Warning: Permanently added '10.128.1.159' (ED25519) to the list of known hosts. 1970/01/01 00:00:59 parsed 1 programs [ 60.860153][ T4401] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 62.479640][ T4562] chnl_net:caif_netlink_parms(): no params data found [ 62.497217][ T4562] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.498608][ T4562] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.500163][ T4562] device bridge_slave_0 entered promiscuous mode [ 62.502116][ T4562] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.503234][ T4562] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.504760][ T4562] device bridge_slave_1 entered promiscuous mode [ 62.515558][ T4562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.518349][ T4562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.526213][ T4562] team0: Port device team_slave_0 added [ 62.528258][ T4562] team0: Port device team_slave_1 added [ 62.535294][ T4562] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.536493][ T4562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.540798][ T4562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.543064][ T4562] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.544097][ T4562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.548491][ T4562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.599133][ T4562] device hsr_slave_0 entered promiscuous mode [ 62.647528][ T4562] device hsr_slave_1 entered promiscuous mode [ 63.293400][ T4562] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.349250][ T4562] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.388617][ T4562] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.441998][ T4562] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.530412][ T4562] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.536073][ T4562] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.537905][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.540078][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.543328][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.551583][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.555334][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.556562][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.564423][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.570105][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.571738][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.573182][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.574553][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.577430][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.580932][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.592607][ T4562] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.594344][ T4562] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.599479][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.601582][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.603154][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.604950][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.606517][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.619586][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.621312][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.623298][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.627190][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.629937][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.665925][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.667311][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.671112][ T4562] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.678240][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.679796][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.685191][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.687175][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.689755][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 63.691198][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 63.693774][ T4562] device veth0_vlan entered promiscuous mode [ 63.698804][ T4562] device veth1_vlan entered promiscuous mode [ 63.705876][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 63.707684][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 63.709019][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.710603][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.713669][ T4562] device veth0_macvtap entered promiscuous mode [ 63.715980][ T4562] device veth1_macvtap entered promiscuous mode [ 63.728510][ T4562] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.730910][ T4562] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.733165][ T4562] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.734449][ T4562] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.735719][ T4562] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.737122][ T4562] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.740802][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 63.742199][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 63.743538][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.745096][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.746625][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 63.748805][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 63.885546][ T356] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.886991][ T356] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.890210][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 63.899581][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.900799][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.902004][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:03 executed programs: 0 [ 64.013522][ T4727] chnl_net:caif_netlink_parms(): no params data found [ 64.037607][ T4727] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.038769][ T4727] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.040227][ T4727] device bridge_slave_0 entered promiscuous mode [ 64.042517][ T4727] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.043716][ T4727] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.045170][ T4727] device bridge_slave_1 entered promiscuous mode [ 64.053743][ T4727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.056277][ T4727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.065365][ T4727] team0: Port device team_slave_0 added [ 64.067035][ T4727] team0: Port device team_slave_1 added [ 64.073805][ T4727] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.074914][ T4727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.079400][ T4727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.081714][ T4727] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.082766][ T4727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.086710][ T4727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.118611][ T4727] device hsr_slave_0 entered promiscuous mode [ 64.157524][ T4727] device hsr_slave_1 entered promiscuous mode [ 64.197317][ T4727] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.198523][ T4727] Cannot create hsr debugfs directory [ 64.226457][ T4727] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.007802][ T4667] Bluetooth: hci1: command 0x0409 tx timeout [ 66.970961][ T4727] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.077354][ T4667] Bluetooth: hci1: command 0x041b tx timeout [ 69.281538][ T4727] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.341367][ T4727] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.500237][ T4727] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.538478][ T4727] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.584052][ T4727] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.598764][ T1541] cfg80211: failed to load regulatory.db [ 69.598996][ T2066] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.600924][ T2066] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.618476][ T4727] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.679172][ T4727] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.682838][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.684322][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.686978][ T4727] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.689930][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.691476][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.692932][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.694089][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.696091][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.706713][ T4727] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 69.709737][ T4727] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 69.712072][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.713782][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.715239][ T148] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.716450][ T148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.718264][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.719843][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.721454][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.723611][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.725256][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.726982][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.731153][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.732792][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.734412][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.735844][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.743767][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.745416][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.786647][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 69.788379][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 69.791715][ T4727] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.805800][ T4727] device veth0_vlan entered promiscuous mode [ 69.810048][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 69.811729][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 69.813344][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 69.814784][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 69.819125][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 69.820619][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 69.823354][ T4727] device veth1_vlan entered promiscuous mode [ 69.832882][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 69.834453][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 69.835947][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 69.840010][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 69.842876][ T4727] device veth0_macvtap entered promiscuous mode [ 69.845402][ T4727] device veth1_macvtap entered promiscuous mode [ 69.852967][ T4727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.854663][ T4727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.856743][ T4727] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.858830][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 69.860372][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 69.861757][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 69.863216][ T1384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 69.866015][ T4727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.868924][ T4727] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.870952][ T4727] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.872173][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 69.873881][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 69.883094][ T4727] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.884520][ T4727] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.885914][ T4727] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.887885][ T4727] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.909287][ T1384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.910564][ T1384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.911930][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 69.924270][ T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.925529][ T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.926750][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:09 executed programs: 2 [ 69.956877][ T4956] loop0: detected capacity change from 0 to 128 [ 69.968031][ T4956] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 69.969163][ T4956] Bad inode number on dev loop0: 2 is out of range [ 69.970200][ T4956] SysV FS: get root inode failed [ 69.970935][ T4956] oldfs: cannot read superblock [ 69.976033][ T4944] ------------[ cut here ]------------ [ 69.976897][ T4944] VFS: brelse: Trying to free free buffer [ 69.977884][ T4944] WARNING: CPU: 0 PID: 4944 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 69.979216][ T4944] Modules linked in: [ 69.979799][ T4944] CPU: 0 PID: 4944 Comm: udevd Not tainted syzkaller #0 [ 69.980859][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 69.982412][ T4944] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 69.983717][ T4944] pc : invalidate_bh_lru+0x128/0x22c [ 69.984602][ T4944] lr : invalidate_bh_lru+0x128/0x22c [ 69.985408][ T4944] sp : ffff80001f8177c0 [ 69.986081][ T4944] x29: ffff80001f8177c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 69.987399][ T4944] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 69.988774][ T4944] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fa400 [ 69.989965][ T4944] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 69.991353][ T4944] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 69.992678][ T4944] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 69.993993][ T4944] x11: 0000000000000002 x10: 0000000000000000 x9 : ceb3c45c1a34d600 [ 69.995260][ T4944] x8 : ceb3c45c1a34d600 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.996477][ T4944] x5 : ffff80001f8170d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 69.997725][ T4944] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 69.999021][ T4944] Call trace: [ 69.999474][ T4944] invalidate_bh_lru+0x128/0x22c [ 70.000292][ T4944] smp_call_function_many_cond+0xa50/0xeac [ 70.001126][ T4944] on_each_cpu_cond_mask+0x5c/0xc4 [ 70.001822][ T4944] invalidate_bh_lrus+0x34/0x40 [ 70.002550][ T4944] blkdev_flush_mapping+0x16c/0x334 [ 70.003286][ T4944] blkdev_put+0x490/0x6ac [ 70.003980][ T4944] blkdev_close+0x74/0xb0 [ 70.004624][ T4944] __fput+0x1c0/0x7e8 [ 70.005190][ T4944] ____fput+0x20/0x30 [ 70.005755][ T4944] task_work_run+0x12c/0x1d8 [ 70.006499][ T4944] do_notify_resume+0x2450/0x309c [ 70.007250][ T4944] el0_svc+0xf0/0x1d0 [ 70.007920][ T4944] el0t_64_sync_handler+0xcc/0xe4 [ 70.008630][ T4944] el0t_64_sync+0x1a0/0x1a4 [ 70.009275][ T4944] irq event stamp: 10966 [ 70.009933][ T4944] hardirqs last enabled at (10965): [] kasan_quarantine_put+0xc4/0x200 [ 70.011334][ T4944] hardirqs last disabled at (10966): [] smp_call_function_many_cond+0xa44/0xeac [ 70.012931][ T4944] softirqs last enabled at (10772): [] local_bh_enable+0x10/0x34 [ 70.014324][ T4944] softirqs last disabled at (10770): [] local_bh_disable+0x10/0x34 [ 70.015835][ T4944] ---[ end trace 2595cf549e09dbcf ]--- [ 70.058114][ T4958] loop0: detected capacity change from 0 to 128 [ 70.061892][ T4958] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.063077][ T4958] Bad inode number on dev loop0: 2 is out of range [ 70.064089][ T4958] SysV FS: get root inode failed [ 70.064887][ T4958] oldfs: cannot read superblock [ 70.067796][ C0] ------------[ cut here ]------------ [ 70.068640][ C0] VFS: brelse: Trying to free free buffer [ 70.069595][ C0] WARNING: CPU: 0 PID: 14 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.070965][ C0] Modules linked in: [ 70.071668][ C0] CPU: 0 PID: 14 Comm: ksoftirqd/0 Tainted: G W syzkaller #0 [ 70.073093][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.074705][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.075966][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 70.076797][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 70.077616][ C0] sp : ffff800008007de0 [ 70.078238][ C0] x29: ffff800008007de0 x28: ffff0000c0951b40 x27: 1fffe000341f245c [ 70.079474][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 70.080643][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28fad10 [ 70.081962][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010104 [ 70.083110][ C0] x17: 0000000000010104 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.084268][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 70.085460][ C0] x11: 0000000000010103 x10: 0000000000010103 x9 : a47b76ab55aeee00 [ 70.086648][ C0] x8 : a47b76ab55aeee00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.087775][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.089002][ C0] x2 : 0000000000000001 x1 : 0000000100010103 x0 : 0000000000000027 [ 70.090298][ C0] Call trace: [ 70.090815][ C0] invalidate_bh_lru+0x128/0x22c [ 70.091527][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 70.092439][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.093390][ C0] ipi_handler+0x10c/0x6fc [ 70.094070][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 70.094957][ C0] handle_domain_irq+0x144/0x1fc [ 70.095735][ C0] gic_handle_irq+0x78/0x1b8 [ 70.096386][ C0] call_on_irq_stack+0x30/0x48 [ 70.097057][ C0] do_interrupt_handler+0x6c/0x88 [ 70.097877][ C0] el1_interrupt+0x30/0x58 [ 70.098513][ C0] el1h_64_irq_handler+0x18/0x24 [ 70.099254][ C0] el1h_64_irq+0x78/0x7c [ 70.099920][ C0] ___slab_alloc+0x7d4/0xd8c [ 70.100567][ C0] __slab_alloc+0x68/0xc0 [ 70.101265][ C0] kmem_cache_alloc_node+0x2c8/0x40c [ 70.102073][ C0] __alloc_skb+0x130/0x678 [ 70.102733][ C0] __tcp_send_ack+0x9c/0x510 [ 70.103403][ C0] tcp_send_ack+0x4c/0x68 [ 70.104024][ C0] __tcp_ack_snd_check+0x3b4/0x848 [ 70.104770][ C0] tcp_rcv_established+0x1150/0x1c7c [ 70.105524][ C0] tcp_v4_do_rcv+0x33c/0xb98 [ 70.106212][ C0] tcp_v4_rcv+0x2008/0x278c [ 70.106880][ C0] ip_protocol_deliver_rcu+0x370/0x770 [ 70.107727][ C0] ip_local_deliver_finish+0x1b8/0x30c [ 70.108483][ C0] NF_HOOK+0x2d8/0x368 [ 70.109103][ C0] ip_local_deliver+0x120/0x194 [ 70.109861][ C0] ip_rcv_finish+0x228/0x260 [ 70.110500][ C0] NF_HOOK+0x2d8/0x368 [ 70.111131][ C0] ip_rcv+0x7c/0x9c [ 70.111603][ C0] __netif_receive_skb+0xcc/0x2a8 [ 70.112365][ C0] process_backlog+0x3c8/0x73c [ 70.113143][ C0] __napi_poll+0xb4/0x5d8 [ 70.113951][ C0] net_rx_action+0x474/0xa18 [ 70.114683][ C0] handle_softirqs+0x344/0xbe4 [ 70.115408][ C0] run_ksoftirqd+0x7c/0x29c [ 70.116099][ C0] smpboot_thread_fn+0x4b0/0x920 [ 70.116846][ C0] kthread+0x374/0x454 [ 70.117467][ C0] ret_from_fork+0x10/0x20 [ 70.118089][ C0] irq event stamp: 227099 [ 70.118756][ C0] hardirqs last enabled at (227098): [] ___slab_alloc+0x7c4/0xd8c [ 70.120208][ C0] hardirqs last disabled at (227099): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.121668][ C0] softirqs last enabled at (227044): [] handle_softirqs+0xa40/0xbe4 [ 70.123175][ C0] softirqs last disabled at (227049): [] run_ksoftirqd+0x7c/0x29c [ 70.124655][ C0] ---[ end trace 2595cf549e09dbd0 ]--- [ 70.155071][ T4960] loop0: detected capacity change from 0 to 128 [ 70.157407][ T13] Bluetooth: hci1: command 0x040f tx timeout [ 70.159757][ T4960] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.160941][ T4960] Bad inode number on dev loop0: 2 is out of range [ 70.162058][ T4960] SysV FS: get root inode failed [ 70.162777][ T4960] oldfs: cannot read superblock [ 70.172188][ T4944] ------------[ cut here ]------------ [ 70.173068][ T4944] VFS: brelse: Trying to free free buffer [ 70.174018][ T4944] WARNING: CPU: 1 PID: 4944 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.175320][ T4944] Modules linked in: [ 70.175920][ T4944] CPU: 1 PID: 4944 Comm: udevd Tainted: G W syzkaller #0 [ 70.177231][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.178863][ T4944] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.180118][ T4944] pc : invalidate_bh_lru+0x128/0x22c [ 70.180953][ T4944] lr : invalidate_bh_lru+0x128/0x22c [ 70.181784][ T4944] sp : ffff80001f8177c0 [ 70.182378][ T4944] x29: ffff80001f8177c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 70.183640][ T4944] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 70.184927][ T4944] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05eb7a0 [ 70.186275][ T4944] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 70.187446][ T4944] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.188695][ T4944] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 70.190109][ T4944] x11: 0000000000000002 x10: 0000000000000000 x9 : ceb3c45c1a34d600 [ 70.191419][ T4944] x8 : ceb3c45c1a34d600 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.192725][ T4944] x5 : ffff80001f8170d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.194009][ T4944] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 70.195265][ T4944] Call trace: [ 70.195777][ T4944] invalidate_bh_lru+0x128/0x22c [ 70.196473][ T4944] smp_call_function_many_cond+0xa50/0xeac [ 70.197413][ T4944] on_each_cpu_cond_mask+0x5c/0xc4 [ 70.198140][ T4944] invalidate_bh_lrus+0x34/0x40 [ 70.198860][ T4944] blkdev_flush_mapping+0x16c/0x334 [ 70.199658][ T4944] blkdev_put+0x490/0x6ac [ 70.200349][ T4944] blkdev_close+0x74/0xb0 [ 70.200959][ T4944] __fput+0x1c0/0x7e8 [ 70.201565][ T4944] ____fput+0x20/0x30 [ 70.202261][ T4944] task_work_run+0x12c/0x1d8 [ 70.202979][ T4944] do_notify_resume+0x2450/0x309c [ 70.203846][ T4944] el0_svc+0xf0/0x1d0 [ 70.204478][ T4944] el0t_64_sync_handler+0xcc/0xe4 [ 70.205239][ T4944] el0t_64_sync+0x1a0/0x1a4 [ 70.205889][ T4944] irq event stamp: 17452 [ 70.206586][ T4944] hardirqs last enabled at (17451): [] kasan_quarantine_put+0xc4/0x200 [ 70.208091][ T4944] hardirqs last disabled at (17452): [] smp_call_function_many_cond+0xa44/0xeac [ 70.209728][ T4944] softirqs last enabled at (17258): [] local_bh_enable+0x10/0x34 [ 70.211227][ T4944] softirqs last disabled at (17256): [] local_bh_disable+0x10/0x34 [ 70.212598][ T4944] ---[ end trace 2595cf549e09dbd1 ]--- [ 70.240778][ T4962] loop0: detected capacity change from 0 to 128 [ 70.270412][ T4962] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.271664][ T4962] Bad inode number on dev loop0: 2 is out of range [ 70.272615][ T4962] SysV FS: get root inode failed [ 70.273464][ T4962] oldfs: cannot read superblock [ 70.280232][ C1] ------------[ cut here ]------------ [ 70.281289][ C1] VFS: brelse: Trying to free free buffer [ 70.282205][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.283431][ C1] Modules linked in: [ 70.283974][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 70.285550][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.287184][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.288417][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 70.289338][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 70.290226][ C1] sp : ffff800008017de0 [ 70.290819][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 70.292029][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 70.293326][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05eb888 [ 70.294576][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 70.295833][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.296927][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 70.298113][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 674286dffb2bba00 [ 70.299268][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.300407][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.301598][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 70.302887][ C1] Call trace: [ 70.303381][ C1] invalidate_bh_lru+0x128/0x22c [ 70.304163][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.305094][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.306144][ C1] ipi_handler+0x10c/0x6fc [ 70.306765][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 70.307672][ C1] handle_domain_irq+0x144/0x1fc [ 70.308459][ C1] gic_handle_irq+0x78/0x1b8 [ 70.309084][ C1] call_on_irq_stack+0x30/0x48 [ 70.309942][ C1] do_interrupt_handler+0x6c/0x88 [ 70.310715][ C1] el1_interrupt+0x30/0x58 [ 70.311389][ C1] el1h_64_irq_handler+0x18/0x24 [ 70.312138][ C1] el1h_64_irq+0x78/0x7c [ 70.312934][ C1] __sanitizer_cov_trace_pc+0x38/0xac [ 70.313854][ C1] check_preemption_disabled+0x38/0x164 [ 70.314797][ C1] debug_smp_processor_id+0x20/0x2c [ 70.315656][ C1] rcu_lockdep_current_cpu_online+0x7c/0x1e0 [ 70.316506][ C1] rcu_read_lock_held+0x20/0x50 [ 70.317223][ C1] mem_cgroup_from_task+0x98/0x120 [ 70.317984][ C1] get_obj_cgroup_from_current+0x27c/0x524 [ 70.318792][ C1] slab_pre_alloc_hook+0xa4/0xe8 [ 70.319472][ C1] kmem_cache_alloc+0x94/0x3d4 [ 70.320149][ C1] copy_fs_struct+0x58/0x214 [ 70.320792][ C1] copy_fs+0x64/0x148 [ 70.321349][ C1] copy_process+0x13c8/0x34c8 [ 70.322023][ C1] kernel_clone+0x1ec/0x9e8 [ 70.322661][ C1] __arm64_sys_clone+0x14c/0x1b8 [ 70.323394][ C1] invoke_syscall+0x98/0x2b0 [ 70.324141][ C1] el0_svc_common+0x138/0x258 [ 70.324802][ C1] do_el0_svc+0x58/0x13c [ 70.325490][ C1] el0_svc+0x78/0x1d0 [ 70.326105][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 70.326859][ C1] el0t_64_sync+0x1a0/0x1a4 [ 70.327526][ C1] irq event stamp: 128648 [ 70.328176][ C1] hardirqs last enabled at (128647): [] mod_objcg_mlstate+0x13c/0x220 [ 70.329710][ C1] hardirqs last disabled at (128648): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.331202][ C1] softirqs last enabled at (128618): [] local_bh_enable+0x10/0x34 [ 70.332595][ C1] softirqs last disabled at (128616): [] local_bh_disable+0x10/0x34 [ 70.334056][ C1] ---[ end trace 2595cf549e09dbd2 ]--- [ 70.378878][ T4964] loop0: detected capacity change from 0 to 128 [ 70.382007][ T4964] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.383198][ T4964] Bad inode number on dev loop0: 2 is out of range [ 70.384147][ T4964] SysV FS: get root inode failed [ 70.384896][ T4964] oldfs: cannot read superblock [ 70.404137][ C1] ------------[ cut here ]------------ [ 70.404964][ C1] VFS: brelse: Trying to free free buffer [ 70.405895][ C1] WARNING: CPU: 1 PID: 4968 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.407161][ C1] Modules linked in: [ 70.407761][ C1] CPU: 1 PID: 4968 Comm: syz.0.21 Tainted: G W syzkaller #0 [ 70.409108][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.410726][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.411863][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 70.412643][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 70.413453][ C1] sp : ffff800008017de0 [ 70.414048][ C1] x29: ffff800008017de0 x28: ffff0000cbfa3680 x27: 1fffe000341f665c [ 70.415309][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 70.416525][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05eb400 [ 70.417796][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 70.419002][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.420210][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 70.421388][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 1339b6ed69940b00 [ 70.422586][ C1] x8 : 1339b6ed69940b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.423741][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.424909][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.426157][ C1] Call trace: [ 70.426646][ C1] invalidate_bh_lru+0x128/0x22c [ 70.427459][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.428367][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.429385][ C1] ipi_handler+0x10c/0x6fc [ 70.430064][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 70.430870][ C1] handle_domain_irq+0x144/0x1fc [ 70.431609][ C1] gic_handle_irq+0x78/0x1b8 [ 70.432387][ C1] call_on_irq_stack+0x30/0x48 [ 70.433207][ C1] do_interrupt_handler+0x6c/0x88 [ 70.434010][ C1] el0_interrupt+0x94/0x248 [ 70.434736][ C1] __el0_irq_handler_common+0x18/0x24 [ 70.435538][ C1] el0t_64_irq_handler+0x10/0x1c [ 70.436314][ C1] el0t_64_irq+0x1a0/0x1a4 [ 70.437018][ C1] irq event stamp: 222 [ 70.437656][ C1] hardirqs last enabled at (221): [] el0t_64_sync_handler+0xd8/0xe4 [ 70.439080][ C1] hardirqs last disabled at (222): [] __el0_irq_handler_common+0x18/0x24 [ 70.440640][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 70.442101][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 70.443543][ C1] ---[ end trace 2595cf549e09dbd3 ]--- [ 70.479965][ T4968] loop0: detected capacity change from 0 to 128 [ 70.524395][ T4968] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.525532][ T4968] Bad inode number on dev loop0: 2 is out of range [ 70.526519][ T4968] SysV FS: get root inode failed [ 70.527729][ T4968] oldfs: cannot read superblock [ 70.529849][ C1] ------------[ cut here ]------------ [ 70.530694][ C1] VFS: brelse: Trying to free free buffer [ 70.531692][ C1] WARNING: CPU: 1 PID: 4968 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.533105][ C1] Modules linked in: [ 70.533728][ C1] CPU: 1 PID: 4968 Comm: syz.0.21 Tainted: G W syzkaller #0 [ 70.535126][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.536739][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.537932][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 70.538757][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 70.539616][ C1] sp : ffff800008017de0 [ 70.540194][ C1] x29: ffff800008017de0 x28: ffff0000cbfa3680 x27: 1fffe000341f665c [ 70.541464][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 70.542598][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c05eb060 [ 70.543783][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 70.544956][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.546204][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 70.547417][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 1339b6ed69940b00 [ 70.548655][ C1] x8 : 1339b6ed69940b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.549867][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.551103][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.552298][ C1] Call trace: [ 70.552758][ C1] invalidate_bh_lru+0x128/0x22c [ 70.553581][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.554634][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.555725][ C1] ipi_handler+0x10c/0x6fc [ 70.556480][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 70.557373][ C1] handle_domain_irq+0x144/0x1fc [ 70.558141][ C1] gic_handle_irq+0x78/0x1b8 [ 70.558833][ C1] call_on_irq_stack+0x30/0x48 [ 70.559492][ C1] do_interrupt_handler+0x6c/0x88 [ 70.560283][ C1] el1_interrupt+0x30/0x58 [ 70.560926][ C1] el1h_64_irq_handler+0x18/0x24 [ 70.561669][ C1] el1h_64_irq+0x78/0x7c [ 70.562298][ C1] unlink_anon_vmas+0x88/0x534 [ 70.563015][ C1] free_pgtables+0x14c/0x278 [ 70.563750][ C1] exit_mmap+0x2d8/0x508 [ 70.564387][ C1] __mmput+0xec/0x3a8 [ 70.564952][ C1] mmput+0x80/0xc0 [ 70.565496][ C1] exit_mm+0x4ac/0x664 [ 70.566164][ C1] do_exit+0x4f0/0x1f50 [ 70.566772][ C1] do_group_exit+0x100/0x268 [ 70.567491][ C1] get_signal+0x73c/0x1334 [ 70.568165][ C1] do_notify_resume+0x354/0x309c [ 70.568863][ C1] el0_svc+0xf0/0x1d0 [ 70.569477][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 70.570186][ C1] el0t_64_sync+0x1a0/0x1a4 [ 70.570774][ C1] irq event stamp: 2284 [ 70.571330][ C1] hardirqs last enabled at (2283): [] kasan_quarantine_put+0xc4/0x200 [ 70.572801][ C1] hardirqs last disabled at (2284): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.574104][ C1] softirqs last enabled at (1168): [] local_bh_enable+0x10/0x34 [ 70.575368][ C1] softirqs last disabled at (1166): [] local_bh_disable+0x10/0x34 [ 70.576708][ C1] ---[ end trace 2595cf549e09dbd4 ]--- [ 70.641074][ T4970] loop0: detected capacity change from 0 to 128 [ 70.679154][ T4970] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.680301][ T4970] Bad inode number on dev loop0: 2 is out of range [ 70.681270][ T4970] SysV FS: get root inode failed [ 70.682018][ T4970] oldfs: cannot read