Warning: Permanently added '10.128.1.150' (ED25519) to the list of known hosts. 1970/01/01 00:01:24 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:24 parsed 1 programs [ 87.311937][ T4444] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 93.660909][ T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.663344][ T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.666519][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 93.683623][ T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.685840][ T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.688615][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 94.319185][ T4506] chnl_net:caif_netlink_parms(): no params data found [ 94.355069][ T4506] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.357059][ T4506] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.359659][ T4506] device bridge_slave_0 entered promiscuous mode [ 94.364666][ T4506] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.366572][ T4506] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.369219][ T4506] device bridge_slave_1 entered promiscuous mode [ 94.387534][ T4506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.392102][ T4506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.409024][ T4506] team0: Port device team_slave_0 added [ 94.414414][ T4506] team0: Port device team_slave_1 added [ 94.428454][ T4506] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.430366][ T4506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.437779][ T4506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.442021][ T4506] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.444307][ T4506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.451220][ T4506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.546007][ T4506] device hsr_slave_0 entered promiscuous mode [ 94.593036][ T4506] device hsr_slave_1 entered promiscuous mode [ 95.487843][ T4506] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.505534][ T4506] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.535572][ T4506] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.585502][ T4506] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.671001][ T4506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.680743][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.683408][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.688024][ T4506] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.693459][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 95.696214][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 95.699102][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.701087][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.704632][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 95.708886][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 95.711773][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 95.716557][ T1631] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.718700][ T1631] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.728859][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 95.732290][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 95.738696][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 95.741977][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 95.745803][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 95.751895][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 95.756766][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 95.766338][ T4506] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 95.769421][ T4506] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 95.775257][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 95.777948][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 95.780668][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 95.784770][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 95.787460][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 95.860856][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 95.865250][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 95.872395][ T4506] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.903008][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 95.905883][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 95.908566][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 95.911239][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 95.917091][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 95.919643][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 95.922471][ T4506] device veth0_vlan entered promiscuous mode [ 95.930742][ T4506] device veth1_vlan entered promiscuous mode [ 95.948717][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 95.951995][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 95.956454][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 95.959655][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 95.965644][ T4506] device veth0_macvtap entered promiscuous mode [ 95.970070][ T4506] device veth1_macvtap entered promiscuous mode [ 96.026767][ T4506] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.028898][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 96.031443][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 96.034486][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 96.037281][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 96.044736][ T4506] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.046709][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 96.049823][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 96.056356][ T4506] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.058714][ T4506] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.060985][ T4506] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.064726][ T4506] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:36 executed programs: 0 [ 96.257193][ T4602] chnl_net:caif_netlink_parms(): no params data found [ 96.302146][ T4602] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.306769][ T4602] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.309410][ T4602] device bridge_slave_0 entered promiscuous mode [ 96.313708][ T4602] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.315779][ T4602] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.318411][ T4602] device bridge_slave_1 entered promiscuous mode [ 96.336986][ T4602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.341455][ T4602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.361038][ T4602] team0: Port device team_slave_0 added [ 96.367749][ T4602] team0: Port device team_slave_1 added [ 96.380560][ T4602] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.386062][ T4602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.393300][ T4602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.398335][ T4602] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.400216][ T4602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.409940][ T4602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.475018][ T4602] device hsr_slave_0 entered promiscuous mode [ 96.503227][ T4602] device hsr_slave_1 entered promiscuous mode [ 96.533002][ T4602] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.535068][ T4602] Cannot create hsr debugfs directory [ 96.599990][ T4602] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.172904][ T3605] Bluetooth: hci0: command 0x0409 tx timeout [ 99.183724][ T4602] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.262831][ T4125] Bluetooth: hci0: command 0x041b tx timeout [ 101.698935][ T4602] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.760725][ T4602] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.930446][ T4602] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 101.964825][ T4602] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 102.006027][ T4602] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 102.055994][ T4602] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 102.168472][ T4602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.180409][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 102.186212][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 102.191578][ T4602] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.197352][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 102.200147][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 102.205406][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.207273][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.217685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 102.220232][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 102.225646][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 102.228215][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.230206][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.234801][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 102.245909][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 102.249199][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 102.253216][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 102.257212][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 102.259800][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 102.264983][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 102.275329][ T4602] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 102.278107][ T4602] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 102.283933][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 102.286576][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 102.290736][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 102.294688][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 102.298251][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 102.333365][ T4125] Bluetooth: hci0: command 0x040f tx timeout [ 102.746658][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 102.748753][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 102.755561][ T4602] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.771847][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 102.774830][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 102.784754][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 102.787427][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 102.790043][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 102.792393][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 102.801828][ T4602] device veth0_vlan entered promiscuous mode [ 102.810261][ T4602] device veth1_vlan entered promiscuous mode [ 102.823775][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 102.826361][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 102.828856][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 102.831506][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 102.836406][ T4602] device veth0_macvtap entered promiscuous mode [ 102.841462][ T4602] device veth1_macvtap entered promiscuous mode [ 102.851011][ T4602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.854108][ T4602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.857789][ T4602] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.875478][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 102.878022][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 102.880520][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 102.884069][ T1631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 102.888280][ T4602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 102.891112][ T4602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 102.895111][ T4602] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.899655][ T4602] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.902024][ T4602] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.906208][ T4602] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.908652][ T4602] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.912314][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 102.917173][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 102.953055][ T1631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.955459][ T1631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.958380][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 102.982098][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.987917][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.991067][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:42 executed programs: 2 [ 103.022149][ T4870] loop0: detected capacity change from 0 to 128 [ 103.031324][ T4870] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 103.034481][ T4870] Bad inode number on dev loop0: 2 is out of range [ 103.036211][ T4870] SysV FS: get root inode failed [ 103.038324][ T4870] oldfs: cannot read superblock [ 103.049016][ T3643] ------------[ cut here ]------------ [ 103.050601][ T3643] VFS: brelse: Trying to free free buffer [ 103.052168][ T3643] WARNING: CPU: 1 PID: 3643 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 103.054501][ T3643] Modules linked in: [ 103.055549][ T3643] CPU: 1 PID: 3643 Comm: udevd Not tainted 5.15.181-syzkaller #0 [ 103.057696][ T3643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 103.060399][ T3643] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 103.062530][ T3643] pc : invalidate_bh_lru+0x128/0x234 [ 103.063945][ T3643] lr : invalidate_bh_lru+0x128/0x234 [ 103.065354][ T3643] sp : ffff800021ee77c0 [ 103.066466][ T3643] x29: ffff800021ee77c0 x28: ffff80001414d000 x27: 1fffe0003685d255 [ 103.068628][ T3643] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000002 [ 103.070764][ T3643] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0681a58 [ 103.072995][ T3643] x20: ffff0001b42e92a8 x19: ffff8000113aada0 x18: 0000000000000003 [ 103.075121][ T3643] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 103.077236][ T3643] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 103.079397][ T3643] x11: 0000000000000002 x10: 0000000000000000 x9 : 7ef049936ac40300 [ 103.081588][ T3643] x8 : 7ef049936ac40300 x7 : 0000000000000001 x6 : 0000000000000001 [ 103.083776][ T3643] x5 : ffff800021ee70b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 103.085867][ T3643] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 103.088053][ T3643] Call trace: [ 103.088982][ T3643] invalidate_bh_lru+0x128/0x234 [ 103.090331][ T3643] smp_call_function_many_cond+0xa50/0xeb0 [ 103.091918][ T3643] on_each_cpu_cond_mask+0x5c/0xc4 [ 103.093290][ T3643] invalidate_bh_lrus+0x34/0x40 [ 103.094652][ T3643] blkdev_flush_mapping+0x168/0x31c [ 103.095959][ T3643] blkdev_put+0x490/0x6ac [ 103.097065][ T3643] blkdev_close+0x74/0xb0 [ 103.098054][ T3643] __fput+0x1c0/0x7f8 [ 103.099024][ T3643] ____fput+0x20/0x30 [ 103.100130][ T3643] task_work_run+0x12c/0x1e0 [ 103.101255][ T3643] do_notify_resume+0x24b4/0x3128 [ 103.102478][ T3643] el0_svc+0xf0/0x1e0 [ 103.103498][ T3643] el0t_64_sync_handler+0xcc/0xe4 [ 103.104744][ T3643] el0t_64_sync+0x1a0/0x1a4 [ 103.105868][ T3643] irq event stamp: 1050224 [ 103.106984][ T3643] hardirqs last enabled at (1050223): [] kasan_quarantine_put+0xc4/0x204 [ 103.109536][ T3643] hardirqs last disabled at (1050224): [] smp_call_function_many_cond+0xa44/0xeb0 [ 103.112411][ T3643] softirqs last enabled at (1049922): [] local_bh_enable+0x10/0x34 [ 103.114983][ T3643] softirqs last disabled at (1049920): [] local_bh_disable+0x10/0x34 [ 103.117411][ T3643] ---[ end trace 381ec441ce78a64c ]--- [ 103.149992][ T4872] loop0: detected capacity change from 0 to 128 [ 103.207164][ T4872] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 103.209175][ T4872] Bad inode number on dev loop0: 2 is out of range [ 103.210920][ T4872] SysV FS: get root inode failed [ 103.212226][ T4872] oldfs: cannot read superblock [ 103.218902][ T4872] ------------[ cut here ]------------ [ 103.220339][ T4872] VFS: brelse: Trying to free free buffer [ 103.221889][ T4872] WARNING: CPU: 1 PID: 4872 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 103.224299][ T4872] Modules linked in: [ 103.225389][ T4872] CPU: 1 PID: 4872 Comm: syz.0.16 Tainted: G W 5.15.181-syzkaller #0 [ 103.227886][ T4872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 103.230593][ T4872] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 103.232674][ T4872] pc : invalidate_bh_lru+0x128/0x234 [ 103.234068][ T4872] lr : invalidate_bh_lru+0x128/0x234 [ 103.235470][ T4872] sp : ffff80001bce76e0 [ 103.236560][ T4872] x29: ffff80001bce76e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 103.238753][ T4872] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 103.240891][ T4872] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0681df8 [ 103.243163][ T4872] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 103.245347][ T4872] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 103.247604][ T4872] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 103.249793][ T4872] x11: 0000000000000002 x10: 0000000000000000 x9 : c0cbcb290da18d00 [ 103.252009][ T4872] x8 : c0cbcb290da18d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 103.254209][ T4872] x5 : ffff80001bce6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 103.256385][ T4872] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 103.258600][ T4872] Call trace: [ 103.259493][ T4872] invalidate_bh_lru+0x128/0x234 [ 103.260836][ T4872] smp_call_function_many_cond+0xa50/0xeb0 [ 103.262395][ T4872] on_each_cpu_cond_mask+0x5c/0xc4 [ 103.263787][ T4872] invalidate_bh_lrus+0x34/0x40 [ 103.265119][ T4872] blkdev_flush_mapping+0x168/0x31c [ 103.266471][ T4872] blkdev_put+0x490/0x6ac [ 103.267597][ T4872] kill_block_super+0x98/0xdc [ 103.268864][ T4872] deactivate_locked_super+0xb8/0x13c [ 103.270395][ T4872] mount_bdev+0x284/0x358 [ 103.271570][ T4872] sysv_mount+0x44/0x58 [ 103.272736][ T4872] legacy_get_tree+0xd4/0x16c [ 103.274019][ T4872] vfs_get_tree+0x90/0x274 [ 103.275177][ T4872] do_new_mount+0x228/0x810 [ 103.276418][ T4872] path_mount+0x5b4/0x1000 [ 103.277622][ T4872] __arm64_sys_mount+0x514/0x5e4 [ 103.278947][ T4872] invoke_syscall+0x98/0x2b8 [ 103.280177][ T4872] el0_svc_common+0x138/0x258 [ 103.281461][ T4872] do_el0_svc+0x58/0x14c [ 103.282569][ T4872] el0_svc+0x78/0x1e0 [ 103.283636][ T4872] el0t_64_sync_handler+0xcc/0xe4 [ 103.285053][ T4872] el0t_64_sync+0x1a0/0x1a4 [ 103.286230][ T4872] irq event stamp: 1158 [ 103.287319][ T4872] hardirqs last enabled at (1157): [] kasan_quarantine_put+0xc4/0x204 [ 103.289954][ T4872] hardirqs last disabled at (1158): [] smp_call_function_many_cond+0xa44/0xeb0 [ 103.292725][ T4872] softirqs last enabled at (1148): [] handle_softirqs+0xa4c/0xbf0 [ 103.295359][ T4872] softirqs last disabled at (1127): [] __irq_exit_rcu+0x240/0x440 [ 103.297909][ T4872] ---[ end trace 381ec441ce78a64d ]--- [ 103.391381][ T4874] loop0: detected capacity change from 0 to 128 [ 103.397529][ T4874] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 103.399456][ T4874] Bad inode number on dev loop0: 2 is out of range [ 103.401161][ T4874] SysV FS: get root inode failed [ 103.402404][ T4874] oldfs: cannot read superblock [ 103.418711][ C0] ------------[ cut here ]------------ [ 103.420318][ C0] VFS: brelse: Trying to free free buffer [ 103.421944][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 103.424353][ C0] Modules linked in: [ 103.425381][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 103.427999][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 103.430723][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 103.432801][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 103.434243][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 103.435675][ C0] sp : ffff800008007de0 [ 103.436822][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859053 [ 103.438950][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 103.441106][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1446148 [ 103.443287][ C0] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000010002 [ 103.445409][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 103.447530][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 103.449792][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 103.451979][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 103.454173][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 103.456313][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 103.458477][ C0] Call trace: [ 103.459340][ C0] invalidate_bh_lru+0x128/0x234 [ 103.460668][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 103.462252][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 103.464156][ C0] ipi_handler+0x108/0x70c [ 103.465331][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 103.466772][ C0] handle_domain_irq+0x144/0x1fc [ 103.468089][ C0] gic_handle_irq+0x78/0x1c8 [ 103.469312][ C0] call_on_irq_stack+0x24/0x4c [ 103.470575][ C0] do_interrupt_handler+0x6c/0x88 [ 103.471977][ C0] el1_interrupt+0x30/0x58 [ 103.473132][ C0] el1h_64_irq_handler+0x18/0x24 [ 103.474482][ C0] el1h_64_irq+0x78/0x7c [ 103.475578][ C0] tomoyo_init_request_info+0x84/0x2f0 [ 103.477039][ C0] tomoyo_check_open_permission+0x14c/0x2fc [ 103.478596][ C0] tomoyo_file_open+0x130/0x1b0 [ 103.479896][ C0] security_file_open+0x6c/0xac [ 103.481185][ C0] do_dentry_open+0x29c/0xebc [ 103.482442][ C0] vfs_open+0x7c/0x90 [ 103.483506][ C0] path_openat+0x1f80/0x26e4 [ 103.484683][ C0] do_filp_open+0x164/0x330 [ 103.485920][ C0] do_sys_openat2+0x128/0x3d8 [ 103.487186][ C0] __arm64_sys_openat+0x120/0x154 [ 103.488544][ C0] invoke_syscall+0x98/0x2b8 [ 103.489779][ C0] el0_svc_common+0x138/0x258 [ 103.490976][ C0] do_el0_svc+0x58/0x14c [ 103.492095][ C0] el0_svc+0x78/0x1e0 [ 103.493144][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 103.494543][ C0] el0t_64_sync+0x1a0/0x1a4 [ 103.495726][ C0] irq event stamp: 167266 [ 103.496923][ C0] hardirqs last enabled at (167265): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 103.499849][ C0] hardirqs last disabled at (167266): [] enter_el1_irq_or_nmi+0x10/0x1c [ 103.502516][ C0] softirqs last enabled at (167246): [] local_bh_enable+0x10/0x34 [ 103.505113][ C0] softirqs last disabled at (167244): [] local_bh_disable+0x10/0x34 [ 103.507645][ C0] ---[ end trace 381ec441ce78a64e ]--- [ 103.571101][ T4876] loop0: detected capacity change from 0 to 128 [ 103.577614][ T4876] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 103.579671][ T4876] Bad inode number on dev loop0: 2 is out of range [ 103.581357][ T4876] SysV FS: get root inode failed [ 103.583315][ T4876] oldfs: cannot read superblock [ 103.589991][ T4452] ------------[ cut here ]------------ [ 103.591492][ T4452] VFS: brelse: Trying to free free buffer [ 103.593097][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 103.595562][ T4452] Modules linked in: [ 103.596605][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 103.598930][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 103.601688][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 103.603829][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 103.605268][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 103.606701][ T4452] sp : ffff80001f2077c0 [ 103.607835][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 103.610008][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 103.612101][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dbe125d0 [ 