482][ C0] x8 : 56cc6d9af8946500 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.862935][ C0] x5 : ffff8000080076f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.864298][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.865670][ C0] Call trace: [ 82.866240][ C0] invalidate_bh_lru+0x128/0x22c [ 82.867097][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 82.868130][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.869312][ C0] ipi_handler+0x10c/0x6fc [ 82.870121][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 82.870969][ C0] handle_domain_irq+0x144/0x1fc [ 82.871784][ C0] gic_handle_irq+0x78/0x1b8 [ 82.872577][ C0] call_on_irq_stack+0x30/0x48 [ 82.873391][ C0] do_interrupt_handler+0x6c/0x88 [ 82.874342][ C0] el1_interrupt+0x30/0x58 [ 82.875045][ C0] el1h_64_irq_handler+0x18/0x24 [ 82.875889][ C0] el1h_64_irq+0x78/0x7c [ 82.876585][ C0] _raw_spin_unlock_irq+0xa0/0x128 [ 82.877452][ C0] shmem_add_to_page_cache+0xcb0/0x132c [ 82.878326][ C0] shmem_getpage_gfp+0x1274/0x1f10 [ 82.879124][ C0] shmem_write_begin+0xe0/0x29c [ 82.879814][ C0] generic_perform_write+0x208/0x488 [ 82.880734][ C0] __generic_file_write_iter+0x23c/0x454 [ 82.881666][ C0] generic_file_write_iter+0xb0/0x1b4 [ 82.882677][ C0] vfs_write+0x590/0xa60 [ 82.883412][ C0] ksys_write+0x12c/0x224 [ 82.884136][ C0] __arm64_sys_write+0x7c/0x90 [ 82.884944][ C0] invoke_syscall+0x98/0x2b0 [ 82.885716][ C0] el0_svc_common+0x138/0x258 [ 82.886542][ C0] do_el0_svc+0x58/0x13c [ 82.887286][ C0] el0_svc+0x78/0x1d0 [ 82.887957][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 82.888886][ C0] el0t_64_sync+0x1a0/0x1a4 [ 82.889709][ C0] irq event stamp: 386 [ 82.890324][ C0] hardirqs last enabled at (385): [] _raw_spin_unlock_irq+0x98/0x128 [ 82.892246][ C0] hardirqs last disabled at (386): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.893698][ C0] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 82.895146][ C0] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 82.896695][ C0] ---[ end trace ef99201762a03206 ]--- [ 82.915277][ T5129] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 82.916451][ T5129] Bad inode number on dev loop0: 2 is out of range [ 82.917583][ T5129] SysV FS: get root inode failed [ 82.918482][ T5129] oldfs: cannot read superblock [ 82.922351][ C1] ------------[ cut here ]------------ [ 82.923182][ C1] VFS: brelse: Trying to free free buffer [ 82.924109][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 82.925480][ C1] Modules linked in: [ 82.926035][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 82.927454][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 82.929019][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 82.930348][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 82.931268][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 82.932171][ C1] sp : ffff800008017de0 [ 82.932857][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 82.934256][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 82.935587][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e31da400 [ 82.936879][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010003 [ 82.938314][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 82.939768][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 82.941175][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 021513d4b0138d00 [ 82.942608][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 82.943978][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 82.945451][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 82.946793][ C1] Call trace: [ 82.947401][ C1] invalidate_bh_lru+0x128/0x22c [ 82.948248][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 82.949270][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 82.950505][ C1] ipi_handler+0x10c/0x6fc [ 82.951272][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 82.952245][ C1] handle_domain_irq+0x144/0x1fc [ 82.953081][ C1] gic_handle_irq+0x78/0x1b8 [ 82.953815][ C1] call_on_irq_stack+0x30/0x48 [ 82.954597][ C1] do_interrupt_handler+0x6c/0x88 [ 82.955394][ C1] el1_interrupt+0x30/0x58 [ 82.956042][ C1] el1h_64_irq_handler+0x18/0x24 [ 82.956859][ C1] el1h_64_irq+0x78/0x7c [ 82.957527][ C1] lock_acquire+0x12c/0x618 [ 82.958275][ C1] rcu_lock_acquire+0x38/0x44 [ 82.958963][ C1] get_obj_cgroup_from_current+0x17c/0x524 [ 82.959826][ C1] slab_pre_alloc_hook+0xa4/0xe8 [ 82.960644][ C1] kmem_cache_alloc+0x94/0x3d4 [ 82.961407][ C1] __alloc_file+0x30/0x238 [ 82.962078][ C1] alloc_empty_file+0xa0/0x184 [ 82.962829][ C1] path_openat+0xd4/0x2718 [ 82.963514][ C1] do_filp_open+0x184/0x368 [ 82.964243][ C1] do_sys_openat2+0x134/0x3f4 [ 82.965014][ C1] __arm64_sys_openat+0x118/0x14c [ 82.965869][ C1] invoke_syscall+0x98/0x2b0 [ 82.966594][ C1] el0_svc_common+0x138/0x258 [ 82.967410][ C1] do_el0_svc+0x58/0x13c [ 82.968102][ C1] el0_svc+0x78/0x1d0 [ 82.968720][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 82.969510][ C1] el0t_64_sync+0x1a0/0x1a4 [ 82.970215][ C1] irq event stamp: 318074 [ 82.970890][ C1] hardirqs last enabled at (318073): [] finish_lock_switch+0xb0/0x1c4 [ 82.972385][ C1] hardirqs last disabled at (318074): [] enter_el1_irq_or_nmi+0x10/0x1c [ 82.973896][ C1] softirqs last enabled at (318046): [] local_bh_enable+0x10/0x34 [ 82.975242][ C1] softirqs last disabled at (318044): [] local_bh_disable+0x10/0x34 [ 82.976660][ C1] ---[ end trace ef99201762a03207 ]--- [ 83.022440][ T5131] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.023720][ T5131] Bad inode number on dev loop0: 2 is out of range [ 83.024810][ T5131] SysV FS: get root inode failed [ 83.025591][ T5131] oldfs: cannot read superblock [ 83.030421][ T4520] ------------[ cut here ]------------ [ 83.031358][ T4520] VFS: brelse: Trying to free free buffer [ 83.032321][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.033859][ T4520] Modules linked in: [ 83.034491][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 83.035864][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.037482][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.038823][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 83.039639][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 83.040498][ T4520] sp : ffff80001f6977c0 [ 83.041209][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645c [ 83.042430][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 83.043629][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedb1148 [ 83.044962][ T4520] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.046410][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.047874][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.049213][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 83.050470][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.051820][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.053093][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.054432][ T4520] Call trace: [ 83.055033][ T4520] invalidate_bh_lru+0x128/0x22c [ 83.055820][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 83.056840][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.057697][ T4520] invalidate_bh_lrus+0x34/0x40 [ 83.058525][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 83.059380][ T4520] blkdev_put+0x490/0x6ac [ 83.060114][ T4520] blkdev_close+0x74/0xb0 [ 83.060858][ T4520] __fput+0x1c0/0x7e8 [ 83.061529][ T4520] ____fput+0x20/0x30 [ 83.062224][ T4520] task_work_run+0x12c/0x1d8 [ 83.063031][ T4520] do_notify_resume+0x2450/0x309c [ 83.063898][ T4520] el0_svc+0xf0/0x1d0 [ 83.064555][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 83.065382][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 83.066131][ T4520] irq event stamp: 393150 [ 83.066832][ T4520] hardirqs last enabled at (393149): [] kasan_quarantine_put+0xc4/0x200 [ 83.068472][ T4520] hardirqs last disabled at (393150): [] smp_call_function_many_cond+0xa44/0xeac [ 83.070065][ T4520] softirqs last enabled at (392946): [] local_bh_enable+0x10/0x34 [ 83.071479][ T4520] softirqs last disabled at (392944): [] local_bh_disable+0x10/0x34 [ 83.073022][ T4520] ---[ end trace ef99201762a03208 ]--- [ 83.094977][ T5133] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.096130][ T5133] Bad inode number on dev loop0: 2 is out of range [ 83.097078][ T5133] SysV FS: get root inode failed [ 83.097828][ T5133] oldfs: cannot read superblock [ 83.101559][ C1] ------------[ cut here ]------------ [ 83.102496][ C1] VFS: brelse: Trying to free free buffer [ 83.103463][ C1] WARNING: CPU: 1 PID: 4794 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.104888][ C1] Modules linked in: [ 83.105577][ C1] CPU: 1 PID: 4794 Comm: syz-executor Tainted: G W syzkaller #0 [ 83.106964][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.108683][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.110034][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.110848][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.111767][ C1] sp : ffff800008017de0 [ 83.112386][ C1] x29: ffff800008017de0 x28: ffff0000ce893680 x27: 1fffe000341f645c [ 83.113710][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 83.114944][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedb14e8 [ 83.116247][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.117590][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.118960][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.120332][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 021513d4b0138d00 [ 83.121699][ C1] x8 : 021513d4b0138d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.123052][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.124412][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.125806][ C1] Call trace: [ 83.126416][ C1] invalidate_bh_lru+0x128/0x22c [ 83.127264][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.128202][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.129402][ C1] ipi_handler+0x10c/0x6fc [ 83.130132][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.131059][ C1] handle_domain_irq+0x144/0x1fc [ 83.131935][ C1] gic_handle_irq+0x78/0x1b8 [ 83.132753][ C1] call_on_irq_stack+0x30/0x48 [ 83.133520][ C1] do_interrupt_handler+0x6c/0x88 [ 83.134344][ C1] el1_interrupt+0x30/0x58 [ 83.135083][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.135882][ C1] el1h_64_irq+0x78/0x7c [ 83.136595][ C1] el0_svc_common+0xa8/0x258 [ 83.137320][ C1] do_el0_svc+0x58/0x13c [ 83.137964][ C1] el0_svc+0x78/0x1d0 [ 83.138634][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 83.139470][ C1] el0t_64_sync+0x1a0/0x1a4 [ 83.140160][ C1] irq event stamp: 322702 [ 83.140912][ C1] hardirqs last enabled at (322701): [] el0_svc_common+0x9c/0x258 [ 83.142635][ C1] hardirqs last disabled at (322702): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.144382][ C1] softirqs last enabled at (322666): [] local_bh_enable+0x10/0x34 [ 83.145995][ C1] softirqs last disabled at (322664): [] local_bh_disable+0x10/0x34 [ 83.147483][ C1] ---[ end trace ef99201762a03209 ]--- [ 83.201827][ T5135] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.203139][ T5135] Bad inode number on dev loop0: 2 is out of range [ 83.204251][ T5135] SysV FS: get root inode failed [ 83.205043][ T5135] oldfs: cannot read superblock [ 83.209301][ C1] ------------[ cut here ]------------ [ 83.210166][ C1] VFS: brelse: Trying to free free buffer [ 83.211125][ C1] WARNING: CPU: 1 PID: 3660 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.212560][ C1] Modules linked in: [ 83.213215][ C1] CPU: 1 PID: 3660 Comm: udevd Tainted: G W syzkaller #0 [ 