Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. 1970/01/01 00:01:01 parsed 1 programs [ 62.436940][ T4532] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 64.289318][ T4615] chnl_net:caif_netlink_parms(): no params data found [ 64.309514][ T4615] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.310739][ T4615] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.312316][ T4615] device bridge_slave_0 entered promiscuous mode [ 64.314541][ T4615] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.315760][ T4615] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.317322][ T4615] device bridge_slave_1 entered promiscuous mode [ 64.326560][ T4615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.329191][ T4615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.338472][ T4615] team0: Port device team_slave_0 added [ 64.340544][ T4615] team0: Port device team_slave_1 added [ 64.349155][ T4615] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.350251][ T4615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.354545][ T4615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.356953][ T4615] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.357997][ T4615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.362252][ T4615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.425621][ T4615] device hsr_slave_0 entered promiscuous mode [ 64.474945][ T4615] device hsr_slave_1 entered promiscuous mode [ 65.041672][ T4615] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 65.066198][ T4615] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 65.115847][ T4615] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 65.207156][ T4615] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.300896][ T4615] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.302076][ T4615] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.303284][ T4615] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.304427][ T4615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.311164][ T136] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.312780][ T136] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.338688][ T4615] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.343071][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.344563][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.347880][ T4615] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.350729][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.352627][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.354030][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.355221][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.366754][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.368691][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.370208][ T1644] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.371325][ T1644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.373290][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.383080][ T4615] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.385685][ T4615] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.388721][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.390558][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.392738][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.396252][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.397964][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.399557][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.401258][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.405038][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.406618][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.411437][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.413048][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.491533][ T4615] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.508044][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 65.509360][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 65.510547][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 65.514239][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 65.522224][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 65.523930][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 65.526630][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 65.528135][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 65.532710][ T4615] device veth0_vlan entered promiscuous mode [ 65.543006][ T4615] device veth1_vlan entered promiscuous mode [ 65.553762][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 65.555336][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 65.556776][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 65.558277][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 65.562237][ T4615] device veth0_macvtap entered promiscuous mode [ 65.566644][ T4615] device veth1_macvtap entered promiscuous mode [ 65.577637][ T4615] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.578920][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 65.580393][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 65.581845][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 65.583341][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 65.587339][ T4615] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.589471][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 65.591050][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 65.593237][ T4615] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.596128][ T4615] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.597556][ T4615] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.598902][ T4615] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.694496][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.695741][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.697615][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 65.706796][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.708174][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.710007][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:05 executed programs: 0 [ 65.986042][ T4760] chnl_net:caif_netlink_parms(): no params data found [ 66.006402][ T4760] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.007590][ T4760] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.009114][ T4760] device bridge_slave_0 entered promiscuous mode [ 66.011218][ T4760] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.012397][ T4760] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.013785][ T4760] device bridge_slave_1 entered promiscuous mode [ 66.022520][ T4760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.025866][ T4760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.037786][ T4760] team0: Port device team_slave_0 added [ 66.040014][ T4760] team0: Port device team_slave_1 added [ 66.047813][ T4760] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.048956][ T4760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.052871][ T4760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.055660][ T4760] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.056771][ T4760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.060734][ T4760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.105859][ T4760] device hsr_slave_0 entered promiscuous mode [ 66.134663][ T4760] device hsr_slave_1 entered promiscuous mode [ 66.194578][ T4760] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.195928][ T4760] Cannot create hsr debugfs directory [ 66.232110][ T4760] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.944934][ T4141] Bluetooth: hci0: command 0x0409 tx timeout [ 68.598894][ T4760] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.636581][ T1969] cfg80211: failed to load regulatory.db [ 69.638381][ T2065] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.639378][ T2065] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.024417][ T1969] Bluetooth: hci0: command 0x041b tx timeout [ 70.948042][ T4760] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.990160][ T4760] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.171078][ T4760] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.206284][ T4760] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.264813][ T4760] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.316279][ T4760] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.379929][ T4760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.383832][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.385687][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.388422][ T4760] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.390969][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.392591][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.394396][ T136] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.395462][ T136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.397002][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.399993][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.401778][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.403155][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.404360][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.413767][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.417197][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.420056][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.422198][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.423846][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.427165][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.429185][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.431994][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.433501][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.437790][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.439289][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.441928][ T4760] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.484179][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 71.486009][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 71.490441][ T4760] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.497993][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 71.499754][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 71.507988][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 71.509466][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 71.511087][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 71.512518][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 71.515384][ T4760] device veth0_vlan entered promiscuous mode [ 71.519071][ T4760] device veth1_vlan entered promiscuous mode [ 71.527460][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 71.529097][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 