Warning: Permanently added '10.128.1.206' (ED25519) to the list of known hosts. 1970/01/01 00:00:56 parsed 1 programs [ 57.856032][ T4411] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 59.090527][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.091774][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.093345][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.101479][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.102803][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.104911][ T565] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.292489][ T4512] chnl_net:caif_netlink_parms(): no params data found [ 59.308973][ T4512] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.310034][ T4512] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.311581][ T4512] device bridge_slave_0 entered promiscuous mode [ 59.313555][ T4512] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.315218][ T4512] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.316777][ T4512] device bridge_slave_1 entered promiscuous mode [ 59.324402][ T4512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.328665][ T4512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.336298][ T4512] team0: Port device team_slave_0 added [ 59.338615][ T4512] team0: Port device team_slave_1 added [ 59.344942][ T4512] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.346044][ T4512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.350091][ T4512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.352475][ T4512] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.353530][ T4512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.357895][ T4512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.415500][ T4512] device hsr_slave_0 entered promiscuous mode [ 59.464182][ T4512] device hsr_slave_1 entered promiscuous mode [ 60.057256][ T4512] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.076046][ T4512] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.105139][ T4512] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.145694][ T4512] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 60.206543][ T4512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.210405][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.212068][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.218504][ T4512] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.221916][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.225108][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.226677][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.227818][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.239852][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.241293][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.242778][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.244836][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.245998][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.247313][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 60.248942][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 60.250579][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 60.252667][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 60.255339][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 60.257046][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 60.261176][ T4512] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 60.262662][ T4512] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.271620][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 60.273439][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.275987][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.277923][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.279415][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.283280][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 60.331023][ T4512] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.335175][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 60.336530][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 60.340846][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.342448][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.349843][ T4512] device veth0_vlan entered promiscuous mode [ 60.353285][ T4512] device veth1_vlan entered promiscuous mode [ 60.355397][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.356958][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.358484][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.360067][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.361389][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.369076][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.370716][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.372205][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.374786][ T4512] device veth0_macvtap entered promiscuous mode [ 60.377031][ T4512] device veth1_macvtap entered promiscuous mode [ 60.381788][ T4512] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.385789][ T4512] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.387363][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.388853][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.390233][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.391713][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.393150][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.394775][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.397687][ T4512] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.399112][ T4512] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.400470][ T4512] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.401760][ T4512] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:01:00 executed programs: 0 [ 60.572771][ T4638] chnl_net:caif_netlink_parms(): no params data found [ 60.592460][ T4638] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.593626][ T4638] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.595313][ T4638] device bridge_slave_0 entered promiscuous mode [ 60.597788][ T4638] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.598837][ T4638] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.600281][ T4638] device bridge_slave_1 entered promiscuous mode [ 60.608746][ T4638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.611310][ T4638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.619699][ T4638] team0: Port device team_slave_0 added [ 60.621611][ T4638] team0: Port device team_slave_1 added [ 60.629118][ T4638] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.630174][ T4638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.634219][ T4638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.636809][ T4638] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.637861][ T4638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.641412][ T4638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.675077][ T4638] device hsr_slave_0 entered promiscuous mode [ 60.714227][ T4638] device hsr_slave_1 entered promiscuous mode [ 60.755209][ T4638] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.756431][ T4638] Cannot create hsr debugfs directory [ 60.799847][ T4638] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.584075][ T3625] Bluetooth: hci0: command 0x0409 tx timeout [ 63.577031][ T4638] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.664030][ T21] Bluetooth: hci0: command 0x041b tx timeout [ 66.097876][ T4638] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.142887][ T4638] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.327072][ T4638] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.375515][ T4638] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.428671][ T4638] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.465260][ T4638] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.541607][ T4638] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.546202][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 66.547797][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.550258][ T4638] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.552646][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 66.554980][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.556401][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.557598][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.558818][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 66.565685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 66.567356][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 66.568696][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.569740][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.572171][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 66.575694][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 66.578293][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 66.579840][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 66.581317][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.583760][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 66.585719][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.588329][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 66.589753][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 66.592175][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 66.593591][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.598792][ T4638] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 66.638538][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 66.639821][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 66.643179][ T4638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.649270][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 66.650872][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 66.660016][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 66.661618][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 66.663212][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 66.665114][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 66.667406][ T4638] device veth0_vlan entered promiscuous mode [ 66.670673][ T4638] device veth1_vlan entered promiscuous mode [ 66.678830][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 66.680345][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 66.681788][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 66.683285][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 66.690475][ T4638] device veth0_macvtap entered promiscuous mode [ 66.692834][ T4638] device veth1_macvtap entered promiscuous mode [ 66.698981][ T4638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.700590][ T4638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.702657][ T4638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.703810][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 66.705667][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 66.707114][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 66.708603][ T354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.710957][ T4638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.712639][ T4638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.715318][ T4638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.716522][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 66.718064][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.720549][ T4638] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.721910][ T4638] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.723161][ T4638] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.724569][ T4638] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.741759][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.743015][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.744431][ T4141] Bluetooth: hci0: command 0x040f tx timeout [ 66.746430][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.750919][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.752261][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.753729][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 66.773035][ T4892] loop0: detected capacity change from 0 to 128 1970/01/01 00:01:06 executed programs: 2 [ 66.861184][ T4892] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 66.862477][ T4892] Bad inode number on dev loop0: 2 is out of range [ 66.863385][ T4892] SysV FS: get root inode failed [ 66.864603][ T4892] oldfs: cannot read superblock [ 66.927064][ C0] ------------[ cut here ]------------ [ 66.928015][ C0] VFS: brelse: Trying to free free buffer [ 66.928922][ C0] WARNING: CPU: 0 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 66.930124][ C0] Modules linked in: [ 66.930736][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 [ 66.931877][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 66.933388][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 66.934666][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 66.935501][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 66.936338][ C0] sp : ffff800008007de0 [ 66.936990][ C0] x29: ffff800008007de0 x28: ffff8000141a3880 x27: 1fffe0003421845c [ 66.938324][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 66.939593][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de772c28 [ 66.940753][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 66.941938][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 66.943143][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 66.944434][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 6e02c961404ae800 [ 66.945735][ C0] x8 : 6e02c961404ae800 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.947036][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 66.948276][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 66.949566][ C0] Call trace: [ 66.950084][ C0] invalidate_bh_lru+0x128/0x234 [ 66.950879][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 66.951834][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 66.952930][ C0] ipi_handler+0x10c/0x710 [ 66.953676][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 66.954527][ C0] handle_domain_irq+0x144/0x1fc [ 66.955351][ C0] gic_handle_irq+0x78/0x1c8 [ 66.956154][ C0] call_on_irq_stack+0x30/0x48 [ 66.956963][ C0] do_interrupt_handler+0x6c/0x88 [ 66.957801][ C0] el1_interrupt+0x30/0x58 [ 66.958513][ C0] el1h_64_irq_handler+0x18/0x24 [ 66.959234][ C0] el1h_64_irq+0x78/0x7c [ 66.959846][ C0] arch_local_irq_enable+0xc/0x18 [ 66.960641][ C0] default_idle_call+0xcc/0x418 [ 66.961416][ C0] do_idle+0x1c8/0x480 [ 66.962094][ C0] cpu_startup_entry+0x24/0x28 [ 66.962837][ C0] rest_init+0x360/0x390 [ 66.963505][ C0] arch_call_rest_init+0x14/0x20 [ 66.964300][ C0] start_kernel+0x49c/0x54c [ 66.965062][ C0] __primary_switched+0xa8/0xb0 [ 66.965850][ C0] irq event stamp: 428964 [ 66.966527][ C0] hardirqs last enabled at (428963): [] default_idle_call+0xb8/0x418 [ 66.968098][ C0] hardirqs last disabled at (428964): [] enter_el1_irq_or_nmi+0x10/0x1c [ 66.969681][ C0] softirqs last enabled at (428952): [] handle_softirqs+0xa4c/0xbf0 [ 66.971279][ C0] softirqs last disabled at (428837): [] __irq_exit_rcu+0x240/0x440 [ 66.972840][ C0] ---[ end trace eb6d8fd83ed9e1ce ]--- [ 66.984152][ T4894] loop0: detected capacity change from 0 to 128 [ 66.986665][ T4894] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 66.987751][ T4894] Bad inode number on dev loop0: 2 is out of range [ 66.988704][ T4894] SysV FS: get root inode failed [ 66.989389][ T4894] oldfs: cannot read superblock [ 66.993145][ C0] ------------[ cut here ]------------ [ 66.994000][ C0] VFS: brelse: Trying to free free buffer [ 66.994916][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 66.996322][ C0] Modules linked in: [ 66.996941][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 66.998356][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.000001][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.001299][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 67.002152][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 67.002968][ C0] sp : ffff800008007de0 [ 67.003565][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 67.004878][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 67.006145][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76f400 [ 67.007468][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 67.008682][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.009901][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.011117][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 67.012397][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.013660][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.014804][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 67.016023][ C0] Call trace: [ 67.016526][ C0] invalidate_bh_lru+0x128/0x234 [ 67.017307][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 67.018278][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 67.019391][ C0] ipi_handler+0x10c/0x710 [ 67.020098][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 67.020968][ C0] handle_domain_irq+0x144/0x1fc [ 67.021670][ C0] gic_handle_irq+0x78/0x1c8 [ 67.022369][ C0] call_on_irq_stack+0x30/0x48 [ 67.023072][ C0] do_interrupt_handler+0x6c/0x88 [ 67.023810][ C0] el1_interrupt+0x30/0x58 [ 67.024440][ C0] el1h_64_irq_handler+0x18/0x24 [ 67.025112][ C0] el1h_64_irq+0x78/0x7c [ 67.025782][ C0] kasan_quarantine_put+0xd4/0x204 [ 67.026633][ C0] ____kasan_slab_free+0x124/0x164 [ 67.027411][ C0] __kasan_slab_free+0x18/0x28 [ 67.028108][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 67.028918][ C0] kmem_cache_free+0xdc/0x3b4 [ 67.029600][ C0] security_file_free+0xc8/0xe4 [ 67.030309][ C0] __fput+0x4b8/0x7f8 [ 67.030876][ C0] ____fput+0x20/0x30 [ 67.031462][ C0] task_work_run+0x12c/0x1e0 [ 67.032173][ C0] do_notify_resume+0x24b4/0x3128 [ 67.033023][ C0] el0_svc+0xf0/0x1e0 [ 67.033634][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 67.034398][ C0] el0t_64_sync+0x1a0/0x1a4 [ 67.035074][ C0] irq event stamp: 125248 [ 67.035743][ C0] hardirqs last enabled at (125247): [] kasan_quarantine_put+0xc4/0x204 [ 67.037353][ C0] hardirqs last disabled at (125248): [] enter_el1_irq_or_nmi+0x10/0x1c [ 67.038803][ C0] softirqs last enabled at (124848): [] local_bh_enable+0x10/0x34 [ 67.040197][ C0] softirqs last disabled at (124846): [] local_bh_disable+0x10/0x34 [ 67.041541][ C0] ---[ end trace eb6d8fd83ed9e1cf ]--- [ 67.082704][ T4896] loop0: detected capacity change from 0 to 128 [ 67.115891][ T4896] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.117142][ T4896] Bad inode number on dev loop0: 2 is out of range [ 67.118269][ T4896] SysV FS: get root inode failed [ 67.119208][ T4896] oldfs: cannot read superblock [ 67.127278][ C1] ------------[ cut here ]------------ [ 67.128108][ C1] VFS: brelse: Trying to free free buffer [ 67.129065][ C1] WARNING: CPU: 1 PID: 4897 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.130480][ C1] Modules linked in: [ 67.131108][ C1] CPU: 1 PID: 4897 Comm: syz-executor Tainted: G W syzkaller #0 [ 67.132483][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.134000][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.135265][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 67.136085][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 67.136847][ C1] sp : ffff800008017de0 [ 67.137429][ C1] x29: ffff800008017de0 x28: ffff0000ccc03680 x27: 1fffe0003421c65c [ 67.138680][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 67.139869][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2af4b40 [ 67.141089][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 67.142394][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.143638][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.144846][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 5ade115dd5195200 [ 67.146047][ C1] x8 : 5ade115dd5195200 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.147241][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.148456][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 67.149740][ C1] Call trace: [ 67.150248][ C1] invalidate_bh_lru+0x128/0x234 [ 67.151021][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 67.151914][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 67.152930][ C1] ipi_handler+0x10c/0x710 [ 67.153612][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 67.154418][ C1] handle_domain_irq+0x144/0x1fc [ 67.155128][ C1] gic_handle_irq+0x78/0x1c8 [ 67.155805][ C1] call_on_irq_stack+0x30/0x48 [ 67.156499][ C1] do_interrupt_handler+0x6c/0x88 [ 67.157241][ C1] el1_interrupt+0x30/0x58 [ 67.157866][ C1] el1h_64_irq_handler+0x18/0x24 [ 67.158633][ C1] el1h_64_irq+0x78/0x7c [ 67.159307][ C1] kasan_check_range+0x7c/0x2b0 [ 67.159989][ C1] memset+0x58/0x88 [ 67.160580][ C1] d_absolute_path+0x44/0x148 [ 67.161299][ C1] tomoyo_realpath_from_path+0x2a0/0x510 [ 67.162153][ C1] tomoyo_path_perm+0x1b4/0x440 [ 67.162925][ C1] tomoyo_path_symlink+0xa8/0xec [ 67.163732][ C1] security_path_symlink+0xec/0x13c [ 67.164586][ C1] do_symlinkat+0x108/0x5a8 [ 67.165275][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 67.166083][ C1] invoke_syscall+0x98/0x2b8 [ 67.166790][ C1] el0_svc_common+0x138/0x258 [ 67.167495][ C1] do_el0_svc+0x58/0x14c [ 67.168156][ C1] el0_svc+0x78/0x1e0 [ 67.168792][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 67.169608][ C1] el0t_64_sync+0x1a0/0x1a4 [ 67.170316][ C1] irq event stamp: 876 [ 67.170931][ C1] hardirqs last enabled at (875): [] ___slab_alloc+0xc34/0xda8 [ 67.172441][ C1] hardirqs last disabled at (876): [] enter_el1_irq_or_nmi+0x10/0x1c [ 67.173853][ C1] softirqs last enabled at (508): [] local_bh_enable+0x10/0x34 [ 67.175231][ C1] softirqs last disabled at (506): [] local_bh_disable+0x10/0x34 [ 67.176758][ C1] ---[ end trace eb6d8fd83ed9e1d0 ]--- [ 67.216873][ T4898] loop0: detected capacity change from 0 to 128 [ 67.219104][ T4898] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.220233][ T4898] Bad inode number on dev loop0: 2 is out of range [ 67.221128][ T4898] SysV FS: get root inode failed [ 67.221807][ T4898] oldfs: cannot read superblock [ 67.226014][ C0] ------------[ cut here ]------------ [ 67.226895][ C0] VFS: brelse: Trying to free free buffer [ 67.227861][ C0] WARNING: CPU: 0 PID: 1612 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.229253][ C0] Modules linked in: [ 67.229875][ C0] CPU: 0 PID: 1612 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 67.231327][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.232912][ C0] Workqueue: netns cleanup_net [ 67.233653][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.234966][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 67.235762][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 67.236603][ C0] sp : ffff800008007de0 [ 67.237281][ C0] x29: ffff800008007de0 x28: ffff0000ccb8b680 x27: 1fffe0003421845c [ 67.238606][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 67.239900][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76f7a0 [ 67.241150][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 67.242489][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.243740][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.245039][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cae4c65ef204db00 [ 67.246401][ C0] x8 : cae4c65ef204db00 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.247695][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.248965][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 67.250281][ C0] Call trace: [ 67.250808][ C0] invalidate_bh_lru+0x128/0x234 [ 67.251808][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 67.252738][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 67.253759][ C0] ipi_handler+0x10c/0x710 [ 67.254391][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 67.255295][ C0] handle_domain_irq+0x144/0x1fc [ 67.256074][ C0] gic_handle_irq+0x78/0x1c8 [ 67.256782][ C0] call_on_irq_stack+0x30/0x48 [ 67.257569][ C0] do_interrupt_handler+0x6c/0x88 [ 67.258322][ C0] el1_interrupt+0x30/0x58 [ 67.259074][ C0] el1h_64_irq_handler+0x18/0x24 [ 67.259815][ C0] el1h_64_irq+0x78/0x7c [ 67.260542][ C0] __sanitizer_cov_trace_const_cmp4+0xc4/0xc8 [ 67.261397][ C0] hsr_dellink+0x24/0x68 [ 67.262048][ C0] default_device_exit_batch+0x264/0x4a4 [ 67.262832][ C0] cleanup_net+0x644/0xa98 [ 67.263466][ C0] process_one_work+0x79c/0x1140 [ 67.264169][ C0] worker_thread+0x8f4/0x101c [ 67.264865][ C0] kthread+0x374/0x454 [ 67.265516][ C0] ret_from_fork+0x10/0x20 [ 67.266228][ C0] irq event stamp: 849588 [ 67.266838][ C0] hardirqs last enabled at (849587): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 67.268422][ C0] hardirqs last disabled at (849588): [] enter_el1_irq_or_nmi+0x10/0x1c [ 67.269889][ C0] softirqs last enabled at (849582): [] clusterip_netdev_event+0x384/0x3ac [ 67.271404][ C0] softirqs last disabled at (849580): [] clusterip_netdev_event+0x80/0x3ac [ 67.273061][ C0] ---[ end trace eb6d8fd83ed9e1d1 ]--- [ 67.276461][ T1612] device hsr_slave_0 left promiscuous mode [ 67.304646][ T1612] device hsr_slave_1 left promiscuous mode [ 67.316873][ T4900] loop0: detected capacity change from 0 to 128 [ 67.355265][ T4900] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.356499][ T4900] Bad inode number on dev loop0: 2 is out of range [ 67.357542][ T4900] SysV FS: get root inode failed [ 67.358343][ T4900] oldfs: cannot read superblock [ 67.414011][ T1612] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.415331][ T1612] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.416528][ T4902] ------------[ cut here ]------------ [ 67.417350][ T4902] VFS: brelse: Trying to free free buffer [ 67.418276][ T4902] WARNING: CPU: 1 PID: 4902 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.419612][ T4902] Modules linked in: [ 67.420232][ T4902] CPU: 1 PID: 4902 Comm: syz.0.20 Tainted: G W syzkaller #0 [ 67.421531][ T4902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.423101][ T4902] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.424384][ T4902] pc : invalidate_bh_lru+0x128/0x234 [ 67.425283][ T4902] lr : invalidate_bh_lru+0x128/0x234 [ 67.426208][ T4902] sp : ffff80001fc96f70 [ 67.426881][ T4902] x29: ffff80001fc96f70 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 67.428098][ T4902] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 67.429390][ T4902] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2af4ee0 [ 67.430611][ T4902] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 67.431911][ T4902] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.433287][ T4902] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.434629][ T4902] x11: 0000000000000002 x10: 0000000000000000 x9 : f93aba17c4027000 [ 67.435906][ T4902] x8 : f93aba17c4027000 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.437160][ T4902] x5 : ffff80001fc96858 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.438452][ T4902] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 67.439705][ T4902] Call trace: [ 67.440188][ T4902] invalidate_bh_lru+0x128/0x234 [ 67.440957][ T4902] smp_call_function_many_cond+0xa50/0xeb0 [ 67.441954][ T4902] on_each_cpu_cond_mask+0x5c/0xc4 [ 67.442710][ T4902] invalidate_bh_lrus+0x34/0x40 [ 67.443506][ T4902] invalidate_bdev+0x90/0xc0 [ 67.444190][ T4902] __loop_clr_fd+0x4e4/0x978 [ 67.444867][ T4902] lo_ioctl+0xd90/0x1c08 [ 67.445524][ T4902] blkdev_ioctl+0x5f8/0xbb8 [ 67.446242][ T4902] block_ioctl+0xa4/0x118 [ 67.446935][ T4902] __arm64_sys_ioctl+0x14c/0x1c8 [ 67.447762][ T4902] invoke_syscall+0x98/0x2b8 [ 67.448431][ T4902] el0_svc_common+0x138/0x258 [ 67.449186][ T4902] do_el0_svc+0x58/0x14c [ 67.449858][ T4902] el0_svc+0x78/0x1e0 [ 67.450471][ T4902] el0t_64_sync_handler+0xcc/0xe4 [ 67.451253][ T4902] el0t_64_sync+0x1a0/0x1a4 [ 67.451974][ T4902] irq event stamp: 690 [ 67.452647][ T4902] hardirqs last enabled at (689): [] _raw_spin_unlock_irq+0x98/0x128 [ 67.454286][ T4902] hardirqs last disabled at (690): [] smp_call_function_many_cond+0xa44/0xeb0 [ 67.456070][ T4902] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 67.457543][ T4902] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 67.459094][ T4902] ---[ end trace eb6d8fd83ed9e1d2 ]--- [ 67.462099][ T1612] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.463263][ T1612] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.464999][ T1612] device bridge_slave_1 left promiscuous mode [ 67.466048][ T1612] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.467930][ T4902] loop0: detected capacity change from 0 to 128 [ 67.470297][ T4902] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.471395][ T4902] Bad inode number on dev loop0: 2 is out of range [ 67.472347][ T4902] SysV FS: get root inode failed [ 67.473063][ T4902] oldfs: cannot read superblock [ 67.480875][ C0] ------------[ cut here ]------------ [ 67.481725][ C0] VFS: brelse: Trying to free free buffer [ 67.482579][ C0] WARNING: CPU: 0 PID: 4903 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.483940][ C0] Modules linked in: [ 67.484575][ C0] CPU: 0 PID: 4903 Comm: syz-executor Tainted: G W syzkaller #0 [ 67.486074][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.487684][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.488955][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 67.489783][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 67.490619][ C0] sp : ffff800008007de0 [ 67.491274][ C0] x29: ffff800008007de0 x28: ffff0000cc1cd1c0 x27: 1fffe0003421845c [ 67.492426][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 67.493692][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76fb40 [ 67.494810][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 67.495983][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.497150][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.498245][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : d8003b56296bd500 [ 67.499419][ C0] x8 : d8003b56296bd500 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.500635][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.501843][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 67.503058][ C0] Call trace: [ 67.503571][ C0] invalidate_bh_lru+0x128/0x234 [ 67.504299][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 67.505205][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 67.506219][ C0] ipi_handler+0x10c/0x710 [ 67.506850][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 67.507740][ C0] handle_domain_irq+0x144/0x1fc [ 67.508533][ C0] gic_handle_irq+0x78/0x1c8 [ 67.509244][ C0] call_on_irq_stack+0x30/0x48 [ 67.510016][ C0] do_interrupt_handler+0x6c/0x88 [ 67.510846][ C0] el1_interrupt+0x30/0x58 [ 67.511550][ C0] el1h_64_irq_handler+0x18/0x24 [ 67.512385][ C0] el1h_64_irq+0x78/0x7c [ 67.513031][ C0] __sanitizer_cov_trace_const_cmp1+0xc4/0xc8 [ 67.514026][ C0] filemap_map_pages+0x958/0xc50 [ 67.514766][ C0] handle_mm_fault+0x19c0/0x2950 [ 67.515608][ C0] do_page_fault+0x694/0xad4 [ 67.516358][ C0] do_translation_fault+0xe0/0x130 [ 67.517172][ C0] do_mem_abort+0x6c/0x1ac [ 67.517894][ C0] el0_ia+0xe0/0x2d0 [ 67.518488][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 67.519254][ C0] el0t_64_sync+0x1a0/0x1a4 [ 67.519954][ C0] irq event stamp: 280 [ 67.520535][ C0] hardirqs last enabled at (279): [] lock_page_memcg+0x110/0x234 [ 67.522095][ C0] hardirqs last disabled at (280): [] enter_el1_irq_or_nmi+0x10/0x1c [ 67.523682][ C0] softirqs last enabled at (50): [] local_bh_enable+0x10/0x34 [ 67.525176][ C0] softirqs last disabled at (48): [] local_bh_disable+0x10/0x34 [ 67.526679][ C0] ---[ end trace eb6d8fd83ed9e1d3 ]--- [ 67.564891][ T1612] device bridge_slave_0 left promiscuous mode [ 67.565973][ T1612] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.567644][ T4904] loop0: detected capacity change from 0 to 128 [ 67.659141][ T4904] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.660357][ T4904] Bad inode number on dev loop0: 2 is out of range [ 67.661292][ T4904] SysV FS: get root inode failed [ 67.662049][ T4904] oldfs: cannot read superblock [ 67.664707][ C1] ------------[ cut here ]------------ [ 67.665519][ C1] VFS: brelse: Trying to free free buffer [ 67.666377][ C1] WARNING: CPU: 1 PID: 4904 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.667613][ C1] Modules linked in: [ 67.668240][ C1] CPU: 1 PID: 4904 Comm: syz.0.21 Tainted: G W syzkaller #0 [ 67.669588][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.671169][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.672307][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 67.673102][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 67.673842][ C1] sp : ffff800008017de0 [ 67.674425][ C1] x29: ffff800008017de0 x28: ffff0000d58e0000 x27: 1fffe0003421c65c [ 67.675638][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 67.676807][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28664e8 [ 67.678098][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 67.679308][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.680630][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.681905][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 1e22a62354d27300 [ 67.683108][ C1] x8 : 1e22a62354d27300 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.684338][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.685555][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 67.686652][ C1] Call trace: [ 67.687108][ C1] invalidate_bh_lru+0x128/0x234 [ 67.687876][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 67.688817][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 67.689953][ C1] ipi_handler+0x10c/0x710 [ 67.690625][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 67.691425][ C1] handle_domain_irq+0x144/0x1fc [ 67.692141][ C1] gic_handle_irq+0x78/0x1c8 [ 67.692819][ C1] call_on_irq_stack+0x30/0x48 [ 67.693554][ C1] do_interrupt_handler+0x6c/0x88 [ 67.694282][ C1] el1_interrupt+0x30/0x58 [ 67.695009][ C1] el1h_64_irq_handler+0x18/0x24 [ 67.695820][ C1] el1h_64_irq+0x78/0x7c [ 67.696498][ C1] __sanitizer_cov_trace_pc+0x28/0xac [ 67.697302][ C1] unwind_frame+0x3c4/0x668 [ 67.698047][ C1] arch_stack_walk+0x200/0x2b4 [ 67.698768][ C1] stack_trace_save+0x94/0xd8 [ 67.699554][ C1] kasan_set_track+0x4c/0x84 [ 67.700274][ C1] kasan_set_free_info+0x28/0x4c [ 67.700986][ C1] ____kasan_slab_free+0x118/0x164 [ 67.701805][ C1] __kasan_slab_free+0x18/0x28 [ 67.702985][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 67.703844][ C1] kmem_cache_free+0xdc/0x3b4 [ 67.704543][ C1] vm_area_free+0x28/0x38 [ 67.705174][ C1] exit_mmap+0x3e0/0x4e0 [ 67.705753][ C1] __mmput+0xec/0x3b8 [ 67.706358][ C1] mmput+0x80/0xc8 [ 67.706923][ C1] exit_mm+0x4a0/0x684 [ 67.707496][ C1] do_exit+0x4ec/0x1f58 [ 67.708141][ C1] do_group_exit+0x100/0x268 [ 67.708876][ C1] get_signal+0x73c/0x1340 [ 67.709639][ C1] do_notify_resume+0x35c/0x3128 [ 67.710325][ C1] el0_svc+0xf0/0x1e0 [ 67.710876][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 67.711705][ C1] el0t_64_sync+0x1a0/0x1a4 [ 67.712369][ C1] irq event stamp: 2258 [ 67.713017][ C1] hardirqs last enabled at (2257): [] kasan_quarantine_put+0xc4/0x204 [ 67.714470][ C1] hardirqs last disabled at (2258): [] enter_el1_irq_or_nmi+0x10/0x1c [ 67.716048][ C1] softirqs last enabled at (1794): [] handle_softirqs+0xa4c/0xbf0 [ 67.717333][ C1] softirqs last disabled at (1783): [] __irq_exit_rcu+0x240/0x440 [ 67.718755][ C1] ---[ end trace eb6d8fd83ed9e1d4 ]--- [ 67.744258][ T1612] device veth1_macvtap left promiscuous mode [ 67.745290][ T1612] device veth0_macvtap left promiscuous mode [ 67.746350][ T1612] device veth1_vlan left promiscuous mode [ 67.747315][ T1612] device veth0_vlan left promiscuous mode [ 67.762846][ T4906] loop0: detected capacity change from 0 to 128 [ 67.835203][ T4906] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.836382][ T4906] Bad inode number on dev loop0: 2 is out of range [ 67.837488][ T4906] SysV FS: get root inode failed [ 67.838341][ T4906] oldfs: cannot read superblock [ 67.858837][ T1612] team0 (unregistering): Port device team_slave_1 removed [ 67.862765][ T1612] team0 (unregistering): Port device team_slave_0 removed [ 67.867809][ T1612] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.874307][ T4908] ------------[ cut here ]------------ [ 67.875175][ T4908] VFS: brelse: Trying to free free buffer [ 67.876107][ T4908] WARNING: CPU: 0 PID: 4908 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.877328][ T4908] Modules linked in: [ 67.877889][ T4908] CPU: 0 PID: 4908 Comm: syz.0.23 Tainted: G W syzkaller #0 [ 67.879217][ T4908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.880761][ T4908] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.881961][ T4908] pc : invalidate_bh_lru+0x128/0x234 [ 67.882766][ T4908] lr : invalidate_bh_lru+0x128/0x234 [ 67.883621][ T4908] sp : ffff80001fbf6f70 [ 67.884295][ T4908] x29: ffff80001fbf6f70 x28: ffff80001417d000 x27: 1fffe0003421845c [ 67.885658][ T4908] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 67.886963][ T4908] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76fee0 [ 67.888229][ T4908] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 67.889435][ T4908] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.890757][ T4908] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.892077][ T4908] x11: 0000000000000002 x10: 0000000000000000 x9 : 6c59a3b4552d3300 [ 67.893382][ T4908] x8 : 6c59a3b4552d3300 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.894616][ T4908] x5 : ffff80001fbf6858 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.895801][ T4908] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 67.897074][ T4908] Call trace: [ 67.897569][ T4908] invalidate_bh_lru+0x128/0x234 [ 67.898320][ T4908] smp_call_function_many_cond+0xa50/0xeb0 [ 67.899160][ T4908] on_each_cpu_cond_mask+0x5c/0xc4 [ 67.899915][ T4908] invalidate_bh_lrus+0x34/0x40 [ 67.900608][ T4908] invalidate_bdev+0x90/0xc0 [ 67.901303][ T4908] __loop_clr_fd+0x4e4/0x978 [ 67.901958][ T4908] lo_ioctl+0xd90/0x1c08 [ 67.902580][ T4908] blkdev_ioctl+0x5f8/0xbb8 [ 67.903241][ T4908] block_ioctl+0xa4/0x118 [ 67.903847][ T4908] __arm64_sys_ioctl+0x14c/0x1c8 [ 67.904631][ T4908] invoke_syscall+0x98/0x2b8 [ 67.905299][ T4908] el0_svc_common+0x138/0x258 [ 67.906012][ T4908] do_el0_svc+0x58/0x14c [ 67.906661][ T4908] el0_svc+0x78/0x1e0 [ 67.907318][ T4908] el0t_64_sync_handler+0xcc/0xe4 [ 67.908085][ T4908] el0t_64_sync+0x1a0/0x1a4 [ 67.908715][ T4908] irq event stamp: 694 [ 67.909362][ T4908] hardirqs last enabled at (693): [] _raw_spin_unlock_irq+0x98/0x128 [ 67.910969][ T4908] hardirqs last disabled at (694): [] smp_call_function_many_cond+0xa44/0xeb0 [ 67.912642][ T4908] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 67.914107][ T4908] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 67.915588][ T4908] ---[ end trace eb6d8fd83ed9e1d5 ]--- [ 67.919864][ T4908] loop0: detected capacity change from 0 to 128 [ 67.923019][ T4908] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 67.924550][ T4908] Bad inode number on dev loop0: 2 is out of range [ 67.925548][ T4908] SysV FS: get root inode failed [ 67.926334][ T4908] oldfs: cannot read superblock [ 67.931573][ C1] ------------[ cut here ]------------ [ 67.932449][ C1] VFS: brelse: Trying to free free buffer [ 67.933355][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 67.934613][ C1] Modules linked in: [ 67.935207][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 67.936576][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 67.938089][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 67.939276][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 67.940125][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 67.940921][ C1] sp : ffff800008017de0 [ 67.941575][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 67.942884][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 67.944214][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2866888 [ 67.945602][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 67.946848][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 67.948055][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.949283][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 67.950561][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.951902][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 67.953154][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 67.954537][ C1] Call trace: [ 67.955053][ C1] invalidate_bh_lru+0x128/0x234 [ 67.955817][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 67.956677][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 67.957778][ C1] ipi_handler+0x10c/0x710 [ 67.958538][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 67.959395][ C1] handle_domain_irq+0x144/0x1fc [ 67.960118][ C1] gic_handle_irq+0x78/0x1c8 [ 67.960882][ C1] call_on_irq_stack+0x30/0x48 [ 67.961603][ C1] do_interrupt_handler+0x6c/0x88 [ 67.962382][ C1] el1_interrupt+0x30/0x58 [ 67.963032][ C1] el1h_64_irq_handler+0x18/0x24 [ 67.963795][ C1] el1h_64_irq+0x78/0x7c [ 67.964494][ C1] _raw_spin_unlock_irq+0xa0/0x128 [ 67.965296][ C1] cgroup_post_fork+0x1dc/0x62c [ 67.966119][ C1] copy_process+0x3164/0x34ac [ 67.966843][ C1] kernel_clone+0x1d8/0x9d4 [ 67.967550][ C1] __arm64_sys_clone+0x138/0x190 [ 67.968300][ C1] invoke_syscall+0x98/0x2b8 [ 67.968971][ C1] el0_svc_common+0x138/0x258 [ 67.969622][ C1] do_el0_svc+0x58/0x14c [ 67.970216][ C1] el0_svc+0x78/0x1e0 [ 67.970801][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 67.971515][ C1] el0t_64_sync+0x1a0/0x1a4 [ 67.972143][ C1] irq event stamp: 143052 [ 67.972757][ C1] hardirqs last enabled at (143051): [] _raw_spin_unlock_irq+0x98/0x128 [ 67.974253][ C1] hardirqs last disabled at (143052): [] enter_el1_irq_or_nmi+0x10/0x1c [ 67.975708][ C1] softirqs last enabled at (142860): [] local_bh_enable+0x10/0x34 [ 67.977200][ C1] softirqs last disabled at (142858): [] local_bh_disable+0x10/0x34 [ 67.978818][ C1] ---[ end trace eb6d8fd83ed9e1d6 ]--- [ 67.987064][ T1612] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 68.037757][ T4910] loop0: detected capacity change from 0 to 128 [ 68.075336][ T4910] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.076587][ T4910] Bad inode number on dev loop0: 2 is out of range [ 68.077630][ T4910] SysV FS: get root inode failed [ 68.078499][ T4910] oldfs: cannot read superblock [ 68.087717][ C0] ------------[ cut here ]------------ [ 68.088607][ C0] VFS: brelse: Trying to free free buffer [ 68.089597][ C0] WARNING: CPU: 0 PID: 4911 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.090844][ C0] Modules linked in: [ 68.091432][ C0] CPU: 0 PID: 4911 Comm: syz.0.25 Tainted: G W syzkaller #0 [ 68.092658][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.094111][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.095209][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 68.095997][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 68.096779][ C0] sp : ffff800008007de0 [ 68.097385][ C0] x29: ffff800008007de0 x28: ffff0000c2370000 x27: 1fffe0003421845c [ 68.098535][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 68.099704][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76b318 [ 68.100968][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 68.102324][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.103618][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.104912][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 3f0d3d386af4cd00 [ 68.106197][ C0] x8 : 3f0d3d386af4cd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.107462][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.108716][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 68.109905][ C0] Call trace: [ 68.110393][ C0] invalidate_bh_lru+0x128/0x234 [ 68.111229][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 68.112200][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.113331][ C0] ipi_handler+0x10c/0x710 [ 68.113969][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 68.114739][ C0] handle_domain_irq+0x144/0x1fc [ 68.115517][ C0] gic_handle_irq+0x78/0x1c8 [ 68.116299][ C0] call_on_irq_stack+0x30/0x48 [ 68.117040][ C0] do_interrupt_handler+0x6c/0x88 [ 68.117830][ C0] el1_interrupt+0x30/0x58 [ 68.118491][ C0] el1h_64_irq_handler+0x18/0x24 [ 68.119311][ C0] el1h_64_irq+0x78/0x7c [ 68.120032][ C0] arch_local_irq_restore+0x8/0x10 [ 68.120862][ C0] ___might_sleep+0x48/0x4d4 [ 68.121622][ C0] __might_sleep+0x98/0x124 [ 68.122347][ C0] down_read+0x3c/0x390 [ 68.123041][ C0] validate_mm+0x94/0x86c [ 68.123777][ C0] __vma_adjust+0x1504/0x18a8 [ 68.124485][ C0] __split_vma+0x310/0x3f0 [ 68.125190][ C0] split_vma+0x9c/0xf4 [ 68.125850][ C0] mprotect_fixup+0x328/0x5c4 [ 68.126602][ C0] __arm64_sys_mprotect+0x4c4/0x8f4 [ 68.127421][ C0] invoke_syscall+0x98/0x2b8 [ 68.128127][ C0] el0_svc_common+0x138/0x258 [ 68.128871][ C0] do_el0_svc+0x58/0x14c [ 68.129562][ C0] el0_svc+0x78/0x1e0 [ 68.130199][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 68.131015][ C0] el0t_64_sync+0x1a0/0x1a4 [ 68.131716][ C0] irq event stamp: 1304 [ 68.132326][ C0] hardirqs last enabled at (1303): [] try_charge_memcg+0x1d8/0x11bc [ 68.133917][ C0] hardirqs last disabled at (1304): [] enter_el1_irq_or_nmi+0x10/0x1c [ 68.135408][ C0] softirqs last enabled at (1078): [] local_bh_enable+0x10/0x34 [ 68.136934][ C0] softirqs last disabled at (1076): [] local_bh_disable+0x10/0x34 [ 68.138478][ C0] ---[ end trace eb6d8fd83ed9e1d7 ]--- [ 68.143490][ T1612] bond0 (unregistering): Released all slaves [ 68.156190][ T4912] loop0: detected capacity change from 0 to 128 [ 68.158950][ T4912] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.160110][ T4912] Bad inode number on dev loop0: 2 is out of range [ 68.161083][ T4912] SysV FS: get root inode failed [ 68.173995][ T4912] oldfs: cannot read superblock [ 68.177594][ C1] ------------[ cut here ]------------ [ 68.178404][ C1] VFS: brelse: Trying to free free buffer [ 68.179276][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.180768][ C1] Modules linked in: [ 68.181329][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 68.182578][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.184237][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.185452][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 68.186267][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 68.187118][ C1] sp : ffff800008017de0 [ 68.187738][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 68.188973][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 68.190222][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bbdf8 [ 68.191495][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 68.192809][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.193960][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.195155][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 68.196415][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.197655][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.198974][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 68.200254][ C1] Call trace: [ 68.200799][ C1] invalidate_bh_lru+0x128/0x234 [ 68.201582][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 68.202554][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.203652][ C1] ipi_handler+0x10c/0x710 [ 68.204332][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 68.205173][ C1] handle_domain_irq+0x144/0x1fc [ 68.205966][ C1] gic_handle_irq+0x78/0x1c8 [ 68.206682][ C1] call_on_irq_stack+0x30/0x48 [ 68.207469][ C1] do_interrupt_handler+0x6c/0x88 [ 68.208313][ C1] el1_interrupt+0x30/0x58 [ 68.209028][ C1] el1h_64_irq_handler+0x18/0x24 [ 68.209852][ C1] el1h_64_irq+0x78/0x7c [ 68.210526][ C1] __sanitizer_cov_trace_pc+0xa8/0xac [ 68.211344][ C1] memcg_slab_free_hook+0xa8/0x1f8 [ 68.212136][ C1] ___cache_free+0x78/0x1bc [ 68.212865][ C1] qlink_free+0x5c/0xa4 [ 68.213558][ C1] qlist_free_all+0x40/0xa8 [ 68.214241][ C1] kasan_quarantine_reduce+0x124/0x130 [ 68.215022][ C1] __kasan_slab_alloc+0x34/0xcc [ 68.215709][ C1] slab_post_alloc_hook+0x74/0x408 [ 68.216456][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 68.217167][ C1] getname_flags+0xb8/0x450 [ 68.217882][ C1] getname+0x28/0x38 [ 68.218491][ C1] do_sys_openat2+0xd0/0x3d8 [ 68.219214][ C1] __arm64_sys_openat+0x120/0x154 [ 68.220082][ C1] invoke_syscall+0x98/0x2b8 [ 68.220843][ C1] el0_svc_common+0x138/0x258 [ 68.221595][ C1] do_el0_svc+0x58/0x14c [ 68.222207][ C1] el0_svc+0x78/0x1e0 [ 68.222793][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 68.223549][ C1] el0t_64_sync+0x1a0/0x1a4 [ 68.224264][ C1] irq event stamp: 146162 [ 68.224892][ C1] hardirqs last enabled at (146161): [] free_unref_page+0x148/0x1fc [ 68.226391][ C1] hardirqs last disabled at (146162): [] enter_el1_irq_or_nmi+0x10/0x1c [ 68.227990][ C1] softirqs last enabled at (145838): [] local_bh_enable+0x10/0x34 [ 68.229525][ C1] softirqs last disabled at (145836): [] local_bh_disable+0x10/0x34 [ 68.231067][ C1] ---[ end trace eb6d8fd83ed9e1d8 ]--- [ 68.274996][ T4914] loop0: detected capacity change from 0 to 128 [ 68.277121][ T4914] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.278273][ T4914] Bad inode number on dev loop0: 2 is out of range [ 68.279293][ T4914] SysV FS: get root inode failed [ 68.280045][ T4914] oldfs: cannot read superblock [ 68.284660][ C1] ------------[ cut here ]------------ [ 68.285463][ C1] VFS: brelse: Trying to free free buffer [ 68.286381][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.287747][ C1] Modules linked in: [ 68.288354][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 68.289625][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.291103][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.292362][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 68.293196][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 68.294024][ C1] sp : ffff800008017de0 [ 68.294689][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 68.295876][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 68.297133][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bba58 [ 68.298335][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 68.299546][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.300730][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.302016][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 68.303281][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.304542][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.305848][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 68.307125][ C1] Call trace: [ 68.307627][ C1] invalidate_bh_lru+0x128/0x234 [ 68.308387][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 68.309369][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.310434][ C1] ipi_handler+0x10c/0x710 [ 68.311091][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 68.311885][ C1] handle_domain_irq+0x144/0x1fc [ 68.312558][ C1] gic_handle_irq+0x78/0x1c8 [ 68.313238][ C1] call_on_irq_stack+0x30/0x48 [ 68.313918][ C1] do_interrupt_handler+0x6c/0x88 [ 68.314631][ C1] el1_interrupt+0x30/0x58 [ 68.315311][ C1] el1h_64_irq_handler+0x18/0x24 [ 68.316049][ C1] el1h_64_irq+0x78/0x7c [ 68.316693][ C1] start_backtrace+0x20/0x80 [ 68.317435][ C1] return_address+0xb8/0x144 [ 68.318188][ C1] preempt_count_add+0x13c/0x3bc [ 68.319014][ C1] _raw_spin_lock+0x24/0x10c [ 68.319686][ C1] remove_vm_area+0x44/0x1c4 [ 68.320453][ C1] __vunmap+0x304/0x9bc [ 68.321146][ C1] vfree+0xbc/0x154 [ 68.321760][ C1] __do_replace+0x830/0x988 [ 68.322527][ C1] do_ipt_set_ctl+0xa94/0xe00 [ 68.323290][ C1] nf_setsockopt+0x270/0x290 [ 68.324036][ C1] ip_setsockopt+0x1d0c/0x2978 [ 68.324772][ C1] tcp_setsockopt+0x1d4/0x1bf4 [ 68.325456][ C1] sock_common_setsockopt+0xb0/0xcc [ 68.326215][ C1] __sys_setsockopt+0x260/0x36c [ 68.326934][ C1] __arm64_sys_setsockopt+0xb8/0xd4 [ 68.327798][ C1] invoke_syscall+0x98/0x2b8 [ 68.328500][ C1] el0_svc_common+0x138/0x258 [ 68.329300][ C1] do_el0_svc+0x58/0x14c [ 68.329993][ C1] el0_svc+0x78/0x1e0 [ 68.330670][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 68.331489][ C1] el0t_64_sync+0x1a0/0x1a4 [ 68.332166][ C1] irq event stamp: 149492 [ 68.332809][ C1] hardirqs last enabled at (149491): [] kasan_quarantine_put+0xc4/0x204 [ 68.334379][ C1] hardirqs last disabled at (149492): [] enter_el1_irq_or_nmi+0x10/0x1c [ 68.335991][ C1] softirqs last enabled at (149480): [] local_bh_enable+0x10/0x34 [ 68.337490][ C1] softirqs last disabled at (149478): [] local_bh_disable+0x10/0x34 [ 68.339035][ C1] ---[ end trace eb6d8fd83ed9e1d9 ]--- [ 68.367397][ T4916] loop0: detected capacity change from 0 to 128 [ 68.370298][ T4916] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.371488][ T4916] Bad inode number on dev loop0: 2 is out of range [ 68.372503][ T4916] SysV FS: get root inode failed [ 68.373257][ T4916] oldfs: cannot read superblock [ 68.382003][ T4880] ------------[ cut here ]------------ [ 68.382969][ T4880] VFS: brelse: Trying to free free buffer [ 68.383922][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.385392][ T4880] Modules linked in: [ 68.386012][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 68.387374][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.388938][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.390160][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 68.391028][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 68.391854][ T4880] sp : ffff80001fc377c0 [ 68.392476][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 68.393726][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 68.395057][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76b6b8 [ 68.396364][ T4880] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 68.397648][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.398867][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.400104][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 68.401395][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.402697][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.404001][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 68.405240][ T4880] Call trace: [ 68.405717][ T4880] invalidate_bh_lru+0x128/0x234 [ 68.406521][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 68.407379][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 68.408122][ T4880] invalidate_bh_lrus+0x34/0x40 [ 68.408909][ T4880] blkdev_flush_mapping+0x168/0x31c [ 68.409751][ T4880] blkdev_put+0x490/0x6ac [ 68.410357][ T4880] blkdev_close+0x74/0xb0 [ 68.411032][ T4880] __fput+0x1c0/0x7f8 [ 68.411666][ T4880] ____fput+0x20/0x30 [ 68.412249][ T4880] task_work_run+0x12c/0x1e0 [ 68.412922][ T4880] do_notify_resume+0x24b4/0x3128 [ 68.413737][ T4880] el0_svc+0xf0/0x1e0 [ 68.414384][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 68.415250][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 68.415944][ T4880] irq event stamp: 69056 [ 68.416589][ T4880] hardirqs last enabled at (69055): [] kasan_quarantine_put+0xc4/0x204 [ 68.418147][ T4880] hardirqs last disabled at (69056): [] smp_call_function_many_cond+0xa44/0xeb0 [ 68.419728][ T4880] softirqs last enabled at (68830): [] local_bh_enable+0x10/0x34 [ 68.421038][ T4880] softirqs last disabled at (68828): [] local_bh_disable+0x10/0x34 [ 68.422389][ T4880] ---[ end trace eb6d8fd83ed9e1da ]--- [ 68.456598][ T4918] loop0: detected capacity change from 0 to 128 [ 68.496608][ T4918] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.497741][ T4918] Bad inode number on dev loop0: 2 is out of range [ 68.498694][ T4918] SysV FS: get root inode failed [ 68.499463][ T4918] oldfs: cannot read superblock [ 68.506564][ C0] ------------[ cut here ]------------ [ 68.507349][ C0] VFS: brelse: Trying to free free buffer [ 68.508137][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.509436][ C0] Modules linked in: [ 68.510017][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 68.511394][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.512788][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.513965][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 68.514706][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 68.515525][ C0] sp : ffff800008007de0 [ 68.516135][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 68.517327][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 68.518674][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76ba58 [ 68.520002][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 68.521327][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.522659][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.523930][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 68.525254][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.526568][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.527820][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 68.529079][ C0] Call trace: [ 68.529616][ C0] invalidate_bh_lru+0x128/0x234 [ 68.530416][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 68.531384][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.532528][ C0] ipi_handler+0x10c/0x710 [ 68.533218][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 68.534067][ C0] handle_domain_irq+0x144/0x1fc [ 68.534815][ C0] gic_handle_irq+0x78/0x1c8 [ 68.535547][ C0] call_on_irq_stack+0x30/0x48 [ 68.536267][ C0] do_interrupt_handler+0x6c/0x88 [ 68.537012][ C0] el1_interrupt+0x30/0x58 [ 68.537649][ C0] el1h_64_irq_handler+0x18/0x24 [ 68.538431][ C0] el1h_64_irq+0x78/0x7c [ 68.539140][ C0] _raw_write_unlock_irq+0xa0/0x128 [ 68.539940][ C0] copy_process+0x312c/0x34ac [ 68.540635][ C0] kernel_clone+0x1d8/0x9d4 [ 68.541340][ C0] __arm64_sys_clone+0x138/0x190 [ 68.542067][ C0] invoke_syscall+0x98/0x2b8 [ 68.542727][ C0] el0_svc_common+0x138/0x258 [ 68.543461][ C0] do_el0_svc+0x58/0x14c [ 68.544089][ C0] el0_svc+0x78/0x1e0 [ 68.544668][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 68.545404][ C0] el0t_64_sync+0x1a0/0x1a4 [ 68.546033][ C0] irq event stamp: 155742 [ 68.546701][ C0] hardirqs last enabled at (155741): [] _raw_write_unlock_irq+0x98/0x128 [ 68.548316][ C0] hardirqs last disabled at (155742): [] enter_el1_irq_or_nmi+0x10/0x1c [ 68.549832][ C0] softirqs last enabled at (155546): [] local_bh_enable+0x10/0x34 [ 68.551395][ C0] softirqs last disabled at (155544): [] local_bh_disable+0x10/0x34 [ 68.552907][ C0] ---[ end trace eb6d8fd83ed9e1db ]--- [ 68.588297][ T4920] loop0: detected capacity change from 0 to 128 [ 68.590793][ T4920] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.591994][ T4920] Bad inode number on dev loop0: 2 is out of range [ 68.593022][ T4920] SysV FS: get root inode failed [ 68.593788][ T4920] oldfs: cannot read superblock [ 68.598636][ C1] ------------[ cut here ]------------ [ 68.599563][ C1] VFS: brelse: Trying to free free buffer [ 68.600514][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.601979][ C1] Modules linked in: [ 68.602597][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 68.603950][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.605642][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.606943][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 68.607823][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 68.608714][ C1] sp : ffff800008017de0 [ 68.609405][ C1] x29: ffff800008017de0 x28: ffff0000d5ffd1c0 x27: 1fffe0003421c65c [ 68.610702][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 68.611986][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000d011fee0 [ 68.613260][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 68.614607][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.615956][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.617230][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : f2a86110d0363700 [ 68.618603][ C1] x8 : f2a86110d0363700 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.619954][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.621298][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 68.622673][ C1] Call trace: [ 68.623204][ C1] invalidate_bh_lru+0x128/0x234 [ 68.624070][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 68.625011][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.626061][ C1] ipi_handler+0x10c/0x710 [ 68.626758][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 68.627619][ C1] handle_domain_irq+0x144/0x1fc [ 68.628468][ C1] gic_handle_irq+0x78/0x1c8 [ 68.629279][ C1] call_on_irq_stack+0x30/0x48 [ 68.630077][ C1] do_interrupt_handler+0x6c/0x88 [ 68.630888][ C1] el1_interrupt+0x30/0x58 [ 68.631608][ C1] el1h_64_irq_handler+0x18/0x24 [ 68.632420][ C1] el1h_64_irq+0x78/0x7c [ 68.633119][ C1] preempt_count_add+0x7c/0x3bc [ 68.633924][ C1] down_read+0xc8/0x390 [ 68.634631][ C1] kernfs_dop_revalidate+0x88/0x470 [ 68.635505][ C1] lookup_fast+0x2b8/0x588 [ 68.636261][ C1] walk_component+0x8c/0x3a8 [ 68.637032][ C1] link_path_walk+0x590/0xb8c [ 68.637823][ C1] path_lookupat+0x90/0x3d0 [ 68.638555][ C1] filename_lookup+0x180/0x414 [ 68.639315][ C1] user_path_at_empty+0x5c/0x1a0 [ 68.640131][ C1] vfs_statx+0xf4/0x458 [ 68.640794][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 68.641610][ C1] invoke_syscall+0x98/0x2b8 [ 68.642281][ C1] el0_svc_common+0x138/0x258 [ 68.643017][ C1] do_el0_svc+0x58/0x14c [ 68.643657][ C1] el0_svc+0x78/0x1e0 [ 68.644251][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 68.645022][ C1] el0t_64_sync+0x1a0/0x1a4 [ 68.645765][ C1] irq event stamp: 851276 [ 68.646445][ C1] hardirqs last enabled at (851275): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 68.648218][ C1] hardirqs last disabled at (851276): [] enter_el1_irq_or_nmi+0x10/0x1c [ 68.649939][ C1] softirqs last enabled at (851266): [] local_bh_enable+0x10/0x34 [ 68.651412][ C1] softirqs last disabled at (851264): [] local_bh_disable+0x10/0x34 [ 68.652890][ C1] ---[ end trace eb6d8fd83ed9e1dc ]--- [ 68.695104][ T4922] loop0: detected capacity change from 0 to 128 [ 68.765920][ T4922] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.767093][ T4922] Bad inode number on dev loop0: 2 is out of range [ 68.768184][ T4922] SysV FS: get root inode failed [ 68.768939][ T4922] oldfs: cannot read superblock [ 68.777170][ C1] ------------[ cut here ]------------ [ 68.778089][ C1] VFS: brelse: Trying to free free buffer [ 68.778973][ C1] WARNING: CPU: 1 PID: 4924 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.780251][ C1] Modules linked in: [ 68.780793][ C1] CPU: 1 PID: 4924 Comm: syz.0.31 Tainted: G W syzkaller #0 [ 68.782085][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.783643][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.784957][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 68.785805][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 68.786637][ C1] sp : ffff800008017de0 [ 68.787270][ C1] x29: ffff800008017de0 x28: ffff0000cca93680 x27: 1fffe0003421c65c [ 68.788445][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 68.789621][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c06835d0 [ 68.790801][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 68.792102][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.793468][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.794676][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : ef50979862704200 [ 68.795961][ C1] x8 : ef50979862704200 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.797206][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.798504][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 68.799693][ C1] Call trace: [ 68.800189][ C1] invalidate_bh_lru+0x128/0x234 [ 68.800932][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 68.801814][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.802867][ C1] ipi_handler+0x10c/0x710 [ 68.803550][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 68.804388][ C1] handle_domain_irq+0x144/0x1fc [ 68.805107][ C1] gic_handle_irq+0x78/0x1c8 [ 68.805851][ C1] call_on_irq_stack+0x30/0x48 [ 68.806588][ C1] do_interrupt_handler+0x6c/0x88 [ 68.807350][ C1] el1_interrupt+0x30/0x58 [ 68.807999][ C1] el1h_64_irq_handler+0x18/0x24 [ 68.808746][ C1] el1h_64_irq+0x78/0x7c [ 68.809446][ C1] get_page_from_freelist+0x2244/0x2aa8 [ 68.810314][ C1] __alloc_pages+0x1a0/0x470 [ 68.811009][ C1] alloc_pages_vma+0x284/0x7a8 [ 68.811765][ C1] alloc_zeroed_user_highpage_movable+0x9c/0xd8 [ 68.812767][ C1] handle_mm_fault+0x1904/0x2950 [ 68.813522][ C1] do_page_fault+0x694/0xad4 [ 68.814268][ C1] do_translation_fault+0xe0/0x130 [ 68.815089][ C1] do_mem_abort+0x6c/0x1ac [ 68.815796][ C1] el0_da+0x90/0x1fc [ 68.816412][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 68.817231][ C1] el0t_64_sync+0x1a0/0x1a4 [ 68.817964][ C1] irq event stamp: 186 [ 68.818627][ C1] hardirqs last enabled at (185): [] get_page_from_freelist+0x2234/0x2aa8 [ 68.820360][ C1] hardirqs last disabled at (186): [] enter_el1_irq_or_nmi+0x10/0x1c [ 68.821974][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 68.823365][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 68.824759][ C1] ---[ end trace eb6d8fd83ed9e1dd ]--- [ 68.826178][ T4136] Bluetooth: hci0: command 0x0419 tx timeout [ 68.857071][ T4924] loop0: detected capacity change from 0 to 128 [ 68.865121][ T4924] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.866262][ T4924] Bad inode number on dev loop0: 2 is out of range [ 68.867240][ T4924] SysV FS: get root inode failed [ 68.868025][ T4924] oldfs: cannot read superblock [ 68.876717][ C0] ------------[ cut here ]------------ [ 68.877611][ C0] VFS: brelse: Trying to free free buffer [ 68.878463][ C0] WARNING: CPU: 0 PID: 4926 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.879638][ C0] Modules linked in: [ 68.880206][ C0] CPU: 0 PID: 4926 Comm: syz.0.32 Tainted: G W syzkaller #0 [ 68.881528][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.883089][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.884192][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 68.884988][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 68.885743][ C0] sp : ffff800008007de0 [ 68.886364][ C0] x29: ffff800008007de0 x28: ffff0000d8058000 x27: 1fffe0003421845c [ 68.887546][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 68.888809][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76bdf8 [ 68.890195][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 68.891626][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.892953][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.894273][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : b047027577d5b600 [ 68.895537][ C0] x8 : b047027577d5b600 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.896863][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.898129][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 68.899481][ C0] Call trace: [ 68.900016][ C0] invalidate_bh_lru+0x128/0x234 [ 68.900817][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 68.901834][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.902920][ C0] ipi_handler+0x10c/0x710 [ 68.903589][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 68.904365][ C0] handle_domain_irq+0x144/0x1fc [ 68.905080][ C0] gic_handle_irq+0x78/0x1c8 [ 68.905695][ C0] call_on_irq_stack+0x30/0x48 [ 68.906484][ C0] do_interrupt_handler+0x6c/0x88 [ 68.907327][ C0] el0_interrupt+0x94/0x260 [ 68.908051][ C0] __el0_irq_handler_common+0x18/0x24 [ 68.908915][ C0] el0t_64_irq_handler+0x10/0x1c [ 68.909773][ C0] el0t_64_irq+0x1a0/0x1a4 [ 68.910561][ C0] irq event stamp: 116 [ 68.911229][ C0] hardirqs last enabled at (115): [] el0t_64_sync_handler+0xd8/0xe4 [ 68.912829][ C0] hardirqs last disabled at (116): [] __el0_irq_handler_common+0x18/0x24 [ 68.914450][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 68.915929][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 68.917431][ C0] ---[ end trace eb6d8fd83ed9e1de ]--- [ 68.946625][ T4926] loop0: detected capacity change from 0 to 128 [ 68.949748][ T4926] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 68.950970][ T4926] Bad inode number on dev loop0: 2 is out of range [ 68.952100][ T4926] SysV FS: get root inode failed [ 68.952844][ T4926] oldfs: cannot read superblock [ 68.955530][ C1] ------------[ cut here ]------------ [ 68.956398][ C1] VFS: brelse: Trying to free free buffer [ 68.957294][ C1] WARNING: CPU: 1 PID: 4926 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 68.958663][ C1] Modules linked in: [ 68.959269][ C1] CPU: 1 PID: 4926 Comm: syz.0.32 Tainted: G W syzkaller #0 [ 68.960642][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 68.962229][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 68.963512][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 68.964374][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 68.965239][ C1] sp : ffff800008017de0 [ 68.965907][ C1] x29: ffff800008017de0 x28: ffff0000d8058000 x27: 1fffe0003421c65c [ 68.967099][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 68.968289][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcadf060 [ 68.969588][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 68.970988][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 68.972326][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.973620][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b047027577d5b600 [ 68.974875][ C1] x8 : b047027577d5b600 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.976156][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 68.977525][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 68.978843][ C1] Call trace: [ 68.979372][ C1] invalidate_bh_lru+0x128/0x234 [ 68.980125][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 68.981077][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 68.982068][ C1] ipi_handler+0x10c/0x710 [ 68.982754][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 68.983640][ C1] handle_domain_irq+0x144/0x1fc [ 68.984377][ C1] gic_handle_irq+0x78/0x1c8 [ 68.985058][ C1] call_on_irq_stack+0x30/0x48 [ 68.985895][ C1] do_interrupt_handler+0x6c/0x88 [ 68.986713][ C1] el1_interrupt+0x30/0x58 [ 68.987400][ C1] el1h_64_irq_handler+0x18/0x24 [ 68.988109][ C1] el1h_64_irq+0x78/0x7c [ 68.988757][ C1] __rcu_read_lock+0x48/0x84 [ 68.989484][ C1] lock_page_memcg+0x4c/0x234 [ 68.990252][ C1] page_remove_rmap+0x3c/0xfd0 [ 68.990986][ C1] unmap_page_range+0xbb4/0x1958 [ 68.991750][ C1] unmap_single_vma+0x13c/0x1e4 [ 68.992540][ C1] unmap_vmas+0x104/0x200 [ 68.993208][ C1] exit_mmap+0x2a8/0x4e0 [ 68.993904][ C1] __mmput+0xec/0x3b8 [ 68.994560][ C1] mmput+0x80/0xc8 [ 68.995118][ C1] exit_mm+0x4a0/0x684 [ 68.995733][ C1] do_exit+0x4ec/0x1f58 [ 68.996393][ C1] do_group_exit+0x100/0x268 [ 68.997127][ C1] get_signal+0x73c/0x1340 [ 68.997786][ C1] do_notify_resume+0x35c/0x3128 [ 68.998574][ C1] el0_svc+0xf0/0x1e0 [ 68.999231][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 69.000037][ C1] el0t_64_sync+0x1a0/0x1a4 [ 69.000744][ C1] irq event stamp: 2152 [ 69.001389][ C1] hardirqs last enabled at (2151): [] lock_page_memcg+0x110/0x234 [ 69.002873][ C1] hardirqs last disabled at (2152): [] enter_el1_irq_or_nmi+0x10/0x1c [ 69.004364][ C1] softirqs last enabled at (1434): [] local_bh_enable+0x10/0x34 [ 69.005852][ C1] softirqs last disabled at (1432): [] local_bh_disable+0x10/0x34 [ 69.007279][ C1] ---[ end trace eb6d8fd83ed9e1df ]--- [ 69.032404][ T4928] loop0: detected capacity change from 0 to 128 [ 69.035817][ T4928] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.037119][ T4928] Bad inode number on dev loop0: 2 is out of range [ 69.038270][ T4928] SysV FS: get root inode failed [ 69.039128][ T4928] oldfs: cannot read superblock [ 69.046089][ C0] ------------[ cut here ]------------ [ 69.046928][ C0] VFS: brelse: Trying to free free buffer [ 69.047926][ C0] WARNING: CPU: 0 PID: 4929 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.049365][ C0] Modules linked in: [ 69.049970][ C0] CPU: 0 PID: 4929 Comm: syz-executor Tainted: G W syzkaller #0 [ 69.051252][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.052645][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.053698][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 69.054424][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 69.055306][ C0] sp : ffff800008007de0 [ 69.055940][ C0] x29: ffff800008007de0 x28: ffff0000ce19d1c0 x27: 1fffe0003421845c [ 69.057218][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 69.058491][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de768230 [ 69.059760][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 69.061075][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.062436][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.063796][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 7b2395adc66e6600 [ 69.065046][ C0] x8 : 7b2395adc66e6600 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.066301][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.067519][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 69.068901][ C0] Call trace: [ 69.069414][ C0] invalidate_bh_lru+0x128/0x234 [ 69.070221][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 69.071196][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 69.072329][ C0] ipi_handler+0x10c/0x710 [ 69.073081][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 69.074036][ C0] handle_domain_irq+0x144/0x1fc [ 69.074823][ C0] gic_handle_irq+0x78/0x1c8 [ 69.075502][ C0] call_on_irq_stack+0x30/0x48 [ 69.076299][ C0] do_interrupt_handler+0x6c/0x88 [ 69.077091][ C0] el1_interrupt+0x30/0x58 [ 69.077815][ C0] el1h_64_irq_handler+0x18/0x24 [ 69.078582][ C0] el1h_64_irq+0x78/0x7c [ 69.079253][ C0] kasan_poison+0x44/0x60 [ 69.079917][ C0] __kasan_poison_slab+0x98/0xc8 [ 69.080670][ C0] new_slab+0x208/0x55c [ 69.081361][ C0] ___slab_alloc+0x6c0/0xda8 [ 69.082134][ C0] __slab_alloc+0x68/0xc0 [ 69.082827][ C0] kmem_cache_alloc+0x2ac/0x3e4 [ 69.083558][ C0] getname_flags+0xb8/0x450 [ 69.084203][ C0] __arm64_sys_symlinkat+0x80/0xbc [ 69.084979][ C0] invoke_syscall+0x98/0x2b8 [ 69.085673][ C0] el0_svc_common+0x138/0x258 [ 69.086302][ C0] do_el0_svc+0x58/0x14c [ 69.086896][ C0] el0_svc+0x78/0x1e0 [ 69.087709][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 69.088476][ C0] el0t_64_sync+0x1a0/0x1a4 [ 69.089142][ C0] irq event stamp: 670 [ 69.089784][ C0] hardirqs last enabled at (669): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 69.091311][ C0] hardirqs last disabled at (670): [] enter_el1_irq_or_nmi+0x10/0x1c [ 69.092675][ C0] softirqs last enabled at (502): [] local_bh_enable+0x10/0x34 [ 69.094004][ C0] softirqs last disabled at (500): [] local_bh_disable+0x10/0x34 [ 69.095293][ C0] ---[ end trace eb6d8fd83ed9e1e0 ]--- [ 69.125206][ T4930] loop0: detected capacity change from 0 to 128 [ 69.128698][ T4930] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.129888][ T4930] Bad inode number on dev loop0: 2 is out of range [ 69.130933][ T4930] SysV FS: get root inode failed [ 69.131727][ T4930] oldfs: cannot read superblock [ 69.136584][ C1] ------------[ cut here ]------------ [ 69.137381][ C1] VFS: brelse: Trying to free free buffer [ 69.138206][ C1] WARNING: CPU: 1 PID: 4930 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.139518][ C1] Modules linked in: [ 69.140129][ C1] CPU: 1 PID: 4930 Comm: syz.0.34 Tainted: G W syzkaller #0 [ 69.141438][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.143035][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.144187][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 69.144987][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 69.145801][ C1] sp : ffff800008017de0 [ 69.146475][ C1] x29: ffff800008017de0 x28: ffff0000cce5b680 x27: 1fffe0003421c65b [ 69.147772][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 69.149181][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a515d0 [ 69.150483][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 69.151735][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.153026][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.154219][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : fd69839a6ab61b00 [ 69.155377][ C1] x8 : fd69839a6ab61b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.156610][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.157797][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 69.159127][ C1] Call trace: [ 69.159656][ C1] invalidate_bh_lru+0x128/0x234 [ 69.160482][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 69.161441][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 69.162534][ C1] ipi_handler+0x10c/0x710 [ 69.163202][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 69.164102][ C1] handle_domain_irq+0x144/0x1fc [ 69.164916][ C1] gic_handle_irq+0x78/0x1c8 [ 69.165645][ C1] call_on_irq_stack+0x30/0x48 [ 69.166437][ C1] do_interrupt_handler+0x6c/0x88 [ 69.167258][ C1] el1_interrupt+0x30/0x58 [ 69.167995][ C1] el1h_64_irq_handler+0x18/0x24 [ 69.168748][ C1] el1h_64_irq+0x78/0x7c [ 69.169370][ C1] finish_lock_switch+0xb8/0x1c4 [ 69.170111][ C1] finish_task_switch+0x120/0x6b0 [ 69.170772][ C1] __schedule+0xe0c/0x1bf8 [ 69.171412][ C1] schedule+0x11c/0x1c8 [ 69.172019][ C1] futex_wait_queue_me+0x1f4/0x404 [ 69.172860][ C1] futex_wait+0x1b4/0x468 [ 69.173568][ C1] do_futex+0x16a8/0x257c [ 69.174238][ C1] __arm64_sys_futex+0x388/0x400 [ 69.175007][ C1] invoke_syscall+0x98/0x2b8 [ 69.175745][ C1] el0_svc_common+0x138/0x258 [ 69.176468][ C1] do_el0_svc+0x58/0x14c [ 69.177125][ C1] el0_svc+0x78/0x1e0 [ 69.177796][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 69.178636][ C1] el0t_64_sync+0x1a0/0x1a4 [ 69.179354][ C1] irq event stamp: 1438 [ 69.180052][ C1] hardirqs last enabled at (1437): [] finish_lock_switch+0xb0/0x1c4 [ 69.181671][ C1] hardirqs last disabled at (1438): [] enter_el1_irq_or_nmi+0x10/0x1c [ 69.183147][ C1] softirqs last enabled at (798): [] local_bh_enable+0x10/0x34 [ 69.184591][ C1] softirqs last disabled at (796): [] local_bh_disable+0x10/0x34 [ 69.186092][ C1] ---[ end trace eb6d8fd83ed9e1e1 ]--- [ 69.222328][ T4932] loop0: detected capacity change from 0 to 128 [ 69.225685][ T4932] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.227089][ T4932] Bad inode number on dev loop0: 2 is out of range [ 69.228102][ T4932] SysV FS: get root inode failed [ 69.228790][ T4932] oldfs: cannot read superblock [ 69.236557][ C0] ------------[ cut here ]------------ [ 69.237473][ C0] VFS: brelse: Trying to free free buffer [ 69.238426][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.239846][ C0] Modules linked in: [ 69.240468][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 69.241937][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.243527][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.244788][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 69.245643][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 69.246549][ C0] sp : ffff800008007de0 [ 69.247257][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 69.248495][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 69.249766][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7685d0 [ 69.251096][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 69.252474][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.253804][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.255202][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 69.256478][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.257721][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.258999][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 69.260302][ C0] Call trace: [ 69.260828][ C0] invalidate_bh_lru+0x128/0x234 [ 69.261651][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 69.262693][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 69.263908][ C0] ipi_handler+0x10c/0x710 [ 69.264562][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 69.265435][ C0] handle_domain_irq+0x144/0x1fc [ 69.266249][ C0] gic_handle_irq+0x78/0x1c8 [ 69.267003][ C0] call_on_irq_stack+0x30/0x48 [ 69.267808][ C0] do_interrupt_handler+0x6c/0x88 [ 69.268603][ C0] el1_interrupt+0x30/0x58 [ 69.269294][ C0] el1h_64_irq_handler+0x18/0x24 [ 69.270106][ C0] el1h_64_irq+0x78/0x7c [ 69.270711][ C0] __sanitizer_cov_trace_pc+0x40/0xac [ 69.271477][ C0] arch_stack_walk+0x200/0x2b4 [ 69.272165][ C0] stack_trace_save+0x94/0xd8 [ 69.272902][ C0] __kasan_kmalloc+0xb0/0xf0 [ 69.273603][ C0] kmem_cache_alloc_node_trace+0x29c/0x438 [ 69.274431][ C0] __get_vm_area_node+0x14c/0x2e8 [ 69.275225][ C0] __vmalloc_node_range+0xe8/0x8d8 [ 69.276011][ C0] vzalloc+0x118/0x190 [ 69.276610][ C0] xt_counters_alloc+0x50/0x60 [ 69.277354][ C0] __do_replace+0xa0/0x988 [ 69.278007][ C0] do_ip6t_set_ctl+0xa94/0xe00 [ 69.278726][ C0] nf_setsockopt+0x270/0x290 [ 69.279422][ C0] ipv6_setsockopt+0x1a18/0x36dc [ 69.280107][ C0] tcp_setsockopt+0x1d4/0x1bf4 [ 69.280738][ C0] sock_common_setsockopt+0xb0/0xcc [ 69.281563][ C0] __sys_setsockopt+0x260/0x36c [ 69.282307][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 69.283118][ C0] invoke_syscall+0x98/0x2b8 [ 69.283799][ C0] el0_svc_common+0x138/0x258 [ 69.284588][ C0] do_el0_svc+0x58/0x14c [ 69.285266][ C0] el0_svc+0x78/0x1e0 [ 69.285865][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 69.286656][ C0] el0t_64_sync+0x1a0/0x1a4 [ 69.287351][ C0] irq event stamp: 172104 [ 69.287996][ C0] hardirqs last enabled at (172103): [] ___slab_alloc+0xc34/0xda8 [ 69.289493][ C0] hardirqs last disabled at (172104): [] enter_el1_irq_or_nmi+0x10/0x1c [ 69.290957][ C0] softirqs last enabled at (172086): [] release_sock+0x1d0/0x258 [ 69.292442][ C0] softirqs last disabled at (172084): [] release_sock+0x34/0x258 [ 69.293818][ C0] ---[ end trace eb6d8fd83ed9e1e2 ]--- [ 69.336082][ T4934] loop0: detected capacity change from 0 to 128 [ 69.385075][ T4934] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.386327][ T4934] Bad inode number on dev loop0: 2 is out of range [ 69.387262][ T4934] SysV FS: get root inode failed [ 69.387962][ T4934] oldfs: cannot read superblock [ 69.397551][ C1] ------------[ cut here ]------------ [ 69.398385][ C1] VFS: brelse: Trying to free free buffer [ 69.399255][ C1] WARNING: CPU: 1 PID: 565 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.400496][ C1] Modules linked in: [ 69.400995][ C1] CPU: 1 PID: 565 Comm: kworker/u4:4 Tainted: G W syzkaller #0 [ 69.402240][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.403697][ C1] Workqueue: bat_events batadv_nc_worker [ 69.404635][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.405898][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 69.406727][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 69.407544][ C1] sp : ffff800008017de0 [ 69.408178][ C1] x29: ffff800008017de0 x28: ffff0000c80d9b40 x27: 1fffe0003421c65c [ 69.409359][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 69.410661][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a51230 [ 69.411998][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 69.413282][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.414516][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.415850][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 3d8a00dfa46cbf00 [ 69.417111][ C1] x8 : 3d8a00dfa46cbf00 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.418429][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.419574][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 69.420850][ C1] Call trace: [ 69.421384][ C1] invalidate_bh_lru+0x128/0x234 [ 69.422141][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 69.423061][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 69.424142][ C1] ipi_handler+0x10c/0x710 [ 69.424872][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 69.425744][ C1] handle_domain_irq+0x144/0x1fc [ 69.426579][ C1] gic_handle_irq+0x78/0x1c8 [ 69.427309][ C1] call_on_irq_stack+0x30/0x48 [ 69.428029][ C1] do_interrupt_handler+0x6c/0x88 [ 69.428846][ C1] el1_interrupt+0x30/0x58 [ 69.429496][ C1] el1h_64_irq_handler+0x18/0x24 [ 69.430268][ C1] el1h_64_irq+0x78/0x7c [ 69.431001][ C1] __local_bh_enable_ip+0x200/0x380 [ 69.431868][ C1] _raw_spin_unlock_bh+0xec/0x174 [ 69.432701][ C1] batadv_nc_purge_paths+0x308/0x390 [ 69.433612][ C1] batadv_nc_worker+0x2d0/0x554 [ 69.434373][ C1] process_one_work+0x79c/0x1140 [ 69.435077][ C1] worker_thread+0x8f4/0x101c [ 69.435780][ C1] kthread+0x374/0x454 [ 69.436448][ C1] ret_from_fork+0x10/0x20 [ 69.437115][ C1] irq event stamp: 531934 [ 69.437827][ C1] hardirqs last enabled at (531933): [] __local_bh_enable_ip+0x1f8/0x380 [ 69.439370][ C1] hardirqs last disabled at (531934): [] enter_el1_irq_or_nmi+0x10/0x1c [ 69.440794][ C1] softirqs last enabled at (531932): [] batadv_nc_purge_paths+0x308/0x390 [ 69.442445][ C1] softirqs last disabled at (531930): [] batadv_nc_purge_paths+0xd0/0x390 [ 69.443978][ C1] ---[ end trace eb6d8fd83ed9e1e3 ]--- [ 69.487921][ T4936] loop0: detected capacity change from 0 to 128 [ 69.536858][ T4936] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.538088][ T4936] Bad inode number on dev loop0: 2 is out of range [ 69.539470][ T4936] SysV FS: get root inode failed [ 69.540220][ T4936] oldfs: cannot read superblock [ 69.555496][ C0] ------------[ cut here ]------------ [ 69.556421][ C0] VFS: brelse: Trying to free free buffer [ 69.557339][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.558649][ C0] Modules linked in: [ 69.559189][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 69.560517][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.561882][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.563025][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 69.563840][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 69.564615][ C0] sp : ffff800008007de0 [ 69.565210][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 69.566545][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 69.567781][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de768970 [ 69.569007][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 69.570290][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.571557][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.572938][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 69.574271][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.575667][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.577031][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 69.578328][ C0] Call trace: [ 69.578846][ C0] invalidate_bh_lru+0x128/0x234 [ 69.579623][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 69.580602][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 69.581722][ C0] ipi_handler+0x10c/0x710 [ 69.582432][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 69.583300][ C0] handle_domain_irq+0x144/0x1fc [ 69.584075][ C0] gic_handle_irq+0x78/0x1c8 [ 69.584838][ C0] call_on_irq_stack+0x30/0x48 [ 69.585634][ C0] do_interrupt_handler+0x6c/0x88 [ 69.586374][ C0] el1_interrupt+0x30/0x58 [ 69.587089][ C0] el1h_64_irq_handler+0x18/0x24 [ 69.587843][ C0] el1h_64_irq+0x78/0x7c [ 69.588496][ C0] call_rcu+0x580/0x8fc [ 69.589109][ C0] evict+0x748/0x810 [ 69.589749][ C0] iput+0x6c4/0x77c [ 69.590379][ C0] do_unlinkat+0x360/0x600 [ 69.591031][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 69.591793][ C0] invoke_syscall+0x98/0x2b8 [ 69.592473][ C0] el0_svc_common+0x138/0x258 [ 69.593289][ C0] do_el0_svc+0x58/0x14c [ 69.593954][ C0] el0_svc+0x78/0x1e0 [ 69.594590][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 69.595442][ C0] el0t_64_sync+0x1a0/0x1a4 [ 69.596187][ C0] irq event stamp: 177506 [ 69.596841][ C0] hardirqs last enabled at (177505): [] call_rcu+0x570/0x8fc [ 69.598282][ C0] hardirqs last disabled at (177506): [] enter_el1_irq_or_nmi+0x10/0x1c [ 69.599871][ C0] softirqs last enabled at (177240): [] local_bh_enable+0x10/0x34 [ 69.601374][ C0] softirqs last disabled at (177238): [] local_bh_disable+0x10/0x34 [ 69.602787][ C0] ---[ end trace eb6d8fd83ed9e1e4 ]--- [ 69.624993][ T2065] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.625695][ T1541] cfg80211: failed to load regulatory.db [ 69.626063][ T2065] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.652650][ T4941] loop0: detected capacity change from 0 to 128 [ 69.686167][ T4941] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.687473][ T4941] Bad inode number on dev loop0: 2 is out of range [ 69.688541][ T4941] SysV FS: get root inode failed [ 69.689379][ T4941] oldfs: cannot read superblock [ 69.698960][ T4941] ------------[ cut here ]------------ [ 69.699794][ T4941] VFS: brelse: Trying to free free buffer [ 69.700768][ T4941] WARNING: CPU: 1 PID: 4941 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.702172][ T4941] Modules linked in: [ 69.702812][ T4941] CPU: 1 PID: 4941 Comm: syz.0.39 Tainted: G W syzkaller #0 [ 69.704140][ T4941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.705791][ T4941] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.707065][ T4941] pc : invalidate_bh_lru+0x128/0x234 [ 69.707878][ T4941] lr : invalidate_bh_lru+0x128/0x234 [ 69.708640][ T4941] sp : ffff80001f9b76e0 [ 69.709300][ T4941] x29: ffff80001f9b76e0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 69.710552][ T4941] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 69.711880][ T4941] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a51c28 [ 69.713210][ T4941] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 69.714592][ T4941] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.715905][ T4941] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.717166][ T4941] x11: 0000000000000002 x10: 0000000000000000 x9 : ba3a5a0140afa100 [ 69.718416][ T4941] x8 : ba3a5a0140afa100 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.719722][ T4941] x5 : ffff80001f9b6fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.721001][ T4941] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 69.722287][ T4941] Call trace: [ 69.722783][ T4941] invalidate_bh_lru+0x128/0x234 [ 69.723528][ T4941] smp_call_function_many_cond+0xa50/0xeb0 [ 69.724419][ T4941] on_each_cpu_cond_mask+0x5c/0xc4 [ 69.725217][ T4941] invalidate_bh_lrus+0x34/0x40 [ 69.725955][ T4941] blkdev_flush_mapping+0x168/0x31c [ 69.726783][ T4941] blkdev_put+0x490/0x6ac [ 69.727482][ T4941] kill_block_super+0x98/0xdc [ 69.728216][ T4941] deactivate_locked_super+0xb8/0x13c [ 69.729133][ T4941] mount_bdev+0x284/0x358 [ 69.729848][ T4941] sysv_mount+0x44/0x58 [ 69.730487][ T4941] legacy_get_tree+0xd4/0x16c [ 69.731210][ T4941] vfs_get_tree+0x90/0x274 [ 69.731922][ T4941] do_new_mount+0x228/0x810 [ 69.732622][ T4941] path_mount+0x5b4/0x1000 [ 69.733332][ T4941] __arm64_sys_mount+0x514/0x5e4 [ 69.734081][ T4941] invoke_syscall+0x98/0x2b8 [ 69.734866][ T4941] el0_svc_common+0x138/0x258 [ 69.735671][ T4941] do_el0_svc+0x58/0x14c [ 69.736385][ T4941] el0_svc+0x78/0x1e0 [ 69.737097][ T4941] el0t_64_sync_handler+0xcc/0xe4 [ 69.737895][ T4941] el0t_64_sync+0x1a0/0x1a4 [ 69.738650][ T4941] irq event stamp: 916 [ 69.739304][ T4941] hardirqs last enabled at (915): [] exit_to_kernel_mode+0xe0/0x168 [ 69.740955][ T4941] hardirqs last disabled at (916): [] smp_call_function_many_cond+0xa44/0xeb0 [ 69.742707][ T4941] softirqs last enabled at (750): [] local_bh_enable+0x10/0x34 [ 69.744050][ T4941] softirqs last disabled at (748): [] local_bh_disable+0x10/0x34 [ 69.745538][ T4941] ---[ end trace eb6d8fd83ed9e1e5 ]--- [ 69.830973][ T4943] loop0: detected capacity change from 0 to 128 [ 69.844423][ T4943] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.845538][ T4943] Bad inode number on dev loop0: 2 is out of range [ 69.846545][ T4943] SysV FS: get root inode failed [ 69.847282][ T4943] oldfs: cannot read superblock [ 69.848011][ T4943] ------------[ cut here ]------------ [ 69.848766][ T4943] VFS: brelse: Trying to free free buffer [ 69.849607][ T4943] WARNING: CPU: 0 PID: 4943 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 69.850912][ T4943] Modules linked in: [ 69.851531][ T4943] CPU: 0 PID: 4943 Comm: syz.0.40 Tainted: G W syzkaller #0 [ 69.852947][ T4943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 69.854507][ T4943] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.855676][ T4943] pc : invalidate_bh_lru+0x128/0x234 [ 69.856598][ T4943] lr : invalidate_bh_lru+0x128/0x234 [ 69.857447][ T4943] sp : ffff80001cf976e0 [ 69.858078][ T4943] x29: ffff80001cf976e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 69.859315][ T4943] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 69.860582][ T4943] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de768d10 [ 69.861807][ T4943] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 69.863004][ T4943] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 69.864243][ T4943] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.865587][ T4943] x11: 0000000000000002 x10: 0000000000000000 x9 : 802d444b91d78000 [ 69.866851][ T4943] x8 : 802d444b91d78000 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.868080][ T4943] x5 : ffff80001cf96fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 69.869435][ T4943] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 69.870787][ T4943] Call trace: [ 69.871362][ T4943] invalidate_bh_lru+0x128/0x234 [ 69.872070][ T4943] smp_call_function_many_cond+0xa50/0xeb0 [ 69.872980][ T4943] on_each_cpu_cond_mask+0x5c/0xc4 [ 69.873821][ T4943] invalidate_bh_lrus+0x34/0x40 [ 69.874544][ T4943] blkdev_flush_mapping+0x168/0x31c [ 69.875322][ T4943] blkdev_put+0x490/0x6ac [ 69.875954][ T4943] kill_block_super+0x98/0xdc [ 69.876704][ T4943] deactivate_locked_super+0xb8/0x13c [ 69.877574][ T4943] mount_bdev+0x284/0x358 [ 69.878248][ T4943] sysv_mount+0x44/0x58 [ 69.878865][ T4943] legacy_get_tree+0xd4/0x16c [ 69.879542][ T4943] vfs_get_tree+0x90/0x274 [ 69.880195][ T4943] do_new_mount+0x228/0x810 [ 69.880806][ T4943] path_mount+0x5b4/0x1000 [ 69.881519][ T4943] __arm64_sys_mount+0x514/0x5e4 [ 69.882277][ T4943] invoke_syscall+0x98/0x2b8 [ 69.882971][ T4943] el0_svc_common+0x138/0x258 [ 69.883689][ T4943] do_el0_svc+0x58/0x14c [ 69.884339][ T4943] el0_svc+0x78/0x1e0 [ 69.884954][ T4943] el0t_64_sync_handler+0xcc/0xe4 [ 69.885760][ T4943] el0t_64_sync+0x1a0/0x1a4 [ 69.886500][ T4943] irq event stamp: 884 [ 69.887146][ T4943] hardirqs last enabled at (883): [] kasan_quarantine_put+0xc4/0x204 [ 69.888716][ T4943] hardirqs last disabled at (884): [] smp_call_function_many_cond+0xa44/0xeb0 [ 69.890353][ T4943] softirqs last enabled at (718): [] local_bh_enable+0x10/0x34 [ 69.891660][ T4943] softirqs last disabled at (716): [] local_bh_disable+0x10/0x34 [ 69.893013][ T4943] ---[ end trace eb6d8fd83ed9e1e6 ]--- [ 70.006165][ T4945] loop0: detected capacity change from 0 to 128 [ 70.066311][ T4945] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.067470][ T4945] Bad inode number on dev loop0: 2 is out of range [ 70.068424][ T4945] SysV FS: get root inode failed [ 70.069134][ T4945] oldfs: cannot read superblock [ 70.073165][ C0] ------------[ cut here ]------------ [ 70.073982][ C0] VFS: brelse: Trying to free free buffer [ 70.074861][ C0] WARNING: CPU: 0 PID: 1612 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.076184][ C0] Modules linked in: [ 70.076774][ C0] CPU: 0 PID: 1612 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 70.078370][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.079882][ C0] Workqueue: netns cleanup_net [ 70.080642][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.081887][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 70.082760][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 70.083630][ C0] sp : ffff800008007de0 [ 70.084294][ C0] x29: ffff800008007de0 x28: ffff0000ccb8b680 x27: 1fffe0003421845b [ 70.085580][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 70.086760][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de764148 [ 70.088097][ C0] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 70.089336][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.090582][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.091818][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cae4c65ef204db00 [ 70.093125][ C0] x8 : cae4c65ef204db00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.094512][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.095707][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.097005][ C0] Call trace: [ 70.097540][ C0] invalidate_bh_lru+0x128/0x234 [ 70.098327][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 70.099343][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.100525][ C0] ipi_handler+0x10c/0x710 [ 70.101207][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 70.102053][ C0] handle_domain_irq+0x144/0x1fc [ 70.102834][ C0] gic_handle_irq+0x78/0x1c8 [ 70.103599][ C0] call_on_irq_stack+0x30/0x48 [ 70.104400][ C0] do_interrupt_handler+0x6c/0x88 [ 70.105208][ C0] el1_interrupt+0x30/0x58 [ 70.105894][ C0] el1h_64_irq_handler+0x18/0x24 [ 70.106647][ C0] el1h_64_irq+0x78/0x7c [ 70.107268][ C0] arch_local_irq_restore+0x8/0x10 [ 70.108012][ C0] ___might_sleep+0x48/0x4d4 [ 70.108648][ C0] inet_twsk_purge+0x104/0x7ac [ 70.109357][ C0] dccp_v4_exit_batch+0x20/0x2c [ 70.110078][ C0] cleanup_net+0x644/0xa98 [ 70.110705][ C0] process_one_work+0x79c/0x1140 [ 70.111434][ C0] worker_thread+0x8f4/0x101c [ 70.112110][ C0] kthread+0x374/0x454 [ 70.112762][ C0] ret_from_fork+0x10/0x20 [ 70.113398][ C0] irq event stamp: 1030502 [ 70.114067][ C0] hardirqs last enabled at (1030501): [] exit_to_kernel_mode+0xe0/0x168 [ 70.115486][ C0] hardirqs last disabled at (1030502): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.117004][ C0] softirqs last enabled at (1030480): [] handle_softirqs+0xa4c/0xbf0 [ 70.118444][ C0] softirqs last disabled at (1030443): [] __irq_exit_rcu+0x240/0x440 [ 70.119924][ C0] ---[ end trace eb6d8fd83ed9e1e7 ]--- [ 70.200803][ T4947] loop0: detected capacity change from 0 to 128 [ 70.203706][ T4947] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.204985][ T4947] Bad inode number on dev loop0: 2 is out of range [ 70.205919][ T4947] SysV FS: get root inode failed [ 70.206654][ T4947] oldfs: cannot read superblock [ 70.211836][ C1] ------------[ cut here ]------------ [ 70.212680][ C1] VFS: brelse: Trying to free free buffer [ 70.213487][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.214703][ C1] Modules linked in: [ 70.215285][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 70.216668][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.218116][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.219247][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 70.220095][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 70.220942][ C1] sp : ffff800008017de0 [ 70.221500][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65b [ 70.222730][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 70.223899][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2929060 [ 70.225031][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 70.226139][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.227288][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.228541][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 70.229878][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.231149][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.232513][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.233797][ C1] Call trace: [ 70.234368][ C1] invalidate_bh_lru+0x128/0x234 [ 70.235167][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.236107][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.237279][ C1] ipi_handler+0x10c/0x710 [ 70.237998][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 70.238931][ C1] handle_domain_irq+0x144/0x1fc [ 70.239730][ C1] gic_handle_irq+0x78/0x1c8 [ 70.240455][ C1] call_on_irq_stack+0x30/0x48 [ 70.241213][ C1] do_interrupt_handler+0x6c/0x88 [ 70.242067][ C1] el1_interrupt+0x30/0x58 [ 70.242817][ C1] el1h_64_irq_handler+0x18/0x24 [ 70.243680][ C1] el1h_64_irq+0x78/0x7c [ 70.244369][ C1] alloc_counters+0x3f8/0x7a4 [ 70.245156][ C1] do_ip6t_get_ctl+0xaf4/0x13a8 [ 70.245991][ C1] nf_getsockopt+0x264/0x284 [ 70.246702][ C1] ipv6_getsockopt+0x52c/0x2584 [ 70.247549][ C1] tcp_getsockopt+0x208/0x2e78 [ 70.248344][ C1] sock_common_getsockopt+0xa8/0xc4 [ 70.249146][ C1] __sys_getsockopt+0x1b8/0x250 [ 70.249937][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 70.250809][ C1] invoke_syscall+0x98/0x2b8 [ 70.251567][ C1] el0_svc_common+0x138/0x258 [ 70.252351][ C1] do_el0_svc+0x58/0x14c [ 70.253067][ C1] el0_svc+0x78/0x1e0 [ 70.253682][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 70.254524][ C1] el0t_64_sync+0x1a0/0x1a4 [ 70.255167][ C1] irq event stamp: 187980 [ 70.255840][ C1] hardirqs last enabled at (187979): [] alloc_counters+0x3d4/0x7a4 [ 70.257323][ C1] hardirqs last disabled at (187980): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.258929][ C1] softirqs last enabled at (187760): [] release_sock+0x1d0/0x258 [ 70.260466][ C1] softirqs last disabled at (187758): [] release_sock+0x34/0x258 [ 70.262029][ C1] ---[ end trace eb6d8fd83ed9e1e8 ]--- [ 70.296465][ T4949] loop0: detected capacity change from 0 to 128 [ 70.298589][ T4949] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.299785][ T4949] Bad inode number on dev loop0: 2 is out of range [ 70.300828][ T4949] SysV FS: get root inode failed [ 70.301713][ T4949] oldfs: cannot read superblock [ 70.357192][ T4638] ------------[ cut here ]------------ [ 70.358066][ T4638] VFS: brelse: Trying to free free buffer [ 70.358932][ T4638] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.360171][ T4638] Modules linked in: [ 70.360773][ T4638] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 70.362183][ T4638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.363664][ T4638] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.364975][ T4638] pc : invalidate_bh_lru+0x128/0x234 [ 70.365846][ T4638] lr : invalidate_bh_lru+0x128/0x234 [ 70.366693][ T4638] sp : ffff80001fc86f70 [ 70.367355][ T4638] x29: ffff80001fc86f70 x28: ffff80001417d000 x27: 1fffe0003421845c [ 70.368702][ T4638] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 70.369887][ T4638] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7644e8 [ 70.371080][ T4638] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 70.372343][ T4638] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.373706][ T4638] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.375034][ T4638] x11: 0000000000000002 x10: 0000000000000000 x9 : 55f84b004a0ab400 [ 70.376365][ T4638] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.377693][ T4638] x5 : ffff80001fc86858 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.379040][ T4638] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 70.380259][ T4638] Call trace: [ 70.380776][ T4638] invalidate_bh_lru+0x128/0x234 [ 70.381499][ T4638] smp_call_function_many_cond+0xa50/0xeb0 [ 70.382317][ T4638] on_each_cpu_cond_mask+0x5c/0xc4 [ 70.383083][ T4638] invalidate_bh_lrus+0x34/0x40 [ 70.383880][ T4638] invalidate_bdev+0x90/0xc0 [ 70.384637][ T4638] __loop_clr_fd+0x4e4/0x978 [ 70.385357][ T4638] lo_ioctl+0xd90/0x1c08 [ 70.386013][ T4638] blkdev_ioctl+0x5f8/0xbb8 [ 70.386718][ T4638] block_ioctl+0xa4/0x118 [ 70.387447][ T4638] __arm64_sys_ioctl+0x14c/0x1c8 [ 70.388282][ T4638] invoke_syscall+0x98/0x2b8 [ 70.389090][ T4638] el0_svc_common+0x138/0x258 [ 70.389839][ T4638] do_el0_svc+0x58/0x14c [ 70.390546][ T4638] el0_svc+0x78/0x1e0 [ 70.391164][ T4638] el0t_64_sync_handler+0xcc/0xe4 [ 70.391968][ T4638] el0t_64_sync+0x1a0/0x1a4 [ 70.392738][ T4638] irq event stamp: 189506 [ 70.393382][ T4638] hardirqs last enabled at (189505): [] _raw_spin_unlock_irq+0x98/0x128 [ 70.394859][ T4638] hardirqs last disabled at (189506): [] smp_call_function_many_cond+0xa44/0xeb0 [ 70.396661][ T4638] softirqs last enabled at (188606): [] local_bh_enable+0x10/0x34 [ 70.398230][ T4638] softirqs last disabled at (188604): [] local_bh_disable+0x10/0x34 [ 70.399891][ T4638] ---[ end trace eb6d8fd83ed9e1e9 ]--- [ 70.412381][ T4951] loop0: detected capacity change from 0 to 128 [ 70.415256][ T4951] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.416488][ T4951] Bad inode number on dev loop0: 2 is out of range [ 70.417435][ T4951] SysV FS: get root inode failed [ 70.418343][ T4951] oldfs: cannot read superblock [ 70.428591][ C1] ------------[ cut here ]------------ [ 70.429499][ C1] VFS: brelse: Trying to free free buffer [ 70.430324][ C1] WARNING: CPU: 1 PID: 4953 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.431523][ C1] Modules linked in: [ 70.432112][ C1] CPU: 1 PID: 4953 Comm: syz.0.45 Tainted: G W syzkaller #0 [ 