83.214584][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.216325][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.217658][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.218540][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.219436][ C1] sp : ffff800008017de0 [ 83.220172][ C1] x29: ffff800008017de0 x28: ffff0000d6dd9b40 x27: 1fffe000341f645b [ 83.221485][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 83.222819][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedb1888 [ 83.224146][ C1] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000010003 [ 83.225637][ C1] x17: 0000000000010003 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.226980][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.228258][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b2b9babd895b1a00 [ 83.229544][ C1] x8 : b2b9babd895b1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.230902][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.232259][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 83.233586][ C1] Call trace: [ 83.234218][ C1] invalidate_bh_lru+0x128/0x22c [ 83.235009][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.236072][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.237330][ C1] ipi_handler+0x10c/0x6fc [ 83.238098][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.239069][ C1] handle_domain_irq+0x144/0x1fc [ 83.239934][ C1] gic_handle_irq+0x78/0x1b8 [ 83.240795][ C1] call_on_irq_stack+0x30/0x48 [ 83.241580][ C1] do_interrupt_handler+0x6c/0x88 [ 83.242444][ C1] el1_interrupt+0x30/0x58 [ 83.243167][ C1] el1h_64_irq_handler+0x18/0x24 [ 83.243965][ C1] el1h_64_irq+0x78/0x7c [ 83.244698][ C1] __up_read+0x218/0x5d4 [ 83.245458][ C1] up_read+0x94/0xe8 [ 83.246096][ C1] kernfs_dop_revalidate+0x30c/0x470 [ 83.247042][ C1] lookup_fast+0x2c8/0x590 [ 83.247780][ C1] walk_component+0x8c/0x3a8 [ 83.248543][ C1] link_path_walk+0x590/0xbe0 [ 83.249413][ C1] path_lookupat+0x90/0x3d0 [ 83.250217][ C1] filename_lookup+0x1b4/0x464 [ 83.250946][ C1] user_path_at_empty+0x5c/0x1a0 [ 83.251758][ C1] do_readlinkat+0xe0/0x3fc [ 83.252519][ C1] __arm64_sys_readlinkat+0x9c/0xb8 [ 83.253378][ C1] invoke_syscall+0x98/0x2b0 [ 83.254159][ C1] el0_svc_common+0x138/0x258 [ 83.254886][ C1] do_el0_svc+0x58/0x13c [ 83.255567][ C1] el0_svc+0x78/0x1d0 [ 83.256217][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 83.257015][ C1] el0t_64_sync+0x1a0/0x1a4 [ 83.257740][ C1] irq event stamp: 1053300 [ 83.258472][ C1] hardirqs last enabled at (1053299): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 83.260289][ C1] hardirqs last disabled at (1053300): [] enter_el1_irq_or_nmi+0x10/0x1c [ 83.262005][ C1] softirqs last enabled at (1053290): [] local_bh_enable+0x10/0x34 [ 83.263550][ C1] softirqs last disabled at (1053288): [] local_bh_disable+0x10/0x34 [ 83.265179][ C1] ---[ end trace ef99201762a0320a ]--- [ 83.411987][ T5137] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.413213][ T5137] Bad inode number on dev loop0: 2 is out of range [ 83.414234][ T5137] SysV FS: get root inode failed [ 83.415047][ T5137] oldfs: cannot read superblock [ 83.427780][ T4520] ------------[ cut here ]------------ [ 83.428727][ T4520] VFS: brelse: Trying to free free buffer [ 83.429706][ T4520] WARNING: CPU: 1 PID: 4520 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.431172][ T4520] Modules linked in: [ 83.431866][ T4520] CPU: 1 PID: 4520 Comm: udevd Tainted: G W syzkaller #0 [ 83.433252][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.434933][ T4520] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.436341][ T4520] pc : invalidate_bh_lru+0x128/0x22c [ 83.437269][ T4520] lr : invalidate_bh_lru+0x128/0x22c [ 83.438203][ T4520] sp : ffff80001f6977c0 [ 83.438932][ T4520] x29: ffff80001f6977c0 x28: ffff80001429d000 x27: 1fffe000341f645b [ 83.440250][ T4520] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000000 [ 83.441407][ T4520] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dedb1c28 [ 83.442824][ T4520] x20: ffff0001a0fb22d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.444042][ T4520] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.445388][ T4520] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.446747][ T4520] x11: 0000000000000002 x10: 0000000000000000 x9 : 982a2391685bd900 [ 83.448115][ T4520] x8 : 982a2391685bd900 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.449490][ T4520] x5 : ffff80001f6970d8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.450868][ T4520] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.452319][ T4520] Call trace: [ 83.452898][ T4520] invalidate_bh_lru+0x128/0x22c [ 83.453815][ T4520] smp_call_function_many_cond+0xa50/0xeac [ 83.454777][ T4520] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.455637][ T4520] invalidate_bh_lrus+0x34/0x40 [ 83.456459][ T4520] blkdev_flush_mapping+0x16c/0x334 [ 83.457337][ T4520] blkdev_put+0x490/0x6ac [ 83.458138][ T4520] blkdev_close+0x74/0xb0 [ 83.458843][ T4520] __fput+0x1c0/0x7e8 [ 83.459560][ T4520] ____fput+0x20/0x30 [ 83.460276][ T4520] task_work_run+0x12c/0x1d8 [ 83.460970][ T4520] do_notify_resume+0x2450/0x309c [ 83.461917][ T4520] el0_svc+0xf0/0x1d0 [ 83.462568][ T4520] el0t_64_sync_handler+0xcc/0xe4 [ 83.463478][ T4520] el0t_64_sync+0x1a0/0x1a4 [ 83.464257][ T4520] irq event stamp: 408926 [ 83.464941][ T4520] hardirqs last enabled at (408925): [] kasan_quarantine_put+0xc4/0x200 [ 83.466542][ T4520] hardirqs last disabled at (408926): [] smp_call_function_many_cond+0xa44/0xeac [ 83.468346][ T4520] softirqs last enabled at (408914): [] local_bh_enable+0x10/0x34 [ 83.469960][ T4520] softirqs last disabled at (408912): [] local_bh_disable+0x10/0x34 [ 83.471388][ T4520] ---[ end trace ef99201762a0320b ]--- [ 83.561818][ T5141] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.563027][ T5141] Bad inode number on dev loop0: 2 is out of range [ 83.564094][ T5141] SysV FS: get root inode failed [ 83.564944][ T5141] oldfs: cannot read superblock [ 83.565781][ T5141] ------------[ cut here ]------------ [ 83.566612][ T5141] VFS: brelse: Trying to free free buffer [ 83.567487][ T5141] WARNING: CPU: 0 PID: 5141 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.568942][ T5141] Modules linked in: [ 83.569581][ T5141] CPU: 0 PID: 5141 Comm: syz.0.104 Tainted: G W syzkaller #0 [ 83.570965][ T5141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.572777][ T5141] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.574038][ T5141] pc : invalidate_bh_lru+0x128/0x22c [ 83.574834][ T5141] lr : invalidate_bh_lru+0x128/0x22c [ 83.575644][ T5141] sp : ffff80001fca76e0 [ 83.576291][ T5141] x29: ffff80001fca76e0 x28: ffff80001429d000 x27: 1fffe000341f225b [ 83.577695][ T5141] x26: 0000000000000001 x25: ffff0001a0f912d8 x24: 0000000000000000 [ 83.579019][ T5141] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2b4b40 [ 83.580444][ T5141] x20: ffff0001a0f912d8 x19: ffff80001146afa0 x18: 0000000000000003 [ 83.581777][ T5141] x17: 0000000000000000 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.582937][ T5141] x14: 0000000000000001 x13: 1fffe000341f05ab x12: 0000000000ff0100 [ 83.584137][ T5141] x11: 0000000000000002 x10: 0000000000000000 x9 : 3e6b1be65dbfb700 [ 83.585333][ T5141] x8 : 3e6b1be65dbfb700 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.586603][ T5141] x5 : ffff80001fca6ff8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.587820][ T5141] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 83.589013][ T5141] Call trace: [ 83.589420][ T5141] invalidate_bh_lru+0x128/0x22c [ 83.590132][ T5141] smp_call_function_many_cond+0xa50/0xeac [ 83.591044][ T5141] on_each_cpu_cond_mask+0x5c/0xc4 [ 83.591815][ T5141] invalidate_bh_lrus+0x34/0x40 [ 83.592587][ T5141] blkdev_flush_mapping+0x16c/0x334 [ 83.593451][ T5141] blkdev_put+0x490/0x6ac [ 83.594245][ T5141] kill_block_super+0x98/0xdc [ 83.595024][ T5141] deactivate_locked_super+0xb8/0x134 [ 83.595951][ T5141] mount_bdev+0x284/0x358 [ 83.596684][ T5141] sysv_mount+0x44/0x58 [ 83.597456][ T5141] legacy_get_tree+0xd4/0x16c [ 83.598250][ T5141] vfs_get_tree+0x90/0x274 [ 83.598960][ T5141] do_new_mount+0x228/0x810 [ 83.599740][ T5141] path_mount+0x5bc/0x1008 [ 83.600492][ T5141] __arm64_sys_mount+0x514/0x5f0 [ 83.601336][ T5141] invoke_syscall+0x98/0x2b0 [ 83.602141][ T5141] el0_svc_common+0x138/0x258 [ 83.602946][ T5141] do_el0_svc+0x58/0x13c [ 83.603679][ T5141] el0_svc+0x78/0x1d0 [ 83.604366][ T5141] el0t_64_sync_handler+0xcc/0xe4 [ 83.605227][ T5141] el0t_64_sync+0x1a0/0x1a4 [ 83.606007][ T5141] irq event stamp: 990 [ 83.606664][ T5141] hardirqs last enabled at (989): [] kasan_quarantine_put+0xc4/0x200 [ 83.608146][ T5141] hardirqs last disabled at (990): [] smp_call_function_many_cond+0xa44/0xeac [ 83.609901][ T5141] softirqs last enabled at (848): [] local_bh_enable+0x10/0x34 [ 83.611510][ T5141] softirqs last disabled at (846): [] local_bh_disable+0x10/0x34 [ 83.613058][ T5141] ---[ end trace ef99201762a0320c ]--- [ 83.710013][ T5145] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 83.711981][ T5145] Bad inode number on dev loop0: 2 is out of range [ 83.713137][ T5145] SysV FS: get root inode failed [ 83.713936][ T5145] oldfs: cannot read superblock [ 83.722143][ C1] ------------[ cut here ]------------ [ 83.723082][ C1] VFS: brelse: Trying to free free buffer [ 83.724117][ C1] WARNING: CPU: 1 PID: 5147 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 83.725526][ C1] Modules linked in: [ 83.726178][ C1] CPU: 1 PID: 5147 Comm: syz.0.107 Tainted: G W syzkaller #0 [ 83.727638][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 83.729274][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 83.730578][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 83.731475][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 83.732383][ C1] sp : ffff800008017de0 [ 83.733057][ C1] x29: ffff800008017de0 x28: ffff0000d0a28000 x27: 1fffe000341f645c [ 83.734456][ C1] x26: 0000000000000001 x25: ffff0001a0fb22d8 x24: 0000000000000001 [ 83.735837][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c06765d0 [ 83.737221][ C1] x20: ffff0001a0fb22e0 x19: ffff80001146afa0 x18: 0000000000010002 [ 83.738689][ C1] x17: 0000000000010002 x16: ffff80001125f448 x15: 00000000ffffffff [ 83.740036][ C1] x14: 0000000000000001 x13: 1fffe000341f47ab x12: 0000000000ff0100 [ 83.741447][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a6a4c0800d7cbb00 [ 83.742810][ C1] x8 : a6a4c0800d7cbb00 x7 : 0000000000000001 x6 : 0000000000000001 [ 83.744192][ C1] x5 : ffff8000080176f8 x4 : ffff80001437f3e0 x3 : ffff800008509220 [ 83.745520][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 83.746925][ C1] Call trace: [ 83.747535][ C1] invalidate_bh_lru+0x128/0x22c [ 83.748420][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 83.749496][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 83.750735][ C1] ipi_handler+0x10c/0x6fc [ 83.751492][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 83.752410][ C1] handle_domain_irq+0x144/0x1fc [ 83.753252][ C1] gic_handle_irq+0x78/0x1b8 [ 83.754033][ C1] call_on_irq_stack+0x30/0x48 [ 83.754764][ C1] do_interrupt_handler+0x6c/0x88 [ 83.755557][ C1] el0_interrupt+0x94/0x248 [ 83.756312][ C1] __el0_irq_handler_common+0x18/0x24 [ 83.757227][ C1] el0t_64_irq_handler+0x10/0x1c [ 83.758076][ C1] el0t_64_irq+0x1a0/0x1a4 [ 83.758775][ C1] irq event stamp: 208 [ 83.759419][ C1] hardirqs last enabled at (207): [] el0t_64_sync_handler+0xd8/0xe4 [ 83.760910][ C1] hardirqs last disabled at (208): [] __el0_irq_handler_common+0x18/0x24 [ 83.762415][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 83.763940][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 83.765426][ C1] ---[ end trace ef99201762a0320d ]---