superblock [ 70.693358][ T4944] ------------[ cut here ]------------ [ 70.694248][ T4944] VFS: brelse: Trying to free free buffer [ 70.695144][ T4944] WARNING: CPU: 1 PID: 4944 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.696431][ T4944] Modules linked in: [ 70.697061][ T4944] CPU: 1 PID: 4944 Comm: udevd Tainted: G W syzkaller #0 [ 70.698332][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.699896][ T4944] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.701243][ T4944] pc : invalidate_bh_lru+0x128/0x22c [ 70.702053][ T4944] lr : invalidate_bh_lru+0x128/0x22c [ 70.702824][ T4944] sp : ffff80001f8177c0 [ 70.703429][ T4944] x29: ffff80001f8177c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 70.704628][ T4944] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 70.705829][ T4944] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bb970 [ 70.707039][ T4944] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 70.708295][ T4944] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.709493][ T4944] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 70.710645][ T4944] x11: 0000000000000002 x10: 0000000000000000 x9 : ceb3c45c1a34d600 [ 70.711827][ T4944] x8 : ceb3c45c1a34d600 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.712980][ T4944] x5 : ffff80001f8170d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.714174][ T4944] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 70.715316][ T4944] Call trace: [ 70.715759][ T4944] invalidate_bh_lru+0x128/0x22c [ 70.716511][ T4944] smp_call_function_many_cond+0xa50/0xeac [ 70.717387][ T4944] on_each_cpu_cond_mask+0x5c/0xc4 [ 70.718110][ T4944] invalidate_bh_lrus+0x34/0x40 [ 70.718820][ T4944] blkdev_flush_mapping+0x16c/0x334 [ 70.719566][ T4944] blkdev_put+0x490/0x6ac [ 70.720187][ T4944] blkdev_close+0x74/0xb0 [ 70.720859][ T4944] __fput+0x1c0/0x7e8 [ 70.721407][ T4944] ____fput+0x20/0x30 [ 70.721979][ T4944] task_work_run+0x12c/0x1d8 [ 70.722625][ T4944] do_notify_resume+0x2450/0x309c [ 70.723397][ T4944] el0_svc+0xf0/0x1d0 [ 70.723989][ T4944] el0t_64_sync_handler+0xcc/0xe4 [ 70.724794][ T4944] el0t_64_sync+0x1a0/0x1a4 [ 70.725481][ T4944] irq event stamp: 34742 [ 70.726073][ T4944] hardirqs last enabled at (34741): [] kasan_quarantine_put+0xc4/0x200 [ 70.727557][ T4944] hardirqs last disabled at (34742): [] smp_call_function_many_cond+0xa44/0xeac [ 70.729131][ T4944] softirqs last enabled at (34520): [] local_bh_enable+0x10/0x34 [ 70.730486][ T4944] softirqs last disabled at (34518): [] local_bh_disable+0x10/0x34 [ 70.731929][ T4944] ---[ end trace 2595cf549e09dbd5 ]--- [ 70.791663][ T4974] loop0: detected capacity change from 0 to 128 [ 70.794420][ T4974] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.795592][ T4974] Bad inode number on dev loop0: 2 is out of range [ 70.796552][ T4974] SysV FS: get root inode failed [ 70.798256][ T4974] oldfs: cannot read superblock [ 70.821505][ C1] ------------[ cut here ]------------ [ 70.822373][ C1] VFS: brelse: Trying to free free buffer [ 70.823308][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.824649][ C1] Modules linked in: [ 70.825246][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 70.826625][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.828204][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.829375][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 70.830166][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 70.830951][ C1] sp : ffff800008017de0 [ 70.831535][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 70.832705][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 70.833974][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bb5d0 [ 70.835142][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 70.836383][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.837606][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 70.838719][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 70.839929][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.841176][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 70.842425][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 70.843659][ C1] Call trace: [ 70.844167][ C1] invalidate_bh_lru+0x128/0x22c [ 70.844908][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 70.845837][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 70.846849][ C1] ipi_handler+0x10c/0x6fc [ 70.847499][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 70.848335][ C1] handle_domain_irq+0x144/0x1fc [ 70.849072][ C1] gic_handle_irq+0x78/0x1b8 [ 70.849770][ C1] call_on_irq_stack+0x30/0x48 [ 70.850386][ C1] do_interrupt_handler+0x6c/0x88 [ 70.851119][ C1] el1_interrupt+0x30/0x58 [ 70.851751][ C1] el1h_64_irq_handler+0x18/0x24 [ 70.852564][ C1] el1h_64_irq+0x78/0x7c [ 70.853252][ C1] lock_release+0x4a0/0x8e0 [ 70.853950][ C1] up_write+0x98/0x640 [ 70.854530][ C1] copy_mm+0x908/0x105c [ 70.855171][ C1] copy_process+0x1500/0x34c8 [ 70.855816][ C1] kernel_clone+0x1ec/0x9e8 [ 70.856430][ C1] __arm64_sys_clone+0x14c/0x1b8 [ 70.857152][ C1] invoke_syscall+0x98/0x2b0 [ 70.857871][ C1] el0_svc_common+0x138/0x258 [ 70.858514][ C1] do_el0_svc+0x58/0x13c [ 70.859145][ C1] el0_svc+0x78/0x1d0 [ 70.859795][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 70.860497][ C1] el0t_64_sync+0x1a0/0x1a4 [ 70.861187][ C1] irq event stamp: 145514 [ 70.861798][ C1] hardirqs last enabled at (145513): [] pte_alloc_one+0x194/0x254 [ 70.863036][ C1] hardirqs last disabled at (145514): [] enter_el1_irq_or_nmi+0x10/0x1c [ 70.864453][ C1] softirqs last enabled at (145422): [] local_bh_enable+0x10/0x34 [ 70.865871][ C1] softirqs last disabled at (145420): [] local_bh_disable+0x10/0x34 [ 70.868063][ C1] ---[ end trace 2595cf549e09dbd6 ]--- [ 70.899673][ T4979] loop0: detected capacity change from 0 to 128 [ 70.979531][ T4979] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 70.980824][ T4979] Bad inode number on dev loop0: 2 is out of range [ 70.981943][ T4979] SysV FS: get root inode failed [ 70.982775][ T4979] oldfs: cannot read superblock [ 70.983532][ T4979] ------------[ cut here ]------------ [ 70.984310][ T4979] VFS: brelse: Trying to free free buffer [ 70.985205][ T4979] WARNING: CPU: 0 PID: 4979 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 70.986602][ T4979] Modules linked in: [ 70.987177][ T4979] CPU: 0 PID: 4979 Comm: syz.0.26 Tainted: G W syzkaller #0 [ 70.988519][ T4979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 70.990032][ T4979] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 70.991191][ T4979] pc : invalidate_bh_lru+0x128/0x22c [ 70.991945][ T4979] lr : invalidate_bh_lru+0x128/0x22c [ 70.992741][ T4979] sp : ffff80001f7376e0 [ 70.993324][ T4979] x29: ffff80001f7376e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 70.994518][ T4979] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 70.995592][ T4979] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2908148 [ 70.996784][ T4979] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 70.997977][ T4979] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 70.999171][ T4979] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 71.000358][ T4979] x11: 0000000000000002 x10: 0000000000000000 x9 : 05c4b5b8a883cf00 [ 71.001457][ T4979] x8 : 05c4b5b8a883cf00 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.002632][ T4979] x5 : ffff80001f736ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 71.003823][ T4979] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.005094][ T4979] Call trace: [ 71.005599][ T4979] invalidate_bh_lru+0x128/0x22c [ 71.006328][ T4979] smp_call_function_many_cond+0xa50/0xeac [ 71.007211][ T4979] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.007967][ T4979] invalidate_bh_lrus+0x34/0x40 [ 71.008656][ T4979] blkdev_flush_mapping+0x16c/0x334 [ 71.009419][ T4979] blkdev_put+0x490/0x6ac [ 71.010052][ T4979] kill_block_super+0x98/0xdc [ 71.010733][ T4979] deactivate_locked_super+0xb8/0x134 [ 71.011461][ T4979] mount_bdev+0x284/0x358 [ 71.012044][ T4979] sysv_mount+0x44/0x58 [ 71.012702][ T4979] legacy_get_tree+0xd4/0x16c [ 71.013372][ T4979] vfs_get_tree+0x90/0x274 [ 71.014029][ T4979] do_new_mount+0x228/0x810 [ 71.014714][ T4979] path_mount+0x5bc/0x1008 [ 71.015334][ T4979] __arm64_sys_mount+0x514/0x5f0 [ 71.016133][ T4979] invoke_syscall+0x98/0x2b0 [ 71.016828][ T4979] el0_svc_common+0x138/0x258 [ 71.017539][ T4979] do_el0_svc+0x58/0x13c [ 71.018171][ T4979] el0_svc+0x78/0x1d0 [ 71.018809][ T4979] el0t_64_sync_handler+0xcc/0xe4 [ 71.019529][ T4979] el0t_64_sync+0x1a0/0x1a4 [ 71.020252][ T4979] irq event stamp: 1084 [ 71.020920][ T4979] hardirqs last enabled at (1083): [] kasan_quarantine_put+0xc4/0x200 [ 71.022365][ T4979] hardirqs last disabled at (1084): [] smp_call_function_many_cond+0xa44/0xeac [ 71.023907][ T4979] softirqs last enabled at (866): [] local_bh_enable+0x10/0x34 [ 71.025355][ T4979] softirqs last disabled at (864): [] local_bh_disable+0x10/0x34 [ 71.026792][ T4979] ---[ end trace 2595cf549e09dbd7 ]--- [ 71.062949][ T136] device hsr_slave_0 left promiscuous mode [ 71.097507][ T136] device hsr_slave_1 left promiscuous mode [ 71.137985][ T4984] loop0: detected capacity change from 0 to 128 [ 71.140092][ T4984] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.141277][ T4984] Bad inode number on dev loop0: 2 is out of range [ 71.142291][ T4984] SysV FS: get root inode failed [ 71.143059][ T4984] oldfs: cannot read superblock [ 71.157373][ T136] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.158624][ T136] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.160788][ T136] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.161939][ C1] ------------[ cut here ]------------ [ 71.161953][ C1] VFS: brelse: Trying to free free buffer [ 71.161996][ C1] WARNING: CPU: 1 PID: 136 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 71.162015][ C1] Modules linked in: [ 71.162022][ C1] CPU: 1 PID: 136 Comm: kworker/u4:1 Tainted: G W syzkaller #0 [ 71.162028][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.162033][ C1] Workqueue: netns cleanup_net [ 71.162042][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.162050][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 71.162056][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 71.162060][ C1] sp : ffff800008017de0 [ 71.162063][ C1] x29: ffff800008017de0 x28: ffff0000c22c8000 x27: 1fffe000341f665c [ 71.162072][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 71.162080][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52bb230 [ 71.162088][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 71.162096][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 0000000000000063 [ 71.162104][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 71.162111][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b47faca912117700 [ 71.162119][ C1] x8 : b47faca912117700 x7 : ffff8000082f96a0 x6 : 0000000000000000 [ 71.162127][ C1] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff800008508fa8 [ 71.162135][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 71.162143][ C1] Call trace: [ 71.162146][ C1] invalidate_bh_lru+0x128/0x22c [ 71.162150][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 71.162157][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.162162][ C1] ipi_handler+0x10c/0x6fc [ 71.162168][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 71.162173][ C1] handle_domain_irq+0x144/0x1fc [ 71.162178][ C1] gic_handle_irq+0x78/0x1b8 [ 71.162182][ C1] call_on_irq_stack+0x30/0x48 [ 71.162187][ C1] do_interrupt_handler+0x6c/0x88 [ 71.162192][ C1] el1_interrupt+0x30/0x58 [ 71.162198][ C1] el1h_64_irq_handler+0x18/0x24 [ 71.162203][ C1] el1h_64_irq+0x78/0x7c [ 71.162206][ C1] console_unlock+0xb60/0x1208 [ 71.162212][ C1] vprintk_emit+0x150/0x22c [ 71.162217][ C1] vprintk_default+0x54/0x80 [ 71.162222][ C1] vprintk+0x200/0x2a0 [ 71.162225][ C1] _printk+0xe0/0x130 [ 71.162230][ C1] batadv_hardif_disable_interface+0x174/0xa04 [ 71.162236][ C1] batadv_softif_destroy_netlink+0x98/0x2a0 [ 71.162242][ C1] default_device_exit_batch+0x284/0x4c4 [ 71.162247][ C1] cleanup_net+0x654/0xaa4 [ 71.162251][ C1] process_one_work+0x79c/0x1138 [ 71.162257][ C1] worker_thread+0x8f4/0x1034 [ 71.162261][ C1] kthread+0x374/0x454 [ 71.162265][ C1] ret_from_fork+0x10/0x20 [ 71.162270][ C1] irq event stamp: 1847038 [ 71.162272][ C1] hardirqs last enabled at (1847037): [] console_unlock+0xb40/0x1208 [ 71.162279][ C1] hardirqs last disabled at (1847038): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.162286][ C1] softirqs last enabled at (1847030): [] clusterip_netdev_event+0x384/0x3ac [ 71.162293][ C1] softirqs last disabled at (1847028): [] clusterip_netdev_event+0x80/0x3ac [ 71.162300][ C1] ---[ end trace 2595cf549e09dbd8 ]--- [ 71.210574][ T136] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.212150][ T136] device bridge_slave_1 left promiscuous mode [ 71.213222][ T136] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.247881][ T136] device bridge_slave_0 left promiscuous mode [ 71.248983][ T136] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.268844][ T4988] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.270006][ T4988] Bad inode number on dev loop0: 2 is out of range [ 71.271091][ T4988] SysV FS: get root inode failed [ 71.271792][ T4988] oldfs: cannot read superblock [ 71.281438][ T4977] ------------[ cut here ]------------ [ 71.282261][ T4977] VFS: brelse: Trying to free free buffer [ 71.283122][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 71.284402][ T4977] Modules linked in: [ 71.284984][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 71.286207][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.287600][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.288761][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 71.289542][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 71.290345][ T4977] sp : ffff80001f7277c0 [ 71.290967][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 71.292163][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 71.293316][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000cf148148 [ 71.294530][ T4977] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 71.295774][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 71.296934][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 71.298068][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 71.299291][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.300478][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 71.301729][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.302968][ T4977] Call trace: [ 71.303471][ T4977] invalidate_bh_lru+0x128/0x22c [ 71.304211][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 71.305060][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.305847][ T4977] invalidate_bh_lrus+0x34/0x40 [ 71.306539][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 71.307352][ T4977] blkdev_put+0x490/0x6ac [ 71.308001][ T4977] blkdev_close+0x74/0xb0 [ 71.308641][ T4977] __fput+0x1c0/0x7e8 [ 71.309219][ T4977] ____fput+0x20/0x30 [ 71.309838][ T4977] task_work_run+0x12c/0x1d8 [ 71.310509][ T4977] do_notify_resume+0x2450/0x309c [ 71.311255][ T4977] el0_svc+0xf0/0x1d0 [ 71.311875][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 71.312648][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 71.313292][ T4977] irq event stamp: 16868 [ 71.313897][ T4977] hardirqs last enabled at (16867): [] kasan_quarantine_put+0xc4/0x200 [ 71.315371][ T4977] hardirqs last disabled at (16868): [] smp_call_function_many_cond+0xa44/0xeac [ 71.316949][ T4977] softirqs last enabled at (16670): [] local_bh_enable+0x10/0x34 [ 71.318374][ T4977] softirqs last disabled at (16668): [] local_bh_disable+0x10/0x34 [ 71.319662][ T4977] ---[ end trace 2595cf549e09dbd9 ]--- [ 71.362216][ T4990] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.363291][ T4990] Bad inode number on dev loop0: 2 is out of range [ 71.364296][ T4990] SysV FS: get root inode failed [ 71.364963][ T4990] oldfs: cannot read superblock [ 71.374130][ C1] ------------[ cut here ]------------ [ 71.374990][ C1] VFS: brelse: Trying to free free buffer [ 71.375857][ C1] WARNING: CPU: 1 PID: 4991 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 71.377200][ C1] Modules linked in: [ 71.377831][ C1] CPU: 1 PID: 4991 Comm: syz-executor Tainted: G W syzkaller #0 [ 71.379194][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.380761][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.382075][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 71.382876][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 71.383719][ C1] sp : ffff800008017de0 [ 71.384398][ C1] x29: ffff800008017de0 x28: ffff0000c1a8b680 x27: 1fffe000341f665c [ 71.385602][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 71.386764][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df795060 [ 71.388034][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 71.389207][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 71.390387][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 71.391577][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 382a146a3f501200 [ 71.392793][ C1] x8 : 382a146a3f501200 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.393974][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 71.395202][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 71.396413][ C1] Call trace: [ 71.396820][ C1] invalidate_bh_lru+0x128/0x22c [ 71.397538][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 71.398390][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.399406][ C1] ipi_handler+0x10c/0x6fc [ 71.400133][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 71.400892][ C1] handle_domain_irq+0x144/0x1fc [ 71.401572][ C1] gic_handle_irq+0x78/0x1b8 [ 71.402270][ C1] call_on_irq_stack+0x30/0x48 [ 71.402949][ C1] do_interrupt_handler+0x6c/0x88 [ 71.403702][ C1] el1_interrupt+0x30/0x58 [ 71.404327][ C1] el1h_64_irq_handler+0x18/0x24 [ 71.405095][ C1] el1h_64_irq+0x78/0x7c [ 71.405752][ C1] lock_page_memcg+0x120/0x22c [ 71.406429][ C1] page_add_file_rmap+0x148/0x8c4 [ 71.407154][ C1] do_set_pte+0x390/0x4dc [ 71.407807][ C1] filemap_map_pages+0x9d0/0xc54 [ 71.408659][ C1] handle_mm_fault+0x188c/0x2a28 [ 71.409468][ C1] do_page_fault+0x67c/0xab0 [ 71.410226][ C1] do_translation_fault+0xe0/0x130 [ 71.411052][ C1] do_mem_abort+0x6c/0x1ac [ 71.411768][ C1] el0_ia+0xe0/0x2b8 [ 71.412392][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 71.413200][ C1] el0t_64_sync+0x1a0/0x1a4 [ 71.413832][ C1] irq event stamp: 464 [ 71.414426][ C1] hardirqs last enabled at (463): [] lock_page_memcg+0x110/0x22c [ 71.415785][ C1] hardirqs last disabled at (464): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.417285][ C1] softirqs last enabled at (24): [] local_bh_enable+0x10/0x34 [ 71.418633][ C1] softirqs last disabled at (22): [] local_bh_disable+0x10/0x34 [ 71.420015][ C1] ---[ end trace 2595cf549e09dbda ]--- [ 71.447836][ T136] device veth1_macvtap left promiscuous mode [ 71.448823][ T136] device veth0_macvtap left promiscuous mode [ 71.449967][ T136] device veth1_vlan left promiscuous mode [ 71.450955][ T136] device veth0_vlan left promiscuous mode [ 71.468996][ T4992] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.470075][ T4992] Bad inode number on dev loop0: 2 is out of range [ 71.470967][ T4992] SysV FS: get root inode failed [ 71.471626][ T4992] oldfs: cannot read superblock [ 71.482787][ C1] ------------[ cut here ]------------ [ 71.483712][ C1] VFS: brelse: Trying to free free buffer [ 71.484627][ C1] WARNING: CPU: 1 PID: 4994 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 71.485904][ C1] Modules linked in: [ 71.486433][ C1] CPU: 1 PID: 4994 Comm: syz.0.33 Tainted: G W syzkaller #0 [ 71.487778][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.489258][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.490494][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 71.491290][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 71.492091][ C1] sp : ffff800008017de0 [ 71.492766][ C1] x29: ffff800008017de0 x28: ffff0000da008000 x27: 1fffe000341f665c [ 71.494040][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 71.495261][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df795400 [ 71.496466][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 71.497567][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 71.498750][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 71.499981][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 5593c8c4faf5d400 [ 71.501128][ C1] x8 : 5593c8c4faf5d400 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.502369][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 71.503531][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 71.504770][ C1] Call trace: [ 71.505219][ C1] invalidate_bh_lru+0x128/0x22c [ 71.505883][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 71.506740][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.507744][ C1] ipi_handler+0x10c/0x6fc [ 71.508405][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 71.509213][ C1] handle_domain_irq+0x144/0x1fc [ 71.509958][ C1] gic_handle_irq+0x78/0x1b8 [ 71.510646][ C1] call_on_irq_stack+0x30/0x48 [ 71.511344][ C1] do_interrupt_handler+0x6c/0x88 [ 71.512089][ C1] el1_interrupt+0x30/0x58 [ 71.512798][ C1] el1h_64_irq_handler+0x18/0x24 [ 71.513559][ C1] el1h_64_irq+0x78/0x7c [ 71.514142][ C1] charge_memcg+0x198/0x21c [ 71.514847][ C1] __mem_cgroup_charge+0x38/0xb0 [ 71.515559][ C1] shmem_add_to_page_cache+0x7c4/0x132c [ 71.516426][ C1] shmem_getpage_gfp+0x1274/0x1f10 [ 71.517192][ C1] shmem_write_begin+0xe0/0x29c [ 71.517896][ C1] generic_perform_write+0x208/0x488 [ 71.518699][ C1] __generic_file_write_iter+0x23c/0x454 [ 71.519505][ C1] generic_file_write_iter+0xb0/0x1b4 [ 71.520298][ C1] vfs_write+0x590/0xa60 [ 71.520964][ C1] ksys_write+0x12c/0x224 [ 71.521598][ C1] __arm64_sys_write+0x7c/0x90 [ 71.522237][ C1] invoke_syscall+0x98/0x2b0 [ 71.522873][ C1] el0_svc_common+0x138/0x258 [ 71.523540][ C1] do_el0_svc+0x58/0x13c [ 71.524153][ C1] el0_svc+0x78/0x1d0 [ 71.524736][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 71.525487][ C1] el0t_64_sync+0x1a0/0x1a4 [ 71.526089][ C1] irq event stamp: 472 [ 71.526681][ C1] hardirqs last enabled at (471): [] charge_memcg+0x190/0x21c [ 71.527944][ C1] hardirqs last disabled at (472): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.529374][ C1] softirqs last enabled at (402): [] handle_softirqs+0xa40/0xbe4 [ 71.530604][ C1] softirqs last disabled at (353): [] __irq_exit_rcu+0x240/0x43c [ 71.531888][ C1] ---[ end trace 2595cf549e09dbdb ]--- [ 71.609044][ T4994] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.610423][ T4994] Bad inode number on dev loop0: 2 is out of range [ 71.611354][ T4994] SysV FS: get root inode failed [ 71.612105][ T4994] oldfs: cannot read superblock [ 71.612829][ T4994] ------------[ cut here ]------------ [ 71.613698][ T4994] VFS: brelse: Trying to free free buffer [ 71.614672][ T4994] WARNING: CPU: 0 PID: 4994 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 71.616055][ T4994] Modules linked in: [ 71.616634][ T4994] CPU: 0 PID: 4994 Comm: syz.0.33 Tainted: G W syzkaller #0 [ 71.616919][ T136] team0 (unregistering): Port device team_slave_1 removed [ 71.617924][ T4994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.617949][ T4994] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.617959][ T4994] pc : invalidate_bh_lru+0x128/0x22c [ 71.617965][ T4994] lr : invalidate_bh_lru+0x128/0x22c [ 71.617970][ T4994] sp : ffff80001f7176e0 [ 71.617973][ T4994] x29: ffff80001f7176e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 71.617984][ T4994] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 71.617993][ T4994] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e29084e8 [ 71.618001][ T4994] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 71.618010][ T4994] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 71.618018][ T4994] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 71.618026][ T4994] x11: 0000000000000002 x10: 0000000000000000 x9 : 5593c8c4faf5d400 [ 71.618035][ T4994] x8 : 5593c8c4faf5d400 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.618043][ T4994] x5 : ffff80001f716ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 71.618051][ T4994] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.618060][ T4994] Call trace: [ 71.618063][ T4994] invalidate_bh_lru+0x128/0x22c [ 71.618068][ T4994] smp_call_function_many_cond+0xa50/0xeac [ 71.618075][ T4994] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.638615][ T4994] invalidate_bh_lrus+0x34/0x40 [ 71.639325][ T4994] blkdev_flush_mapping+0x16c/0x334 [ 71.640111][ T4994] blkdev_put+0x490/0x6ac [ 71.640719][ T4994] kill_block_super+0x98/0xdc [ 71.641428][ T4994] deactivate_locked_super+0xb8/0x134 [ 71.642178][ T4994] mount_bdev+0x284/0x358 [ 71.642813][ T4994] sysv_mount+0x44/0x58 [ 71.643474][ T4994] legacy_get_tree+0xd4/0x16c [ 71.644178][ T4994] vfs_get_tree+0x90/0x274 [ 71.644857][ T4994] do_new_mount+0x228/0x810 [ 71.645556][ T4994] path_mount+0x5bc/0x1008 [ 71.646275][ T4994] __arm64_sys_mount+0x514/0x5f0 [ 71.647039][ T4994] invoke_syscall+0x98/0x2b0 [ 71.647682][ T4994] el0_svc_common+0x138/0x258 [ 71.648366][ T4994] do_el0_svc+0x58/0x13c [ 71.648979][ T4994] el0_svc+0x78/0x1d0 [ 71.649620][ T4994] el0t_64_sync_handler+0xcc/0xe4 [ 71.650367][ T4994] el0t_64_sync+0x1a0/0x1a4 [ 71.651047][ T4994] irq event stamp: 1120 [ 71.651616][ T4994] hardirqs last enabled at (1119): [] kasan_quarantine_put+0xc4/0x200 [ 71.653063][ T4994] hardirqs last disabled at (1120): [] smp_call_function_many_cond+0xa44/0xeac [ 71.654533][ T4994] softirqs last enabled at (952): [] local_bh_enable+0x10/0x34 [ 71.655838][ T4994] softirqs last disabled at (950): [] local_bh_disable+0x10/0x34 [ 71.657216][ T4994] ---[ end trace 2595cf549e09dbdc ]--- [ 71.660779][ T136] team0 (unregistering): Port device team_slave_0 removed [ 71.664819][ T136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 71.711536][ T136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 71.810919][ T136] bond0 (unregistering): Released all slaves [ 71.879627][ T4996] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.880804][ T4996] Bad inode number on dev loop0: 2 is out of range [ 71.881777][ T4996] SysV FS: get root inode failed [ 71.882626][ T4996] oldfs: cannot read superblock [ 71.883313][ T4996] ------------[ cut here ]------------ [ 71.884090][ T4996] VFS: brelse: Trying to free free buffer [ 71.884932][ T4996] WARNING: CPU: 0 PID: 4996 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 71.886297][ T4996] Modules linked in: [ 71.886941][ T4996] CPU: 0 PID: 4996 Comm: syz.0.34 Tainted: G W syzkaller #0 [ 71.888257][ T4996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.889781][ T4996] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.890894][ T4996] pc : invalidate_bh_lru+0x128/0x22c [ 71.891682][ T4996] lr : invalidate_bh_lru+0x128/0x22c [ 71.892528][ T4996] sp : ffff80001f7176e0 [ 71.893148][ T4996] x29: ffff80001f7176e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 71.894489][ T4996] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 71.895711][ T4996] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2908888 [ 71.896987][ T4996] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 71.898303][ T4996] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 71.899486][ T4996] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 71.900683][ T4996] x11: 0000000000000002 x10: 0000000000000000 x9 : 1deff9a7fef2e900 [ 71.901910][ T4996] x8 : 1deff9a7fef2e900 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.903112][ T4996] x5 : ffff80001f716ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 71.904297][ T4996] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.905501][ T4996] Call trace: [ 71.905967][ T4996] invalidate_bh_lru+0x128/0x22c [ 71.906718][ T4996] smp_call_function_many_cond+0xa50/0xeac [ 71.907600][ T4996] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.908363][ T4996] invalidate_bh_lrus+0x34/0x40 [ 71.909093][ T4996] blkdev_flush_mapping+0x16c/0x334 [ 71.909858][ T4996] blkdev_put+0x490/0x6ac [ 71.910554][ T4996] kill_block_super+0x98/0xdc [ 71.911314][ T4996] deactivate_locked_super+0xb8/0x134 [ 71.912073][ T4996] mount_bdev+0x284/0x358 [ 71.912697][ T4996] sysv_mount+0x44/0x58 [ 71.913271][ T4996] legacy_get_tree+0xd4/0x16c [ 71.913930][ T4996] vfs_get_tree+0x90/0x274 [ 71.914661][ T4996] do_new_mount+0x228/0x810 [ 71.915286][ T4996] path_mount+0x5bc/0x1008 [ 71.916048][ T4996] __arm64_sys_mount+0x514/0x5f0 [ 71.916887][ T4996] invoke_syscall+0x98/0x2b0 [ 71.917621][ T4996] el0_svc_common+0x138/0x258 [ 71.918398][ T4996] do_el0_svc+0x58/0x13c [ 71.919067][ T4996] el0_svc+0x78/0x1d0 [ 71.919665][ T4996] el0t_64_sync_handler+0xcc/0xe4 [ 71.920403][ T4996] el0t_64_sync+0x1a0/0x1a4 [ 71.921141][ T4996] irq event stamp: 994 [ 71.921822][ T4996] hardirqs last enabled at (993): [] kasan_quarantine_put+0xc4/0x200 [ 71.923289][ T4996] hardirqs last disabled at (994): [] smp_call_function_many_cond+0xa44/0xeac [ 71.924819][ T4996] softirqs last enabled at (820): [] local_bh_enable+0x10/0x34 [ 71.926163][ T4996] softirqs last disabled at (818): [] local_bh_disable+0x10/0x34 [ 71.927630][ T4996] ---[ end trace 2595cf549e09dbdd ]--- [ 72.088499][ T4998] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.089733][ T4998] Bad inode number on dev loop0: 2 is out of range [ 72.090649][ T4998] SysV FS: get root inode failed [ 72.091416][ T4998] oldfs: cannot read superblock [ 72.092247][ T4998] ------------[ cut here ]------------ [ 72.093049][ T4998] VFS: brelse: Trying to free free buffer [ 72.093905][ T4998] WARNING: CPU: 0 PID: 4998 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.095156][ T4998] Modules linked in: [ 72.095693][ T4998] CPU: 0 PID: 4998 Comm: syz.0.35 Tainted: G W syzkaller #0 [ 72.096950][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.098476][ T4998] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.099633][ T4998] pc : invalidate_bh_lru+0x128/0x22c [ 72.100347][ T4998] lr : invalidate_bh_lru+0x128/0x22c [ 72.101212][ T4998] sp : ffff80001f7176e0 [ 72.101859][ T4998] x29: ffff80001f7176e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 72.103135][ T4998] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 72.104336][ T4998] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2908c28 [ 72.105615][ T4998] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 72.107049][ T4998] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 72.108357][ T4998] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 72.109643][ T4998] x11: 0000000000000002 x10: 0000000000000000 x9 : 49e69887dda3dc00 [ 72.110874][ T4998] x8 : 49e69887dda3dc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.112100][ T4998] x5 : ffff80001f716ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 72.113334][ T4998] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.114573][ T4998] Call trace: [ 72.115053][ T4998] invalidate_bh_lru+0x128/0x22c [ 72.115827][ T4998] smp_call_function_many_cond+0xa50/0xeac [ 72.116788][ T4998] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.117528][ T4998] invalidate_bh_lrus+0x34/0x40 [ 72.118217][ T4998] blkdev_flush_mapping+0x16c/0x334 [ 72.119007][ T4998] blkdev_put+0x490/0x6ac [ 72.119722][ T4998] kill_block_super+0x98/0xdc [ 72.120412][ T4998] deactivate_locked_super+0xb8/0x134 [ 72.121259][ T4998] mount_bdev+0x284/0x358 [ 72.122058][ T4998] sysv_mount+0x44/0x58 [ 72.122679][ T4998] legacy_get_tree+0xd4/0x16c [ 72.123400][ T4998] vfs_get_tree+0x90/0x274 [ 72.124024][ T4998] do_new_mount+0x228/0x810 [ 72.124669][ T4998] path_mount+0x5bc/0x1008 [ 72.125248][ T4998] __arm64_sys_mount+0x514/0x5f0 [ 72.126037][ T4998] invoke_syscall+0x98/0x2b0 [ 72.126740][ T4998] el0_svc_common+0x138/0x258 [ 72.127473][ T4998] do_el0_svc+0x58/0x13c [ 72.128143][ T4998] el0_svc+0x78/0x1d0 [ 72.128699][ T4998] el0t_64_sync_handler+0xcc/0xe4 [ 72.129514][ T4998] el0t_64_sync+0x1a0/0x1a4 [ 72.130159][ T4998] irq event stamp: 1066 [ 72.130762][ T4998] hardirqs last enabled at (1065): [] kasan_quarantine_put+0xc4/0x200 [ 72.132165][ T4998] hardirqs last disabled at (1066): [] smp_call_function_many_cond+0xa44/0xeac [ 72.133707][ T4998] softirqs last enabled at (896): [] local_bh_enable+0x10/0x34 [ 72.135105][ T4998] softirqs last disabled at (894): [] local_bh_disable+0x10/0x34 [ 72.136465][ T4998] ---[ end trace 2595cf549e09dbde ]--- [ 72.235469][ T5001] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.236716][ T5001] Bad inode number on dev loop0: 2 is out of range [ 72.237922][ T4126] Bluetooth: hci1: command 0x0419 tx timeout [ 72.238923][ T5001] SysV FS: get root inode failed [ 72.239666][ T5001] oldfs: cannot read superblock [ 72.246139][ T4977] ------------[ cut here ]------------ [ 72.247014][ T4977] VFS: brelse: Trying to free free buffer [ 72.247999][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.249389][ T4977] Modules linked in: [ 72.250011][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 72.251359][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.252946][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.254148][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 72.254959][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 72.255776][ T4977] sp : ffff80001f7277c0 [ 72.256387][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 72.257689][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 72.258963][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7957a0 [ 72.260272][ T4977] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 72.261494][ T4977] x17: 0000000000000000 x16: ffff800008304ad4 x15: 00000000ffffffff [ 72.262814][ T4977] x14: 0000000000000001 x13: 1ffff00003ee4e18 x12: 0000000000ff0100 [ 72.264038][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 72.265214][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.266468][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008304be4 [ 72.267632][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.268869][ T4977] Call trace: [ 72.269352][ T4977] invalidate_bh_lru+0x128/0x22c [ 72.270146][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 72.271043][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.271786][ T4977] invalidate_bh_lrus+0x34/0x40 [ 72.272510][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 72.273289][ T4977] blkdev_put+0x490/0x6ac [ 72.273979][ T4977] blkdev_close+0x74/0xb0 [ 72.274723][ T4977] __fput+0x1c0/0x7e8 [ 72.275366][ T4977] ____fput+0x20/0x30 [ 72.275968][ T4977] task_work_run+0x12c/0x1d8 [ 72.276642][ T4977] do_notify_resume+0x2450/0x309c [ 72.277422][ T4977] el0_svc+0xf0/0x1d0 [ 72.278008][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 72.278749][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 72.279516][ T4977] irq event stamp: 44604 [ 72.280155][ T4977] hardirqs last enabled at (44603): [] kasan_quarantine_put+0xc4/0x200 [ 72.281652][ T4977] hardirqs last disabled at (44604): [] smp_call_function_many_cond+0xa44/0xeac [ 72.283376][ T4977] softirqs last enabled at (44416): [] local_bh_enable+0x10/0x34 [ 72.284871][ T4977] softirqs last disabled at (44414): [] local_bh_disable+0x10/0x34 [ 72.286395][ T4977] ---[ end trace 2595cf549e09dbdf ]--- [ 72.358569][ T5003] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.359793][ T5003] Bad inode number on dev loop0: 2 is out of range [ 72.360822][ T5003] SysV FS: get root inode failed [ 72.361577][ T5003] oldfs: cannot read superblock [ 72.374999][ C1] ------------[ cut here ]------------ [ 72.375851][ C1] VFS: brelse: Trying to free free buffer [ 72.376754][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.378157][ C1] Modules linked in: [ 72.378791][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 72.380017][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.381497][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.382655][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 72.383441][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 72.384267][ C1] sp : ffff800008017de0 [ 72.384890][ C1] x29: ffff800008017de0 x28: ffff0000d6331b40 x27: 1fffe000341f665c [ 72.386079][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 72.387251][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df795b40 [ 72.388292][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 72.389488][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 72.390622][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 72.391810][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 761d280a00168800 [ 72.393098][ C1] x8 : 761d280a00168800 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.394356][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 72.395590][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.396771][ C1] Call trace: [ 72.397244][ C1] invalidate_bh_lru+0x128/0x22c [ 72.398001][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 72.398885][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.399918][ C1] ipi_handler+0x10c/0x6fc [ 72.400571][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 72.401349][ C1] handle_domain_irq+0x144/0x1fc [ 72.402087][ C1] gic_handle_irq+0x78/0x1b8 [ 72.402779][ C1] call_on_irq_stack+0x30/0x48 [ 72.403531][ C1] do_interrupt_handler+0x6c/0x88 [ 72.404308][ C1] el1_interrupt+0x30/0x58 [ 72.405017][ C1] el1h_64_irq_handler+0x18/0x24 [ 72.405730][ C1] el1h_64_irq+0x78/0x7c [ 72.406336][ C1] free_unref_page+0x158/0x1f8 [ 72.407046][ C1] __free_pages+0x17c/0x1d0 [ 72.407696][ C1] __free_slab+0x174/0x38c [ 72.408323][ C1] discard_slab+0x64/0xd8 [ 72.408930][ C1] __unfreeze_partials+0x150/0x190 [ 72.409702][ C1] put_cpu_partial+0x1a8/0x214 [ 72.410381][ C1] __slab_free+0x180/0x248 [ 72.411020][ C1] ___cache_free+0x174/0x1b8 [ 72.411700][ C1] qlink_free+0x5c/0xa0 [ 72.412329][ C1] qlist_free_all+0x40/0xa8 [ 72.412993][ C1] kasan_quarantine_reduce+0x124/0x130 [ 72.413810][ C1] __kasan_slab_alloc+0x34/0xcc [ 72.414625][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 72.415443][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 72.416317][ C1] getname_flags+0xb8/0x450 [ 72.416973][ C1] getname+0x28/0x38 [ 72.417538][ C1] do_sys_openat2+0xdc/0x3f4 [ 72.418225][ C1] __arm64_sys_openat+0x118/0x14c [ 72.418978][ C1] invoke_syscall+0x98/0x2b0 [ 72.419677][ C1] el0_svc_common+0x138/0x258 [ 72.420434][ C1] do_el0_svc+0x58/0x13c [ 72.421078][ C1] el0_svc+0x78/0x1d0 [ 72.421716][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 72.422485][ C1] el0t_64_sync+0x1a0/0x1a4 [ 72.423194][ C1] irq event stamp: 915400 [ 72.423854][ C1] hardirqs last enabled at (915399): [] free_unref_page+0x148/0x1f8 [ 72.425335][ C1] hardirqs last disabled at (915400): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.426905][ C1] softirqs last enabled at (915168): [] local_bh_enable+0x10/0x34 [ 72.428381][ C1] softirqs last disabled at (915166): [] local_bh_disable+0x10/0x34 [ 72.429828][ C1] ---[ end trace 2595cf549e09dbe0 ]--- [ 72.512706][ T5007] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.513937][ T5007] Bad inode number on dev loop0: 2 is out of range [ 72.514926][ T5007] SysV FS: get root inode failed [ 72.515659][ T5007] oldfs: cannot read superblock [ 72.523978][ T4977] ------------[ cut here ]------------ [ 72.524777][ T4977] VFS: brelse: Trying to free free buffer [ 72.525731][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.526996][ T4977] Modules linked in: [ 72.527604][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 72.528900][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.530432][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.531590][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 72.532406][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 72.533238][ T4977] sp : ffff80001f7277c0 [ 72.533836][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 72.534989][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 72.536230][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2909970 [ 72.537546][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 72.538817][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 72.540153][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 72.541492][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 72.542745][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.544005][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 72.545220][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.546484][ T4977] Call trace: [ 72.546991][ T4977] invalidate_bh_lru+0x128/0x22c [ 72.547751][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 72.548559][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.549332][ T4977] invalidate_bh_lrus+0x34/0x40 [ 72.550060][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 72.550764][ T4977] blkdev_put+0x490/0x6ac [ 72.551413][ T4977] blkdev_close+0x74/0xb0 [ 72.552040][ T4977] __fput+0x1c0/0x7e8 [ 72.552626][ T4977] ____fput+0x20/0x30 [ 72.553191][ T4977] task_work_run+0x12c/0x1d8 [ 72.553921][ T4977] do_notify_resume+0x2450/0x309c [ 72.554693][ T4977] el0_svc+0xf0/0x1d0 [ 72.555269][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 72.555948][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 72.556636][ T4977] irq event stamp: 53940 [ 72.557212][ T4977] hardirqs last enabled at (53939): [] kasan_quarantine_put+0xc4/0x200 [ 72.558630][ T4977] hardirqs last disabled at (53940): [] smp_call_function_many_cond+0xa44/0xeac [ 72.560237][ T4977] softirqs last enabled at (53738): [] local_bh_enable+0x10/0x34 [ 72.561589][ T4977] softirqs last disabled at (53736): [] local_bh_disable+0x10/0x34 [ 72.562989][ T4977] ---[ end trace 2595cf549e09dbe1 ]--- [ 72.601196][ T5009] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.602378][ T5009] Bad inode number on dev loop0: 2 is out of range [ 72.603513][ T5009] SysV FS: get root inode failed [ 72.604219][ T5009] oldfs: cannot read superblock [ 72.615268][ C1] ------------[ cut here ]------------ [ 72.616148][ C1] VFS: brelse: Trying to free free buffer [ 72.617086][ C1] WARNING: CPU: 1 PID: 5011 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.618524][ C1] Modules linked in: [ 72.619081][ C1] CPU: 1 PID: 5011 Comm: syz.0.41 Tainted: G W syzkaller #0 [ 72.620329][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.621901][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.623143][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 72.623874][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 72.624658][ C1] sp : ffff800008017de0 [ 72.625320][ C1] x29: ffff800008017de0 x28: ffff0000d3348000 x27: 1fffe000341f665c [ 72.626552][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 72.627754][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df795ee0 [ 72.628969][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 72.630152][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 72.631355][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 72.632693][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : a8bebee4fac3c400 [ 72.633966][ C1] x8 : a8bebee4fac3c400 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.635186][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 72.636414][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.637746][ C1] Call trace: [ 72.638239][ C1] invalidate_bh_lru+0x128/0x22c [ 72.638960][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 72.639802][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.640812][ C1] ipi_handler+0x10c/0x6fc [ 72.641553][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 72.642368][ C1] handle_domain_irq+0x144/0x1fc [ 72.643153][ C1] gic_handle_irq+0x78/0x1b8 [ 72.643867][ C1] call_on_irq_stack+0x30/0x48 [ 72.644608][ C1] do_interrupt_handler+0x6c/0x88 [ 72.645343][ C1] el0_interrupt+0x94/0x248 [ 72.646025][ C1] __el0_irq_handler_common+0x18/0x24 [ 72.646854][ C1] el0t_64_irq_handler+0x10/0x1c [ 72.647592][ C1] el0t_64_irq+0x1a0/0x1a4 [ 72.648230][ C1] irq event stamp: 222 [ 72.648803][ C1] hardirqs last enabled at (221): [] el0t_64_sync_handler+0xd8/0xe4 [ 72.650310][ C1] hardirqs last disabled at (222): [] __el0_irq_handler_common+0x18/0x24 [ 72.651754][ C1] softirqs last enabled at (88): [] local_bh_enable+0x10/0x34 [ 72.653101][ C1] softirqs last disabled at (86): [] local_bh_disable+0x10/0x34 [ 72.654549][ C1] ---[ end trace 2595cf549e09dbe2 ]--- [ 72.718424][ T5011] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.719749][ T5011] Bad inode number on dev loop0: 2 is out of range [ 72.720607][ T5011] SysV FS: get root inode failed [ 72.721397][ T5011] oldfs: cannot read superblock [ 72.729479][ C0] ------------[ cut here ]------------ [ 72.730302][ C0] VFS: brelse: Trying to free free buffer [ 72.731205][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.732500][ C0] Modules linked in: [ 72.733061][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.734350][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.735901][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.736995][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 72.737788][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 72.738606][ C0] sp : ffff800008007de0 [ 72.739207][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 72.740437][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 72.741654][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2909d10 [ 72.742764][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 72.743974][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 72.745161][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 72.746350][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 72.747533][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.748860][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 72.750060][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.751261][ C0] Call trace: [ 72.751790][ C0] invalidate_bh_lru+0x128/0x22c [ 72.752567][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 72.753448][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.754525][ C0] ipi_handler+0x10c/0x6fc [ 72.755176][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 72.755966][ C0] handle_domain_irq+0x144/0x1fc [ 72.756694][ C0] gic_handle_irq+0x78/0x1b8 [ 72.757354][ C0] call_on_irq_stack+0x30/0x48 [ 72.758061][ C0] do_interrupt_handler+0x6c/0x88 [ 72.758826][ C0] el1_interrupt+0x30/0x58 [ 72.759482][ C0] el1h_64_irq_handler+0x18/0x24 [ 72.760171][ C0] el1h_64_irq+0x78/0x7c [ 72.760804][ C0] lock_release+0x4a0/0x8e0 [ 72.761450][ C0] __might_fault+0xf4/0x128 [ 72.762142][ C0] ip_getsockopt+0x1120/0x1664 [ 72.762820][ C0] tcp_getsockopt+0x210/0x2eec [ 72.763490][ C0] sock_common_getsockopt+0xa8/0xc4 [ 72.764275][ C0] __sys_getsockopt+0x1b8/0x250 [ 72.765075][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 72.765794][ C0] invoke_syscall+0x98/0x2b0 [ 72.766478][ C0] el0_svc_common+0x138/0x258 [ 72.767270][ C0] do_el0_svc+0x58/0x13c [ 72.767913][ C0] el0_svc+0x78/0x1d0 [ 72.768464][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 72.769246][ C0] el0t_64_sync+0x1a0/0x1a4 [ 72.769952][ C0] irq event stamp: 184562 [ 72.770591][ C0] hardirqs last enabled at (184561): [] __local_bh_enable_ip+0x1f8/0x37c [ 72.772157][ C0] hardirqs last disabled at (184562): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.773582][ C0] softirqs last enabled at (184560): [] release_sock+0x1d0/0x258 [ 72.775075][ C0] softirqs last disabled at (184558): [] release_sock+0x34/0x258 [ 72.776492][ C0] ---[ end trace 2595cf549e09dbe3 ]--- [ 72.812856][ T5013] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.814147][ T5013] Bad inode number on dev loop0: 2 is out of range [ 72.815108][ T5013] SysV FS: get root inode failed [ 72.815807][ T5013] oldfs: cannot read superblock [ 72.832547][ C1] ------------[ cut here ]------------ [ 72.833402][ C1] VFS: brelse: Trying to free free buffer [ 72.834339][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.835620][ C1] Modules linked in: [ 72.836232][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.837536][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.839104][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.840299][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 72.841080][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 72.841887][ C1] sp : ffff800008017de0 [ 72.842490][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 72.843701][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 72.844887][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df792318 [ 72.846028][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 72.847281][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 72.848591][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 72.849882][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 72.851075][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.852263][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 72.853635][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.854934][ C1] Call trace: [ 72.855483][ C1] invalidate_bh_lru+0x128/0x22c [ 72.856287][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 72.857214][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.858376][ C1] ipi_handler+0x10c/0x6fc [ 72.859018][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 72.859840][ C1] handle_domain_irq+0x144/0x1fc [ 72.860590][ C1] gic_handle_irq+0x78/0x1b8 [ 72.861278][ C1] call_on_irq_stack+0x30/0x48 [ 72.862017][ C1] do_interrupt_handler+0x6c/0x88 [ 72.862735][ C1] el1_interrupt+0x30/0x58 [ 72.863344][ C1] el1h_64_irq_handler+0x18/0x24 [ 72.864126][ C1] el1h_64_irq+0x78/0x7c [ 72.864774][ C1] qlist_free_all+0x3c/0xa8 [ 72.865449][ C1] kasan_quarantine_reduce+0x124/0x130 [ 72.866268][ C1] __kasan_slab_alloc+0x34/0xcc [ 72.867046][ C1] slab_post_alloc_hook+0x74/0x3f8 [ 72.867763][ C1] kmem_cache_alloc+0x1d8/0x3d4 [ 72.868503][ C1] getname_flags+0xb8/0x450 [ 72.869208][ C1] __arm64_sys_mkdirat+0x80/0xa8 [ 72.870041][ C1] invoke_syscall+0x98/0x2b0 [ 72.870747][ C1] el0_svc_common+0x138/0x258 [ 72.871427][ C1] do_el0_svc+0x58/0x13c [ 72.872130][ C1] el0_svc+0x78/0x1d0 [ 72.872709][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 72.873437][ C1] el0t_64_sync+0x1a0/0x1a4 [ 72.874070][ C1] irq event stamp: 188616 [ 72.874702][ C1] hardirqs last enabled at (188615): [] put_cpu_partial+0x188/0x214 [ 72.876102][ C1] hardirqs last disabled at (188616): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.877625][ C1] softirqs last enabled at (188520): [] local_bh_enable+0x10/0x34 [ 72.879041][ C1] softirqs last disabled at (188518): [] local_bh_disable+0x10/0x34 [ 72.880438][ C1] ---[ end trace 2595cf549e09dbe4 ]--- [ 72.984086][ T5018] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.985322][ T5018] Bad inode number on dev loop0: 2 is out of range [ 72.986379][ T5018] SysV FS: get root inode failed [ 72.987174][ T5018] oldfs: cannot read superblock [ 72.991855][ C0] ------------[ cut here ]------------ [ 72.992666][ C0] VFS: brelse: Trying to free free buffer [ 72.993558][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 72.994793][ C0] Modules linked in: [ 72.995451][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.996848][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.998363][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.999648][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 73.000451][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 73.001210][ C0] sp : ffff800008007de0 [ 73.001797][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 73.002960][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 73.004176][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2909ee0 [ 73.005289][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 73.006601][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.007890][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 73.009066][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 73.010351][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.011515][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.012827][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.014021][ C0] Call trace: [ 73.014496][ C0] invalidate_bh_lru+0x128/0x22c [ 73.015249][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 73.016163][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.017288][ C0] ipi_handler+0x10c/0x6fc [ 73.017940][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 73.018820][ C0] handle_domain_irq+0x144/0x1fc [ 73.019514][ C0] gic_handle_irq+0x78/0x1b8 [ 73.020230][ C0] call_on_irq_stack+0x30/0x48 [ 73.020912][ C0] do_interrupt_handler+0x6c/0x88 [ 73.021648][ C0] el1_interrupt+0x30/0x58 [ 73.022467][ C0] el1h_64_irq_handler+0x18/0x24 [ 73.023273][ C0] el1h_64_irq+0x78/0x7c [ 73.023953][ C0] seqcount_lockdep_reader_access+0x214/0x2b8 [ 73.024863][ C0] prepend_path+0xe0/0xb28 [ 73.025526][ C0] d_absolute_path+0xa0/0x148 [ 73.026294][ C0] tomoyo_realpath_from_path+0x2a0/0x510 [ 73.027197][ C0] tomoyo_path_perm+0x1e8/0x49c [ 73.028019][ C0] tomoyo_path_rmdir+0xa8/0xf4 [ 73.028758][ C0] security_path_rmdir+0xe4/0x134 [ 73.029479][ C0] do_rmdir+0x1dc/0x64c [ 73.030091][ C0] __arm64_sys_unlinkat+0xcc/0xfc [ 73.030794][ C0] invoke_syscall+0x98/0x2b0 [ 73.031540][ C0] el0_svc_common+0x138/0x258 [ 73.032279][ C0] do_el0_svc+0x58/0x13c [ 73.032981][ C0] el0_svc+0x78/0x1d0 [ 73.033552][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 73.034285][ C0] el0t_64_sync+0x1a0/0x1a4 [ 73.034969][ C0] irq event stamp: 190942 [ 73.035595][ C0] hardirqs last enabled at (190941): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 73.037196][ C0] hardirqs last disabled at (190942): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.038571][ C0] softirqs last enabled at (190790): [] local_bh_enable+0x10/0x34 [ 73.039847][ C0] softirqs last disabled at (190788): [] local_bh_disable+0x10/0x34 [ 73.041248][ C0] ---[ end trace 2595cf549e09dbe5 ]--- [ 73.095144][ T5020] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.096295][ T5020] Bad inode number on dev loop0: 2 is out of range [ 73.097574][ T5020] SysV FS: get root inode failed [ 73.098389][ T5020] oldfs: cannot read superblock [ 73.107086][ C1] ------------[ cut here ]------------ [ 73.107976][ C1] VFS: brelse: Trying to free free buffer [ 73.108790][ C1] WARNING: CPU: 1 PID: 5022 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.109995][ C1] Modules linked in: [ 73.110652][ C1] CPU: 1 PID: 5022 Comm: syz.0.46 Tainted: G W syzkaller #0 [ 73.111936][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.113448][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.114628][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 73.115481][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 73.116271][ C1] sp : ffff800008017de0 [ 73.116870][ C1] x29: ffff800008017de0 x28: ffff0000c7901b40 x27: 1fffe000341f665c [ 73.118094][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 73.119302][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7926b8 [ 73.120445][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 73.121629][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.122808][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 73.124060][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : aae2a0191dd51900 [ 73.125219][ C1] x8 : aae2a0191dd51900 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.126414][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.127616][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.128792][ C1] Call trace: [ 73.129292][ C1] invalidate_bh_lru+0x128/0x22c [ 73.130039][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.130901][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.131987][ C1] ipi_handler+0x10c/0x6fc [ 73.132664][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 73.133497][ C1] handle_domain_irq+0x144/0x1fc [ 73.134178][ C1] gic_handle_irq+0x78/0x1b8 [ 73.134838][ C1] call_on_irq_stack+0x30/0x48 [ 73.135661][ C1] do_interrupt_handler+0x6c/0x88 [ 73.136347][ C1] el0_interrupt+0x94/0x248 [ 73.136965][ C1] __el0_irq_handler_common+0x18/0x24 [ 73.137776][ C1] el0t_64_irq_handler+0x10/0x1c [ 73.138477][ C1] el0t_64_irq+0x1a0/0x1a4 [ 73.139147][ C1] irq event stamp: 238 [ 73.139662][ C1] hardirqs last enabled at (237): [] el0t_64_sync_handler+0xd8/0xe4 [ 73.141052][ C1] hardirqs last disabled at (238): [] __el0_irq_handler_common+0x18/0x24 [ 73.142810][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 73.144389][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 73.145942][ C1] ---[ end trace 2595cf549e09dbe6 ]--- [ 73.228743][ T5022] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.229898][ T5022] Bad inode number on dev loop0: 2 is out of range [ 73.230866][ T5022] SysV FS: get root inode failed [ 73.231740][ T5022] oldfs: cannot read superblock [ 73.232527][ C1] ------------[ cut here ]------------ [ 73.233339][ C1] VFS: brelse: Trying to free free buffer [ 73.234219][ C1] WARNING: CPU: 1 PID: 136 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.235480][ C1] Modules linked in: [ 73.236074][ C1] CPU: 1 PID: 136 Comm: kworker/u4:1 Tainted: G W syzkaller #0 [ 73.237324][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.238780][ C1] Workqueue: netns cleanup_net [ 73.239478][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.240634][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 73.241347][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 73.242113][ C1] sp : ffff800008017de0 [ 73.242727][ C1] x29: ffff800008017de0 x28: ffff0000c22c8000 x27: 1fffe000341f665b [ 73.243850][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 73.245027][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df792a58 [ 73.246249][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010003 [ 73.247544][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.248706][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 73.249858][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : b47faca912117700 [ 73.251058][ C1] x8 : b47faca912117700 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.252240][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.253421][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 73.254545][ C1] Call trace: [ 73.255057][ C1] invalidate_bh_lru+0x128/0x22c [ 73.255738][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.256605][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.257606][ C1] ipi_handler+0x10c/0x6fc [ 73.258205][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 73.258986][ C1] handle_domain_irq+0x144/0x1fc [ 73.259633][ C1] gic_handle_irq+0x78/0x1b8 [ 73.260310][ C1] call_on_irq_stack+0x30/0x48 [ 73.261003][ C1] do_interrupt_handler+0x6c/0x88 [ 73.261771][ C1] el1_interrupt+0x30/0x58 [ 73.262416][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.263137][ C1] el1h_64_irq+0x78/0x7c [ 73.263817][ C1] rcu_is_watching+0x70/0x134 [ 73.264496][ C1] lock_acquire+0xc4/0x618 [ 73.265126][ C1] rcu_lock_acquire+0x40/0x4c [ 73.265822][ C1] inet_twsk_purge+0x110/0x7c4 [ 73.266515][ C1] dccp_v6_exit_batch+0x20/0x2c [ 73.267191][ C1] cleanup_net+0x654/0xaa4 [ 73.267802][ C1] process_one_work+0x79c/0x1138 [ 73.268573][ C1] worker_thread+0x8f4/0x1034 [ 73.269239][ C1] kthread+0x374/0x454 [ 73.269859][ C1] ret_from_fork+0x10/0x20 [ 73.270491][ C1] irq event stamp: 2027752 [ 73.271149][ C1] hardirqs last enabled at (2027751): [] exit_to_kernel_mode+0xe0/0x168 [ 73.272565][ C1] hardirqs last disabled at (2027752): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.273968][ C1] softirqs last enabled at (2027740): [] local_bh_enable+0x10/0x34 [ 73.275375][ C1] softirqs last disabled at (2027720): [] local_bh_disable+0x10/0x34 [ 73.276885][ C1] ---[ end trace 2595cf549e09dbe7 ]--- [ 73.409999][ T5024] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.411227][ T5024] Bad inode number on dev loop0: 2 is out of range [ 73.412205][ T5024] SysV FS: get root inode failed [ 73.414519][ T5024] oldfs: cannot read superblock [ 73.426733][ T4977] ------------[ cut here ]------------ [ 73.427634][ T4977] VFS: brelse: Trying to free free buffer [ 73.428614][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.429987][ T4977] Modules linked in: [ 73.430599][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 73.431812][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.433299][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.434460][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 73.435268][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 73.436136][ T4977] sp : ffff80001f7277c0 [ 73.436733][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 73.437939][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 73.439167][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2986400 [ 73.440416][ T4977] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 73.441571][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.442688][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 73.443860][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 73.445016][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.446190][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.447433][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.448714][ T4977] Call trace: [ 73.449236][ T4977] invalidate_bh_lru+0x128/0x22c [ 73.449962][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 73.450887][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.451632][ T4977] invalidate_bh_lrus+0x34/0x40 [ 73.452349][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 73.453077][ T4977] blkdev_put+0x490/0x6ac [ 73.453684][ T4977] blkdev_close+0x74/0xb0 [ 73.454345][ T4977] __fput+0x1c0/0x7e8 [ 73.454978][ T4977] ____fput+0x20/0x30 [ 73.455877][ T4977] task_work_run+0x12c/0x1d8 [ 73.456556][ T4977] do_notify_resume+0x2450/0x309c [ 73.457233][ T4977] el0_svc+0xf0/0x1d0 [ 73.457813][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 73.458557][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 73.459216][ T4977] irq event stamp: 86720 [ 73.459838][ T4977] hardirqs last enabled at (86719): [] kasan_quarantine_put+0xc4/0x200 [ 73.461450][ T4977] hardirqs last disabled at (86720): [] smp_call_function_many_cond+0xa44/0xeac [ 73.463104][ T4977] softirqs last enabled at (86534): [] local_bh_enable+0x10/0x34 [ 73.464571][ T4977] softirqs last disabled at (86532): [] local_bh_disable+0x10/0x34 [ 73.466011][ T4977] ---[ end trace 2595cf549e09dbe8 ]--- [ 73.538553][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.539723][ T5027] Bad inode number on dev loop0: 2 is out of range [ 73.540991][ T5027] SysV FS: get root inode failed [ 73.541725][ T5027] oldfs: cannot read superblock [ 73.542587][ T5027] ------------[ cut here ]------------ [ 73.543338][ T5027] VFS: brelse: Trying to free free buffer [ 73.544224][ T5027] WARNING: CPU: 0 PID: 5027 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.545514][ T5027] Modules linked in: [ 73.546149][ T5027] CPU: 0 PID: 5027 Comm: syz.0.48 Tainted: G W syzkaller #0 [ 73.547502][ T5027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.549094][ T5027] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.550280][ T5027] pc : invalidate_bh_lru+0x128/0x22c [ 73.551074][ T5027] lr : invalidate_bh_lru+0x128/0x22c [ 73.551891][ T5027] sp : ffff80001f3176e0 [ 73.552527][ T5027] x29: ffff80001f3176e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 73.553777][ T5027] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 73.554979][ T5027] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2984148 [ 73.556280][ T5027] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 73.557553][ T5027] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.558741][ T5027] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 73.559932][ T5027] x11: 0000000000000002 x10: 0000000000000000 x9 : 307afe72750bda00 [ 73.561104][ T5027] x8 : 