103.614213][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 103.616272][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 103.618378][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 103.620546][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 103.622671][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 103.624792][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 103.626999][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 103.629176][ T4452] Call trace: [ 103.630072][ T4452] invalidate_bh_lru+0x128/0x234 [ 103.631396][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 103.632978][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 103.634346][ T4452] invalidate_bh_lrus+0x34/0x40 [ 103.635638][ T4452] blkdev_flush_mapping+0x168/0x31c [ 103.637037][ T4452] blkdev_put+0x490/0x6ac [ 103.638163][ T4452] blkdev_close+0x74/0xb0 [ 103.639292][ T4452] __fput+0x1c0/0x7f8 [ 103.640354][ T4452] ____fput+0x20/0x30 [ 103.641436][ T4452] task_work_run+0x12c/0x1e0 [ 103.642691][ T4452] do_notify_resume+0x24b4/0x3128 [ 103.643987][ T4452] el0_svc+0xf0/0x1e0 [ 103.645083][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 103.646468][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 103.647668][ T4452] irq event stamp: 74626 [ 103.648761][ T4452] hardirqs last enabled at (74625): [] kasan_quarantine_put+0xc4/0x204 [ 103.651426][ T4452] hardirqs last disabled at (74626): [] smp_call_function_many_cond+0xa44/0xeb0 [ 103.654258][ T4452] softirqs last enabled at (72704): [] local_bh_enable+0x10/0x34 [ 103.656791][ T4452] softirqs last disabled at (72702): [] local_bh_disable+0x10/0x34 [ 103.659325][ T4452] ---[ end trace 381ec441ce78a64f ]--- [ 103.709291][ T4878] loop0: detected capacity change from 0 to 128 [ 103.746436][ T4878] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 103.748524][ T4878] Bad inode number on dev loop0: 2 is out of range [ 103.750249][ T4878] SysV FS: get root inode failed [ 103.751537][ T4878] oldfs: cannot read superblock [ 103.753966][ T4878] ------------[ cut here ]------------ [ 103.755449][ T4878] VFS: brelse: Trying to free free buffer [ 103.757032][ T4878] WARNING: CPU: 0 PID: 4878 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 103.759353][ T4878] Modules linked in: [ 103.760316][ T4878] CPU: 0 PID: 4878 Comm: syz.0.19 Tainted: G W 5.15.181-syzkaller #0 [ 103.762785][ T4878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 103.765582][ T4878] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 103.767708][ T4878] pc : invalidate_bh_lru+0x128/0x234 [ 103.769084][ T4878] lr : invalidate_bh_lru+0x128/0x234 [ 103.770486][ T4878] sp : ffff80001bce76e0 [ 103.771601][ T4878] x29: ffff80001bce76e0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 103.773822][ T4878] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 103.775937][ T4878] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e14464e8 [ 103.778113][ T4878] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 103.780219][ T4878] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 103.782404][ T4878] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 103.784557][ T4878] x11: 0000000000000002 x10: 0000000000000000 x9 : 1c01d5190f5a3200 [ 103.786770][ T4878] x8 : 1c01d5190f5a3200 x7 : 0000000000000001 x6 : 0000000000000001 [ 103.788904][ T4878] x5 : ffff80001bce6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 103.791066][ T4878] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 103.793188][ T4878] Call trace: [ 103.794080][ T4878] invalidate_bh_lru+0x128/0x234 [ 103.795391][ T4878] smp_call_function_many_cond+0xa50/0xeb0 [ 103.796927][ T4878] on_each_cpu_cond_mask+0x5c/0xc4 [ 103.798308][ T4878] invalidate_bh_lrus+0x34/0x40 [ 103.799536][ T4878] blkdev_flush_mapping+0x168/0x31c [ 103.800940][ T4878] blkdev_put+0x490/0x6ac [ 103.802135][ T4878] kill_block_super+0x98/0xdc [ 103.803384][ T4878] deactivate_locked_super+0xb8/0x13c [ 103.804815][ T4878] mount_bdev+0x284/0x358 [ 103.805930][ T4878] sysv_mount+0x44/0x58 [ 103.807075][ T4878] legacy_get_tree+0xd4/0x16c [ 103.808268][ T4878] vfs_get_tree+0x90/0x274 [ 103.809457][ T4878] do_new_mount+0x228/0x810 [ 103.810684][ T4878] path_mount+0x5b4/0x1000 [ 103.811841][ T4878] __arm64_sys_mount+0x514/0x5e4 [ 103.813111][ T4878] invoke_syscall+0x98/0x2b8 [ 103.814369][ T4878] el0_svc_common+0x138/0x258 [ 103.815614][ T4878] do_el0_svc+0x58/0x14c [ 103.816744][ T4878] el0_svc+0x78/0x1e0 [ 103.817791][ T4878] el0t_64_sync_handler+0xcc/0xe4 [ 103.819131][ T4878] el0t_64_sync+0x1a0/0x1a4 [ 103.820317][ T4878] irq event stamp: 1206 [ 103.821401][ T4878] hardirqs last enabled at (1205): [] kasan_quarantine_put+0xc4/0x204 [ 103.824080][ T4878] hardirqs last disabled at (1206): [] smp_call_function_many_cond+0xa44/0xeb0 [ 103.826929][ T4878] softirqs last enabled at (1196): [] handle_softirqs+0xa4c/0xbf0 [ 103.829402][ T4878] softirqs last disabled at (1075): [] __irq_exit_rcu+0x240/0x440 [ 103.831924][ T4878] ---[ end trace 381ec441ce78a650 ]--- [ 103.876919][ T136] device hsr_slave_0 left promiscuous mode [ 103.923996][ T136] device hsr_slave_1 left promiscuous mode [ 103.958070][ T4880] loop0: detected capacity change from 0 to 128 [ 103.962056][ T4880] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 103.964820][ T4880] Bad inode number on dev loop0: 2 is out of range [ 103.966591][ T4880] SysV FS: get root inode failed [ 103.967854][ T4880] oldfs: cannot read superblock [ 103.978110][ C0] ------------[ cut here ]------------ [ 103.979730][ C0] VFS: brelse: Trying to free free buffer [ 103.981269][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 103.983651][ C0] Modules linked in: [ 103.984700][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 103.987375][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 103.990148][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 103.992290][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 103.993777][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 103.995169][ C0] sp : ffff800008007de0 [ 103.996302][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 103.998455][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 104.000593][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1446888 [ 104.002767][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 104.004927][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 104.007038][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 104.009131][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 104.011289][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 104.013368][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 104.015498][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 104.017630][ C0] Call trace: [ 104.018498][ C0] invalidate_bh_lru+0x128/0x234 [ 104.019849][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 104.021468][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 104.023300][ C0] ipi_handler+0x108/0x70c [ 104.024471][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 104.025997][ C0] handle_domain_irq+0x144/0x1fc [ 104.027263][ C0] gic_handle_irq+0x78/0x1c8 [ 104.028487][ C0] call_on_irq_stack+0x24/0x4c [ 104.029792][ C0] do_interrupt_handler+0x6c/0x88 [ 104.031147][ C0] el1_interrupt+0x30/0x58 [ 104.032350][ C0] el1h_64_irq_handler+0x18/0x24 [ 104.033674][ C0] el1h_64_irq+0x78/0x7c [ 104.034860][ C0] arch_local_irq_restore+0x8/0x10 [ 104.036279][ C0] ___might_sleep+0x98/0x4d4 [ 104.037541][ C0] alloc_counters+0x5d8/0x7a4 [ 104.038798][ C0] do_ipt_get_ctl+0xaf4/0x13a8 [ 104.040111][ C0] nf_getsockopt+0x264/0x284 [ 104.041374][ C0] ip_getsockopt+0xffc/0x158c [ 104.042672][ C0] tcp_getsockopt+0x214/0x2e74 [ 104.043997][ C0] sock_common_getsockopt+0xa8/0xc4 [ 104.045430][ C0] __sys_getsockopt+0x1e0/0x45c [ 104.046811][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 104.048266][ C0] invoke_syscall+0x98/0x2b8 [ 104.049495][ C0] el0_svc_common+0x138/0x258 [ 104.050733][ C0] do_el0_svc+0x58/0x14c [ 104.051894][ C0] el0_svc+0x78/0x1e0 [ 104.052983][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 104.054420][ C0] el0t_64_sync+0x1a0/0x1a4 [ 104.055605][ C0] irq event stamp: 180902 [ 104.056782][ C0] hardirqs last enabled at (180901): [] alloc_counters+0x3d4/0x7a4 [ 104.059365][ C0] hardirqs last disabled at (180902): [] enter_el1_irq_or_nmi+0x10/0x1c [ 104.062017][ C0] softirqs last enabled at (180878): [] release_sock+0x1d0/0x258 [ 104.064568][ C0] softirqs last disabled at (180876): [] release_sock+0x34/0x258 [ 104.067074][ C0] ---[ end trace 381ec441ce78a651 ]--- [ 104.102817][ T136] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.104858][ T136] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.107369][ T136] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.109366][ T136] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.111722][ T136] device bridge_slave_1 left promiscuous mode [ 104.115963][ T136] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.119092][ T4882] loop0: detected capacity change from 0 to 128 [ 104.124490][ T4882] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 104.126408][ T4882] Bad inode number on dev loop0: 2 is out of range [ 104.128136][ T4882] SysV FS: get root inode failed [ 104.129582][ T4882] oldfs: cannot read superblock [ 104.139494][ C0] ------------[ cut here ]------------ [ 104.140955][ C0] VFS: brelse: Trying to free free buffer [ 104.142584][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 104.145029][ C0] Modules linked in: [ 104.146142][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 104.148813][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 104.151534][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.153629][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 104.155106][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 104.156553][ C0] sp : ffff800008007de0 [ 104.157648][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859053 [ 104.159823][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 104.162009][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0680888 [ 104.164159][ C0] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000010002 [ 104.166337][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 104.168450][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 104.170637][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 104.172757][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 104.174876][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 104.177061][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 104.179218][ C0] Call trace: [ 104.180075][ C0] invalidate_bh_lru+0x128/0x234 [ 104.181410][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 104.182996][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 104.184917][ C0] ipi_handler+0x108/0x70c [ 104.186117][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 104.187569][ C0] handle_domain_irq+0x144/0x1fc [ 104.188931][ C0] gic_handle_irq+0x78/0x1c8 [ 104.190202][ C0] call_on_irq_stack+0x24/0x4c [ 104.191496][ C0] do_interrupt_handler+0x6c/0x88 [ 104.192878][ C0] el1_interrupt+0x30/0x58 [ 104.194106][ C0] el1h_64_irq_handler+0x18/0x24 [ 104.195414][ C0] el1h_64_irq+0x78/0x7c [ 104.196613][ C0] lock_release+0x4a0/0x8e8 [ 104.197849][ C0] rcu_lock_release+0x2c/0x38 [ 104.199137][ C0] dput+0x3fc/0x458 [ 104.200130][ C0] __fput+0x494/0x7f8 [ 104.201199][ C0] ____fput+0x20/0x30 [ 104.202265][ C0] task_work_run+0x12c/0x1e0 [ 104.203447][ C0] do_notify_resume+0x24b4/0x3128 [ 104.204726][ C0] el0_svc+0xf0/0x1e0 [ 104.205742][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 104.207110][ C0] el0t_64_sync+0x1a0/0x1a4 [ 104.208277][ C0] irq event stamp: 183304 [ 104.209416][ C0] hardirqs last enabled at (183303): [] call_rcu+0x56c/0x8f0 [ 104.211814][ C0] hardirqs last disabled at (183304): [] enter_el1_irq_or_nmi+0x10/0x1c [ 104.214494][ C0] softirqs last enabled at (182562): [] local_bh_enable+0x10/0x34 [ 104.217145][ C0] softirqs last disabled at (182560): [] local_bh_disable+0x10/0x34 [ 104.219633][ C0] ---[ end trace 381ec441ce78a652 ]--- [ 104.244038][ T136] device bridge_slave_0 left promiscuous mode [ 104.245884][ T136] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.269621][ T4884] loop0: detected capacity change from 0 to 128 [ 104.276004][ T4884] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 104.277989][ T4884] Bad inode number on dev loop0: 2 is out of range [ 104.279776][ T4884] SysV FS: get root inode failed [ 104.281043][ T4884] oldfs: cannot read superblock [ 104.288233][ C1] ------------[ cut here ]------------ [ 104.289755][ C1] VFS: brelse: Trying to free free buffer [ 104.291413][ C1] WARNING: CPU: 1 PID: 136 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 104.293744][ C1] Modules linked in: [ 104.294780][ C1] CPU: 1 PID: 136 Comm: kworker/u4:1 Tainted: G W 5.15.181-syzkaller #0 [ 104.297314][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 104.300071][ C1] Workqueue: netns cleanup_net [ 104.301423][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.303525][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 104.305019][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 104.306420][ C1] sp : ffff800008017de0 [ 104.307561][ C1] x29: ffff800008017de0 x28: ffff0000c2580000 x27: 1fffe0003685d253 [ 104.309919][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 104.312077][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dbe12970 [ 104.314201][ C1] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000010203 [ 104.316450][ C1] x17: 0000000000010203 x16: ffff8000111a3970 x15: 00000000ffffffff [ 104.318656][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 104.320918][ C1] x11: 0000000000010202 x10: 0000000000010202 x9 : 8841bae52022cd00 [ 104.323155][ C1] x8 : 8841bae52022cd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 104.325374][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 104.327545][ C1] x2 : 0000000000000001 x1 : 0000000100010202 x0 : 0000000000000027 [ 104.329668][ C1] Call trace: [ 104.330563][ C1] invalidate_bh_lru+0x128/0x234 [ 104.331865][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 104.333473][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 104.335403][ C1] ipi_handler+0x108/0x70c [ 104.336586][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 104.338096][ C1] handle_domain_irq+0x144/0x1fc [ 104.339414][ C1] gic_handle_irq+0x78/0x1c8 [ 104.340647][ C1] call_on_irq_stack+0x24/0x4c [ 104.341982][ C1] do_interrupt_handler+0x6c/0x88 [ 104.343293][ C1] el1_interrupt+0x30/0x58 [ 104.344522][ C1] el1h_64_irq_handler+0x18/0x24 [ 104.345997][ C1] el1h_64_irq+0x78/0x7c [ 104.347130][ C1] __netif_schedule+0x1ac/0x228 [ 104.348437][ C1] netif_schedule_queue+0x158/0x268 [ 104.349893][ C1] dev_deactivate_many+0x4bc/0xbac [ 104.351248][ C1] __dev_close_many+0x250/0x3a8 [ 104.352551][ C1] dev_close_many+0x1e8/0x440 [ 104.353814][ C1] unregister_netdevice_many+0x3d4/0x17d0 [ 104.355381][ C1] default_device_exit_batch+0x444/0x4a4 [ 104.356968][ C1] cleanup_net+0x644/0xa98 [ 104.358161][ C1] process_one_work+0x79c/0x1140 [ 104.359525][ C1] worker_thread+0x8f4/0x101c [ 104.360734][ C1] kthread+0x374/0x454 [ 104.361882][ C1] ret_from_fork+0x10/0x20 [ 104.363173][ C1] irq event stamp: 945855 [ 104.364252][ C1] hardirqs last enabled at (945854): [] __netif_schedule+0x18c/0x228 [ 104.366858][ C1] hardirqs last disabled at (945855): [] enter_el1_irq_or_nmi+0x10/0x1c [ 104.369605][ C1] softirqs last enabled at (945848): [] handle_softirqs+0xa4c/0xbf0 [ 104.372232][ C1] softirqs last disabled at (945850): [] local_bh_disable+0x10/0x34 [ 104.374833][ C1] ---[ end trace 381ec441ce78a653 ]--- [ 104.412674][ T4045] Bluetooth: hci0: command 0x0419 tx timeout [ 104.463129][ T136] device veth1_macvtap left promiscuous mode [ 104.464738][ T136] device veth0_macvtap left promiscuous mode [ 104.466398][ T136] device veth1_vlan left promiscuous mode [ 104.468000][ T136] device veth0_vlan left promiscuous mode [ 104.496940][ T4886] loop0: detected capacity change from 0 to 128 [ 104.540492][ T4886] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 104.550291][ T4886] Bad inode number on dev loop0: 2 is out of range [ 104.552063][ T4886] SysV FS: get root inode failed [ 104.554086][ T4886] oldfs: cannot read superblock [ 104.555577][ T4886] ------------[ cut here ]------------ [ 104.557014][ T4886] VFS: brelse: Trying to free free buffer [ 104.558605][ T4886] WARNING: CPU: 1 PID: 4886 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 104.561154][ T4886] Modules linked in: [ 104.562223][ T4886] CPU: 1 PID: 4886 Comm: syz.0.23 Tainted: G W 5.15.181-syzkaller #0 [ 104.564732][ T4886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 104.567472][ T4886] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.569574][ T4886] pc : invalidate_bh_lru+0x128/0x234 [ 104.570957][ T4886] lr : invalidate_bh_lru+0x128/0x234 [ 104.572348][ T4886] sp : ffff80001f2f76e0 [ 104.573432][ T4886] x29: ffff80001f2f76e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 104.575660][ T4886] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 104.577822][ T4886] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dbe12d10 [ 104.579943][ T4886] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 104.582104][ T4886] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 104.584279][ T4886] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 104.586408][ T4886] x11: 0000000000000002 x10: 0000000000000000 x9 : 5ffbb8b63838fa00 [ 104.588541][ T4886] x8 : 5ffbb8b63838fa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 104.590641][ T4886] x5 : ffff80001f2f6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 104.592831][ T4886] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 104.595008][ T4886] Call trace: [ 104.595851][ T4886] invalidate_bh_lru+0x128/0x234 [ 104.597148][ T4886] smp_call_function_many_cond+0xa50/0xeb0 [ 104.598708][ T4886] on_each_cpu_cond_mask+0x5c/0xc4 [ 104.600102][ T4886] invalidate_bh_lrus+0x34/0x40 [ 104.601376][ T4886] blkdev_flush_mapping+0x168/0x31c [ 104.602842][ T4886] blkdev_put+0x490/0x6ac [ 104.604016][ T4886] kill_block_super+0x98/0xdc [ 104.605238][ T4886] deactivate_locked_super+0xb8/0x13c [ 104.606636][ T4886] mount_bdev+0x284/0x358 [ 104.607814][ T4886] sysv_mount+0x44/0x58 [ 104.608925][ T4886] legacy_get_tree+0xd4/0x16c [ 104.610218][ T4886] vfs_get_tree+0x90/0x274 [ 104.611450][ T4886] do_new_mount+0x228/0x810 [ 104.612670][ T4886] path_mount+0x5b4/0x1000 [ 104.613853][ T4886] __arm64_sys_mount+0x514/0x5e4 [ 104.615198][ T4886] invoke_syscall+0x98/0x2b8 [ 104.616447][ T4886] el0_svc_common+0x138/0x258 [ 104.617669][ T4886] do_el0_svc+0x58/0x14c [ 104.618844][ T4886] el0_svc+0x78/0x1e0 [ 104.619866][ T4886] el0t_64_sync_handler+0xcc/0xe4 [ 104.621205][ T4886] el0t_64_sync+0x1a0/0x1a4 [ 104.622393][ T4886] irq event stamp: 1172 [ 104.623485][ T4886] hardirqs last enabled at (1171): [] kasan_quarantine_put+0xc4/0x204 [ 104.626156][ T4886] hardirqs last disabled at (1172): [] smp_call_function_many_cond+0xa44/0xeb0 [ 104.629013][ T4886] softirqs last enabled at (1150): [] handle_softirqs+0xa4c/0xbf0 [ 104.631605][ T4886] softirqs last disabled at (1139): [] __irq_exit_rcu+0x240/0x440 [ 104.634165][ T4886] ---[ end trace 381ec441ce78a654 ]--- [ 104.754759][ T4888] loop0: detected capacity change from 0 to 128 [ 104.758857][ T4888] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 104.760729][ T4888] Bad inode number on dev loop0: 2 is out of range [ 104.762305][ T4888] SysV FS: get root inode failed [ 104.765441][ T4888] oldfs: cannot read superblock [ 104.799246][ C0] ------------[ cut here ]------------ [ 104.800682][ C0] VFS: brelse: Trying to free free buffer [ 104.802204][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 104.804426][ C0] Modules linked in: [ 104.805459][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 104.807991][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 104.810628][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.812708][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 104.814109][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 104.815501][ C0] sp : ffff800008007de0 [ 104.816593][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 104.818749][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 104.820912][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0680c28 [ 104.823036][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 104.825201][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 104.827429][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 104.829416][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 104.831433][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 104.833568][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 104.835676][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 104.837814][ C0] Call trace: [ 104.838673][ C0] invalidate_bh_lru+0x128/0x234 [ 104.839889][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 104.841510][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 104.843482][ C0] ipi_handler+0x108/0x70c [ 104.844670][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 104.846178][ C0] handle_domain_irq+0x144/0x1fc [ 104.847548][ C0] gic_handle_irq+0x78/0x1c8 [ 104.848798][ C0] call_on_irq_stack+0x24/0x4c [ 104.850064][ C0] do_interrupt_handler+0x6c/0x88 [ 104.851375][ C0] el1_interrupt+0x30/0x58 [ 104.852510][ C0] el1h_64_irq_handler+0x18/0x24 [ 104.853941][ C0] el1h_64_irq+0x78/0x7c [ 104.855119][ C0] get_page_from_freelist+0x2244/0x2aa8 [ 104.856598][ C0] __alloc_pages+0x1a0/0x470 [ 104.857820][ C0] alloc_pages+0x34c/0x5c0 [ 104.859060][ C0] __vmalloc_node_range+0x514/0x8d8 [ 104.860400][ C0] vzalloc+0x118/0x190 [ 104.861448][ C0] alloc_counters+0x84/0x7a4 [ 104.862653][ C0] do_ip6t_get_ctl+0xaf4/0x13a8 [ 104.863976][ C0] nf_getsockopt+0x264/0x284 [ 104.865183][ C0] ipv6_getsockopt+0x52c/0x2584 [ 104.866514][ C0] tcp_getsockopt+0x214/0x2e74 [ 104.867799][ C0] sock_common_getsockopt+0xa8/0xc4 [ 104.869245][ C0] __sys_getsockopt+0x1e0/0x45c [ 104.870533][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 104.871939][ C0] invoke_syscall+0x98/0x2b8 [ 104.873185][ C0] el0_svc_common+0x138/0x258 [ 104.874426][ C0] do_el0_svc+0x58/0x14c [ 104.875589][ C0] el0_svc+0x78/0x1e0 [ 104.876705][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 104.878012][ C0] el0t_64_sync+0x1a0/0x1a4 [ 104.879232][ C0] irq event stamp: 197568 [ 104.880361][ C0] hardirqs last enabled at (197567): [] get_page_from_freelist+0x2234/0x2aa8 [ 104.883276][ C0] hardirqs last disabled at (197568): [] enter_el1_irq_or_nmi+0x10/0x1c [ 104.885996][ C0] softirqs last enabled at (197336): [] release_sock+0x1d0/0x258 [ 104.888645][ C0] softirqs last disabled at (197334): [] release_sock+0x34/0x258 [ 104.891193][ C0] ---[ end trace 381ec441ce78a655 ]--- [ 104.925029][ T136] team0 (unregistering): Port device team_slave_1 removed [ 104.938263][ T136] team0 (unregistering): Port device team_slave_0 removed [ 104.942366][ T4892] loop0: detected capacity change from 0 to 128 [ 104.952358][ T136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 104.966426][ T4892] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 104.968377][ T4892] Bad inode number on dev loop0: 2 is out of range [ 104.970084][ T4892] SysV FS: get root inode failed [ 104.971394][ T4892] oldfs: cannot read superblock [ 104.981042][ T4452] ------------[ cut here ]------------ [ 104.982523][ T4452] VFS: brelse: Trying to free free buffer [ 104.984147][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 104.986608][ T4452] Modules linked in: [ 104.987629][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 104.990136][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 104.992857][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.995111][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 104.996547][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 104.998087][ T4452] sp : ffff80001f2077c0 [ 104.999229][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 105.001300][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 105.003420][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaae400 [ 105.005529][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 105.007698][ T4452] x17: 0000000000000000 x16: ffff8000083007d8 x15: 00000000ffffffff [ 105.009858][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 105.012007][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 105.014157][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 105.016265][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff8000083008e8 [ 105.018452][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 105.020577][ T4452] Call trace: [ 105.021473][ T4452] invalidate_bh_lru+0x128/0x234 [ 105.022771][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 105.024291][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 105.025637][ T4452] invalidate_bh_lrus+0x34/0x40 [ 105.026952][ T4452] blkdev_flush_mapping+0x168/0x31c [ 105.028398][ T4452] blkdev_put+0x490/0x6ac [ 105.029550][ T4452] blkdev_close+0x74/0xb0 [ 105.030685][ T4452] __fput+0x1c0/0x7f8 [ 105.031755][ T4452] ____fput+0x20/0x30 [ 105.032780][ T4452] task_work_run+0x12c/0x1e0 [ 105.033972][ T4452] do_notify_resume+0x24b4/0x3128 [ 105.035311][ T4452] el0_svc+0xf0/0x1e0 [ 105.036336][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 105.037717][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 105.038957][ T4452] irq event stamp: 117822 [ 105.040081][ T4452] hardirqs last enabled at (117821): [] kasan_quarantine_put+0xc4/0x204 [ 105.042812][ T4452] hardirqs last disabled at (117822): [] smp_call_function_many_cond+0xa44/0xeb0 [ 105.045691][ T4452] softirqs last enabled at (117570): [] local_bh_enable+0x10/0x34 [ 105.048193][ T4452] softirqs last disabled at (117568): [] local_bh_disable+0x10/0x34 [ 105.050735][ T4452] ---[ end trace 381ec441ce78a656 ]--- [ 105.057601][ T136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 105.108459][ T4894] loop0: detected capacity change from 0 to 128 [ 105.121907][ T4894] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 105.124728][ T4894] Bad inode number on dev loop0: 2 is out of range [ 105.126559][ T4894] SysV FS: get root inode failed [ 105.128036][ T4894] oldfs: cannot read superblock [ 105.139904][ C0] ------------[ cut here ]------------ [ 105.141425][ C0] VFS: brelse: Trying to free free buffer [ 105.143072][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 105.145485][ C0] Modules linked in: [ 105.146519][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 105.149098][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 105.151830][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 105.153904][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 105.155378][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 105.156848][ C0] sp : ffff800008007de0 [ 105.158005][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 105.160160][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 105.162273][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e153d6b8 [ 105.164404][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 105.166604][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 105.168799][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 105.171024][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 105.173125][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 105.175254][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 105.177471][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 105.179610][ C0] Call trace: [ 105.180503][ C0] invalidate_bh_lru+0x128/0x234 [ 105.181887][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 105.183473][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 105.185577][ C0] ipi_handler+0x108/0x70c [ 105.186757][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 105.188238][ C0] handle_domain_irq+0x144/0x1fc [ 105.189581][ C0] gic_handle_irq+0x78/0x1c8 [ 105.190767][ C0] call_on_irq_stack+0x24/0x4c [ 105.192047][ C0] do_interrupt_handler+0x6c/0x88 [ 105.193370][ C0] el1_interrupt+0x30/0x58 [ 105.194577][ C0] el1h_64_irq_handler+0x18/0x24 [ 105.195896][ C0] el1h_64_irq+0x78/0x7c [ 105.197057][ C0] ___cache_free+0x64/0x1bc [ 105.198250][ C0] qlink_free+0x5c/0xa4 [ 105.199374][ C0] qlist_free_all+0x40/0xa8 [ 105.200573][ C0] kasan_quarantine_reduce+0x124/0x130 [ 105.202016][ C0] __kasan_slab_alloc+0x34/0xcc [ 105.203310][ C0] slab_post_alloc_hook+0x74/0x408 [ 105.204694][ C0] kmem_cache_alloc+0x1e0/0x3e4 [ 105.205995][ C0] pte_alloc_one+0x78/0x258 [ 105.207203][ C0] __pte_alloc+0x34/0x21c [ 105.208364][ C0] copy_page_range+0x1da8/0x22b8 [ 105.209663][ C0] copy_mm+0x9c8/0x1084 [ 105.210730][ C0] copy_process+0x14d4/0x34ec [ 105.211969][ C0] kernel_clone+0x1d8/0x9d4 [ 105.213160][ C0] __arm64_sys_clone+0x138/0x190 [ 105.214474][ C0] invoke_syscall+0x98/0x2b8 [ 105.215690][ C0] el0_svc_common+0x138/0x258 [ 105.216945][ C0] do_el0_svc+0x58/0x14c [ 105.218091][ C0] el0_svc+0x78/0x1e0 [ 105.219128][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 105.220462][ C0] el0t_64_sync+0x1a0/0x1a4 [ 105.221680][ C0] irq event stamp: 203930 [ 105.222839][ C0] hardirqs last enabled at (203929): [] put_cpu_partial+0x188/0x218 [ 105.225513][ C0] hardirqs last disabled at (203930): [] enter_el1_irq_or_nmi+0x10/0x1c [ 105.228308][ C0] softirqs last enabled at (203636): [] local_bh_enable+0x10/0x34 [ 105.230917][ C0] softirqs last disabled at (203634): [] local_bh_disable+0x10/0x34 [ 105.233523][ C0] ---[ end trace 381ec441ce78a657 ]--- [ 105.277570][ T4896] loop0: detected capacity change from 0 to 128 [ 105.316148][ T4896] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 105.318184][ T4896] Bad inode number on dev loop0: 2 is out of range [ 105.319942][ T4896] SysV FS: get root inode failed [ 105.321226][ T4896] oldfs: cannot read superblock [ 105.323430][ T136] bond0 (unregistering): Released all slaves [ 105.325746][ T4896] ------------[ cut here ]------------ [ 105.327254][ T4896] VFS: brelse: Trying to free free buffer [ 105.328857][ T4896] WARNING: CPU: 1 PID: 4896 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 105.331185][ T4896] Modules linked in: [ 105.332207][ T4896] CPU: 1 PID: 4896 Comm: syz.0.28 Tainted: G W 5.15.181-syzkaller #0 [ 105.334778][ T4896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 105.337404][ T4896] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 105.339537][ T4896] pc : invalidate_bh_lru+0x128/0x234 [ 105.340967][ T4896] lr : invalidate_bh_lru+0x128/0x234 [ 105.342459][ T4896] sp : ffff80001bc376e0 [ 105.343583][ T4896] x29: ffff80001bc376e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 105.345781][ T4896] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 105.347944][ T4896] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaae7a0 [ 105.350056][ T4896] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 105.352261][ T4896] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 105.354368][ T4896] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 105.356612][ T4896] x11: 0000000000000002 x10: 0000000000000000 x9 : 4c71348ec092db00 [ 105.358715][ T4896] x8 : 4c71348ec092db00 x7 : 0000000000000001 x6 : 0000000000000001 [ 105.360924][ T4896] x5 : ffff80001bc36fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 105.363097][ T4896] x2 : 0000000000000001 x1 : 0000000000000002 x0 : 0000000000000027 [ 105.365358][ T4896] Call trace: [ 105.366306][ T4896] invalidate_bh_lru+0x128/0x234 [ 105.367628][ T4896] smp_call_function_many_cond+0xa50/0xeb0 [ 105.369215][ T4896] on_each_cpu_cond_mask+0x5c/0xc4 [ 105.370603][ T4896] invalidate_bh_lrus+0x34/0x40 [ 105.371890][ T4896] blkdev_flush_mapping+0x168/0x31c [ 105.373321][ T4896] blkdev_put+0x490/0x6ac [ 105.374501][ T4896] kill_block_super+0x98/0xdc [ 105.375771][ T4896] deactivate_locked_super+0xb8/0x13c [ 105.377230][ T4896] mount_bdev+0x284/0x358 [ 105.378405][ T4896] sysv_mount+0x44/0x58 [ 105.379526][ T4896] legacy_get_tree+0xd4/0x16c [ 105.380771][ T4896] vfs_get_tree+0x90/0x274 [ 105.381945][ T4896] do_new_mount+0x228/0x810 [ 105.383129][ T4896] path_mount+0x5b4/0x1000 [ 105.384290][ T4896] __arm64_sys_mount+0x514/0x5e4 [ 105.385674][ T4896] invoke_syscall+0x98/0x2b8 [ 105.386922][ T4896] el0_svc_common+0x138/0x258 [ 105.388109][ T4896] do_el0_svc+0x58/0x14c [ 105.389224][ T4896] el0_svc+0x78/0x1e0 [ 105.390353][ T4896] el0t_64_sync_handler+0xcc/0xe4 [ 105.391765][ T4896] el0t_64_sync+0x1a0/0x1a4 [ 105.392958][ T4896] irq event stamp: 1584 [ 105.394074][ T4896] hardirqs last enabled at (1583): [] exit_to_kernel_mode+0xe0/0x168 [ 105.396778][ T4896] hardirqs last disabled at (1584): [] smp_call_function_many_cond+0xa44/0xeb0 [ 105.399561][ T4896] softirqs last enabled at (1556): [] handle_softirqs+0xa4c/0xbf0 [ 105.402157][ T4896] softirqs last disabled at (1543): [] __irq_exit_rcu+0x240/0x440 [ 105.404619][ T4896] ---[ end trace 381ec441ce78a658 ]--- [ 105.519470][ T4898] loop0: detected capacity change from 0 to 128 [ 105.594250][ T4898] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 105.596333][ T4898] Bad inode number on dev loop0: 2 is out of range [ 105.598592][ T4898] SysV FS: get root inode failed [ 105.599960][ T4898] oldfs: cannot read superblock [ 105.609645][ T4452] ------------[ cut here ]------------ [ 105.611102][ T4452] VFS: brelse: Trying to free free buffer [ 105.612729][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 105.615263][ T4452] Modules linked in: [ 105.616351][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 105.618807][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 105.621577][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 105.623749][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 105.625196][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 105.626616][ T4452] sp : ffff80001f2077c0 [ 105.627750][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d254 [ 105.629971][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 105.632144][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaaeb40 [ 105.634477][ T4452] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 105.636722][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 105.638961][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 105.641167][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 105.643303][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 105.645511][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 105.647745][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 105.649923][ T4452] Call trace: [ 105.650855][ T4452] invalidate_bh_lru+0x128/0x234 [ 105.652182][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 105.653745][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 105.655140][ T4452] invalidate_bh_lrus+0x34/0x40 [ 105.656474][ T4452] blkdev_flush_mapping+0x168/0x31c [ 105.657899][ T4452] blkdev_put+0x490/0x6ac [ 105.659068][ T4452] blkdev_close+0x74/0xb0 [ 105.660237][ T4452] __fput+0x1c0/0x7f8 [ 105.661291][ T4452] ____fput+0x20/0x30 [ 105.662386][ T4452] task_work_run+0x12c/0x1e0 [ 105.663631][ T4452] do_notify_resume+0x24b4/0x3128 [ 105.664972][ T4452] el0_svc+0xf0/0x1e0 [ 105.666054][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 105.667411][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 105.668588][ T4452] irq event stamp: 130646 [ 105.669699][ T4452] hardirqs last enabled at (130645): [] kasan_quarantine_put+0xc4/0x204 [ 105.672434][ T4452] hardirqs last disabled at (130646): [] smp_call_function_many_cond+0xa44/0xeb0 [ 105.675353][ T4452] softirqs last enabled at (129774): [] local_bh_enable+0x10/0x34 [ 105.677800][ T4452] softirqs last disabled at (129772): [] local_bh_disable+0x10/0x34 [ 105.680356][ T4452] ---[ end trace 381ec441ce78a659 ]--- [ 105.718376][ T4900] loop0: detected capacity change from 0 to 128 [ 105.757197][ T4900] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 105.759167][ T4900] Bad inode number on dev loop0: 2 is out of range [ 105.760880][ T4900] SysV FS: get root inode failed [ 105.762257][ T4900] oldfs: cannot read superblock [ 105.764957][ C1] ------------[ cut here ]------------ [ 105.766381][ C1] VFS: brelse: Trying to free free buffer [ 105.768006][ C1] WARNING: CPU: 1 PID: 3643 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 105.770411][ C1] Modules linked in: [ 105.771466][ C1] CPU: 1 PID: 3643 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 105.773843][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 105.776603][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 105.778659][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 105.780165][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 105.781563][ C1] sp : ffff800008017de0 [ 105.782704][ C1] x29: ffff800008017de0 x28: ffff0000d6758000 x27: 1fffe0003685d253 [ 105.784900][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 105.787095][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaaeee0 [ 105.789278][ C1] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000010002 [ 105.791468][ C1] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 105.793641][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 105.795966][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7ef049936ac40300 [ 105.798209][ C1] x8 : 7ef049936ac40300 x7 : 0000000000000001 x6 : 0000000000000001 [ 105.800336][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 105.802552][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 105.804683][ C1] Call trace: [ 105.805621][ C1] invalidate_bh_lru+0x128/0x234 [ 105.807033][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 105.808645][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 105.810598][ C1] ipi_handler+0x108/0x70c [ 105.811789][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 105.813310][ C1] handle_domain_irq+0x144/0x1fc [ 105.814618][ C1] gic_handle_irq+0x78/0x1c8 [ 105.815888][ C1] call_on_irq_stack+0x24/0x4c [ 105.817213][ C1] do_interrupt_handler+0x6c/0x88 [ 105.818584][ C1] el1_interrupt+0x30/0x58 [ 105.819785][ C1] el1h_64_irq_handler+0x18/0x24 [ 105.821141][ C1] el1h_64_irq+0x78/0x7c [ 105.822266][ C1] preempt_count_sub+0xb8/0x240 [ 105.823625][ C1] __d_lookup+0x528/0x6a8 [ 105.824816][ C1] lookup_fast+0xcc/0x588 [ 105.825918][ C1] walk_component+0x8c/0x3a8 [ 105.827198][ C1] link_path_walk+0x590/0xb8c [ 105.828457][ C1] path_lookupat+0x90/0x3d0 [ 105.829619][ C1] filename_lookup+0x180/0x414 [ 105.830951][ C1] user_path_at_empty+0x5c/0x1a0 [ 105.832336][ C1] do_readlinkat+0xd4/0x3e0 [ 105.833554][ C1] __arm64_sys_readlinkat+0x9c/0xb8 [ 105.834927][ C1] invoke_syscall+0x98/0x2b8 [ 105.836158][ C1] el0_svc_common+0x138/0x258 [ 105.837428][ C1] do_el0_svc+0x58/0x14c [ 105.838584][ C1] el0_svc+0x78/0x1e0 [ 105.839655][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 105.841051][ C1] el0t_64_sync+0x1a0/0x1a4 [ 105.842265][ C1] irq event stamp: 1124188 [ 105.843477][ C1] hardirqs last enabled at (1124187): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 105.846421][ C1] hardirqs last disabled at (1124188): [] enter_el1_irq_or_nmi+0x10/0x1c [ 105.849271][ C1] softirqs last enabled at (1123038): [] local_bh_enable+0x10/0x34 [ 105.851950][ C1] softirqs last disabled at (1123036): [] local_bh_disable+0x10/0x34 [ 105.854608][ C1] ---[ end trace 381ec441ce78a65a ]--- [ 105.989335][ T4902] loop0: detected capacity change from 0 to 128 [ 105.993439][ T4902] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 105.995534][ T4902] Bad inode number on dev loop0: 2 is out of range [ 105.998139][ T4902] SysV FS: get root inode failed [ 105.999583][ T4902] oldfs: cannot read superblock [ 106.005321][ T4452] ------------[ cut here ]------------ [ 106.006948][ T4452] VFS: brelse: Trying to free free buffer [ 106.008538][ T4452] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 106.010866][ T4452] Modules linked in: [ 106.011917][ T4452] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 106.014438][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 106.017157][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 106.019338][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 106.020731][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 106.022201][ T4452] sp : ffff80001f2077c0 [ 106.023357][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 106.025554][ T4452] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 106.027656][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e153da58 [ 106.029854][ T4452] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 106.031996][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 106.034090][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 106.036191][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 106.038395][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 106.040610][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 106.042792][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 106.044958][ T4452] Call trace: [ 106.045795][ T4452] invalidate_bh_lru+0x128/0x234 [ 106.047130][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 106.048707][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 106.050132][ T4452] invalidate_bh_lrus+0x34/0x40 [ 106.051417][ T4452] blkdev_flush_mapping+0x168/0x31c [ 106.052818][ T4452] blkdev_put+0x490/0x6ac [ 106.054034][ T4452] blkdev_close+0x74/0xb0 [ 106.055208][ T4452] __fput+0x1c0/0x7f8 [ 106.056265][ T4452] ____fput+0x20/0x30 [ 106.057395][ T4452] task_work_run+0x12c/0x1e0 [ 106.058612][ T4452] do_notify_resume+0x24b4/0x3128 [ 106.059973][ T4452] el0_svc+0xf0/0x1e0 [ 106.061054][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 106.062413][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 106.063688][ T4452] irq event stamp: 140178 [ 106.064854][ T4452] hardirqs last enabled at (140177): [] kasan_quarantine_put+0xc4/0x204 [ 106.067605][ T4452] hardirqs last disabled at (140178): [] smp_call_function_many_cond+0xa44/0xeb0 [ 106.070514][ T4452] softirqs last enabled at (139428): [] local_bh_enable+0x10/0x34 [ 106.073048][ T4452] softirqs last disabled at (139426): [] local_bh_disable+0x10/0x34 [ 106.075586][ T4452] ---[ end trace 381ec441ce78a65b ]--- [ 106.109536][ T4904] loop0: detected capacity change from 0 to 128 [ 106.118607][ T4904] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 106.120686][ T4904] Bad inode number on dev loop0: 2 is out of range [ 106.122933][ T4904] SysV FS: get root inode failed [ 106.124620][ T4904] oldfs: cannot read superblock [ 106.139894][ T4452] ------------[ cut here ]------------ [ 106.141338][ T4452] VFS: brelse: Trying to free free buffer [ 106.142896][ T4452] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 106.145346][ T4452] Modules linked in: [ 106.146409][ T4452] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 106.148836][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 106.151581][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 106.153728][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 106.155133][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 106.156557][ T4452] sp : ffff80001f2077c0 [ 106.157638][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe00036859054 [ 106.159765][ T4452] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 106.161912][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e153ddf8 [ 106.164046][ T4452] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 106.166085][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 106.168246][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 106.170303][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 106.172382][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 106.174472][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 106.176595][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 106.178734][ T4452] Call trace: [ 106.179620][ T4452] invalidate_bh_lru+0x128/0x234 [ 106.180964][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 106.182491][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 106.183834][ T4452] invalidate_bh_lrus+0x34/0x40 [ 106.185171][ T4452] blkdev_flush_mapping+0x168/0x31c [ 106.186560][ T4452] blkdev_put+0x490/0x6ac [ 106.187742][ T4452] blkdev_close+0x74/0xb0 [ 106.188913][ T4452] __fput+0x1c0/0x7f8 [ 106.190014][ T4452] ____fput+0x20/0x30 [ 106.191158][ T4452] task_work_run+0x12c/0x1e0 [ 106.192450][ T4452] do_notify_resume+0x24b4/0x3128 [ 106.193794][ T4452] el0_svc+0xf0/0x1e0 [ 106.194906][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 106.196253][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 106.197449][ T4452] irq event stamp: 146492 [ 106.198627][ T4452] hardirqs last enabled at (146491): [] kasan_quarantine_put+0xc4/0x204 [ 106.201367][ T4452] hardirqs last disabled at (146492): [] smp_call_function_many_cond+0xa44/0xeb0 [ 106.204247][ T4452] softirqs last enabled at (145142): [] local_bh_enable+0x10/0x34 [ 106.206727][ T4452] softirqs last disabled at (145140): [] local_bh_disable+0x10/0x34 [ 106.209418][ T4452] ---[ end trace 381ec441ce78a65c ]--- [ 106.248093][ T4906] loop0: detected capacity change from 0 to 128 [ 106.349564][ T4906] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 106.351640][ T4906] Bad inode number on dev loop0: 2 is out of range [ 106.353617][ T4906] SysV FS: get root inode failed [ 106.354967][ T4906] oldfs: cannot read superblock [ 106.360059][ T4452] ------------[ cut here ]------------ [ 106.361573][ T4452] VFS: brelse: Trying to free free buffer [ 106.363139][ T4452] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 106.365574][ T4452] Modules linked in: [ 106.366646][ T4452] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 106.369144][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 106.371843][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 106.373968][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 106.375377][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 106.376764][ T4452] sp : ffff80001f2077c0 [ 106.377868][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 106.380056][ T4452] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 106.382175][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e153e230 [ 106.384385][ T4452] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 106.386599][ T4452] x17: 0000000000000000 x16: ffff8000083007d8 x15: 00000000ffffffff [ 106.388763][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 106.390922][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 106.393126][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 106.395283][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff8000083008e8 [ 106.397474][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 106.399637][ T4452] Call trace: [ 106.400480][ T4452] invalidate_bh_lru+0x128/0x234 [ 