71.531549][ T4760] device veth0_macvtap entered promiscuous mode [ 71.534065][ T4760] device veth1_macvtap entered promiscuous mode [ 71.538978][ T4760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.540707][ T4760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.542781][ T4760] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.543991][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.547065][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.548522][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.550088][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.553528][ T4760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.556650][ T4760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.558839][ T4760] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.566866][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.568518][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.571343][ T4760] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.572721][ T4760] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.574057][ T4760] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.575564][ T4760] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.599180][ T348] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.603511][ T348] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.615253][ T348] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.617025][ T348] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.618425][ T348] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.620413][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:01:11 executed programs: 2 [ 71.640886][ T5004] loop0: detected capacity change from 0 to 128 [ 71.662368][ T5004] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.663556][ T5004] Bad inode number on dev loop0: 2 is out of range [ 71.664889][ T5004] SysV FS: get root inode failed [ 71.665711][ T5004] oldfs: cannot read superblock [ 71.672825][ C0] ------------[ cut here ]------------ [ 71.673674][ C0] VFS: brelse: Trying to free free buffer [ 71.674455][ C0] WARNING: CPU: 0 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.675701][ C0] Modules linked in: [ 71.676241][ C0] CPU: 0 PID: 3662 Comm: udevd Not tainted syzkaller #0 [ 71.677232][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.678684][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.679814][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 71.680570][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 71.681286][ C0] sp : ffff800008007de0 [ 71.681843][ C0] x29: ffff800008007de0 x28: ffff0000d6abb680 x27: 1fffe0003421625c [ 71.682991][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 71.684136][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b39ee0 [ 71.685306][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 71.686497][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 71.687673][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.688789][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 588cec668cba1a00 [ 71.689996][ C0] x8 : 588cec668cba1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.691106][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 71.692234][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 71.693363][ C0] Call trace: [ 71.693897][ C0] invalidate_bh_lru+0x128/0x234 [ 71.694653][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 71.695458][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.696450][ C0] ipi_handler+0x10c/0x710 [ 71.697094][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 71.697891][ C0] handle_domain_irq+0x144/0x1fc [ 71.698567][ C0] gic_handle_irq+0x78/0x1c8 [ 71.699183][ C0] call_on_irq_stack+0x30/0x48 [ 71.699838][ C0] do_interrupt_handler+0x6c/0x88 [ 71.700536][ C0] el1_interrupt+0x30/0x58 [ 71.701185][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.701939][ C0] el1h_64_irq+0x78/0x7c [ 71.702600][ C0] el0_svc_common+0xa8/0x258 [ 71.703272][ C0] do_el0_svc+0x58/0x14c [ 71.703886][ C0] el0_svc+0x78/0x1e0 [ 71.704523][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 71.705243][ C0] el0t_64_sync+0x1a0/0x1a4 [ 71.705924][ C0] irq event stamp: 1087632 [ 71.706593][ C0] hardirqs last enabled at (1087631): [] el0_svc_common+0x9c/0x258 [ 71.707884][ C0] hardirqs last disabled at (1087632): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.709351][ C0] softirqs last enabled at (1087552): [] local_bh_enable+0x10/0x34 [ 71.710710][ C0] softirqs last disabled at (1087550): [] local_bh_disable+0x10/0x34 [ 71.712014][ C0] ---[ end trace 9e056b27e87ea90c ]--- [ 71.760784][ T5006] loop0: detected capacity change from 0 to 128 [ 71.797031][ T5006] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.798286][ T5006] Bad inode number on dev loop0: 2 is out of range [ 71.799353][ T5006] SysV FS: get root inode failed [ 71.800148][ T5006] oldfs: cannot read superblock [ 71.808785][ C0] ------------[ cut here ]------------ [ 71.809661][ C0] VFS: brelse: Trying to free free buffer [ 71.810558][ C0] WARNING: CPU: 0 PID: 5007 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.811840][ C0] Modules linked in: [ 71.812414][ C0] CPU: 0 PID: 5007 Comm: syz.0.17 Tainted: G W syzkaller #0 [ 71.813679][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.815148][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.816251][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 71.817110][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 71.817899][ C0] sp : ffff800008007de0 [ 71.818453][ C0] x29: ffff800008007de0 x28: ffff0000d0d3d1c0 x27: 1fffe0003421625c [ 71.819613][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 71.820828][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b39318 [ 71.822015][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 71.823131][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 71.824347][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.825547][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 618a48836439fd00 [ 71.826745][ C0] x8 : 618a48836439fd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.827934][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 71.829123][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 71.830356][ C0] Call trace: [ 71.830844][ C0] invalidate_bh_lru+0x128/0x234 [ 71.831553][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 71.832420][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 71.833487][ C0] ipi_handler+0x10c/0x710 [ 71.834182][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 71.834997][ C0] handle_domain_irq+0x144/0x1fc [ 71.835718][ C0] gic_handle_irq+0x78/0x1c8 [ 71.836378][ C0] call_on_irq_stack+0x30/0x48 [ 71.837084][ C0] do_interrupt_handler+0x6c/0x88 [ 71.837805][ C0] el1_interrupt+0x30/0x58 [ 71.838478][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.839140][ C0] el1h_64_irq+0x78/0x7c [ 71.839747][ C0] invoke_syscall+0x80/0x2b8 [ 71.840445][ C0] el0_svc_common+0x138/0x258 [ 71.841118][ C0] do_el0_svc+0x58/0x14c [ 71.841718][ C0] el0_svc+0x78/0x1e0 [ 71.842318][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 71.843046][ C0] el0t_64_sync+0x1a0/0x1a4 [ 71.843707][ C0] irq event stamp: 1338 [ 71.844303][ C0] hardirqs last enabled at (1337): [] el0_svc_common+0x9c/0x258 [ 71.845798][ C0] hardirqs last disabled at (1338): [] enter_el1_irq_or_nmi+0x10/0x1c [ 71.847318][ C0] softirqs last enabled at (1122): [] local_bh_enable+0x10/0x34 [ 71.848748][ C0] softirqs last disabled at (1120): [] local_bh_disable+0x10/0x34 [ 71.850175][ C0] ---[ end trace 9e056b27e87ea90d ]--- [ 71.885346][ T5008] loop0: detected capacity change from 0 to 128 [ 71.925802][ T5008] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 71.926889][ T5008] Bad inode number on dev loop0: 2 is out of range [ 71.927811][ T5008] SysV FS: get root inode failed [ 71.928631][ T5008] oldfs: cannot read superblock [ 71.929388][ T5008] ------------[ cut here ]------------ [ 71.930163][ T5008] VFS: brelse: Trying to free free buffer [ 71.930989][ T5008] WARNING: CPU: 0 PID: 5008 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 71.932213][ T5008] Modules linked in: [ 71.932805][ T5008] CPU: 0 PID: 5008 Comm: syz.0.17 Tainted: G W syzkaller #0 [ 71.933953][ T5008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.935338][ T5008] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 71.936437][ T5008] pc : invalidate_bh_lru+0x128/0x234 [ 71.937184][ T5008] lr : invalidate_bh_lru+0x128/0x234 [ 71.937953][ T5008] sp : ffff80001fd276e0 [ 71.938546][ T5008] x29: ffff80001fd276e0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 71.939692][ T5008] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 71.940849][ T5008] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b396b8 [ 71.941984][ T5008] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 71.943169][ T5008] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 71.944414][ T5008] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.945642][ T5008] x11: 0000000000000002 x10: 0000000000000000 x9 : f02007c668a23d00 [ 71.946937][ T5008] x8 : f02007c668a23d00 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.948223][ T5008] x5 : ffff80001fd26fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 71.949402][ T5008] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 71.950612][ T5008] Call trace: [ 71.951051][ T5008] invalidate_bh_lru+0x128/0x234 [ 71.951807][ T5008] smp_call_function_many_cond+0xa50/0xeb0 [ 71.952655][ T5008] on_each_cpu_cond_mask+0x5c/0xc4 [ 71.953455][ T5008] invalidate_bh_lrus+0x34/0x40 [ 71.954207][ T5008] blkdev_flush_mapping+0x168/0x31c [ 71.954987][ T5008] blkdev_put+0x490/0x6ac [ 71.955661][ T5008] kill_block_super+0x98/0xdc [ 71.956361][ T5008] deactivate_locked_super+0xb8/0x13c [ 71.957137][ T5008] mount_bdev+0x284/0x358 [ 71.957794][ T5008] sysv_mount+0x44/0x58 [ 71.958423][ T5008] legacy_get_tree+0xd4/0x16c [ 71.959106][ T5008] vfs_get_tree+0x90/0x274 [ 71.959742][ T5008] do_new_mount+0x228/0x810 [ 71.960423][ T5008] path_mount+0x5b4/0x1000 [ 71.961014][ T5008] __arm64_sys_mount+0x514/0x5e4 [ 71.961764][ T5008] invoke_syscall+0x98/0x2b8 [ 71.962424][ T5008] el0_svc_common+0x138/0x258 [ 71.963158][ T5008] do_el0_svc+0x58/0x14c [ 71.963772][ T5008] el0_svc+0x78/0x1e0 [ 71.964342][ T5008] el0t_64_sync_handler+0xcc/0xe4 [ 71.965111][ T5008] el0t_64_sync+0x1a0/0x1a4 [ 71.965758][ T5008] irq event stamp: 1146 [ 71.966462][ T5008] hardirqs last enabled at (1145): [] kasan_quarantine_put+0xc4/0x204 [ 71.967779][ T5008] hardirqs last disabled at (1146): [] smp_call_function_many_cond+0xa44/0xeb0 [ 71.969347][ T5008] softirqs last enabled at (892): [] local_bh_enable+0x10/0x34 [ 71.970702][ T5008] softirqs last disabled at (890): [] local_bh_disable+0x10/0x34 [ 71.972295][ T5008] ---[ end trace 