70.433473][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.435139][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.436471][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 70.437325][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 70.438109][ C1] sp : ffff800008017de0 [ 70.438739][ C1] x29: ffff800008017de0 x28: ffff0000d9fd0000 x27: 1fffe0003421c65c [ 70.439992][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 70.441200][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2929400 [ 70.442536][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 70.443875][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.445202][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.446590][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 4ae0def26d260500 [ 70.447851][ C1] x8 : 4ae0def26d260500 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.449232][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.450545][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.451906][ C1] Call trace: [ 70.452471][ C1] invalidate_bh_lru+0x128/0x234 [ 70.453273][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.454191][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.455313][ C1] ipi_handler+0x10c/0x710 [ 70.456064][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 70.456994][ C1] handle_domain_irq+0x144/0x1fc [ 70.457812][ C1] gic_handle_irq+0x78/0x1c8 [ 70.458541][ C1] call_on_irq_stack+0x30/0x48 [ 70.459298][ C1] do_interrupt_handler+0x6c/0x88 [ 70.460085][ C1] el0_interrupt+0x94/0x260 [ 70.460815][ C1] __el0_irq_handler_common+0x18/0x24 [ 70.461678][ C1] el0t_64_irq_handler+0x10/0x1c [ 70.462437][ C1] el0t_64_irq+0x1a0/0x1a4 [ 70.463077][ C1] irq event stamp: 170 [ 70.463753][ C1] hardirqs last enabled at (169): [] el0t_64_sync_handler+0xd8/0xe4 [ 70.465284][ C1] hardirqs last disabled at (170): [] __el0_irq_handler_common+0x18/0x24 [ 70.466854][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 70.468281][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 70.469682][ C1] ---[ end trace eb6d8fd83ed9e1ea ]--- [ 70.516179][ T4953] loop0: detected capacity change from 0 to 128 [ 70.614883][ T4953] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.615967][ T4953] Bad inode number on dev loop0: 2 is out of range [ 70.617057][ T4953] SysV FS: get root inode failed [ 70.617872][ T4953] oldfs: cannot read superblock [ 70.634994][ T4880] ------------[ cut here ]------------ [ 70.635847][ T4880] VFS: brelse: Trying to free free buffer [ 70.636702][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.638053][ T4880] Modules linked in: [ 70.638639][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 70.639823][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.641324][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.642664][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 70.643560][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 70.644437][ T4880] sp : ffff80001fc377c0 [ 70.645092][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 70.646401][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 70.647845][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e29297a0 [ 70.649166][ T4880] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 70.650390][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.651699][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.652921][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 70.654240][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.655451][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.656822][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 70.658033][ T4880] Call trace: [ 70.658534][ T4880] invalidate_bh_lru+0x128/0x234 [ 70.659339][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 70.660243][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 70.660983][ T4880] invalidate_bh_lrus+0x34/0x40 [ 70.661718][ T4880] blkdev_flush_mapping+0x168/0x31c [ 70.662481][ T4880] blkdev_put+0x490/0x6ac [ 70.663168][ T4880] blkdev_close+0x74/0xb0 [ 70.663835][ T4880] __fput+0x1c0/0x7f8 [ 70.664402][ T4880] ____fput+0x20/0x30 [ 70.665059][ T4880] task_work_run+0x12c/0x1e0 [ 70.665764][ T4880] do_notify_resume+0x24b4/0x3128 [ 70.666592][ T4880] el0_svc+0xf0/0x1e0 [ 70.667251][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 70.668074][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 70.668815][ T4880] irq event stamp: 147364 [ 70.669542][ T4880] hardirqs last enabled at (147363): [] kasan_quarantine_put+0xc4/0x204 [ 70.671150][ T4880] hardirqs last disabled at (147364): [] smp_call_function_many_cond+0xa44/0xeb0 [ 70.672871][ T4880] softirqs last enabled at (147166): [] local_bh_enable+0x10/0x34 [ 70.674362][ T4880] softirqs last disabled at (147164): [] local_bh_disable+0x10/0x34 [ 70.675849][ T4880] ---[ end trace eb6d8fd83ed9e1eb ]--- [ 70.717114][ T4958] loop0: detected capacity change from 0 to 128 [ 70.724142][ T4958] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.725403][ T4958] Bad inode number on dev loop0: 2 is out of range [ 70.726396][ T4958] SysV FS: get root inode failed [ 70.727216][ T4958] oldfs: cannot read superblock [ 70.735741][ C1] ------------[ cut here ]------------ [ 70.736658][ C1] VFS: brelse: Trying to free free buffer [ 70.737654][ C1] WARNING: CPU: 1 PID: 4959 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.739108][ C1] Modules linked in: [ 70.739725][ C1] CPU: 1 PID: 4959 Comm: syz.0.48 Tainted: G W syzkaller #0 [ 70.740998][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.742463][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.743602][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 70.744455][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 70.745201][ C1] sp : ffff800008017de0 [ 70.745750][ C1] x29: ffff800008017de0 x28: ffff0000da1ab680 x27: 1fffe0003421c65c [ 70.747071][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 70.748350][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2929b40 [ 70.749693][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 70.750978][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.752214][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.753440][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : e288ee9bc6bb1d00 [ 70.754722][ C1] x8 : e288ee9bc6bb1d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.756016][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.757302][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 70.758596][ C1] Call trace: [ 70.759113][ C1] invalidate_bh_lru+0x128/0x234 [ 70.759898][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.760832][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.761911][ C1] ipi_handler+0x10c/0x710 [ 70.762625][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 70.763437][ C1] handle_domain_irq+0x144/0x1fc [ 70.764145][ C1] gic_handle_irq+0x78/0x1c8 [ 70.764849][ C1] call_on_irq_stack+0x30/0x48 [ 70.765576][ C1] do_interrupt_handler+0x6c/0x88 [ 70.766336][ C1] el1_interrupt+0x30/0x58 [ 70.766970][ C1] el1h_64_irq_handler+0x18/0x24 [ 70.767675][ C1] el1h_64_irq+0x78/0x7c [ 70.768323][ C1] do_set_pte+0x318/0x4e0 [ 70.769000][ C1] filemap_map_pages+0x9c4/0xc50 [ 70.769824][ C1] handle_mm_fault+0x19c0/0x2950 [ 70.770665][ C1] do_page_fault+0x694/0xad4 [ 70.771434][ C1] do_translation_fault+0xe0/0x130 [ 70.772221][ C1] do_mem_abort+0x6c/0x1ac [ 70.772897][ C1] el0_ia+0xe0/0x2d0 [ 70.773464][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 70.774255][ C1] el0t_64_sync+0x1a0/0x1a4 [ 70.774944][ C1] irq event stamp: 1072 [ 70.775610][ C1] hardirqs last enabled at (1071): [] lock_page_memcg+0x110/0x234 [ 70.777133][ C1] hardirqs last disabled at (1072): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.778718][ C1] softirqs last enabled at (496): [] local_bh_enable+0x10/0x34 [ 70.780116][ C1] softirqs last disabled at (494): [] local_bh_disable+0x10/0x34 [ 70.781548][ C1] ---[ end trace eb6d8fd83ed9e1ec ]--- [ 70.826559][ T4960] loop0: detected capacity change from 0 to 128 [ 70.829713][ T4960] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.830844][ T4960] Bad inode number on dev loop0: 2 is out of range [ 70.831798][ T4960] SysV FS: get root inode failed [ 70.832472][ T4960] oldfs: cannot read superblock [ 70.858951][ C0] ------------[ cut here ]------------ [ 70.859877][ C0] VFS: brelse: Trying to free free buffer [ 70.860742][ C0] WARNING: CPU: 0 PID: 4965 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.861979][ C0] Modules linked in: [ 70.862504][ C0] CPU: 0 PID: 4965 Comm: syz.0.50 Tainted: G W syzkaller #0 [ 70.863742][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.865402][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.866565][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 70.867414][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 70.868259][ C0] sp : ffff800008007de0 [ 70.868858][ C0] x29: ffff800008007de0 x28: ffff0000c1b89b40 x27: 1fffe0003421845c [ 70.870115][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 70.871325][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de764888 [ 70.872458][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 70.873668][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.874897][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.876129][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : d7ae4d8d2ff84c00 [ 70.877432][ C0] x8 : d7ae4d8d2ff84c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.878624][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.879826][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.881058][ C0] Call trace: [ 70.881615][ C0] invalidate_bh_lru+0x128/0x234 [ 70.882346][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 70.883327][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.884394][ C0] ipi_handler+0x10c/0x710 [ 70.885052][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 70.885838][ C0] handle_domain_irq+0x144/0x1fc [ 70.886633][ C0] gic_handle_irq+0x78/0x1c8 [ 70.887379][ C0] call_on_irq_stack+0x30/0x48 [ 70.888228][ C0] do_interrupt_handler+0x6c/0x88 [ 70.889095][ C0] el1_interrupt+0x30/0x58 [ 70.889827][ C0] el1h_64_irq_handler+0x18/0x24 [ 70.890639][ C0] el1h_64_irq+0x78/0x7c [ 70.891362][ C0] release_pages+0x274/0x16e0 [ 70.892069][ C0] free_pages_and_swap_cache+0xa0/0xb8 [ 70.892869][ C0] tlb_finish_mmu+0x170/0x324 [ 70.893695][ C0] exit_mmap+0x2c4/0x4e0 [ 70.894348][ C0] __mmput+0xec/0x3b8 [ 70.894947][ C0] mmput+0x80/0xc8 [ 70.895502][ C0] exit_mm+0x4a0/0x684 [ 70.896135][ C0] do_exit+0x4ec/0x1f58 [ 70.896790][ C0] do_group_exit+0x100/0x268 [ 70.897464][ C0] get_signal+0x73c/0x1340 [ 70.898130][ C0] do_notify_resume+0x35c/0x3128 [ 70.898967][ C0] el0_svc+0xf0/0x1e0 [ 70.899622][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 70.900460][ C0] el0t_64_sync+0x1a0/0x1a4 [ 70.901233][ C0] irq event stamp: 1846 [ 70.901927][ C0] hardirqs last enabled at (1845): [] free_unref_page_list+0x6c8/0x754 [ 70.903508][ C0] hardirqs last disabled at (1846): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.905083][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 70.906522][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 70.907875][ C0] ---[ end trace eb6d8fd83ed9e1ed ]--- [ 70.937888][ T4967] loop0: detected capacity change from 0 to 128 [ 70.939877][ T4967] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.941022][ T4967] Bad inode number on dev loop0: 2 is out of range [ 70.941978][ T4967] SysV FS: get root inode failed [ 70.942833][ T4967] oldfs: cannot read superblock [ 70.974349][ C0] ------------[ cut here ]------------ [ 70.975331][ C0] VFS: brelse: Trying to free free buffer [ 70.976269][ C0] WARNING: CPU: 0 PID: 1612 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 70.977634][ C0] Modules linked in: [ 70.978238][ C0] CPU: 0 PID: 1612 Comm: kworker/u4:5 Tainted: G W syzkaller #0 [ 70.979581][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 70.980971][ C0] Workqueue: bat_events batadv_nc_worker [ 70.981836][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.982951][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 70.983662][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 70.984409][ C0] sp : ffff800008007de0 [ 70.985019][ C0] x29: ffff800008007de0 x28: ffff0000ccb8b680 x27: 1fffe0003421845c [ 70.986216][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 70.987479][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de764c28 [ 70.988808][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 70.990119][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 70.991402][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.992635][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cae4c65ef204db00 [ 70.993841][ C0] x8 : cae4c65ef204db00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.995051][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 70.996297][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.997615][ C0] Call trace: [ 70.998098][ C0] invalidate_bh_lru+0x128/0x234 [ 70.998988][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 70.999948][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.001156][ C0] ipi_handler+0x10c/0x710 [ 71.001871][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 71.002770][ C0] handle_domain_irq+0x144/0x1fc [ 71.003554][ C0] gic_handle_irq+0x78/0x1c8 [ 71.004315][ C0] call_on_irq_stack+0x30/0x48 [ 71.005009][ C0] do_interrupt_handler+0x6c/0x88 [ 71.005780][ C0] el1_interrupt+0x30/0x58 [ 71.006488][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.007310][ C0] el1h_64_irq+0x78/0x7c [ 71.008012][ C0] __local_bh_enable_ip+0x200/0x380 [ 71.008825][ C0] _raw_spin_unlock_bh+0xec/0x174 [ 71.009638][ C0] batadv_nc_purge_paths+0x308/0x390 [ 71.010490][ C0] batadv_nc_worker+0x2d0/0x554 [ 71.011251][ C0] process_one_work+0x79c/0x1140 [ 71.012011][ C0] worker_thread+0x8f4/0x101c [ 71.012816][ C0] kthread+0x374/0x454 [ 71.013465][ C0] ret_from_fork+0x10/0x20 [ 71.014154][ C0] irq event stamp: 1117268 [ 71.014865][ C0] hardirqs last enabled at (1117267): [] __local_bh_enable_ip+0x1f8/0x380 [ 71.016390][ C0] hardirqs last disabled at (1117268): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.017954][ C0] softirqs last enabled at (1117266): [] batadv_nc_purge_paths+0x308/0x390 [ 71.019561][ C0] softirqs last disabled at (1117264): [] batadv_nc_purge_paths+0xd0/0x390 [ 71.021106][ C0] ---[ end trace eb6d8fd83ed9e1ee ]--- [ 71.046781][ T4973] loop0: detected capacity change from 0 to 128 [ 71.050214][ T4973] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.051344][ T4973] Bad inode number on dev loop0: 2 is out of range [ 71.052255][ T4973] SysV FS: get root inode failed [ 71.053174][ T4973] oldfs: cannot read superblock [ 71.060583][ C0] ------------[ cut here ]------------ [ 71.061528][ C0] VFS: brelse: Trying to free free buffer [ 71.062458][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.063770][ C0] Modules linked in: [ 71.064338][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 71.065721][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.067072][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.068206][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 71.068974][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 71.069782][ C0] sp : ffff800008007de0 [ 71.070380][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 71.071670][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 71.072970][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de760060 [ 71.074299][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010004 [ 71.075551][ C0] x17: 0000000000010004 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.076856][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.078226][ C0] x11: 0000000000010003 x10: 0000000000010003 x9 : 55f84b004a0ab400 [ 71.079505][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.080848][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.082204][ C0] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 71.083561][ C0] Call trace: [ 71.084052][ C0] invalidate_bh_lru+0x128/0x234 [ 71.084754][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 71.085641][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.086763][ C0] ipi_handler+0x10c/0x710 [ 71.087457][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 71.088346][ C0] handle_domain_irq+0x144/0x1fc [ 71.089128][ C0] gic_handle_irq+0x78/0x1c8 [ 71.089892][ C0] call_on_irq_stack+0x30/0x48 [ 71.090671][ C0] do_interrupt_handler+0x6c/0x88 [ 71.091493][ C0] el1_interrupt+0x30/0x58 [ 71.092128][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.092869][ C0] el1h_64_irq+0x78/0x7c [ 71.093573][ C0] copy_page_range+0xe2c/0x22b8 [ 71.094380][ C0] copy_mm+0x9d4/0x1090 [ 71.095048][ C0] copy_process+0x14d8/0x34ac [ 71.095795][ C0] kernel_clone+0x1d8/0x9d4 [ 71.096508][ C0] __arm64_sys_clone+0x138/0x190 [ 71.097327][ C0] invoke_syscall+0x98/0x2b8 [ 71.098065][ C0] el0_svc_common+0x138/0x258 [ 71.098856][ C0] do_el0_svc+0x58/0x14c [ 71.099484][ C0] el0_svc+0x78/0x1e0 [ 71.100116][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 71.100936][ C0] el0t_64_sync+0x1a0/0x1a4 [ 71.101684][ C0] irq event stamp: 214570 [ 71.102327][ C0] hardirqs last enabled at (214569): [] pte_alloc_one+0x194/0x258 [ 71.103771][ C0] hardirqs last disabled at (214570): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.105359][ C0] softirqs last enabled at (214086): [] local_bh_enable+0x10/0x34 [ 71.106922][ C0] softirqs last disabled at (214084): [] local_bh_disable+0x10/0x34 [ 71.108440][ C0] ---[ end trace eb6d8fd83ed9e1ef ]--- [ 71.166485][ T4975] loop0: detected capacity change from 0 to 128 [ 71.209598][ T4975] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.210795][ T4975] Bad inode number on dev loop0: 2 is out of range [ 71.211830][ T4975] SysV FS: get root inode failed [ 71.212676][ T4975] oldfs: cannot read superblock [ 71.219457][ T4880] ------------[ cut here ]------------ [ 71.220334][ T4880] VFS: brelse: Trying to free free buffer [ 71.221168][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.222417][ T4880] Modules linked in: [ 71.222952][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 71.224282][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.225985][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.227135][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 71.227873][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 71.228726][ T4880] sp : ffff80001fc377c0 [ 71.229397][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 71.230709][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 71.232020][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2929ee0 [ 71.233359][ T4880] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 71.234693][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.235960][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.237194][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 71.238492][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.239832][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.241124][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.242424][ T4880] Call trace: [ 71.242933][ T4880] invalidate_bh_lru+0x128/0x234 [ 71.243753][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 71.244671][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.245442][ T4880] invalidate_bh_lrus+0x34/0x40 [ 71.246221][ T4880] blkdev_flush_mapping+0x168/0x31c [ 71.247011][ T4880] blkdev_put+0x490/0x6ac [ 71.247700][ T4880] blkdev_close+0x74/0xb0 [ 71.248433][ T4880] __fput+0x1c0/0x7f8 [ 71.249112][ T4880] ____fput+0x20/0x30 [ 71.249804][ T4880] task_work_run+0x12c/0x1e0 [ 71.250552][ T4880] do_notify_resume+0x24b4/0x3128 [ 71.251332][ T4880] el0_svc+0xf0/0x1e0 [ 71.251898][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 71.252629][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 71.253338][ T4880] irq event stamp: 178618 [ 71.253958][ T4880] hardirqs last enabled at (178617): [] kasan_quarantine_put+0xc4/0x204 [ 71.255445][ T4880] hardirqs last disabled at (178618): [] smp_call_function_many_cond+0xa44/0xeb0 [ 71.257142][ T4880] softirqs last enabled at (178394): [] local_bh_enable+0x10/0x34 [ 71.258643][ T4880] softirqs last disabled at (178392): [] local_bh_disable+0x10/0x34 [ 71.260175][ T4880] ---[ end trace eb6d8fd83ed9e1f0 ]--- [ 71.306544][ T4977] loop0: detected capacity change from 0 to 128 [ 71.308876][ T4977] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.309934][ T4977] Bad inode number on dev loop0: 2 is out of range [ 71.310948][ T4977] SysV FS: get root inode failed [ 71.311730][ T4977] oldfs: cannot read superblock [ 71.327231][ C1] ------------[ cut here ]------------ [ 71.328187][ C1] VFS: brelse: Trying to free free buffer [ 71.329087][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.330455][ C1] Modules linked in: [ 71.331082][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 71.332377][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.333975][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.335056][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 71.335777][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 71.336511][ C1] sp : ffff800008017de0 [ 71.337130][ C1] x29: ffff800008017de0 x28: ffff0000d5ffd1c0 x27: 1fffe0003421c65c [ 71.338402][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 71.339691][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a14318 [ 71.340963][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 71.342290][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.343603][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.344973][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : f2a86110d0363700 [ 71.346330][ C1] x8 : f2a86110d0363700 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.347648][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.348838][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 71.349980][ C1] Call trace: [ 71.350447][ C1] invalidate_bh_lru+0x128/0x234 [ 71.351290][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 71.352227][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.353346][ C1] ipi_handler+0x10c/0x710 [ 71.354020][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 71.354855][ C1] handle_domain_irq+0x144/0x1fc [ 71.355645][ C1] gic_handle_irq+0x78/0x1c8 [ 71.356348][ C1] call_on_irq_stack+0x30/0x48 [ 71.357022][ C1] do_interrupt_handler+0x6c/0x88 [ 71.357713][ C1] el1_interrupt+0x30/0x58 [ 71.358357][ C1] el1h_64_irq_handler+0x18/0x24 [ 71.359146][ C1] el1h_64_irq+0x78/0x7c [ 71.359837][ C1] aa_file_perm+0x1a0/0xce4 [ 71.360548][ C1] common_file_perm+0x160/0x1cc [ 71.361272][ C1] apparmor_file_permission+0x34/0x44 [ 71.362165][ C1] security_file_permission+0x78/0xbc [ 71.362869][ C1] vfs_read+0x1f0/0xa10 [ 71.363469][ C1] ksys_read+0x120/0x210 [ 71.364084][ C1] __arm64_sys_read+0x7c/0x90 [ 71.364745][ C1] invoke_syscall+0x98/0x2b8 [ 71.365396][ C1] el0_svc_common+0x138/0x258 [ 71.366094][ C1] do_el0_svc+0x58/0x14c [ 71.366825][ C1] el0_svc+0x78/0x1e0 [ 71.367472][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 71.368294][ C1] el0t_64_sync+0x1a0/0x1a4 [ 71.369003][ C1] irq event stamp: 927234 [ 71.369715][ C1] hardirqs last enabled at (927233): [] el0_svc_common+0x9c/0x258 [ 71.371220][ C1] hardirqs last disabled at (927234): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.372867][ C1] softirqs last enabled at (927164): [] local_bh_enable+0x10/0x34 [ 71.374473][ C1] softirqs last disabled at (927162): [] local_bh_disable+0x10/0x34 [ 71.376039][ C1] ---[ end trace eb6d8fd83ed9e1f1 ]--- [ 71.415419][ T4981] loop0: detected capacity change from 0 to 128 [ 71.456362][ T4981] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.457436][ T4981] Bad inode number on dev loop0: 2 is out of range [ 71.458453][ T4981] SysV FS: get root inode failed [ 71.459193][ T4981] oldfs: cannot read superblock [ 71.465909][ T4880] ------------[ cut here ]------------ [ 71.466763][ T4880] VFS: brelse: Trying to free free buffer [ 71.467786][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.469111][ T4880] Modules linked in: [ 71.469745][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 71.470919][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.472356][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.473471][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 71.474210][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 71.474986][ T4880] sp : ffff80001fc377c0 [ 71.475700][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 71.477009][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 71.478396][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de760400 [ 71.479612][ T4880] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 71.480878][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.482191][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.483514][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 71.484866][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.486208][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.487522][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.488902][ T4880] Call trace: [ 71.489424][ T4880] invalidate_bh_lru+0x128/0x234 [ 71.490227][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 71.491173][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.491952][ T4880] invalidate_bh_lrus+0x34/0x40 [ 71.492705][ T4880] blkdev_flush_mapping+0x168/0x31c [ 71.493620][ T4880] blkdev_put+0x490/0x6ac [ 71.494289][ T4880] blkdev_close+0x74/0xb0 [ 71.494981][ T4880] __fput+0x1c0/0x7f8 [ 71.495604][ T4880] ____fput+0x20/0x30 [ 71.496294][ T4880] task_work_run+0x12c/0x1e0 [ 71.497091][ T4880] do_notify_resume+0x24b4/0x3128 [ 71.497879][ T4880] el0_svc+0xf0/0x1e0 [ 71.498456][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 71.499260][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 71.499987][ T4880] irq event stamp: 190398 [ 71.500695][ T4880] hardirqs last enabled at (190397): [] kasan_quarantine_put+0xc4/0x204 [ 71.502309][ T4880] hardirqs last disabled at (190398): [] smp_call_function_many_cond+0xa44/0xeb0 [ 71.504036][ T4880] softirqs last enabled at (190192): [] local_bh_enable+0x10/0x34 [ 71.505646][ T4880] softirqs last disabled at (190190): [] local_bh_disable+0x10/0x34 [ 71.507172][ T4880] ---[ end trace eb6d8fd83ed9e1f2 ]--- [ 71.536550][ T4983] loop0: detected capacity change from 0 to 128 [ 71.538748][ T4983] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.539845][ T4983] Bad inode number on dev loop0: 2 is out of range [ 71.540817][ T4983] SysV FS: get root inode failed [ 71.541520][ T4983] oldfs: cannot read superblock [ 71.546226][ C0] ------------[ cut here ]------------ [ 71.546959][ C0] VFS: brelse: Trying to free free buffer [ 71.547722][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.549011][ C0] Modules linked in: [ 71.549570][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 71.550829][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.552128][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.553352][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 71.554133][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 71.554966][ C0] sp : ffff800008007de0 [ 71.555601][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 71.556962][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 71.558218][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7607a0 [ 71.559495][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 71.560723][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.562050][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.563311][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 71.564597][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.565932][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.567330][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 71.568552][ C0] Call trace: [ 71.569039][ C0] invalidate_bh_lru+0x128/0x234 [ 71.569823][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 71.570756][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.571930][ C0] ipi_handler+0x10c/0x710 [ 71.572661][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 71.573544][ C0] handle_domain_irq+0x144/0x1fc [ 71.574309][ C0] gic_handle_irq+0x78/0x1c8 [ 71.575021][ C0] call_on_irq_stack+0x30/0x48 [ 71.575785][ C0] do_interrupt_handler+0x6c/0x88 [ 71.576559][ C0] el1_interrupt+0x30/0x58 [ 71.577165][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.577865][ C0] el1h_64_irq+0x78/0x7c [ 71.578508][ C0] kasan_check_range+0x10/0x2b0 [ 71.579231][ C0] memset+0x58/0x88 [ 71.579843][ C0] sock_alloc_inode+0x58/0xc4 [ 71.580565][ C0] new_inode_pseudo+0x68/0x1fc [ 71.581346][ C0] __sock_create+0x140/0x8b4 [ 71.582044][ C0] __sys_socket+0xf0/0x18c [ 71.582715][ C0] __arm64_sys_socket+0x7c/0x94 [ 71.583482][ C0] invoke_syscall+0x98/0x2b8 [ 71.584245][ C0] el0_svc_common+0x138/0x258 [ 71.585029][ C0] do_el0_svc+0x58/0x14c [ 71.585729][ C0] el0_svc+0x78/0x1e0 [ 71.586389][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 71.587215][ C0] el0t_64_sync+0x1a0/0x1a4 [ 71.587897][ C0] irq event stamp: 224542 [ 71.588627][ C0] hardirqs last enabled at (224541): [] el0_svc_common+0x9c/0x258 [ 71.590126][ C0] hardirqs last disabled at (224542): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.591686][ C0] softirqs last enabled at (224520): [] release_sock+0x1d0/0x258 [ 71.593025][ C0] softirqs last disabled at (224518): [] release_sock+0x34/0x258 [ 71.594322][ C0] ---[ end trace eb6d8fd83ed9e1f3 ]--- [ 71.636295][ T4985] loop0: detected capacity change from 0 to 128 [ 71.688857][ T4985] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.690186][ T4985] Bad inode number on dev loop0: 2 is out of range [ 71.691189][ T4985] SysV FS: get root inode failed [ 71.691983][ T4985] oldfs: cannot read superblock [ 71.712527][ T4880] ------------[ cut here ]------------ [ 71.713385][ T4880] VFS: brelse: Trying to free free buffer [ 71.714363][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.715825][ T4880] Modules linked in: [ 71.716492][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 71.717893][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.719632][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.720896][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 71.721784][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 71.722685][ T4880] sp : ffff80001fc377c0 [ 71.723347][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 71.724616][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 71.725896][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a146b8 [ 71.727180][ T4880] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 71.728486][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.729862][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.731147][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 71.732483][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.733778][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.735020][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.736324][ T4880] Call trace: [ 71.736834][ T4880] invalidate_bh_lru+0x128/0x234 [ 71.737621][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 71.738551][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.739358][ T4880] invalidate_bh_lrus+0x34/0x40 [ 71.740173][ T4880] blkdev_flush_mapping+0x168/0x31c [ 71.741042][ T4880] blkdev_put+0x490/0x6ac [ 71.741719][ T4880] blkdev_close+0x74/0xb0 [ 71.742445][ T4880] __fput+0x1c0/0x7f8 [ 71.743092][ T4880] ____fput+0x20/0x30 [ 71.743741][ T4880] task_work_run+0x12c/0x1e0 [ 71.744452][ T4880] do_notify_resume+0x24b4/0x3128 [ 71.745239][ T4880] el0_svc+0xf0/0x1e0 [ 71.745853][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 71.746578][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 71.747350][ T4880] irq event stamp: 201826 [ 71.748049][ T4880] hardirqs last enabled at (201825): [] kasan_quarantine_put+0xc4/0x204 [ 71.749534][ T4880] hardirqs last disabled at (201826): [] smp_call_function_many_cond+0xa44/0xeb0 [ 71.751118][ T4880] softirqs last enabled at (201610): [] local_bh_enable+0x10/0x34 [ 71.752476][ T4880] softirqs last disabled at (201608): [] local_bh_disable+0x10/0x34 [ 71.753898][ T4880] ---[ end trace eb6d8fd83ed9e1f4 ]--- [ 71.806679][ T4989] loop0: detected capacity change from 0 to 128 [ 71.809344][ T4989] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.810397][ T4989] Bad inode number on dev loop0: 2 is out of range [ 71.811268][ T4989] SysV FS: get root inode failed [ 71.811903][ T4989] oldfs: cannot read superblock [ 71.817504][ T4880] ------------[ cut here ]------------ [ 71.818400][ T4880] VFS: brelse: Trying to free free buffer [ 71.819317][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.820663][ T4880] Modules linked in: [ 71.821217][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 71.822474][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.824061][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.825324][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 71.826172][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 71.827042][ T4880] sp : ffff80001fc377c0 [ 71.827713][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 71.828937][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 71.830298][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a14a58 [ 71.831600][ T4880] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 71.832898][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.834112][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.835448][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 71.836622][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.837945][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.839255][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.840467][ T4880] Call trace: [ 71.840958][ T4880] invalidate_bh_lru+0x128/0x234 [ 71.841655][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 71.842555][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.843337][ T4880] invalidate_bh_lrus+0x34/0x40 [ 71.844080][ T4880] blkdev_flush_mapping+0x168/0x31c [ 71.844914][ T4880] blkdev_put+0x490/0x6ac [ 71.845622][ T4880] blkdev_close+0x74/0xb0 [ 71.846332][ T4880] __fput+0x1c0/0x7f8 [ 71.846969][ T4880] ____fput+0x20/0x30 [ 71.847610][ T4880] task_work_run+0x12c/0x1e0 [ 71.848342][ T4880] do_notify_resume+0x24b4/0x3128 [ 71.849179][ T4880] el0_svc+0xf0/0x1e0 [ 71.849810][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 71.850613][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 71.851300][ T4880] irq event stamp: 205288 [ 71.851989][ T4880] hardirqs last enabled at (205287): [] kasan_quarantine_put+0xc4/0x204 [ 71.853486][ T4880] hardirqs last disabled at (205288): [] smp_call_function_many_cond+0xa44/0xeb0 [ 71.855055][ T4880] softirqs last enabled at (205094): [] local_bh_enable+0x10/0x34 [ 71.856391][ T4880] softirqs last disabled at (205092): [] local_bh_disable+0x10/0x34 [ 71.857764][ T4880] ---[ end trace eb6d8fd83ed9e1f5 ]--- 1970/01/01 00:01:11 executed programs: 50 [ 71.886901][ T4991] loop0: detected capacity change from 0 to 128 [ 71.925596][ T4991] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.931205][ T4991] Bad inode number on dev loop0: 2 is out of range [ 71.932213][ T4991] SysV FS: get root inode failed [ 71.932919][ T4991] oldfs: cannot read superblock [ 71.939073][ T4880] ------------[ cut here ]------------ [ 71.939938][ T4880] VFS: brelse: Trying to free free buffer [ 71.940863][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.942139][ T4880] Modules linked in: [ 71.942727][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 71.944012][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 71.945510][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.946693][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 71.947484][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 71.948324][ T4880] sp : ffff80001fc377c0 [ 71.949003][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 71.950289][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 71.951581][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de75da58 [ 71.952875][ T4880] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 71.954166][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 71.955349][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.956616][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 71.957915][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.959233][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 71.960564][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.961890][ T4880] Call trace: [ 71.962394][ T4880] invalidate_bh_lru+0x128/0x234 [ 71.963183][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 71.964062][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.964801][ T4880] invalidate_bh_lrus+0x34/0x40 [ 71.965544][ T4880] blkdev_flush_mapping+0x168/0x31c [ 71.966298][ T4880] blkdev_put+0x490/0x6ac [ 71.966914][ T4880] blkdev_close+0x74/0xb0 [ 71.967522][ T4880] __fput+0x1c0/0x7f8 [ 71.968126][ T4880] ____fput+0x20/0x30 [ 71.968678][ T4880] task_work_run+0x12c/0x1e0 [ 71.969351][ T4880] do_notify_resume+0x24b4/0x3128 [ 71.970145][ T4880] el0_svc+0xf0/0x1e0 [ 71.970755][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 71.971515][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 71.972166][ T4880] irq event stamp: 208482 [ 71.972764][ T4880] hardirqs last enabled at (208481): [] kasan_quarantine_put+0xc4/0x204 [ 71.974224][ T4880] hardirqs last disabled at (208482): [] smp_call_function_many_cond+0xa44/0xeb0 [ 71.975813][ T4880] softirqs last enabled at (208288): [] local_bh_enable+0x10/0x34 [ 71.977180][ T4880] softirqs last disabled at (208286): [] local_bh_disable+0x10/0x34 [ 71.978652][ T4880] ---[ end trace eb6d8fd83ed9e1f6 ]--- [ 72.006896][ T4994] loop0: detected capacity change from 0 to 128 [ 72.055778][ T4994] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.057009][ T4994] Bad inode number on dev loop0: 2 is out of range [ 72.057992][ T4994] SysV FS: get root inode failed [ 72.058759][ T4994] oldfs: cannot read superblock [ 72.068529][ T4880] ------------[ cut here ]------------ [ 72.069431][ T4880] VFS: brelse: Trying to free free buffer [ 72.070294][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.071508][ T4880] Modules linked in: [ 72.072138][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 72.073343][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.074858][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.076162][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 72.077051][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 72.077862][ T4880] sp : ffff80001fc377c0 [ 72.078549][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 72.079878][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 72.081284][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de75ddf8 [ 72.082524][ T4880] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 72.083845][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.085163][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.086441][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 72.087691][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.088920][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.090215][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.091441][ T4880] Call trace: [ 72.091911][ T4880] invalidate_bh_lru+0x128/0x234 [ 72.092679][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 72.093562][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.094341][ T4880] invalidate_bh_lrus+0x34/0x40 [ 72.095077][ T4880] blkdev_flush_mapping+0x168/0x31c [ 72.095890][ T4880] blkdev_put+0x490/0x6ac [ 72.096587][ T4880] blkdev_close+0x74/0xb0 [ 72.097295][ T4880] __fput+0x1c0/0x7f8 [ 72.097942][ T4880] ____fput+0x20/0x30 [ 72.098585][ T4880] task_work_run+0x12c/0x1e0 [ 72.099331][ T4880] do_notify_resume+0x24b4/0x3128 [ 72.100139][ T4880] el0_svc+0xf0/0x1e0 [ 72.100787][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 72.101606][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 72.102326][ T4880] irq event stamp: 211720 [ 72.103037][ T4880] hardirqs last enabled at (211719): [] kasan_quarantine_put+0xc4/0x204 [ 72.104682][ T4880] hardirqs last disabled at (211720): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.106413][ T4880] softirqs last enabled at (211514): [] local_bh_enable+0x10/0x34 [ 72.107956][ T4880] softirqs last disabled at (211512): [] local_bh_disable+0x10/0x34 [ 72.109571][ T4880] ---[ end trace eb6d8fd83ed9e1f7 ]--- [ 72.148169][ T4997] loop0: detected capacity change from 0 to 128 [ 72.150985][ T4997] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.152038][ T4997] Bad inode number on dev loop0: 2 is out of range [ 72.153160][ T4997] SysV FS: get root inode failed [ 72.153999][ T4997] oldfs: cannot read superblock [ 72.158215][ C0] ------------[ cut here ]------------ [ 72.159045][ C0] VFS: brelse: Trying to free free buffer [ 72.159961][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.161310][ C0] Modules linked in: [ 72.161882][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.163309][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.164862][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.166132][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 72.167019][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 72.167897][ C0] sp : ffff800008007de0 [ 72.168595][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 72.169831][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 72.171189][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de759230 [ 72.172490][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 72.173804][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.175082][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.176348][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 72.177656][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.179026][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.180235][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.181585][ C0] Call trace: [ 72.182149][ C0] invalidate_bh_lru+0x128/0x234 [ 72.182949][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 72.183929][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.184961][ C0] ipi_handler+0x10c/0x710 [ 72.185677][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 72.186562][ C0] handle_domain_irq+0x144/0x1fc [ 72.187331][ C0] gic_handle_irq+0x78/0x1c8 [ 72.188073][ C0] call_on_irq_stack+0x30/0x48 [ 72.188837][ C0] do_interrupt_handler+0x6c/0x88 [ 72.189656][ C0] el1_interrupt+0x30/0x58 [ 72.190311][ C0] el1h_64_irq_handler+0x18/0x24 [ 72.191064][ C0] el1h_64_irq+0x78/0x7c [ 72.191720][ C0] local_daif_restore+0x20/0x3c [ 72.192406][ C0] el0_da+0x80/0x1fc [ 72.192974][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 72.193680][ C0] el0t_64_sync+0x1a0/0x1a4 [ 72.194409][ C0] irq event stamp: 236904 [ 72.195015][ C0] hardirqs last enabled at (236903): [] local_daif_restore+0x1c/0x3c [ 72.196421][ C0] hardirqs last disabled at (236904): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.198024][ C0] softirqs last enabled at (236898): [] release_sock+0x1d0/0x258 [ 72.199493][ C0] softirqs last disabled at (236896): [] release_sock+0x34/0x258 [ 72.200957][ C0] ---[ end trace eb6d8fd83ed9e1f8 ]--- [ 72.236830][ T4999] loop0: detected capacity change from 0 to 128 [ 72.240321][ T4999] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.241551][ T4999] Bad inode number on dev loop0: 2 is out of range [ 72.243028][ T4999] SysV FS: get root inode failed [ 72.243719][ T4999] oldfs: cannot read superblock [ 72.250213][ C1] ------------[ cut here ]------------ [ 72.251247][ C1] VFS: brelse: Trying to free free buffer [ 72.252211][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.253665][ C1] Modules linked in: [ 72.254245][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.255689][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.257179][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.258352][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 72.259180][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 72.260033][ C1] sp : ffff800008017de0 [ 72.260738][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 72.262031][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 72.263224][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a14df8 [ 72.264539][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 72.265786][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.267171][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.268455][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 72.269649][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.270961][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.272314][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 72.273570][ C1] Call trace: [ 72.274103][ C1] invalidate_bh_lru+0x128/0x234 [ 72.274897][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 72.275864][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.277016][ C1] ipi_handler+0x10c/0x710 [ 72.277730][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 72.278649][ C1] handle_domain_irq+0x144/0x1fc [ 72.279393][ C1] gic_handle_irq+0x78/0x1c8 [ 72.280148][ C1] call_on_irq_stack+0x30/0x48 [ 72.280957][ C1] do_interrupt_handler+0x6c/0x88 [ 72.281801][ C1] el1_interrupt+0x30/0x58 [ 72.282524][ C1] el1h_64_irq_handler+0x18/0x24 [ 72.283342][ C1] el1h_64_irq+0x78/0x7c [ 72.284010][ C1] __sanitizer_cov_trace_pc+0xa4/0xac [ 72.284850][ C1] preempt_count_add+0x13c/0x3bc [ 72.285630][ C1] _raw_spin_lock+0x24/0x10c [ 72.286405][ C1] __d_lookup+0x204/0x6a8 [ 72.287142][ C1] d_lookup+0x38/0x80 [ 72.287735][ C1] lookup_one_qstr_excl+0x3c/0x230 [ 72.288600][ C1] do_unlinkat+0x19c/0x600 [ 72.289314][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 72.290134][ C1] invoke_syscall+0x98/0x2b8 [ 72.290837][ C1] el0_svc_common+0x138/0x258 [ 72.291493][ C1] do_el0_svc+0x58/0x14c [ 72.292161][ C1] el0_svc+0x78/0x1e0 [ 72.292841][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 72.293696][ C1] el0t_64_sync+0x1a0/0x1a4 [ 72.294413][ C1] irq event stamp: 239178 [ 72.295127][ C1] hardirqs last enabled at (239177): [] read_seqbegin+0x1fc/0x304 [ 72.296637][ C1] hardirqs last disabled at (239178): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.298258][ C1] softirqs last enabled at (238726): [] local_bh_enable+0x10/0x34 [ 72.299805][ C1] softirqs last disabled at (238724): [] local_bh_disable+0x10/0x34 [ 72.301261][ C1] ---[ end trace eb6d8fd83ed9e1f9 ]--- [ 72.342811][ T5003] loop0: detected capacity change from 0 to 128 [ 72.346382][ T5003] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.347565][ T5003] Bad inode number on dev loop0: 2 is out of range [ 72.348532][ T5003] SysV FS: get root inode failed [ 72.349461][ T5003] oldfs: cannot read superblock [ 72.357027][ T4880] ------------[ cut here ]------------ [ 72.357904][ T4880] VFS: brelse: Trying to free free buffer [ 72.358811][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.360167][ T4880] Modules linked in: [ 72.360749][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 72.362108][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.363797][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.365036][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 72.365850][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 72.366670][ T4880] sp : ffff80001fc377c0 [ 72.367268][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 72.368611][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 72.369936][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7595d0 [ 72.371233][ T4880] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 72.372498][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.373751][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.375067][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 72.376316][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.377594][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.378911][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.380139][ T4880] Call trace: [ 72.380615][ T4880] invalidate_bh_lru+0x128/0x234 [ 72.381323][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 72.382183][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.382954][ T4880] invalidate_bh_lrus+0x34/0x40 [ 72.383673][ T4880] blkdev_flush_mapping+0x168/0x31c [ 72.384520][ T4880] blkdev_put+0x490/0x6ac [ 72.385244][ T4880] blkdev_close+0x74/0xb0 [ 72.385944][ T4880] __fput+0x1c0/0x7f8 [ 72.386596][ T4880] ____fput+0x20/0x30 [ 72.387259][ T4880] task_work_run+0x12c/0x1e0 [ 72.387980][ T4880] do_notify_resume+0x24b4/0x3128 [ 72.388787][ T4880] el0_svc+0xf0/0x1e0 [ 72.389441][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 72.390273][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 72.391024][ T4880] irq event stamp: 224816 [ 72.391725][ T4880] hardirqs last enabled at (224815): [] kasan_quarantine_put+0xc4/0x204 [ 72.393288][ T4880] hardirqs last disabled at (224816): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.394967][ T4880] softirqs last enabled at (224598): [] local_bh_enable+0x10/0x34 [ 72.396459][ T4880] softirqs last disabled at (224596): [] local_bh_disable+0x10/0x34 [ 72.398003][ T4880] ---[ end trace eb6d8fd83ed9e1fa ]--- [ 72.426881][ T5005] loop0: detected capacity change from 0 to 128 [ 72.429093][ T5005] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.430182][ T5005] Bad inode number on dev loop0: 2 is out of range [ 72.431156][ T5005] SysV FS: get root inode failed [ 72.431870][ T5005] oldfs: cannot read superblock [ 72.439902][ C0] ------------[ cut here ]------------ [ 72.440847][ C0] VFS: brelse: Trying to free free buffer [ 72.441780][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.443056][ C0] Modules linked in: [ 72.443667][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.444963][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.446643][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.447906][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 72.448742][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 72.449637][ C0] sp : ffff800008007de0 [ 72.450317][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845b [ 72.451656][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 72.452879][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de759970 [ 72.454076][ C0] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 72.455312][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.456612][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.457939][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 72.459174][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.460419][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.461742][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 72.462945][ C0] Call trace: [ 72.463425][ C0] invalidate_bh_lru+0x128/0x234 [ 72.464244][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 72.465176][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.466308][ C0] ipi_handler+0x10c/0x710 [ 72.467051][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 72.467940][ C0] handle_domain_irq+0x144/0x1fc [ 72.468777][ C0] gic_handle_irq+0x78/0x1c8 [ 72.469512][ C0] call_on_irq_stack+0x30/0x48 [ 72.470294][ C0] do_interrupt_handler+0x6c/0x88 [ 72.471105][ C0] el1_interrupt+0x30/0x58 [ 72.471823][ C0] el1h_64_irq_handler+0x18/0x24 [ 72.472610][ C0] el1h_64_irq+0x78/0x7c [ 72.473297][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 72.474226][ C0] __slab_free+0x1b8/0x254 [ 72.474927][ C0] ___cache_free+0x178/0x1bc [ 72.475697][ C0] qlink_free+0x5c/0xa4 [ 72.476419][ C0] qlist_free_all+0x40/0xa8 [ 72.477132][ C0] kasan_quarantine_reduce+0x124/0x130 [ 72.477958][ C0] __kasan_slab_alloc+0x34/0xcc [ 72.478737][ C0] slab_post_alloc_hook+0x74/0x408 [ 72.479579][ C0] kmem_cache_alloc+0x1e0/0x3e4 [ 72.480311][ C0] getname_flags+0xb8/0x450 [ 72.481051][ C0] __arm64_sys_mkdirat+0x80/0xa8 [ 72.481891][ C0] invoke_syscall+0x98/0x2b8 [ 72.482616][ C0] el0_svc_common+0x138/0x258 [ 72.483373][ C0] do_el0_svc+0x58/0x14c [ 72.484024][ C0] el0_svc+0x78/0x1e0 [ 72.484642][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 72.485428][ C0] el0t_64_sync+0x1a0/0x1a4 [ 72.486124][ C0] irq event stamp: 245012 [ 72.486826][ C0] hardirqs last enabled at (245011): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 72.488404][ C0] hardirqs last disabled at (245012): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.489926][ C0] softirqs last enabled at (244172): [] local_bh_enable+0x10/0x34 [ 72.491378][ C0] softirqs last disabled at (244170): [] local_bh_disable+0x10/0x34 [ 72.492900][ C0] ---[ end trace eb6d8fd83ed9e1fb ]--- [ 72.524371][ T5007] loop0: detected capacity change from 0 to 128 [ 72.526615][ T5007] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.527632][ T5007] Bad inode number on dev loop0: 2 is out of range [ 72.528671][ T5007] SysV FS: get root inode failed [ 72.529465][ T5007] oldfs: cannot read superblock [ 72.530333][ T5007] ------------[ cut here ]------------ [ 72.531153][ T5007] VFS: brelse: Trying to free free buffer [ 72.532010][ T5007] WARNING: CPU: 0 PID: 5007 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.533273][ T5007] Modules linked in: [ 72.533885][ T5007] CPU: 0 PID: 5007 Comm: syz.0.69 Tainted: G W syzkaller #0 [ 72.535230][ T5007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.536828][ T5007] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.538103][ T5007] pc : invalidate_bh_lru+0x128/0x234 [ 72.539008][ T5007] lr : invalidate_bh_lru+0x128/0x234 [ 72.539885][ T5007] sp : ffff80001fe676e0 [ 72.540543][ T5007] x29: ffff80001fe676e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 72.541883][ T5007] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 72.543164][ T5007] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de759d10 [ 72.544488][ T5007] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 72.545734][ T5007] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.547081][ T5007] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.548430][ T5007] x11: 0000000000000002 x10: 0000000000000000 x9 : 1e75516704e4af00 [ 72.549650][ T5007] x8 : 1e75516704e4af00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.550884][ T5007] x5 : ffff80001fe66fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.552025][ T5007] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.553333][ T5007] Call trace: [ 72.553811][ T5007] invalidate_bh_lru+0x128/0x234 [ 72.554598][ T5007] smp_call_function_many_cond+0xa50/0xeb0 [ 72.555473][ T5007] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.556248][ T5007] invalidate_bh_lrus+0x34/0x40 [ 72.557032][ T5007] blkdev_flush_mapping+0x168/0x31c [ 72.557900][ T5007] blkdev_put+0x490/0x6ac [ 72.558582][ T5007] kill_block_super+0x98/0xdc [ 72.559341][ T5007] deactivate_locked_super+0xb8/0x13c [ 72.560192][ T5007] mount_bdev+0x284/0x358 [ 72.560885][ T5007] sysv_mount+0x44/0x58 [ 72.561547][ T5007] legacy_get_tree+0xd4/0x16c [ 72.562255][ T5007] vfs_get_tree+0x90/0x274 [ 72.562911][ T5007] do_new_mount+0x228/0x810 [ 72.563637][ T5007] path_mount+0x5b4/0x1000 [ 72.564416][ T5007] __arm64_sys_mount+0x514/0x5e4 [ 72.565216][ T5007] invoke_syscall+0x98/0x2b8 [ 72.565912][ T5007] el0_svc_common+0x138/0x258 [ 72.566689][ T5007] do_el0_svc+0x58/0x14c [ 72.567361][ T5007] el0_svc+0x78/0x1e0 [ 72.568023][ T5007] el0t_64_sync_handler+0xcc/0xe4 [ 72.568830][ T5007] el0t_64_sync+0x1a0/0x1a4 [ 72.569527][ T5007] irq event stamp: 938 [ 72.570141][ T5007] hardirqs last enabled at (937): [] kasan_quarantine_put+0xc4/0x204 [ 72.571635][ T5007] hardirqs last disabled at (938): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.573361][ T5007] softirqs last enabled at (780): [] local_bh_enable+0x10/0x34 [ 72.574855][ T5007] softirqs last disabled at (778): [] local_bh_disable+0x10/0x34 [ 72.576374][ T5007] ---[ end trace eb6d8fd83ed9e1fc ]--- [ 72.665273][ T5009] loop0: detected capacity change from 0 to 128 [ 72.667964][ T5009] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.669146][ T5009] Bad inode number on dev loop0: 2 is out of range [ 72.670118][ T5009] SysV FS: get root inode failed [ 72.670929][ T5009] oldfs: cannot read superblock [ 72.679425][ C0] ------------[ cut here ]------------ [ 72.680268][ C0] VFS: brelse: Trying to free free buffer [ 72.681108][ C0] WARNING: CPU: 0 PID: 5011 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.682430][ C0] Modules linked in: [ 72.683072][ C0] CPU: 0 PID: 5011 Comm: syz.0.71 Tainted: G W syzkaller #0 [ 72.684506][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.686144][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.687390][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 72.688225][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 72.688974][ C0] sp : ffff800008007de0 [ 72.689634][ C0] x29: ffff800008007de0 x28: ffff0000d9140000 x27: 1fffe0003421845c [ 72.690912][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 72.692190][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de755148 [ 72.693418][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 72.694651][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.695814][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.697053][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 63582d8f8cc84900 [ 72.698316][ C0] x8 : 63582d8f8cc84900 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.699519][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.700735][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.701963][ C0] Call trace: [ 72.702393][ C0] invalidate_bh_lru+0x128/0x234 [ 72.703136][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 72.703997][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.704965][ C0] ipi_handler+0x10c/0x710 [ 72.705680][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 72.706472][ C0] handle_domain_irq+0x144/0x1fc [ 72.707339][ C0] gic_handle_irq+0x78/0x1c8 [ 72.708112][ C0] call_on_irq_stack+0x30/0x48 [ 72.708871][ C0] do_interrupt_handler+0x6c/0x88 [ 72.709657][ C0] el0_interrupt+0x94/0x260 [ 72.710338][ C0] __el0_irq_handler_common+0x18/0x24 [ 72.711278][ C0] el0t_64_irq_handler+0x10/0x1c [ 72.712059][ C0] el0t_64_irq+0x1a0/0x1a4 [ 72.712816][ C0] irq event stamp: 144 [ 72.713476][ C0] hardirqs last enabled at (143): [] el0t_64_sync_handler+0xd8/0xe4 [ 72.715044][ C0] hardirqs last disabled at (144): [] __el0_irq_handler_common+0x18/0x24 [ 72.716631][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 72.718068][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 72.719491][ C0] ---[ end trace eb6d8fd83ed9e1fd ]--- [ 72.747268][ T5011] loop0: detected capacity change from 0 to 128 [ 72.795126][ T5011] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.796346][ T5011] Bad inode number on dev loop0: 2 is out of range [ 72.797350][ T5011] SysV FS: get root inode failed [ 72.798133][ T5011] oldfs: cannot read superblock [ 72.806019][ C1] ------------[ cut here ]------------ [ 72.806912][ C1] VFS: brelse: Trying to free free buffer [ 72.807795][ C1] WARNING: CPU: 1 PID: 5012 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.808994][ C1] Modules linked in: [ 72.809514][ C1] CPU: 1 PID: 5012 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.810860][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.812430][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.813662][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 72.814500][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 72.815359][ C1] sp : ffff800008017de0 [ 72.815978][ C1] x29: ffff800008017de0 x28: ffff0000d0fb51c0 x27: 1fffe0003421c65b [ 72.817252][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 72.818533][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a15230 [ 72.819813][ C1] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 72.821010][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.822220][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.823386][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 28e656b2ebdf0900 [ 72.824643][ C1] x8 : 28e656b2ebdf0900 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.825806][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.826984][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 72.828137][ C1] Call trace: [ 72.828604][ C1] invalidate_bh_lru+0x128/0x234 [ 72.829307][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 72.830148][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.831190][ C1] ipi_handler+0x10c/0x710 [ 72.831871][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 72.832721][ C1] handle_domain_irq+0x144/0x1fc [ 72.833464][ C1] gic_handle_irq+0x78/0x1c8 [ 72.834165][ C1] call_on_irq_stack+0x30/0x48 [ 72.834939][ C1] do_interrupt_handler+0x6c/0x88 [ 72.835759][ C1] el1_interrupt+0x30/0x58 [ 72.836466][ C1] el1h_64_irq_handler+0x18/0x24 [ 72.837258][ C1] el1h_64_irq+0x78/0x7c [ 72.837894][ C1] ___slab_alloc+0xc44/0xda8 [ 72.838614][ C1] __slab_alloc+0x68/0xc0 [ 72.839278][ C1] kmem_cache_alloc+0x2ac/0x3e4 [ 72.839991][ C1] getname_flags+0xb8/0x450 [ 72.840697][ C1] user_path_at_empty+0x40/0x1a0 [ 72.841463][ C1] __arm64_sys_chdir+0xb4/0x26c [ 72.842267][ C1] invoke_syscall+0x98/0x2b8 [ 72.842980][ C1] el0_svc_common+0x138/0x258 [ 72.843703][ C1] do_el0_svc+0x58/0x14c [ 72.844362][ C1] el0_svc+0x78/0x1e0 [ 72.844968][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 72.845670][ C1] el0t_64_sync+0x1a0/0x1a4 [ 72.846347][ C1] irq event stamp: 288 [ 72.846972][ C1] hardirqs last enabled at (287): [] ___slab_alloc+0xc34/0xda8 [ 72.848403][ C1] hardirqs last disabled at (288): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.849859][ C1] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 72.851228][ C1] softirqs last disabled at (12): [] local_bh_disable+0x10/0x34 [ 72.852527][ C1] ---[ end trace eb6d8fd83ed9e1fe ]--- [ 72.876985][ T5013] loop0: detected capacity change from 0 to 128 [ 72.918153][ T5013] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.923994][ T5013] Bad inode number on dev loop0: 2 is out of range [ 72.924996][ T5013] SysV FS: get root inode failed [ 72.925747][ T5013] oldfs: cannot read superblock [ 72.936206][ T5015] ------------[ cut here ]------------ [ 72.937089][ T5015] VFS: brelse: Trying to free free buffer [ 72.937992][ T5015] WARNING: CPU: 0 PID: 5015 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.939409][ T5015] Modules linked in: [ 72.940034][ T5015] CPU: 0 PID: 5015 Comm: syz.0.73 Tainted: G W syzkaller #0 [ 72.941310][ T5015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 72.942792][ T5015] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.943980][ T5015] pc : invalidate_bh_lru+0x128/0x234 [ 72.944755][ T5015] lr : invalidate_bh_lru+0x128/0x234 [ 72.945550][ T5015] sp : ffff80001fe977c0 [ 72.946146][ T5015] x29: ffff80001fe977c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 72.947297][ T5015] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 72.948457][ T5015] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7554e8 [ 72.949682][ T5015] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 72.950862][ T5015] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 72.952063][ T5015] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.953355][ T5015] x11: 0000000000000002 x10: 0000000000000000 x9 : 2d230252d387aa00 [ 72.954573][ T5015] x8 : 2d230252d387aa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.955720][ T5015] x5 : ffff80001fe970b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 72.956920][ T5015] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.958086][ T5015] Call trace: [ 72.958587][ T5015] invalidate_bh_lru+0x128/0x234 [ 72.959277][ T5015] smp_call_function_many_cond+0xa50/0xeb0 [ 72.960211][ T5015] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.960997][ T5015] invalidate_bh_lrus+0x34/0x40 [ 72.961763][ T5015] blkdev_flush_mapping+0x168/0x31c [ 72.962627][ T5015] blkdev_put+0x490/0x6ac [ 72.963299][ T5015] blkdev_close+0x74/0xb0 [ 72.964024][ T5015] __fput+0x1c0/0x7f8 [ 72.964722][ T5015] ____fput+0x20/0x30 [ 72.965381][ T5015] task_work_run+0x12c/0x1e0 [ 72.966140][ T5015] do_notify_resume+0x24b4/0x3128 [ 72.966978][ T5015] el0_svc+0xf0/0x1e0 [ 72.967653][ T5015] el0t_64_sync_handler+0xcc/0xe4 [ 72.968522][ T5015] el0t_64_sync+0x1a0/0x1a4 [ 72.969243][ T5015] irq event stamp: 720 [ 72.969912][ T5015] hardirqs last enabled at (719): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 72.971546][ T5015] hardirqs last disabled at (720): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.973138][ T5015] softirqs last enabled at (696): [] local_bh_enable+0x10/0x34 [ 72.974612][ T5015] softirqs last disabled at (694): [] local_bh_disable+0x10/0x34 [ 72.976039][ T5015] ---[ end trace eb6d8fd83ed9e1ff ]--- [ 73.018421][ T5017] loop0: detected capacity change from 0 to 128 [ 73.075307][ T5017] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.076511][ T5017] Bad inode number on dev loop0: 2 is out of range [ 73.077564][ T5017] SysV FS: get root inode failed [ 73.078479][ T5017] oldfs: cannot read superblock [ 73.085139][ C1] ------------[ cut here ]------------ [ 73.085956][ C1] VFS: brelse: Trying to free free buffer [ 73.086808][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.088141][ C1] Modules linked in: [ 73.088704][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.090082][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.091676][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.092914][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 73.093709][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 73.094545][ C1] sp : ffff800008017de0 [ 73.095131][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 73.096375][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 73.097623][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a155d0 [ 73.098909][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 73.100249][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.101605][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.102878][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 73.104031][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.105369][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.106726][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.108056][ C1] Call trace: [ 73.108562][ C1] invalidate_bh_lru+0x128/0x234 [ 73.109321][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.110201][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.111218][ C1] ipi_handler+0x10c/0x710 [ 73.111916][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 73.112742][ C1] handle_domain_irq+0x144/0x1fc [ 73.113476][ C1] gic_handle_irq+0x78/0x1c8 [ 73.114105][ C1] call_on_irq_stack+0x30/0x48 [ 73.114778][ C1] do_interrupt_handler+0x6c/0x88 [ 73.115470][ C1] el1_interrupt+0x30/0x58 [ 73.116120][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.116932][ C1] el1h_64_irq+0x78/0x7c [ 73.117628][ C1] seqcount_lockdep_reader_access+0x15c/0x230 [ 73.118454][ C1] bad_range+0xa0/0x2a0 [ 73.119035][ C1] get_page_from_freelist+0x2954/0x2aa8 [ 73.119841][ C1] __alloc_pages+0x1a0/0x470 [ 73.120482][ C1] alloc_pages+0x34c/0x5c0 [ 73.121153][ C1] __pmd_alloc+0x54/0x498 [ 73.121826][ C1] copy_page_range+0x1f74/0x22b8 [ 73.122670][ C1] copy_mm+0x9d4/0x1090 [ 73.123354][ C1] copy_process+0x14d8/0x34ac [ 73.124006][ C1] kernel_clone+0x1d8/0x9d4 [ 73.124724][ C1] __arm64_sys_clone+0x138/0x190 [ 73.125506][ C1] invoke_syscall+0x98/0x2b8 [ 73.126259][ C1] el0_svc_common+0x138/0x258 [ 73.127043][ C1] do_el0_svc+0x58/0x14c [ 73.127739][ C1] el0_svc+0x78/0x1e0 [ 73.128370][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.129189][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.129891][ C1] irq event stamp: 260356 [ 73.130588][ C1] hardirqs last enabled at (260355): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 73.132350][ C1] hardirqs last disabled at (260356): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.133871][ C1] softirqs last enabled at (259942): [] local_bh_enable+0x10/0x34 [ 73.135384][ C1] softirqs last disabled at (259940): [] local_bh_disable+0x10/0x34 [ 73.136879][ C1] ---[ end trace eb6d8fd83ed9e200 ]--- [ 73.158148][ T5019] loop0: detected capacity change from 0 to 128 [ 73.164923][ T5019] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.166011][ T5019] Bad inode number on dev loop0: 2 is out of range [ 73.166901][ T5019] SysV FS: get root inode failed [ 73.167628][ T5019] oldfs: cannot read superblock [ 73.171851][ T4880] ------------[ cut here ]------------ [ 73.172699][ T4880] VFS: brelse: Trying to free free buffer [ 73.173670][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.175078][ T4880] Modules linked in: [ 73.175706][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 73.176995][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.178571][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.179819][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 73.180672][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 73.181524][ T4880] sp : ffff80001fc377c0 [ 73.182198][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 73.183516][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 73.184771][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a15970 [ 73.186110][ T4880] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 