106.401847][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 106.403451][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 106.404836][ T4452] invalidate_bh_lrus+0x34/0x40 [ 106.406248][ T4452] blkdev_flush_mapping+0x168/0x31c [ 106.407615][ T4452] blkdev_put+0x490/0x6ac [ 106.408758][ T4452] blkdev_close+0x74/0xb0 [ 106.409956][ T4452] __fput+0x1c0/0x7f8 [ 106.411030][ T4452] ____fput+0x20/0x30 [ 106.412106][ T4452] task_work_run+0x12c/0x1e0 [ 106.413385][ T4452] do_notify_resume+0x24b4/0x3128 [ 106.414709][ T4452] el0_svc+0xf0/0x1e0 [ 106.415749][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 106.417130][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 106.418332][ T4452] irq event stamp: 152586 [ 106.419448][ T4452] hardirqs last enabled at (152585): [] kasan_quarantine_put+0xc4/0x204 [ 106.422110][ T4452] hardirqs last disabled at (152586): [] smp_call_function_many_cond+0xa44/0xeb0 [ 106.424940][ T4452] softirqs last enabled at (151232): [] local_bh_enable+0x10/0x34 [ 106.427462][ T4452] softirqs last disabled at (151230): [] local_bh_disable+0x10/0x34 [ 106.430061][ T4452] ---[ end trace 381ec441ce78a65d ]--- [ 106.477401][ T4908] loop0: detected capacity change from 0 to 128 [ 106.516186][ T4908] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 106.518211][ T4908] Bad inode number on dev loop0: 2 is out of range [ 106.520190][ T4908] SysV FS: get root inode failed [ 106.521840][ T4908] oldfs: cannot read superblock [ 106.525998][ T4908] ------------[ cut here ]------------ [ 106.527423][ T4908] VFS: brelse: Trying to free free buffer [ 106.529003][ T4908] WARNING: CPU: 1 PID: 4908 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 106.531349][ T4908] Modules linked in: [ 106.532352][ T4908] CPU: 1 PID: 4908 Comm: syz.0.34 Tainted: G W 5.15.181-syzkaller #0 [ 106.534845][ T4908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 106.537518][ T4908] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 106.539658][ T4908] pc : invalidate_bh_lru+0x128/0x234 [ 106.541020][ T4908] lr : invalidate_bh_lru+0x128/0x234 [ 106.542432][ T4908] sp : ffff80001f3a76e0 [ 106.543529][ T4908] x29: ffff80001f3a76e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 106.545704][ T4908] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 106.547825][ T4908] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaaa318 [ 106.549982][ T4908] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 106.552070][ T4908] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 106.554203][ T4908] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 106.556312][ T4908] x11: 0000000000000002 x10: 0000000000000000 x9 : 86c94024f8db6100 [ 106.558418][ T4908] x8 : 86c94024f8db6100 x7 : 0000000000000001 x6 : 0000000000000001 [ 106.560563][ T4908] x5 : ffff80001f3a6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 106.562644][ T4908] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 106.564819][ T4908] Call trace: [ 106.565676][ T4908] invalidate_bh_lru+0x128/0x234 [ 106.566990][ T4908] smp_call_function_many_cond+0xa50/0xeb0 [ 106.568561][ T4908] on_each_cpu_cond_mask+0x5c/0xc4 [ 106.569926][ T4908] invalidate_bh_lrus+0x34/0x40 [ 106.571208][ T4908] blkdev_flush_mapping+0x168/0x31c [ 106.572573][ T4908] blkdev_put+0x490/0x6ac [ 106.573724][ T4908] kill_block_super+0x98/0xdc [ 106.574983][ T4908] deactivate_locked_super+0xb8/0x13c [ 106.576475][ T4908] mount_bdev+0x284/0x358 [ 106.577629][ T4908] sysv_mount+0x44/0x58 [ 106.578725][ T4908] legacy_get_tree+0xd4/0x16c [ 106.579988][ T4908] vfs_get_tree+0x90/0x274 [ 106.581152][ T4908] do_new_mount+0x228/0x810 [ 106.582389][ T4908] path_mount+0x5b4/0x1000 [ 106.583574][ T4908] __arm64_sys_mount+0x514/0x5e4 [ 106.584957][ T4908] invoke_syscall+0x98/0x2b8 [ 106.586166][ T4908] el0_svc_common+0x138/0x258 [ 106.587404][ T4908] do_el0_svc+0x58/0x14c [ 106.588537][ T4908] el0_svc+0x78/0x1e0 [ 106.589601][ T4908] el0t_64_sync_handler+0xcc/0xe4 [ 106.590907][ T4908] el0t_64_sync+0x1a0/0x1a4 [ 106.592139][ T4908] irq event stamp: 1230 [ 106.593202][ T4908] hardirqs last enabled at (1229): [] kasan_quarantine_put+0xc4/0x204 [ 106.595884][ T4908] hardirqs last disabled at (1230): [] smp_call_function_many_cond+0xa44/0xeb0 [ 106.598709][ T4908] softirqs last enabled at (1220): [] handle_softirqs+0xa4c/0xbf0 [ 106.601263][ T4908] softirqs last disabled at (1207): [] __irq_exit_rcu+0x240/0x440 [ 106.603770][ T4908] ---[ end trace 381ec441ce78a65e ]--- [ 106.729131][ T4910] loop0: detected capacity change from 0 to 128 [ 106.739158][ T4910] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 106.742113][ T4910] Bad inode number on dev loop0: 2 is out of range [ 106.744662][ T4910] SysV FS: get root inode failed [ 106.746101][ T4910] oldfs: cannot read superblock [ 106.751501][ T4452] ------------[ cut here ]------------ [ 106.752961][ T4452] VFS: brelse: Trying to free free buffer [ 106.754507][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 106.756782][ T4452] Modules linked in: [ 106.757793][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 106.760157][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 106.762740][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 106.764687][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 106.766038][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 106.767433][ T4452] sp : ffff80001f2077c0 [ 106.768636][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 106.770823][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 106.773102][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaaa6b8 [ 106.775324][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 106.777633][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 106.779825][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 106.782056][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 106.784241][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 106.786470][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 106.788688][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 106.790868][ T4452] Call trace: [ 106.791761][ T4452] invalidate_bh_lru+0x128/0x234 [ 106.793199][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 106.794846][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 106.796246][ T4452] invalidate_bh_lrus+0x34/0x40 [ 106.797589][ T4452] blkdev_flush_mapping+0x168/0x31c [ 106.799008][ T4452] blkdev_put+0x490/0x6ac [ 106.800208][ T4452] blkdev_close+0x74/0xb0 [ 106.801348][ T4452] __fput+0x1c0/0x7f8 [ 106.802426][ T4452] ____fput+0x20/0x30 [ 106.803494][ T4452] task_work_run+0x12c/0x1e0 [ 106.804757][ T4452] do_notify_resume+0x24b4/0x3128 [ 106.806220][ T4452] el0_svc+0xf0/0x1e0 [ 106.807339][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 106.808689][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 106.809926][ T4452] irq event stamp: 164036 [ 106.811135][ T4452] hardirqs last enabled at (164035): [] kasan_quarantine_put+0xc4/0x204 [ 106.813843][ T4452] hardirqs last disabled at (164036): [] smp_call_function_many_cond+0xa44/0xeb0 [ 106.816750][ T4452] softirqs last enabled at (162914): [] local_bh_enable+0x10/0x34 [ 106.819314][ T4452] softirqs last disabled at (162912): [] local_bh_disable+0x10/0x34 [ 106.821971][ T4452] ---[ end trace 381ec441ce78a65f ]--- [ 106.916910][ T4912] loop0: detected capacity change from 0 to 128 [ 106.937194][ T4912] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 106.939205][ T4912] Bad inode number on dev loop0: 2 is out of range [ 106.940869][ T4912] SysV FS: get root inode failed [ 106.942139][ T4912] oldfs: cannot read superblock [ 106.966481][ T4912] ------------[ cut here ]------------ [ 106.968017][ T4912] VFS: brelse: Trying to free free buffer [ 106.969539][ T4912] WARNING: CPU: 0 PID: 4912 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 106.971887][ T4912] Modules linked in: [ 106.972887][ T4912] CPU: 0 PID: 4912 Comm: syz.0.36 Tainted: G W 5.15.181-syzkaller #0 [ 106.975446][ T4912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 106.978158][ T4912] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 106.980330][ T4912] pc : invalidate_bh_lru+0x128/0x234 [ 106.981761][ T4912] lr : invalidate_bh_lru+0x128/0x234 [ 106.983222][ T4912] sp : ffff80001f3376e0 [ 106.984335][ T4912] x29: ffff80001f3376e0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 106.986616][ T4912] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 106.988798][ T4912] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e153e5d0 [ 106.990987][ T4912] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 106.993175][ T4912] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 106.995355][ T4912] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 106.997616][ T4912] x11: 0000000000000002 x10: 0000000000000000 x9 : 23eed373fe8e3800 [ 106.999822][ T4912] x8 : 23eed373fe8e3800 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.002026][ T4912] x5 : ffff80001f336fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 107.004239][ T4912] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 107.006532][ T4912] Call trace: [ 107.007402][ T4912] invalidate_bh_lru+0x128/0x234 [ 107.008728][ T4912] smp_call_function_many_cond+0xa50/0xeb0 [ 107.010160][ T4912] on_each_cpu_cond_mask+0x5c/0xc4 [ 107.011501][ T4912] invalidate_bh_lrus+0x34/0x40 [ 107.012721][ T4912] blkdev_flush_mapping+0x168/0x31c [ 107.013965][ T4912] blkdev_put+0x490/0x6ac [ 107.015045][ T4912] kill_block_super+0x98/0xdc [ 107.016191][ T4912] deactivate_locked_super+0xb8/0x13c [ 107.017746][ T4912] mount_bdev+0x284/0x358 [ 107.018942][ T4912] sysv_mount+0x44/0x58 [ 107.020056][ T4912] legacy_get_tree+0xd4/0x16c [ 107.021274][ T4912] vfs_get_tree+0x90/0x274 [ 107.022487][ T4912] do_new_mount+0x228/0x810 [ 107.023750][ T4912] path_mount+0x5b4/0x1000 [ 107.024949][ T4912] __arm64_sys_mount+0x514/0x5e4 [ 107.026245][ T4912] invoke_syscall+0x98/0x2b8 [ 107.027452][ T4912] el0_svc_common+0x138/0x258 [ 107.028732][ T4912] do_el0_svc+0x58/0x14c [ 107.029903][ T4912] el0_svc+0x78/0x1e0 [ 107.030999][ T4912] el0t_64_sync_handler+0xcc/0xe4 [ 107.032312][ T4912] el0t_64_sync+0x1a0/0x1a4 [ 107.033521][ T4912] irq event stamp: 1172 [ 107.034641][ T4912] hardirqs last enabled at (1171): [] kasan_quarantine_put+0xc4/0x204 [ 107.037309][ T4912] hardirqs last disabled at (1172): [] smp_call_function_many_cond+0xa44/0xeb0 [ 107.040160][ T4912] softirqs last enabled at (1162): [] handle_softirqs+0xa4c/0xbf0 [ 107.042745][ T4912] softirqs last disabled at (1055): [] __irq_exit_rcu+0x240/0x440 [ 107.045369][ T4912] ---[ end trace 381ec441ce78a660 ]--- [ 107.190412][ T4914] loop0: detected capacity change from 0 to 128 [ 107.194583][ T4914] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.196636][ T4914] Bad inode number on dev loop0: 2 is out of range [ 107.198339][ T4914] SysV FS: get root inode failed [ 107.199684][ T4914] oldfs: cannot read superblock [ 107.215341][ T4452] ------------[ cut here ]------------ [ 107.216863][ T4452] VFS: brelse: Trying to free free buffer [ 107.218430][ T4452] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.220742][ T4452] Modules linked in: [ 107.221779][ T4452] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 107.224299][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 107.227044][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.229121][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 107.230579][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 107.231965][ T4452] sp : ffff80001f2077c0 [ 107.233109][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe00036859054 [ 107.235320][ T4452] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 107.237408][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160e318 [ 107.239565][ T4452] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 107.241750][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 107.243840][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.246002][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 107.248219][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.250380][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 107.252622][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 107.254789][ T4452] Call trace: [ 107.255692][ T4452] invalidate_bh_lru+0x128/0x234 [ 107.257077][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 107.258691][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 107.260094][ T4452] invalidate_bh_lrus+0x34/0x40 [ 107.261427][ T4452] blkdev_flush_mapping+0x168/0x31c [ 107.262782][ T4452] blkdev_put+0x490/0x6ac [ 107.263939][ T4452] blkdev_close+0x74/0xb0 [ 107.265083][ T4452] __fput+0x1c0/0x7f8 [ 107.266200][ T4452] ____fput+0x20/0x30 [ 107.267296][ T4452] task_work_run+0x12c/0x1e0 [ 107.268553][ T4452] do_notify_resume+0x24b4/0x3128 [ 107.269915][ T4452] el0_svc+0xf0/0x1e0 [ 107.270954][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 107.272313][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 107.273504][ T4452] irq event stamp: 177660 [ 107.274610][ T4452] hardirqs last enabled at (177659): [] kasan_quarantine_put+0xc4/0x204 [ 107.277303][ T4452] hardirqs last disabled at (177660): [] smp_call_function_many_cond+0xa44/0xeb0 [ 107.280312][ T4452] softirqs last enabled at (176880): [] local_bh_enable+0x10/0x34 [ 107.282848][ T4452] softirqs last disabled at (176878): [] local_bh_disable+0x10/0x34 [ 107.285422][ T4452] ---[ end trace 381ec441ce78a661 ]--- [ 107.363964][ T4916] loop0: detected capacity change from 0 to 128 [ 107.396119][ T4916] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.398159][ T4916] Bad inode number on dev loop0: 2 is out of range [ 107.399826][ T4916] SysV FS: get root inode failed [ 107.401115][ T4916] oldfs: cannot read superblock [ 107.402447][ T4916] ------------[ cut here ]------------ [ 107.403926][ T4916] VFS: brelse: Trying to free free buffer [ 107.405504][ T4916] WARNING: CPU: 0 PID: 4916 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.407881][ T4916] Modules linked in: [ 107.408901][ T4916] CPU: 0 PID: 4916 Comm: syz.0.38 Tainted: G W 5.15.181-syzkaller #0 [ 107.411422][ T4916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 107.414033][ T4916] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.416156][ T4916] pc : invalidate_bh_lru+0x128/0x234 [ 107.417597][ T4916] lr : invalidate_bh_lru+0x128/0x234 [ 107.419033][ T4916] sp : ffff80001f6a76e0 [ 107.420078][ T4916] x29: ffff80001f6a76e0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 107.422243][ T4916] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 107.424417][ T4916] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160e5d0 [ 107.426691][ T4916] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 107.428750][ T4916] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 107.430881][ T4916] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.433019][ T4916] x11: 0000000000000002 x10: 0000000000000000 x9 : bce770fc0192da00 [ 107.435122][ T4916] x8 : bce770fc0192da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.437168][ T4916] x5 : ffff80001f6a6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 107.439263][ T4916] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 107.441334][ T4916] Call trace: [ 107.442235][ T4916] invalidate_bh_lru+0x128/0x234 [ 107.443567][ T4916] smp_call_function_many_cond+0xa50/0xeb0 [ 107.445135][ T4916] on_each_cpu_cond_mask+0x5c/0xc4 [ 107.446526][ T4916] invalidate_bh_lrus+0x34/0x40 [ 107.447814][ T4916] blkdev_flush_mapping+0x168/0x31c [ 107.449208][ T4916] blkdev_put+0x490/0x6ac [ 107.450348][ T4916] kill_block_super+0x98/0xdc [ 107.451597][ T4916] deactivate_locked_super+0xb8/0x13c [ 107.453040][ T4916] mount_bdev+0x284/0x358 [ 107.454164][ T4916] sysv_mount+0x44/0x58 [ 107.455288][ T4916] legacy_get_tree+0xd4/0x16c [ 107.456457][ T4916] vfs_get_tree+0x90/0x274 [ 107.457606][ T4916] do_new_mount+0x228/0x810 [ 107.458787][ T4916] path_mount+0x5b4/0x1000 [ 107.459954][ T4916] __arm64_sys_mount+0x514/0x5e4 [ 107.461253][ T4916] invoke_syscall+0x98/0x2b8 [ 107.462429][ T4916] el0_svc_common+0x138/0x258 [ 107.463599][ T4916] do_el0_svc+0x58/0x14c [ 107.464741][ T4916] el0_svc+0x78/0x1e0 [ 107.465883][ T4916] el0t_64_sync_handler+0xcc/0xe4 [ 107.467243][ T4916] el0t_64_sync+0x1a0/0x1a4 [ 107.468470][ T4916] irq event stamp: 1134 [ 107.469554][ T4916] hardirqs last enabled at (1133): [] kasan_quarantine_put+0xc4/0x204 [ 107.472206][ T4916] hardirqs last disabled at (1134): [] smp_call_function_many_cond+0xa44/0xeb0 [ 107.474950][ T4916] softirqs last enabled at (898): [] local_bh_enable+0x10/0x34 [ 107.477331][ T4916] softirqs last disabled at (896): [] local_bh_disable+0x10/0x34 [ 107.479684][ T4916] ---[ end trace 381ec441ce78a662 ]--- [ 107.580241][ T4918] loop0: detected capacity change from 0 to 128 [ 107.607130][ T4918] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.609119][ T4918] Bad inode number on dev loop0: 2 is out of range [ 107.610800][ T4918] SysV FS: get root inode failed [ 107.612042][ T4918] oldfs: cannot read superblock [ 107.621502][ C0] ------------[ cut here ]------------ [ 107.623370][ C0] VFS: brelse: Trying to free free buffer [ 107.624987][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.627480][ C0] Modules linked in: [ 107.628528][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 107.631133][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 107.633868][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.636077][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 107.637496][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 107.638901][ C0] sp : ffff800008007de0 [ 107.640015][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 107.642212][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 107.644362][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160eb40 [ 107.646576][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 107.648842][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 107.651099][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.653354][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 107.655588][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.657823][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 107.660064][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 107.662326][ C0] Call trace: [ 107.663257][ C0] invalidate_bh_lru+0x128/0x234 [ 107.664594][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 107.666303][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 107.668247][ C0] ipi_handler+0x108/0x70c [ 107.669462][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 107.671005][ C0] handle_domain_irq+0x144/0x1fc [ 107.672384][ C0] gic_handle_irq+0x78/0x1c8 [ 107.673682][ C0] call_on_irq_stack+0x24/0x4c [ 107.675054][ C0] do_interrupt_handler+0x6c/0x88 [ 107.676475][ C0] el1_interrupt+0x30/0x58 [ 107.677715][ C0] el1h_64_irq_handler+0x18/0x24 [ 107.679138][ C0] el1h_64_irq+0x78/0x7c [ 107.680253][ C0] __sanitizer_cov_trace_pc+0xa0/0xac [ 107.681786][ C0] arch_stack_walk+0x200/0x2b4 [ 107.683152][ C0] stack_trace_save+0x94/0xd8 [ 107.684462][ C0] __kasan_slab_alloc+0x8c/0xcc [ 107.685836][ C0] slab_post_alloc_hook+0x74/0x408 [ 107.687342][ C0] kmem_cache_alloc+0x1e0/0x3e4 [ 107.688726][ C0] getname_flags+0xb8/0x450 [ 107.689983][ C0] user_path_at_empty+0x40/0x1a0 [ 107.691401][ C0] __arm64_sys_umount+0xf4/0x178 [ 107.692788][ C0] invoke_syscall+0x98/0x2b8 [ 107.694081][ C0] el0_svc_common+0x138/0x258 [ 107.695344][ C0] do_el0_svc+0x58/0x14c [ 107.696489][ C0] el0_svc+0x78/0x1e0 [ 107.697593][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 107.699004][ C0] el0t_64_sync+0x1a0/0x1a4 [ 107.700284][ C0] irq event stamp: 243754 [ 107.701485][ C0] hardirqs last enabled at (243753): [] el0_svc_common+0x9c/0x258 [ 107.704115][ C0] hardirqs last disabled at (243754): [] enter_el1_irq_or_nmi+0x10/0x1c [ 107.706846][ C0] softirqs last enabled at (243652): [] local_bh_enable+0x10/0x34 [ 107.709468][ C0] softirqs last disabled at (243650): [] local_bh_disable+0x10/0x34 [ 107.712095][ C0] ---[ end trace 381ec441ce78a663 ]--- [ 107.778583][ T4920] loop0: detected capacity change from 0 to 128 [ 107.786854][ T4920] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.788909][ T4920] Bad inode number on dev loop0: 2 is out of range [ 107.790664][ T4920] SysV FS: get root inode failed [ 107.791973][ T4920] oldfs: cannot read superblock [ 107.799790][ T4602] ------------[ cut here ]------------ [ 107.801305][ T4602] VFS: brelse: Trying to free free buffer [ 107.802950][ T4602] WARNING: CPU: 1 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.805373][ T4602] Modules linked in: [ 107.806431][ T4602] CPU: 1 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 107.809102][ T4602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 107.811854][ T4602] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.813940][ T4602] pc : invalidate_bh_lru+0x128/0x234 [ 107.815440][ T4602] lr : invalidate_bh_lru+0x128/0x234 [ 107.816815][ T4602] sp : ffff80001f5277c0 [ 107.817931][ T4602] x29: ffff80001f5277c0 x28: ffff80001414d000 x27: 1fffe0003685d254 [ 107.820087][ T4602] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 107.822296][ T4602] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaaaa58 [ 107.824488][ T4602] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 107.826645][ T4602] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 107.828855][ T4602] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 107.831081][ T4602] x11: 0000000000000002 x10: 0000000000000000 x9 : cc8eef5962782100 [ 107.833293][ T4602] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 107.835408][ T4602] x5 : ffff80001f5270b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 107.837536][ T4602] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 107.839686][ T4602] Call trace: [ 107.840587][ T4602] invalidate_bh_lru+0x128/0x234 [ 107.841909][ T4602] smp_call_function_many_cond+0xa50/0xeb0 [ 107.843398][ T4602] on_each_cpu_cond_mask+0x5c/0xc4 [ 107.844769][ T4602] invalidate_bh_lrus+0x34/0x40 [ 107.846045][ T4602] blkdev_flush_mapping+0x168/0x31c [ 107.847436][ T4602] blkdev_put+0x490/0x6ac [ 107.848603][ T4602] blkdev_close+0x74/0xb0 [ 107.849787][ T4602] __fput+0x1c0/0x7f8 [ 107.850829][ T4602] ____fput+0x20/0x30 [ 107.851908][ T4602] task_work_run+0x12c/0x1e0 [ 107.853139][ T4602] do_notify_resume+0x24b4/0x3128 [ 107.854498][ T4602] el0_svc+0xf0/0x1e0 [ 107.855519][ T4602] el0t_64_sync_handler+0xcc/0xe4 [ 107.856857][ T4602] el0t_64_sync+0x1a0/0x1a4 [ 107.858126][ T4602] irq event stamp: 248168 [ 107.859309][ T4602] hardirqs last enabled at (248167): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 107.862167][ T4602] hardirqs last disabled at (248168): [] smp_call_function_many_cond+0xa44/0xeb0 [ 107.865020][ T4602] softirqs last enabled at (247216): [] local_bh_enable+0x10/0x34 [ 107.867521][ T4602] softirqs last disabled at (247214): [] local_bh_disable+0x10/0x34 [ 107.870098][ T4602] ---[ end trace 381ec441ce78a664 ]--- [ 107.941925][ T4922] loop0: detected capacity change from 0 to 128 [ 107.956162][ T4922] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 107.958116][ T4922] Bad inode number on dev loop0: 2 is out of range [ 107.959876][ T4922] SysV FS: get root inode failed [ 107.961230][ T4922] oldfs: cannot read superblock [ 107.973255][ T4452] ------------[ cut here ]------------ [ 