307afe72750bda00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.562248][ T5027] x5 : ffff80001f316ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.563461][ T5027] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.564707][ T5027] Call trace: [ 73.565230][ T5027] invalidate_bh_lru+0x128/0x22c [ 73.565929][ T5027] smp_call_function_many_cond+0xa50/0xeac [ 73.566794][ T5027] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.567583][ T5027] invalidate_bh_lrus+0x34/0x40 [ 73.568277][ T5027] blkdev_flush_mapping+0x16c/0x334 [ 73.569017][ T5027] blkdev_put+0x490/0x6ac [ 73.569662][ T5027] kill_block_super+0x98/0xdc [ 73.570364][ T5027] deactivate_locked_super+0xb8/0x134 [ 73.571211][ T5027] mount_bdev+0x284/0x358 [ 73.571811][ T5027] sysv_mount+0x44/0x58 [ 73.572483][ T5027] legacy_get_tree+0xd4/0x16c [ 73.573229][ T5027] vfs_get_tree+0x90/0x274 [ 73.573939][ T5027] do_new_mount+0x228/0x810 [ 73.574594][ T5027] path_mount+0x5bc/0x1008 [ 73.575256][ T5027] __arm64_sys_mount+0x514/0x5f0 [ 73.576074][ T5027] invoke_syscall+0x98/0x2b0 [ 73.576782][ T5027] el0_svc_common+0x138/0x258 [ 73.577476][ T5027] do_el0_svc+0x58/0x13c [ 73.578158][ T5027] el0_svc+0x78/0x1d0 [ 73.578789][ T5027] el0t_64_sync_handler+0xcc/0xe4 [ 73.579571][ T5027] el0t_64_sync+0x1a0/0x1a4 [ 73.580240][ T5027] irq event stamp: 1062 [ 73.580883][ T5027] hardirqs last enabled at (1061): [] kasan_quarantine_put+0xc4/0x200 [ 73.582383][ T5027] hardirqs last disabled at (1062): [] smp_call_function_many_cond+0xa44/0xeac [ 73.583970][ T5027] softirqs last enabled at (836): [] local_bh_enable+0x10/0x34 [ 73.585364][ T5027] softirqs last disabled at (834): [] local_bh_disable+0x10/0x34 [ 73.586704][ T5027] ---[ end trace 2595cf549e09dbe9 ]--- [ 73.728687][ T5029] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.729879][ T5029] Bad inode number on dev loop0: 2 is out of range [ 73.730961][ T5029] SysV FS: get root inode failed [ 73.731783][ T5029] oldfs: cannot read superblock [ 73.741370][ T4977] ------------[ cut here ]------------ [ 73.742298][ T4977] VFS: brelse: Trying to free free buffer [ 73.743210][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.744571][ T4977] Modules linked in: [ 73.745146][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 73.746376][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.747828][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.749011][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 73.749815][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 73.750686][ T4977] sp : ffff80001f7277c0 [ 73.751378][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 73.752603][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 73.753843][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e29844e8 [ 73.755060][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 73.756292][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.757507][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 73.758655][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 73.759781][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.761044][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.762193][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.763384][ T4977] Call trace: [ 73.763879][ T4977] invalidate_bh_lru+0x128/0x22c [ 73.764653][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 73.765681][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.766502][ T4977] invalidate_bh_lrus+0x34/0x40 [ 73.767293][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 73.768112][ T4977] blkdev_put+0x490/0x6ac [ 73.768788][ T4977] blkdev_close+0x74/0xb0 [ 73.769462][ T4977] __fput+0x1c0/0x7e8 [ 73.770082][ T4977] ____fput+0x20/0x30 [ 73.770741][ T4977] task_work_run+0x12c/0x1d8 [ 73.771461][ T4977] do_notify_resume+0x2450/0x309c [ 73.772312][ T4977] el0_svc+0xf0/0x1d0 [ 73.773016][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 73.773841][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 73.774594][ T4977] irq event stamp: 93434 [ 73.775312][ T4977] hardirqs last enabled at (93433): [] kasan_quarantine_put+0xc4/0x200 [ 73.776881][ T4977] hardirqs last disabled at (93434): [] smp_call_function_many_cond+0xa44/0xeac [ 73.778603][ T4977] softirqs last enabled at (93222): [] local_bh_enable+0x10/0x34 [ 73.779961][ T4977] softirqs last disabled at (93220): [] local_bh_disable+0x10/0x34 [ 73.781427][ T4977] ---[ end trace 2595cf549e09dbea ]--- [ 73.838634][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.839782][ T5031] Bad inode number on dev loop0: 2 is out of range [ 73.840823][ T5031] SysV FS: get root inode failed [ 73.841574][ T5031] oldfs: cannot read superblock [ 73.842308][ T5031] ------------[ cut here ]------------ [ 73.843085][ T5031] VFS: brelse: Trying to free free buffer [ 73.843911][ T5031] WARNING: CPU: 0 PID: 5031 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.845208][ T5031] Modules linked in: [ 73.845825][ T5031] CPU: 0 PID: 5031 Comm: syz.0.50 Tainted: G W syzkaller #0 [ 73.847073][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.848534][ T5031] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.849713][ T5031] pc : invalidate_bh_lru+0x128/0x22c [ 73.850488][ T5031] lr : invalidate_bh_lru+0x128/0x22c [ 73.851246][ T5031] sp : ffff80001f8876e0 [ 73.851999][ T5031] x29: ffff80001f8876e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 73.853247][ T5031] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 73.854603][ T5031] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2984888 [ 73.855852][ T5031] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 73.857173][ T5031] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 73.858479][ T5031] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 73.859780][ T5031] x11: 0000000000000002 x10: 0000000000000000 x9 : bdeb43bf13066500 [ 73.861118][ T5031] x8 : bdeb43bf13066500 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.862318][ T5031] x5 : ffff80001f886ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 73.863672][ T5031] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.864926][ T5031] Call trace: [ 73.865443][ T5031] invalidate_bh_lru+0x128/0x22c [ 73.866332][ T5031] smp_call_function_many_cond+0xa50/0xeac [ 73.867237][ T5031] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.867946][ T5031] invalidate_bh_lrus+0x34/0x40 [ 73.868636][ T5031] blkdev_flush_mapping+0x16c/0x334 [ 73.869386][ T5031] blkdev_put+0x490/0x6ac [ 73.870005][ T5031] kill_block_super+0x98/0xdc [ 73.870756][ T5031] deactivate_locked_super+0xb8/0x134 [ 73.871505][ T5031] mount_bdev+0x284/0x358 [ 73.872204][ T5031] sysv_mount+0x44/0x58 [ 73.872897][ T5031] legacy_get_tree+0xd4/0x16c [ 73.873626][ T5031] vfs_get_tree+0x90/0x274 [ 73.874288][ T5031] do_new_mount+0x228/0x810 [ 73.874928][ T5031] path_mount+0x5bc/0x1008 [ 73.875551][ T5031] __arm64_sys_mount+0x514/0x5f0 [ 73.876364][ T5031] invoke_syscall+0x98/0x2b0 [ 73.877130][ T5031] el0_svc_common+0x138/0x258 [ 73.877787][ T5031] do_el0_svc+0x58/0x13c [ 73.878352][ T5031] el0_svc+0x78/0x1d0 [ 73.878957][ T5031] el0t_64_sync_handler+0xcc/0xe4 [ 73.879774][ T5031] el0t_64_sync+0x1a0/0x1a4 [ 73.880577][ T5031] irq event stamp: 1048 [ 73.881304][ T5031] hardirqs last enabled at (1047): [] kasan_quarantine_put+0xc4/0x200 [ 73.882880][ T5031] hardirqs last disabled at (1048): [] smp_call_function_many_cond+0xa44/0xeac [ 73.884422][ T5031] softirqs last enabled at (972): [] handle_softirqs+0xa40/0xbe4 [ 73.885845][ T5031] softirqs last disabled at (923): [] __irq_exit_rcu+0x240/0x43c [ 73.887168][ T5031] ---[ end trace 2595cf549e09dbeb ]--- [ 73.986665][ T5033] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.987876][ T5033] Bad inode number on dev loop0: 2 is out of range [ 73.988948][ T5033] SysV FS: get root inode failed [ 73.989701][ T5033] oldfs: cannot read superblock [ 73.993457][ T4977] ------------[ cut here ]------------ [ 73.994338][ T4977] VFS: brelse: Trying to free free buffer [ 73.995276][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 73.996636][ T4977] Modules linked in: [ 73.997259][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 73.998475][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.999937][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.001132][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 74.001917][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 74.002737][ T4977] sp : ffff80001f7277c0 [ 74.003339][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 74.004573][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 74.005765][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6b3400 [ 74.007022][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 74.008261][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.009428][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 74.010623][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 74.011788][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.012953][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.014085][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.015243][ T4977] Call trace: [ 74.015749][ T4977] invalidate_bh_lru+0x128/0x22c [ 74.016489][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 74.017390][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.018170][ T4977] invalidate_bh_lrus+0x34/0x40 [ 74.018931][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 74.019762][ T4977] blkdev_put+0x490/0x6ac [ 74.020451][ T4977] blkdev_close+0x74/0xb0 [ 74.021259][ T4977] __fput+0x1c0/0x7e8 [ 74.021880][ T4977] ____fput+0x20/0x30 [ 74.022452][ T4977] task_work_run+0x12c/0x1d8 [ 74.023162][ T4977] do_notify_resume+0x2450/0x309c [ 74.023869][ T4977] el0_svc+0xf0/0x1d0 [ 74.024472][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 74.025289][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 74.026001][ T4977] irq event stamp: 101344 [ 74.026675][ T4977] hardirqs last enabled at (101343): [] kasan_quarantine_put+0xc4/0x200 [ 74.028099][ T4977] hardirqs last disabled at (101344): [] smp_call_function_many_cond+0xa44/0xeac [ 74.029773][ T4977] softirqs last enabled at (100794): [] local_bh_enable+0x10/0x34 [ 74.031199][ T4977] softirqs last disabled at (100792): [] local_bh_disable+0x10/0x34 [ 74.032570][ T4977] ---[ end trace 2595cf549e09dbec ]--- [ 74.066792][ T5035] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.068115][ T5035] Bad inode number on dev loop0: 2 is out of range [ 74.069100][ T5035] SysV FS: get root inode failed [ 74.069863][ T5035] oldfs: cannot read superblock [ 74.073600][ C0] ------------[ cut here ]------------ [ 74.074481][ C0] VFS: brelse: Trying to free free buffer [ 74.075471][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.076812][ C0] Modules linked in: [ 74.077438][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.078888][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.080469][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.081590][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.082305][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.083113][ C0] sp : ffff800008007de0 [ 74.083733][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 74.084977][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 74.086224][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6b37a0 [ 74.087448][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 74.088685][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.089884][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 74.091181][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 674286dffb2bba00 [ 74.092431][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.093632][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.094862][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 74.096012][ C0] Call trace: [ 74.096488][ C0] invalidate_bh_lru+0x128/0x22c [ 74.097284][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.098149][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.099236][ C0] ipi_handler+0x10c/0x6fc [ 74.099897][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.100651][ C0] handle_domain_irq+0x144/0x1fc [ 74.101403][ C0] gic_handle_irq+0x78/0x1b8 [ 74.102077][ C0] call_on_irq_stack+0x30/0x48 [ 74.102761][ C0] do_interrupt_handler+0x6c/0x88 [ 74.103445][ C0] el1_interrupt+0x30/0x58 [ 74.104074][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.104822][ C0] el1h_64_irq+0x78/0x7c [ 74.105470][ C0] _raw_spin_unlock_irq+0xa0/0x128 [ 74.106258][ C0] clear_inode+0x64/0x144 [ 74.106964][ C0] shmem_evict_inode+0x7ac/0x838 [ 74.107692][ C0] evict+0x3e0/0x828 [ 74.108267][ C0] iput+0x6ac/0x764 [ 74.108843][ C0] do_unlinkat+0x36c/0x618 [ 74.109505][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 74.110261][ C0] invoke_syscall+0x98/0x2b0 [ 74.110991][ C0] el0_svc_common+0x138/0x258 [ 74.111654][ C0] do_el0_svc+0x58/0x13c [ 74.112257][ C0] el0_svc+0x78/0x1d0 [ 74.112874][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.113579][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.114223][ C0] irq event stamp: 210718 [ 74.114858][ C0] hardirqs last enabled at (210717): [] _raw_spin_unlock_irq+0x98/0x128 [ 74.116377][ C0] hardirqs last disabled at (210718): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.117865][ C0] softirqs last enabled at (210670): [] local_bh_enable+0x10/0x34 [ 74.119233][ C0] softirqs last disabled at (210668): [] local_bh_disable+0x10/0x34 [ 74.120625][ C0] ---[ end trace 2595cf549e09dbed ]--- [ 74.202510][ T5038] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.203723][ T5038] Bad inode number on dev loop0: 2 is out of range [ 74.204700][ T5038] SysV FS: get root inode failed [ 74.205498][ T5038] oldfs: cannot read superblock [ 74.214488][ T4977] ------------[ cut here ]------------ [ 74.215362][ T4977] VFS: brelse: Trying to free free buffer [ 74.216291][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.217613][ T4977] Modules linked in: [ 74.218159][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 74.219373][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.220821][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.221986][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 74.222810][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 74.223594][ T4977] sp : ffff80001f7277c0 [ 74.224290][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 74.225463][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 74.226632][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6b3b40 [ 74.227746][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 74.228913][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.230148][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 74.231355][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 74.232678][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.233872][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.235081][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.236280][ T4977] Call trace: [ 74.236812][ T4977] invalidate_bh_lru+0x128/0x22c [ 74.237585][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 74.238429][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.239177][ T4977] invalidate_bh_lrus+0x34/0x40 [ 74.239923][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 74.240694][ T4977] blkdev_put+0x490/0x6ac [ 74.241358][ T4977] blkdev_close+0x74/0xb0 [ 74.241988][ T4977] __fput+0x1c0/0x7e8 [ 74.242568][ T4977] ____fput+0x20/0x30 [ 74.243205][ T4977] task_work_run+0x12c/0x1d8 [ 74.243887][ T4977] do_notify_resume+0x2450/0x309c [ 74.244570][ T4977] el0_svc+0xf0/0x1d0 [ 74.245170][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 74.245949][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 74.246637][ T4977] irq event stamp: 110130 [ 74.247305][ T4977] hardirqs last enabled at (110129): [] kasan_quarantine_put+0xc4/0x200 [ 74.248779][ T4977] hardirqs last disabled at (110130): [] smp_call_function_many_cond+0xa44/0xeac [ 74.250292][ T4977] softirqs last enabled at (109940): [] local_bh_enable+0x10/0x34 [ 74.251643][ T4977] softirqs last disabled at (109938): [] local_bh_disable+0x10/0x34 [ 74.253013][ T4977] ---[ end trace 2595cf549e09dbee ]--- [ 74.291176][ T5040] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.292426][ T5040] Bad inode number on dev loop0: 2 is out of range [ 74.293489][ T5040] SysV FS: get root inode failed [ 74.294386][ T5040] oldfs: cannot read superblock [ 74.298727][ C0] ------------[ cut here ]------------ [ 74.299526][ C0] VFS: brelse: Trying to free free buffer [ 74.300430][ C0] WARNING: CPU: 0 PID: 4401 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.301692][ C0] Modules linked in: [ 74.302258][ C0] CPU: 0 PID: 4401 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.303475][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.304945][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.306048][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.306837][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.307569][ C0] sp : ffff800008007de0 [ 74.308179][ C0] x29: ffff800008007de0 x28: ffff0000c7f08000 x27: 1fffe000341f245c [ 74.309549][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 74.310858][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df6b3ee0 [ 74.312097][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 74.313334][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.314563][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 74.315805][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : b6764a020cbd3e00 [ 74.317013][ C0] x8 : b6764a020cbd3e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.318231][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.319388][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.320581][ C0] Call trace: [ 74.321048][ C0] invalidate_bh_lru+0x128/0x22c [ 74.321798][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.322704][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.323764][ C0] ipi_handler+0x10c/0x6fc [ 74.324386][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.325168][ C0] handle_domain_irq+0x144/0x1fc [ 74.325937][ C0] gic_handle_irq+0x78/0x1b8 [ 74.326668][ C0] call_on_irq_stack+0x30/0x48 [ 74.327395][ C0] do_interrupt_handler+0x6c/0x88 [ 74.328144][ C0] el1_interrupt+0x30/0x58 [ 74.328776][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.329477][ C0] el1h_64_irq+0x78/0x7c [ 74.330152][ C0] kasan_check_range+0x78/0x2a0 [ 74.330862][ C0] memset+0x58/0x88 [ 74.331426][ C0] __arm64_sys_pselect6+0x3ac/0x5d4 [ 74.332206][ C0] invoke_syscall+0x98/0x2b0 [ 74.332907][ C0] el0_svc_common+0x138/0x258 [ 74.333628][ C0] do_el0_svc+0x58/0x13c [ 74.334286][ C0] el0_svc+0x78/0x1d0 [ 74.334844][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 74.335577][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.336274][ C0] irq event stamp: 603482 [ 74.336911][ C0] hardirqs last enabled at (603481): [] el0_svc_common+0x9c/0x258 [ 74.338290][ C0] hardirqs last disabled at (603482): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.339667][ C0] softirqs last enabled at (603466): [] release_sock+0x1d0/0x258 [ 74.341227][ C0] softirqs last disabled at (603464): [] release_sock+0x34/0x258 [ 74.342612][ C0] ---[ end trace 2595cf549e09dbef ]--- [ 74.409159][ T5042] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.410307][ T5042] Bad inode number on dev loop0: 2 is out of range [ 74.411234][ T5042] SysV FS: get root inode failed [ 74.412117][ T5042] oldfs: cannot read superblock [ 74.419594][ T4977] ------------[ cut here ]------------ [ 74.420429][ T4977] VFS: brelse: Trying to free free buffer [ 74.421334][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.422717][ T4977] Modules linked in: [ 74.423385][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 74.424849][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.426513][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.427668][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 74.428590][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 74.429424][ T4977] sp : ffff80001f7277c0 [ 74.430050][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 74.431356][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 74.432667][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df79d230 [ 74.433912][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 74.435264][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.436616][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 74.437914][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 74.439130][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.440459][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.441796][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.443051][ T4977] Call trace: [ 74.443578][ T4977] invalidate_bh_lru+0x128/0x22c [ 74.444301][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 74.445144][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.445894][ T4977] invalidate_bh_lrus+0x34/0x40 [ 74.446603][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 74.447418][ T4977] blkdev_put+0x490/0x6ac [ 74.448066][ T4977] blkdev_close+0x74/0xb0 [ 74.448760][ T4977] __fput+0x1c0/0x7e8 [ 74.449384][ T4977] ____fput+0x20/0x30 [ 74.450017][ T4977] task_work_run+0x12c/0x1d8 [ 74.450710][ T4977] do_notify_resume+0x2450/0x309c [ 74.451427][ T4977] el0_svc+0xf0/0x1d0 [ 74.451992][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 74.452693][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 74.453342][ T4977] irq event stamp: 117064 [ 74.454003][ T4977] hardirqs last enabled at (117063): [] kasan_quarantine_put+0xc4/0x200 [ 74.455594][ T4977] hardirqs last disabled at (117064): [] smp_call_function_many_cond+0xa44/0xeac [ 74.457134][ T4977] softirqs last enabled at (116854): [] local_bh_enable+0x10/0x34 [ 74.458637][ T4977] softirqs last disabled at (116852): [] local_bh_disable+0x10/0x34 [ 74.460063][ T4977] ---[ end trace 2595cf549e09dbf0 ]--- [ 74.548469][ T5044] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.549675][ T5044] Bad inode number on dev loop0: 2 is out of range [ 74.550731][ T5044] SysV FS: get root inode failed [ 74.551452][ T5044] oldfs: cannot read superblock [ 74.560353][ C0] ------------[ cut here ]------------ [ 74.561284][ C0] VFS: brelse: Trying to free free buffer [ 74.562206][ C0] WARNING: CPU: 0 PID: 5045 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.563532][ C0] Modules linked in: [ 74.564132][ C0] CPU: 0 PID: 5045 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.565548][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.567115][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.568375][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 74.569221][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 74.570115][ C0] sp : ffff800008007de0 [ 74.570780][ C0] x29: ffff800008007de0 x28: ffff0000ee5bb680 x27: 1fffe000341f245b [ 74.572090][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 74.573273][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df79d5d0 [ 74.574583][ C0] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000010002 [ 74.575885][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.577139][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 74.578311][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : c6a1693b49135a00 [ 74.579580][ C0] x8 : c6a1693b49135a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.580847][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.581981][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.583190][ C0] Call trace: [ 74.583660][ C0] invalidate_bh_lru+0x128/0x22c [ 74.584425][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.585199][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.586244][ C0] ipi_handler+0x10c/0x6fc [ 74.586826][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 74.587644][ C0] handle_domain_irq+0x144/0x1fc [ 74.588396][ C0] gic_handle_irq+0x78/0x1b8 [ 74.589081][ C0] call_on_irq_stack+0x30/0x48 [ 74.589809][ C0] do_interrupt_handler+0x6c/0x88 [ 74.590591][ C0] el1_interrupt+0x30/0x58 [ 74.591222][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.591987][ C0] el1h_64_irq+0x78/0x7c [ 74.592580][ C0] __preempt_count_dec_and_test+0x48/0x80 [ 74.593377][ C0] lock_is_held_type+0x50/0x198 [ 74.594113][ C0] rcu_read_lock_sched_held+0x38/0xb4 [ 74.594948][ C0] mem_cgroup_from_task+0x50/0x120 [ 74.595743][ C0] count_memcg_event_mm+0x120/0x300 [ 74.596484][ C0] handle_mm_fault+0x19c/0x2a28 [ 74.597211][ C0] do_page_fault+0x67c/0xab0 [ 74.597883][ C0] do_mem_abort+0x6c/0x1ac [ 74.598540][ C0] el0_da+0x90/0x1ec [ 74.599139][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 74.599886][ C0] el0t_64_sync+0x1a0/0x1a4 [ 74.600595][ C0] irq event stamp: 406 [ 74.601152][ C0] hardirqs last enabled at (405): [] local_daif_restore+0x1c/0x3c [ 74.602493][ C0] hardirqs last disabled at (406): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.604036][ C0] softirqs last enabled at (24): [] local_bh_enable+0x10/0x34 [ 74.605415][ C0] softirqs last disabled at (22): [] local_bh_disable+0x10/0x34 [ 74.606788][ C0] ---[ end trace 2595cf549e09dbf1 ]--- [ 74.680534][ T5046] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.681767][ T5046] Bad inode number on dev loop0: 2 is out of range [ 74.683020][ T5046] SysV FS: get root inode failed [ 74.683867][ T5046] oldfs: cannot read superblock [ 74.689630][ T4977] ------------[ cut here ]------------ [ 74.690455][ T4977] VFS: brelse: Trying to free free buffer [ 74.691375][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.692768][ T4977] Modules linked in: [ 74.693355][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 74.694695][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.696226][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.697355][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 74.698131][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 74.698882][ T4977] sp : ffff80001f7277c0 [ 74.699517][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 74.700728][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 74.701951][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df792df8 [ 74.703121][ T4977] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 74.704308][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.705449][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 74.706626][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 74.707892][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.709208][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.710468][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.711768][ T4977] Call trace: [ 74.712288][ T4977] invalidate_bh_lru+0x128/0x22c [ 74.713089][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 74.714025][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.714847][ T4977] invalidate_bh_lrus+0x34/0x40 [ 74.715641][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 74.716433][ T4977] blkdev_put+0x490/0x6ac [ 74.717068][ T4977] blkdev_close+0x74/0xb0 [ 74.717757][ T4977] __fput+0x1c0/0x7e8 [ 74.718375][ T4977] ____fput+0x20/0x30 [ 74.719012][ T4977] task_work_run+0x12c/0x1d8 [ 74.719718][ T4977] do_notify_resume+0x2450/0x309c [ 74.720451][ T4977] el0_svc+0xf0/0x1d0 [ 74.720999][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 74.721722][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 74.722396][ T4977] irq event stamp: 123044 [ 74.723013][ T4977] hardirqs last enabled at (123043): [] kasan_quarantine_put+0xc4/0x200 [ 74.724478][ T4977] hardirqs last disabled at (123044): [] smp_call_function_many_cond+0xa44/0xeac [ 74.726040][ T4977] softirqs last enabled at (122828): [] local_bh_enable+0x10/0x34 [ 74.727431][ T4977] softirqs last disabled at (122826): [] local_bh_disable+0x10/0x34 [ 74.728859][ T4977] ---[ end trace 2595cf549e09dbf2 ]--- [ 74.800030][ T5048] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.801174][ T5048] Bad inode number on dev loop0: 2 is out of range [ 74.802157][ T5048] SysV FS: get root inode failed [ 74.802897][ T5048] oldfs: cannot read superblock [ 74.809689][ C1] ------------[ cut here ]------------ [ 74.810597][ C1] VFS: brelse: Trying to free free buffer [ 74.811574][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.812948][ C1] Modules linked in: [ 74.813470][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.814797][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.816194][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.817250][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 74.818057][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 74.818816][ C1] sp : ffff800008017de0 [ 74.819432][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665e [ 74.820640][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000003 [ 74.821848][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df78e230 [ 74.823058][ C1] x20: ffff0001a0fb32f0 x19: ffff80001145af60 x18: 0000000000010003 [ 74.824255][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.825465][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 74.826693][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 674286dffb2bba00 [ 74.827926][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.829192][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.830349][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 74.831488][ C1] Call trace: [ 74.832093][ C1] invalidate_bh_lru+0x128/0x22c [ 74.832924][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.833832][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.834946][ C1] ipi_handler+0x10c/0x6fc [ 74.835666][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 74.836512][ C1] handle_domain_irq+0x144/0x1fc [ 74.837273][ C1] gic_handle_irq+0x78/0x1b8 [ 74.837941][ C1] call_on_irq_stack+0x30/0x48 [ 74.838625][ C1] do_interrupt_handler+0x6c/0x88 [ 74.839332][ C1] el1_interrupt+0x30/0x58 [ 74.839947][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.840717][ C1] el1h_64_irq+0x78/0x7c [ 74.841442][ C1] __sanitizer_cov_trace_pc+0x0/0xac [ 74.842285][ C1] remove_vm_area+0x1ac/0x1c4 [ 74.842948][ C1] __vunmap+0x304/0x9b0 [ 74.843547][ C1] vfree+0xbc/0x154 [ 74.844143][ C1] do_ipt_get_ctl+0x118c/0x143c [ 74.844855][ C1] nf_getsockopt+0x264/0x284 [ 74.845537][ C1] ip_getsockopt+0x122c/0x1664 [ 74.846187][ C1] tcp_getsockopt+0x210/0x2eec [ 74.846876][ C1] sock_common_getsockopt+0xa8/0xc4 [ 74.847583][ C1] __sys_getsockopt+0x1b8/0x250 [ 74.848256][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 74.849008][ C1] invoke_syscall+0x98/0x2b0 [ 74.849696][ C1] el0_svc_common+0x138/0x258 [ 74.850355][ C1] do_el0_svc+0x58/0x13c [ 74.850897][ C1] el0_svc+0x78/0x1d0 [ 74.851459][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.852248][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.852905][ C1] irq event stamp: 225346 [ 74.853510][ C1] hardirqs last enabled at (225345): [] alloc_counters+0x3d4/0x7a0 [ 74.854786][ C1] hardirqs last disabled at (225346): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.856357][ C1] softirqs last enabled at (225318): [] release_sock+0x1d0/0x258 [ 74.857698][ C1] softirqs last disabled at (225316): [] release_sock+0x34/0x258 [ 74.859082][ C1] ---[ end trace 2595cf549e09dbf3 ]--- [ 74.896668][ T5050] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.898025][ T5050] Bad inode number on dev loop0: 2 is out of range [ 74.899004][ T5050] SysV FS: get root inode failed [ 74.899782][ T5050] oldfs: cannot read superblock [ 74.905972][ T4977] ------------[ cut here ]------------ [ 74.906902][ T4977] VFS: brelse: Trying to free free buffer [ 74.907860][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 74.909223][ T4977] Modules linked in: [ 74.909826][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 74.911136][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.912628][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.913799][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 74.914553][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 