73.187302][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.188513][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.189733][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 73.190920][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.192160][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.193494][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.194707][ T4880] Call trace: [ 73.195166][ T4880] invalidate_bh_lru+0x128/0x234 [ 73.195931][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 73.196787][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.197471][ T4880] invalidate_bh_lrus+0x34/0x40 [ 73.198117][ T4880] blkdev_flush_mapping+0x168/0x31c [ 73.198914][ T4880] blkdev_put+0x490/0x6ac [ 73.199590][ T4880] blkdev_close+0x74/0xb0 [ 73.200262][ T4880] __fput+0x1c0/0x7f8 [ 73.200864][ T4880] ____fput+0x20/0x30 [ 73.201467][ T4880] task_work_run+0x12c/0x1e0 [ 73.202193][ T4880] do_notify_resume+0x24b4/0x3128 [ 73.202993][ T4880] el0_svc+0xf0/0x1e0 [ 73.203714][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 73.204512][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 73.205243][ T4880] irq event stamp: 253406 [ 73.205911][ T4880] hardirqs last enabled at (253405): [] kasan_quarantine_put+0xc4/0x204 [ 73.207388][ T4880] hardirqs last disabled at (253406): [] smp_call_function_many_cond+0xa44/0xeb0 [ 73.209104][ T4880] softirqs last enabled at (253198): [] local_bh_enable+0x10/0x34 [ 73.210683][ T4880] softirqs last disabled at (253196): [] local_bh_disable+0x10/0x34 [ 73.212219][ T4880] ---[ end trace eb6d8fd83ed9e201 ]--- [ 73.246587][ T5021] loop0: detected capacity change from 0 to 128 [ 73.249092][ T5021] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.250243][ T5021] Bad inode number on dev loop0: 2 is out of range [ 73.251338][ T5021] SysV FS: get root inode failed [ 73.252158][ T5021] oldfs: cannot read superblock [ 73.255942][ C1] ------------[ cut here ]------------ [ 73.256812][ C1] VFS: brelse: Trying to free free buffer [ 73.257659][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.258849][ C1] Modules linked in: [ 73.259471][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.260813][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.262294][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.263353][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 73.264173][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 73.265007][ C1] sp : ffff800008017de0 [ 73.265667][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 73.266933][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 73.268194][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a15d10 [ 73.269475][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 73.270681][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.271804][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.272981][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 73.274152][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.275392][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.276646][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.277804][ C1] Call trace: [ 73.278255][ C1] invalidate_bh_lru+0x128/0x234 [ 73.278910][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.279780][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.280787][ C1] ipi_handler+0x10c/0x710 [ 73.281386][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 73.282219][ C1] handle_domain_irq+0x144/0x1fc [ 73.282946][ C1] gic_handle_irq+0x78/0x1c8 [ 73.283644][ C1] call_on_irq_stack+0x30/0x48 [ 73.284339][ C1] do_interrupt_handler+0x6c/0x88 [ 73.285089][ C1] el1_interrupt+0x30/0x58 [ 73.285796][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.286614][ C1] el1h_64_irq+0x78/0x7c [ 73.287301][ C1] legitimize_links+0x28/0x4e8 [ 73.288062][ C1] try_to_unlazy+0x8c/0x600 [ 73.288787][ C1] complete_walk+0xe4/0x308 [ 73.289468][ C1] path_openat+0x1a94/0x26e4 [ 73.290190][ C1] do_filp_open+0x164/0x330 [ 73.290850][ C1] do_sys_openat2+0x128/0x3d8 [ 73.291565][ C1] __arm64_sys_openat+0x120/0x154 [ 73.292323][ C1] invoke_syscall+0x98/0x2b8 [ 73.293101][ C1] el0_svc_common+0x138/0x258 [ 73.293898][ C1] do_el0_svc+0x58/0x14c [ 73.294562][ C1] el0_svc+0x78/0x1e0 [ 73.295164][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.295921][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.296671][ C1] irq event stamp: 263600 [ 73.297348][ C1] hardirqs last enabled at (263599): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 73.299119][ C1] hardirqs last disabled at (263600): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.300667][ C1] softirqs last enabled at (263584): [] local_bh_enable+0x10/0x34 [ 73.302157][ C1] softirqs last disabled at (263582): [] local_bh_disable+0x10/0x34 [ 73.303772][ C1] ---[ end trace eb6d8fd83ed9e202 ]--- [ 73.334680][ T5023] loop0: detected capacity change from 0 to 128 [ 73.336943][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.338169][ T5023] Bad inode number on dev loop0: 2 is out of range [ 73.339345][ T5023] SysV FS: get root inode failed [ 73.340067][ T5023] oldfs: cannot read superblock [ 73.348185][ C0] ------------[ cut here ]------------ [ 73.349059][ C0] VFS: brelse: Trying to free free buffer [ 73.350059][ C0] WARNING: CPU: 0 PID: 5025 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.351297][ C0] Modules linked in: [ 73.351867][ C0] CPU: 0 PID: 5025 Comm: syz.0.78 Tainted: G W syzkaller #0 [ 73.353106][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.354657][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.355809][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 73.356620][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 73.357385][ C0] sp : ffff800008007de0 [ 73.357922][ C0] x29: ffff800008007de0 x28: ffff0000e7c80000 x27: 1fffe0003421845c [ 73.359124][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 73.360418][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de755888 [ 73.361674][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 73.362836][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.363998][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.365240][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 663d9e51eb48ae00 [ 73.366492][ C0] x8 : 663d9e51eb48ae00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.367848][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.369134][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.370457][ C0] Call trace: [ 73.370977][ C0] invalidate_bh_lru+0x128/0x234 [ 73.371726][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 73.372602][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.373665][ C0] ipi_handler+0x10c/0x710 [ 73.374273][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 73.375014][ C0] handle_domain_irq+0x144/0x1fc [ 73.375761][ C0] gic_handle_irq+0x78/0x1c8 [ 73.376398][ C0] call_on_irq_stack+0x30/0x48 [ 73.377108][ C0] do_interrupt_handler+0x6c/0x88 [ 73.377916][ C0] el1_interrupt+0x30/0x58 [ 73.378619][ C0] el1h_64_irq_handler+0x18/0x24 [ 73.379380][ C0] el1h_64_irq+0x78/0x7c [ 73.380049][ C0] charge_memcg+0x198/0x220 [ 73.380726][ C0] __mem_cgroup_charge+0x38/0xb0 [ 73.381506][ C0] handle_mm_fault+0x193c/0x2950 [ 73.382316][ C0] do_page_fault+0x694/0xad4 [ 73.383076][ C0] do_translation_fault+0xe0/0x130 [ 73.383872][ C0] do_mem_abort+0x6c/0x1ac [ 73.384618][ C0] el0_da+0x90/0x1fc [ 73.385207][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 73.385960][ C0] el0t_64_sync+0x1a0/0x1a4 [ 73.386692][ C0] irq event stamp: 48 [ 73.387319][ C0] hardirqs last enabled at (47): [] charge_memcg+0x190/0x220 [ 73.388816][ C0] hardirqs last disabled at (48): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.390352][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 73.391838][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 73.393302][ C0] ---[ end trace eb6d8fd83ed9e203 ]--- [ 73.436675][ T5025] loop0: detected capacity change from 0 to 128 [ 73.534854][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.536042][ T5025] Bad inode number on dev loop0: 2 is out of range [ 73.537027][ T5025] SysV FS: get root inode failed [ 73.537850][ T5025] oldfs: cannot read superblock [ 73.547298][ C1] ------------[ cut here ]------------ [ 73.548284][ C1] VFS: brelse: Trying to free free buffer [ 73.549255][ C1] WARNING: CPU: 1 PID: 5026 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.550696][ C1] Modules linked in: [ 73.551283][ C1] CPU: 1 PID: 5026 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.552561][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.554086][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.555280][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 73.556001][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 73.556769][ C1] sp : ffff800008017180 [ 73.557386][ C1] x29: ffff800008017180 x28: ffff0000c7c98000 x27: 1fffe0003421c65c [ 73.558579][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 73.559745][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a16148 [ 73.560885][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010304 [ 73.562035][ C1] x17: 0000000000010304 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.563290][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.564564][ C1] x11: 0000000000010303 x10: 0000000000010303 x9 : 8ccd0f35c1f43a00 [ 73.565897][ C1] x8 : 8ccd0f35c1f43a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.567193][ C1] x5 : ffff800008016a78 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.568500][ C1] x2 : 0000000000000001 x1 : 0000000000010303 x0 : 0000000000000027 [ 73.569679][ C1] Call trace: [ 73.570196][ C1] invalidate_bh_lru+0x128/0x234 [ 73.570935][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.571804][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.572817][ C1] ipi_handler+0x10c/0x710 [ 73.573496][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 73.574305][ C1] handle_domain_irq+0x144/0x1fc [ 73.575041][ C1] gic_handle_irq+0x78/0x1c8 [ 73.575791][ C1] do_interrupt_handler+0x74/0x88 [ 73.576550][ C1] el1_interrupt+0x30/0x58 [ 73.577267][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.578038][ C1] el1h_64_irq+0x78/0x7c [ 73.578778][ C1] queue_work_on+0x110/0x17c [ 73.579543][ C1] ieee80211_queue_work+0xb4/0x138 [ 73.580409][ C1] ieee80211_rx_h_mgmt+0x3b8/0x55c [ 73.581257][ C1] ieee80211_rx_handlers+0x5790/0x6c38 [ 73.582188][ C1] ieee80211_prepare_and_rx_handle+0x1eac/0x43f4 [ 73.583133][ C1] ieee80211_rx_list+0x17cc/0x1e2c [ 73.583904][ C1] ieee80211_rx_napi+0x164/0x338 [ 73.584715][ C1] ieee80211_handle_queued_frames+0xe8/0x188 [ 73.585675][ C1] ieee80211_tasklet_handler+0x20/0x30 [ 73.586505][ C1] tasklet_action_common+0x340/0x3f4 [ 73.587370][ C1] tasklet_action+0x60/0x84 [ 73.588051][ C1] handle_softirqs+0x344/0xbf0 [ 73.588770][ C1] __irq_exit_rcu+0x240/0x440 [ 73.589498][ C1] irq_exit+0x14/0x88 [ 73.590167][ C1] handle_domain_irq+0x14c/0x1fc [ 73.590996][ C1] gic_handle_irq+0x78/0x1c8 [ 73.591676][ C1] call_on_irq_stack+0x30/0x48 [ 73.592432][ C1] do_interrupt_handler+0x6c/0x88 [ 73.593201][ C1] el1_interrupt+0x30/0x58 [ 73.593919][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.594697][ C1] el1h_64_irq+0x78/0x7c [ 73.595417][ C1] lock_page_memcg+0x120/0x234 [ 73.596216][ C1] page_add_file_rmap+0x148/0x8e4 [ 73.597043][ C1] do_set_pte+0x394/0x4e0 [ 73.597696][ C1] filemap_map_pages+0x9c4/0xc50 [ 73.598492][ C1] handle_mm_fault+0x19c0/0x2950 [ 73.599267][ C1] do_page_fault+0x694/0xad4 [ 73.600015][ C1] do_translation_fault+0xe0/0x130 [ 73.600814][ C1] do_mem_abort+0x6c/0x1ac [ 73.601490][ C1] el0_ia+0xe0/0x2d0 [ 73.602144][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 73.602907][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.603643][ C1] irq event stamp: 469 [ 73.604278][ C1] hardirqs last enabled at (468): [] queue_work_on+0xf0/0x17c [ 73.605889][ C1] hardirqs last disabled at (469): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.607494][ C1] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 73.608932][ C1] softirqs last disabled at (423): [] __irq_exit_rcu+0x240/0x440 [ 73.610409][ C1] ---[ end trace eb6d8fd83ed9e204 ]--- [ 73.646320][ T5027] loop0: detected capacity change from 0 to 128 [ 73.685126][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.686443][ T5027] Bad inode number on dev loop0: 2 is out of range [ 73.687428][ T5027] SysV FS: get root inode failed [ 73.688169][ T5027] oldfs: cannot read superblock [ 73.696608][ T4880] ------------[ cut here ]------------ [ 73.697472][ T4880] VFS: brelse: Trying to free free buffer [ 73.698346][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.699655][ T4880] Modules linked in: [ 73.700233][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 73.701542][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.703129][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.704431][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 73.705271][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 73.706099][ T4880] sp : ffff80001fc377c0 [ 73.706800][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 73.708172][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 73.709540][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de755c28 [ 73.710886][ T4880] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 73.712279][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.713591][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.714859][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 73.716192][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.717568][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.718786][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.720057][ T4880] Call trace: [ 73.720527][ T4880] invalidate_bh_lru+0x128/0x234 [ 73.721275][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 73.722108][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.722906][ T4880] invalidate_bh_lrus+0x34/0x40 [ 73.723620][ T4880] blkdev_flush_mapping+0x168/0x31c [ 73.724359][ T4880] blkdev_put+0x490/0x6ac [ 73.725006][ T4880] blkdev_close+0x74/0xb0 [ 73.725652][ T4880] __fput+0x1c0/0x7f8 [ 73.726230][ T4880] ____fput+0x20/0x30 [ 73.726852][ T4880] task_work_run+0x12c/0x1e0 [ 73.727615][ T4880] do_notify_resume+0x24b4/0x3128 [ 73.728369][ T4880] el0_svc+0xf0/0x1e0 [ 73.728959][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 73.729799][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 73.730462][ T4880] irq event stamp: 270490 [ 73.731125][ T4880] hardirqs last enabled at (270489): [] kasan_quarantine_put+0xc4/0x204 [ 73.732608][ T4880] hardirqs last disabled at (270490): [] smp_call_function_many_cond+0xa44/0xeb0 [ 73.734269][ T4880] softirqs last enabled at (270284): [] local_bh_enable+0x10/0x34 [ 73.735767][ T4880] softirqs last disabled at (270282): [] local_bh_disable+0x10/0x34 [ 73.737338][ T4880] ---[ end trace eb6d8fd83ed9e205 ]--- [ 73.785254][ T5029] loop0: detected capacity change from 0 to 128 [ 73.789477][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.791045][ T5029] Bad inode number on dev loop0: 2 is out of range [ 73.792064][ T5029] SysV FS: get root inode failed [ 73.792876][ T5029] oldfs: cannot read superblock [ 73.799856][ C0] ------------[ cut here ]------------ [ 73.800683][ C0] VFS: brelse: Trying to free free buffer [ 73.801558][ C0] WARNING: CPU: 0 PID: 5030 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.802957][ C0] Modules linked in: [ 73.803582][ C0] CPU: 0 PID: 5030 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.804976][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.806610][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.807935][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 73.808828][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 73.809692][ C0] sp : ffff800008007de0 [ 73.810378][ C0] x29: ffff800008007de0 x28: ffff0000c7e0b680 x27: 1fffe0003421845c [ 73.811636][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 73.812864][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c51a6060 [ 73.814090][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 73.815335][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.816566][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.817786][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : aa78257dad89b400 [ 73.818964][ C0] x8 : aa78257dad89b400 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.820199][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.821370][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 73.822630][ C0] Call trace: [ 73.823153][ C0] invalidate_bh_lru+0x128/0x234 [ 73.823974][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 73.824938][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.826084][ C0] ipi_handler+0x10c/0x710 [ 73.826784][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 73.827640][ C0] handle_domain_irq+0x144/0x1fc [ 73.828400][ C0] gic_handle_irq+0x78/0x1c8 [ 73.829136][ C0] call_on_irq_stack+0x30/0x48 [ 73.829852][ C0] do_interrupt_handler+0x6c/0x88 [ 73.830609][ C0] el1_interrupt+0x30/0x58 [ 73.831342][ C0] el1h_64_irq_handler+0x18/0x24 [ 73.832119][ C0] el1h_64_irq+0x78/0x7c [ 73.832837][ C0] account_kernel_stack+0x150/0x274 [ 73.833685][ C0] put_task_stack+0xa0/0x17c [ 73.834458][ C0] finish_task_switch+0x348/0x6b0 [ 73.835292][ C0] schedule_tail+0x20/0x150 [ 73.836028][ C0] ret_from_fork+0x4/0x20 [ 73.836722][ C0] irq event stamp: 10 [ 73.837294][ C0] hardirqs last enabled at (9): [] account_kernel_stack+0x130/0x274 [ 73.838693][ C0] hardirqs last disabled at (10): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.840241][ C0] softirqs last enabled at (0): [] copy_process+0x111c/0x34ac [ 73.841701][ C0] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.842795][ C0] ---[ end trace eb6d8fd83ed9e206 ]--- [ 73.876793][ T5031] loop0: detected capacity change from 0 to 128 [ 73.925028][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.926170][ T5031] Bad inode number on dev loop0: 2 is out of range [ 73.927255][ T5031] SysV FS: get root inode failed [ 73.928034][ T5031] oldfs: cannot read superblock [ 73.935952][ C1] ------------[ cut here ]------------ [ 73.936868][ C1] VFS: brelse: Trying to free free buffer [ 73.937825][ C1] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.939061][ C1] Modules linked in: [ 73.939647][ C1] CPU: 1 PID: 5032 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.940919][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 73.942476][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.943552][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 73.944314][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 73.945113][ C1] sp : ffff800008017de0 [ 73.945730][ C1] x29: ffff800008017de0 x28: ffff0000dbd7d1c0 x27: 1fffe0003421c65c [ 73.947037][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 73.948312][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a164e8 [ 73.949637][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 73.950860][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 73.952150][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.953431][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 726744cda57e7700 [ 73.954815][ C1] x8 : 726744cda57e7700 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.956110][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 73.957461][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.958723][ C1] Call trace: [ 73.959283][ C1] invalidate_bh_lru+0x128/0x234 [ 73.960086][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.961061][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.962065][ C1] ipi_handler+0x10c/0x710 [ 73.962795][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 73.963711][ C1] handle_domain_irq+0x144/0x1fc [ 73.964546][ C1] gic_handle_irq+0x78/0x1c8 [ 73.965313][ C1] call_on_irq_stack+0x30/0x48 [ 73.966046][ C1] do_interrupt_handler+0x6c/0x88 [ 73.966869][ C1] el1_interrupt+0x30/0x58 [ 73.967609][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.968346][ C1] el1h_64_irq+0x78/0x7c [ 73.968951][ C1] stack_depot_save+0x6c/0x49c [ 73.969655][ C1] __kasan_slab_alloc+0xa8/0xcc [ 73.970494][ C1] slab_post_alloc_hook+0x74/0x408 [ 73.971284][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 73.972123][ C1] shmem_alloc_inode+0x20/0x38 [ 73.972937][ C1] new_inode_pseudo+0x68/0x1fc [ 73.973711][ C1] new_inode+0x38/0x174 [ 73.974374][ C1] shmem_get_inode+0x2d8/0x96c [ 73.975115][ C1] shmem_symlink+0xa4/0x4a0 [ 73.975834][ C1] vfs_symlink+0x238/0x3b0 [ 73.976552][ C1] do_symlinkat+0x184/0x5a8 [ 73.977316][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 73.978221][ C1] invoke_syscall+0x98/0x2b8 [ 73.979111][ C1] el0_svc_common+0x138/0x258 [ 73.979962][ C1] do_el0_svc+0x58/0x14c [ 73.980669][ C1] el0_svc+0x78/0x1e0 [ 73.981337][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.982164][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.982895][ C1] irq event stamp: 674 [ 73.983583][ C1] hardirqs last enabled at (673): [] kasan_quarantine_put+0xc4/0x204 [ 73.985258][ C1] hardirqs last disabled at (674): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.986936][ C1] softirqs last enabled at (478): [] local_bh_enable+0x10/0x34 [ 73.988427][ C1] softirqs last disabled at (476): [] local_bh_disable+0x10/0x34 [ 73.989808][ C1] ---[ end trace eb6d8fd83ed9e207 ]--- [ 74.016024][ T5033] loop0: detected capacity change from 0 to 128 [ 74.018712][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.019958][ T5033] Bad inode number on dev loop0: 2 is out of range [ 74.021014][ T5033] SysV FS: get root inode failed [ 74.021783][ T5033] oldfs: cannot read superblock [ 74.030219][ C0] ------------[ cut here ]------------ [ 74.031161][ C0] VFS: brelse: Trying to free free buffer [ 74.032106][ C0] WARNING: CPU: 0 PID: 5034 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.033359][ C0] Modules linked in: [ 74.033917][ C0] CPU: 0 PID: 5034 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.035279][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.036781][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.038034][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 74.038878][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 74.039710][ C0] sp : ffff800008007de0 [ 74.040330][ C0] x29: ffff800008007de0 x28: ffff0000cbb5b680 x27: 1fffe0003421845c [ 74.041573][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 74.042788][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c51a6400 [ 74.044057][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 74.045460][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.046837][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.048254][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 66038980d8feff00 [ 74.049531][ C0] x8 : 66038980d8feff00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.050784][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.052149][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.053474][ C0] Call trace: [ 74.054013][ C0] invalidate_bh_lru+0x128/0x234 [ 74.054775][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.055737][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.056845][ C0] ipi_handler+0x10c/0x710 [ 74.057587][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 74.058396][ C0] handle_domain_irq+0x144/0x1fc [ 74.059228][ C0] gic_handle_irq+0x78/0x1c8 [ 74.059986][ C0] call_on_irq_stack+0x30/0x48 [ 74.060737][ C0] do_interrupt_handler+0x6c/0x88 [ 74.061559][ C0] el1_interrupt+0x30/0x58 [ 74.062215][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.063015][ C0] el1h_64_irq+0x78/0x7c [ 74.063661][ C0] read_seqbegin+0x21c/0x304 [ 74.064327][ C0] d_lookup+0x28/0x80 [ 74.064889][ C0] lookup_one_qstr_excl+0x3c/0x230 [ 74.065694][ C0] filename_create+0x1cc/0x39c [ 74.066398][ C0] do_symlinkat+0xc4/0x5a8 [ 74.067097][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 74.067931][ C0] invoke_syscall+0x98/0x2b8 [ 74.068649][ C0] el0_svc_common+0x138/0x258 [ 74.069365][ C0] do_el0_svc+0x58/0x14c [ 74.070009][ C0] el0_svc+0x78/0x1e0 [ 74.070661][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.071472][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.072168][ C0] irq event stamp: 810 [ 74.072804][ C0] hardirqs last enabled at (809): [] read_seqbegin+0x1fc/0x304 [ 74.074263][ C0] hardirqs last disabled at (810): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.075716][ C0] softirqs last enabled at (466): [] local_bh_enable+0x10/0x34 [ 74.077220][ C0] softirqs last disabled at (464): [] local_bh_disable+0x10/0x34 [ 74.078693][ C0] ---[ end trace eb6d8fd83ed9e208 ]--- [ 74.107173][ T5035] loop0: detected capacity change from 0 to 128 [ 74.109869][ T5035] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.110918][ T5035] Bad inode number on dev loop0: 2 is out of range [ 74.111953][ T5035] SysV FS: get root inode failed [ 74.112856][ T5035] oldfs: cannot read superblock [ 74.121440][ C0] ------------[ cut here ]------------ [ 74.122357][ C0] VFS: brelse: Trying to free free buffer [ 74.123247][ C0] WARNING: CPU: 0 PID: 5036 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.124627][ C0] Modules linked in: [ 74.125248][ C0] CPU: 0 PID: 5036 Comm: syz.0.84 Tainted: G W syzkaller #0 [ 74.126625][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.128220][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.129379][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 74.130172][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 74.131014][ C0] sp : ffff800008007de0 [ 74.131631][ C0] x29: ffff800008007de0 x28: ffff0000c80db680 x27: 1fffe0003421845c [ 74.132984][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 74.134129][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c51a67a0 [ 74.135332][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 74.136613][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.137880][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.139340][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 91ea84950754e600 [ 74.140593][ C0] x8 : 91ea84950754e600 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.141807][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.143165][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 74.144510][ C0] Call trace: [ 74.145034][ C0] invalidate_bh_lru+0x128/0x234 [ 74.145838][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.146771][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.147903][ C0] ipi_handler+0x10c/0x710 [ 74.148652][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 74.149553][ C0] handle_domain_irq+0x144/0x1fc [ 74.150401][ C0] gic_handle_irq+0x78/0x1c8 [ 74.151175][ C0] call_on_irq_stack+0x30/0x48 [ 74.151910][ C0] do_interrupt_handler+0x6c/0x88 [ 74.152748][ C0] el1_interrupt+0x30/0x58 [ 74.153453][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.154265][ C0] el1h_64_irq+0x78/0x7c [ 74.154951][ C0] next_uptodate_page+0xe8/0x734 [ 74.155781][ C0] filemap_map_pages+0x968/0xc50 [ 74.156599][ C0] handle_mm_fault+0x19c0/0x2950 [ 74.157336][ C0] do_page_fault+0x694/0xad4 [ 74.158017][ C0] do_translation_fault+0xe0/0x130 [ 74.158778][ C0] do_mem_abort+0x6c/0x1ac [ 74.159473][ C0] el0_da+0x90/0x1fc [ 74.160121][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 74.160903][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.161658][ C0] irq event stamp: 918 [ 74.162276][ C0] hardirqs last enabled at (917): [] lock_page_memcg+0x110/0x234 [ 74.163860][ C0] hardirqs last disabled at (918): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.165489][ C0] softirqs last enabled at (468): [] local_bh_enable+0x10/0x34 [ 74.167049][ C0] softirqs last disabled at (466): [] local_bh_disable+0x10/0x34 [ 74.168554][ C0] ---[ end trace eb6d8fd83ed9e209 ]--- [ 74.205831][ T5037] loop0: detected capacity change from 0 to 128 [ 74.214682][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.215890][ T5037] Bad inode number on dev loop0: 2 is out of range [ 74.216987][ T5037] SysV FS: get root inode failed [ 74.217817][ T5037] oldfs: cannot read superblock [ 74.225323][ C1] ------------[ cut here ]------------ [ 74.226276][ C1] VFS: brelse: Trying to free free buffer [ 74.227229][ C1] WARNING: CPU: 1 PID: 5038 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.228691][ C1] Modules linked in: [ 74.229274][ C1] CPU: 1 PID: 5038 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.230571][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.232084][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.233321][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 74.234184][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 74.235059][ C1] sp : ffff800008017de0 [ 74.235685][ C1] x29: ffff800008017de0 x28: ffff0000dbd79b40 x27: 1fffe0003421c65c [ 74.236953][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 74.238288][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2a16888 [ 74.239656][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 74.240922][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.242100][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.243408][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 2e3d6028dc7cd000 [ 74.244743][ C1] x8 : 2e3d6028dc7cd000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.246112][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.247393][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.248738][ C1] Call trace: [ 74.249279][ C1] invalidate_bh_lru+0x128/0x234 [ 74.250025][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.250966][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.252049][ C1] ipi_handler+0x10c/0x710 [ 74.252753][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 74.253653][ C1] handle_domain_irq+0x144/0x1fc [ 74.254442][ C1] gic_handle_irq+0x78/0x1c8 [ 74.255184][ C1] call_on_irq_stack+0x30/0x48 [ 74.255939][ C1] do_interrupt_handler+0x6c/0x88 [ 74.256787][ C1] el1_interrupt+0x30/0x58 [ 74.257475][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.258161][ C1] el1h_64_irq+0x78/0x7c [ 74.258848][ C1] next_uptodate_page+0x4ec/0x734 [ 74.259663][ C1] filemap_map_pages+0x1cc/0xc50 [ 74.260478][ C1] handle_mm_fault+0x19c0/0x2950 [ 74.261215][ C1] do_page_fault+0x694/0xad4 [ 74.262012][ C1] do_translation_fault+0xe0/0x130 [ 74.262775][ C1] do_mem_abort+0x6c/0x1ac [ 74.263467][ C1] el0_ia+0xe0/0x2d0 [ 74.264081][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 74.264829][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.265474][ C1] irq event stamp: 66 [ 74.266080][ C1] hardirqs last enabled at (65): [] pte_alloc_one+0x194/0x258 [ 74.267396][ C1] hardirqs last disabled at (66): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.268900][ C1] softirqs last enabled at (50): [] local_bh_enable+0x10/0x34 [ 74.270351][ C1] softirqs last disabled at (48): [] local_bh_disable+0x10/0x34 [ 74.271818][ C1] ---[ end trace eb6d8fd83ed9e20a ]--- [ 74.306728][ T5039] loop0: detected capacity change from 0 to 128 [ 74.309378][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.310495][ T5039] Bad inode number on dev loop0: 2 is out of range [ 74.311390][ T5039] SysV FS: get root inode failed [ 74.312163][ T5039] oldfs: cannot read superblock [ 74.316356][ C0] ------------[ cut here ]------------ [ 74.317272][ C0] VFS: brelse: Trying to free free buffer [ 74.318241][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.319592][ C0] Modules linked in: [ 74.320129][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.321292][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.322651][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.323962][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 74.324850][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 74.325728][ C0] sp : ffff800008007de0 [ 74.326379][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 74.327762][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 74.329095][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c51a6b40 [ 74.330449][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 74.331777][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.333112][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.334389][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 74.335697][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.337028][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.338259][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.339664][ C0] Call trace: [ 74.340256][ C0] invalidate_bh_lru+0x128/0x234 [ 74.341061][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.342060][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.343173][ C0] ipi_handler+0x10c/0x710 [ 74.343885][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 74.344792][ C0] handle_domain_irq+0x144/0x1fc [ 74.345632][ C0] gic_handle_irq+0x78/0x1c8 [ 74.346349][ C0] call_on_irq_stack+0x30/0x48 [ 74.347126][ C0] do_interrupt_handler+0x6c/0x88 [ 74.347910][ C0] el1_interrupt+0x30/0x58 [ 74.348602][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.349386][ C0] el1h_64_irq+0x78/0x7c [ 74.350053][ C0] call_rcu+0x580/0x8fc [ 74.350725][ C0] security_inode_free+0xbc/0xd8 [ 74.351560][ C0] __destroy_inode+0x2f0/0x80c [ 74.352348][ C0] evict+0x6b0/0x810 [ 74.352959][ C0] iput+0x6c4/0x77c [ 74.353525][ C0] do_unlinkat+0x360/0x600 [ 74.354242][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 74.355054][ C0] invoke_syscall+0x98/0x2b8 [ 74.355811][ C0] el0_svc_common+0x138/0x258 [ 74.356585][ C0] do_el0_svc+0x58/0x14c [ 74.357276][ C0] el0_svc+0x78/0x1e0 [ 74.357892][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.358699][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.359436][ C0] irq event stamp: 284582 [ 74.360142][ C0] hardirqs last enabled at (284581): [] call_rcu+0x570/0x8fc [ 74.361580][ C0] hardirqs last disabled at (284582): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.363290][ C0] softirqs last enabled at (284110): [] local_bh_enable+0x10/0x34 [ 74.364736][ C0] softirqs last disabled at (284108): [] local_bh_disable+0x10/0x34 [ 74.366194][ C0] ---[ end trace eb6d8fd83ed9e20b ]--- [ 74.441909][ T5041] loop0: detected capacity change from 0 to 128 [ 74.444485][ T5041] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.445688][ T5041] Bad inode number on dev loop0: 2 is out of range [ 74.446697][ T5041] SysV FS: get root inode failed [ 74.447520][ T5041] oldfs: cannot read superblock [ 74.453105][ C1] ------------[ cut here ]------------ [ 74.453940][ C1] VFS: brelse: Trying to free free buffer [ 74.454944][ C1] WARNING: CPU: 1 PID: 5042 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.456359][ C1] Modules linked in: [ 74.456974][ C1] CPU: 1 PID: 5042 