9e056b27e87ea90e ]--- [ 72.047709][ T5010] loop0: detected capacity change from 0 to 128 [ 72.052016][ T5010] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.053550][ T5010] Bad inode number on dev loop0: 2 is out of range [ 72.056575][ T5010] SysV FS: get root inode failed [ 72.057565][ T5010] oldfs: cannot read superblock [ 72.063680][ T4992] ------------[ cut here ]------------ [ 72.064614][ T4992] VFS: brelse: Trying to free free buffer [ 72.065544][ T4992] WARNING: CPU: 1 PID: 4992 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.066882][ T4992] Modules linked in: [ 72.067457][ T4992] CPU: 1 PID: 4992 Comm: udevd Tainted: G W syzkaller #0 [ 72.068701][ T4992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.070239][ T4992] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.071422][ T4992] pc : invalidate_bh_lru+0x128/0x234 [ 72.072227][ T4992] lr : invalidate_bh_lru+0x128/0x234 [ 72.072966][ T4992] sp : ffff80001fc777c0 [ 72.073567][ T4992] x29: ffff80001fc777c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 72.074763][ T4992] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 72.075973][ T4992] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b46888 [ 72.077197][ T4992] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 72.078381][ T4992] x17: 0000000000000000 x16: ffff800008302164 x15: 00000000ffffffff [ 72.079533][ T4992] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.080733][ T4992] x11: 0000000000000002 x10: 0000000000000000 x9 : 59cf4e8ebad48e00 [ 72.081982][ T4992] x8 : 59cf4e8ebad48e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.083290][ T4992] x5 : ffff80001fc770b8 x4 : ffff80001426f5a0 x3 : ffff800008302274 [ 72.084501][ T4992] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.085747][ T4992] Call trace: [ 72.086217][ T4992] invalidate_bh_lru+0x128/0x234 [ 72.087016][ T4992] smp_call_function_many_cond+0xa50/0xeb0 [ 72.087903][ T4992] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.088738][ T4992] invalidate_bh_lrus+0x34/0x40 [ 72.089487][ T4992] blkdev_flush_mapping+0x168/0x31c [ 72.090312][ T4992] blkdev_put+0x490/0x6ac [ 72.090987][ T4992] blkdev_close+0x74/0xb0 [ 72.091688][ T4992] __fput+0x1c0/0x7f8 [ 72.092280][ T4992] ____fput+0x20/0x30 [ 72.092868][ T4992] task_work_run+0x12c/0x1e0 [ 72.093539][ T4992] do_notify_resume+0x24b4/0x3128 [ 72.094260][ T4992] el0_svc+0xf0/0x1e0 [ 72.094874][ T4992] el0t_64_sync_handler+0xcc/0xe4 [ 72.095648][ T4992] el0t_64_sync+0x1a0/0x1a4 [ 72.096321][ T4992] irq event stamp: 25412 [ 72.096960][ T4992] hardirqs last enabled at (25411): [] kasan_quarantine_put+0xc4/0x204 [ 72.098472][ T4992] hardirqs last disabled at (25412): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.100021][ T4992] softirqs last enabled at (25100): [] local_bh_enable+0x10/0x34 [ 72.101466][ T4992] softirqs last disabled at (25098): [] local_bh_disable+0x10/0x34 [ 72.102967][ T4992] ---[ end trace 9e056b27e87ea90f ]--- [ 72.104521][ T4143] Bluetooth: hci0: command 0x040f tx timeout [ 72.138162][ T5012] loop0: detected capacity change from 0 to 128 [ 72.140561][ T5012] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.141671][ T5012] Bad inode number on dev loop0: 2 is out of range [ 72.142725][ T5012] SysV FS: get root inode failed [ 72.143502][ T5012] oldfs: cannot read superblock [ 72.176512][ T4992] ------------[ cut here ]------------ [ 72.177480][ T4992] VFS: brelse: Trying to free free buffer [ 72.178397][ T4992] WARNING: CPU: 0 PID: 4992 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.179675][ T4992] Modules linked in: [ 72.180317][ T4992] CPU: 0 PID: 4992 Comm: udevd Tainted: G W syzkaller #0 [ 72.181599][ T4992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.183258][ T4992] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.184555][ T4992] pc : invalidate_bh_lru+0x128/0x234 [ 72.185362][ T4992] lr : invalidate_bh_lru+0x128/0x234 [ 72.186226][ T4992] sp : ffff80001fc777c0 [ 72.186874][ T4992] x29: ffff80001fc777c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 72.188156][ T4992] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 72.189381][ T4992] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b39a58 [ 72.190553][ T4992] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 72.191745][ T4992] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.192890][ T4992] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.194049][ T4992] x11: 0000000000000002 x10: 0000000000000000 x9 : 59cf4e8ebad48e00 [ 72.195161][ T4992] x8 : 59cf4e8ebad48e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.196312][ T4992] x5 : ffff80001fc770b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 72.197459][ T4992] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.198665][ T4992] Call trace: [ 72.199121][ T4992] invalidate_bh_lru+0x128/0x234 [ 72.199713][ T4992] smp_call_function_many_cond+0xa50/0xeb0 [ 72.200508][ T4992] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.201264][ T4992] invalidate_bh_lrus+0x34/0x40 [ 72.201990][ T4992] blkdev_flush_mapping+0x168/0x31c [ 72.202805][ T4992] blkdev_put+0x490/0x6ac [ 72.203432][ T4992] blkdev_close+0x74/0xb0 [ 72.204071][ T4992] __fput+0x1c0/0x7f8 [ 72.204707][ T4992] ____fput+0x20/0x30 [ 72.205318][ T4992] task_work_run+0x12c/0x1e0 [ 72.205999][ T4992] do_notify_resume+0x24b4/0x3128 [ 72.206701][ T4992] el0_svc+0xf0/0x1e0 [ 72.207332][ T4992] el0t_64_sync_handler+0xcc/0xe4 [ 72.208145][ T4992] el0t_64_sync+0x1a0/0x1a4 [ 72.208878][ T4992] irq event stamp: 32632 [ 72.209615][ T4992] hardirqs last enabled at (32631): [] kasan_quarantine_put+0xc4/0x204 [ 72.211219][ T4992] hardirqs last disabled at (32632): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.212921][ T4992] softirqs last enabled at (32618): [] local_bh_enable+0x10/0x34 [ 72.214352][ T4992] softirqs last disabled at (32616): [] local_bh_disable+0x10/0x34 [ 72.215821][ T4992] ---[ end trace 9e056b27e87ea910 ]--- [ 72.249231][ T5019] loop0: detected capacity change from 0 to 128 [ 72.286968][ T5019] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.288119][ T5019] Bad inode number on dev loop0: 2 is out of range [ 72.289116][ T5019] SysV FS: get root inode failed [ 72.289862][ T5019] oldfs: cannot read superblock [ 72.297000][ C0] ------------[ cut here ]------------ [ 72.297931][ C0] VFS: brelse: Trying to free free buffer [ 72.298848][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.300224][ C0] Modules linked in: [ 72.300883][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.302478][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.304127][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.305410][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 72.306292][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 72.307125][ C0] sp : ffff800008007de0 [ 72.307836][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 72.309219][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 72.310568][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b38d10 [ 72.311941][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 72.313252][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.314515][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.315789][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 72.317141][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.318536][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 72.319832][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.321176][ C0] Call trace: [ 72.321677][ C0] invalidate_bh_lru+0x128/0x234 [ 72.322468][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 72.323373][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.324502][ C0] ipi_handler+0x10c/0x710 [ 72.325240][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 72.326093][ C0] handle_domain_irq+0x144/0x1fc [ 72.326842][ C0] gic_handle_irq+0x78/0x1c8 [ 72.327643][ C0] call_on_irq_stack+0x30/0x48 [ 72.328402][ C0] do_interrupt_handler+0x6c/0x88 [ 72.329238][ C0] el1_interrupt+0x30/0x58 [ 72.329914][ C0] el1h_64_irq_handler+0x18/0x24 [ 72.330700][ C0] el1h_64_irq+0x78/0x7c [ 72.331357][ C0] seqcount_lockdep_reader_access+0x15c/0x230 [ 72.332348][ C0] bad_range+0xa0/0x2a0 [ 72.332981][ C0] get_page_from_freelist+0x2954/0x2aa8 [ 72.333875][ C0] __alloc_pages+0x1a0/0x470 [ 72.334544][ C0] alloc_pages+0x34c/0x5c0 [ 72.335189][ C0] get_zeroed_page+0x20/0x8c [ 72.335885][ C0] __pud_alloc+0x48/0x1cc [ 72.336532][ C0] copy_page_range+0x1fa8/0x22a8 [ 72.337297][ C0] copy_mm+0x9d4/0x1090 [ 72.337909][ C0] copy_process+0x14d8/0x34ac [ 72.338636][ C0] kernel_clone+0x1d8/0x9d4 [ 72.339317][ C0] __arm64_sys_clone+0x138/0x190 [ 72.340052][ C0] invoke_syscall+0x98/0x2b8 [ 72.340823][ C0] el0_svc_common+0x138/0x258 [ 72.341588][ C0] do_el0_svc+0x58/0x14c [ 72.342304][ C0] el0_svc+0x78/0x1e0 [ 72.342915][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 72.343698][ C0] el0t_64_sync+0x1a0/0x1a4 [ 72.344380][ C0] irq event stamp: 186970 [ 72.345055][ C0] hardirqs last enabled at (186969): [] seqcount_lockdep_reader_access+0x14c/0x230 [ 72.346750][ C0] hardirqs last disabled at (186970): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.348247][ C0] softirqs last enabled at (186916): [] local_bh_enable+0x10/0x34 [ 72.349648][ C0] softirqs last disabled at (186914): [] local_bh_disable+0x10/0x34 [ 72.351070][ C0] ---[ end trace 9e056b27e87ea911 ]--- [ 72.387936][ T5021] loop0: detected capacity change from 0 to 128 [ 72.475894][ T5021] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.477006][ T5021] Bad inode number on dev loop0: 2 is out of range [ 72.478044][ T5021] SysV FS: get root inode failed [ 72.478783][ T5021] oldfs: cannot read superblock [ 72.479471][ T5021] ------------[ cut here ]------------ [ 72.480272][ T5021] VFS: brelse: Trying to free free buffer [ 72.481100][ T5021] WARNING: CPU: 0 PID: 5021 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.482366][ T5021] Modules linked in: [ 72.482944][ T5021] CPU: 0 PID: 5021 Comm: syz.0.23 Tainted: G W syzkaller #0 [ 72.484177][ T5021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.485671][ T5021] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.486870][ T5021] pc : invalidate_bh_lru+0x128/0x234 [ 72.487678][ T5021] lr : invalidate_bh_lru+0x128/0x234 [ 72.488458][ T5021] sp : ffff80001fd176e0 [ 72.489092][ T5021] x29: ffff80001fd176e0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 72.490324][ T5021] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 72.491550][ T5021] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b38230 [ 72.492794][ T5021] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 72.494065][ T5021] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.495289][ T5021] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.496577][ T5021] x11: 0000000000000002 x10: 