107.974728][ T4452] VFS: brelse: Trying to free free buffer [ 107.976280][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 107.978657][ T4452] Modules linked in: [ 107.979657][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 107.982092][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 107.984745][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 107.986875][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 107.988249][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 107.989637][ T4452] sp : ffff80001f2077c0 [ 107.990711][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d254 [ 107.992837][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 107.995080][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaaadf8 [ 107.997276][ T4452] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 107.999467][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.001643][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.003889][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 108.006055][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.008145][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 108.010334][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 108.012477][ T4452] Call trace: [ 108.013374][ T4452] invalidate_bh_lru+0x128/0x234 [ 108.014621][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 108.016224][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 108.017622][ T4452] invalidate_bh_lrus+0x34/0x40 [ 108.018867][ T4452] blkdev_flush_mapping+0x168/0x31c [ 108.020270][ T4452] blkdev_put+0x490/0x6ac [ 108.021474][ T4452] blkdev_close+0x74/0xb0 [ 108.022656][ T4452] __fput+0x1c0/0x7f8 [ 108.023744][ T4452] ____fput+0x20/0x30 [ 108.024827][ T4452] task_work_run+0x12c/0x1e0 [ 108.026070][ T4452] do_notify_resume+0x24b4/0x3128 [ 108.027412][ T4452] el0_svc+0xf0/0x1e0 [ 108.028487][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 108.029859][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 108.031091][ T4452] irq event stamp: 196450 [ 108.032246][ T4452] hardirqs last enabled at (196449): [] kasan_quarantine_put+0xc4/0x204 [ 108.034942][ T4452] hardirqs last disabled at (196450): [] smp_call_function_many_cond+0xa44/0xeb0 [ 108.037774][ T4452] softirqs last enabled at (196314): [] handle_softirqs+0xa4c/0xbf0 [ 108.040429][ T4452] softirqs last disabled at (196211): [] __irq_exit_rcu+0x240/0x440 [ 108.042979][ T4452] ---[ end trace 381ec441ce78a665 ]--- 1970/01/01 00:01:48 executed programs: 29 [ 108.076624][ T4924] loop0: detected capacity change from 0 to 128 [ 108.081408][ T4924] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.090535][ T4924] Bad inode number on dev loop0: 2 is out of range [ 108.092253][ T4924] SysV FS: get root inode failed [ 108.100610][ T4924] oldfs: cannot read superblock [ 108.120598][ T4926] ------------[ cut here ]------------ [ 108.122124][ T4926] VFS: brelse: Trying to free free buffer [ 108.123718][ T4926] WARNING: CPU: 1 PID: 4926 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.126087][ T4926] Modules linked in: [ 108.127134][ T4926] CPU: 1 PID: 4926 Comm: syz.0.43 Tainted: G W 5.15.181-syzkaller #0 [ 108.129649][ T4926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 108.132311][ T4926] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.134380][ T4926] pc : invalidate_bh_lru+0x128/0x234 [ 108.135821][ T4926] lr : invalidate_bh_lru+0x128/0x234 [ 108.137217][ T4926] sp : ffff80001f6d77c0 [ 108.138268][ T4926] x29: ffff80001f6d77c0 x28: ffff80001414d000 x27: 1fffe0003685d254 [ 108.140440][ T4926] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 108.142520][ T4926] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa6230 [ 108.144581][ T4926] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 108.146682][ T4926] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.148765][ T4926] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.150892][ T4926] x11: 0000000000000002 x10: 0000000000000000 x9 : 233f033baf578700 [ 108.153029][ T4926] x8 : 233f033baf578700 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.155157][ T4926] x5 : ffff80001f6d70b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 108.157187][ T4926] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 108.159328][ T4926] Call trace: [ 108.160185][ T4926] invalidate_bh_lru+0x128/0x234 [ 108.161463][ T4926] smp_call_function_many_cond+0xa50/0xeb0 [ 108.163009][ T4926] on_each_cpu_cond_mask+0x5c/0xc4 [ 108.164380][ T4926] invalidate_bh_lrus+0x34/0x40 [ 108.165660][ T4926] blkdev_flush_mapping+0x168/0x31c [ 108.166996][ T4926] blkdev_put+0x490/0x6ac [ 108.168148][ T4926] blkdev_close+0x74/0xb0 [ 108.169287][ T4926] __fput+0x1c0/0x7f8 [ 108.170342][ T4926] ____fput+0x20/0x30 [ 108.171382][ T4926] task_work_run+0x12c/0x1e0 [ 108.172595][ T4926] do_notify_resume+0x24b4/0x3128 [ 108.173892][ T4926] el0_svc+0xf0/0x1e0 [ 108.174938][ T4926] el0t_64_sync_handler+0xcc/0xe4 [ 108.176224][ T4926] el0t_64_sync+0x1a0/0x1a4 [ 108.177410][ T4926] irq event stamp: 748 [ 108.178528][ T4926] hardirqs last enabled at (747): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 108.181223][ T4926] hardirqs last disabled at (748): [] smp_call_function_many_cond+0xa44/0xeb0 [ 108.183933][ T4926] softirqs last enabled at (720): [] local_bh_enable+0x10/0x34 [ 108.186446][ T4926] softirqs last disabled at (718): [] local_bh_disable+0x10/0x34 [ 108.188962][ T4926] ---[ end trace 381ec441ce78a666 ]--- [ 108.267730][ T4928] loop0: detected capacity change from 0 to 128 [ 108.271694][ T4928] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.275111][ T4928] Bad inode number on dev loop0: 2 is out of range [ 108.276846][ T4928] SysV FS: get root inode failed [ 108.278171][ T4928] oldfs: cannot read superblock [ 108.288937][ C0] ------------[ cut here ]------------ [ 108.290479][ C0] VFS: brelse: Trying to free free buffer [ 108.292060][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.294391][ C0] Modules linked in: [ 108.295412][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 108.298066][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 108.300784][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.302977][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 108.304414][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 108.305808][ C0] sp : ffff800008007de0 [ 108.306922][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 108.309140][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 108.311343][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160f400 [ 108.313448][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 108.315557][ C0] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.317636][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.319806][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : cc8eef5962782100 [ 108.322012][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.324235][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 108.326377][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 108.328544][ C0] Call trace: [ 108.329423][ C0] invalidate_bh_lru+0x128/0x234 [ 108.330745][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 108.332342][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.334222][ C0] ipi_handler+0x108/0x70c [ 108.335370][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 108.336770][ C0] handle_domain_irq+0x144/0x1fc [ 108.338099][ C0] gic_handle_irq+0x78/0x1c8 [ 108.339330][ C0] call_on_irq_stack+0x24/0x4c [ 108.340629][ C0] do_interrupt_handler+0x6c/0x88 [ 108.342030][ C0] el1_interrupt+0x30/0x58 [ 108.343215][ C0] el1h_64_irq_handler+0x18/0x24 [ 108.344502][ C0] el1h_64_irq+0x78/0x7c [ 108.345639][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 108.347211][ C0] cpu_cgroup_fork+0x64/0x90 [ 108.348423][ C0] cgroup_post_fork+0x264/0x62c [ 108.349768][ C0] copy_process+0x31a4/0x34ec [ 108.351019][ C0] kernel_clone+0x1d8/0x9d4 [ 108.352256][ C0] __arm64_sys_clone+0x138/0x190 [ 108.353564][ C0] invoke_syscall+0x98/0x2b8 [ 108.354757][ C0] el0_svc_common+0x138/0x258 [ 108.356021][ C0] do_el0_svc+0x58/0x14c [ 108.357197][ C0] el0_svc+0x78/0x1e0 [ 108.358224][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 108.359583][ C0] el0t_64_sync+0x1a0/0x1a4 [ 108.360790][ C0] irq event stamp: 261556 [ 108.361904][ C0] hardirqs last enabled at (261555): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 108.364830][ C0] hardirqs last disabled at (261556): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.367535][ C0] softirqs last enabled at (261358): [] local_bh_enable+0x10/0x34 [ 108.370033][ C0] softirqs last disabled at (261356): [] local_bh_disable+0x10/0x34 [ 108.372615][ C0] ---[ end trace 381ec441ce78a667 ]--- [ 108.406774][ T4930] loop0: detected capacity change from 0 to 128 [ 108.416660][ T4930] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.418680][ T4930] Bad inode number on dev loop0: 2 is out of range [ 108.420335][ T4930] SysV FS: get root inode failed [ 108.421600][ T4930] oldfs: cannot read superblock [ 108.427333][ C1] ------------[ cut here ]------------ [ 108.428837][ C1] VFS: brelse: Trying to free free buffer [ 108.430434][ C1] WARNING: CPU: 1 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.432830][ C1] Modules linked in: [ 108.433901][ C1] CPU: 1 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 108.436535][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 108.439222][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.441327][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 108.442757][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 108.444138][ C1] sp : ffff800008017de0 [ 108.445219][ C1] x29: ffff800008017de0 x28: ffff0000cd928000 x27: 1fffe0003685d254 [ 108.447361][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 108.449459][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa65d0 [ 108.451658][ C1] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 108.453799][ C1] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.455964][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.458024][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 108.460132][ C1] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.462227][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 108.464307][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 108.466377][ C1] Call trace: [ 108.467209][ C1] invalidate_bh_lru+0x128/0x234 [ 108.468517][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 108.470111][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 108.471960][ C1] ipi_handler+0x108/0x70c [ 108.473124][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 108.474569][ C1] handle_domain_irq+0x144/0x1fc [ 108.475884][ C1] gic_handle_irq+0x78/0x1c8 [ 108.477079][ C1] call_on_irq_stack+0x24/0x4c [ 108.478349][ C1] do_interrupt_handler+0x6c/0x88 [ 108.479720][ C1] el1_interrupt+0x30/0x58 [ 108.480905][ C1] el1h_64_irq_handler+0x18/0x24 [ 108.482212][ C1] el1h_64_irq+0x78/0x7c [ 108.483321][ C1] unwind_frame+0x6c/0x544 [ 108.484496][ C1] arch_stack_walk+0x200/0x2b4 [ 108.485768][ C1] stack_trace_save+0x94/0xd8 [ 108.486974][ C1] kasan_set_track+0x4c/0x84 [ 108.488238][ C1] kasan_set_free_info+0x28/0x4c [ 108.489558][ C1] ____kasan_slab_free+0x118/0x164 [ 108.490887][ C1] __kasan_slab_free+0x18/0x28 [ 108.492186][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 108.493702][ C1] kmem_cache_free+0xdc/0x3b4 [ 108.494941][ C1] do_unlinkat+0x568/0x600 [ 108.496088][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 108.497426][ C1] invoke_syscall+0x98/0x2b8 [ 108.498650][ C1] el0_svc_common+0x138/0x258 [ 108.499928][ C1] do_el0_svc+0x58/0x14c [ 108.501023][ C1] el0_svc+0x78/0x1e0 [ 108.502071][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 108.503395][ C1] el0t_64_sync+0x1a0/0x1a4 [ 108.504569][ C1] irq event stamp: 262460 [ 108.505715][ C1] hardirqs last enabled at (262459): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 108.508599][ C1] hardirqs last disabled at (262460): [] enter_el1_irq_or_nmi+0x10/0x1c [ 108.511244][ C1] softirqs last enabled at (261956): [] local_bh_enable+0x10/0x34 [ 108.513743][ C1] softirqs last disabled at (261954): [] local_bh_disable+0x10/0x34 [ 108.516348][ C1] ---[ end trace 381ec441ce78a668 ]--- [ 108.557691][ T4932] loop0: detected capacity change from 0 to 128 [ 108.561299][ T4932] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.564160][ T4932] Bad inode number on dev loop0: 2 is out of range [ 108.566097][ T4932] SysV FS: get root inode failed [ 108.567756][ T4932] oldfs: cannot read superblock [ 108.571753][ T4452] ------------[ cut here ]------------ [ 108.573233][ T4452] VFS: brelse: Trying to free free buffer [ 108.574858][ T4452] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.577206][ T4452] Modules linked in: [ 108.578245][ T4452] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 108.580701][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 108.583357][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.585445][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 108.586828][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 108.588232][ T4452] sp : ffff80001f2077c0 [ 108.589347][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 108.591430][ T4452] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 108.593608][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160f7a0 [ 108.595716][ T4452] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 108.597866][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.600029][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.602183][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 108.604301][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.606441][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 108.608587][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 108.610709][ T4452] Call trace: [ 108.611604][ T4452] invalidate_bh_lru+0x128/0x234 [ 108.612957][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 108.614529][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 108.615921][ T4452] invalidate_bh_lrus+0x34/0x40 [ 108.617207][ T4452] blkdev_flush_mapping+0x168/0x31c [ 108.618637][ T4452] blkdev_put+0x490/0x6ac [ 108.619838][ T4452] blkdev_close+0x74/0xb0 [ 108.621021][ T4452] __fput+0x1c0/0x7f8 [ 108.622119][ T4452] ____fput+0x20/0x30 [ 108.623191][ T4452] task_work_run+0x12c/0x1e0 [ 108.624370][ T4452] do_notify_resume+0x24b4/0x3128 [ 108.625650][ T4452] el0_svc+0xf0/0x1e0 [ 108.626683][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 108.628036][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 108.629205][ T4452] irq event stamp: 221044 [ 108.630336][ T4452] hardirqs last enabled at (221043): [] kasan_quarantine_put+0xc4/0x204 [ 108.633016][ T4452] hardirqs last disabled at (221044): [] smp_call_function_many_cond+0xa44/0xeb0 [ 108.635848][ T4452] softirqs last enabled at (219936): [] local_bh_enable+0x10/0x34 [ 108.638356][ T4452] softirqs last disabled at (219934): [] local_bh_disable+0x10/0x34 [ 108.640898][ T4452] ---[ end trace 381ec441ce78a669 ]--- [ 108.764994][ T4934] loop0: detected capacity change from 0 to 128 [ 108.770581][ T4934] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.772763][ T4934] Bad inode number on dev loop0: 2 is out of range [ 108.774692][ T4934] SysV FS: get root inode failed [ 108.776053][ T4934] oldfs: cannot read superblock [ 108.777399][ T4934] ------------[ cut here ]------------ [ 108.778897][ T4934] VFS: brelse: Trying to free free buffer [ 108.780472][ T4934] WARNING: CPU: 0 PID: 4934 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.782907][ T4934] Modules linked in: [ 108.783961][ T4934] CPU: 0 PID: 4934 Comm: syz.0.47 Tainted: G W 5.15.181-syzkaller #0 [ 108.786407][ T4934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 108.789096][ T4934] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.791126][ T4934] pc : invalidate_bh_lru+0x128/0x234 [ 108.792542][ T4934] lr : invalidate_bh_lru+0x128/0x234 [ 108.793958][ T4934] sp : ffff80001f6f76e0 [ 108.795059][ T4934] x29: ffff80001f6f76e0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 108.797206][ T4934] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 108.799319][ T4934] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160fb40 [ 108.801400][ T4934] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 108.803593][ T4934] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.805673][ T4934] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 108.807781][ T4934] x11: 0000000000000002 x10: 0000000000000000 x9 : f9cefac4eb674800 [ 108.809812][ T4934] x8 : f9cefac4eb674800 x7 : 0000000000000001 x6 : 0000000000000001 [ 108.811984][ T4934] x5 : ffff80001f6f6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 108.814064][ T4934] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 108.816159][ T4934] Call trace: [ 108.817017][ T4934] invalidate_bh_lru+0x128/0x234 [ 108.818294][ T4934] smp_call_function_many_cond+0xa50/0xeb0 [ 108.819889][ T4934] on_each_cpu_cond_mask+0x5c/0xc4 [ 108.821215][ T4934] invalidate_bh_lrus+0x34/0x40 [ 108.822498][ T4934] blkdev_flush_mapping+0x168/0x31c [ 108.823824][ T4934] blkdev_put+0x490/0x6ac [ 108.824970][ T4934] kill_block_super+0x98/0xdc [ 108.826183][ T4934] deactivate_locked_super+0xb8/0x13c [ 108.827587][ T4934] mount_bdev+0x284/0x358 [ 108.828702][ T4934] sysv_mount+0x44/0x58 [ 108.829781][ T4934] legacy_get_tree+0xd4/0x16c [ 108.831072][ T4934] vfs_get_tree+0x90/0x274 [ 108.832188][ T4934] do_new_mount+0x228/0x810 [ 108.833335][ T4934] path_mount+0x5b4/0x1000 [ 108.834498][ T4934] __arm64_sys_mount+0x514/0x5e4 [ 108.835798][ T4934] invoke_syscall+0x98/0x2b8 [ 108.837027][ T4934] el0_svc_common+0x138/0x258 [ 108.838238][ T4934] do_el0_svc+0x58/0x14c [ 108.839341][ T4934] el0_svc+0x78/0x1e0 [ 108.840377][ T4934] el0t_64_sync_handler+0xcc/0xe4 [ 108.841708][ T4934] el0t_64_sync+0x1a0/0x1a4 [ 108.842934][ T4934] irq event stamp: 1094 [ 108.843987][ T4934] hardirqs last enabled at (1093): [] kasan_quarantine_put+0xc4/0x204 [ 108.846575][ T4934] hardirqs last disabled at (1094): [] smp_call_function_many_cond+0xa44/0xeb0 [ 108.849375][ T4934] softirqs last enabled at (1052): [] handle_softirqs+0xa4c/0xbf0 [ 108.851899][ T4934] softirqs last disabled at (1043): [] __irq_exit_rcu+0x240/0x440 [ 108.854407][ T4934] ---[ end trace 381ec441ce78a66a ]--- [ 108.953245][ T4936] loop0: detected capacity change from 0 to 128 [ 108.964677][ T4936] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 108.966716][ T4936] Bad inode number on dev loop0: 2 is out of range [ 108.968442][ T4936] SysV FS: get root inode failed [ 108.969745][ T4936] oldfs: cannot read superblock [ 108.971087][ T4936] ------------[ cut here ]------------ [ 108.972486][ T4936] VFS: brelse: Trying to free free buffer [ 108.974064][ T4936] WARNING: CPU: 1 PID: 4936 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 108.976422][ T4936] Modules linked in: [ 108.977459][ T4936] CPU: 1 PID: 4936 Comm: syz.0.48 Tainted: G W 5.15.181-syzkaller #0 [ 108.980000][ T4936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 108.982691][ T4936] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 108.984782][ T4936] pc : invalidate_bh_lru+0x128/0x234 [ 108.986170][ T4936] lr : invalidate_bh_lru+0x128/0x234 [ 108.987577][ T4936] sp : ffff80001f3076e0 [ 108.988676][ T4936] x29: ffff80001f3076e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 108.990894][ T4936] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 108.993039][ T4936] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa6970 [ 108.995253][ T4936] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 108.997491][ T4936] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 108.999653][ T4936] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.001830][ T4936] x11: 0000000000000002 x10: 0000000000000000 x9 : 787435eb898af600 [ 109.003998][ T4936] x8 : 787435eb898af600 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.006150][ T4936] x5 : ffff80001f306fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 109.008339][ T4936] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 109.010412][ T4936] Call trace: [ 109.011295][ T4936] invalidate_bh_lru+0x128/0x234 [ 109.012638][ T4936] smp_call_function_many_cond+0xa50/0xeb0 [ 109.014209][ T4936] on_each_cpu_cond_mask+0x5c/0xc4 [ 109.015555][ T4936] invalidate_bh_lrus+0x34/0x40 [ 109.016914][ T4936] blkdev_flush_mapping+0x168/0x31c [ 109.018312][ T4936] blkdev_put+0x490/0x6ac [ 109.019446][ T4936] kill_block_super+0x98/0xdc [ 109.020724][ T4936] deactivate_locked_super+0xb8/0x13c [ 109.022200][ T4936] mount_bdev+0x284/0x358 [ 109.023365][ T4936] sysv_mount+0x44/0x58 [ 109.024463][ T4936] legacy_get_tree+0xd4/0x16c [ 109.025738][ T4936] vfs_get_tree+0x90/0x274 [ 109.027090][ T4936] do_new_mount+0x228/0x810 [ 109.028316][ T4936] path_mount+0x5b4/0x1000 [ 109.029574][ T4936] __arm64_sys_mount+0x514/0x5e4 [ 109.030936][ T4936] invoke_syscall+0x98/0x2b8 [ 109.032173][ T4936] el0_svc_common+0x138/0x258 [ 109.033425][ T4936] do_el0_svc+0x58/0x14c [ 109.034537][ T4936] el0_svc+0x78/0x1e0 [ 109.035674][ T4936] el0t_64_sync_handler+0xcc/0xe4 [ 109.037034][ T4936] el0t_64_sync+0x1a0/0x1a4 [ 109.038224][ T4936] irq event stamp: 1712 [ 109.039316][ T4936] hardirqs last enabled at (1711): [] kasan_quarantine_put+0xc4/0x204 [ 109.041959][ T4936] hardirqs last disabled at (1712): [] smp_call_function_many_cond+0xa44/0xeb0 [ 109.044747][ T4936] softirqs last enabled at (1430): [] local_bh_enable+0x10/0x34 [ 109.047289][ T4936] softirqs last disabled at (1428): [] local_bh_disable+0x10/0x34 [ 109.049729][ T4936] ---[ end trace 381ec441ce78a66b ]--- [ 109.117679][ T4938] loop0: detected capacity change from 0 to 128 [ 109.201123][ T4938] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.203222][ T4938] Bad inode number on dev loop0: 2 is out of range [ 109.204910][ T4938] SysV FS: get root inode failed [ 109.206177][ T4938] oldfs: cannot read superblock [ 109.213366][ C1] ------------[ cut here ]------------ [ 109.214884][ C1] VFS: brelse: Trying to free free buffer [ 109.216457][ C1] WARNING: CPU: 1 PID: 20 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.218738][ C1] Modules linked in: [ 109.219760][ C1] CPU: 1 PID: 20 Comm: ksoftirqd/1 Tainted: G W 5.15.181-syzkaller #0 [ 109.222282][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 109.224917][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.226964][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 109.228416][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 109.229780][ C1] sp : ffff800008017de0 [ 109.230882][ C1] x29: ffff800008017de0 x28: ffff0000c0a78000 x27: 1fffe0003685d254 [ 109.233014][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 109.235082][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa6d10 [ 109.237219][ C1] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000010102 [ 109.239399][ C1] x17: 0000000000010102 x16: ffff8000111a3970 x15: 00000000ffffffff [ 109.241573][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.243767][ C1] x11: 0000000000010101 x10: 0000000000010101 x9 : d63bb6ed5b281000 [ 109.245916][ C1] x8 : d63bb6ed5b281000 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.248020][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 109.250160][ C1] x2 : 0000000000000001 x1 : 0000000100010101 x0 : 0000000000000027 [ 