74.915345][ T4977] sp : ffff80001f7277c0 [ 74.915995][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 74.917157][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 74.918313][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df78a5d0 [ 74.919475][ T4977] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 74.920579][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 74.921785][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 74.923075][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 74.924342][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.925638][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 74.926854][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.928142][ T4977] Call trace: [ 74.928602][ T4977] invalidate_bh_lru+0x128/0x22c [ 74.929433][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 74.930291][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.931079][ T4977] invalidate_bh_lrus+0x34/0x40 [ 74.931790][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 74.932498][ T4977] blkdev_put+0x490/0x6ac [ 74.933180][ T4977] blkdev_close+0x74/0xb0 [ 74.933883][ T4977] __fput+0x1c0/0x7e8 [ 74.934485][ T4977] ____fput+0x20/0x30 [ 74.935061][ T4977] task_work_run+0x12c/0x1d8 [ 74.935682][ T4977] do_notify_resume+0x2450/0x309c [ 74.936386][ T4977] el0_svc+0xf0/0x1d0 [ 74.937029][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 74.937753][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 74.938415][ T4977] irq event stamp: 130016 [ 74.939063][ T4977] hardirqs last enabled at (130015): [] kasan_quarantine_put+0xc4/0x200 [ 74.940527][ T4977] hardirqs last disabled at (130016): [] smp_call_function_many_cond+0xa44/0xeac [ 74.941965][ T4977] softirqs last enabled at (129812): [] local_bh_enable+0x10/0x34 [ 74.943480][ T4977] softirqs last disabled at (129810): [] local_bh_disable+0x10/0x34 [ 74.944911][ T4977] ---[ end trace 2595cf549e09dbf4 ]--- 1970/01/01 00:01:14 executed programs: 47 [ 74.964484][ T5052] set_capacity_and_notify: 28 callbacks suppressed [ 74.964494][ T5052] loop0: detected capacity change from 0 to 128 [ 75.000842][ T5052] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.001963][ T5052] Bad inode number on dev loop0: 2 is out of range [ 75.002925][ T5052] SysV FS: get root inode failed [ 75.003662][ T5052] oldfs: cannot read superblock [ 75.014493][ T4977] ------------[ cut here ]------------ [ 75.015393][ T4977] VFS: brelse: Trying to free free buffer [ 75.016360][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.017786][ T4977] Modules linked in: [ 75.018466][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 75.019830][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.021426][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.022613][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 75.023298][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 75.024030][ T4977] sp : ffff80001f7277c0 [ 75.024650][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665c [ 75.025822][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 75.027259][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df78a970 [ 75.028535][ T4977] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000000003 [ 75.029791][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.031021][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 75.032205][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 75.033470][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.034687][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.035886][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.037080][ T4977] Call trace: [ 75.037559][ T4977] invalidate_bh_lru+0x128/0x22c [ 75.038274][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 75.039069][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.039813][ T4977] invalidate_bh_lrus+0x34/0x40 [ 75.040497][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 75.041220][ T4977] blkdev_put+0x490/0x6ac [ 75.041866][ T4977] blkdev_close+0x74/0xb0 [ 75.042464][ T4977] __fput+0x1c0/0x7e8 [ 75.043066][ T4977] ____fput+0x20/0x30 [ 75.043756][ T4977] task_work_run+0x12c/0x1d8 [ 75.044418][ T4977] do_notify_resume+0x2450/0x309c [ 75.045122][ T4977] el0_svc+0xf0/0x1d0 [ 75.045720][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 75.046432][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 75.047050][ T4977] irq event stamp: 133662 [ 75.047673][ T4977] hardirqs last enabled at (133661): [] kasan_quarantine_put+0xc4/0x200 [ 75.049135][ T4977] hardirqs last disabled at (133662): [] smp_call_function_many_cond+0xa44/0xeac [ 75.050720][ T4977] softirqs last enabled at (133456): [] local_bh_enable+0x10/0x34 [ 75.052237][ T4977] softirqs last disabled at (133454): [] local_bh_disable+0x10/0x34 [ 75.053615][ T4977] ---[ end trace 2595cf549e09dbf5 ]--- [ 75.080064][ T5055] loop0: detected capacity change from 0 to 128 [ 75.083104][ T5055] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.084231][ T5055] Bad inode number on dev loop0: 2 is out of range [ 75.085265][ T5055] SysV FS: get root inode failed [ 75.086073][ T5055] oldfs: cannot read superblock [ 75.094472][ T4977] ------------[ cut here ]------------ [ 75.095278][ T4977] VFS: brelse: Trying to free free buffer [ 75.096109][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.097469][ T4977] Modules linked in: [ 75.098096][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 75.099279][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.100651][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.101877][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 75.102696][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 75.103541][ T4977] sp : ffff80001f7277c0 [ 75.104139][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 75.105402][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 75.106655][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df78ad10 [ 75.107870][ T4977] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 75.109106][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.110299][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 75.111537][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 75.112716][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.113948][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.115169][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.116329][ T4977] Call trace: [ 75.116866][ T4977] invalidate_bh_lru+0x128/0x22c [ 75.117569][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 75.118435][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.119161][ T4977] invalidate_bh_lrus+0x34/0x40 [ 75.119854][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 75.120600][ T4977] blkdev_put+0x490/0x6ac [ 75.121268][ T4977] blkdev_close+0x74/0xb0 [ 75.121913][ T4977] __fput+0x1c0/0x7e8 [ 75.122512][ T4977] ____fput+0x20/0x30 [ 75.123114][ T4977] task_work_run+0x12c/0x1d8 [ 75.123800][ T4977] do_notify_resume+0x2450/0x309c [ 75.124529][ T4977] el0_svc+0xf0/0x1d0 [ 75.125181][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 75.125941][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 75.126649][ T4977] irq event stamp: 136820 [ 75.127278][ T4977] hardirqs last enabled at (136819): [] kasan_quarantine_put+0xc4/0x200 [ 75.128723][ T4977] hardirqs last disabled at (136820): [] smp_call_function_many_cond+0xa44/0xeac [ 75.130263][ T4977] softirqs last enabled at (136632): [] local_bh_enable+0x10/0x34 [ 75.131682][ T4977] softirqs last disabled at (136630): [] local_bh_disable+0x10/0x34 [ 75.133124][ T4977] ---[ end trace 2595cf549e09dbf6 ]--- [ 75.160479][ T5057] loop0: detected capacity change from 0 to 128 [ 75.208632][ T5057] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.209829][ T5057] Bad inode number on dev loop0: 2 is out of range [ 75.210916][ T5057] SysV FS: get root inode failed [ 75.211737][ T5057] oldfs: cannot read superblock [ 75.221373][ C1] ------------[ cut here ]------------ [ 75.222299][ C1] VFS: brelse: Trying to free free buffer [ 75.223185][ C1] WARNING: CPU: 1 PID: 5059 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.224558][ C1] Modules linked in: [ 75.225104][ C1] CPU: 1 PID: 5059 Comm: syz.0.63 Tainted: G W syzkaller #0 [ 75.226508][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.228014][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.229199][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.230022][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.230821][ C1] sp : ffff800008017de0 [ 75.231442][ C1] x29: ffff800008017de0 x28: ffff0000dac8d1c0 x27: 1fffe000341f665c [ 75.232642][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 75.233895][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df787148 [ 75.235180][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 75.236378][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.237671][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 75.238842][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 24f0969163b97700 [ 75.240049][ C1] x8 : 24f0969163b97700 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.241261][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.242386][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.243592][ C1] Call trace: [ 75.244078][ C1] invalidate_bh_lru+0x128/0x22c [ 75.244848][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.245745][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.246733][ C1] ipi_handler+0x10c/0x6fc [ 75.247342][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.248190][ C1] handle_domain_irq+0x144/0x1fc [ 75.249006][ C1] gic_handle_irq+0x78/0x1b8 [ 75.249650][ C1] call_on_irq_stack+0x30/0x48 [ 75.250399][ C1] do_interrupt_handler+0x6c/0x88 [ 75.251145][ C1] el1_interrupt+0x30/0x58 [ 75.251814][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.252598][ C1] el1h_64_irq+0x78/0x7c [ 75.253228][ C1] stack_depot_save+0x184/0x494 [ 75.253915][ C1] __kasan_kmalloc+0xcc/0xf0 [ 75.254623][ C1] __kmalloc+0x290/0x43c [ 75.255234][ C1] __arm64_sys_memfd_create+0x168/0x524 [ 75.256041][ C1] invoke_syscall+0x98/0x2b0 [ 75.256657][ C1] el0_svc_common+0x138/0x258 [ 75.257350][ C1] do_el0_svc+0x58/0x13c [ 75.257951][ C1] el0_svc+0x78/0x1d0 [ 75.258560][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.259285][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.259911][ C1] irq event stamp: 98 [ 75.260551][ C1] hardirqs last enabled at (97): [] ___slab_alloc+0xc18/0xd8c [ 75.261825][ C1] hardirqs last disabled at (98): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.263242][ C1] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 75.264608][ C1] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 75.265945][ C1] ---[ end trace 2595cf549e09dbf7 ]--- [ 75.290245][ T5059] loop0: detected capacity change from 0 to 128 [ 75.329272][ T5059] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.330364][ T5059] Bad inode number on dev loop0: 2 is out of range [ 75.331369][ T5059] SysV FS: get root inode failed [ 75.332099][ T5059] oldfs: cannot read superblock [ 75.338903][ T4977] ------------[ cut here ]------------ [ 75.339748][ T4977] VFS: brelse: Trying to free free buffer [ 75.340595][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.341891][ T4977] Modules linked in: [ 75.342478][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 75.343781][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.345268][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.346382][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 75.347193][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 75.347960][ T4977] sp : ffff80001f7277c0 [ 75.348596][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 75.349849][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 75.351087][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7874e8 [ 75.352300][ T4977] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 75.353480][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.354642][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 75.355815][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 75.357017][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.358274][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.359491][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.360702][ T4977] Call trace: [ 75.361163][ T4977] invalidate_bh_lru+0x128/0x22c [ 75.361953][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 75.362766][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.363570][ T4977] invalidate_bh_lrus+0x34/0x40 [ 75.364353][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 75.365100][ T4977] blkdev_put+0x490/0x6ac [ 75.365698][ T4977] blkdev_close+0x74/0xb0 [ 75.366346][ T4977] __fput+0x1c0/0x7e8 [ 75.366933][ T4977] ____fput+0x20/0x30 [ 75.367497][ T4977] task_work_run+0x12c/0x1d8 [ 75.368158][ T4977] do_notify_resume+0x2450/0x309c [ 75.368895][ T4977] el0_svc+0xf0/0x1d0 [ 75.369485][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 75.370177][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 75.370810][ T4977] irq event stamp: 143330 [ 75.371429][ T4977] hardirqs last enabled at (143329): [] kasan_quarantine_put+0xc4/0x200 [ 75.372954][ T4977] hardirqs last disabled at (143330): [] smp_call_function_many_cond+0xa44/0xeac [ 75.374449][ T4977] softirqs last enabled at (143136): [] local_bh_enable+0x10/0x34 [ 75.375817][ T4977] softirqs last disabled at (143134): [] local_bh_disable+0x10/0x34 [ 75.377216][ T4977] ---[ end trace 2595cf549e09dbf8 ]--- [ 75.420082][ T5061] loop0: detected capacity change from 0 to 128 [ 75.422746][ T5061] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.423951][ T5061] Bad inode number on dev loop0: 2 is out of range [ 75.425083][ T5061] SysV FS: get root inode failed [ 75.425914][ T5061] oldfs: cannot read superblock [ 75.430302][ C1] ------------[ cut here ]------------ [ 75.431175][ C1] VFS: brelse: Trying to free free buffer [ 75.432094][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.433472][ C1] Modules linked in: [ 75.434035][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.435363][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.437003][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.438263][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.439101][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.439913][ C1] sp : ffff800008017de0 [ 75.440571][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 75.441834][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 75.443076][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df787888 [ 75.444372][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 75.445583][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.446742][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 75.447983][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 674286dffb2bba00 [ 75.449175][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.450411][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.451620][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.452882][ C1] Call trace: [ 75.453366][ C1] invalidate_bh_lru+0x128/0x22c [ 75.454094][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.454969][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.456003][ C1] ipi_handler+0x10c/0x6fc [ 75.456713][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.457519][ C1] handle_domain_irq+0x144/0x1fc [ 75.458283][ C1] gic_handle_irq+0x78/0x1b8 [ 75.459043][ C1] call_on_irq_stack+0x30/0x48 [ 75.459838][ C1] do_interrupt_handler+0x6c/0x88 [ 75.460670][ C1] el1_interrupt+0x30/0x58 [ 75.461414][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.462178][ C1] el1h_64_irq+0x78/0x7c [ 75.462864][ C1] kasan_check_range+0x8/0x2a0 [ 75.463622][ C1] do_raw_spin_unlock+0x68/0x234 [ 75.464424][ C1] _raw_spin_unlock+0x94/0x11c [ 75.465234][ C1] pick_file+0x168/0x200 [ 75.466002][ C1] close_fd+0x4c/0x84 [ 75.466602][ C1] __arm64_sys_close+0x3c/0x80 [ 75.467449][ C1] invoke_syscall+0x98/0x2b0 [ 75.468206][ C1] el0_svc_common+0x138/0x258 [ 75.468958][ C1] do_el0_svc+0x58/0x13c [ 75.469576][ C1] el0_svc+0x78/0x1d0 [ 75.470178][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.470974][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.471733][ C1] irq event stamp: 240294 [ 75.472344][ C1] hardirqs last enabled at (240293): [] el0_svc_common+0x9c/0x258 [ 75.473784][ C1] hardirqs last disabled at (240294): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.475197][ C1] softirqs last enabled at (240220): [] local_bh_enable+0x10/0x34 [ 75.476635][ C1] softirqs last disabled at (240218): [] local_bh_disable+0x10/0x34 [ 75.478032][ C1] ---[ end trace 2595cf549e09dbf9 ]--- [ 75.534795][ T5063] loop0: detected capacity change from 0 to 128 [ 75.538891][ T5063] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.540085][ T5063] Bad inode number on dev loop0: 2 is out of range [ 75.541166][ T5063] SysV FS: get root inode failed [ 75.541916][ T5063] oldfs: cannot read superblock [ 75.547169][ C1] ------------[ cut here ]------------ [ 75.548078][ C1] VFS: brelse: Trying to free free buffer [ 75.549106][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.550567][ C1] Modules linked in: [ 75.551238][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.552523][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.554079][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.555277][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 75.556272][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 75.557179][ C1] sp : ffff800008017de0 [ 75.557943][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 75.559229][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 75.560520][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df787c28 [ 75.561830][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 75.563144][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.564438][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 75.565713][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 75.566966][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.568170][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.569381][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.570581][ C1] Call trace: [ 75.571044][ C1] invalidate_bh_lru+0x128/0x22c [ 75.571756][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.572639][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.573602][ C1] ipi_handler+0x10c/0x6fc [ 75.574238][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 75.575073][ C1] handle_domain_irq+0x144/0x1fc [ 75.575822][ C1] gic_handle_irq+0x78/0x1b8 [ 75.576530][ C1] call_on_irq_stack+0x30/0x48 [ 75.577258][ C1] do_interrupt_handler+0x6c/0x88 [ 75.578047][ C1] el1_interrupt+0x30/0x58 [ 75.578758][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.579470][ C1] el1h_64_irq+0x78/0x7c [ 75.580059][ C1] get_page_from_freelist+0x2210/0x2a68 [ 75.581033][ C1] __alloc_pages+0x1a0/0x470 [ 75.581778][ C1] alloc_pages+0x34c/0x5c0 [ 75.582511][ C1] __vmalloc_node_range+0x50c/0x8c8 [ 75.583357][ C1] vzalloc+0x110/0x188 [ 75.583983][ C1] alloc_counters+0x84/0x7a0 [ 75.584680][ C1] do_ip6t_get_ctl+0xb68/0x143c [ 75.585456][ C1] nf_getsockopt+0x264/0x284 [ 75.586181][ C1] ipv6_getsockopt+0x588/0x2538 [ 75.586873][ C1] tcp_getsockopt+0x210/0x2eec [ 75.587537][ C1] sock_common_getsockopt+0xa8/0xc4 [ 75.588350][ C1] __sys_getsockopt+0x1b8/0x250 [ 75.589084][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 75.589877][ C1] invoke_syscall+0x98/0x2b0 [ 75.590505][ C1] el0_svc_common+0x138/0x258 [ 75.591177][ C1] do_el0_svc+0x58/0x13c [ 75.591760][ C1] el0_svc+0x78/0x1d0 [ 75.592382][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.593096][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.593751][ C1] irq event stamp: 243740 [ 75.594368][ C1] hardirqs last enabled at (243739): [] get_page_from_freelist+0x2200/0x2a68 [ 75.595888][ C1] hardirqs last disabled at (243740): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.597352][ C1] softirqs last enabled at (243696): [] release_sock+0x1d0/0x258 [ 75.598719][ C1] softirqs last disabled at (243694): [] release_sock+0x34/0x258 [ 75.600056][ C1] ---[ end trace 2595cf549e09dbfa ]--- [ 75.620507][ T5065] loop0: detected capacity change from 0 to 128 [ 75.623311][ T5065] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.624670][ T5065] Bad inode number on dev loop0: 2 is out of range [ 75.625740][ T5065] SysV FS: get root inode failed [ 75.626413][ T5065] oldfs: cannot read superblock [ 75.631987][ C0] ------------[ cut here ]------------ [ 75.632860][ C0] VFS: brelse: Trying to free free buffer [ 75.633840][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.635256][ C0] Modules linked in: [ 75.635893][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.637324][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.638984][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.640133][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 75.640860][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 75.641590][ C0] sp : ffff800008007de0 [ 75.642192][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 75.643426][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 75.644628][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df79d970 [ 75.645857][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 75.647061][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.648247][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 75.649500][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 674286dffb2bba00 [ 75.650691][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.651971][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.653203][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.654296][ C0] Call trace: [ 75.654845][ C0] invalidate_bh_lru+0x128/0x22c [ 75.655561][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.656347][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.657394][ C0] ipi_handler+0x10c/0x6fc [ 75.658004][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 75.658796][ C0] handle_domain_irq+0x144/0x1fc [ 75.659492][ C0] gic_handle_irq+0x78/0x1b8 [ 75.660222][ C0] call_on_irq_stack+0x30/0x48 [ 75.661092][ C0] do_interrupt_handler+0x6c/0x88 [ 75.661915][ C0] el1_interrupt+0x30/0x58 [ 75.662624][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.663366][ C0] el1h_64_irq+0x78/0x7c [ 75.663981][ C0] __sanitizer_cov_trace_pc+0xc/0xac [ 75.664756][ C0] walk_stackframe+0x6c/0xa8 [ 75.665419][ C0] return_address+0xd8/0x15c [ 75.666134][ C0] preempt_count_add+0x14c/0x41c [ 75.666895][ C0] _raw_spin_lock+0x24/0x10c [ 75.667537][ C0] free_vmap_area_noflush+0x1e4/0x8a0 [ 75.668370][ C0] remove_vm_area+0x1ac/0x1c4 [ 75.669023][ C0] __vunmap+0x304/0x9b0 [ 75.669632][ C0] vfree+0xbc/0x154 [ 75.670196][ C0] do_ip6t_get_ctl+0x118c/0x143c [ 75.670926][ C0] nf_getsockopt+0x264/0x284 [ 75.671598][ C0] ipv6_getsockopt+0x588/0x2538 [ 75.672315][ C0] tcp_getsockopt+0x210/0x2eec [ 75.673015][ C0] sock_common_getsockopt+0xa8/0xc4 [ 75.673788][ C0] __sys_getsockopt+0x1b8/0x250 [ 75.674541][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 75.675285][ C0] invoke_syscall+0x98/0x2b0 [ 75.675969][ C0] el0_svc_common+0x138/0x258 [ 75.676623][ C0] do_el0_svc+0x58/0x13c [ 75.677260][ C0] el0_svc+0x78/0x1d0 [ 75.677797][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 75.678549][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.679251][ C0] irq event stamp: 246286 [ 75.679913][ C0] hardirqs last enabled at (246285): [] alloc_counters+0x3d4/0x7a0 [ 75.681353][ C0] hardirqs last disabled at (246286): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.682932][ C0] softirqs last enabled at (246230): [] local_bh_enable+0x10/0x34 [ 75.684343][ C0] softirqs last disabled at (246228): [] local_bh_disable+0x10/0x34 [ 75.685766][ C0] ---[ end trace 2595cf549e09dbfb ]--- [ 75.710104][ T5067] loop0: detected capacity change from 0 to 128 [ 75.798345][ T5067] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.799539][ T5067] Bad inode number on dev loop0: 2 is out of range [ 75.800594][ T5067] SysV FS: get root inode failed [ 75.801372][ T5067] oldfs: cannot read superblock [ 75.802208][ T5067] ------------[ cut here ]------------ [ 75.803086][ T5067] VFS: brelse: Trying to free free buffer [ 75.804110][ T5067] WARNING: CPU: 0 PID: 5067 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 75.805505][ T5067] Modules linked in: [ 75.806177][ T5067] CPU: 0 PID: 5067 Comm: syz.0.67 Tainted: G W syzkaller #0 [ 75.807529][ T5067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.809102][ T5067] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.810307][ T5067] pc : invalidate_bh_lru+0x128/0x22c [ 75.811084][ T5067] lr : invalidate_bh_lru+0x128/0x22c [ 75.811966][ T5067] sp : ffff80001f9a76e0 [ 75.812604][ T5067] x29: ffff80001f9a76e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 75.813859][ T5067] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 75.815130][ T5067] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df79dd10 [ 75.816374][ T5067] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 75.817638][ T5067] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 75.818923][ T5067] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 75.820204][ T5067] x11: 0000000000000002 x10: 0000000000000000 x9 : c3735da29aedc600 [ 75.821462][ T5067] x8 : c3735da29aedc600 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.822656][ T5067] x5 : ffff80001f9a6ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 75.823978][ T5067] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.825272][ T5067] Call trace: [ 75.825788][ T5067] invalidate_bh_lru+0x128/0x22c [ 75.826506][ T5067] smp_call_function_many_cond+0xa50/0xeac [ 75.827396][ T5067] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.828197][ T5067] invalidate_bh_lrus+0x34/0x40 [ 75.828891][ T5067] blkdev_flush_mapping+0x16c/0x334 [ 75.829655][ T5067] blkdev_put+0x490/0x6ac [ 75.830302][ T5067] kill_block_super+0x98/0xdc [ 75.830941][ T5067] deactivate_locked_super+0xb8/0x134 [ 75.831730][ T5067] mount_bdev+0x284/0x358 [ 75.832350][ T5067] sysv_mount+0x44/0x58 [ 75.832972][ T5067] legacy_get_tree+0xd4/0x16c [ 75.833650][ T5067] vfs_get_tree+0x90/0x274 [ 75.834299][ T5067] do_new_mount+0x228/0x810 [ 75.834943][ T5067] path_mount+0x5bc/0x1008 [ 75.835641][ T5067] __arm64_sys_mount+0x514/0x5f0 [ 75.836347][ T5067] invoke_syscall+0x98/0x2b0 [ 75.837017][ T5067] el0_svc_common+0x138/0x258 [ 75.837689][ T5067] do_el0_svc+0x58/0x13c [ 75.838266][ T5067] el0_svc+0x78/0x1d0 [ 75.838839][ T5067] el0t_64_sync_handler+0xcc/0xe4 [ 75.839565][ T5067] el0t_64_sync+0x1a0/0x1a4 [ 75.840210][ T5067] irq event stamp: 974 [ 75.840800][ T5067] hardirqs last enabled at (973): [] kasan_quarantine_put+0xc4/0x200 [ 75.842346][ T5067] hardirqs last disabled at (974): [] smp_call_function_many_cond+0xa44/0xeac [ 75.843798][ T5067] softirqs last enabled at (838): [] local_bh_enable+0x10/0x34 [ 75.845071][ T5067] softirqs last disabled at (836): [] local_bh_disable+0x10/0x34 [ 75.846356][ T5067] ---[ end trace 2595cf549e09dbfc ]--- [ 75.960366][ T5069] loop0: detected capacity change from 0 to 128 [ 75.983803][ T5069] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.985047][ T5069] Bad inode number on dev loop0: 2 is out of range [ 75.986281][ T5069] SysV FS: get root inode failed [ 75.987741][ T5069] oldfs: cannot read superblock [ 76.018259][ C1] ------------[ cut here ]------------ [ 76.019223][ C1] VFS: brelse: Trying to free free buffer [ 76.020085][ C1] WARNING: CPU: 1 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.021287][ C1] Modules linked in: [ 76.021832][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W syzkaller #0 [ 76.023161][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.024650][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.025826][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.026656][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.027441][ C1] sp : ffff800008017de0 [ 76.028123][ C1] x29: ffff800008017de0 x28: ffff0000c0a68000 x27: 1fffe000341f665b [ 76.029420][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 76.030626][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a1060 [ 76.031825][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010003 [ 76.033011][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.034188][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 76.035397][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 1423acec528cb300 [ 76.036630][ C1] x8 : 1423acec528cb300 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.037726][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.039132][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.040413][ C1] Call trace: [ 76.040979][ C1] invalidate_bh_lru+0x128/0x22c [ 76.041798][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.042770][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.043837][ C1] ipi_handler+0x10c/0x6fc [ 76.044636][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.045563][ C1] handle_domain_irq+0x144/0x1fc [ 76.046325][ C1] gic_handle_irq+0x78/0x1b8 [ 76.047043][ C1] call_on_irq_stack+0x30/0x48 [ 76.047790][ C1] do_interrupt_handler+0x6c/0x88 [ 76.048578][ C1] el1_interrupt+0x30/0x58 [ 76.049269][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.050045][ C1] el1h_64_irq+0x78/0x7c [ 76.050731][ C1] arch_local_irq_enable+0xc/0x18 [ 76.051543][ C1] default_idle_call+0xcc/0x40c [ 76.052333][ C1] do_idle+0x1c8/0x48c [ 76.052943][ C1] cpu_startup_entry+0x24/0x28 [ 76.053676][ C1] secondary_start_kernel+0x23c/0x28c [ 76.054490][ C1] __secondary_switched+0x94/0x98 [ 76.055256][ C1] irq event stamp: 457664 [ 76.055854][ C1] hardirqs last enabled at (457663): [] default_idle_call+0xb8/0x40c [ 76.057313][ C1] hardirqs last disabled at (457664): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.059012][ C1] softirqs last enabled at (457652): [] handle_softirqs+0xa40/0xbe4 [ 76.060577][ C1] softirqs last disabled at (457601): [] __irq_exit_rcu+0x240/0x43c [ 76.062059][ C1] ---[ end trace 2595cf549e09dbfd ]--- [ 76.069825][ T5071] loop0: detected capacity change from 0 to 128 [ 76.077870][ T5071] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.079073][ T5071] Bad inode number on dev loop0: 2 is out of range [ 76.080627][ T5071] SysV FS: get root inode failed [ 76.081433][ T5071] oldfs: cannot read superblock [ 76.082289][ T5071] ------------[ cut here ]------------ [ 76.083131][ T5071] VFS: brelse: Trying to free free buffer [ 76.084020][ T5071] WARNING: CPU: 0 PID: 5071 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.085415][ T5071] Modules linked in: [ 76.086055][ T5071] CPU: 0 PID: 5071 Comm: syz.0.69 Tainted: G W syzkaller #0 [ 76.087304][ T5071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.088716][ T5071] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.089792][ T5071] pc : invalidate_bh_lru+0x128/0x22c [ 76.090519][ T5071] lr : invalidate_bh_lru+0x128/0x22c [ 76.091399][ T5071] sp : ffff80001f9076e0 [ 76.092000][ T5071] x29: ffff80001f9076e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 76.093247][ T5071] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 76.094439][ T5071] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df799148 [ 76.095597][ T5071] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 76.096808][ T5071] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.097948][ T5071] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 76.099091][ T5071] x11: 0000000000000002 x10: 0000000000000000 x9 : 1f790f69e13bc700 [ 76.100263][ T5071] x8 : 1f790f69e13bc700 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.101447][ T5071] x5 : ffff80001f906ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.102638][ T5071] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.103790][ T5071] Call trace: [ 76.104251][ T5071] invalidate_bh_lru+0x128/0x22c [ 76.105003][ T5071] smp_call_function_many_cond+0xa50/0xeac [ 76.105844][ T5071] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.106651][ T5071] invalidate_bh_lrus+0x34/0x40 [ 76.107419][ T5071] blkdev_flush_mapping+0x16c/0x334 [ 76.108142][ T5071] blkdev_put+0x490/0x6ac [ 76.108872][ T5071] kill_block_super+0x98/0xdc [ 76.109605][ T5071] deactivate_locked_super+0xb8/0x134 [ 76.110430][ T5071] mount_bdev+0x284/0x358 [ 76.111239][ T5071] sysv_mount+0x44/0x58 [ 76.111947][ T5071] legacy_get_tree+0xd4/0x16c [ 76.112667][ T5071] vfs_get_tree+0x90/0x274 [ 76.113305][ T5071] do_new_mount+0x228/0x810 [ 76.113955][ T5071] path_mount+0x5bc/0x1008 [ 76.114559][ T5071] __arm64_sys_mount+0x514/0x5f0 [ 76.115372][ T5071] invoke_syscall+0x98/0x2b0 [ 76.116111][ T5071] el0_svc_common+0x138/0x258 [ 76.116869][ T5071] do_el0_svc+0x58/0x13c [ 76.117564][ T5071] el0_svc+0x78/0x1d0 [ 76.118116][ T5071] el0t_64_sync_handler+0xcc/0xe4 [ 76.118874][ T5071] el0t_64_sync+0x1a0/0x1a4 [ 76.119579][ T5071] irq event stamp: 1416 [ 76.120264][ T5071] hardirqs last enabled at (1415): [] kasan_quarantine_put+0xc4/0x200 [ 76.121712][ T5071] hardirqs last disabled at (1416): [] smp_call_function_many_cond+0xa44/0xeac [ 76.123213][ T5071] softirqs last enabled at (1260): [] local_bh_enable+0x10/0x34 [ 76.124633][ T5071] softirqs last disabled at (1258): [] local_bh_disable+0x10/0x34 [ 76.126036][ T5071] ---[ end trace 2595cf549e09dbfe ]--- [ 76.308763][ T5073] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.310010][ T5073] Bad inode number on dev loop0: 2 is out of range [ 76.311047][ T5073] SysV FS: get root inode failed [ 76.311934][ T5073] oldfs: cannot read superblock [ 76.320113][ C0] ------------[ cut here ]------------ [ 76.321028][ C0] VFS: brelse: Trying to free free buffer [ 76.322015][ C0] WARNING: CPU: 0 PID: 5074 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.323351][ C0] Modules linked in: [ 76.323950][ C0] CPU: 0 PID: 5074 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.325333][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.326901][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.328041][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.328796][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.329575][ C0] sp : ffff800008007de0 [ 76.330161][ C0] x29: ffff800008007de0 x28: ffff0000d53b9b40 x27: 1fffe000341f245c [ 76.331389][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 76.332606][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df7994e8 [ 76.333857][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 76.335082][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.336317][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 76.337574][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : ee7436312ef9b400 [ 76.338793][ C0] x8 : ee7436312ef9b400 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.339964][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.341205][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.342393][ C0] Call trace: [ 76.342837][ C0] invalidate_bh_lru+0x128/0x22c [ 76.343561][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.344452][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.345573][ C0] ipi_handler+0x10c/0x6fc [ 76.346324][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.347194][ C0] handle_domain_irq+0x144/0x1fc [ 76.347937][ C0] gic_handle_irq+0x78/0x1b8 [ 76.348600][ C0] call_on_irq_stack+0x30/0x48 [ 76.349338][ C0] do_interrupt_handler+0x6c/0x88 [ 76.350031][ C0] el0_interrupt+0x94/0x248 [ 76.350742][ C0] __el0_irq_handler_common+0x18/0x24 [ 76.351588][ C0] el0t_64_irq_handler+0x10/0x1c [ 76.352305][ C0] el0t_64_irq+0x1a0/0x1a4 [ 76.352913][ C0] irq event stamp: 852 [ 76.353506][ C0] hardirqs last enabled at (851): [] el0t_64_sync_handler+0xcc/0xe4 [ 76.355009][ C0] hardirqs last disabled at (852): [] __el0_irq_handler_common+0x18/0x24 [ 76.356512][ C0] softirqs last enabled at (794): [] local_bh_enable+0x10/0x34 [ 76.357969][ C0] softirqs last disabled at (792): [] local_bh_disable+0x10/0x34 [ 76.359396][ C0] ---[ end trace 2595cf549e09dbff ]--- [ 76.448466][ T5075] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.449630][ T5075] Bad inode number on dev loop0: 2 is out of range [ 76.450647][ T5075] SysV FS: get root inode failed [ 76.451332][ T5075] oldfs: cannot read superblock [ 76.452113][ T5075] ------------[ cut here ]------------ [ 76.452915][ T5075] VFS: brelse: Trying to free free buffer [ 76.453852][ T5075] WARNING: CPU: 0 PID: 5075 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.455044][ T5075] Modules linked in: [ 76.455672][ T5075] CPU: 0 PID: 5075 Comm: syz.0.71 Tainted: G W syzkaller #0 [ 76.456962][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.458508][ T5075] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.459578][ T5075] pc : invalidate_bh_lru+0x128/0x22c [ 76.460389][ T5075] lr : invalidate_bh_lru+0x128/0x22c [ 76.461168][ T5075] sp : ffff80001f9a76e0 [ 76.461745][ T5075] x29: ffff80001f9a76e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 76.462949][ T5075] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 76.464172][ T5075] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df799888 [ 76.465372][ T5075] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 76.466660][ T5075] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.467924][ T5075] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 76.469163][ T5075] x11: 0000000000000002 x10: 0000000000000000 x9 : c0dbba77819ab100 [ 76.470364][ T5075] x8 : c0dbba77819ab100 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.471619][ T5075] x5 : ffff80001f9a6ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.472837][ T5075] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.474062][ T5075] Call trace: [ 76.474524][ T5075] invalidate_bh_lru+0x128/0x22c [ 76.475187][ T5075] smp_call_function_many_cond+0xa50/0xeac [ 76.475979][ T5075] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.476639][ T5075] invalidate_bh_lrus+0x34/0x40 [ 76.477360][ T5075] blkdev_flush_mapping+0x16c/0x334 [ 76.478109][ T5075] blkdev_put+0x490/0x6ac [ 76.478717][ T5075] kill_block_super+0x98/0xdc [ 76.479431][ T5075] deactivate_locked_super+0xb8/0x134 [ 76.480237][ T5075] mount_bdev+0x284/0x358 [ 76.480867][ T5075] sysv_mount+0x44/0x58 [ 76.481468][ T5075] legacy_get_tree+0xd4/0x16c [ 76.482237][ T5075] vfs_get_tree+0x90/0x274 [ 76.482907][ T5075] do_new_mount+0x228/0x810 [ 76.483644][ T5075] path_mount+0x5bc/0x1008 [ 76.484341][ T5075] __arm64_sys_mount+0x514/0x5f0 [ 76.485081][ T5075] invoke_syscall+0x98/0x2b0 [ 76.485768][ T5075] el0_svc_common+0x138/0x258 [ 76.486483][ T5075] do_el0_svc+0x58/0x13c [ 76.487142][ T5075] el0_svc+0x78/0x1d0 [ 76.487740][ T5075] el0t_64_sync_handler+0xcc/0xe4 [ 76.488473][ T5075] el0t_64_sync+0x1a0/0x1a4 [ 76.489116][ T5075] irq event stamp: 974 [ 76.489773][ T5075] hardirqs last enabled at (973): [] kasan_quarantine_put+0xc4/0x200 [ 76.491140][ T5075] hardirqs last disabled at (974): [] smp_call_function_many_cond+0xa44/0xeac [ 76.492669][ T5075] softirqs last enabled at (828): [] local_bh_enable+0x10/0x34 [ 76.494060][ T5075] softirqs last disabled at (826): [] local_bh_disable+0x10/0x34 [ 76.495455][ T5075] ---[ end trace 2595cf549e09dc00 ]--- [ 76.618494][ T5077] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.619754][ T5077] Bad inode number on dev loop0: 2 is out of range [ 76.620752][ T5077] SysV FS: get root inode failed [ 76.621453][ T5077] oldfs: cannot read superblock [ 76.631146][ T4977] ------------[ cut here ]------------ [ 76.632021][ T4977] VFS: brelse: Trying to free free buffer [ 76.632930][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.634309][ T4977] Modules linked in: [ 76.634891][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 76.636186][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.637702][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.638869][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 76.639679][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 76.640514][ T4977] sp : ffff80001f7277c0 [ 76.641110][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 76.642309][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 76.643600][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000df799c28 [ 76.644772][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 76.646124][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.647404][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 76.648663][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 76.649894][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.651196][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.652390][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.653625][ T4977] Call trace: [ 76.654100][ T4977] invalidate_bh_lru+0x128/0x22c [ 76.654838][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 76.655732][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.656469][ T4977] invalidate_bh_lrus+0x34/0x40 [ 76.657220][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 76.658063][ T4977] blkdev_put+0x490/0x6ac [ 76.658707][ T4977] blkdev_close+0x74/0xb0 [ 76.659387][ T4977] __fput+0x1c0/0x7e8 [ 76.659968][ T4977] ____fput+0x20/0x30 [ 76.660562][ T4977] task_work_run+0x12c/0x1d8 [ 76.661208][ T4977] do_notify_resume+0x2450/0x309c [ 76.661946][ T4977] el0_svc+0xf0/0x1d0 [ 76.662574][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 76.663304][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 76.664007][ T4977] irq event stamp: 182820 [ 76.664653][ T4977] hardirqs last enabled at (182819): [] kasan_quarantine_put+0xc4/0x200 [ 76.666214][ T4977] hardirqs last disabled at (182820): [] smp_call_function_many_cond+0xa44/0xeac [ 76.667774][ T4977] softirqs last enabled at (182632): [] local_bh_enable+0x10/0x34 [ 76.669140][ T4977] softirqs last disabled at (182630): [] local_bh_disable+0x10/0x34 [ 76.670572][ T4977] ---[ end trace 2595cf549e09dc01 ]--- [ 76.722397][ T5079] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.723571][ T5079] Bad inode number on dev loop0: 2 is out of range [ 76.724562][ T5079] SysV FS: get root inode failed [ 76.725415][ T5079] oldfs: cannot read superblock [ 76.732737][ C0] ------------[ cut here ]------------ [ 76.733638][ C0] VFS: brelse: Trying to free free buffer [ 76.734638][ C0] WARNING: CPU: 0 PID: 0 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.735911][ C0] Modules linked in: [ 76.736532][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W syzkaller #0 [ 76.737838][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.739287][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.740454][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.741334][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.742152][ C0] sp : ffff800008007de0 [ 76.742824][ C0] x29: ffff800008007de0 x28: ffff8000142b3740 x27: 1fffe000341f245b [ 76.744164][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 76.745424][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb43060 [ 76.746625][ C0] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000010003 [ 76.747810][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.748915][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 76.750212][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 9b02c6fac6b61d00 [ 76.751423][ C0] x8 : 9b02c6fac6b61d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.752603][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.753757][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.754984][ C0] Call trace: [ 76.755476][ C0] invalidate_bh_lru+0x128/0x22c [ 76.756192][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.757111][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.758167][ C0] ipi_handler+0x10c/0x6fc [ 76.758773][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.759593][ C0] handle_domain_irq+0x144/0x1fc [ 76.760343][ C0] gic_handle_irq+0x78/0x1b8 [ 76.761092][ C0] call_on_irq_stack+0x30/0x48 [ 76.761750][ C0] do_interrupt_handler+0x6c/0x88 [ 76.762485][ C0] el1_interrupt+0x30/0x58 [ 76.763169][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.763990][ C0] el1h_64_irq+0x78/0x7c [ 76.764616][ C0] arch_local_irq_enable+0xc/0x18 [ 76.765385][ C0] default_idle_call+0xcc/0x40c [ 76.766118][ C0] do_idle+0x1c8/0x48c [ 76.766759][ C0] cpu_startup_entry+0x24/0x28 [ 76.767476][ C0] rest_init+0x360/0x390 [ 76.768130][ C0] arch_call_rest_init+0x14/0x20 [ 76.768912][ C0] start_kernel+0x484/0x530 [ 76.769615][ C0] __primary_switched+0xa8/0xb0 [ 76.770340][ C0] irq event stamp: 441524 [ 76.771004][ C0] hardirqs last enabled at (441523): [] default_idle_call+0xb8/0x40c [ 76.772416][ C0] hardirqs last disabled at (441524): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.773894][ C0] softirqs last enabled at (441466): [] handle_softirqs+0xa40/0xbe4 [ 76.775367][ C0] softirqs last disabled at (441455): [] __irq_exit_rcu+0x240/0x43c [ 76.776835][ C0] ---[ end trace 2595cf549e09dc02 ]--- [ 76.836393][ T5081] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.837698][ T5081] Bad inode number on dev loop0: 2 is out of range [ 76.838793][ T5081] SysV FS: get root inode failed [ 76.839618][ T5081] oldfs: cannot read superblock [ 76.846529][ C1] ------------[ cut here ]------------ [ 76.847366][ C1] VFS: brelse: Trying to free free buffer [ 76.848254][ C1] WARNING: CPU: 1 PID: 5082 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.849623][ C1] Modules linked in: [ 76.850158][ C1] CPU: 1 PID: 5082 Comm: syz.0.75 Tainted: G W syzkaller #0 [ 76.851435][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.852976][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.854204][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 76.855026][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 76.855761][ C1] sp : ffff800008017de0 [ 76.856406][ C1] x29: ffff800008017de0 x28: ffff0000d1bd1b40 x27: 1fffe000341f665c [ 76.857594][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 76.858886][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a1400 [ 76.860186][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 76.861375][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.862670][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 76.863938][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c80fa5dfd3059300 [ 76.865290][ C1] x8 : c80fa5dfd3059300 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.866655][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.867835][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.869044][ C1] Call trace: [ 76.869568][ C1] invalidate_bh_lru+0x128/0x22c [ 76.870336][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.871262][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.872316][ C1] ipi_handler+0x10c/0x6fc [ 76.872954][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 76.873777][ C1] handle_domain_irq+0x144/0x1fc [ 76.874526][ C1] gic_handle_irq+0x78/0x1b8 [ 76.875176][ C1] call_on_irq_stack+0x30/0x48 [ 76.875837][ C1] do_interrupt_handler+0x6c/0x88 [ 76.876584][ C1] el0_interrupt+0x94/0x248 [ 76.877266][ C1] __el0_irq_handler_common+0x18/0x24 [ 76.878022][ C1] el0t_64_irq_handler+0x10/0x1c [ 76.878857][ C1] el0t_64_irq+0x1a0/0x1a4 [ 76.879486][ C1] irq event stamp: 1048 [ 76.880098][ C1] hardirqs last enabled at (1047): [] el0t_64_sync_handler+0xd8/0xe4 [ 76.881649][ C1] hardirqs last disabled at (1048): [] __el0_irq_handler_common+0x18/0x24 [ 76.883211][ C1] softirqs last enabled at (972): [] local_bh_enable+0x10/0x34 [ 76.884670][ C1] softirqs last disabled at (970): [] local_bh_disable+0x10/0x34 [ 76.886129][ C1] ---[ end trace 2595cf549e09dc03 ]--- [ 76.932090][ T5083] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.933276][ T5083] Bad inode number on dev loop0: 2 is out of range [ 76.934173][ T5083] SysV FS: get root inode failed [ 76.934875][ T5083] oldfs: cannot read superblock [ 76.939013][ C0] ------------[ cut here ]------------ [ 76.939880][ C0] VFS: brelse: Trying to free free buffer [ 76.940721][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 76.942034][ C0] Modules linked in: [ 76.942618][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.944008][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.945461][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.946604][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 76.947416][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 76.948189][ C0] sp : ffff800008007de0 [ 76.948828][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 76.949945][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 76.951064][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb43400 [ 76.952249][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010003 [ 76.953342][ C0] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 76.954505][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 76.955629][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 674286dffb2bba00 [ 76.956765][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.957983][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 76.959185][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 76.960462][ C0] Call trace: [ 76.960971][ C0] invalidate_bh_lru+0x128/0x22c [ 76.961747][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.962606][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.963616][ C0] ipi_handler+0x10c/0x6fc [ 76.964294][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 76.965028][ C0] handle_domain_irq+0x144/0x1fc [ 76.965706][ C0] gic_handle_irq+0x78/0x1b8 [ 76.966424][ C0] call_on_irq_stack+0x30/0x48 [ 76.967071][ C0] do_interrupt_handler+0x6c/0x88 [ 76.967756][ C0] el1_interrupt+0x30/0x58 [ 76.968362][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.969098][ C0] el1h_64_irq+0x78/0x7c [ 76.969692][ C0] ___slab_alloc+0x2e4/0xd8c [ 76.970385][ C0] __slab_alloc+0x68/0xc0 [ 76.971013][ C0] kmem_cache_alloc+0x2a4/0x3d4 [ 76.971791][ C0] getname_flags+0xb8/0x450 [ 76.972484][ C0] user_path_at_empty+0x40/0x1a0 [ 76.973216][ C0] vfs_statx+0xf8/0x490 [ 76.973804][ C0] __arm64_sys_newfstatat+0x124/0x1bc [ 76.974551][ C0] invoke_syscall+0x98/0x2b0 [ 76.975256][ C0] el0_svc_common+0x138/0x258 [ 76.976024][ C0] do_el0_svc+0x58/0x13c [ 76.976696][ C0] el0_svc+0x78/0x1d0 [ 76.977275][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 76.978014][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.978742][ C0] irq event stamp: 266788 [ 76.979347][ C0] hardirqs last enabled at (266787): [] ___slab_alloc+0x2d4/0xd8c [ 76.980816][ C0] hardirqs last disabled at (266788): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.982290][ C0] softirqs last enabled at (266772): [] local_bh_enable+0x10/0x34 [ 76.983679][ C0] softirqs last disabled at (266770): [] local_bh_disable+0x10/0x34 [ 76.985182][ C0] ---[ end trace 2595cf549e09dc04 ]--- [ 77.061991][ T5085] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.063245][ T5085] Bad inode number on dev loop0: 2 is out of range [ 77.064257][ T5085] SysV FS: get root inode failed [ 77.064963][ T5085] oldfs: cannot read superblock [ 77.107618][ C1] ------------[ cut here ]------------ [ 77.108502][ C1] VFS: brelse: Trying to free free buffer [ 77.109493][ C1] WARNING: CPU: 1 PID: 356 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.110769][ C1] Modules linked in: [ 77.111358][ C1] CPU: 1 PID: 356 Comm: kworker/u4:3 Tainted: G W syzkaller #0 [ 77.112610][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.114141][ C1] Workqueue: bat_events batadv_nc_worker [ 77.114961][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.116134][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 77.116929][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 77.117674][ C1] sp : ffff800008017de0 [ 77.118258][ C1] x29: ffff800008017de0 x28: ffff0000c7c251c0 x27: 1fffe000341f665c [ 77.119395][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 77.120548][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a17a0 [ 77.121787][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 77.122927][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.124084][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 77.125224][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : f3f1825eb482fc00 [ 77.126455][ C1] x8 : f3f1825eb482fc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.127660][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.128876][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.129976][ C1] Call trace: [ 77.130455][ C1] invalidate_bh_lru+0x128/0x22c [ 77.131149][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.132061][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.133062][ C1] ipi_handler+0x10c/0x6fc [ 77.133687][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 77.134491][ C1] handle_domain_irq+0x144/0x1fc [ 77.135124][ C1] gic_handle_irq+0x78/0x1b8 [ 77.135802][ C1] call_on_irq_stack+0x30/0x48 [ 77.136499][ C1] do_interrupt_handler+0x6c/0x88 [ 77.137283][ C1] el1_interrupt+0x30/0x58 [ 77.137952][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.138654][ C1] el1h_64_irq+0x78/0x7c [ 77.139310][ C1] rcu_lock_release+0x8/0x38 [ 77.139935][ C1] process_one_work+0x79c/0x1138 [ 77.140649][ C1] worker_thread+0x8f4/0x1034 [ 77.141331][ C1] kthread+0x374/0x454 [ 77.141875][ C1] ret_from_fork+0x10/0x20 [ 77.142509][ C1] irq event stamp: 1545018 [ 77.143119][ C1] hardirqs last enabled at (1545017): [] _raw_spin_unlock_irq+0x98/0x128 [ 77.144642][ C1] hardirqs last disabled at (1545018): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.146100][ C1] softirqs last enabled at (1545008): [] batadv_nc_purge_paths+0x300/0x388 [ 77.147621][ C1] softirqs last disabled at (1545006): [] batadv_nc_purge_paths+0xd0/0x388 [ 77.149042][ C1] ---[ end trace 2595cf549e09dc05 ]--- [ 77.160470][ T5087] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.161656][ T5087] Bad inode number on dev loop0: 2 is out of range [ 77.162597][ T5087] SysV FS: get root inode failed [ 77.164559][ T5087] oldfs: cannot read superblock [ 77.172341][ C0] ------------[ cut here ]------------ [ 77.173148][ C0] VFS: brelse: Trying to free free buffer [ 77.174061][ C0] WARNING: CPU: 0 PID: 5088 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.175432][ C0] Modules linked in: [ 77.176011][ C0] CPU: 0 PID: 5088 Comm: syz.0.78 Tainted: G W syzkaller #0 [ 77.177469][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.179093][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.180271][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.181156][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.182053][ C0] sp : ffff800008007de0 [ 77.182645][ C0] x29: ffff800008007de0 x28: ffff0000cc399b40 x27: 1fffe000341f245c [ 77.183823][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 77.185108][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb437a0 [ 77.186311][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 77.187521][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.188778][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 77.190092][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 83c68dd64e84d300 [ 77.191167][ C0] x8 : 83c68dd64e84d300 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.192461][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.193643][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.194879][ C0] Call trace: [ 77.195431][ C0] invalidate_bh_lru+0x128/0x22c [ 77.196288][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.197279][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.198503][ C0] ipi_handler+0x10c/0x6fc [ 77.199230][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.200078][ C0] handle_domain_irq+0x144/0x1fc [ 77.200870][ C0] gic_handle_irq+0x78/0x1b8 [ 77.201571][ C0] call_on_irq_stack+0x30/0x48 [ 77.202300][ C0] do_interrupt_handler+0x6c/0x88 [ 77.203094][ C0] el1_interrupt+0x30/0x58 [ 77.203845][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.204578][ C0] el1h_64_irq+0x78/0x7c [ 77.205236][ C0] count_memcg_event_mm+0x1d0/0x300 [ 77.206249][ C0] handle_mm_fault+0x19c/0x2a28 [ 77.207028][ C0] do_page_fault+0x67c/0xab0 [ 77.207713][ C0] do_translation_fault+0xe0/0x130 [ 77.208547][ C0] do_mem_abort+0x6c/0x1ac [ 77.209261][ C0] el0_da+0x90/0x1ec [ 77.209861][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 77.210588][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.211352][ C0] irq event stamp: 1248 [ 77.212001][ C0] hardirqs last enabled at (1247): [] count_memcg_event_mm+0x1b0/0x300 [ 77.213467][ C0] hardirqs last disabled at (1248): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.214975][ C0] softirqs last enabled at (1120): [] local_bh_enable+0x10/0x34 [ 77.216365][ C0] softirqs last disabled at (1118): [] local_bh_disable+0x10/0x34 [ 77.217808][ C0] ---[ end trace 2595cf549e09dc06 ]--- [ 77.279246][ T5089] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.280518][ T5089] Bad inode number on dev loop0: 2 is out of range [ 77.281636][ T5089] SysV FS: get root inode failed [ 77.282387][ T5089] oldfs: cannot read superblock [ 77.285771][ C1] ------------[ cut here ]------------ [ 77.286611][ C1] VFS: brelse: Trying to free free buffer [ 77.287584][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.288905][ C1] Modules linked in: [ 77.289483][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 77.290814][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.292430][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.293567][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 77.294404][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 77.295135][ C1] sp : ffff800008017de0 [ 77.295777][ C1] x29: ffff800008017de0 x28: ffff0000d6331b40 x27: 1fffe000341f665b [ 77.296981][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 77.298166][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a1b40 [ 77.299394][ C1] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000010002 [ 77.300522][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.301770][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 77.303078][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 761d280a00168800 [ 77.304228][ C1] x8 : 761d280a00168800 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.305469][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.306705][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.307904][ C1] Call trace: [ 77.308417][ C1] invalidate_bh_lru+0x128/0x22c [ 77.309156][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.310074][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.311124][ C1] ipi_handler+0x10c/0x6fc [ 77.311783][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 77.312561][ C1] handle_domain_irq+0x144/0x1fc [ 77.313260][ C1] gic_handle_irq+0x78/0x1b8 [ 77.313969][ C1] call_on_irq_stack+0x30/0x48 [ 77.314721][ C1] do_interrupt_handler+0x6c/0x88 [ 77.315468][ C1] el1_interrupt+0x30/0x58 [ 77.316189][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.316905][ C1] el1h_64_irq+0x78/0x7c [ 77.317542][ C1] arch_local_irq_restore+0x8/0x10 [ 77.318414][ C1] ___might_sleep+0x48/0x4d4 [ 77.319085][ C1] __might_sleep+0x98/0x124 [ 77.319821][ C1] down_read+0x3c/0x38c [ 77.320504][ C1] kernfs_dop_revalidate+0x88/0x470 [ 77.321330][ C1] lookup_fast+0x2c8/0x590 [ 77.322008][ C1] walk_component+0x8c/0x3a8 [ 77.322697][ C1] link_path_walk+0x590/0xbe0 [ 77.323351][ C1] path_lookupat+0x90/0x3d0 [ 77.323944][ C1] filename_lookup+0x1b4/0x464 [ 77.324598][ C1] user_path_at_empty+0x5c/0x1a0 [ 77.325284][ C1] do_readlinkat+0xe0/0x3fc [ 77.326358][ C1] __arm64_sys_readlinkat+0x9c/0xb8 [ 77.327156][ C1] invoke_syscall+0x98/0x2b0 [ 77.327840][ C1] el0_svc_common+0x138/0x258 [ 77.328558][ C1] do_el0_svc+0x58/0x13c [ 77.329219][ C1] el0_svc+0x78/0x1d0 [ 77.329816][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.330566][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.331227][ C1] irq event stamp: 1034488 [ 77.331859][ C1] hardirqs last enabled at (1034487): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 77.333489][ C1] hardirqs last disabled at (1034488): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.334957][ C1] softirqs last enabled at (1034478): [] local_bh_enable+0x10/0x34 [ 77.336434][ C1] softirqs last disabled at (1034476): [] local_bh_disable+0x10/0x34 [ 77.337917][ C1] ---[ end trace 2595cf549e09dc07 ]--- [ 77.428556][ T5091] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.429771][ T5091] Bad inode number on dev loop0: 2 is out of range [ 77.430820][ T5091] SysV FS: get root inode failed [ 77.431584][ T5091] oldfs: cannot read superblock [ 77.440994][ C0] ------------[ cut here ]------------ [ 77.441883][ C0] VFS: brelse: Trying to free free buffer [ 77.442801][ C0] WARNING: CPU: 0 PID: 5093 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.444031][ C0] Modules linked in: [ 77.444589][ C0] CPU: 0 PID: 5093 Comm: syz.0.80 Tainted: G W syzkaller #0 [ 77.445870][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.447423][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.448583][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.449396][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.450175][ C0] sp : ffff800008007de0 [ 77.450778][ C0] x29: ffff800008007de0 x28: ffff0000c0b651c0 x27: 1fffe000341f245c [ 77.451981][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 77.453109][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb43b40 [ 77.454237][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 77.455429][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.456677][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 77.457879][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : cd2b559c1b5aee00 [ 77.459124][ C0] x8 : cd2b559c1b5aee00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.460364][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.461646][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.462900][ C0] Call trace: [ 77.463352][ C0] invalidate_bh_lru+0x128/0x22c [ 77.464116][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.464968][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.466022][ C0] ipi_handler+0x10c/0x6fc [ 77.466638][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.467471][ C0] handle_domain_irq+0x144/0x1fc [ 77.468199][ C0] gic_handle_irq+0x78/0x1b8 [ 77.468836][ C0] call_on_irq_stack+0x30/0x48 [ 77.469692][ C0] do_interrupt_handler+0x6c/0x88 [ 77.470593][ C0] el0_interrupt+0x94/0x248 [ 77.471324][ C0] __el0_irq_handler_common+0x18/0x24 [ 77.472234][ C0] el0t_64_irq_handler+0x10/0x1c [ 77.473049][ C0] el0t_64_irq+0x1a0/0x1a4 [ 77.473817][ C0] irq event stamp: 262 [ 77.474406][ C0] hardirqs last enabled at (261): [] el0t_64_sync_handler+0xd8/0xe4 [ 77.475851][ C0] hardirqs last disabled at (262): [] __el0_irq_handler_common+0x18/0x24 [ 77.477227][ C0] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 77.478614][ C0] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 77.479977][ C0] ---[ end trace 2595cf549e09dc08 ]--- [ 77.558646][ T5093] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.559892][ T5093] Bad inode number on dev loop0: 2 is out of range [ 77.560825][ T5093] SysV FS: get root inode failed [ 77.561697][ T5093] oldfs: cannot read superblock [ 77.567442][ T4977] ------------[ cut here ]------------ [ 77.568248][ T4977] VFS: brelse: Trying to free free buffer [ 77.569117][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.570334][ T4977] Modules linked in: [ 77.570876][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 77.572095][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.573562][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.574688][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 77.575439][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 77.576180][ T4977] sp : ffff80001f7277c0 [ 77.576735][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 77.577830][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 