0000000000000000 x9 : 499231ad20342500 [ 72.497846][ T5021] x8 : 499231ad20342500 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.499029][ T5021] x5 : ffff80001fd16fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 72.500194][ T5021] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.501452][ T5021] Call trace: [ 72.501969][ T5021] invalidate_bh_lru+0x128/0x234 [ 72.502742][ T5021] smp_call_function_many_cond+0xa50/0xeb0 [ 72.503559][ T5021] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.504314][ T5021] invalidate_bh_lrus+0x34/0x40 [ 72.504967][ T5021] blkdev_flush_mapping+0x168/0x31c [ 72.505714][ T5021] blkdev_put+0x490/0x6ac [ 72.506360][ T5021] kill_block_super+0x98/0xdc [ 72.507040][ T5021] deactivate_locked_super+0xb8/0x13c [ 72.507791][ T5021] mount_bdev+0x284/0x358 [ 72.508383][ T5021] sysv_mount+0x44/0x58 [ 72.509040][ T5021] legacy_get_tree+0xd4/0x16c [ 72.509682][ T5021] vfs_get_tree+0x90/0x274 [ 72.510275][ T5021] do_new_mount+0x228/0x810 [ 72.510905][ T5021] path_mount+0x5b4/0x1000 [ 72.511537][ T5021] __arm64_sys_mount+0x514/0x5e4 [ 72.512212][ T5021] invoke_syscall+0x98/0x2b8 [ 72.512920][ T5021] el0_svc_common+0x138/0x258 [ 72.513623][ T5021] do_el0_svc+0x58/0x14c [ 72.514255][ T5021] el0_svc+0x78/0x1e0 [ 72.514841][ T5021] el0t_64_sync_handler+0xcc/0xe4 [ 72.515563][ T5021] el0t_64_sync+0x1a0/0x1a4 [ 72.516245][ T5021] irq event stamp: 1164 [ 72.516835][ T5021] hardirqs last enabled at (1163): [] kasan_quarantine_put+0xc4/0x204 [ 72.518207][ T5021] hardirqs last disabled at (1164): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.519824][ T5021] softirqs last enabled at (916): [] local_bh_enable+0x10/0x34 [ 72.521179][ T5021] softirqs last disabled at (914): [] local_bh_disable+0x10/0x34 [ 72.522556][ T5021] ---[ end trace 9e056b27e87ea912 ]--- [ 72.640706][ T5023] loop0: detected capacity change from 0 to 128 [ 72.643338][ T5023] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.647704][ T5023] Bad inode number on dev loop0: 2 is out of range [ 72.648947][ T5023] SysV FS: get root inode failed [ 72.649844][ T5023] oldfs: cannot read superblock [ 72.660493][ T4992] ------------[ cut here ]------------ [ 72.661429][ T4992] VFS: brelse: Trying to free free buffer [ 72.662395][ T4992] WARNING: CPU: 1 PID: 4992 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.663692][ T4992] Modules linked in: [ 72.664277][ T4992] CPU: 1 PID: 4992 Comm: udevd Tainted: G W syzkaller #0 [ 72.665527][ T4992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.667042][ T4992] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.668248][ T4992] pc : invalidate_bh_lru+0x128/0x234 [ 72.669073][ T4992] lr : invalidate_bh_lru+0x128/0x234 [ 72.669887][ T4992] sp : ffff80001fc777c0 [ 72.670537][ T4992] x29: ffff80001fc777c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 72.671802][ T4992] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 72.673022][ T4992] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b46c28 [ 72.674285][ T4992] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 72.675588][ T4992] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.676821][ T4992] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.678095][ T4992] x11: 0000000000000002 x10: 0000000000000000 x9 : 59cf4e8ebad48e00 [ 72.679289][ T4992] x8 : 59cf4e8ebad48e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.680465][ T4992] x5 : ffff80001fc770b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 72.681661][ T4992] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.682872][ T4992] Call trace: [ 72.683327][ T4992] invalidate_bh_lru+0x128/0x234 [ 72.684037][ T4992] smp_call_function_many_cond+0xa50/0xeb0 [ 72.684894][ T4992] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.685648][ T4992] invalidate_bh_lrus+0x34/0x40 [ 72.686315][ T4992] blkdev_flush_mapping+0x168/0x31c [ 72.687074][ T4992] blkdev_put+0x490/0x6ac [ 72.687685][ T4992] blkdev_close+0x74/0xb0 [ 72.688339][ T4992] __fput+0x1c0/0x7f8 [ 72.688928][ T4992] ____fput+0x20/0x30 [ 72.689516][ T4992] task_work_run+0x12c/0x1e0 [ 72.690210][ T4992] do_notify_resume+0x24b4/0x3128 [ 72.690958][ T4992] el0_svc+0xf0/0x1e0 [ 72.691543][ T4992] el0t_64_sync_handler+0xcc/0xe4 [ 72.692244][ T4992] el0t_64_sync+0x1a0/0x1a4 [ 72.692929][ T4992] irq event stamp: 52072 [ 72.693559][ T4992] hardirqs last enabled at (52071): [] kasan_quarantine_put+0xc4/0x204 [ 72.695076][ T4992] hardirqs last disabled at (52072): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.696634][ T4992] softirqs last enabled at (51846): [] local_bh_enable+0x10/0x34 [ 72.698008][ T4992] softirqs last disabled at (51844): [] local_bh_disable+0x10/0x34 [ 72.699355][ T4992] ---[ end trace 9e056b27e87ea913 ]--- [ 72.708188][ T5025] loop0: detected capacity change from 0 to 128 [ 72.711997][ T5025] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.713171][ T5025] Bad inode number on dev loop0: 2 is out of range [ 72.714120][ T5025] SysV FS: get root inode failed [ 72.716478][ T5025] oldfs: cannot read superblock [ 72.723540][ T4992] ------------[ cut here ]------------ [ 72.724407][ T4992] VFS: brelse: Trying to free free buffer [ 72.725293][ T4992] WARNING: CPU: 1 PID: 4992 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.726709][ T4992] Modules linked in: [ 72.727295][ T4992] CPU: 1 PID: 4992 Comm: udevd Tainted: G W syzkaller #0 [ 72.728595][ T4992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.730179][ T4992] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.731387][ T4992] pc : invalidate_bh_lru+0x128/0x234 [ 72.732190][ T4992] lr : invalidate_bh_lru+0x128/0x234 [ 72.732972][ T4992] sp : ffff80001fc777c0 [ 72.733571][ T4992] x29: ffff80001fc777c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 72.734759][ T4992] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 72.735924][ T4992] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2ab060 [ 72.737157][ T4992] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 72.738524][ T4992] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.739755][ T4992] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.740962][ T4992] x11: 0000000000000002 x10: 0000000000000000 x9 : 59cf4e8ebad48e00 [ 72.742163][ T4992] x8 : 59cf4e8ebad48e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.743338][ T4992] x5 : ffff80001fc770b8 x4 : ffff80001426f5a0 x3 : ffff80000a728ccc [ 72.744468][ T4992] x2 : ffff0001a10c3d50 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.745793][ T4992] Call trace: [ 72.746304][ T4992] invalidate_bh_lru+0x128/0x234 [ 72.747136][ T4992] smp_call_function_many_cond+0xa50/0xeb0 [ 72.748103][ T4992] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.748962][ T4992] invalidate_bh_lrus+0x34/0x40 [ 72.749739][ T4992] blkdev_flush_mapping+0x168/0x31c [ 72.750598][ T4992] blkdev_put+0x490/0x6ac [ 72.751288][ T4992] blkdev_close+0x74/0xb0 [ 72.751967][ T4992] __fput+0x1c0/0x7f8 [ 72.752631][ T4992] ____fput+0x20/0x30 [ 72.753227][ T4992] task_work_run+0x12c/0x1e0 [ 72.753954][ T4992] do_notify_resume+0x24b4/0x3128 [ 72.754697][ T4992] el0_svc+0xf0/0x1e0 [ 72.755347][ T4992] el0t_64_sync_handler+0xcc/0xe4 [ 72.756094][ T4992] el0t_64_sync+0x1a0/0x1a4 [ 72.756821][ T4992] irq event stamp: 55884 [ 72.757466][ T4992] hardirqs last enabled at (55883): [] kasan_quarantine_put+0xc4/0x204 [ 72.758935][ T4992] hardirqs last disabled at (55884): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.760541][ T4992] softirqs last enabled at (55624): [] local_bh_enable+0x10/0x34 [ 72.761960][ T4992] softirqs last disabled at (55622): [] local_bh_disable+0x10/0x34 [ 72.763359][ T4992] ---[ end trace 9e056b27e87ea914 ]--- [ 72.787128][ T5027] loop0: detected capacity change from 0 to 128 [ 72.790978][ T5027] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.792519][ T5027] Bad inode number on dev loop0: 2 is out of range [ 72.793663][ T5027] SysV FS: get root inode failed [ 72.795195][ T5027] oldfs: cannot read superblock [ 72.801372][ C1] ------------[ cut here ]------------ [ 72.802249][ C1] VFS: brelse: Trying to free free buffer [ 72.803251][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.804652][ C1] Modules linked in: [ 72.805269][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 72.806635][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.808208][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.809554][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 72.810395][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 72.811276][ C1] sp : ffff800008017de0 [ 72.811927][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45c [ 72.813142][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 72.814411][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2ab400 [ 72.815740][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 72.817062][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.818319][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.819657][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 72.820888][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.822185][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 72.823408][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 72.824711][ C1] Call trace: [ 72.825243][ C1] invalidate_bh_lru+0x128/0x234 [ 72.826017][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 72.826928][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 72.827938][ C1] ipi_handler+0x10c/0x710 [ 72.828564][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 72.829394][ C1] handle_domain_irq+0x144/0x1fc [ 72.830153][ C1] gic_handle_irq+0x78/0x1c8 [ 72.830852][ C1] call_on_irq_stack+0x30/0x48 [ 72.831576][ C1] do_interrupt_handler+0x6c/0x88 [ 72.832332][ C1] el1_interrupt+0x30/0x58 [ 72.832978][ C1] el1h_64_irq_handler+0x18/0x24 [ 72.833681][ C1] el1h_64_irq+0x78/0x7c [ 72.834291][ C1] el0_svc_common+0xa8/0x258 [ 72.834956][ C1] do_el0_svc+0x58/0x14c [ 72.835553][ C1] el0_svc+0x78/0x1e0 [ 72.836172][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 72.836850][ C1] el0t_64_sync+0x1a0/0x1a4 [ 72.837480][ C1] irq event stamp: 199280 [ 72.838091][ C1] hardirqs last enabled at (199279): [] el0_svc_common+0x9c/0x258 [ 72.839423][ C1] hardirqs last disabled at (199280): [] enter_el1_irq_or_nmi+0x10/0x1c [ 72.840787][ C1] softirqs last enabled at (199188): [] local_bh_enable+0x10/0x34 [ 72.842160][ C1] softirqs last disabled at (199186): [] local_bh_disable+0x10/0x34 [ 72.843495][ C1] ---[ end trace 9e056b27e87ea915 ]--- [ 72.888933][ T5031] loop0: detected capacity change from 0 to 128 [ 72.901109][ T5031] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.902289][ T5031] Bad inode number on dev loop0: 2 is out of range [ 72.903300][ T5031] SysV FS: get root inode failed [ 72.904075][ T5031] oldfs: cannot read superblock [ 72.916877][ T5032] ------------[ cut here ]------------ [ 72.917710][ T5032] VFS: brelse: Trying to free free buffer [ 72.918574][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 72.919796][ T5032] Modules linked in: [ 72.920451][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 72.921642][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.923115][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 72.924375][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 72.925167][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 72.926018][ T5032] sp : ffff80001fd877c0 [ 72.926691][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 72.927982][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 72.929184][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b384e8 [ 72.930456][ T5032] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 72.931694][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 72.933011][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.934273][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 72.935554][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.936759][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 72.937920][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 72.939116][ T5032] Call trace: [ 72.939618][ T5032] invalidate_bh_lru+0x128/0x234 [ 72.940331][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 72.941253][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 72.941988][ T5032] invalidate_bh_lrus+0x34/0x40 [ 72.942721][ T5032] blkdev_flush_mapping+0x168/0x31c [ 72.943549][ T5032] blkdev_put+0x490/0x6ac [ 72.944189][ T5032] blkdev_close+0x74/0xb0 [ 72.944868][ T5032] __fput+0x1c0/0x7f8 [ 72.945503][ T5032] ____fput+0x20/0x30 [ 72.946101][ T5032] task_work_run+0x12c/0x1e0 [ 72.946770][ T5032] do_notify_resume+0x24b4/0x3128 [ 72.947537][ T5032] el0_svc+0xf0/0x1e0 [ 72.948158][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 72.948932][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 72.949701][ T5032] irq event stamp: 6408 [ 72.950395][ T5032] hardirqs last enabled at (6407): [] kasan_quarantine_put+0xc4/0x204 [ 72.951938][ T5032] hardirqs last disabled at (6408): [] smp_call_function_many_cond+0xa44/0xeb0 [ 72.953649][ T5032] softirqs last enabled at (6144): [] local_bh_enable+0x10/0x34 [ 72.955091][ T5032] softirqs last disabled at (6142): [] local_bh_disable+0x10/0x34 [ 72.956521][ T5032] ---[ end trace 9e056b27e87ea916 ]--- [ 72.987605][ T5034] loop0: detected capacity change from 0 to 128 [ 72.990544][ T5034] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 72.992008][ T5034] Bad inode number on dev loop0: 2 is out of range [ 72.993403][ T5034] SysV FS: get root inode failed [ 72.994379][ T5034] oldfs: cannot read superblock [ 73.001359][ T5032] ------------[ cut here ]------------ [ 73.002287][ T5032] VFS: brelse: Trying to free free buffer [ 73.003266][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.004614][ T5032] Modules linked in: [ 73.005215][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 73.006456][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.007941][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.009061][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 73.009837][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 73.010670][ T5032] sp : ffff80001fd877c0 [ 73.011277][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 73.012446][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 73.013693][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd8318 [ 73.014968][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 73.016180][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.017357][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.018473][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 73.019691][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.020948][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.022165][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.023323][ T5032] Call trace: [ 73.023799][ T5032] invalidate_bh_lru+0x128/0x234 [ 73.024557][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 73.025430][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.026175][ T5032] invalidate_bh_lrus+0x34/0x40 [ 73.027012][ T5032] blkdev_flush_mapping+0x168/0x31c [ 73.027885][ T5032] blkdev_put+0x490/0x6ac [ 73.028600][ T5032] blkdev_close+0x74/0xb0 [ 73.029300][ T5032] __fput+0x1c0/0x7f8 [ 73.029928][ T5032] ____fput+0x20/0x30 [ 73.030576][ T5032] task_work_run+0x12c/0x1e0 [ 73.031354][ T5032] do_notify_resume+0x24b4/0x3128 [ 73.032185][ T5032] el0_svc+0xf0/0x1e0 [ 73.032792][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 73.033640][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 73.034310][ T5032] irq event stamp: 10088 [ 73.034963][ T5032] hardirqs last enabled at (10087): [] kasan_quarantine_put+0xc4/0x204 [ 73.036455][ T5032] hardirqs last disabled at (10088): [] smp_call_function_many_cond+0xa44/0xeb0 [ 73.038133][ T5032] softirqs last enabled at (9826): [] local_bh_enable+0x10/0x34 [ 73.039538][ T5032] softirqs last disabled at (9824): [] local_bh_disable+0x10/0x34 [ 73.041047][ T5032] ---[ end trace 9e056b27e87ea917 ]--- [ 73.086458][ T5037] loop0: detected capacity change from 0 to 128 [ 73.090361][ T5037] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.091836][ T5037] Bad inode number on dev loop0: 2 is out of range [ 73.092861][ T5037] SysV FS: get root inode failed [ 73.093662][ T5037] oldfs: cannot read superblock [ 73.102834][ T5032] ------------[ cut here ]------------ [ 73.103734][ T5032] VFS: brelse: Trying to free free buffer [ 73.104706][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.105989][ T5032] Modules linked in: [ 73.106589][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 73.107870][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.109378][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.110537][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 73.111302][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 73.112140][ T5032] sp : ffff80001fd877c0 [ 73.112775][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 73.114042][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 73.115380][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd86b8 [ 73.116620][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 73.117955][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.119241][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.120508][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 73.121735][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.122969][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.124147][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.125420][ T5032] Call trace: [ 73.125899][ T5032] invalidate_bh_lru+0x128/0x234 [ 73.126594][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 73.127470][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.128344][ T5032] invalidate_bh_lrus+0x34/0x40 [ 73.129113][ T5032] blkdev_flush_mapping+0x168/0x31c [ 73.129941][ T5032] blkdev_put+0x490/0x6ac [ 73.130586][ T5032] blkdev_close+0x74/0xb0 [ 73.131303][ T5032] __fput+0x1c0/0x7f8 [ 73.131869][ T5032] ____fput+0x20/0x30 [ 73.132442][ T5032] task_work_run+0x12c/0x1e0 [ 73.133137][ T5032] do_notify_resume+0x24b4/0x3128 [ 73.133857][ T5032] el0_svc+0xf0/0x1e0 [ 73.134467][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 73.135227][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 73.135868][ T5032] irq event stamp: 14224 [ 73.136453][ T5032] hardirqs last enabled at (14223): [] kasan_quarantine_put+0xc4/0x204 [ 73.137859][ T5032] hardirqs last disabled at (14224): [] smp_call_function_many_cond+0xa44/0xeb0 [ 73.139424][ T5032] softirqs last enabled at (13966): [] local_bh_enable+0x10/0x34 [ 73.140780][ T5032] softirqs last disabled at (13964): [] local_bh_disable+0x10/0x34 [ 73.142198][ T5032] ---[ end trace 9e056b27e87ea918 ]--- [ 73.177528][ T5039] loop0: detected capacity change from 0 to 128 [ 73.182181][ T5039] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.183878][ T5039] Bad inode number on dev loop0: 2 is out of range [ 73.185264][ T5039] SysV FS: get root inode failed [ 73.185943][ T5039] oldfs: cannot read superblock [ 73.195252][ C1] ------------[ cut here ]------------ [ 73.196154][ C1] VFS: brelse: Trying to free free buffer [ 73.197066][ C1] WARNING: CPU: 1 PID: 5040 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.198419][ C1] Modules linked in: [ 73.199034][ C1] CPU: 1 PID: 5040 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.200370][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.201862][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.203034][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 73.203840][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 73.204674][ C1] sp : ffff800008017de0 [ 73.205224][ C1] x29: ffff800008017de0 x28: ffff0000d1791b40 x27: 1fffe0003421a45b [ 73.206394][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 73.207501][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd8a58 [ 73.208676][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010002 [ 73.209846][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.211029][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.212294][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : e4baee5c7fb2df00 [ 73.213456][ C1] x8 : e4baee5c7fb2df00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.214657][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.215815][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.217058][ C1] Call trace: [ 73.217542][ C1] invalidate_bh_lru+0x128/0x234 [ 73.218249][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.219166][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.220168][ C1] ipi_handler+0x10c/0x710 [ 73.220817][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 73.221584][ C1] handle_domain_irq+0x144/0x1fc [ 73.222270][ C1] gic_handle_irq+0x78/0x1c8 [ 73.222982][ C1] call_on_irq_stack+0x30/0x48 [ 73.223749][ C1] do_interrupt_handler+0x6c/0x88 [ 73.224536][ C1] el1_interrupt+0x30/0x58 [ 73.225203][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.225945][ C1] el1h_64_irq+0x78/0x7c [ 73.226565][ C1] stack_depot_save+0x1c8/0x49c [ 73.227256][ C1] kasan_set_track+0x68/0x84 [ 73.227908][ C1] kasan_set_free_info+0x28/0x4c [ 73.228633][ C1] ____kasan_slab_free+0x118/0x164 [ 73.229381][ C1] __kasan_slab_free+0x18/0x28 [ 73.230180][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 73.231098][ C1] kfree+0x170/0x40c [ 73.231729][ C1] tomoyo_path_perm+0x308/0x440 [ 73.232530][ C1] tomoyo_path_symlink+0xa8/0xec [ 73.233256][ C1] security_path_symlink+0xec/0x13c [ 73.234064][ C1] do_symlinkat+0x108/0x5a8 [ 73.234767][ C1] __arm64_sys_symlinkat+0xa4/0xbc [ 