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.458260][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.459811][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.461071][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 74.461952][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 74.462825][ C1] sp : ffff800008017de0 [ 74.463497][ C1] x29: ffff800008017de0 x28: ffff0000cfa8d1c0 x27: 1fffe0003421c65c [ 74.464630][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 74.465829][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2842970 [ 74.466970][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 74.468204][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.469491][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.470790][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b4e93f2e44b54500 [ 74.472097][ C1] x8 : b4e93f2e44b54500 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.473371][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.474727][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 74.475976][ C1] Call trace: [ 74.476475][ C1] invalidate_bh_lru+0x128/0x234 [ 74.477302][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.478333][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.479443][ C1] ipi_handler+0x10c/0x710 [ 74.480159][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 74.481052][ C1] handle_domain_irq+0x144/0x1fc [ 74.481787][ C1] gic_handle_irq+0x78/0x1c8 [ 74.482528][ C1] call_on_irq_stack+0x30/0x48 [ 74.483290][ C1] do_interrupt_handler+0x6c/0x88 [ 74.484086][ C1] el1_interrupt+0x30/0x58 [ 74.484826][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.485644][ C1] el1h_64_irq+0x78/0x7c [ 74.486396][ C1] lock_page_memcg+0x120/0x234 [ 74.487173][ C1] page_add_file_rmap+0x148/0x8e4 [ 74.487958][ C1] do_set_pte+0x394/0x4e0 [ 74.488632][ C1] filemap_map_pages+0x9c4/0xc50 [ 74.489356][ C1] handle_mm_fault+0x19c0/0x2950 [ 74.490121][ C1] do_page_fault+0x694/0xad4 [ 74.490888][ C1] do_translation_fault+0xe0/0x130 [ 74.491673][ C1] do_mem_abort+0x6c/0x1ac [ 74.492393][ C1] el0_ia+0xe0/0x2d0 [ 74.493014][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 74.493853][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.494566][ C1] irq event stamp: 290 [ 74.495203][ C1] hardirqs last enabled at (289): [] lock_page_memcg+0x110/0x234 [ 74.496590][ C1] hardirqs last disabled at (290): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.498049][ C1] softirqs last enabled at (50): [] local_bh_enable+0x10/0x34 [ 74.499521][ C1] softirqs last disabled at (48): [] local_bh_disable+0x10/0x34 [ 74.500988][ C1] ---[ end trace eb6d8fd83ed9e20c ]--- [ 74.556474][ T5043] loop0: detected capacity change from 0 to 128 [ 74.598899][ T5043] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.600134][ T5043] Bad inode number on dev loop0: 2 is out of range [ 74.601178][ T5043] SysV FS: get root inode failed [ 74.601904][ T5043] oldfs: cannot read superblock [ 74.602743][ T5043] ------------[ cut here ]------------ [ 74.603575][ T5043] VFS: brelse: Trying to free free buffer [ 74.604545][ T5043] WARNING: CPU: 1 PID: 5043 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.605968][ T5043] Modules linked in: [ 74.606565][ T5043] CPU: 1 PID: 5043 Comm: syz.0.87 Tainted: G W syzkaller #0 [ 74.607806][ T5043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.609203][ T5043] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.610309][ T5043] pc : invalidate_bh_lru+0x128/0x234 [ 74.611086][ T5043] lr : invalidate_bh_lru+0x128/0x234 [ 74.611840][ T5043] sp : ffff80001fe676e0 [ 74.612488][ T5043] x29: ffff80001fe676e0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 74.613734][ T5043] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 74.615044][ T5043] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2842888 [ 74.616341][ T5043] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 74.617670][ T5043] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.618900][ T5043] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.620156][ T5043] x11: 0000000000000002 x10: 0000000000000000 x9 : 4b220726e96ef800 [ 74.621407][ T5043] x8 : 4b220726e96ef800 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.622587][ T5043] x5 : ffff80001fe66fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.623986][ T5043] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.625349][ T5043] Call trace: [ 74.625930][ T5043] invalidate_bh_lru+0x128/0x234 [ 74.626713][ T5043] smp_call_function_many_cond+0xa50/0xeb0 [ 74.627639][ T5043] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.628408][ T5043] invalidate_bh_lrus+0x34/0x40 [ 74.629225][ T5043] blkdev_flush_mapping+0x168/0x31c [ 74.630083][ T5043] blkdev_put+0x490/0x6ac [ 74.630708][ T5043] kill_block_super+0x98/0xdc [ 74.631408][ T5043] deactivate_locked_super+0xb8/0x13c [ 74.632256][ T5043] mount_bdev+0x284/0x358 [ 74.633046][ T5043] sysv_mount+0x44/0x58 [ 74.633740][ T5043] legacy_get_tree+0xd4/0x16c [ 74.634561][ T5043] vfs_get_tree+0x90/0x274 [ 74.635277][ T5043] do_new_mount+0x228/0x810 [ 74.635968][ T5043] path_mount+0x5b4/0x1000 [ 74.636695][ T5043] __arm64_sys_mount+0x514/0x5e4 [ 74.637473][ T5043] invoke_syscall+0x98/0x2b8 [ 74.638241][ T5043] el0_svc_common+0x138/0x258 [ 74.638972][ T5043] do_el0_svc+0x58/0x14c [ 74.639682][ T5043] el0_svc+0x78/0x1e0 [ 74.640359][ T5043] el0t_64_sync_handler+0xcc/0xe4 [ 74.641157][ T5043] el0t_64_sync+0x1a0/0x1a4 [ 74.641911][ T5043] irq event stamp: 954 [ 74.642554][ T5043] hardirqs last enabled at (953): [] kasan_quarantine_put+0xc4/0x204 [ 74.644136][ T5043] hardirqs last disabled at (954): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.645762][ T5043] softirqs last enabled at (774): [] local_bh_enable+0x10/0x34 [ 74.647347][ T5043] softirqs last disabled at (772): [] local_bh_disable+0x10/0x34 [ 74.648906][ T5043] ---[ end trace eb6d8fd83ed9e20d ]--- [ 74.743489][ T5045] loop0: detected capacity change from 0 to 128 [ 74.750366][ T5045] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.751482][ T5045] Bad inode number on dev loop0: 2 is out of range [ 74.752422][ T5045] SysV FS: get root inode failed [ 74.753204][ T5045] oldfs: cannot read superblock [ 74.757472][ C1] ------------[ cut here ]------------ [ 74.758281][ C1] VFS: brelse: Trying to free free buffer [ 74.759079][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.760363][ C1] Modules linked in: [ 74.760980][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.762440][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.764089][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.765300][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 74.766119][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 74.766941][ C1] sp : ffff800008017de0 [ 74.767546][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 74.768675][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 74.769964][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de581b40 [ 74.771208][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 74.772406][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.773743][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.775115][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 74.776422][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.777767][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.779028][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 74.780290][ C1] Call trace: [ 74.780790][ C1] invalidate_bh_lru+0x128/0x234 [ 74.781537][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.782448][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.783562][ C1] ipi_handler+0x10c/0x710 [ 74.784287][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 74.785185][ C1] handle_domain_irq+0x144/0x1fc [ 74.785876][ C1] gic_handle_irq+0x78/0x1c8 [ 74.786540][ C1] call_on_irq_stack+0x30/0x48 [ 74.787238][ C1] do_interrupt_handler+0x6c/0x88 [ 74.787912][ C1] el1_interrupt+0x30/0x58 [ 74.788529][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.789270][ C1] el1h_64_irq+0x78/0x7c [ 74.789865][ C1] ___slab_alloc+0xc44/0xda8 [ 74.790562][ C1] __slab_alloc+0x68/0xc0 [ 74.791231][ C1] __kmalloc+0x2ec/0x44c [ 74.791885][ C1] tomoyo_realpath_from_path+0xcc/0x510 [ 74.792686][ C1] tomoyo_path_perm+0x1b4/0x440 [ 74.793452][ C1] tomoyo_path_unlink+0xa4/0xe8 [ 74.794181][ C1] security_path_unlink+0xe4/0x134 [ 74.794963][ C1] do_unlinkat+0x280/0x600 [ 74.795647][ C1] __arm64_sys_unlinkat+0xe0/0xfc [ 74.796455][ C1] invoke_syscall+0x98/0x2b8 [ 74.797202][ C1] el0_svc_common+0x138/0x258 [ 74.797935][ C1] do_el0_svc+0x58/0x14c [ 74.798631][ C1] el0_svc+0x78/0x1e0 [ 74.799274][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.800013][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.800697][ C1] irq event stamp: 292032 [ 74.801399][ C1] hardirqs last enabled at (292031): [] ___slab_alloc+0xc34/0xda8 [ 74.802839][ C1] hardirqs last disabled at (292032): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.804458][ C1] softirqs last enabled at (291004): [] local_bh_enable+0x10/0x34 [ 74.806041][ C1] softirqs last disabled at (291002): [] local_bh_disable+0x10/0x34 [ 74.807612][ C1] ---[ end trace eb6d8fd83ed9e20e ]--- [ 74.869887][ T5047] loop0: detected capacity change from 0 to 128 [ 74.873184][ T5047] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.874398][ T5047] Bad inode number on dev loop0: 2 is out of range [ 74.875347][ T5047] SysV FS: get root inode failed [ 74.876201][ T5047] oldfs: cannot read superblock [ 74.893085][ T4880] ------------[ cut here ]------------ [ 74.894017][ T4880] VFS: brelse: Trying to free free buffer [ 74.894971][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.896195][ T4880] Modules linked in: [ 74.896756][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 74.898023][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.899523][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.900764][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 74.901541][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 74.902471][ T4880] sp : ffff80001fc377c0 [ 74.903158][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 74.904465][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 74.905713][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c51a6ee0 [ 74.907014][ T4880] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 74.908271][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.909497][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.910787][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 74.912110][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.913467][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.914872][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.916238][ T4880] Call trace: [ 74.916760][ T4880] invalidate_bh_lru+0x128/0x234 [ 74.917626][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 74.918583][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.919375][ T4880] invalidate_bh_lrus+0x34/0x40 [ 74.920201][ T4880] blkdev_flush_mapping+0x168/0x31c [ 74.921052][ T4880] blkdev_put+0x490/0x6ac [ 74.921731][ T4880] blkdev_close+0x74/0xb0 [ 74.922384][ T4880] __fput+0x1c0/0x7f8 [ 74.923058][ T4880] ____fput+0x20/0x30 [ 74.923758][ T4880] task_work_run+0x12c/0x1e0 [ 74.924512][ T4880] do_notify_resume+0x24b4/0x3128 [ 74.925312][ T4880] el0_svc+0xf0/0x1e0 [ 74.925900][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 74.926686][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 74.927391][ T4880] irq event stamp: 318046 [ 74.928067][ T4880] hardirqs last enabled at (318045): [] kasan_quarantine_put+0xc4/0x204 [ 74.929685][ T4880] hardirqs last disabled at (318046): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.931368][ T4880] softirqs last enabled at (317318): [] local_bh_enable+0x10/0x34 [ 74.932777][ T4880] softirqs last disabled at (317316): [] local_bh_disable+0x10/0x34 [ 74.934347][ T4880] ---[ end trace eb6d8fd83ed9e20f ]--- [ 74.966798][ T5051] loop0: detected capacity change from 0 to 128 [ 74.969036][ T5051] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.970147][ T5051] Bad inode number on dev loop0: 2 is out of range [ 74.971060][ T5051] SysV FS: get root inode failed [ 74.971749][ T5051] oldfs: cannot read superblock [ 74.976035][ C0] ------------[ cut here ]------------ [ 74.976773][ C0] VFS: brelse: Trying to free free buffer [ 74.977635][ C0] WARNING: CPU: 0 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.978844][ C0] Modules linked in: [ 74.979437][ C0] CPU: 0 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.980750][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 74.982366][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.983642][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 74.984420][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 74.985235][ C0] sp : ffff800008007de0 [ 74.985962][ C0] x29: ffff800008007de0 x28: ffff0000c1fa8000 x27: 1fffe0003421845c [ 74.987228][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 74.988389][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de752318 [ 74.989531][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 74.990622][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 74.991747][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.993002][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 74.994255][ C0] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.995589][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 74.996869][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.998168][ C0] Call trace: [ 74.998714][ C0] invalidate_bh_lru+0x128/0x234 [ 74.999501][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.000474][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.001622][ C0] ipi_handler+0x10c/0x710 [ 75.002364][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 75.003312][ C0] handle_domain_irq+0x144/0x1fc [ 75.004095][ C0] gic_handle_irq+0x78/0x1c8 [ 75.004790][ C0] call_on_irq_stack+0x30/0x48 [ 75.005518][ C0] do_interrupt_handler+0x6c/0x88 [ 75.006293][ C0] el1_interrupt+0x30/0x58 [ 75.006992][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.007792][ C0] el1h_64_irq+0x78/0x7c [ 75.008432][ C0] el0_svc_common+0xa8/0x258 [ 75.009157][ C0] do_el0_svc+0x58/0x14c [ 75.009759][ C0] el0_svc+0x78/0x1e0 [ 75.010329][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 75.011074][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.011740][ C0] irq event stamp: 297812 [ 75.012410][ C0] hardirqs last enabled at (297811): [] el0_svc_common+0x9c/0x258 [ 75.013833][ C0] hardirqs last disabled at (297812): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.015355][ C0] softirqs last enabled at (297478): [] local_bh_enable+0x10/0x34 [ 75.016882][ C0] softirqs last disabled at (297476): [] local_bh_disable+0x10/0x34 [ 75.018302][ C0] ---[ end trace eb6d8fd83ed9e210 ]--- [ 75.070353][ T5053] loop0: detected capacity change from 0 to 128 [ 75.073127][ T5053] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.077540][ T5053] Bad inode number on dev loop0: 2 is out of range [ 75.078559][ T5053] SysV FS: get root inode failed [ 75.079281][ T5053] oldfs: cannot read superblock [ 75.087287][ T4880] ------------[ cut here ]------------ [ 75.088194][ T4880] VFS: brelse: Trying to free free buffer [ 75.089162][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.090412][ T4880] Modules linked in: [ 75.091031][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 75.092357][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.093784][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.094971][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 75.095747][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 75.096571][ T4880] sp : ffff80001fc377c0 [ 75.097234][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65b [ 75.098533][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000000 [ 75.099860][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de581ee0 [ 75.101190][ T4880] x20: ffff0001a10e32d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 75.102396][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.103671][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.104948][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 75.106220][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.107544][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.108831][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.110119][ T4880] Call trace: [ 75.110649][ T4880] invalidate_bh_lru+0x128/0x234 [ 75.111448][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 75.112299][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.113032][ T4880] invalidate_bh_lrus+0x34/0x40 [ 75.113764][ T4880] blkdev_flush_mapping+0x168/0x31c [ 75.114575][ T4880] blkdev_put+0x490/0x6ac [ 75.115290][ T4880] blkdev_close+0x74/0xb0 [ 75.115937][ T4880] __fput+0x1c0/0x7f8 [ 75.116551][ T4880] ____fput+0x20/0x30 [ 75.117230][ T4880] task_work_run+0x12c/0x1e0 [ 75.117986][ T4880] do_notify_resume+0x24b4/0x3128 [ 75.118767][ T4880] el0_svc+0xf0/0x1e0 [ 75.119337][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 75.120141][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 75.120951][ T4880] irq event stamp: 326456 [ 75.121580][ T4880] hardirqs last enabled at (326455): [] kasan_quarantine_put+0xc4/0x204 [ 75.123259][ T4880] hardirqs last disabled at (326456): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.124864][ T4880] softirqs last enabled at (326252): [] local_bh_enable+0x10/0x34 [ 75.126409][ T4880] softirqs last disabled at (326250): [] local_bh_disable+0x10/0x34 [ 75.127894][ T4880] ---[ end trace eb6d8fd83ed9e211 ]--- [ 75.156591][ T5055] loop0: detected capacity change from 0 to 128 [ 75.158709][ T5055] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.159812][ T5055] Bad inode number on dev loop0: 2 is out of range [ 75.160883][ T5055] SysV FS: get root inode failed [ 75.161686][ T5055] oldfs: cannot read superblock [ 75.167002][ C1] ------------[ cut here ]------------ [ 75.167767][ C1] VFS: brelse: Trying to free free buffer [ 75.168562][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.169821][ C1] Modules linked in: [ 75.170365][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.171878][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.173573][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.174830][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.175690][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.176611][ C1] sp : ffff800008017de0 [ 75.177308][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 75.178530][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 75.179715][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2af56b8 [ 75.181029][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 75.182394][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.183725][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.185057][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 75.186273][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.187473][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.188663][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.189808][ C1] Call trace: [ 75.190291][ C1] invalidate_bh_lru+0x128/0x234 [ 75.191026][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.191934][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.192920][ C1] ipi_handler+0x10c/0x710 [ 75.193545][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.194356][ C1] handle_domain_irq+0x144/0x1fc [ 75.194996][ C1] gic_handle_irq+0x78/0x1c8 [ 75.195619][ C1] call_on_irq_stack+0x30/0x48 [ 75.196273][ C1] do_interrupt_handler+0x6c/0x88 [ 75.196958][ C1] el0_interrupt+0x94/0x260 [ 75.197642][ C1] __el0_irq_handler_common+0x18/0x24 [ 75.198377][ C1] el0t_64_irq_handler+0x10/0x1c [ 75.199067][ C1] el0t_64_irq+0x1a0/0x1a4 [ 75.199669][ C1] irq event stamp: 303370 [ 75.200281][ C1] hardirqs last enabled at (303369): [] el0t_64_sync_handler+0xcc/0xe4 [ 75.201653][ C1] hardirqs last disabled at (303370): [] __el0_irq_handler_common+0x18/0x24 [ 75.203365][ C1] softirqs last enabled at (303256): [] release_sock+0x1d0/0x258 [ 75.204756][ C1] softirqs last disabled at (303254): [] release_sock+0x34/0x258 [ 75.206248][ C1] ---[ end trace eb6d8fd83ed9e212 ]--- [ 75.246379][ T5057] loop0: detected capacity change from 0 to 128 [ 75.315664][ T5057] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.316885][ T5057] Bad inode number on dev loop0: 2 is out of range [ 75.317825][ T5057] SysV FS: get root inode failed [ 75.318573][ T5057] oldfs: cannot read superblock [ 75.327294][ C0] ------------[ cut here ]------------ [ 75.328246][ C0] VFS: brelse: Trying to free free buffer [ 75.329142][ C0] WARNING: CPU: 0 PID: 5059 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.330410][ C0] Modules linked in: [ 75.330981][ C0] CPU: 0 PID: 5059 Comm: syz.0.95 Tainted: G W syzkaller #0 [ 75.332349][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.333801][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.334972][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 75.335828][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 75.336648][ C0] sp : ffff800008007de0 [ 75.337305][ C0] x29: ffff800008007de0 x28: ffff0000d9bf9b40 x27: 1fffe0003421845c [ 75.338640][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 75.339918][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7526b8 [ 75.341189][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 75.342469][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.343644][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.344955][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 80cd1bef80500600 [ 75.346160][ C0] x8 : 80cd1bef80500600 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.347563][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.348787][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.350045][ C0] Call trace: [ 75.350586][ C0] invalidate_bh_lru+0x128/0x234 [ 75.351379][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.352270][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.353354][ C0] ipi_handler+0x10c/0x710 [ 75.354055][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 75.354877][ C0] handle_domain_irq+0x144/0x1fc [ 75.355615][ C0] gic_handle_irq+0x78/0x1c8 [ 75.356306][ C0] call_on_irq_stack+0x30/0x48 [ 75.357062][ C0] do_interrupt_handler+0x6c/0x88 [ 75.357827][ C0] el0_interrupt+0x94/0x260 [ 75.358527][ C0] __el0_irq_handler_common+0x18/0x24 [ 75.359372][ C0] el0t_64_irq_handler+0x10/0x1c [ 75.360123][ C0] el0t_64_irq+0x1a0/0x1a4 [ 75.360834][ C0] irq event stamp: 218 [ 75.361521][ C0] hardirqs last enabled at (217): [] el0t_64_sync_handler+0xd8/0xe4 [ 75.363083][ C0] hardirqs last disabled at (218): [] __el0_irq_handler_common+0x18/0x24 [ 75.364742][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 75.366345][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 75.367775][ C0] ---[ end trace eb6d8fd83ed9e213 ]--- [ 75.386879][ T5059] loop0: detected capacity change from 0 to 128 [ 75.389514][ T5059] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.390999][ T5059] Bad inode number on dev loop0: 2 is out of range [ 75.392089][ T5059] SysV FS: get root inode failed [ 75.392875][ T5059] oldfs: cannot read superblock [ 75.396355][ C1] ------------[ cut here ]------------ [ 75.397163][ C1] VFS: brelse: Trying to free free buffer [ 75.397998][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.399328][ C1] Modules linked in: [ 75.399910][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.401211][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.402594][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.403742][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.404521][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.405350][ C1] sp : ffff800008017de0 [ 75.406054][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 75.407284][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 75.408530][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2af5a58 [ 75.409850][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 75.411115][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.412517][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.413856][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 75.415098][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.416250][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.417356][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.418701][ C1] Call trace: [ 75.419263][ C1] invalidate_bh_lru+0x128/0x234 [ 75.420106][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.421099][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.422300][ C1] ipi_handler+0x10c/0x710 [ 75.423024][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.423918][ C1] handle_domain_irq+0x144/0x1fc [ 75.424736][ C1] gic_handle_irq+0x78/0x1c8 [ 75.425485][ C1] call_on_irq_stack+0x30/0x48 [ 75.426326][ C1] do_interrupt_handler+0x6c/0x88 [ 75.427189][ C1] el0_interrupt+0x94/0x260 [ 75.427908][ C1] __el0_irq_handler_common+0x18/0x24 [ 75.428697][ C1] el0t_64_irq_handler+0x10/0x1c [ 75.429389][ C1] el0t_64_irq+0x1a0/0x1a4 [ 75.430095][ C1] irq event stamp: 306508 [ 75.430819][ C1] hardirqs last enabled at (306507): [] el0t_64_sync_handler+0xcc/0xe4 [ 75.432493][ C1] hardirqs last disabled at (306508): [] __el0_irq_handler_common+0x18/0x24 [ 75.434166][ C1] softirqs last enabled at (306422): [] local_bh_enable+0x10/0x34 [ 75.435721][ C1] softirqs last disabled at (306420): [] local_bh_disable+0x10/0x34 [ 75.437203][ C1] ---[ end trace eb6d8fd83ed9e214 ]--- [ 75.470724][ T5061] loop0: detected capacity change from 0 to 128 [ 75.473667][ T5061] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.474859][ T5061] Bad inode number on dev loop0: 2 is out of range [ 75.475851][ T5061] SysV FS: get root inode failed [ 75.476626][ T5061] oldfs: cannot read superblock [ 75.480792][ C1] ------------[ cut here ]------------ [ 75.481624][ C1] VFS: brelse: Trying to free free buffer [ 75.482430][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.483757][ C1] Modules linked in: [ 75.484410][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.485776][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.487347][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.488669][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.489499][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.490303][ C1] sp : ffff800008017de0 [ 75.491031][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 75.492409][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 75.493815][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2af5df8 [ 75.495147][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 75.496479][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.497821][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.499179][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 75.500527][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.501889][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.503253][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.504678][ C1] Call trace: [ 75.505188][ C1] invalidate_bh_lru+0x128/0x234 [ 75.506008][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.506906][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.508061][ C1] ipi_handler+0x10c/0x710 [ 75.508779][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.509685][ C1] handle_domain_irq+0x144/0x1fc [ 75.510405][ C1] gic_handle_irq+0x78/0x1c8 [ 75.511181][ C1] call_on_irq_stack+0x30/0x48 [ 75.511956][ C1] do_interrupt_handler+0x6c/0x88 [ 75.512815][ C1] el1_interrupt+0x30/0x58 [ 75.513524][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.514340][ C1] el1h_64_irq+0x78/0x7c [ 75.515019][ C1] put_cpu_partial+0x198/0x218 [ 75.515859][ C1] __slab_free+0x184/0x254 [ 75.516587][ C1] ___cache_free+0x178/0x1bc [ 75.517387][ C1] qlink_free+0x5c/0xa4 [ 75.518055][ C1] qlist_free_all+0x40/0xa8 [ 75.518772][ C1] kasan_quarantine_reduce+0x124/0x130 [ 75.519578][ C1] __kasan_slab_alloc+0x34/0xcc [ 75.520335][ C1] slab_post_alloc_hook+0x74/0x408 [ 75.521146][ C1] __kmalloc+0x208/0x44c [ 75.521848][ C1] tomoyo_encode+0x274/0x4a4 [ 75.522598][ C1] tomoyo_realpath_from_path+0x4bc/0x510 [ 75.523499][ C1] tomoyo_path_perm+0x1b4/0x440 [ 75.524265][ C1] tomoyo_inode_getattr+0x28/0x38 [ 75.525056][ C1] security_inode_getattr+0xd8/0x124 [ 75.525859][ C1] vfs_statx+0x118/0x458 [ 75.526540][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 75.527427][ C1] invoke_syscall+0x98/0x2b8 [ 75.528198][ C1] el0_svc_common+0x138/0x258 [ 75.529012][ C1] do_el0_svc+0x58/0x14c [ 75.529643][ C1] el0_svc+0x78/0x1e0 [ 75.530288][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.531090][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.531779][ C1] irq event stamp: 308646 [ 75.532480][ C1] hardirqs last enabled at (308645): [] put_cpu_partial+0x188/0x218 [ 75.534061][ C1] hardirqs last disabled at (308646): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.535739][ C1] softirqs last enabled at (308484): [] local_bh_enable+0x10/0x34 [ 75.537298][ C1] softirqs last disabled at (308482): [] local_bh_disable+0x10/0x34 [ 75.538751][ C1] ---[ end trace eb6d8fd83ed9e215 ]--- [ 75.580315][ T5063] loop0: detected capacity change from 0 to 128 [ 75.584986][ T5063] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.586065][ T5063] Bad inode number on dev loop0: 2 is out of range [ 75.586951][ T5063] SysV FS: get root inode failed [ 75.587668][ T5063] oldfs: cannot read superblock [ 75.591938][ C1] ------------[ cut here ]------------ [ 75.592779][ C1] VFS: brelse: Trying to free free buffer [ 75.593609][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.594861][ C1] Modules linked in: [ 75.595414][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.596624][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.598023][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.599239][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.600070][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.600846][ C1] sp : ffff800008017de0 [ 75.601469][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 75.602895][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 75.604190][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de776230 [ 75.605531][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 75.606904][ C1] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.608418][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.609761][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 55f84b004a0ab400 [ 75.611074][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.612355][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.613558][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.614769][ C1] Call trace: [ 75.615293][ C1] invalidate_bh_lru+0x128/0x234 [ 75.616006][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.616981][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.618141][ C1] ipi_handler+0x10c/0x710 [ 75.618813][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.619710][ C1] handle_domain_irq+0x144/0x1fc [ 75.620489][ C1] gic_handle_irq+0x78/0x1c8 [ 75.621216][ C1] call_on_irq_stack+0x30/0x48 [ 75.621983][ C1] do_interrupt_handler+0x6c/0x88 [ 75.622834][ C1] el1_interrupt+0x30/0x58 [ 75.623497][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.624194][ C1] el1h_64_irq+0x78/0x7c [ 75.624793][ C1] seqcount_lockdep_reader_access+0x214/0x2bc [ 75.625797][ C1] set_root+0x120/0x38c [ 75.626490][ C1] nd_jump_root+0x26c/0x3cc [ 75.627212][ C1] path_init+0x348/0xed8 [ 75.627819][ C1] path_openat+0x12c/0x26e4 [ 75.628516][ C1] do_filp_open+0x164/0x330 [ 75.629187][ C1] do_sys_openat2+0x128/0x3d8 [ 75.629880][ C1] __arm64_sys_openat+0x120/0x154 [ 75.630617][ C1] invoke_syscall+0x98/0x2b8 [ 75.631367][ C1] el0_svc_common+0x138/0x258 [ 75.632144][ C1] do_el0_svc+0x58/0x14c [ 75.632826][ C1] el0_svc+0x78/0x1e0 [ 75.633420][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.634244][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.635025][ C1] irq event stamp: 311824 [ 75.635726][ C1] hardirqs last enabled at (311823): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 75.637392][ C1] hardirqs last disabled at (311824): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.638890][ C1] softirqs last enabled at (311242): [] local_bh_enable+0x10/0x34 [ 75.640382][ C1] softirqs last disabled at (311240): [] local_bh_disable+0x10/0x34 [ 75.641879][ C1] ---[ end trace eb6d8fd83ed9e216 ]--- [ 75.670327][ T5065] loop0: detected capacity change from 0 to 128 [ 75.673167][ T5065] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.674459][ T5065] Bad inode number on dev loop0: 2 is out of range [ 75.675546][ T5065] SysV FS: get root inode failed [ 75.676298][ T5065] oldfs: cannot read superblock [ 75.685686][ C0] ------------[ cut here ]------------ [ 75.686545][ C0] VFS: brelse: Trying to free free buffer [ 75.687500][ C0] WARNING: CPU: 0 PID: 5066 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.688914][ C0] Modules linked in: [ 75.689541][ C0] CPU: 0 PID: 5066 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.690830][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.692430][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.693605][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 75.694572][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 75.695454][ C0] sp : ffff800008007de0 [ 75.696111][ C0] x29: ffff800008007de0 x28: ffff0000d0b80000 x27: 1fffe0003421845c [ 75.697385][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 75.698624][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de752a58 [ 75.699829][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 75.700977][ C0] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.702266][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.703565][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 027e178d7e88e600 [ 75.704862][ C0] x8 : 027e178d7e88e600 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.706159][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.707492][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.708796][ C0] Call trace: [ 75.709320][ C0] invalidate_bh_lru+0x128/0x234 [ 75.710120][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.711137][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.712237][ C0] ipi_handler+0x10c/0x710 [ 75.712911][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 75.713676][ C0] handle_domain_irq+0x144/0x1fc [ 75.714351][ C0] gic_handle_irq+0x78/0x1c8 [ 75.715025][ C0] call_on_irq_stack+0x30/0x48 [ 75.715666][ C0] do_interrupt_handler+0x6c/0x88 [ 75.716458][ C0] el1_interrupt+0x30/0x58 [ 75.717177][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.717978][ C0] el1h_64_irq+0x78/0x7c [ 75.718665][ C0] ___slab_alloc+0x2e8/0xda8 [ 75.719374][ C0] __slab_alloc+0x68/0xc0 [ 75.720006][ C0] __kmalloc_node+0x310/0x520 [ 75.720717][ C0] memcg_alloc_page_obj_cgroups+0x80/0x174 [ 75.721600][ C0] slab_post_alloc_hook+0xc0/0x408 [ 75.722373][ C0] kmem_cache_alloc+0x1e0/0x3e4 [ 75.723074][ C0] __d_alloc+0x3c/0x65c [ 75.723684][ C0] d_alloc_parallel+0x80/0x1104 [ 75.724489][ C0] path_openat+0x700/0x26e4 [ 75.725264][ C0] do_filp_open+0x164/0x330 [ 75.725979][ C0] do_sys_openat2+0x128/0x3d8 [ 75.726749][ C0] __arm64_sys_openat+0x120/0x154 [ 75.727596][ C0] invoke_syscall+0x98/0x2b8 [ 75.728353][ C0] el0_svc_common+0x138/0x258 [ 75.729080][ C0] do_el0_svc+0x58/0x14c [ 75.729724][ C0] el0_svc+0x78/0x1e0 [ 75.730318][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 75.731115][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.731802][ C0] irq event stamp: 798 [ 75.732380][ C0] hardirqs last enabled at (797): [] ___slab_alloc+0x2d8/0xda8 [ 75.733742][ C0] hardirqs last disabled at (798): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.735215][ C0] softirqs last enabled at (496): [] local_bh_enable+0x10/0x34 [ 75.736593][ C0] softirqs last disabled at (494): [] local_bh_disable+0x10/0x34 [ 75.737912][ C0] ---[ end trace eb6d8fd83ed9e217 ]--- [ 75.776866][ T5067] loop0: detected capacity change from 0 to 128 [ 75.779625][ T5067] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.780679][ T5067] Bad inode number on dev loop0: 2 is out of range [ 75.781710][ T5067] SysV FS: get root inode failed [ 75.782527][ T5067] oldfs: cannot read superblock [ 75.799872][ T4880] ------------[ cut here ]------------ [ 75.800828][ T4880] VFS: brelse: Trying to free free buffer [ 75.801712][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.803057][ T4880] Modules linked in: [ 75.803637][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 75.804985][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.806654][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.807896][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 75.808671][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 75.809566][ T4880] sp : ffff80001fc377c0 [ 75.810203][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 75.811398][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 75.812726][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de752df8 [ 75.814012][ T4880] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 75.815257][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.816576][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.817863][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 75.819162][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.820502][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.821741][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.823168][ T4880] Call trace: [ 75.823727][ T4880] invalidate_bh_lru+0x128/0x234 [ 75.824571][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 75.825578][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.826421][ T4880] invalidate_bh_lrus+0x34/0x40 [ 75.827219][ T4880] blkdev_flush_mapping+0x168/0x31c [ 75.828096][ T4880] blkdev_put+0x490/0x6ac [ 75.828777][ T4880] blkdev_close+0x74/0xb0 [ 75.829478][ T4880] __fput+0x1c0/0x7f8 [ 75.830129][ T4880] ____fput+0x20/0x30 [ 75.830760][ T4880] task_work_run+0x12c/0x1e0 [ 75.831502][ T4880] do_notify_resume+0x24b4/0x3128 [ 75.832331][ T4880] el0_svc+0xf0/0x1e0 [ 75.832937][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 75.833719][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 75.834469][ T4880] irq event stamp: 355890 [ 75.835211][ T4880] hardirqs last enabled at (355889): [] kasan_quarantine_put+0xc4/0x204 [ 75.836868][ T4880] hardirqs last disabled at (355890): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.838615][ T4880] softirqs last enabled at (355802): [] local_bh_enable+0x10/0x34 [ 75.840216][ T4880] softirqs last disabled at (355800): [] local_bh_disable+0x10/0x34 [ 75.841717][ T4880] ---[ end trace eb6d8fd83ed9e218 ]--- [ 75.913275][ T5071] loop0: detected capacity change from 0 to 128 [ 75.916389][ T5071] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.917547][ T5071] Bad inode number on dev loop0: 2 is out of range [ 75.918520][ T5071] SysV FS: get root inode failed [ 75.919607][ T5071] oldfs: cannot read superblock [ 75.927022][ T4880] ------------[ cut here ]------------ [ 75.927914][ T4880] VFS: brelse: Trying to free free buffer [ 75.928876][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.930309][ T4880] Modules linked in: [ 75.930944][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 75.932403][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 75.934061][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.935310][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 75.936128][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 75.936993][ T4880] sp : ffff80001fc377c0 [ 75.937674][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 75.938899][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 75.940115][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de74e230 [ 75.941315][ T4880] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 75.942530][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 75.943795][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.944996][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 75.946126][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.947226][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 75.948556][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.949786][ T4880] Call trace: [ 75.950329][ T4880] invalidate_bh_lru+0x128/0x234 [ 75.951093][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 75.951924][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.952705][ T4880] invalidate_bh_lrus+0x34/0x40 [ 75.953390][ T4880] blkdev_flush_mapping+0x168/0x31c [ 75.954122][ T4880] blkdev_put+0x490/0x6ac [ 75.954733][ T4880] blkdev_close+0x74/0xb0 [ 75.955324][ T4880] __fput+0x1c0/0x7f8 [ 75.955891][ T4880] ____fput+0x20/0x30 [ 75.956468][ T4880] task_work_run+0x12c/0x1e0 [ 75.957165][ T4880] do_notify_resume+0x24b4/0x3128 [ 75.957933][ T4880] el0_svc+0xf0/0x1e0 [ 75.958567][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 75.959461][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 75.960191][ T4880] irq event stamp: 360608 [ 75.960886][ T4880] hardirqs last enabled at (360607): [] kasan_quarantine_put+0xc4/0x204 [ 75.962575][ T4880] hardirqs last disabled at (360608): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.964311][ T4880] softirqs last enabled at (360412): [] local_bh_enable+0x10/0x34 [ 75.965943][ T4880] softirqs last disabled at (360410): [] local_bh_disable+0x10/0x34 [ 75.967535][ T4880] ---[ end trace eb6d8fd83ed9e219 ]--- [ 76.006191][ T5073] loop0: detected capacity change from 0 to 128 [ 76.012604][ T5073] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.013708][ T5073] Bad inode number on dev loop0: 2 is out of range [ 76.014810][ T5073] SysV FS: get root inode failed [ 76.015603][ T5073] oldfs: cannot read superblock [ 76.022742][ T4880] ------------[ cut here ]------------ [ 76.023569][ T4880] VFS: brelse: Trying to free free buffer [ 76.024563][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.025975][ T4880] Modules linked in: [ 76.026633][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 76.027922][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.029573][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.030901][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 76.031704][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 76.032520][ T4880] sp : ffff80001fc377c0 [ 76.033144][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 76.034275][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 76.035451][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de74e5d0 [ 76.036778][ T4880] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 76.038113][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.039462][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.040842][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 76.042121][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.043470][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.044800][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.046098][ T4880] Call trace: [ 76.046608][ T4880] invalidate_bh_lru+0x128/0x234 [ 76.047404][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 76.048310][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.049136][ T4880] invalidate_bh_lrus+0x34/0x40 [ 76.049860][ T4880] blkdev_flush_mapping+0x168/0x31c [ 76.050630][ T4880] blkdev_put+0x490/0x6ac [ 76.051295][ T4880] blkdev_close+0x74/0xb0 [ 76.051909][ T4880] __fput+0x1c0/0x7f8 [ 76.052528][ T4880] ____fput+0x20/0x30 [ 76.053178][ T4880] task_work_run+0x12c/0x1e0 [ 76.053878][ T4880] do_notify_resume+0x24b4/0x3128 [ 76.054654][ T4880] el0_svc+0xf0/0x1e0 [ 76.055286][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 76.056097][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 76.056830][ T4880] irq event stamp: 366532 [ 76.057541][ T4880] hardirqs last enabled at (366531): [] kasan_quarantine_put+0xc4/0x204 [ 76.059141][ T4880] hardirqs last disabled at (366532): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.060927][ T4880] softirqs last enabled at (366334): [] local_bh_enable+0x10/0x34 [ 76.062478][ T4880] softirqs last disabled at (366332): [] local_bh_disable+0x10/0x34 [ 76.064029][ T4880] ---[ end trace eb6d8fd83ed9e21a ]--- [ 76.096962][ T5075] loop0: detected capacity change from 0 to 128 [ 76.099078][ T5075] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.100420][ T5075] Bad inode number on dev loop0: 2 is out of range [ 76.101389][ T5075] SysV FS: get root inode failed [ 76.102194][ T5075] oldfs: cannot read superblock [ 76.109176][ T4880] ------------[ cut here ]------------ [ 76.109968][ T4880] VFS: brelse: Trying to free free buffer [ 76.110819][ T4880] WARNING: CPU: 0 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.112110][ T4880] Modules linked in: [ 76.112686][ T4880] CPU: 0 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 76.113896][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.115463][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.116579][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 76.117321][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 76.118150][ T4880] sp : ffff80001fc377c0 [ 76.118748][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421845c [ 76.119978][ T4880] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 76.121279][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de74e970 [ 76.122472][ T4880] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 76.123658][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.124926][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.126177][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 76.127512][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.128853][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.130108][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.131438][ T4880] Call trace: [ 76.131960][ T4880] invalidate_bh_lru+0x128/0x234 [ 76.132738][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 76.133641][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.134482][ T4880] invalidate_bh_lrus+0x34/0x40 [ 76.135284][ T4880] blkdev_flush_mapping+0x168/0x31c [ 76.136124][ T4880] blkdev_put+0x490/0x6ac [ 76.136826][ T4880] blkdev_close+0x74/0xb0 [ 76.137582][ T4880] __fput+0x1c0/0x7f8 [ 76.138216][ T4880] ____fput+0x20/0x30 [ 76.138887][ T4880] task_work_run+0x12c/0x1e0 [ 76.139622][ T4880] do_notify_resume+0x24b4/0x3128 [ 76.140449][ T4880] el0_svc+0xf0/0x1e0 [ 76.141069][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 76.141820][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 76.142495][ T4880] irq event stamp: 369374 [ 76.143091][ T4880] hardirqs last enabled at (369373): [] kasan_quarantine_put+0xc4/0x204 [ 76.144490][ T4880] hardirqs last disabled at (369374): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.145985][ T4880] softirqs last enabled at (369162): [] local_bh_enable+0x10/0x34 [ 76.147343][ T4880] softirqs last disabled at (369160): [] local_bh_disable+0x10/0x34 [ 76.148854][ T4880] ---[ end trace eb6d8fd83ed9e21b ]--- [ 76.186841][ T5077] loop0: detected capacity change from 0 to 128 [ 76.229448][ T5077] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.230774][ T5077] Bad inode number on dev loop0: 2 is out of range [ 76.231784][ T5077] SysV FS: get root inode failed [ 76.232592][ T5077] oldfs: cannot read superblock [ 76.239229][ C1] ------------[ cut here ]------------ [ 76.240113][ C1] VFS: brelse: Trying to free free buffer [ 76.241041][ C1] WARNING: CPU: 1 PID: 5078 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.242476][ C1] Modules linked in: [ 76.243102][ C1] CPU: 1 PID: 5078 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.244519][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.246024][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.247194][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.247998][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.248809][ C1] sp : ffff800008017de0 [ 76.249391][ C1] x29: ffff800008017de0 x28: ffff0000c2ed0000 x27: 1fffe0003421c65c [ 76.250501][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 76.251655][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de7765d0 [ 76.252829][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 76.254075][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.255327][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.256636][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 77e74f731089e600 [ 76.257721][ C1] x8 : 77e74f731089e600 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.258973][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.260224][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.261475][ C1] Call trace: [ 76.262001][ C1] invalidate_bh_lru+0x128/0x234 [ 76.262760][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.263707][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.264788][ C1] ipi_handler+0x10c/0x710 [ 76.265436][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.266216][ C1] handle_domain_irq+0x144/0x1fc [ 76.266935][ C1] gic_handle_irq+0x78/0x1c8 [ 76.267593][ C1] call_on_irq_stack+0x30/0x48 [ 76.268296][ C1] do_interrupt_handler+0x6c/0x88 [ 76.268942][ C1] el1_interrupt+0x30/0x58 [ 76.269668][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.270433][ C1] el1h_64_irq+0x78/0x7c [ 76.271080][ C1] ___slab_alloc+0xc44/0xda8 [ 76.271752][ C1] __slab_alloc+0x68/0xc0 [ 76.272395][ C1] kmem_cache_alloc+0x2ac/0x3e4 [ 76.273096][ C1] __d_alloc+0x3c/0x65c [ 76.273669][ C1] d_alloc_parallel+0x80/0x1104 [ 76.274338][ C1] __lookup_slow+0x104/0x380 [ 76.274978][ C1] lookup_slow+0x5c/0x80 [ 76.275586][ C1] walk_component+0x2b0/0x3a8 [ 76.276329][ C1] link_path_walk+0x590/0xb8c [ 76.277122][ C1] path_openat+0x1c0/0x26e4 [ 76.277836][ C1] do_filp_open+0x164/0x330 [ 76.278579][ C1] do_sys_openat2+0x128/0x3d8 [ 76.279323][ C1] __arm64_sys_openat+0x120/0x154 [ 76.280093][ C1] invoke_syscall+0x98/0x2b8 [ 76.280835][ C1] el0_svc_common+0x138/0x258 [ 76.281539][ C1] do_el0_svc+0x58/0x14c [ 76.282260][ C1] el0_svc+0x78/0x1e0 [ 76.282883][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.283693][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.284399][ C1] irq event stamp: 772 [ 76.284990][ C1] hardirqs last enabled at (771): [] ___slab_alloc+0xc34/0xda8 [ 76.286315][ C1] hardirqs last disabled at (772): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.287863][ C1] softirqs last enabled at (508): [] local_bh_enable+0x10/0x34 [ 76.289321][ C1] softirqs last disabled at (506): [] local_bh_disable+0x10/0x34 [ 76.290695][ C1] ---[ end trace eb6d8fd83ed9e21c ]--- [ 76.316826][ T5079] loop0: detected capacity change from 0 to 128 [ 76.319437][ T5079] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.320495][ T5079] Bad inode number on dev loop0: 2 is out of range [ 76.321494][ T5079] SysV FS: get root inode failed [ 76.322276][ T5079] oldfs: cannot read superblock [ 76.335649][ T4880] ------------[ cut here ]------------ [ 76.336471][ T4880] VFS: brelse: Trying to free free buffer [ 76.337397][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.338635][ T4880] Modules linked in: [ 76.339212][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 76.340408][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.341885][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.343037][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 76.343868][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 76.344693][ T4880] sp : ffff80001fc377c0 [ 76.345270][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 76.346557][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 76.347794][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de776970 [ 76.349127][ T4880] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 76.350375][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.351679][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.352934][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 76.354248][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.355517][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.356859][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.358172][ T4880] Call trace: [ 76.358706][ T4880] invalidate_bh_lru+0x128/0x234 [ 76.359543][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 76.360476][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.361353][ T4880] invalidate_bh_lrus+0x34/0x40 [ 76.362133][ T4880] blkdev_flush_mapping+0x168/0x31c [ 76.362966][ T4880] blkdev_put+0x490/0x6ac [ 76.363705][ T4880] blkdev_close+0x74/0xb0 [ 76.364411][ T4880] __fput+0x1c0/0x7f8 [ 76.365091][ T4880] ____fput+0x20/0x30 [ 76.365798][ T4880] task_work_run+0x12c/0x1e0 [ 76.366585][ T4880] do_notify_resume+0x24b4/0x3128 [ 76.367346][ T4880] el0_svc+0xf0/0x1e0 [ 76.367967][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 76.368759][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 76.369468][ T4880] irq event stamp: 378426 [ 76.370172][ T4880] hardirqs last enabled at (378425): [] kasan_quarantine_put+0xc4/0x204 [ 76.371667][ T4880] hardirqs last disabled at (378426): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.373306][ T4880] softirqs last enabled at (378236): [] local_bh_enable+0x10/0x34 [ 76.374727][ T4880] softirqs last disabled at (378234): [] local_bh_disable+0x10/0x34 [ 76.376194][ T4880] ---[ end trace eb6d8fd83ed9e21d ]--- [ 76.421087][ T5083] loop0: detected capacity change from 0 to 128 [ 76.424335][ T5083] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.425459][ T5083] Bad inode number on dev loop0: 2 is out of range [ 76.426365][ T5083] SysV FS: get root inode failed [ 76.427126][ T5083] oldfs: cannot read superblock [ 76.433519][ C1] ------------[ cut here ]------------ [ 76.434354][ C1] VFS: brelse: Trying to free free buffer [ 76.435233][ C1] WARNING: CPU: 1 PID: 5084 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.436616][ C1] Modules linked in: [ 76.437246][ C1] CPU: 1 PID: 5084 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.438632][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.440216][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.441436][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.442208][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.443052][ C1] sp : ffff800008017de0 [ 76.443651][ C1] x29: ffff800008017de0 x28: ffff0000cb99d1c0 x27: 1fffe0003421c65c [ 76.444973][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 76.446346][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de776d10 [ 76.447621][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 76.448822][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.450127][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.451301][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 378189ca708c8d00 [ 76.452475][ C1] x8 : 378189ca708c8d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.453567][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.454831][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.456212][ C1] Call trace: [ 76.456736][ C1] invalidate_bh_lru+0x128/0x234 [ 76.457507][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.458484][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.459602][ C1] ipi_handler+0x10c/0x710 [ 76.460310][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.461173][ C1] handle_domain_irq+0x144/0x1fc [ 76.461959][ C1] gic_handle_irq+0x78/0x1c8 [ 76.462632][ C1] call_on_irq_stack+0x30/0x48 [ 76.463405][ C1] do_interrupt_handler+0x6c/0x88 [ 76.464246][ C1] el1_interrupt+0x30/0x58 [ 76.464924][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.465703][ C1] el1h_64_irq+0x78/0x7c [ 76.466386][ C1] lock_page_memcg+0x120/0x234 [ 76.467211][ C1] page_add_file_rmap+0x148/0x8e4 [ 76.468009][ C1] do_set_pte+0x394/0x4e0 [ 76.468709][ C1] filemap_map_pages+0x9c4/0xc50 [ 76.469493][ C1] handle_mm_fault+0x19c0/0x2950 [ 76.470353][ C1] do_page_fault+0x694/0xad4 [ 76.471003][ C1] do_translation_fault+0xe0/0x130 [ 76.471859][ C1] do_mem_abort+0x6c/0x1ac [ 76.472574][ C1] el0_da+0x90/0x1fc [ 76.473176][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 76.473970][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.474678][ C1] irq event stamp: 496 [ 76.475322][ C1] hardirqs last enabled at (495): [] lock_page_memcg+0x110/0x234 [ 76.476852][ C1] hardirqs last disabled at (496): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.478383][ C1] softirqs last enabled at (466): [] local_bh_enable+0x10/0x34 [ 76.479946][ C1] softirqs last disabled at (464): [] local_bh_disable+0x10/0x34 [ 76.481353][ C1] ---[ end trace eb6d8fd83ed9e21e ]--- [ 76.516713][ T5085] loop0: detected capacity change from 0 to 128 [ 76.520240][ T5085] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.521468][ T5085] Bad inode number on dev loop0: 2 is out of range [ 76.522499][ T5085] SysV FS: get root inode failed [ 76.523318][ T5085] oldfs: cannot read superblock [ 76.527197][ T4880] ------------[ cut here ]------------ [ 76.528073][ T4880] VFS: brelse: Trying to free free buffer [ 76.528980][ T4880] WARNING: CPU: 1 PID: 4880 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.530259][ T4880] Modules linked in: [ 76.530790][ T4880] CPU: 1 PID: 4880 Comm: udevd Tainted: G W syzkaller #0 [ 76.531998][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.533593][ T4880] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.534904][ T4880] pc : invalidate_bh_lru+0x128/0x234 [ 76.535723][ T4880] lr : invalidate_bh_lru+0x128/0x234 [ 76.536594][ T4880] sp : ffff80001fc377c0 [ 76.537250][ T4880] x29: ffff80001fc377c0 x28: ffff80001417d000 x27: 1fffe0003421c65c [ 76.538624][ T4880] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 76.539873][ T4880] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76f6b8 [ 76.541133][ T4880] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 76.542458][ T4880] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.543686][ T4880] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.544835][ T4880] x11: 0000000000000002 x10: 0000000000000000 x9 : a6bebaba3dda6800 [ 76.545999][ T4880] x8 : a6bebaba3dda6800 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.547159][ T4880] x5 : ffff80001fc370b8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.548488][ T4880] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.549619][ T4880] Call trace: [ 76.550121][ T4880] invalidate_bh_lru+0x128/0x234 [ 76.550840][ T4880] smp_call_function_many_cond+0xa50/0xeb0 [ 76.551759][ T4880] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.552573][ T4880] invalidate_bh_lrus+0x34/0x40 [ 76.553341][ T4880] blkdev_flush_mapping+0x168/0x31c [ 76.554195][ T4880] blkdev_put+0x490/0x6ac [ 76.554830][ T4880] blkdev_close+0x74/0xb0 [ 76.555541][ T4880] __fput+0x1c0/0x7f8 [ 76.556144][ T4880] ____fput+0x20/0x30 [ 76.556786][ T4880] task_work_run+0x12c/0x1e0 [ 76.557468][ T4880] do_notify_resume+0x24b4/0x3128 [ 76.558181][ T4880] el0_svc+0xf0/0x1e0 [ 76.558880][ T4880] el0t_64_sync_handler+0xcc/0xe4 [ 76.559713][ T4880] el0t_64_sync+0x1a0/0x1a4 [ 76.560348][ T4880] irq event stamp: 385920 [ 76.560960][ T4880] hardirqs last enabled at (385919): [] kasan_quarantine_put+0xc4/0x204 [ 76.562534][ T4880] hardirqs last disabled at (385920): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.564122][ T4880] softirqs last enabled at (385714): [] local_bh_enable+0x10/0x34 [ 76.565581][ T4880] softirqs last disabled at (385712): [] local_bh_disable+0x10/0x34 [ 76.566915][ T4880] ---[ end trace eb6d8fd83ed9e21f ]--- [ 76.620220][ T5087] loop0: detected capacity change from 0 to 128 [ 76.624595][ T5087] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.625827][ T5087] Bad inode number on dev loop0: 2 is out of range [ 76.626914][ T5087] SysV FS: get root inode failed [ 76.627567][ T5087] oldfs: cannot read superblock [ 76.630010][ C1] ------------[ cut here ]------------ [ 76.630813][ C1] VFS: brelse: Trying to free free buffer [ 76.631699][ C1] WARNING: CPU: 1 PID: 4638 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.632908][ C1] Modules linked in: [ 76.633475][ C1] CPU: 1 PID: 4638 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.634747][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.636219][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.637343][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.638102][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.638859][ C1] sp : ffff800008017de0 [ 76.639427][ C1] x29: ffff800008017de0 x28: ffff0000c1fa8000 x27: 1fffe0003421c65c [ 76.640483][ C1] x26: 0000000000000001 x25: ffff0001a10e32d8 x24: 0000000000000001 [ 76.641798][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000de76f318 [ 76.643028][ C1] x20: ffff0001a10e32e0 x19: ffff8000113d9aa0 x18: 0000000000010003 [ 76.644310][ C1] x17: 0000000000010003 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.645634][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.647012][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 55f84b004a0ab400 [ 76.648277][ C1] x8 : 55f84b004a0ab400 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.649670][ C1] x5 : ffff8000080176d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.651076][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.652390][ C1] Call trace: [ 76.652951][ C1] invalidate_bh_lru+0x128/0x234 [ 76.653801][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.654752][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.655922][ C1] ipi_handler+0x10c/0x710 [ 76.656634][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.657489][ C1] handle_domain_irq+0x144/0x1fc [ 76.658286][ C1] gic_handle_irq+0x78/0x1c8 [ 76.658982][ C1] call_on_irq_stack+0x30/0x48 [ 76.659696][ C1] do_interrupt_handler+0x6c/0x88 [ 76.660488][ C1] el1_interrupt+0x30/0x58 [ 76.661251][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.662136][ C1] el1h_64_irq+0x78/0x7c [ 76.662836][ C1] _raw_write_unlock_irq+0xa0/0x128 [ 76.663599][ C1] release_task+0x1494/0x16a0 [ 76.664326][ C1] wait_consider_task+0x1508/0x27cc [ 76.665166][ C1] do_wait+0x2f8/0xa98 [ 76.665839][ C1] kernel_wait4+0x1d0/0x318 [ 76.666528][ C1] __arm64_sys_wait4+0x120/0x2d0 [ 76.667305][ C1] invoke_syscall+0x98/0x2b8 [ 76.668010][ C1] el0_svc_common+0x138/0x258 [ 76.668702][ C1] do_el0_svc+0x58/0x14c [ 76.669381][ C1] el0_svc+0x78/0x1e0 [ 76.669998][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.670815][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.671453][ C1] irq event stamp: 337404 [ 76.672085][ C1] hardirqs last enabled at (337403): [] _raw_write_unlock_irq+0x98/0x128 [ 76.673554][ C1] hardirqs last disabled at (337404): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.674917][ C1] softirqs last enabled at (337384): [] local_bh_enable+0x10/0x34 [ 76.676314][ C1] softirqs last disabled at (337382): [] local_bh_disable+0x10/0x34 [ 76.677755][ C1] ---[ end trace eb6d8fd83ed9e220 ]--- [ 76.712680][ T5089] loop0: detected capacity change from 0 to 128 [ 76.714947][ T5089] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.716020][ T5089] Bad inode number on dev loop0: 2 is out of range [ 76.717056][ T5089] SysV FS: get root inode failed [ 76.717728][ T5089] oldfs: cannot read superblock [ 76.731356][ C0] ------------[ cut here ]------------ [ 76.732296][ C0] VFS: brelse: Trying to free free buffer [ 76.733152][ C0] WARNING: CPU: 0 PID: 5091 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.734609][ C0] Modules linked in: [ 76.735208][ C0] CPU: 0 PID: 5091 Comm: syz.0.111 Tainted: G W syzkaller #0 [ 76.736587][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.738074][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.739239][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 76.740024][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 76.740765][ C0] sp : ffff800008007de0 [ 76.741394][ C0] x29: ffff800008007de0 x28: ffff0000cadf9b40 x27: 1fffe0003421845c [ 76.742603][ C0] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000001 [ 76.743841][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2866230 [ 76.745052][ C0] x20: ffff0001a10c22e0 x19: ffff8000113d9aa0 x18: 0000000000010002 [ 76.746375][ C0] x17: 0000000000010002 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.747466][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.748618][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : ffd07eec851df000 [ 76.749786][ C0] x8 : ffd07eec851df000 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.751122][ C0] x5 : ffff8000080076d8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.752395][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.753722][ C0] Call trace: [ 76.754199][ C0] invalidate_bh_lru+0x128/0x234 [ 76.754940][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.755785][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.756894][ C0] ipi_handler+0x10c/0x710 [ 76.757582][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 76.758476][ C0] handle_domain_irq+0x144/0x1fc [ 76.759269][ C0] gic_handle_irq+0x78/0x1c8 [ 76.760004][ C0] call_on_irq_stack+0x30/0x48 [ 76.760790][ C0] do_interrupt_handler+0x6c/0x88 [ 76.761682][ C0] el1_interrupt+0x30/0x58 [ 76.762411][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.763228][ C0] el1h_64_irq+0x78/0x7c [ 76.763917][ C0] kasan_check_range+0x78/0x2b0 [ 76.764716][ C0] memset+0x58/0x88 [ 76.765333][ C0] unwind_frame+0x124/0x668 [ 76.766129][ C0] arch_stack_walk+0x200/0x2b4 [ 76.766924][ C0] stack_trace_save+0x94/0xd8 [ 76.767679][ C0] kasan_set_track+0x4c/0x84 [ 76.768365][ C0] kasan_set_free_info+0x28/0x4c [ 76.769155][ C0] ____kasan_slab_free+0x118/0x164 [ 76.769932][ C0] __kasan_slab_free+0x18/0x28 [ 76.770664][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 76.771616][ C0] kmem_cache_free+0xdc/0x3b4 [ 76.772430][ C0] put_files_struct+0x2b8/0x32c [ 76.773197][ C0] exit_files+0x78/0x98 [ 76.773894][ C0] do_exit+0x638/0x1f58 [ 76.774602][ C0] do_group_exit+0x100/0x268 [ 76.775383][ C0] get_signal+0x73c/0x1340 [ 76.776134][ C0] do_notify_resume+0x35c/0x3128 [ 76.776973][ C0] el0_svc+0xf0/0x1e0 [ 76.777653][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 76.778472][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.779196][ C0] irq event stamp: 1904 [ 76.779896][ C0] hardirqs last enabled at (1903): [] kasan_quarantine_put+0xc4/0x204 [ 76.781492][ C0] hardirqs last disabled at (1904): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.783033][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 76.784465][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 76.785889][ C0] ---[ end trace eb6d8fd83ed9e221 ]--- [ 76.852661][ T5093] loop0: detected capacity change from 0 to 128 [ 76.889414][ T5093] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.890593][ T5093] Bad inode number on dev loop0: 2 is out of range [ 76.891670][ T5093] SysV FS: get root inode failed [ 76.892433][ T5093] oldfs: cannot read superblock [ 76.893205][ T5093] ------------[ cut here ]------------ [ 76.894015][ T5093] VFS: brelse: Trying to free free buffer [ 76.894998][ T5093] WARNING: CPU: 0 PID: 5093 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.896398][ T5093] Modules linked in: [ 76.897053][ T5093] CPU: 0 PID: 5093 Comm: syz.0.112 Tainted: G W syzkaller #0 [ 76.898346][ T5093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 76.899849][ T5093] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.901141][ T5093] pc : invalidate_bh_lru+0x128/0x234 [ 76.902050][ T5093] lr : invalidate_bh_lru+0x128/0x234 [ 76.902920][ T5093] sp : ffff8000202076e0 [ 76.903675][ T5093] x29: ffff8000202076e0 x28: ffff80001417d000 x27: 1fffe0003421845b [ 76.904944][ T5093] x26: 0000000000000001 x25: ffff0001a10c22d8 x24: 0000000000000000 [ 76.906230][ T5093] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2af4970 [ 76.907464][ T5093] x20: ffff0001a10c22d8 x19: ffff8000113d9aa0 x18: 0000000000000003 [ 76.908764][ T5093] x17: 0000000000000000 x16: ffff8000111c8944 x15: 00000000ffffffff [ 76.910094][ T5093] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.911350][ T5093] x11: 0000000000000002 x10: 0000000000000000 x9 : 1b585a54c7bb0200 [ 76.912555][ T5093] x8 : 1b585a54c7bb0200 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.913771][ T5093] x5 : ffff800020206fd8 x4 : ffff80001425f420 x3 : ffff80000850471c [ 76.914885][ T5093] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.916103][ T5093] Call trace: [ 76.916568][ T5093] invalidate_bh_lru+0x128/0x234 [ 76.917267][ T5093] smp_call_function_many_cond+0xa50/0xeb0 [ 76.918147][ T5093] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.918846][ T5093] invalidate_bh_lrus+0x34/0x40 [ 76.919601][ T5093] blkdev_flush_mapping+0x168/0x31c [ 76.920365][ T5093] blkdev_put+0x490/0x6ac [ 76.921005][ T5093] kill_block_super+0x98/0xdc [ 76.921737][ T5093] deactivate_locked_super+0xb8/0x13c [ 76.922531][ T5093] mount_bdev+0x284/0x358 [ 76.923193][ T5093] sysv_mount+0x44/0x58 [ 76.923819][ T5093] legacy_get_tree+0xd4/0x16c [ 76.924582][ T5093] vfs_get_tree+0x90/0x274 [ 76.925273][ T5093] do_new_mount+0x228/0x810 [ 76.926014][ T5093] path_mount+0x5b4/0x1000 [ 76.926726][ T5093] __arm64_sys_mount+0x514/0x5e4 [ 76.927520][ T5093] invoke_syscall+0x98/0x2b8 [ 76.928270][ T5093] el0_svc_common+0x138/0x258 [ 76.928956][ T5093] do_el0_svc+0x58/0x14c [ 76.929597][ T5093] el0_svc+0x78/0x1e0 [ 76.930198][ T5093] el0t_64_sync_handler+0xcc/0xe4 [ 76.930955][ T5093] el0t_64_sync+0x1a0/0x1a4