77.578964][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb43ee0 [ 77.580156][ T4977] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 77.581381][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.582671][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 77.583904][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 77.585075][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.586297][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.587450][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.588559][ T4977] Call trace: [ 77.589020][ T4977] invalidate_bh_lru+0x128/0x22c [ 77.589735][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 77.590597][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.591348][ T4977] invalidate_bh_lrus+0x34/0x40 [ 77.592033][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 77.592773][ T4977] blkdev_put+0x490/0x6ac [ 77.593435][ T4977] blkdev_close+0x74/0xb0 [ 77.594099][ T4977] __fput+0x1c0/0x7e8 [ 77.594692][ T4977] ____fput+0x20/0x30 [ 77.595308][ T4977] task_work_run+0x12c/0x1d8 [ 77.596025][ T4977] do_notify_resume+0x2450/0x309c [ 77.596818][ T4977] el0_svc+0xf0/0x1d0 [ 77.597400][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 77.598156][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 77.598809][ T4977] irq event stamp: 216338 [ 77.599468][ T4977] hardirqs last enabled at (216337): [] kasan_quarantine_put+0xc4/0x200 [ 77.601026][ T4977] hardirqs last disabled at (216338): [] smp_call_function_many_cond+0xa44/0xeac [ 77.602578][ T4977] softirqs last enabled at (216262): [] handle_softirqs+0xa40/0xbe4 [ 77.603882][ T4977] softirqs last disabled at (216253): [] __irq_exit_rcu+0x240/0x43c [ 77.605309][ T4977] ---[ end trace 2595cf549e09dc09 ]--- [ 77.651329][ T5095] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.652610][ T5095] Bad inode number on dev loop0: 2 is out of range [ 77.653695][ T5095] SysV FS: get root inode failed [ 77.654479][ T5095] oldfs: cannot read superblock [ 77.658699][ C0] ------------[ cut here ]------------ [ 77.659504][ C0] VFS: brelse: Trying to free free buffer [ 77.660383][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.661588][ C0] Modules linked in: [ 77.662079][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.663300][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.664629][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.665702][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 77.666468][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 77.667324][ C0] sp : ffff800008007de0 [ 77.667915][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 77.669086][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 77.670272][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f4318 [ 77.671477][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 77.672746][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.673891][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 77.675053][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 77.676292][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.677526][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.678806][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.680064][ C0] Call trace: [ 77.680594][ C0] invalidate_bh_lru+0x128/0x22c [ 77.681434][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.682393][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.683511][ C0] ipi_handler+0x10c/0x6fc [ 77.684179][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 77.684934][ C0] handle_domain_irq+0x144/0x1fc [ 77.685654][ C0] gic_handle_irq+0x78/0x1b8 [ 77.686297][ C0] call_on_irq_stack+0x30/0x48 [ 77.686937][ C0] do_interrupt_handler+0x6c/0x88 [ 77.687703][ C0] el1_interrupt+0x30/0x58 [ 77.688397][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.689121][ C0] el1h_64_irq+0x78/0x7c [ 77.689720][ C0] refill_stock+0x1ec/0x390 [ 77.690385][ C0] try_charge_memcg+0xe2c/0x11a0 [ 77.691103][ C0] obj_cgroup_charge_pages+0x90/0x1a4 [ 77.691952][ C0] obj_cgroup_charge+0x188/0x2c8 [ 77.692652][ C0] slab_pre_alloc_hook+0xc8/0xe8 [ 77.693401][ C0] kmem_cache_alloc+0x94/0x3d4 [ 77.694101][ C0] __alloc_file+0x30/0x238 [ 77.694694][ C0] alloc_empty_file+0xa0/0x184 [ 77.695351][ C0] path_openat+0xd4/0x2718 [ 77.696001][ C0] do_filp_open+0x184/0x368 [ 77.696705][ C0] do_sys_openat2+0x134/0x3f4 [ 77.697368][ C0] __arm64_sys_openat+0x118/0x14c [ 77.698069][ C0] invoke_syscall+0x98/0x2b0 [ 77.698857][ C0] el0_svc_common+0x138/0x258 [ 77.699522][ C0] do_el0_svc+0x58/0x13c [ 77.700101][ C0] el0_svc+0x78/0x1d0 [ 77.700688][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.701433][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.702118][ C0] irq event stamp: 280480 [ 77.702766][ C0] hardirqs last enabled at (280479): [] refill_stock+0x1dc/0x390 [ 77.704128][ C0] hardirqs last disabled at (280480): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.705634][ C0] softirqs last enabled at (280428): [] local_bh_enable+0x10/0x34 [ 77.707032][ C0] softirqs last disabled at (280426): [] local_bh_disable+0x10/0x34 [ 77.708474][ C0] ---[ end trace 2595cf549e09dc0a ]--- [ 77.748094][ T5097] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.749435][ T5097] Bad inode number on dev loop0: 2 is out of range [ 77.750428][ T5097] SysV FS: get root inode failed [ 77.751208][ T5097] oldfs: cannot read superblock [ 77.756601][ C1] ------------[ cut here ]------------ [ 77.757523][ C1] VFS: brelse: Trying to free free buffer [ 77.758444][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.759805][ C1] Modules linked in: [ 77.760451][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.761983][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.763648][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.764879][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 77.765743][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 77.766553][ C1] sp : ffff800008017de0 [ 77.767153][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 77.768408][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 77.769619][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a1ee0 [ 77.770767][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 77.771973][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.773179][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 77.774351][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 77.775504][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.776673][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.777930][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.779101][ C1] Call trace: [ 77.779658][ C1] invalidate_bh_lru+0x128/0x22c [ 77.780413][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.781251][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.782233][ C1] ipi_handler+0x10c/0x6fc [ 77.782885][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 77.783674][ C1] handle_domain_irq+0x144/0x1fc [ 77.784464][ C1] gic_handle_irq+0x78/0x1b8 [ 77.785140][ C1] call_on_irq_stack+0x30/0x48 [ 77.785812][ C1] do_interrupt_handler+0x6c/0x88 [ 77.786534][ C1] el1_interrupt+0x30/0x58 [ 77.787255][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.787982][ C1] el1h_64_irq+0x78/0x7c [ 77.788581][ C1] try_charge_memcg+0x1e4/0x11a0 [ 77.789336][ C1] obj_cgroup_charge_pages+0x90/0x1a4 [ 77.790133][ C1] obj_cgroup_charge+0x188/0x2c8 [ 77.790813][ C1] slab_pre_alloc_hook+0xc8/0xe8 [ 77.791509][ C1] kmem_cache_alloc+0x94/0x3d4 [ 77.792314][ C1] sk_prot_alloc+0x60/0x1ec [ 77.793077][ C1] sk_alloc+0x40/0x384 [ 77.793678][ C1] inet6_create+0x6e4/0xea0 [ 77.794327][ C1] __sock_create+0x4b0/0x8b4 [ 77.795033][ C1] __sys_socket+0xf0/0x18c [ 77.795687][ C1] __arm64_sys_socket+0x7c/0x94 [ 77.796416][ C1] invoke_syscall+0x98/0x2b0 [ 77.797134][ C1] el0_svc_common+0x138/0x258 [ 77.797815][ C1] do_el0_svc+0x58/0x13c [ 77.798370][ C1] el0_svc+0x78/0x1d0 [ 77.798946][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.799729][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.800525][ C1] irq event stamp: 284606 [ 77.801247][ C1] hardirqs last enabled at (284605): [] try_charge_memcg+0x1d4/0x11a0 [ 77.802765][ C1] hardirqs last disabled at (284606): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.804201][ C1] softirqs last enabled at (284582): [] release_sock+0x1d0/0x258 [ 77.805577][ C1] softirqs last disabled at (284580): [] release_sock+0x34/0x258 [ 77.807045][ C1] ---[ end trace 2595cf549e09dc0b ]--- [ 77.868372][ T5099] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.869554][ T5099] Bad inode number on dev loop0: 2 is out of range [ 77.870565][ T5099] SysV FS: get root inode failed [ 77.871286][ T5099] oldfs: cannot read superblock [ 77.872132][ T5099] ------------[ cut here ]------------ [ 77.872942][ T5099] VFS: brelse: Trying to free free buffer [ 77.873845][ T5099] WARNING: CPU: 1 PID: 5099 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 77.875201][ T5099] Modules linked in: [ 77.875777][ T5099] CPU: 1 PID: 5099 Comm: syz.0.83 Tainted: G W syzkaller #0 [ 77.877010][ T5099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.878527][ T5099] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.879715][ T5099] pc : invalidate_bh_lru+0x128/0x22c [ 77.880484][ T5099] lr : invalidate_bh_lru+0x128/0x22c [ 77.881272][ T5099] sp : ffff80001fc976e0 [ 77.881882][ T5099] x29: ffff80001fc976e0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 77.883060][ T5099] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 77.884296][ T5099] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000cf149318 [ 77.885516][ T5099] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 77.886952][ T5099] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 77.888295][ T5099] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 77.889635][ T5099] x11: 0000000000000002 x10: 0000000000000000 x9 : 32a5df4e519cc200 [ 77.890846][ T5099] x8 : 32a5df4e519cc200 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.892023][ T5099] x5 : ffff80001fc96ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 77.893197][ T5099] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.894406][ T5099] Call trace: [ 77.894844][ T5099] invalidate_bh_lru+0x128/0x22c [ 77.895516][ T5099] smp_call_function_many_cond+0xa50/0xeac [ 77.896325][ T5099] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.897037][ T5099] invalidate_bh_lrus+0x34/0x40 [ 77.897754][ T5099] blkdev_flush_mapping+0x16c/0x334 [ 77.898536][ T5099] blkdev_put+0x490/0x6ac [ 77.899211][ T5099] kill_block_super+0x98/0xdc [ 77.899870][ T5099] deactivate_locked_super+0xb8/0x134 [ 77.900640][ T5099] mount_bdev+0x284/0x358 [ 77.901300][ T5099] sysv_mount+0x44/0x58 [ 77.901910][ T5099] legacy_get_tree+0xd4/0x16c [ 77.902581][ T5099] vfs_get_tree+0x90/0x274 [ 77.903237][ T5099] do_new_mount+0x228/0x810 [ 77.903924][ T5099] path_mount+0x5bc/0x1008 [ 77.904615][ T5099] __arm64_sys_mount+0x514/0x5f0 [ 77.905449][ T5099] invoke_syscall+0x98/0x2b0 [ 77.906091][ T5099] el0_svc_common+0x138/0x258 [ 77.906767][ T5099] do_el0_svc+0x58/0x13c [ 77.907443][ T5099] el0_svc+0x78/0x1d0 [ 77.908099][ T5099] el0t_64_sync_handler+0xcc/0xe4 [ 77.908878][ T5099] el0t_64_sync+0x1a0/0x1a4 [ 77.909637][ T5099] irq event stamp: 980 [ 77.910300][ T5099] hardirqs last enabled at (979): [] kasan_quarantine_put+0xc4/0x200 [ 77.911948][ T5099] hardirqs last disabled at (980): [] smp_call_function_many_cond+0xa44/0xeac [ 77.913508][ T5099] softirqs last enabled at (802): [] local_bh_enable+0x10/0x34 [ 77.914966][ T5099] softirqs last disabled at (800): [] local_bh_disable+0x10/0x34 [ 77.916435][ T5099] ---[ end trace 2595cf549e09dc0c ]--- [ 78.039446][ T5103] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.040678][ T5103] Bad inode number on dev loop0: 2 is out of range [ 78.041680][ T5103] SysV FS: get root inode failed [ 78.042437][ T5103] oldfs: cannot read superblock [ 78.049658][ C1] ------------[ cut here ]------------ [ 78.050585][ C1] VFS: brelse: Trying to free free buffer [ 78.051505][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.052674][ C1] Modules linked in: [ 78.053201][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.054497][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.055908][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.057147][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.057919][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.058740][ C1] sp : ffff800008017de0 [ 78.059391][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 78.060669][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 78.061919][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000cf1496b8 [ 78.063102][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 78.064354][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.065535][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 78.066685][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 78.067848][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.069005][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.070205][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.071378][ C1] Call trace: [ 78.071824][ C1] invalidate_bh_lru+0x128/0x22c [ 78.072532][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.073465][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.074462][ C1] ipi_handler+0x10c/0x6fc [ 78.075171][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.075962][ C1] handle_domain_irq+0x144/0x1fc [ 78.076713][ C1] gic_handle_irq+0x78/0x1b8 [ 78.077414][ C1] call_on_irq_stack+0x30/0x48 [ 78.078095][ C1] do_interrupt_handler+0x6c/0x88 [ 78.078794][ C1] el1_interrupt+0x30/0x58 [ 78.079491][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.080217][ C1] el1h_64_irq+0x78/0x7c [ 78.080827][ C1] kasan_check_range+0x34/0x2a0 [ 78.081593][ C1] memset+0x58/0x88 [ 78.082174][ C1] do_ebt_get_ctl+0x10c/0x22c4 [ 78.082876][ C1] nf_getsockopt+0x264/0x284 [ 78.083510][ C1] ip_getsockopt+0x122c/0x1664 [ 78.084223][ C1] tcp_getsockopt+0x210/0x2eec [ 78.084917][ C1] sock_common_getsockopt+0xa8/0xc4 [ 78.085705][ C1] __sys_getsockopt+0x1b8/0x250 [ 78.086392][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 78.087136][ C1] invoke_syscall+0x98/0x2b0 [ 78.087799][ C1] el0_svc_common+0x138/0x258 [ 78.088479][ C1] do_el0_svc+0x58/0x13c [ 78.089104][ C1] el0_svc+0x78/0x1d0 [ 78.089653][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.090366][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.091016][ C1] irq event stamp: 290350 [ 78.091639][ C1] hardirqs last enabled at (290349): [] __local_bh_enable_ip+0x1f8/0x37c [ 78.093283][ C1] hardirqs last disabled at (290350): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.094762][ C1] softirqs last enabled at (290348): [] release_sock+0x1d0/0x258 [ 78.096131][ C1] softirqs last disabled at (290346): [] release_sock+0x34/0x258 [ 78.097454][ C1] ---[ end trace 2595cf549e09dc0d ]--- [ 78.202971][ T5105] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.204262][ T5105] Bad inode number on dev loop0: 2 is out of range [ 78.205200][ T5105] SysV FS: get root inode failed [ 78.205944][ T5105] oldfs: cannot read superblock [ 78.206630][ T5105] ------------[ cut here ]------------ [ 78.207427][ T5105] VFS: brelse: Trying to free free buffer [ 78.208226][ T5105] WARNING: CPU: 0 PID: 5105 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.209471][ T5105] Modules linked in: [ 78.210057][ T5105] CPU: 0 PID: 5105 Comm: syz.0.86 Tainted: G W syzkaller #0 [ 78.211315][ T5105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.213026][ T5105] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.214272][ T5105] pc : invalidate_bh_lru+0x128/0x22c [ 78.215053][ T5105] lr : invalidate_bh_lru+0x128/0x22c [ 78.215849][ T5105] sp : ffff80001fca76e0 [ 78.216469][ T5105] x29: ffff80001fca76e0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 78.217652][ T5105] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 78.218819][ T5105] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f46b8 [ 78.220033][ T5105] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 78.221285][ T5105] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.222450][ T5105] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 78.223684][ T5105] x11: 0000000000000002 x10: 0000000000000000 x9 : 02bafb76ff581e00 [ 78.224880][ T5105] x8 : 02bafb76ff581e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.226073][ T5105] x5 : ffff80001fca6ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.227198][ T5105] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.228341][ T5105] Call trace: [ 78.228801][ T5105] invalidate_bh_lru+0x128/0x22c [ 78.229490][ T5105] smp_call_function_many_cond+0xa50/0xeac [ 78.230440][ T5105] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.231191][ T5105] invalidate_bh_lrus+0x34/0x40 [ 78.231905][ T5105] blkdev_flush_mapping+0x16c/0x334 [ 78.232700][ T5105] blkdev_put+0x490/0x6ac [ 78.233317][ T5105] kill_block_super+0x98/0xdc [ 78.234058][ T5105] deactivate_locked_super+0xb8/0x134 [ 78.234800][ T5105] mount_bdev+0x284/0x358 [ 78.235422][ T5105] sysv_mount+0x44/0x58 [ 78.236098][ T5105] legacy_get_tree+0xd4/0x16c [ 78.236802][ T5105] vfs_get_tree+0x90/0x274 [ 78.237419][ T5105] do_new_mount+0x228/0x810 [ 78.238109][ T5105] path_mount+0x5bc/0x1008 [ 78.238719][ T5105] __arm64_sys_mount+0x514/0x5f0 [ 78.239446][ T5105] invoke_syscall+0x98/0x2b0 [ 78.240133][ T5105] el0_svc_common+0x138/0x258 [ 78.240779][ T5105] do_el0_svc+0x58/0x13c [ 78.241375][ T5105] el0_svc+0x78/0x1d0 [ 78.241935][ T5105] el0t_64_sync_handler+0xcc/0xe4 [ 78.242699][ T5105] el0t_64_sync+0x1a0/0x1a4 [ 78.243327][ T5105] irq event stamp: 1006 [ 78.243979][ T5105] hardirqs last enabled at (1005): [] kasan_quarantine_put+0xc4/0x200 [ 78.245418][ T5105] hardirqs last disabled at (1006): [] smp_call_function_many_cond+0xa44/0xeac [ 78.246994][ T5105] softirqs last enabled at (832): [] local_bh_enable+0x10/0x34 [ 78.248260][ T5105] softirqs last disabled at (830): [] local_bh_disable+0x10/0x34 [ 78.249651][ T5105] ---[ end trace 2595cf549e09dc0e ]--- [ 78.394670][ T5109] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.395879][ T5109] Bad inode number on dev loop0: 2 is out of range [ 78.396974][ T5109] SysV FS: get root inode failed [ 78.397940][ T5109] oldfs: cannot read superblock [ 78.405783][ C0] ------------[ cut here ]------------ [ 78.406584][ C0] VFS: brelse: Trying to free free buffer [ 78.407474][ C0] WARNING: CPU: 0 PID: 5111 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.408839][ C0] Modules linked in: [ 78.409402][ C0] CPU: 0 PID: 5111 Comm: syz.0.89 Tainted: G W syzkaller #0 [ 78.410638][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.412137][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.413284][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 78.414062][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 78.414814][ C0] sp : ffff800008007de0 [ 78.415377][ C0] x29: ffff800008007de0 x28: ffff0000d1830000 x27: 1fffe000341f245b [ 78.416532][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 78.417742][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f4a58 [ 78.418944][ C0] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000010002 [ 78.420112][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.421231][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 78.422381][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 591f46701c735200 [ 78.423456][ C0] x8 : 591f46701c735200 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.424634][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.425796][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.427050][ C0] Call trace: [ 78.427519][ C0] invalidate_bh_lru+0x128/0x22c [ 78.428248][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.429099][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.430041][ C0] ipi_handler+0x10c/0x6fc [ 78.430685][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 78.431479][ C0] handle_domain_irq+0x144/0x1fc [ 78.432157][ C0] gic_handle_irq+0x78/0x1b8 [ 78.432811][ C0] call_on_irq_stack+0x30/0x48 [ 78.433469][ C0] do_interrupt_handler+0x6c/0x88 [ 78.434154][ C0] el1_interrupt+0x30/0x58 [ 78.434784][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.435488][ C0] el1h_64_irq+0x78/0x7c [ 78.436100][ C0] seqcount_lockdep_reader_access+0x15c/0x22c [ 78.436990][ C0] bad_range+0xa0/0x2a0 [ 78.437523][ C0] get_page_from_freelist+0x2910/0x2a68 [ 78.438255][ C0] __alloc_pages+0x1a0/0x470 [ 78.438902][ C0] alloc_pages_vma+0x284/0x790 [ 78.439628][ C0] alloc_zeroed_user_highpage_movable+0x9c/0xd8 [ 78.440533][ C0] handle_mm_fault+0x17d4/0x2a28 [ 78.441221][ C0] do_page_fault+0x67c/0xab0 [ 78.441910][ C0] do_translation_fault+0xe0/0x130 [ 78.442655][ C0] do_mem_abort+0x6c/0x1ac [ 78.443246][ C0] el0_da+0x90/0x1ec [ 78.443772][ C0] el0t_64_sync_handler+0xd8/0xe4 [ 78.444430][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.445085][ C0] irq event stamp: 180 [ 78.445640][ C0] hardirqs last enabled at (179): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 78.447133][ C0] hardirqs last disabled at (180): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.448486][ C0] softirqs last enabled at (86): [] local_bh_enable+0x10/0x34 [ 78.449762][ C0] softirqs last disabled at (84): [] local_bh_disable+0x10/0x34 [ 78.451065][ C0] ---[ end trace 2595cf549e09dc0f ]--- [ 78.508577][ T5111] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.509660][ T5111] Bad inode number on dev loop0: 2 is out of range [ 78.510609][ T5111] SysV FS: get root inode failed [ 78.511315][ T5111] oldfs: cannot read superblock [ 78.516768][ C1] ------------[ cut here ]------------ [ 78.517680][ C1] VFS: brelse: Trying to free free buffer [ 78.518624][ C1] WARNING: CPU: 1 PID: 5111 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.520020][ C1] Modules linked in: [ 78.520648][ C1] CPU: 1 PID: 5111 Comm: syz.0.89 Tainted: G W syzkaller #0 [ 78.521904][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.523455][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.524599][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.525365][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.526129][ C1] sp : ffff800008017de0 [ 78.526771][ C1] x29: ffff800008017de0 x28: ffff0000d1830000 x27: 1fffe000341f665c [ 78.527983][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 78.529151][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000cf149a58 [ 78.530326][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 78.531693][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.532953][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 78.534173][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 591f46701c735200 [ 78.535367][ C1] x8 : 591f46701c735200 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.536634][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.537823][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.539074][ C1] Call trace: [ 78.539585][ C1] invalidate_bh_lru+0x128/0x22c [ 78.540310][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.541205][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.542201][ C1] ipi_handler+0x10c/0x6fc [ 78.542987][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.543841][ C1] handle_domain_irq+0x144/0x1fc [ 78.544559][ C1] gic_handle_irq+0x78/0x1b8 [ 78.545270][ C1] call_on_irq_stack+0x30/0x48 [ 78.545996][ C1] do_interrupt_handler+0x6c/0x88 [ 78.546730][ C1] el1_interrupt+0x30/0x58 [ 78.547363][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.548082][ C1] el1h_64_irq+0x78/0x7c [ 78.548708][ C1] lock_page_memcg+0x120/0x22c [ 78.549380][ C1] page_remove_rmap+0x3c/0xf90 [ 78.550079][ C1] unmap_page_range+0xb78/0x1908 [ 78.550776][ C1] unmap_single_vma+0x13c/0x1e4 [ 78.551453][ C1] unmap_vmas+0x10c/0x214 [ 78.552053][ C1] exit_mmap+0x2c4/0x508 [ 78.552652][ C1] __mmput+0xec/0x3a8 [ 78.553198][ C1] mmput+0x80/0xc0 [ 78.553764][ C1] exit_mm+0x4ac/0x664 [ 78.554325][ C1] do_exit+0x4f0/0x1f50 [ 78.554906][ C1] do_group_exit+0x100/0x268 [ 78.555539][ C1] get_signal+0x73c/0x1334 [ 78.556128][ C1] do_notify_resume+0x354/0x309c [ 78.556828][ C1] el0_svc+0xf0/0x1d0 [ 78.557390][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.558175][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.558833][ C1] irq event stamp: 1826 [ 78.559419][ C1] hardirqs last enabled at (1825): [] lock_page_memcg+0x110/0x22c [ 78.560735][ C1] hardirqs last disabled at (1826): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.562096][ C1] softirqs last enabled at (1106): [] local_bh_enable+0x10/0x34 [ 78.563391][ C1] softirqs last disabled at (1104): [] local_bh_disable+0x10/0x34 [ 78.564664][ C1] ---[ end trace 2595cf549e09dc10 ]--- [ 78.627970][ T5113] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.629126][ T5113] Bad inode number on dev loop0: 2 is out of range [ 78.630128][ T5113] SysV FS: get root inode failed [ 78.630874][ T5113] oldfs: cannot read superblock [ 78.640857][ T4977] ------------[ cut here ]------------ [ 78.641727][ T4977] VFS: brelse: Trying to free free buffer [ 78.642743][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.644130][ T4977] Modules linked in: [ 78.644696][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 78.645867][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.647323][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.648482][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 78.649309][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 78.650098][ T4977] sp : ffff80001f7277c0 [ 78.650717][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 78.651930][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 78.653234][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28f4df8 [ 78.654738][ T4977] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 78.656106][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.657379][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 78.658654][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 78.659958][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.661191][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.662422][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.663716][ T4977] Call trace: [ 78.664243][ T4977] invalidate_bh_lru+0x128/0x22c [ 78.664959][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 78.665848][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.666591][ T4977] invalidate_bh_lrus+0x34/0x40 [ 78.667295][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 78.668059][ T4977] blkdev_put+0x490/0x6ac [ 78.668741][ T4977] blkdev_close+0x74/0xb0 [ 78.669457][ T4977] __fput+0x1c0/0x7e8 [ 78.670058][ T4977] ____fput+0x20/0x30 [ 78.670654][ T4977] task_work_run+0x12c/0x1d8 [ 78.671289][ T4977] do_notify_resume+0x2450/0x309c [ 78.672109][ T4977] el0_svc+0xf0/0x1d0 [ 78.672731][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 78.673478][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 78.674172][ T4977] irq event stamp: 252626 [ 78.674791][ T4977] hardirqs last enabled at (252625): [] kasan_quarantine_put+0xc4/0x200 [ 78.676205][ T4977] hardirqs last disabled at (252626): [] smp_call_function_many_cond+0xa44/0xeac [ 78.677821][ T4977] softirqs last enabled at (252424): [] local_bh_enable+0x10/0x34 [ 78.679239][ T4977] softirqs last disabled at (252422): [] local_bh_disable+0x10/0x34 [ 78.680580][ T4977] ---[ end trace 2595cf549e09dc11 ]--- [ 78.762811][ T5115] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.764068][ T5115] Bad inode number on dev loop0: 2 is out of range [ 78.765068][ T5115] SysV FS: get root inode failed [ 78.765815][ T5115] oldfs: cannot read superblock [ 78.773857][ C1] ------------[ cut here ]------------ [ 78.774693][ C1] VFS: brelse: Trying to free free buffer [ 78.775629][ C1] WARNING: CPU: 1 PID: 5116 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.776912][ C1] Modules linked in: [ 78.777494][ C1] CPU: 1 PID: 5116 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.778888][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.780410][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.781517][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 78.782319][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 78.783124][ C1] sp : ffff800008017de0 [ 78.783856][ C1] x29: ffff800008017de0 x28: ffff0000d937b680 x27: 1fffe000341f665c [ 78.785229][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 78.786529][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000cf149df8 [ 78.787801][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 78.788990][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.790198][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 78.791435][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7704bc41a4adfa00 [ 78.792639][ C1] x8 : 7704bc41a4adfa00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.793771][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.794973][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.796164][ C1] Call trace: [ 78.796695][ C1] invalidate_bh_lru+0x128/0x22c [ 78.797483][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.798354][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.799321][ C1] ipi_handler+0x10c/0x6fc [ 78.799989][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 78.800798][ C1] handle_domain_irq+0x144/0x1fc [ 78.801520][ C1] gic_handle_irq+0x78/0x1b8 [ 78.802186][ C1] call_on_irq_stack+0x30/0x48 [ 78.802905][ C1] do_interrupt_handler+0x6c/0x88 [ 78.803701][ C1] el1_interrupt+0x30/0x58 [ 78.804349][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.805081][ C1] el1h_64_irq+0x78/0x7c [ 78.805715][ C1] read_seqbegin+0x8/0x300 [ 78.806336][ C1] lookup_one_qstr_excl+0x3c/0x230 [ 78.807043][ C1] filename_create+0x1d0/0x3a8 [ 78.807685][ C1] do_symlinkat+0xc8/0x5b4 [ 78.808301][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 78.809104][ C1] invoke_syscall+0x98/0x2b0 [ 78.809797][ C1] el0_svc_common+0x138/0x258 [ 78.810484][ C1] do_el0_svc+0x58/0x13c [ 78.811043][ C1] el0_svc+0x78/0x1d0 [ 78.811617][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.812383][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.813068][ C1] irq event stamp: 946 [ 78.813652][ C1] hardirqs last enabled at (945): [] seqcount_lockdep_reader_access+0x1f4/0x2b8 [ 78.815295][ C1] hardirqs last disabled at (946): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.816746][ C1] softirqs last enabled at (814): [] local_bh_enable+0x10/0x34 [ 78.818078][ C1] softirqs last disabled at (812): [] local_bh_disable+0x10/0x34 [ 78.819478][ C1] ---[ end trace 2595cf549e09dc12 ]--- [ 78.899266][ T5117] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.900424][ T5117] Bad inode number on dev loop0: 2 is out of range [ 78.901453][ T5117] SysV FS: get root inode failed [ 78.902312][ T5117] oldfs: cannot read superblock [ 78.909194][ T4977] ------------[ cut here ]------------ [ 78.910151][ T4977] VFS: brelse: Trying to free free buffer [ 78.911117][ T4977] WARNING: CPU: 1 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.912499][ T4977] Modules linked in: [ 78.913007][ T4977] CPU: 1 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 78.914247][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.915714][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.916801][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 78.917592][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 78.918412][ T4977] sp : ffff80001f7277c0 [ 78.919062][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 78.920224][ T4977] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 78.921383][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb83230 [ 78.922580][ T4977] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 78.923757][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 78.924931][ T4977] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 78.926124][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 