73.235632][ C1] invoke_syscall+0x98/0x2b8 [ 73.236416][ C1] el0_svc_common+0x138/0x258 [ 73.237216][ C1] do_el0_svc+0x58/0x14c [ 73.237899][ C1] el0_svc+0x78/0x1e0 [ 73.238509][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 73.239321][ C1] el0t_64_sync+0x1a0/0x1a4 [ 73.239999][ C1] irq event stamp: 918 [ 73.240603][ C1] hardirqs last enabled at (917): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 73.242108][ C1] hardirqs last disabled at (918): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.243561][ C1] softirqs last enabled at (826): [] local_bh_enable+0x10/0x34 [ 73.244927][ C1] softirqs last disabled at (824): [] local_bh_disable+0x10/0x34 [ 73.246284][ C1] ---[ end trace 9e056b27e87ea919 ]--- [ 73.286901][ T5041] loop0: detected capacity change from 0 to 128 [ 73.291926][ T5041] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.293136][ T5041] Bad inode number on dev loop0: 2 is out of range [ 73.294133][ T5041] SysV FS: get root inode failed [ 73.295152][ T5041] oldfs: cannot read superblock [ 73.313562][ C0] ------------[ cut here ]------------ [ 73.314444][ C0] VFS: brelse: Trying to free free buffer [ 73.315378][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.316724][ C0] Modules linked in: [ 73.317297][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 73.318653][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.320178][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.321432][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 73.322200][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 73.323010][ C0] sp : ffff800008007de0 [ 73.323648][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 73.324876][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 73.326128][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2b387a0 [ 73.327320][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 73.328516][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.329743][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.330969][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 73.332277][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.333485][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.334615][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 73.335855][ C0] Call trace: [ 73.336320][ C0] invalidate_bh_lru+0x128/0x234 [ 73.337082][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 73.338001][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.339032][ C0] ipi_handler+0x10c/0x710 [ 73.339699][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 73.340497][ C0] handle_domain_irq+0x144/0x1fc [ 73.341204][ C0] gic_handle_irq+0x78/0x1c8 [ 73.341878][ C0] call_on_irq_stack+0x30/0x48 [ 73.342614][ C0] do_interrupt_handler+0x6c/0x88 [ 73.343354][ C0] el1_interrupt+0x30/0x58 [ 73.344033][ C0] el1h_64_irq_handler+0x18/0x24 [ 73.344766][ C0] el1h_64_irq+0x78/0x7c [ 73.345401][ C0] __sanitizer_cov_trace_pc+0x14/0xac [ 73.346221][ C0] memcg_slab_free_hook+0xa8/0x1f8 [ 73.347042][ C0] ___cache_free+0x78/0x1bc [ 73.347779][ C0] qlink_free+0x5c/0xa4 [ 73.348450][ C0] qlist_free_all+0x40/0xa8 [ 73.349158][ C0] kasan_quarantine_reduce+0x124/0x130 [ 73.350008][ C0] __kasan_slab_alloc+0x34/0xcc [ 73.350727][ C0] slab_post_alloc_hook+0x74/0x408 [ 73.351489][ C0] kmem_cache_alloc+0x1e0/0x3e4 [ 73.352292][ C0] alloc_pid+0xa8/0xa48 [ 73.353025][ C0] copy_process+0x17a8/0x34ac [ 73.353776][ C0] kernel_clone+0x1d8/0x9d4 [ 73.354497][ C0] __arm64_sys_clone+0x138/0x190 [ 73.355277][ C0] invoke_syscall+0x98/0x2b8 [ 73.356001][ C0] el0_svc_common+0x138/0x258 [ 73.356730][ C0] do_el0_svc+0x58/0x14c [ 73.357393][ C0] el0_svc+0x78/0x1e0 [ 73.358052][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 73.358761][ C0] el0t_64_sync+0x1a0/0x1a4 [ 73.359405][ C0] irq event stamp: 219014 [ 73.360034][ C0] hardirqs last enabled at (219013): [] put_cpu_partial+0x188/0x218 [ 73.361510][ C0] hardirqs last disabled at (219014): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.363005][ C0] softirqs last enabled at (218830): [] local_bh_enable+0x10/0x34 [ 73.364367][ C0] softirqs last disabled at (218828): [] local_bh_disable+0x10/0x34 [ 73.365698][ C0] ---[ end trace 9e056b27e87ea91a ]--- [ 73.377784][ T526] device hsr_slave_0 left promiscuous mode [ 73.397128][ T5045] loop0: detected capacity change from 0 to 128 [ 73.414565][ T526] device hsr_slave_1 left promiscuous mode [ 73.484828][ T526] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 73.486023][ T526] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 73.488239][ T5045] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.489406][ T5045] Bad inode number on dev loop0: 2 is out of range [ 73.490494][ T5045] SysV FS: get root inode failed [ 73.491266][ T5045] oldfs: cannot read superblock [ 73.492076][ T5045] ------------[ cut here ]------------ [ 73.492884][ T5045] VFS: brelse: Trying to free free buffer [ 73.493702][ T5045] WARNING: CPU: 0 PID: 5045 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.494967][ T5045] Modules linked in: [ 73.495558][ T5045] CPU: 0 PID: 5045 Comm: syz.0.33 Tainted: G W syzkaller #0 [ 73.496775][ T5045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.498273][ T5045] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.499444][ T5045] pc : invalidate_bh_lru+0x128/0x234 [ 73.500234][ T5045] lr : invalidate_bh_lru+0x128/0x234 [ 73.501061][ T5045] sp : ffff80001fd076e0 [ 73.501676][ T5045] x29: ffff80001fd076e0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 73.502429][ T526] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 73.503014][ T5045] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 73.504274][ T526] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 73.505387][ T5045] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c1230 [ 73.505411][ T5045] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 73.505420][ T5045] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.505429][ T5045] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.505437][ T5045] x11: 0000000000000002 x10: 0000000000000000 x9 : e08711bce4ecbe00 [ 73.505445][ T5045] x8 : e08711bce4ecbe00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.505453][ T5045] x5 : ffff80001fd06fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.505462][ T5045] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.505471][ T5045] Call trace: [ 73.505474][ T5045] invalidate_bh_lru+0x128/0x234 [ 73.517055][ T5045] smp_call_function_many_cond+0xa50/0xeb0 [ 73.517951][ T5045] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.518711][ T5045] invalidate_bh_lrus+0x34/0x40 [ 73.519450][ T5045] blkdev_flush_mapping+0x168/0x31c [ 73.520213][ T5045] blkdev_put+0x490/0x6ac [ 73.520815][ T5045] kill_block_super+0x98/0xdc [ 73.521466][ T5045] deactivate_locked_super+0xb8/0x13c [ 73.522224][ T5045] mount_bdev+0x284/0x358 [ 73.522926][ T5045] sysv_mount+0x44/0x58 [ 73.523572][ T5045] legacy_get_tree+0xd4/0x16c [ 73.524251][ T5045] vfs_get_tree+0x90/0x274 [ 73.524885][ T5045] do_new_mount+0x228/0x810 [ 73.525539][ T5045] path_mount+0x5b4/0x1000 [ 73.526223][ T5045] __arm64_sys_mount+0x514/0x5e4 [ 73.526998][ T5045] invoke_syscall+0x98/0x2b8 [ 73.527667][ T5045] el0_svc_common+0x138/0x258 [ 73.528433][ T5045] do_el0_svc+0x58/0x14c [ 73.529113][ T5045] el0_svc+0x78/0x1e0 [ 73.529705][ T5045] el0t_64_sync_handler+0xcc/0xe4 [ 73.530427][ T5045] el0t_64_sync+0x1a0/0x1a4 [ 73.531103][ T5045] irq event stamp: 1130 [ 73.531715][ T5045] hardirqs last enabled at (1129): [] kasan_quarantine_put+0xc4/0x204 [ 73.533202][ T5045] hardirqs last disabled at (1130): [] smp_call_function_many_cond+0xa44/0xeb0 [ 73.534713][ T5045] softirqs last enabled at (916): [] local_bh_enable+0x10/0x34 [ 73.536198][ T5045] softirqs last disabled at (914): [] local_bh_disable+0x10/0x34 [ 73.537582][ T5045] ---[ end trace 9e056b27e87ea91b ]--- [ 73.539568][ T526] device bridge_slave_1 left promiscuous mode [ 73.540538][ T526] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.585424][ T526] device bridge_slave_0 left promiscuous mode [ 73.586702][ T526] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.643336][ T5047] loop0: detected capacity change from 0 to 128 [ 73.655292][ T5047] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.656553][ T5047] Bad inode number on dev loop0: 2 is out of range [ 73.657628][ T5047] SysV FS: get root inode failed [ 73.658446][ T5047] oldfs: cannot read superblock [ 73.664230][ T5032] ------------[ cut here ]------------ [ 73.665199][ T5032] VFS: brelse: Trying to free free buffer [ 73.666191][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.667666][ T5032] Modules linked in: [ 73.668295][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 73.669632][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.671229][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.672361][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 73.673157][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 73.673936][ T5032] sp : ffff80001fd877c0 [ 73.674534][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 73.675644][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 73.676838][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c15d0 [ 73.678026][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 73.679265][ T5032] x17: 0000000000000000 x16: ffff800008302164 x15: 00000000ffffffff [ 73.680487][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.681703][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 73.682984][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.684177][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff800008302274 [ 73.685459][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.686642][ T5032] Call trace: [ 73.687143][ T5032] invalidate_bh_lru+0x128/0x234 [ 73.687893][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 73.688769][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.689495][ T5032] invalidate_bh_lrus+0x34/0x40 [ 73.690242][ T5032] blkdev_flush_mapping+0x168/0x31c [ 73.691020][ T5032] blkdev_put+0x490/0x6ac [ 73.691710][ T5032] blkdev_close+0x74/0xb0 [ 73.692350][ T5032] __fput+0x1c0/0x7f8 [ 73.692929][ T5032] ____fput+0x20/0x30 [ 73.693535][ T5032] task_work_run+0x12c/0x1e0 [ 73.694202][ T5032] do_notify_resume+0x24b4/0x3128 [ 73.694927][ T5032] el0_svc+0xf0/0x1e0 [ 73.695529][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 73.696247][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 73.696893][ T5032] irq event stamp: 32296 [ 73.697578][ T5032] hardirqs last enabled at (32295): [] kasan_quarantine_put+0xc4/0x204 [ 73.699010][ T5032] hardirqs last disabled at (32296): [] smp_call_function_many_cond+0xa44/0xeb0 [ 73.700641][ T5032] softirqs last enabled at (32046): [] local_bh_enable+0x10/0x34 [ 73.701956][ T5032] softirqs last