109.252252][ C1] Call trace: [ 109.253149][ C1] invalidate_bh_lru+0x128/0x234 [ 109.254435][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 109.256017][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.257815][ C1] ipi_handler+0x108/0x70c [ 109.258977][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 109.260424][ C1] handle_domain_irq+0x144/0x1fc [ 109.261731][ C1] gic_handle_irq+0x78/0x1c8 [ 109.263012][ C1] call_on_irq_stack+0x24/0x4c [ 109.264249][ C1] do_interrupt_handler+0x6c/0x88 [ 109.265551][ C1] el1_interrupt+0x30/0x58 [ 109.266724][ C1] el1h_64_irq_handler+0x18/0x24 [ 109.268034][ C1] el1h_64_irq+0x78/0x7c [ 109.269172][ C1] arch_local_irq_restore+0x8/0x10 [ 109.270546][ C1] lockdep_rtnl_is_held+0x24/0x4c [ 109.271848][ C1] find_match+0xd0/0xb24 [ 109.272963][ C1] __find_rr_leaf+0x204/0x5c8 [ 109.274201][ C1] fib6_table_lookup+0x308/0x8b8 [ 109.275471][ C1] ip6_pol_route+0x1f4/0x112c [ 109.276690][ C1] ip6_pol_route_input+0x74/0x94 [ 109.278037][ C1] fib6_rule_lookup+0x174/0x4b8 [ 109.279281][ C1] ip6_route_input+0x5d0/0x8d4 [ 109.280568][ C1] ip6_rcv_finish_core+0x218/0x3c8 [ 109.281878][ C1] ip6_rcv_finish+0x12c/0x234 [ 109.283142][ C1] NF_HOOK+0x2c0/0x354 [ 109.284240][ C1] ipv6_rcv+0x9c/0xbc [ 109.285309][ C1] __netif_receive_skb+0xcc/0x2ac [ 109.286673][ C1] process_backlog+0x3c8/0x744 [ 109.287887][ C1] __napi_poll+0xb4/0x5dc [ 109.289049][ C1] net_rx_action+0x468/0xa08 [ 109.290273][ C1] handle_softirqs+0x344/0xbf0 [ 109.291532][ C1] run_ksoftirqd+0x7c/0x2a0 [ 109.292743][ C1] smpboot_thread_fn+0x4b0/0x920 [ 109.294070][ C1] kthread+0x374/0x454 [ 109.295141][ C1] ret_from_fork+0x10/0x20 [ 109.296304][ C1] irq event stamp: 310569 [ 109.297450][ C1] hardirqs last enabled at (310568): [] __local_bh_enable_ip+0x1f8/0x380 [ 109.300165][ C1] hardirqs last disabled at (310569): [] enter_el1_irq_or_nmi+0x10/0x1c [ 109.302718][ C1] softirqs last enabled at (310552): [] handle_softirqs+0xa4c/0xbf0 [ 109.305280][ C1] softirqs last disabled at (310557): [] run_ksoftirqd+0x7c/0x2a0 [ 109.307785][ C1] ---[ end trace 381ec441ce78a66c ]--- [ 109.359190][ T4940] loop0: detected capacity change from 0 to 128 [ 109.386338][ T4940] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.388306][ T4940] Bad inode number on dev loop0: 2 is out of range [ 109.389931][ T4940] SysV FS: get root inode failed [ 109.391153][ T4940] oldfs: cannot read superblock [ 109.393660][ T4940] ------------[ cut here ]------------ [ 109.395048][ T4940] VFS: brelse: Trying to free free buffer [ 109.396601][ T4940] WARNING: CPU: 1 PID: 4940 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.398946][ T4940] Modules linked in: [ 109.399929][ T4940] CPU: 1 PID: 4940 Comm: syz.0.50 Tainted: G W 5.15.181-syzkaller #0 [ 109.402297][ T4940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 109.404991][ T4940] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.407003][ T4940] pc : invalidate_bh_lru+0x128/0x234 [ 109.408406][ T4940] lr : invalidate_bh_lru+0x128/0x234 [ 109.409809][ T4940] sp : ffff80001f3e76e0 [ 109.410887][ T4940] x29: ffff80001f3e76e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 109.413031][ T4940] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 109.415187][ T4940] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa3148 [ 109.417272][ T4940] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 109.419424][ T4940] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 109.421539][ T4940] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.423699][ T4940] x11: 0000000000000002 x10: 0000000000000000 x9 : a07d2de786c0b700 [ 109.425863][ T4940] x8 : a07d2de786c0b700 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.428147][ T4940] x5 : ffff80001f3e6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 109.430458][ T4940] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 109.432640][ T4940] Call trace: [ 109.433504][ T4940] invalidate_bh_lru+0x128/0x234 [ 109.434993][ T4940] smp_call_function_many_cond+0xa50/0xeb0 [ 109.436496][ T4940] on_each_cpu_cond_mask+0x5c/0xc4 [ 109.437845][ T4940] invalidate_bh_lrus+0x34/0x40 [ 109.439148][ T4940] blkdev_flush_mapping+0x168/0x31c [ 109.440505][ T4940] blkdev_put+0x490/0x6ac [ 109.441659][ T4940] kill_block_super+0x98/0xdc [ 109.442925][ T4940] deactivate_locked_super+0xb8/0x13c [ 109.444363][ T4940] mount_bdev+0x284/0x358 [ 109.445538][ T4940] sysv_mount+0x44/0x58 [ 109.446608][ T4940] legacy_get_tree+0xd4/0x16c [ 109.447922][ T4940] vfs_get_tree+0x90/0x274 [ 109.449087][ T4940] do_new_mount+0x228/0x810 [ 109.450343][ T4940] path_mount+0x5b4/0x1000 [ 109.451497][ T4940] __arm64_sys_mount+0x514/0x5e4 [ 109.452786][ T4940] invoke_syscall+0x98/0x2b8 [ 109.454056][ T4940] el0_svc_common+0x138/0x258 [ 109.455328][ T4940] do_el0_svc+0x58/0x14c [ 109.456483][ T4940] el0_svc+0x78/0x1e0 [ 109.457542][ T4940] el0t_64_sync_handler+0xcc/0xe4 [ 109.458883][ T4940] el0t_64_sync+0x1a0/0x1a4 [ 109.460067][ T4940] irq event stamp: 1600 [ 109.461142][ T4940] hardirqs last enabled at (1599): [] kasan_quarantine_put+0xc4/0x204 [ 109.463782][ T4940] hardirqs last disabled at (1600): [] smp_call_function_many_cond+0xa44/0xeb0 [ 109.466577][ T4940] softirqs last enabled at (808): [] local_bh_enable+0x10/0x34 [ 109.469020][ T4940] softirqs last disabled at (806): [] local_bh_disable+0x10/0x34 [ 109.471597][ T4940] ---[ end trace 381ec441ce78a66d ]--- [ 109.581164][ T4942] loop0: detected capacity change from 0 to 128 [ 109.585271][ T4942] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.587265][ T4942] Bad inode number on dev loop0: 2 is out of range [ 109.589000][ T4942] SysV FS: get root inode failed [ 109.590469][ T4942] oldfs: cannot read superblock [ 109.598784][ C0] ------------[ cut here ]------------ [ 109.600313][ C0] VFS: brelse: Trying to free free buffer [ 109.601900][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.604275][ C0] Modules linked in: [ 109.605313][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 109.607855][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 109.610537][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.612671][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 109.614110][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 109.615627][ C0] sp : ffff800008007de0 [ 109.616715][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 109.618919][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 109.621137][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e160fee0 [ 109.623326][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 109.625519][ C0] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 109.627784][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.629959][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : cc8eef5962782100 [ 109.632168][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.634257][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 109.636431][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 109.638651][ C0] Call trace: [ 109.639518][ C0] invalidate_bh_lru+0x128/0x234 [ 109.640853][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 109.642429][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.644359][ C0] ipi_handler+0x108/0x70c [ 109.645535][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 109.646986][ C0] handle_domain_irq+0x144/0x1fc [ 109.648265][ C0] gic_handle_irq+0x78/0x1c8 [ 109.649550][ C0] call_on_irq_stack+0x24/0x4c [ 109.650804][ C0] do_interrupt_handler+0x6c/0x88 [ 109.652158][ C0] el1_interrupt+0x30/0x58 [ 109.653326][ C0] el1h_64_irq_handler+0x18/0x24 [ 109.654611][ C0] el1h_64_irq+0x78/0x7c [ 109.655732][ C0] lock_release+0x110/0x8e8 [ 109.656951][ C0] __might_fault+0xf4/0x128 [ 109.658213][ C0] strncpy_from_user+0x44/0x598 [ 109.659503][ C0] getname_flags+0xec/0x450 [ 109.660745][ C0] __arm64_sys_unlinkat+0xb4/0xfc [ 109.662121][ C0] invoke_syscall+0x98/0x2b8 [ 109.663286][ C0] el0_svc_common+0x138/0x258 [ 109.664591][ C0] do_el0_svc+0x58/0x14c [ 109.665700][ C0] el0_svc+0x78/0x1e0 [ 109.666715][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 109.668080][ C0] el0t_64_sync+0x1a0/0x1a4 [ 109.669262][ C0] irq event stamp: 282052 [ 109.670389][ C0] hardirqs last enabled at (282051): [] el0_svc_common+0x9c/0x258 [ 109.672965][ C0] hardirqs last disabled at (282052): [] enter_el1_irq_or_nmi+0x10/0x1c [ 109.675609][ C0] softirqs last enabled at (281202): [] local_bh_enable+0x10/0x34 [ 109.678174][ C0] softirqs last disabled at (281200): [] local_bh_disable+0x10/0x34 [ 109.680675][ C0] ---[ end trace 381ec441ce78a66e ]--- [ 109.705478][ T4944] loop0: detected capacity change from 0 to 128 [ 109.755727][ T4944] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.757726][ T4944] Bad inode number on dev loop0: 2 is out of range [ 109.759444][ T4944] SysV FS: get root inode failed [ 109.760957][ T4944] oldfs: cannot read superblock [ 109.766957][ C1] ------------[ cut here ]------------ [ 109.768502][ C1] VFS: brelse: Trying to free free buffer [ 109.770038][ C1] WARNING: CPU: 1 PID: 4944 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.772431][ C1] Modules linked in: [ 109.773511][ C1] CPU: 1 PID: 4944 Comm: syz.0.52 Tainted: G W 5.15.181-syzkaller #0 [ 109.776009][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 109.778695][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.780802][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 109.782232][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 109.783644][ C1] sp : ffff800008017de0 [ 109.784724][ C1] x29: ffff800008017de0 x28: ffff0000d193d1c0 x27: 1fffe0003685d254 [ 109.786889][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 109.789102][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa34e8 [ 109.791337][ C1] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 109.793491][ C1] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 109.795704][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.797804][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 04847ebc2490a400 [ 109.799990][ C1] x8 : 04847ebc2490a400 x7 : 0000000000000001 x6 : 0000000000000001 [ 109.802159][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 109.804294][ C1] x2 : 0000000000000001 x1 : 0000000000010002 x0 : 0000000000000027 [ 109.806413][ C1] Call trace: [ 109.807288][ C1] invalidate_bh_lru+0x128/0x234 [ 109.808578][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 109.810192][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 109.812130][ C1] ipi_handler+0x108/0x70c [ 109.813296][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 109.814792][ C1] handle_domain_irq+0x144/0x1fc [ 109.816124][ C1] gic_handle_irq+0x78/0x1c8 [ 109.817332][ C1] call_on_irq_stack+0x24/0x4c [ 109.818613][ C1] do_interrupt_handler+0x6c/0x88 [ 109.819989][ C1] el1_interrupt+0x30/0x58 [ 109.821172][ C1] el1h_64_irq_handler+0x18/0x24 [ 109.822502][ C1] el1h_64_irq+0x78/0x7c [ 109.823627][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 109.825167][ C1] sched_move_task+0x204/0x260 [ 109.826400][ C1] sched_autogroup_exit_task+0x10/0x1c [ 109.827922][ C1] do_exit+0x68c/0x1f58 [ 109.829075][ C1] do_group_exit+0x100/0x268 [ 109.830318][ C1] get_signal+0x73c/0x1340 [ 109.831474][ C1] do_notify_resume+0x35c/0x3128 [ 109.832823][ C1] el0_svc+0xf0/0x1e0 [ 109.834025][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 109.835368][ C1] el0t_64_sync+0x1a0/0x1a4 [ 109.836572][ C1] irq event stamp: 3116 [ 109.837660][ C1] hardirqs last enabled at (3115): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 109.840565][ C1] hardirqs last disabled at (3116): [] enter_el1_irq_or_nmi+0x10/0x1c [ 109.843137][ C1] softirqs last enabled at (1648): [] local_bh_enable+0x10/0x34 [ 109.845665][ C1] softirqs last disabled at (1646): [] local_bh_disable+0x10/0x34 [ 109.848304][ C1] ---[ end trace 381ec441ce78a66f ]--- [ 109.907559][ T4946] loop0: detected capacity change from 0 to 128 [ 109.957238][ T4946] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 109.959291][ T4946] Bad inode number on dev loop0: 2 is out of range [ 109.961036][ T4946] SysV FS: get root inode failed [ 109.962317][ T4946] oldfs: cannot read superblock [ 109.967173][ C0] ------------[ cut here ]------------ [ 109.968696][ C0] VFS: brelse: Trying to free free buffer [ 109.970266][ C0] WARNING: CPU: 0 PID: 4946 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 109.972742][ C0] Modules linked in: [ 109.973778][ C0] CPU: 0 PID: 4946 Comm: syz.0.53 Tainted: G W 5.15.181-syzkaller #0 [ 109.976222][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 109.978969][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 109.981132][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 109.982622][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 109.984089][ C0] sp : ffff800008007de0 [ 109.985177][ C0] x29: ffff800008007de0 x28: ffff0000cc3c0000 x27: 1fffe00036859054 [ 109.987382][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 109.989519][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1648318 [ 109.991754][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 109.994035][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 109.996258][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 109.998445][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 4d773af5caa27500 [ 110.000690][ C0] x8 : 4d773af5caa27500 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.002973][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 110.005260][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 110.007489][ C0] Call trace: [ 110.008412][ C0] invalidate_bh_lru+0x128/0x234 [ 110.009759][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 110.011394][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.013280][ C0] ipi_handler+0x108/0x70c [ 110.014526][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 110.015974][ C0] handle_domain_irq+0x144/0x1fc [ 110.017315][ C0] gic_handle_irq+0x78/0x1c8 [ 110.018586][ C0] call_on_irq_stack+0x24/0x4c [ 110.019869][ C0] do_interrupt_handler+0x6c/0x88 [ 110.021263][ C0] el1_interrupt+0x30/0x58 [ 110.022472][ C0] el1h_64_irq_handler+0x18/0x24 [ 110.023773][ C0] el1h_64_irq+0x78/0x7c [ 110.024931][ C0] perf_lock_task_context+0x7a0/0x84c [ 110.026389][ C0] perf_event_exit_task+0x224/0x818 [ 110.027790][ C0] do_exit+0x684/0x1f58 [ 110.028960][ C0] do_group_exit+0x100/0x268 [ 110.030208][ C0] get_signal+0x73c/0x1340 [ 110.031395][ C0] do_notify_resume+0x35c/0x3128 [ 110.032740][ C0] el0_svc+0xf0/0x1e0 [ 110.033806][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 110.035202][ C0] el0t_64_sync+0x1a0/0x1a4 [ 110.036441][ C0] irq event stamp: 2634 [ 110.037562][ C0] hardirqs last enabled at (2633): [] perf_lock_task_context+0x764/0x84c [ 110.040283][ C0] hardirqs last disabled at (2634): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.042979][ C0] softirqs last enabled at (1188): [] local_bh_enable+0x10/0x34 [ 110.045471][ C0] softirqs last disabled at (1186): [] local_bh_disable+0x10/0x34 [ 110.048067][ C0] ---[ end trace 381ec441ce78a670 ]--- [ 110.116297][ T4948] loop0: detected capacity change from 0 to 128 [ 110.120058][ T4948] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.122027][ T4948] Bad inode number on dev loop0: 2 is out of range [ 110.123943][ T4948] SysV FS: get root inode failed [ 110.125224][ T4948] oldfs: cannot read superblock [ 110.129192][ C1] ------------[ cut here ]------------ [ 110.130733][ C1] VFS: brelse: Trying to free free buffer [ 110.132350][ C1] WARNING: CPU: 1 PID: 3643 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.134806][ C1] Modules linked in: [ 110.135933][ C1] CPU: 1 PID: 3643 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 110.138364][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 110.141076][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.143227][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 110.144733][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 110.146171][ C1] sp : ffff800008017de0 [ 110.147311][ C1] x29: ffff800008017de0 x28: ffff0000d6758000 x27: 1fffe0003685d253 [ 110.149476][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 110.151674][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa3888 [ 110.153790][ C1] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000010002 [ 110.155974][ C1] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 110.158149][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.160334][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7ef049936ac40300 [ 110.162471][ C1] x8 : 7ef049936ac40300 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.164710][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 110.166889][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 110.169088][ C1] Call trace: [ 110.169969][ C1] invalidate_bh_lru+0x128/0x234 [ 110.171305][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 110.172958][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.174886][ C1] ipi_handler+0x108/0x70c [ 110.176053][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 110.177529][ C1] handle_domain_irq+0x144/0x1fc [ 110.178954][ C1] gic_handle_irq+0x78/0x1c8 [ 110.180185][ C1] call_on_irq_stack+0x24/0x4c [ 110.181454][ C1] do_interrupt_handler+0x6c/0x88 [ 110.182761][ C1] el1_interrupt+0x30/0x58 [ 110.183936][ C1] el1h_64_irq_handler+0x18/0x24 [ 110.185264][ C1] el1h_64_irq+0x78/0x7c [ 110.186357][ C1] el0_svc_common+0xa8/0x258 [ 110.187705][ C1] do_el0_svc+0x58/0x14c [ 110.188851][ C1] el0_svc+0x78/0x1e0 [ 110.189946][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 110.191269][ C1] el0t_64_sync+0x1a0/0x1a4 [ 110.192438][ C1] irq event stamp: 1235696 [ 110.193622][ C1] hardirqs last enabled at (1235695): [] el0_svc_common+0x9c/0x258 [ 110.196247][ C1] hardirqs last disabled at (1235696): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.198920][ C1] softirqs last enabled at (1235054): [] local_bh_enable+0x10/0x34 [ 110.201515][ C1] softirqs last disabled at (1235052): [] local_bh_disable+0x10/0x34 [ 110.204152][ C1] ---[ end trace 381ec441ce78a671 ]--- [ 110.259955][ T4950] loop0: detected capacity change from 0 to 128 [ 110.264811][ T4950] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.266878][ T4950] Bad inode number on dev loop0: 2 is out of range [ 110.268636][ T4950] SysV FS: get root inode failed [ 110.269915][ T4950] oldfs: cannot read superblock [ 110.277140][ T4452] ------------[ cut here ]------------ [ 110.278601][ T4452] VFS: brelse: Trying to free free buffer [ 110.280148][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.282485][ T4452] Modules linked in: [ 110.283559][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 110.285960][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 110.288611][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.290687][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 110.292090][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 110.293547][ T4452] sp : ffff80001f2077c0 [ 110.294635][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 110.296855][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 110.299018][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddaa3c28 [ 110.301219][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 110.303390][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 110.305489][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.307603][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 110.309734][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.311883][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 110.314116][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 110.316219][ T4452] Call trace: [ 110.317063][ T4452] invalidate_bh_lru+0x128/0x234 [ 110.318421][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 110.319956][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 110.321313][ T4452] invalidate_bh_lrus+0x34/0x40 [ 110.322615][ T4452] blkdev_flush_mapping+0x168/0x31c [ 110.324013][ T4452] blkdev_put+0x490/0x6ac [ 110.325202][ T4452] blkdev_close+0x74/0xb0 [ 110.326342][ T4452] __fput+0x1c0/0x7f8 [ 110.327409][ T4452] ____fput+0x20/0x30 [ 110.328487][ T4452] task_work_run+0x12c/0x1e0 [ 110.329732][ T4452] do_notify_resume+0x24b4/0x3128 [ 110.331136][ T4452] el0_svc+0xf0/0x1e0 [ 110.332270][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 110.333730][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 110.334958][ T4452] irq event stamp: 269696 [ 110.336127][ T4452] hardirqs last enabled at (269695): [] kasan_quarantine_put+0xc4/0x204 [ 110.338831][ T4452] hardirqs last disabled at (269696): [] smp_call_function_many_cond+0xa44/0xeb0 [ 110.341720][ T4452] softirqs last enabled at (269290): [] local_bh_enable+0x10/0x34 [ 110.344244][ T4452] softirqs last disabled at (269288): [] local_bh_disable+0x10/0x34 [ 110.346807][ T4452] ---[ end trace 381ec441ce78a672 ]--- [ 110.436789][ T4952] loop0: detected capacity change from 0 to 128 [ 110.476113][ T4952] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.478128][ T4952] Bad inode number on dev loop0: 2 is out of range [ 110.479935][ T4952] SysV FS: get root inode failed [ 110.481284][ T4952] oldfs: cannot read superblock [ 110.524140][ C0] ------------[ cut here ]------------ [ 110.526033][ C0] VFS: brelse: Trying to free free buffer [ 110.527672][ C0] WARNING: CPU: 0 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.530048][ C0] Modules linked in: [ 110.531117][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.15.181-syzkaller #0 [ 110.533608][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 110.536359][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.538490][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 110.539983][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 110.541450][ C0] sp : ffff800008007de0 [ 110.542588][ C0] x29: ffff800008007de0 x28: ffff800014173880 x27: 1fffe00036859054 [ 110.544777][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 110.546997][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e16486b8 [ 110.549282][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 110.551437][ C0] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 110.553621][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.555790][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 441cce70ca4aab00 [ 110.558062][ C0] x8 : 441cce70ca4aab00 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.560262][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 110.562430][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 110.564669][ C0] Call trace: [ 110.565530][ C0] invalidate_bh_lru+0x128/0x234 [ 110.566932][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 110.568528][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.570408][ C0] ipi_handler+0x108/0x70c [ 110.571654][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 110.573134][ C0] handle_domain_irq+0x144/0x1fc [ 110.574437][ C0] gic_handle_irq+0x78/0x1c8 [ 110.575661][ C0] call_on_irq_stack+0x24/0x4c [ 110.576928][ C0] do_interrupt_handler+0x6c/0x88 [ 110.578289][ C0] el1_interrupt+0x30/0x58 [ 110.579506][ C0] el1h_64_irq_handler+0x18/0x24 [ 110.580808][ C0] el1h_64_irq+0x78/0x7c [ 110.581920][ C0] arch_local_irq_enable+0xc/0x18 [ 110.583269][ C0] default_idle_call+0xcc/0x418 [ 110.584585][ C0] do_idle+0x1c8/0x480 [ 110.585649][ C0] cpu_startup_entry+0x24/0x28 [ 110.586937][ C0] rest_init+0x360/0x390 [ 110.588051][ C0] arch_call_rest_init+0x14/0x20 [ 110.589427][ C0] start_kernel+0x49c/0x54c [ 110.590624][ C0] __primary_switched+0xa8/0xb0 [ 110.592056][ C0] irq event stamp: 346890 [ 110.593220][ C0] hardirqs last enabled at (346889): [] default_idle_call+0xb8/0x418 [ 110.595854][ C0] hardirqs last disabled at (346890): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.598535][ C0] softirqs last enabled at (346878): [] handle_softirqs+0xa4c/0xbf0 [ 110.601129][ C0] softirqs last disabled at (346673): [] __irq_exit_rcu+0x240/0x440 [ 110.603684][ C0] ---[ end trace 381ec441ce78a673 ]--- [ 110.633590][ T4954] loop0: detected capacity change from 0 to 128 [ 110.637394][ T4954] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.639380][ T4954] Bad inode number on dev loop0: 2 is out of range [ 110.641082][ T4954] SysV FS: get root inode failed [ 110.642406][ T4954] oldfs: cannot read superblock [ 110.645930][ C1] ------------[ cut here ]------------ [ 110.647482][ C1] VFS: brelse: Trying to free free buffer [ 110.649105][ C1] WARNING: CPU: 1 PID: 4954 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.651645][ C1] Modules linked in: [ 110.652698][ C1] CPU: 1 PID: 4954 Comm: syz.0.57 Tainted: G W 5.15.181-syzkaller #0 [ 110.655229][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 110.657929][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.660067][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 110.661540][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 110.663013][ C1] sp : ffff800008017de0 [ 110.664143][ C1] x29: ffff800008017de0 x28: ffff0000c80cb680 x27: 1fffe0003685d253 [ 110.666355][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 110.668506][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c06887a0 [ 110.670580][ C1] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000010004 [ 110.672767][ C1] x17: 0000000000010004 x16: ffff8000111a3970 x15: 00000000ffffffff [ 110.674947][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.677095][ C1] x11: 0000000000010003 x10: 0000000000010003 x9 : ca3f1e7b3c204300 [ 110.679290][ C1] x8 : ca3f1e7b3c204300 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.681401][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 110.683578][ C1] x2 : 0000000000000001 x1 : 0000000000010003 x0 : 0000000000000027 [ 110.685726][ C1] Call trace: [ 110.686622][ C1] invalidate_bh_lru+0x128/0x234 [ 110.687980][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 110.689576][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.691524][ C1] ipi_handler+0x108/0x70c [ 110.692692][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 110.694246][ C1] handle_domain_irq+0x144/0x1fc [ 110.695596][ C1] gic_handle_irq+0x78/0x1c8 [ 110.696854][ C1] call_on_irq_stack+0x24/0x4c [ 110.698188][ C1] do_interrupt_handler+0x6c/0x88 [ 110.699562][ C1] el1_interrupt+0x30/0x58 [ 110.700716][ C1] el1h_64_irq_handler+0x18/0x24 [ 110.702029][ C1] el1h_64_irq+0x78/0x7c [ 110.703169][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 110.704651][ C1] try_to_wake_up+0x3a4/0xa64 [ 110.705869][ C1] wake_up_q+0x94/0x114 [ 110.706964][ C1] futex_wake+0x46c/0x4f4 [ 110.708079][ C1] do_futex+0x1684/0x257c [ 110.709293][ C1] __arm64_sys_futex+0x388/0x400 [ 110.710564][ C1] invoke_syscall+0x98/0x2b8 [ 110.711748][ C1] el0_svc_common+0x138/0x258 [ 110.712988][ C1] do_el0_svc+0x58/0x14c [ 110.714125][ C1] el0_svc+0x78/0x1e0 [ 110.715164][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 110.716461][ C1] el0t_64_sync+0x1a0/0x1a4 [ 110.717626][ C1] irq event stamp: 1310 [ 110.718718][ C1] hardirqs last enabled at (1309): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 110.721473][ C1] hardirqs last disabled at (1310): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.724122][ C1] softirqs last enabled at (1302): [] local_bh_enable+0x10/0x34 [ 110.726671][ C1] softirqs last disabled at (1300): [] local_bh_disable+0x10/0x34 [ 110.729189][ C1] ---[ end trace 381ec441ce78a674 ]--- [ 110.777082][ T4956] loop0: detected capacity change from 0 to 128 [ 110.826453][ T4956] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.828504][ T4956] Bad inode number on dev loop0: 2 is out of range [ 110.830405][ T4956] SysV FS: get root inode failed [ 110.831730][ T4956] oldfs: cannot read superblock [ 110.838767][ C1] ------------[ cut here ]------------ [ 110.840275][ C1] VFS: brelse: Trying to free free buffer [ 110.841883][ C1] WARNING: CPU: 1 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.844250][ C1] Modules linked in: [ 110.845317][ C1] CPU: 1 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 110.847917][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 110.850628][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 110.852756][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 110.854154][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 110.855576][ C1] sp : ffff800008017de0 [ 110.856671][ C1] x29: ffff800008017de0 x28: ffff0000cd928000 x27: 1fffe0003685d254 [ 110.858913][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 110.861063][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c0688318 [ 110.863240][ C1] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 110.865430][ C1] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 110.867662][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 110.869904][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : cc8eef5962782100 [ 110.872094][ C1] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 110.874214][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 110.876366][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 110.878485][ C1] Call trace: [ 110.879367][ C1] invalidate_bh_lru+0x128/0x234 [ 110.880717][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 110.882320][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 110.884431][ C1] ipi_handler+0x108/0x70c [ 110.885695][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 110.887320][ C1] handle_domain_irq+0x144/0x1fc [ 110.888731][ C1] gic_handle_irq+0x78/0x1c8 [ 110.890041][ C1] call_on_irq_stack+0x24/0x4c [ 110.891344][ C1] do_interrupt_handler+0x6c/0x88 [ 110.892783][ C1] el1_interrupt+0x30/0x58 [ 110.894031][ C1] el1h_64_irq_handler+0x18/0x24 [ 110.895373][ C1] el1h_64_irq+0x78/0x7c [ 110.896596][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 110.898253][ C1] debug_object_active_state+0x16c/0x34c [ 110.899832][ C1] call_rcu+0x68/0x8f0 [ 110.901017][ C1] dentry_free+0xa4/0x180 [ 110.902200][ C1] __dentry_kill+0x45c/0x598 [ 110.903465][ C1] dentry_kill+0xc8/0x248 [ 110.904646][ C1] dput+0x23c/0x458 [ 110.905712][ C1] do_rmdir+0x24c/0x634 [ 110.906948][ C1] __arm64_sys_unlinkat+0xcc/0xfc [ 110.908342][ C1] invoke_syscall+0x98/0x2b8 [ 110.909602][ C1] el0_svc_common+0x138/0x258 [ 110.910922][ C1] do_el0_svc+0x58/0x14c [ 110.912111][ C1] el0_svc+0x78/0x1e0 [ 110.913193][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 110.914578][ C1] el0t_64_sync+0x1a0/0x1a4 [ 110.915844][ C1] irq event stamp: 303490 [ 110.917025][ C1] hardirqs last enabled at (303489): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 110.920148][ C1] hardirqs last disabled at (303490): [] enter_el1_irq_or_nmi+0x10/0x1c [ 110.922866][ C1] softirqs last enabled at (303208): [] local_bh_enable+0x10/0x34 [ 110.925540][ C1] softirqs last disabled at (303206): [] local_bh_disable+0x10/0x34 [ 110.928308][ C1] ---[ end trace 381ec441ce78a675 ]--- [ 110.968420][ T4958] loop0: detected capacity change from 0 to 128 [ 110.981755][ T4958] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 110.983985][ T4958] Bad inode number on dev loop0: 2 is out of range [ 110.985719][ T4958] SysV FS: get root inode failed [ 110.986980][ T4958] oldfs: cannot read superblock [ 110.994535][ C0] ------------[ cut here ]------------ [ 110.995962][ C0] VFS: brelse: Trying to free free buffer [ 110.997483][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 110.999677][ C0] Modules linked in: [ 111.000701][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 111.003204][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.005596][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.007686][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 111.009168][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 111.010592][ C0] sp : ffff800008007de0 [ 111.011766][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 111.013919][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 111.016077][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1648a58 [ 111.018235][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 111.020415][ C0] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 111.022523][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.024772][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : cc8eef5962782100 [ 111.027010][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.029171][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 111.031392][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 111.033564][ C0] Call trace: [ 111.034457][ C0] invalidate_bh_lru+0x128/0x234 [ 111.035818][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 111.037454][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 111.039330][ C0] ipi_handler+0x108/0x70c [ 111.040514][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 111.042041][ C0] handle_domain_irq+0x144/0x1fc [ 111.043359][ C0] gic_handle_irq+0x78/0x1c8 [ 111.044598][ C0] call_on_irq_stack+0x24/0x4c [ 111.045938][ C0] do_interrupt_handler+0x6c/0x88 [ 111.047286][ C0] el1_interrupt+0x30/0x58 [ 111.048484][ C0] el1h_64_irq_handler+0x18/0x24 [ 111.049793][ C0] el1h_64_irq+0x78/0x7c [ 111.050898][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 111.052492][ C0] debug_check_no_obj_freed+0x450/0x46c [ 111.054010][ C0] slab_free_freelist_hook+0x9c/0x1e8 [ 111.055461][ C0] kmem_cache_free+0xdc/0x3b4 [ 111.056752][ C0] user_path_at_empty+0x144/0x1a0 [ 111.058139][ C0] vfs_statx+0xf4/0x458 [ 111.059224][ C0] __arm64_sys_newfstatat+0x10c/0x190 [ 111.060698][ C0] invoke_syscall+0x98/0x2b8 [ 111.061920][ C0] el0_svc_common+0x138/0x258 [ 111.063170][ C0] do_el0_svc+0x58/0x14c [ 111.064310][ C0] el0_svc+0x78/0x1e0 [ 111.065382][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 111.066705][ C0] el0t_64_sync+0x1a0/0x1a4 [ 111.068009][ C0] irq event stamp: 306592 [ 111.069201][ C0] hardirqs last enabled at (306591): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 111.072168][ C0] hardirqs last disabled at (306592): [] enter_el1_irq_or_nmi+0x10/0x1c [ 111.074884][ C0] softirqs last enabled at (306144): [] local_bh_enable+0x10/0x34 [ 111.077419][ C0] softirqs last disabled at (306142): [] local_bh_disable+0x10/0x34 [ 111.080015][ C0] ---[ end trace 381ec441ce78a676 ]--- [ 111.116177][ T4960] loop0: detected capacity change from 0 to 128 [ 111.121317][ T4960] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.123924][ T4960] Bad inode number on dev loop0: 2 is out of range [ 111.125732][ T4960] SysV FS: get root inode failed [ 111.127564][ T4960] oldfs: cannot read superblock [ 111.135439][ C1] ------------[ cut here ]------------ [ 111.137020][ C1] VFS: brelse: Trying to free free buffer [ 111.138653][ C1] WARNING: CPU: 1 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.141121][ C1] Modules linked in: [ 111.142224][ C1] CPU: 1 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 111.144981][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.147844][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.150080][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 111.151605][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 111.153149][ C1] sp : ffff800008017de0 [ 111.154326][ C1] x29: ffff800008017de0 x28: ffff0000cd928000 x27: 1fffe0003685d254 [ 111.156584][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 111.158844][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddbed060 [ 111.161134][ C1] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 111.163412][ C1] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 111.165728][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.168041][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 111.170277][ C1] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.172585][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 111.174801][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 111.177026][ C1] Call trace: [ 111.177914][ C1] invalidate_bh_lru+0x128/0x234 [ 111.179265][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 111.180988][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 111.182976][ C1] ipi_handler+0x108/0x70c [ 111.184200][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 111.185718][ C1] handle_domain_irq+0x144/0x1fc [ 111.187096][ C1] gic_handle_irq+0x78/0x1c8 [ 111.188340][ C1] call_on_irq_stack+0x24/0x4c [ 111.189661][ C1] do_interrupt_handler+0x6c/0x88 [ 111.191111][ C1] el1_interrupt+0x30/0x58 [ 111.192340][ C1] el1h_64_irq_handler+0x18/0x24 [ 111.193890][ C1] el1h_64_irq+0x78/0x7c [ 111.195061][ C1] tomoyo_check_acl+0xb0/0x378 [ 111.196449][ C1] tomoyo_path_permission+0x164/0x310 [ 111.197979][ C1] tomoyo_path_perm+0x2e0/0x440 [ 111.199300][ C1] tomoyo_path_rmdir+0xa4/0xe8 [ 111.200638][ C1] security_path_rmdir+0xe4/0x134 [ 111.202059][ C1] do_rmdir+0x1d0/0x634 [ 111.203239][ C1] __arm64_sys_unlinkat+0xcc/0xfc [ 111.204705][ C1] invoke_syscall+0x98/0x2b8 [ 111.206005][ C1] el0_svc_common+0x138/0x258 [ 111.207340][ C1] do_el0_svc+0x58/0x14c [ 111.208538][ C1] el0_svc+0x78/0x1e0 [ 111.209694][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 111.211105][ C1] el0t_64_sync+0x1a0/0x1a4 [ 111.212388][ C1] irq event stamp: 309498 [ 111.213626][ C1] hardirqs last enabled at (309497): [] kasan_quarantine_put+0xc4/0x204 [ 111.216426][ C1] hardirqs last disabled at (309498): [] enter_el1_irq_or_nmi+0x10/0x1c [ 111.219224][ C1] softirqs last enabled at (308760): [] local_bh_enable+0x10/0x34 [ 111.221968][ C1] softirqs last disabled at (308758): [] local_bh_disable+0x10/0x34 [ 111.224714][ C1] ---[ end trace 381ec441ce78a677 ]--- [ 111.277354][ T4962] loop0: detected capacity change from 0 to 128 [ 111.284119][ T4962] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.286157][ T4962] Bad inode number on dev loop0: 2 is out of range [ 111.287912][ T4962] SysV FS: get root inode failed [ 111.289279][ T4962] oldfs: cannot read superblock [ 111.296931][ T4452] ------------[ cut here ]------------ [ 111.298463][ T4452] VFS: brelse: Trying to free free buffer [ 111.300067][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.302424][ T4452] Modules linked in: [ 111.303488][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 111.306000][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.308726][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.310848][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 111.312300][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 111.313851][ T4452] sp : ffff80001f2077c0 [ 111.314996][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 111.317223][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 111.319467][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddbed400 [ 111.321724][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 111.323929][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 111.326129][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.328414][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 111.330657][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.332919][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 111.335161][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 111.337459][ T4452] Call trace: [ 111.338380][ T4452] invalidate_bh_lru+0x128/0x234 [ 111.339743][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 111.341347][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 111.342774][ T4452] invalidate_bh_lrus+0x34/0x40 [ 111.344082][ T4452] blkdev_flush_mapping+0x168/0x31c [ 111.345530][ T4452] blkdev_put+0x490/0x6ac [ 111.346744][ T4452] blkdev_close+0x74/0xb0 [ 111.347948][ T4452] __fput+0x1c0/0x7f8 [ 111.349067][ T4452] ____fput+0x20/0x30 [ 111.350148][ T4452] task_work_run+0x12c/0x1e0 [ 111.351395][ T4452] do_notify_resume+0x24b4/0x3128 [ 111.352766][ T4452] el0_svc+0xf0/0x1e0 [ 111.353864][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 111.355254][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 111.356526][ T4452] irq event stamp: 308908 [ 111.357728][ T4452] hardirqs last enabled at (308907): [] kasan_quarantine_put+0xc4/0x204 [ 111.360625][ T4452] hardirqs last disabled at (308908): [] smp_call_function_many_cond+0xa44/0xeb0 [ 111.363582][ T4452] softirqs last enabled at (308894): [] local_bh_enable+0x10/0x34 [ 111.366139][ T4452] softirqs last disabled at (308892): [] local_bh_disable+0x10/0x34 [ 111.368813][ T4452] ---[ end trace 381ec441ce78a678 ]--- [ 111.418234][ T4964] loop0: detected capacity change from 0 to 128 [ 111.455390][ T4964] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.457463][ T4964] Bad inode number on dev loop0: 2 is out of range [ 111.459356][ T4964] SysV FS: get root inode failed [ 111.460659][ T4964] oldfs: cannot read superblock [ 111.474442][ T4452] ------------[ cut here ]------------ [ 111.475892][ T4452] VFS: brelse: Trying to free free buffer [ 111.477409][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.479734][ T4452] Modules linked in: [ 111.480758][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 111.483187][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.485898][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.488117][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 111.489539][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 111.490920][ T4452] sp : ffff80001f2077c0 [ 111.492042][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 111.494200][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 111.496392][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddbed7a0 [ 111.498574][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 111.500651][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 111.502807][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.504998][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 111.507145][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.509312][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 111.511451][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 111.513671][ T4452] Call trace: [ 111.514517][ T4452] invalidate_bh_lru+0x128/0x234 [ 111.515800][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 111.517371][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 111.518744][ T4452] invalidate_bh_lrus+0x34/0x40 [ 111.520044][ T4452] blkdev_flush_mapping+0x168/0x31c [ 111.521428][ T4452] blkdev_put+0x490/0x6ac [ 111.522590][ T4452] blkdev_close+0x74/0xb0 [ 111.523745][ T4452] __fput+0x1c0/0x7f8 [ 111.524755][ T4452] ____fput+0x20/0x30 [ 111.525816][ T4452] task_work_run+0x12c/0x1e0 [ 111.527074][ T4452] do_notify_resume+0x24b4/0x3128 [ 111.528411][ T4452] el0_svc+0xf0/0x1e0 [ 111.529443][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 111.530773][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 111.531966][ T4452] irq event stamp: 312932 [ 111.533105][ T4452] hardirqs last enabled at (312931): [] kasan_quarantine_put+0xc4/0x204 [ 111.535769][ T4452] hardirqs last disabled at (312932): [] smp_call_function_many_cond+0xa44/0xeb0 [ 111.538658][ T4452] softirqs last enabled at (312756): [] handle_softirqs+0xa4c/0xbf0 [ 111.541196][ T4452] softirqs last disabled at (312745): [] __irq_exit_rcu+0x240/0x440 [ 111.543758][ T4452] ---[ end trace 381ec441ce78a679 ]--- [ 111.588154][ T4966] loop0: detected capacity change from 0 to 128 [ 111.634481][ T4966] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.636678][ T4966] Bad inode number on dev loop0: 2 is out of range [ 111.638389][ T4966] SysV FS: get root inode failed [ 111.639640][ T4966] oldfs: cannot read superblock [ 111.646406][ C0] ------------[ cut here ]------------ [ 111.647932][ C0] VFS: brelse: Trying to free free buffer [ 111.649537][ C0] WARNING: CPU: 0 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.651852][ C0] Modules linked in: [ 111.652904][ C0] CPU: 0 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 111.655468][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.658200][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.660388][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 111.661852][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 111.663243][ C0] sp : ffff800008007de0 [ 111.664352][ C0] x29: ffff800008007de0 x28: ffff0000cd928000 x27: 1fffe00036859054 [ 111.666567][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000001 [ 111.668681][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1648df8 [ 111.670794][ C0] x20: ffff0001b42c82a0 x19: ffff8000113aada0 x18: 0000000000010002 [ 111.672981][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 111.675097][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.677210][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cc8eef5962782100 [ 111.679364][ C0] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.681554][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 111.683720][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 111.685865][ C0] Call trace: [ 111.686767][ C0] invalidate_bh_lru+0x128/0x234 [ 111.688095][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 111.689683][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 111.691512][ C0] ipi_handler+0x108/0x70c [ 111.692707][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 111.694173][ C0] handle_domain_irq+0x144/0x1fc [ 111.695497][ C0] gic_handle_irq+0x78/0x1c8 [ 111.696777][ C0] call_on_irq_stack+0x24/0x4c [ 111.698029][ C0] do_interrupt_handler+0x6c/0x88 [ 111.699318][ C0] el1_interrupt+0x30/0x58 [ 111.700502][ C0] el1h_64_irq_handler+0x18/0x24 [ 111.701823][ C0] el1h_64_irq+0x78/0x7c [ 111.702991][ C0] el0_svc_common+0xa8/0x258 [ 111.704219][ C0] do_el0_svc+0x58/0x14c [ 111.705349][ C0] el0_svc+0x78/0x1e0 [ 111.706389][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 111.707710][ C0] el0t_64_sync+0x1a0/0x1a4 [ 111.708937][ C0] irq event stamp: 318052 [ 111.710104][ C0] hardirqs last enabled at (318051): [] el0_svc_common+0x9c/0x258 [ 111.712634][ C0] hardirqs last disabled at (318052): [] enter_el1_irq_or_nmi+0x10/0x1c [ 111.715282][ C0] softirqs last enabled at (317626): [] local_bh_enable+0x10/0x34 [ 111.717800][ C0] softirqs last disabled at (317624): [] local_bh_disable+0x10/0x34 [ 111.720366][ C0] ---[ end trace 381ec441ce78a67a ]--- [ 111.780613][ T4968] loop0: detected capacity change from 0 to 128 [ 111.834718][ T4968] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.836722][ T4968] Bad inode number on dev loop0: 2 is out of range [ 111.838569][ T4968] SysV FS: get root inode failed [ 111.839915][ T4968] oldfs: cannot read superblock [ 111.846458][ T4452] ------------[ cut here ]------------ [ 111.847886][ T4452] VFS: brelse: Trying to free free buffer [ 111.849422][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.851783][ T4452] Modules linked in: [ 111.852810][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 111.855231][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.857998][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.860212][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 