78.927312][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.928435][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 78.929679][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.930849][ T4977] Call trace: [ 78.931388][ T4977] invalidate_bh_lru+0x128/0x22c [ 78.932132][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 78.933011][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.933779][ T4977] invalidate_bh_lrus+0x34/0x40 [ 78.934530][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 78.935312][ T4977] blkdev_put+0x490/0x6ac [ 78.935933][ T4977] blkdev_close+0x74/0xb0 [ 78.936593][ T4977] __fput+0x1c0/0x7e8 [ 78.937210][ T4977] ____fput+0x20/0x30 [ 78.937770][ T4977] task_work_run+0x12c/0x1d8 [ 78.938458][ T4977] do_notify_resume+0x2450/0x309c [ 78.939236][ T4977] el0_svc+0xf0/0x1d0 [ 78.939826][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 78.940580][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 78.941328][ T4977] irq event stamp: 262048 [ 78.941924][ T4977] hardirqs last enabled at (262047): [] kasan_quarantine_put+0xc4/0x200 [ 78.943330][ T4977] hardirqs last disabled at (262048): [] smp_call_function_many_cond+0xa44/0xeac [ 78.944870][ T4977] softirqs last enabled at (261850): [] local_bh_enable+0x10/0x34 [ 78.946174][ T4977] softirqs last disabled at (261848): [] local_bh_disable+0x10/0x34 [ 78.947597][ T4977] ---[ end trace 2595cf549e09dc13 ]--- [ 78.981088][ T5119] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.982190][ T5119] Bad inode number on dev loop0: 2 is out of range [ 78.983159][ T5119] SysV FS: get root inode failed [ 78.983852][ T5119] oldfs: cannot read superblock [ 78.991983][ C1] ------------[ cut here ]------------ [ 78.992768][ C1] VFS: brelse: Trying to free free buffer [ 78.993642][ C1] WARNING: CPU: 1 PID: 5120 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 78.994765][ C1] Modules linked in: [ 78.995282][ C1] CPU: 1 PID: 5120 Comm: syz.0.94 Tainted: G W syzkaller #0 [ 78.996703][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.998402][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.999692][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.000455][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.001287][ C1] sp : ffff800008017de0 [ 79.001991][ C1] x29: ffff800008017de0 x28: ffff0000ee2651c0 x27: 1fffe000341f665c [ 79.003273][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 79.004536][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb835d0 [ 79.005821][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010003 [ 79.007058][ C1] x17: 0000000000010003 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.008248][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 79.009510][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : aa30e1ca88955e00 [ 79.010659][ C1] x8 : aa30e1ca88955e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.011911][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.013099][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.014265][ C1] Call trace: [ 79.014749][ C1] invalidate_bh_lru+0x128/0x22c [ 79.015513][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.016421][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.017404][ C1] ipi_handler+0x10c/0x6fc [ 79.018090][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.018899][ C1] handle_domain_irq+0x144/0x1fc [ 79.019644][ C1] gic_handle_irq+0x78/0x1b8 [ 79.020344][ C1] call_on_irq_stack+0x30/0x48 [ 79.021070][ C1] do_interrupt_handler+0x6c/0x88 [ 79.021799][ C1] el1_interrupt+0x30/0x58 [ 79.022483][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.023183][ C1] el1h_64_irq+0x78/0x7c [ 79.023792][ C1] debug_smp_processor_id+0x18/0x2c [ 79.024535][ C1] rcu_lockdep_current_cpu_online+0x7c/0x1e0 [ 79.025347][ C1] rcu_read_lock_held+0x20/0x50 [ 79.026024][ C1] __memcg_kmem_charge_page+0x2f0/0x59c [ 79.026827][ C1] __alloc_pages+0x1d0/0x470 [ 79.027457][ C1] alloc_pages+0x34c/0x5c0 [ 79.028088][ C1] pte_alloc_one+0x2c/0x254 [ 79.028733][ C1] __pte_alloc+0x34/0x214 [ 79.029370][ C1] handle_mm_fault+0x2444/0x2a28 [ 79.030099][ C1] do_page_fault+0x67c/0xab0 [ 79.030813][ C1] do_translation_fault+0xe0/0x130 [ 79.031555][ C1] do_mem_abort+0x6c/0x1ac [ 79.032236][ C1] el0_da+0x90/0x1ec [ 79.032795][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 79.033606][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.034317][ C1] irq event stamp: 1138 [ 79.034855][ C1] hardirqs last enabled at (1137): [] seqcount_lockdep_reader_access+0x14c/0x22c [ 79.036425][ C1] hardirqs last disabled at (1138): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.037786][ C1] softirqs last enabled at (1118): [] local_bh_enable+0x10/0x34 [ 79.039137][ C1] softirqs last disabled at (1116): [] local_bh_disable+0x10/0x34 [ 79.040577][ C1] ---[ end trace 2595cf549e09dc14 ]--- [ 79.122431][ T5121] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.123651][ T5121] Bad inode number on dev loop0: 2 is out of range [ 79.124719][ T5121] SysV FS: get root inode failed [ 79.125480][ T5121] oldfs: cannot read superblock [ 79.142832][ C0] ------------[ cut here ]------------ [ 79.143669][ C0] VFS: brelse: Trying to free free buffer [ 79.144569][ C0] WARNING: CPU: 0 PID: 5124 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.145922][ C0] Modules linked in: [ 79.146497][ C0] CPU: 0 PID: 5124 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.147719][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.149282][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.150439][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.151248][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.152023][ C0] sp : ffff800008007de0 [ 79.152671][ C0] x29: ffff800008007de0 x28: ffff0000ce0d0000 x27: 1fffe000341f245c [ 79.153858][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 79.155076][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c52badf8 [ 79.156345][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 79.157518][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.158726][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 79.159984][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : d9f1d29b1d217100 [ 79.161208][ C0] x8 : d9f1d29b1d217100 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.162413][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.163566][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.164830][ C0] Call trace: [ 79.165265][ C0] invalidate_bh_lru+0x128/0x22c [ 79.166007][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.167006][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.168087][ C0] ipi_handler+0x10c/0x6fc [ 79.168729][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.169556][ C0] handle_domain_irq+0x144/0x1fc [ 79.170347][ C0] gic_handle_irq+0x78/0x1b8 [ 79.171046][ C0] call_on_irq_stack+0x30/0x48 [ 79.171705][ C0] do_interrupt_handler+0x6c/0x88 [ 79.172470][ C0] el1_interrupt+0x30/0x58 [ 79.173211][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.173927][ C0] el1h_64_irq+0x78/0x7c [ 79.174571][ C0] kasan_check_range+0x8/0x2a0 [ 79.175278][ C0] __kasan_kmalloc+0xa0/0xf0 [ 79.175975][ C0] __kmalloc+0x290/0x43c [ 79.176629][ C0] tomoyo_realpath_from_path+0xcc/0x510 [ 79.177438][ C0] tomoyo_path_perm+0x1e8/0x49c [ 79.178143][ C0] tomoyo_path_symlink+0xac/0xf8 [ 79.178895][ C0] security_path_symlink+0xec/0x13c [ 79.179636][ C0] do_symlinkat+0x10c/0x5b4 [ 79.180483][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 79.181291][ C0] invoke_syscall+0x98/0x2b0 [ 79.182060][ C0] el0_svc_common+0x138/0x258 [ 79.182886][ C0] do_el0_svc+0x58/0x13c [ 79.183502][ C0] el0_svc+0x78/0x1d0 [ 79.184075][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.184948][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.185667][ C0] irq event stamp: 750 [ 79.186299][ C0] hardirqs last enabled at (749): [] ___slab_alloc+0xc18/0xd8c [ 79.187754][ C0] hardirqs last disabled at (750): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.189191][ C0] softirqs last enabled at (734): [] local_bh_enable+0x10/0x34 [ 79.190577][ C0] softirqs last disabled at (732): [] local_bh_disable+0x10/0x34 [ 79.191903][ C0] ---[ end trace 2595cf549e09dc15 ]--- [ 79.221756][ T5125] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.223012][ T5125] Bad inode number on dev loop0: 2 is out of range [ 79.224118][ T5125] SysV FS: get root inode failed [ 79.224806][ T5125] oldfs: cannot read superblock [ 79.228376][ C1] ------------[ cut here ]------------ [ 79.229242][ C1] VFS: brelse: Trying to free free buffer [ 79.230167][ C1] WARNING: CPU: 1 PID: 4401 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.231499][ C1] Modules linked in: [ 79.232112][ C1] CPU: 1 PID: 4401 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.233373][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.234842][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.235967][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.236715][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.237463][ C1] sp : ffff800008017de0 [ 79.238075][ C1] x29: ffff800008017de0 x28: ffff0000c7f08000 x27: 1fffe000341f665c [ 79.239352][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 79.240676][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb83970 [ 79.241971][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 79.243251][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.244471][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 79.245692][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : b6764a020cbd3e00 [ 79.246973][ C1] x8 : b6764a020cbd3e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.248221][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.249539][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.250724][ C1] Call trace: [ 79.251222][ C1] invalidate_bh_lru+0x128/0x22c [ 79.251963][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.252886][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.253958][ C1] ipi_handler+0x10c/0x6fc [ 79.254647][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.255497][ C1] handle_domain_irq+0x144/0x1fc [ 79.256247][ C1] gic_handle_irq+0x78/0x1b8 [ 79.256959][ C1] call_on_irq_stack+0x30/0x48 [ 79.257749][ C1] do_interrupt_handler+0x6c/0x88 [ 79.258451][ C1] el1_interrupt+0x30/0x58 [ 79.259137][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.259856][ C1] el1h_64_irq+0x78/0x7c [ 79.260532][ C1] seqcount_lockdep_reader_access+0x21c/0x2c0 [ 79.261431][ C1] ktime_get+0x60/0x268 [ 79.262042][ C1] tcp_write_xmit+0x48/0x4d90 [ 79.262714][ C1] __tcp_push_pending_frames+0x98/0x228 [ 79.263516][ C1] tcp_push+0x410/0x5fc [ 79.264137][ C1] tcp_sendmsg_locked+0x25d4/0x2cfc [ 79.264937][ C1] tcp_sendmsg+0x40/0x64 [ 79.265642][ C1] inet_sendmsg+0x154/0x284 [ 79.266299][ C1] sock_write_iter+0x250/0x340 [ 79.266994][ C1] vfs_write+0x590/0xa60 [ 79.267651][ C1] ksys_write+0x12c/0x224 [ 79.268306][ C1] __arm64_sys_write+0x7c/0x90 [ 79.268961][ C1] invoke_syscall+0x98/0x2b0 [ 79.269622][ C1] el0_svc_common+0x138/0x258 [ 79.270281][ C1] do_el0_svc+0x58/0x13c [ 79.270923][ C1] el0_svc+0x78/0x1d0 [ 79.271501][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.272242][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.272931][ C1] irq event stamp: 613878 [ 79.273535][ C1] hardirqs last enabled at (613877): [] seqcount_lockdep_reader_access+0x1fc/0x2c0 [ 79.275210][ C1] hardirqs last disabled at (613878): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.276688][ C1] softirqs last enabled at (613868): [] lock_sock_nested+0x14c/0x1d4 [ 79.278254][ C1] softirqs last disabled at (613866): [] lock_sock_nested+0xf4/0x1d4 [ 79.279910][ C1] ---[ end trace 2595cf549e09dc16 ]--- [ 79.326518][ T5127] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.327747][ T5127] Bad inode number on dev loop0: 2 is out of range [ 79.328701][ T5127] SysV FS: get root inode failed [ 79.329500][ T5127] oldfs: cannot read superblock [ 79.330222][ T5127] ------------[ cut here ]------------ [ 79.330985][ T5127] VFS: brelse: Trying to free free buffer [ 79.331902][ T5127] WARNING: CPU: 1 PID: 5127 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.333132][ T5127] Modules linked in: [ 79.333649][ T5127] CPU: 1 PID: 5127 Comm: syz.0.97 Tainted: G W syzkaller #0 [ 79.334839][ T5127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.336205][ T5127] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.337331][ T5127] pc : invalidate_bh_lru+0x128/0x22c [ 79.338102][ T5127] lr : invalidate_bh_lru+0x128/0x22c [ 79.338926][ T5127] sp : ffff80001fd176e0 [ 79.339529][ T5127] x29: ffff80001fd176e0 x28: ffff80001428d000 x27: 1fffe000341f665b [ 79.340923][ T5127] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000000 [ 79.342310][ T5127] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb83d10 [ 79.343625][ T5127] x20: ffff0001a0fb32d8 x19: ffff80001145af60 x18: 0000000000000003 [ 79.344845][ T5127] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.346007][ T5127] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 79.347219][ T5127] x11: 0000000000000002 x10: 0000000000000000 x9 : 8f1232ec2c4ad800 [ 79.348500][ T5127] x8 : 8f1232ec2c4ad800 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.349646][ T5127] x5 : ffff80001fd16ff8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.350796][ T5127] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.352018][ T5127] Call trace: [ 79.352522][ T5127] invalidate_bh_lru+0x128/0x22c [ 79.353205][ T5127] smp_call_function_many_cond+0xa50/0xeac [ 79.354010][ T5127] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.354761][ T5127] invalidate_bh_lrus+0x34/0x40 [ 79.355458][ T5127] blkdev_flush_mapping+0x16c/0x334 [ 79.356222][ T5127] blkdev_put+0x490/0x6ac [ 79.356871][ T5127] kill_block_super+0x98/0xdc [ 79.357567][ T5127] deactivate_locked_super+0xb8/0x134 [ 79.358349][ T5127] mount_bdev+0x284/0x358 [ 79.358989][ T5127] sysv_mount+0x44/0x58 [ 79.359607][ T5127] legacy_get_tree+0xd4/0x16c [ 79.360226][ T5127] vfs_get_tree+0x90/0x274 [ 79.360863][ T5127] do_new_mount+0x228/0x810 [ 79.361462][ T5127] path_mount+0x5bc/0x1008 [ 79.362099][ T5127] __arm64_sys_mount+0x514/0x5f0 [ 79.362794][ T5127] invoke_syscall+0x98/0x2b0 [ 79.363459][ T5127] el0_svc_common+0x138/0x258 [ 79.364128][ T5127] do_el0_svc+0x58/0x13c [ 79.364712][ T5127] el0_svc+0x78/0x1d0 [ 79.365283][ T5127] el0t_64_sync_handler+0xcc/0xe4 [ 79.366025][ T5127] el0t_64_sync+0x1a0/0x1a4 [ 79.366715][ T5127] irq event stamp: 920 [ 79.367356][ T5127] hardirqs last enabled at (919): [] kasan_quarantine_put+0xc4/0x200 [ 79.368745][ T5127] hardirqs last disabled at (920): [] smp_call_function_many_cond+0xa44/0xeac [ 79.370241][ T5127] softirqs last enabled at (890): [] handle_softirqs+0xa40/0xbe4 [ 79.371557][ T5127] softirqs last disabled at (877): [] __irq_exit_rcu+0x240/0x43c [ 79.372879][ T5127] ---[ end trace 2595cf549e09dc17 ]--- [ 79.451316][ T5129] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.452554][ T5129] Bad inode number on dev loop0: 2 is out of range [ 79.453582][ T5129] SysV FS: get root inode failed [ 79.454338][ T5129] oldfs: cannot read superblock [ 79.468848][ C1] ------------[ cut here ]------------ [ 79.469730][ C1] VFS: brelse: Trying to free free buffer [ 79.470653][ C1] WARNING: CPU: 1 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.472104][ C1] Modules linked in: [ 79.472819][ C1] CPU: 1 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.474265][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.475879][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.477111][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.477941][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.478769][ C1] sp : ffff800008017de0 [ 79.479383][ C1] x29: ffff800008017de0 x28: ffff0000ee5b8000 x27: 1fffe000341f665c [ 79.480613][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 79.481858][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb44148 [ 79.483134][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 79.484326][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.485553][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 79.486735][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 79.487892][ C1] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.489067][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.490265][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.491520][ C1] Call trace: [ 79.491989][ C1] invalidate_bh_lru+0x128/0x22c [ 79.492700][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.493591][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.494658][ C1] ipi_handler+0x10c/0x6fc [ 79.495336][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.496148][ C1] handle_domain_irq+0x144/0x1fc [ 79.496865][ C1] gic_handle_irq+0x78/0x1b8 [ 79.497610][ C1] call_on_irq_stack+0x30/0x48 [ 79.498351][ C1] do_interrupt_handler+0x6c/0x88 [ 79.499072][ C1] el0_interrupt+0x94/0x248 [ 79.499779][ C1] __el0_irq_handler_common+0x18/0x24 [ 79.500578][ C1] el0t_64_irq_handler+0x10/0x1c [ 79.501361][ C1] el0t_64_irq+0x1a0/0x1a4 [ 79.502012][ C1] irq event stamp: 321024 [ 79.502665][ C1] hardirqs last enabled at (321023): [] el0t_64_sync_handler+0xcc/0xe4 [ 79.504126][ C1] hardirqs last disabled at (321024): [] __el0_irq_handler_common+0x18/0x24 [ 79.505652][ C1] softirqs last enabled at (320972): [] local_bh_enable+0x10/0x34 [ 79.507049][ C1] softirqs last disabled at (320970): [] local_bh_disable+0x10/0x34 [ 79.508421][ C1] ---[ end trace 2595cf549e09dc18 ]--- [ 79.539785][ T5133] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.541004][ T5133] Bad inode number on dev loop0: 2 is out of range [ 79.542067][ T5133] SysV FS: get root inode failed [ 79.542931][ T5133] oldfs: cannot read superblock [ 79.550522][ C1] ------------[ cut here ]------------ [ 79.551380][ C1] VFS: brelse: Trying to free free buffer [ 79.552288][ C1] WARNING: CPU: 1 PID: 5134 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.553675][ C1] Modules linked in: [ 79.554365][ C1] CPU: 1 PID: 5134 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.555758][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.557356][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.558480][ C1] pc : invalidate_bh_lru+0x128/0x22c [ 79.559241][ C1] lr : invalidate_bh_lru+0x128/0x22c [ 79.559955][ C1] sp : ffff800008017de0 [ 79.560550][ C1] x29: ffff800008017de0 x28: ffff0000ce563680 x27: 1fffe000341f665c [ 79.561721][ C1] x26: 0000000000000001 x25: ffff0001a0fb32d8 x24: 0000000000000001 [ 79.562983][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dcb444e8 [ 79.564227][ C1] x20: ffff0001a0fb32e0 x19: ffff80001145af60 x18: 0000000000010002 [ 79.565459][ C1] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.566605][ C1] x14: 0000000000000001 x13: 1fffe000341f49ab x12: 0000000000ff0100 [ 79.567890][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : eaa4acc562a76900 [ 79.569086][ C1] x8 : eaa4acc562a76900 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.570312][ C1] x5 : ffff8000080176f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.571576][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.572773][ C1] Call trace: [ 79.573327][ C1] invalidate_bh_lru+0x128/0x22c [ 79.574060][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.574959][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.576013][ C1] ipi_handler+0x10c/0x6fc [ 79.576666][ C1] handle_percpu_devid_irq+0x29c/0x764 [ 79.577519][ C1] handle_domain_irq+0x144/0x1fc [ 79.578254][ C1] gic_handle_irq+0x78/0x1b8 [ 79.578890][ C1] call_on_irq_stack+0x30/0x48 [ 79.579609][ C1] do_interrupt_handler+0x6c/0x88 [ 79.580309][ C1] el1_interrupt+0x30/0x58 [ 79.580917][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.581639][ C1] el1h_64_irq+0x78/0x7c [ 79.582302][ C1] kfree+0x60/0x400 [ 79.582844][ C1] tomoyo_path_perm+0x33c/0x49c [ 79.583581][ C1] tomoyo_path_symlink+0xac/0xf8 [ 79.584257][ C1] security_path_symlink+0xec/0x13c [ 79.585013][ C1] do_symlinkat+0x10c/0x5b4 [ 79.585650][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 79.586405][ C1] invoke_syscall+0x98/0x2b0 [ 79.587059][ C1] el0_svc_common+0x138/0x258 [ 79.587669][ C1] do_el0_svc+0x58/0x13c [ 79.588270][ C1] el0_svc+0x78/0x1d0 [ 79.588817][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 79.589594][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.590345][ C1] irq event stamp: 764 [ 79.590959][ C1] hardirqs last enabled at (763): [] kasan_quarantine_put+0xc4/0x200 [ 79.592413][ C1] hardirqs last disabled at (764): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.593899][ C1] softirqs last enabled at (732): [] local_bh_enable+0x10/0x34 [ 79.595260][ C1] softirqs last disabled at (730): [] local_bh_disable+0x10/0x34 [ 79.596616][ C1] ---[ end trace 2595cf549e09dc19 ]--- [ 79.640970][ T5135] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.642098][ T5135] Bad inode number on dev loop0: 2 is out of range [ 79.643127][ T5135] SysV FS: get root inode failed [ 79.643939][ T5135] oldfs: cannot read superblock [ 79.652575][ T4977] ------------[ cut here ]------------ [ 79.653333][ T4977] VFS: brelse: Trying to free free buffer [ 79.654281][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.655590][ T4977] Modules linked in: [ 79.656209][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 79.657521][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.659093][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.660389][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 79.661146][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 79.662008][ T4977] sp : ffff80001f7277c0 [ 79.662648][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245c [ 79.663826][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 79.664962][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e284c148 [ 79.666187][ T4977] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000000003 [ 79.667445][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.668682][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 79.670049][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 79.671247][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.672450][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.673621][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.674878][ T4977] Call trace: [ 79.675397][ T4977] invalidate_bh_lru+0x128/0x22c [ 79.676138][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 79.676996][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.677749][ T4977] invalidate_bh_lrus+0x34/0x40 [ 79.678496][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 79.679310][ T4977] blkdev_put+0x490/0x6ac [ 79.680006][ T4977] blkdev_close+0x74/0xb0 [ 79.680650][ T4977] __fput+0x1c0/0x7e8 [ 79.681287][ T4977] ____fput+0x20/0x30 [ 79.681895][ T4977] task_work_run+0x12c/0x1d8 [ 79.682582][ T4977] do_notify_resume+0x2450/0x309c [ 79.683294][ T4977] el0_svc+0xf0/0x1d0 [ 79.683899][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 79.684650][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 79.685409][ T4977] irq event stamp: 292364 [ 79.686054][ T4977] hardirqs last enabled at (292363): [] kasan_quarantine_put+0xc4/0x200 [ 79.687570][ T4977] hardirqs last disabled at (292364): [] smp_call_function_many_cond+0xa44/0xeac [ 79.689225][ T4977] softirqs last enabled at (292164): [] local_bh_enable+0x10/0x34 [ 79.690692][ T4977] softirqs last disabled at (292162): [] local_bh_disable+0x10/0x34 [ 79.692137][ T4977] ---[ end trace 2595cf549e09dc1a ]--- [ 79.731996][ T5137] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.733141][ T5137] Bad inode number on dev loop0: 2 is out of range [ 79.734148][ T5137] SysV FS: get root inode failed [ 79.734876][ T5137] oldfs: cannot read superblock [ 79.737710][ T4977] ------------[ cut here ]------------ [ 79.738550][ T4977] VFS: brelse: Trying to free free buffer [ 79.739414][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.740630][ T4977] Modules linked in: [ 79.741187][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 79.742514][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.743945][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.745043][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 79.745809][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 79.746593][ T4977] sp : ffff80001f7277c0 [ 79.747179][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 79.748425][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 79.749586][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e284c4e8 [ 79.750797][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 79.752009][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.753200][ T4977] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 79.754395][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 79.755596][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.756894][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.758142][ T4977] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.759364][ T4977] Call trace: [ 79.759876][ T4977] invalidate_bh_lru+0x128/0x22c [ 79.760620][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 79.761451][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.762233][ T4977] invalidate_bh_lrus+0x34/0x40 [ 79.762978][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 79.763775][ T4977] blkdev_put+0x490/0x6ac [ 79.764433][ T4977] blkdev_close+0x74/0xb0 [ 79.765053][ T4977] __fput+0x1c0/0x7e8 [ 79.765674][ T4977] ____fput+0x20/0x30 [ 79.766265][ T4977] task_work_run+0x12c/0x1d8 [ 79.766937][ T4977] do_notify_resume+0x2450/0x309c [ 79.767713][ T4977] el0_svc+0xf0/0x1d0 [ 79.768381][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 79.769084][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 79.769763][ T4977] irq event stamp: 295256 [ 79.770436][ T4977] hardirqs last enabled at (295255): [] kasan_quarantine_put+0xc4/0x200 [ 79.771905][ T4977] hardirqs last disabled at (295256): [] smp_call_function_many_cond+0xa44/0xeac [ 79.773516][ T4977] softirqs last enabled at (295064): [] local_bh_enable+0x10/0x34 [ 79.774929][ T4977] softirqs last disabled at (295062): [] local_bh_disable+0x10/0x34 [ 79.776379][ T4977] ---[ end trace 2595cf549e09dc1b ]--- [ 79.809681][ T5139] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.810838][ T5139] Bad inode number on dev loop0: 2 is out of range [ 79.811870][ T5139] SysV FS: get root inode failed [ 79.812752][ T5139] oldfs: cannot read superblock [ 79.816845][ C0] ------------[ cut here ]------------ [ 79.817770][ C0] VFS: brelse: Trying to free free buffer [ 79.818661][ C0] WARNING: CPU: 0 PID: 4727 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.819965][ C0] Modules linked in: [ 79.820535][ C0] CPU: 0 PID: 4727 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.821884][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.823424][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.824586][ C0] pc : invalidate_bh_lru+0x128/0x22c [ 79.825405][ C0] lr : invalidate_bh_lru+0x128/0x22c [ 79.826163][ C0] sp : ffff800008007de0 [ 79.826749][ C0] x29: ffff800008007de0 x28: ffff0000ee5b8000 x27: 1fffe000341f245c [ 79.827887][ C0] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000001 [ 79.829060][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e284c888 [ 79.830239][ C0] x20: ffff0001a0f922e0 x19: ffff80001145af60 x18: 0000000000010002 [ 79.831476][ C0] x17: 0000000000010002 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.832721][ C0] x14: 0000000000000001 x13: 1fffe000341f07ab x12: 0000000000ff0100 [ 79.833941][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 674286dffb2bba00 [ 79.835121][ C0] x8 : 674286dffb2bba00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.836369][ C0] x5 : ffff8000080076f8 x4 : ffff80001436f3e0 x3 : ffff800008508fa8 [ 79.837570][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.838734][ C0] Call trace: [ 79.839217][ C0] invalidate_bh_lru+0x128/0x22c [ 79.839939][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.840873][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.841907][ C0] ipi_handler+0x10c/0x6fc [ 79.842616][ C0] handle_percpu_devid_irq+0x29c/0x764 [ 79.843397][ C0] handle_domain_irq+0x144/0x1fc [ 79.844159][ C0] gic_handle_irq+0x78/0x1b8 [ 79.844830][ C0] call_on_irq_stack+0x30/0x48 [ 79.845557][ C0] do_interrupt_handler+0x6c/0x88 [ 79.846291][ C0] el0_interrupt+0x94/0x248 [ 79.846952][ C0] __el0_irq_handler_common+0x18/0x24 [ 79.847775][ C0] el0t_64_irq_handler+0x10/0x1c [ 79.848474][ C0] el0t_64_irq+0x1a0/0x1a4 [ 79.849090][ C0] irq event stamp: 330786 [ 79.849960][ C0] hardirqs last enabled at (330785): [] el0t_64_sync_handler+0x6c/0xe4 [ 79.851632][ C0] hardirqs last disabled at (330786): [] __el0_irq_handler_common+0x18/0x24 [ 79.853278][ C0] softirqs last enabled at (330782): [] local_bh_enable+0x10/0x34 [ 79.854713][ C0] softirqs last disabled at (330780): [] local_bh_disable+0x10/0x34 [ 79.856114][ C0] ---[ end trace 2595cf549e09dc1c ]--- [ 79.907475][ T5141] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.908794][ T5141] Bad inode number on dev loop0: 2 is out of range [ 79.909818][ T5141] SysV FS: get root inode failed [ 79.910604][ T5141] oldfs: cannot read superblock [ 79.916622][ T4977] ------------[ cut here ]------------ [ 79.917508][ T4977] VFS: brelse: Trying to free free buffer [ 79.918365][ T4977] WARNING: CPU: 0 PID: 4977 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x22c [ 79.919652][ T4977] Modules linked in: [ 79.920263][ T4977] CPU: 0 PID: 4977 Comm: udevd Tainted: G W syzkaller #0 [ 79.921463][ T4977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.922965][ T4977] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.924182][ T4977] pc : invalidate_bh_lru+0x128/0x22c [ 79.924951][ T4977] lr : invalidate_bh_lru+0x128/0x22c [ 79.925687][ T4977] sp : ffff80001f7277c0 [ 79.926391][ T4977] x29: ffff80001f7277c0 x28: ffff80001428d000 x27: 1fffe000341f245b [ 79.927573][ T4977] x26: 0000000000000001 x25: ffff0001a0f922d8 x24: 0000000000000000 [ 79.928848][ T4977] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e284cc28 [ 79.930009][ T4977] x20: ffff0001a0f922d8 x19: ffff80001145af60 x18: 0000000000000003 [ 79.931200][ T4977] x17: 0000000000000000 x16: ffff800011254fd8 x15: 00000000ffffffff [ 79.932476][ T4977] x14: 0000000000000001 x13: 1fffe000341f1ed7 x12: 0000000000ff0100 [ 79.933596][ T4977] x11: 0000000000000002 x10: 0000000000000000 x9 : ab6bd156e24fbe00 [ 79.934845][ T4977] x8 : ab6bd156e24fbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.936137][ T4977] x5 : ffff80001f7270d8 x4 : ffff80001436f3e0 x3 : ffff80000a75d4cc [ 79.937336][ T4977] x2 : ffff0001a0f83d50 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.938603][ T4977] Call trace: [ 79.939106][ T4977] invalidate_bh_lru+0x128/0x22c [ 79.939885][ T4977] smp_call_function_many_cond+0xa50/0xeac [ 79.940756][ T4977] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.941610][ T4977] invalidate_bh_lrus+0x34/0x40 [ 79.942370][ T4977] blkdev_flush_mapping+0x16c/0x334 [ 79.943182][ T4977] blkdev_put+0x490/0x6ac [ 79.943897][ T4977] blkdev_close+0x74/0xb0 [ 79.944591][ T4977] __fput+0x1c0/0x7e8 [ 79.945207][ T4977] ____fput+0x20/0x30 [ 79.945803][ T4977] task_work_run+0x12c/0x1d8 [ 79.946500][ T4977] do_notify_resume+0x2450/0x309c [ 79.947256][ T4977] el0_svc+0xf0/0x1d0 [ 79.947788][ T4977] el0t_64_sync_handler+0xcc/0xe4 [ 79.948550][ T4977] el0t_64_sync+0x1a0/0x1a4 [ 79.949267][ T4977] irq event stamp: 304724 [ 79.949967][ T4977] hardirqs last enabled at (304723): [] kasan_quarantine_put+0xc4/0x200 [ 79.951522][ T4977] hardirqs last disabled at (304724): [] smp_call_function_many_cond+0xa44/0xeac [ 79.953149][ T4977] softirqs last enabled at (304506): [] local_bh_enable+0x10/0x34 [ 79.954507][ T4977] softirqs last disabled at (304504): [] local_bh_disable+0x10/0x34 [ 79.955894][ T4977] ---[ end trace 2595cf549e09dc1d ]--- 1970/01/01 00:01:19 executed programs: 92