111.861764][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 111.863631][ T4452] sp : ffff80001f2077c0 [ 111.864722][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d254 [ 111.866930][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 111.869136][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddbedb40 [ 111.871403][ T4452] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000000003 [ 111.873543][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 111.875655][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 111.877786][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 111.879998][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 111.882092][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 111.884221][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 111.886335][ T4452] Call trace: [ 111.887235][ T4452] invalidate_bh_lru+0x128/0x234 [ 111.888572][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 111.890159][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 111.891492][ T4452] invalidate_bh_lrus+0x34/0x40 [ 111.892843][ T4452] blkdev_flush_mapping+0x168/0x31c [ 111.894225][ T4452] blkdev_put+0x490/0x6ac [ 111.895317][ T4452] blkdev_close+0x74/0xb0 [ 111.896425][ T4452] __fput+0x1c0/0x7f8 [ 111.897482][ T4452] ____fput+0x20/0x30 [ 111.898582][ T4452] task_work_run+0x12c/0x1e0 [ 111.899851][ T4452] do_notify_resume+0x24b4/0x3128 [ 111.901198][ T4452] el0_svc+0xf0/0x1e0 [ 111.902226][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 111.903573][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 111.904791][ T4452] irq event stamp: 325792 [ 111.905932][ T4452] hardirqs last enabled at (325791): [] kasan_quarantine_put+0xc4/0x204 [ 111.908628][ T4452] hardirqs last disabled at (325792): [] smp_call_function_many_cond+0xa44/0xeb0 [ 111.911549][ T4452] softirqs last enabled at (324892): [] handle_softirqs+0xa4c/0xbf0 [ 111.914233][ T4452] softirqs last disabled at (324793): [] __irq_exit_rcu+0x240/0x440 [ 111.916754][ T4452] ---[ end trace 381ec441ce78a67b ]--- [ 111.967438][ T4970] loop0: detected capacity change from 0 to 128 [ 111.971470][ T4970] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 111.973771][ T4970] Bad inode number on dev loop0: 2 is out of range [ 111.975510][ T4970] SysV FS: get root inode failed [ 111.976854][ T4970] oldfs: cannot read superblock [ 111.978205][ C0] ------------[ cut here ]------------ [ 111.979681][ C0] VFS: brelse: Trying to free free buffer [ 111.981289][ C0] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 111.983639][ C0] Modules linked in: [ 111.984687][ C0] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 111.987126][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 111.989792][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 111.991967][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 111.993377][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 111.994790][ C0] sp : ffff800008007de0 [ 111.995944][ C0] x29: ffff800008007de0 x28: ffff0000ca969b40 x27: 1fffe00036859053 [ 111.998134][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 112.000287][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1649230 [ 112.002427][ C0] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000010002 [ 112.004605][ C0] x17: 0000000000010002 x16: ffff8000111a3970 x15: 00000000ffffffff [ 112.006764][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.008978][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 450c6ddf1771a300 [ 112.011108][ C0] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.013198][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 112.015314][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 112.017440][ C0] Call trace: [ 112.018316][ C0] invalidate_bh_lru+0x128/0x234 [ 112.019647][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 112.021275][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.023156][ C0] ipi_handler+0x108/0x70c [ 112.024326][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 112.025858][ C0] handle_domain_irq+0x144/0x1fc [ 112.027170][ C0] gic_handle_irq+0x78/0x1c8 [ 112.028373][ C0] call_on_irq_stack+0x24/0x4c [ 112.029635][ C0] do_interrupt_handler+0x6c/0x88 [ 112.031004][ C0] el1_interrupt+0x30/0x58 [ 112.032175][ C0] el1h_64_irq_handler+0x18/0x24 [ 112.033512][ C0] el1h_64_irq+0x78/0x7c [ 112.034763][ C0] kasan_quarantine_put+0xd4/0x204 [ 112.036350][ C0] ____kasan_slab_free+0x124/0x164 [ 112.037764][ C0] __kasan_slab_free+0x18/0x28 [ 112.039059][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 112.040517][ C0] kfree+0x170/0x40c [ 112.041592][ C0] skb_release_data+0x3c0/0x5ac [ 112.042940][ C0] consume_skb+0x138/0x33c [ 112.044126][ C0] netlink_unicast+0x614/0x89c [ 112.045405][ C0] netlink_sendmsg+0x6e8/0x9cc [ 112.046670][ C0] ____sys_sendmsg+0x61c/0x920 [ 112.048001][ C0] ___sys_sendmsg+0x1d0/0x240 [ 112.049263][ C0] __arm64_sys_sendmsg+0x1a8/0x254 [ 112.050636][ C0] invoke_syscall+0x98/0x2b8 [ 112.051910][ C0] el0_svc_common+0x138/0x258 [ 112.053169][ C0] do_el0_svc+0x58/0x14c [ 112.054297][ C0] el0_svc+0x78/0x1e0 [ 112.055374][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 112.056662][ C0] el0t_64_sync+0x1a0/0x1a4 [ 112.057845][ C0] irq event stamp: 330182 [ 112.058970][ C0] hardirqs last enabled at (330181): [] kasan_quarantine_put+0xc4/0x204 [ 112.061560][ C0] hardirqs last disabled at (330182): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.064201][ C0] softirqs last enabled at (329048): [] local_bh_enable+0x10/0x34 [ 112.066761][ C0] softirqs last disabled at (329046): [] local_bh_disable+0x10/0x34 [ 112.069327][ C0] ---[ end trace 381ec441ce78a67c ]--- [ 112.161123][ T4972] loop0: detected capacity change from 0 to 128 [ 112.167454][ T4972] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.169392][ T4972] Bad inode number on dev loop0: 2 is out of range [ 112.171131][ T4972] SysV FS: get root inode failed [ 112.172479][ T4972] oldfs: cannot read superblock [ 112.177298][ T4452] ------------[ cut here ]------------ [ 112.178750][ T4452] VFS: brelse: Trying to free free buffer [ 112.180343][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.182724][ T4452] Modules linked in: [ 112.183773][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 112.186150][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 112.188811][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.190996][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 112.192527][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 112.193946][ T4452] sp : ffff80001f2077c0 [ 112.195185][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 112.197384][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 112.199622][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000ddbedee0 [ 112.201760][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 112.203965][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 112.206181][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.208309][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 112.210494][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.212734][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 112.214978][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 112.217171][ T4452] Call trace: [ 112.218090][ T4452] invalidate_bh_lru+0x128/0x234 [ 112.219472][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 112.221027][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 112.222383][ T4452] invalidate_bh_lrus+0x34/0x40 [ 112.223713][ T4452] blkdev_flush_mapping+0x168/0x31c [ 112.225097][ T4452] blkdev_put+0x490/0x6ac [ 112.226329][ T4452] blkdev_close+0x74/0xb0 [ 112.227488][ T4452] __fput+0x1c0/0x7f8 [ 112.228591][ T4452] ____fput+0x20/0x30 [ 112.229654][ T4452] task_work_run+0x12c/0x1e0 [ 112.230885][ T4452] do_notify_resume+0x24b4/0x3128 [ 112.232258][ T4452] el0_svc+0xf0/0x1e0 [ 112.233341][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 112.234710][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 112.235897][ T4452] irq event stamp: 336288 [ 112.237019][ T4452] hardirqs last enabled at (336287): [] kasan_quarantine_put+0xc4/0x204 [ 112.239808][ T4452] hardirqs last disabled at (336288): [] smp_call_function_many_cond+0xa44/0xeb0 [ 112.242659][ T4452] softirqs last enabled at (335270): [] local_bh_enable+0x10/0x34 [ 112.245318][ T4452] softirqs last disabled at (335268): [] local_bh_disable+0x10/0x34 [ 112.247935][ T4452] ---[ end trace 381ec441ce78a67d ]--- [ 112.307481][ T4974] loop0: detected capacity change from 0 to 128 [ 112.313709][ T4974] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.315663][ T4974] Bad inode number on dev loop0: 2 is out of range [ 112.317407][ T4974] SysV FS: get root inode failed [ 112.318703][ T4974] oldfs: cannot read superblock [ 112.328657][ T4452] ------------[ cut here ]------------ [ 112.330161][ T4452] VFS: brelse: Trying to free free buffer [ 112.331729][ T4452] WARNING: CPU: 0 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.334185][ T4452] Modules linked in: [ 112.335201][ T4452] CPU: 0 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 112.337682][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 112.340424][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.342470][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 112.343835][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 112.345257][ T4452] sp : ffff80001f2077c0 [ 112.346417][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe00036859053 [ 112.348549][ T4452] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 112.350653][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e16495d0 [ 112.352827][ T4452] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000000003 [ 112.354960][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 112.357138][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.359258][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 112.361367][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.363503][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 112.365769][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 112.367992][ T4452] Call trace: [ 112.368864][ T4452] invalidate_bh_lru+0x128/0x234 [ 112.370226][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 112.371797][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 112.373154][ T4452] invalidate_bh_lrus+0x34/0x40 [ 112.374462][ T4452] blkdev_flush_mapping+0x168/0x31c [ 112.375893][ T4452] blkdev_put+0x490/0x6ac [ 112.377089][ T4452] blkdev_close+0x74/0xb0 [ 112.378278][ T4452] __fput+0x1c0/0x7f8 [ 112.379360][ T4452] ____fput+0x20/0x30 [ 112.380402][ T4452] task_work_run+0x12c/0x1e0 [ 112.381616][ T4452] do_notify_resume+0x24b4/0x3128 [ 112.382972][ T4452] el0_svc+0xf0/0x1e0 [ 112.384032][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 112.385361][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 112.386576][ T4452] irq event stamp: 341438 [ 112.387769][ T4452] hardirqs last enabled at (341437): [] kasan_quarantine_put+0xc4/0x204 [ 112.390477][ T4452] hardirqs last disabled at (341438): [] smp_call_function_many_cond+0xa44/0xeb0 [ 112.393328][ T4452] softirqs last enabled at (339554): [] local_bh_enable+0x10/0x34 [ 112.395881][ T4452] softirqs last disabled at (339552): [] local_bh_disable+0x10/0x34 [ 112.398461][ T4452] ---[ end trace 381ec441ce78a67e ]--- [ 112.441548][ T4976] loop0: detected capacity change from 0 to 128 [ 112.446144][ T4976] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.448139][ T4976] Bad inode number on dev loop0: 2 is out of range [ 112.450008][ T4976] SysV FS: get root inode failed [ 112.451312][ T4976] oldfs: cannot read superblock [ 112.453075][ C0] ------------[ cut here ]------------ [ 112.454602][ C0] VFS: brelse: Trying to free free buffer [ 112.456245][ C0] WARNING: CPU: 0 PID: 3628 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.458595][ C0] Modules linked in: [ 112.459643][ C0] CPU: 0 PID: 3628 Comm: syslogd Tainted: G W 5.15.181-syzkaller #0 [ 112.462171][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 112.465028][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.467153][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 112.468612][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 112.470091][ C0] sp : ffff800008007de0 [ 112.471205][ C0] x29: ffff800008007de0 x28: ffff0000d5753680 x27: 1fffe00036859053 [ 112.473436][ C0] x26: 0000000000000001 x25: ffff0001b42c8298 x24: 0000000000000000 [ 112.475654][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e1649970 [ 112.477885][ C0] x20: ffff0001b42c8298 x19: ffff8000113aada0 x18: 0000000000010003 [ 112.480125][ C0] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 112.482322][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.484417][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : d26002253d668d00 [ 112.486605][ C0] x8 : d26002253d668d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.488902][ C0] x5 : ffff8000080076d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 112.491055][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 112.493313][ C0] Call trace: [ 112.494175][ C0] invalidate_bh_lru+0x128/0x234 [ 112.495538][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 112.497154][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.499056][ C0] ipi_handler+0x108/0x70c [ 112.500304][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 112.501802][ C0] handle_domain_irq+0x144/0x1fc [ 112.503130][ C0] gic_handle_irq+0x78/0x1c8 [ 112.504365][ C0] call_on_irq_stack+0x24/0x4c [ 112.505665][ C0] do_interrupt_handler+0x6c/0x88 [ 112.507053][ C0] el1_interrupt+0x30/0x58 [ 112.508264][ C0] el1h_64_irq_handler+0x18/0x24 [ 112.509621][ C0] el1h_64_irq+0x78/0x7c [ 112.510771][ C0] kasan_check_range+0x34/0x2b0 [ 112.512130][ C0] __kasan_check_write+0x44/0x54 [ 112.513432][ C0] copy_page_from_iter_atomic+0x47c/0x1214 [ 112.515005][ C0] generic_perform_write+0x284/0x480 [ 112.516389][ C0] __generic_file_write_iter+0x23c/0x454 [ 112.517938][ C0] generic_file_write_iter+0xb0/0x1b4 [ 112.519450][ C0] vfs_write+0x7c8/0xa2c [ 112.520631][ C0] ksys_write+0x120/0x210 [ 112.521786][ C0] __arm64_sys_write+0x7c/0x90 [ 112.523099][ C0] invoke_syscall+0x98/0x2b8 [ 112.524368][ C0] el0_svc_common+0x138/0x258 [ 112.525647][ C0] do_el0_svc+0x58/0x14c [ 112.526835][ C0] el0_svc+0x78/0x1e0 [ 112.527946][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 112.529285][ C0] el0t_64_sync+0x1a0/0x1a4 [ 112.530500][ C0] irq event stamp: 144012 [ 112.531667][ C0] hardirqs last enabled at (144011): [] seqcount_lockdep_reader_access+0x1fc/0x2c4 [ 112.534653][ C0] hardirqs last disabled at (144012): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.537298][ C0] softirqs last enabled at (143964): [] local_bh_enable+0x10/0x34 [ 112.539879][ C0] softirqs last disabled at (143962): [] local_bh_disable+0x10/0x34 [ 112.542484][ C0] ---[ end trace 381ec441ce78a67f ]--- [ 112.661196][ T4978] loop0: detected capacity change from 0 to 128 [ 112.667984][ T4978] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.669927][ T4978] Bad inode number on dev loop0: 2 is out of range [ 112.671670][ T4978] SysV FS: get root inode failed [ 112.674484][ T4978] oldfs: cannot read superblock [ 112.680055][ T4452] ------------[ cut here ]------------ [ 112.681620][ T4452] VFS: brelse: Trying to free free buffer [ 112.683266][ T4452] WARNING: CPU: 1 PID: 4452 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.685712][ T4452] Modules linked in: [ 112.686807][ T4452] CPU: 1 PID: 4452 Comm: udevd Tainted: G W 5.15.181-syzkaller #0 [ 112.689259][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 112.691962][ T4452] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.694132][ T4452] pc : invalidate_bh_lru+0x128/0x234 [ 112.695573][ T4452] lr : invalidate_bh_lru+0x128/0x234 [ 112.697064][ T4452] sp : ffff80001f2077c0 [ 112.698124][ T4452] x29: ffff80001f2077c0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 112.700320][ T4452] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 112.702505][ T4452] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dbeb7318 [ 112.704757][ T4452] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 112.707035][ T4452] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 112.709201][ T4452] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.711415][ T4452] x11: 0000000000000002 x10: 0000000000000000 x9 : 450c6ddf1771a300 [ 112.713567][ T4452] x8 : 450c6ddf1771a300 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.715819][ T4452] x5 : ffff80001f2070b8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 112.718009][ T4452] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 112.720165][ T4452] Call trace: [ 112.721007][ T4452] invalidate_bh_lru+0x128/0x234 [ 112.722362][ T4452] smp_call_function_many_cond+0xa50/0xeb0 [ 112.723982][ T4452] on_each_cpu_cond_mask+0x5c/0xc4 [ 112.725400][ T4452] invalidate_bh_lrus+0x34/0x40 [ 112.726724][ T4452] blkdev_flush_mapping+0x168/0x31c [ 112.728137][ T4452] blkdev_put+0x490/0x6ac [ 112.729377][ T4452] blkdev_close+0x74/0xb0 [ 112.730516][ T4452] __fput+0x1c0/0x7f8 [ 112.731628][ T4452] ____fput+0x20/0x30 [ 112.732739][ T4452] task_work_run+0x12c/0x1e0 [ 112.733991][ T4452] do_notify_resume+0x24b4/0x3128 [ 112.735358][ T4452] el0_svc+0xf0/0x1e0 [ 112.736478][ T4452] el0t_64_sync_handler+0xcc/0xe4 [ 112.737888][ T4452] el0t_64_sync+0x1a0/0x1a4 [ 112.739120][ T4452] irq event stamp: 352520 [ 112.740254][ T4452] hardirqs last enabled at (352519): [] kasan_quarantine_put+0xc4/0x204 [ 112.742981][ T4452] hardirqs last disabled at (352520): [] smp_call_function_many_cond+0xa44/0xeb0 [ 112.745845][ T4452] softirqs last enabled at (351560): [] local_bh_enable+0x10/0x34 [ 112.748486][ T4452] softirqs last disabled at (351558): [] local_bh_disable+0x10/0x34 [ 112.751097][ T4452] ---[ end trace 381ec441ce78a680 ]--- [ 112.812325][ T4980] loop0: detected capacity change from 0 to 128 [ 112.816427][ T4980] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 112.818442][ T4980] Bad inode number on dev loop0: 2 is out of range [ 112.820212][ T4980] SysV FS: get root inode failed [ 112.821810][ T4980] oldfs: cannot read superblock [ 112.828651][ C1] ------------[ cut here ]------------ [ 112.830119][ C1] VFS: brelse: Trying to free free buffer [ 112.831728][ C1] WARNING: CPU: 1 PID: 4602 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 112.834261][ C1] Modules linked in: [ 112.835363][ C1] CPU: 1 PID: 4602 Comm: syz-executor Tainted: G W 5.15.181-syzkaller #0 [ 112.837967][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 112.840660][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 112.842909][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 112.844370][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 112.845839][ C1] sp : ffff800008017de0 [ 112.846987][ C1] x29: ffff800008017de0 x28: ffff0000cd928000 x27: 1fffe0003685d254 [ 112.849260][ C1] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000001 [ 112.851414][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dbeb76b8 [ 112.853659][ C1] x20: ffff0001b42e92a0 x19: ffff8000113aada0 x18: 0000000000010003 [ 112.855905][ C1] x17: 0000000000010003 x16: ffff8000111a3970 x15: 00000000ffffffff [ 112.858086][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 112.860263][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : cc8eef5962782100 [ 112.862417][ C1] x8 : cc8eef5962782100 x7 : 0000000000000001 x6 : 0000000000000001 [ 112.864552][ C1] x5 : ffff8000080176d8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 112.866755][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 112.868843][ C1] Call trace: [ 112.869710][ C1] invalidate_bh_lru+0x128/0x234 [ 112.871063][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 112.872706][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 112.874563][ C1] ipi_handler+0x108/0x70c [ 112.875758][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 112.877254][ C1] handle_domain_irq+0x144/0x1fc [ 112.878579][ C1] gic_handle_irq+0x78/0x1c8 [ 112.879886][ C1] call_on_irq_stack+0x24/0x4c [ 112.881157][ C1] do_interrupt_handler+0x6c/0x88 [ 112.882498][ C1] el1_interrupt+0x30/0x58 [ 112.883712][ C1] el1h_64_irq_handler+0x18/0x24 [ 112.885140][ C1] el1h_64_irq+0x78/0x7c [ 112.886293][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 112.887772][ C1] debug_check_no_obj_freed+0x450/0x46c [ 112.889278][ C1] slab_free_freelist_hook+0x9c/0x1e8 [ 112.890683][ C1] kmem_cache_free+0xdc/0x3b4 [ 112.891965][ C1] user_path_at_empty+0x144/0x1a0 [ 112.893329][ C1] vfs_statx+0xf4/0x458 [ 112.894421][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 112.895881][ C1] invoke_syscall+0x98/0x2b8 [ 112.897096][ C1] el0_svc_common+0x138/0x258 [ 112.898339][ C1] do_el0_svc+0x58/0x14c [ 112.899426][ C1] el0_svc+0x78/0x1e0 [ 112.900454][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 112.901838][ C1] el0t_64_sync+0x1a0/0x1a4 [ 112.903033][ C1] irq event stamp: 339974 [ 112.904210][ C1] hardirqs last enabled at (339973): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 112.907117][ C1] hardirqs last disabled at (339974): [] enter_el1_irq_or_nmi+0x10/0x1c [ 112.909830][ C1] softirqs last enabled at (339528): [] local_bh_enable+0x10/0x34 [ 112.912461][ C1] softirqs last disabled at (339526): [] local_bh_disable+0x10/0x34 [ 112.915041][ C1] ---[ end trace 381ec441ce78a681 ]--- [ 112.957719][ T4982] loop0: detected capacity change from 0 to 128 [ 113.004701][ T4982] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 113.006657][ T4982] Bad inode number on dev loop0: 2 is out of range [ 113.008253][ T4982] SysV FS: get root inode failed [ 113.009555][ T4982] oldfs: cannot read superblock [ 113.010811][ T4982] ------------[ cut here ]------------ [ 113.012262][ T4982] VFS: brelse: Trying to free free buffer [ 113.013885][ T4982] WARNING: CPU: 1 PID: 4982 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 113.016337][ T4982] Modules linked in: [ 113.017432][ T4982] CPU: 1 PID: 4982 Comm: syz.0.71 Tainted: G W 5.15.181-syzkaller #0 [ 113.019950][ T4982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 113.022653][ T4982] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 113.024766][ T4982] pc : invalidate_bh_lru+0x128/0x234 [ 113.026208][ T4982] lr : invalidate_bh_lru+0x128/0x234 [ 113.027640][ T4982] sp : ffff80001f7f76e0 [ 113.028771][ T4982] x29: ffff80001f7f76e0 x28: ffff80001414d000 x27: 1fffe0003685d253 [ 113.030950][ T4982] x26: 0000000000000001 x25: ffff0001b42e9298 x24: 0000000000000000 [ 113.033215][ T4982] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dbeb7a58 [ 113.035426][ T4982] x20: ffff0001b42e9298 x19: ffff8000113aada0 x18: 0000000000000003 [ 113.037561][ T4982] x17: 0000000000000000 x16: ffff8000111a3970 x15: 00000000ffffffff [ 113.039759][ T4982] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 113.042059][ T4982] x11: 0000000000000002 x10: 0000000000000000 x9 : b8d7584f293cb600 [ 113.044261][ T4982] x8 : b8d7584f293cb600 x7 : 0000000000000001 x6 : 0000000000000001 [ 113.046434][ T4982] x5 : ffff80001f7f6fd8 x4 : ffff80001422f280 x3 : ffff800008503848 [ 113.048601][ T4982] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 113.050739][ T4982] Call trace: [ 113.051583][ T4982] invalidate_bh_lru+0x128/0x234 [ 113.052926][ T4982] smp_call_function_many_cond+0xa50/0xeb0