disabled at (32044): [] local_bh_disable+0x10/0x34 [ 73.703351][ T5032] ---[ end trace 9e056b27e87ea91c ]--- [ 73.737785][ T5049] loop0: detected capacity change from 0 to 128 [ 73.740802][ T5049] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.741986][ T5049] Bad inode number on dev loop0: 2 is out of range [ 73.743092][ T5049] SysV FS: get root inode failed [ 73.743905][ T5049] oldfs: cannot read superblock [ 73.753494][ C0] ------------[ cut here ]------------ [ 73.754404][ C0] VFS: brelse: Trying to free free buffer [ 73.755371][ C0] WARNING: CPU: 0 PID: 5050 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.756831][ C0] Modules linked in: [ 73.757397][ C0] CPU: 0 PID: 5050 Comm: syz.0.36 Tainted: G W syzkaller #0 [ 73.758670][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.760226][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.761346][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 73.762144][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 73.762916][ C0] sp : ffff800008007de0 [ 73.763488][ C0] x29: ffff800008007de0 x28: ffff0000ccad8000 x27: 1fffe0003421625c [ 73.764703][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 73.765984][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c1970 [ 73.767280][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 73.768605][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.769788][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.770989][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : b71006b1a5321900 [ 73.772151][ C0] x8 : b71006b1a5321900 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.773410][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.774631][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 73.775920][ C0] Call trace: [ 73.776417][ C0] invalidate_bh_lru+0x128/0x234 [ 73.777139][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 73.778033][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.779095][ C0] ipi_handler+0x10c/0x710 [ 73.779762][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 73.780535][ C0] handle_domain_irq+0x144/0x1fc [ 73.781228][ C0] gic_handle_irq+0x78/0x1c8 [ 73.781906][ C0] call_on_irq_stack+0x30/0x48 [ 73.782593][ C0] do_interrupt_handler+0x6c/0x88 [ 73.783358][ C0] el1_interrupt+0x30/0x58 [ 73.784064][ C0] el1h_64_irq_handler+0x18/0x24 [ 73.784834][ C0] el1h_64_irq+0x78/0x7c [ 73.785475][ C0] lock_page_memcg+0x120/0x234 [ 73.786262][ C0] page_add_file_rmap+0x148/0x8e4 [ 73.787003][ C0] do_set_pte+0x390/0x4dc [ 73.787701][ C0] filemap_map_pages+0x9c4/0xc50 [ 73.788458][ C0] handle_mm_fault+0x19c4/0x2970 [ 73.789286][ C0] do_page_fault+0x694/0xad4 [ 73.790085][ C0] do_translation_fault+0xe0/0x130 [ 73.790886][ C0] do_mem_abort+0x6c/0x1ac [ 73.791506][ C0] el0_ia+0xe0/0x2d0 [ 73.792017][ C0] el0t_64_sync_handler+0xc0/0xe4 [ 73.792727][ C0] el0t_64_sync+0x1a0/0x1a4 [ 73.793398][ C0] irq event stamp: 1432 [ 73.794046][ C0] hardirqs last enabled at (1431): [] lock_page_memcg+0x110/0x234 [ 73.795497][ C0] hardirqs last disabled at (1432): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.796957][ C0] softirqs last enabled at (1144): [] local_bh_enable+0x10/0x34 [ 73.798252][ C0] softirqs last disabled at (1142): [] local_bh_disable+0x10/0x34 [ 73.799619][ C0] ---[ end trace 9e056b27e87ea91d ]--- [ 73.804572][ T526] device veth1_macvtap left promiscuous mode [ 73.805607][ T526] device veth0_macvtap left promiscuous mode [ 73.806617][ T526] device veth1_vlan left promiscuous mode [ 73.807565][ T526] device veth0_vlan left promiscuous mode [ 73.847311][ T5051] loop0: detected capacity change from 0 to 128 [ 73.852224][ T5051] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.853290][ T5051] Bad inode number on dev loop0: 2 is out of range [ 73.854166][ T5051] SysV FS: get root inode failed [ 73.855076][ T5051] oldfs: cannot read superblock [ 73.863572][ C1] ------------[ cut here ]------------ [ 73.864381][ C1] VFS: brelse: Trying to free free buffer [ 73.865293][ C1] WARNING: CPU: 1 PID: 526 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.866667][ C1] Modules linked in: [ 73.867280][ C1] CPU: 1 PID: 526 Comm: kworker/u4:4 Tainted: G W syzkaller #0 [ 73.868861][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.870462][ C1] Workqueue: netns cleanup_net [ 73.871177][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.872305][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 73.873066][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 73.873883][ C1] sp : ffff800008017de0 [ 73.874497][ C1] x29: ffff800008017de0 x28: ffff0000c8469b40 x27: 1fffe0003421a45c [ 73.875743][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 73.876994][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd8df8 [ 73.878166][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010204 [ 73.879369][ C1] x17: 0000000000010204 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.880600][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.881835][ C1] x11: 0000000000010203 x10: 0000000000010203 x9 : c6e98c1c9a1f3700 [ 73.883103][ C1] x8 : c6e98c1c9a1f3700 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.884342][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.885624][ C1] x2 : 0000000000000001 x1 : 0000000100010203 x0 : 0000000000000027 [ 73.886833][ C1] Call trace: [ 73.887358][ C1] invalidate_bh_lru+0x128/0x234 [ 73.888135][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 73.889006][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 73.889982][ C1] ipi_handler+0x10c/0x710 [ 73.890640][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 73.891472][ C1] handle_domain_irq+0x144/0x1fc [ 73.892176][ C1] gic_handle_irq+0x78/0x1c8 [ 73.892931][ C1] call_on_irq_stack+0x30/0x48 [ 73.893655][ C1] do_interrupt_handler+0x6c/0x88 [ 73.894428][ C1] el1_interrupt+0x30/0x58 [ 73.895089][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.895877][ C1] el1h_64_irq+0x78/0x7c [ 73.896541][ C1] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 73.897423][ C1] kvfree_call_rcu+0x3cc/0x66c [ 73.898118][ C1] __hw_addr_del_ex+0x410/0x508 [ 73.898841][ C1] dev_mc_del+0x88/0xfc [ 73.899451][ C1] igmp6_group_dropped+0x17c/0xa90 [ 73.900183][ C1] __ipv6_dev_mc_dec+0x294/0x320 [ 73.900957][ C1] __ipv6_ifa_notify+0x5e8/0xbf4 [ 73.901679][ C1] addrconf_ifdown+0xc6c/0x1688 [ 73.902436][ C1] addrconf_notify+0x2f4/0xc6c [ 73.903122][ C1] raw_notifier_call_chain+0xd4/0x164 [ 73.903928][ C1] dev_close_many+0x2cc/0x440 [ 73.904670][ C1] unregister_netdevice_many+0x3d4/0x17d0 [ 73.905515][ C1] default_device_exit_batch+0x444/0x4a4 [ 73.906335][ C1] cleanup_net+0x644/0xa98 [ 73.906987][ C1] process_one_work+0x79c/0x1140 [ 73.907969][ C1] worker_thread+0x8f4/0x101c [ 73.908730][ C1] kthread+0x374/0x454 [ 73.909361][ C1] ret_from_fork+0x10/0x20 [ 73.910117][ C1] irq event stamp: 1291903 [ 73.910784][ C1] hardirqs last enabled at (1291902): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 73.912449][ C1] hardirqs last disabled at (1291903): [] enter_el1_irq_or_nmi+0x10/0x1c [ 73.914020][ C1] softirqs last enabled at (1291882): [] inet6_fill_ifaddr+0x4bc/0xaa8 [ 73.915592][ C1] softirqs last disabled at (1291896): [] local_bh_disable+0x10/0x34 [ 73.917005][ C1] ---[ end trace 9e056b27e87ea91e ]--- [ 73.938042][ T5053] loop0: detected capacity change from 0 to 128 [ 73.941076][ T5053] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 73.942262][ T5053] Bad inode number on dev loop0: 2 is out of range [ 73.943243][ T5053] SysV FS: get root inode failed [ 73.944056][ T5053] oldfs: cannot read superblock [ 73.964086][ T5032] ------------[ cut here ]------------ [ 73.965081][ T5032] VFS: brelse: Trying to free free buffer [ 73.966065][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 73.967501][ T5032] Modules linked in: [ 73.968111][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 73.969439][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 73.971078][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 73.972301][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 73.973128][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 73.974000][ T5032] sp : ffff80001fd877c0 [ 73.974680][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 73.975934][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 73.977182][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd4230 [ 73.978399][ T5032] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 73.979527][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 73.980681][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.981888][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 73.983090][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.984324][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 73.985557][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 73.986708][ T5032] Call trace: [ 73.987203][ T5032] invalidate_bh_lru+0x128/0x234 [ 73.987948][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 73.988814][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 73.989612][ T5032] invalidate_bh_lrus+0x34/0x40 [ 73.990377][ T5032] blkdev_flush_mapping+0x168/0x31c [ 73.991133][ T5032] blkdev_put+0x490/0x6ac [ 73.991767][ T5032] blkdev_close+0x74/0xb0 [ 73.992405][ T5032] __fput+0x1c0/0x7f8 [ 73.993070][ T5032] ____fput+0x20/0x30 [ 73.993763][ T5032] task_work_run+0x12c/0x1e0 [ 73.994469][ T5032] do_notify_resume+0x24b4/0x3128 [ 73.995255][ T5032] el0_svc+0xf0/0x1e0 [ 73.995913][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 73.996669][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 73.997368][ T5032] irq event stamp: 45862 [ 73.998044][ T5032] hardirqs last enabled at (45861): [] kasan_quarantine_put+0xc4/0x204 [ 73.999614][ T5032] hardirqs last disabled at (45862): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.001228][ T5032] softirqs last enabled at (45578): [] local_bh_enable+0x10/0x34 [ 74.002781][ T5032] softirqs last disabled at (45576): [] local_bh_disable+0x10/0x34 [ 74.004361][ T5032] ---[ end trace 9e056b27e87ea91f ]--- [ 74.038719][ T5057] loop0: detected capacity change from 0 to 128 [ 74.056351][ T526] team0 (unregistering): Port device team_slave_1 removed [ 74.061078][ T526] team0 (unregistering): Port device team_slave_0 removed [ 74.065344][ T5057] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.066537][ T5057] Bad inode number on dev loop0: 2 is out of range [ 74.067582][ T5057] SysV FS: get root inode failed [ 74.068352][ T5057] oldfs: cannot read superblock [ 74.069243][ T5057] ------------[ cut here ]------------ [ 74.070051][ T5057] VFS: brelse: Trying to free free buffer [ 74.070968][ T5057] WARNING: CPU: 0 PID: 5057 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.072310][ T5057] Modules linked in: [ 74.072912][ T5057] CPU: 0 PID: 5057 Comm: syz.0.39 Tainted: G W syzkaller #0 [ 74.074194][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.075667][ T5057] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.076871][ T5057] pc : invalidate_bh_lru+0x128/0x234 [ 74.077666][ T5057] lr : invalidate_bh_lru+0x128/0x234 [ 74.078449][ T5057] sp : ffff80001fda76e0 [ 74.079059][ T5057] x29: ffff80001fda76e0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 74.080218][ T5057] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 74.081593][ T5057] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c1d10 [ 74.082873][ T5057] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 74.084182][ T5057] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.085427][ T5057] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.086680][ T5057] x11: 0000000000000002 x10: 0000000000000000 x9 : e01ec90f23cf7000 [ 74.087909][ T5057] x8 : e01ec90f23cf7000 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.089081][ T5057] x5 : ffff80001fda6fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.090313][ T5057] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.091521][ T5057] Call trace: [ 74.091980][ T5057] invalidate_bh_lru+0x128/0x234 [ 74.092810][ T5057] smp_call_function_many_cond+0xa50/0xeb0 [ 74.093682][ T5057] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.094424][ T5057] invalidate_bh_lrus+0x34/0x40 [ 74.095163][ T5057] blkdev_flush_mapping+0x168/0x31c [ 74.095878][ T5057] blkdev_put+0x490/0x6ac [ 74.096510][ T5057] kill_block_super+0x98/0xdc [ 74.097178][ T5057] deactivate_locked_super+0xb8/0x13c [ 74.097947][ T5057] mount_bdev+0x284/0x358 [ 74.098603][ T5057] sysv_mount+0x44/0x58 [ 74.099183][ T5057] legacy_get_tree+0xd4/0x16c [ 74.099872][ T5057] vfs_get_tree+0x90/0x274 [ 74.100529][ T5057] do_new_mount+0x228/0x810 [ 74.101167][ T5057] path_mount+0x5b4/0x1000 [ 74.101789][ T5057] __arm64_sys_mount+0x514/0x5e4 [ 74.102502][ T5057] invoke_syscall+0x98/0x2b8 [ 74.103246][ T5057] el0_svc_common+0x138/0x258 [ 74.104008][ T5057] do_el0_svc+0x58/0x14c [ 74.104629][ T5057] el0_svc+0x78/0x1e0 [ 74.105258][ T5057] el0t_64_sync_handler+0xcc/0xe4 [ 74.106040][ T5057] el0t_64_sync+0x1a0/0x1a4 [ 74.106755][ T5057] irq event stamp: 1130 [ 74.107365][ T5057] hardirqs last enabled at (1129): [] kasan_quarantine_put+0xc4/0x204 [ 74.108807][ T5057] hardirqs last disabled at (1130): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.110352][ T5057] softirqs last enabled at (912): [] local_bh_enable+0x10/0x34 [ 74.111734][ T5057] softirqs last disabled at (910): [] local_bh_disable+0x10/0x34 [ 74.113173][ T5057] ---[ end trace 9e056b27e87ea920 ]--- [ 74.115946][ T526] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.148241][ T526] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 74.184470][ T4143] Bluetooth: hci0: command 0x0419 tx timeout [ 74.206169][ T5059] loop0: detected capacity change from 0 to 128 [ 74.242811][ T5059] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.244023][ T5059] Bad inode number on dev loop0: 2 is out of range [ 74.247450][ T5059] SysV FS: get root inode failed [ 74.248273][ T5059] oldfs: cannot read superblock [ 74.253563][ T5032] ------------[ cut here ]------------ [ 74.254223][ T526] bond0 (unregistering): Released all slaves [ 74.254495][ T5032] VFS: brelse: Trying to free free buffer [ 74.254548][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.257688][ T5032] Modules linked in: [ 74.258267][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 74.259515][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.261026][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.262178][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 74.262996][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 74.263780][ T5032] sp : ffff80001fd877c0 [ 74.264382][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 74.265590][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 74.266798][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd45d0 [ 74.267994][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000002 [ 74.269153][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 0000000000000063 [ 74.270327][ T5032] x14: 0000000000ff0100 x13: 1ffff0000283206b x12: 0000000000ff0100 [ 74.271490][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 74.272727][ T5032] x8 : a3a8f4330151da00 x7 : ffff8000082f702c x6 : 0000000000000000 [ 74.274060][ T5032] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff8000085043fc [ 74.275356][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.276666][ T5032] Call trace: [ 74.277211][ T5032] invalidate_bh_lru+0x128/0x234 [ 74.277954][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 74.278853][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.279644][ T5032] invalidate_bh_lrus+0x34/0x40 [ 74.280374][ T5032] blkdev_flush_mapping+0x168/0x31c [ 74.281202][ T5032] blkdev_put+0x490/0x6ac [ 74.281835][ T5032] blkdev_close+0x74/0xb0 [ 74.282524][ T5032] __fput+0x1c0/0x7f8 [ 74.283127][ T5032] ____fput+0x20/0x30 [ 74.283785][ T5032] task_work_run+0x12c/0x1e0 [ 74.284487][ T5032] do_notify_resume+0x24b4/0x3128 [ 74.285250][ T5032] el0_svc+0xf0/0x1e0 [ 74.285924][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 74.286727][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 74.287451][ T5032] irq event stamp: 55818 [ 74.288127][ T5032] hardirqs last enabled at (55817): [] kasan_quarantine_put+0xc4/0x204 [ 74.289755][ T5032] hardirqs last disabled at (55818): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.291459][ T5032] softirqs last enabled at (55554): [] local_bh_enable+0x10/0x34 [ 74.292947][ T5032] softirqs last disabled at (55552): [] local_bh_disable+0x10/0x34 [ 74.294413][ T5032] ---[ end trace 9e056b27e87ea921 ]--- [ 74.345959][ T5061] loop0: detected capacity change from 0 to 128 [ 74.348972][ T5061] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.350082][ T5061] Bad inode number on dev loop0: 2 is out of range [ 74.351127][ T5061] SysV FS: get root inode failed [ 74.351907][ T5061] oldfs: cannot read superblock [ 74.378952][ T5032] ------------[ cut here ]------------ [ 74.379884][ T5032] VFS: brelse: Trying to free free buffer [ 74.380807][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.382079][ T5032] Modules linked in: [ 74.382656][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 74.383809][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.385237][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.386308][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 74.387067][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 74.387837][ T5032] sp : ffff80001fd877c0 [ 74.388443][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 74.389677][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 74.390904][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c8148 [ 74.392054][ T5032] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 74.393225][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.394457][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.395616][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 74.396840][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.398095][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.399291][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.400429][ T5032] Call trace: [ 74.400966][ T5032] invalidate_bh_lru+0x128/0x234 [ 74.401720][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 74.402591][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.403398][ T5032] invalidate_bh_lrus+0x34/0x40 [ 74.404113][ T5032] blkdev_flush_mapping+0x168/0x31c [ 74.404916][ T5032] blkdev_put+0x490/0x6ac [ 74.405569][ T5032] blkdev_close+0x74/0xb0 [ 74.406171][ T5032] __fput+0x1c0/0x7f8 [ 74.406816][ T5032] ____fput+0x20/0x30 [ 74.407436][ T5032] task_work_run+0x12c/0x1e0 [ 74.408147][ T5032] do_notify_resume+0x24b4/0x3128 [ 74.408922][ T5032] el0_svc+0xf0/0x1e0 [ 74.409514][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 74.410235][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 74.410884][ T5032] irq event stamp: 67252 [ 74.411489][ T5032] hardirqs last enabled at (67251): [] kasan_quarantine_put+0xc4/0x204 [ 74.412970][ T5032] hardirqs last disabled at (67252): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.414554][ T5032] softirqs last enabled at (66976): [] local_bh_enable+0x10/0x34 [ 74.415937][ T5032] softirqs last disabled at (66974): [] local_bh_disable+0x10/0x34 [ 74.417410][ T5032] ---[ end trace 9e056b27e87ea922 ]--- [ 74.452758][ T5067] loop0: detected capacity change from 0 to 128 [ 74.456248][ T5067] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.457460][ T5067] Bad inode number on dev loop0: 2 is out of range [ 74.458446][ T5067] SysV FS: get root inode failed [ 74.459298][ T5067] oldfs: cannot read superblock [ 74.462149][ C1] ------------[ cut here ]------------ [ 74.463018][ C1] VFS: brelse: Trying to free free buffer [ 74.463984][ C1] WARNING: CPU: 1 PID: 5067 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.465448][ C1] Modules linked in: [ 74.466049][ C1] CPU: 1 PID: 5067 Comm: syz.0.44 Tainted: G W syzkaller #0 [ 74.467372][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.468927][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.470122][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 74.470882][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 74.471672][ C1] sp : ffff800008017de0 [ 74.472282][ C1] x29: ffff800008017de0 x28: ffff0000c2b5d1c0 x27: 1fffe0003421a45c [ 74.473511][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 74.474796][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd4970 [ 74.476115][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 74.477396][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.478617][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.479978][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 3c189428c7cba700 [ 74.481266][ C1] x8 : 3c189428c7cba700 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.482560][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.483854][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.485165][ C1] Call trace: [ 74.485673][ C1] invalidate_bh_lru+0x128/0x234 [ 74.486392][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.487359][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.488489][ C1] ipi_handler+0x10c/0x710 [ 74.489269][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 74.490137][ C1] handle_domain_irq+0x144/0x1fc [ 74.490909][ C1] gic_handle_irq+0x78/0x1c8 [ 74.491623][ C1] call_on_irq_stack+0x30/0x48 [ 74.492388][ C1] do_interrupt_handler+0x6c/0x88 [ 74.493156][ C1] el1_interrupt+0x30/0x58 [ 74.493843][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.494605][ C1] el1h_64_irq+0x78/0x7c [ 74.495231][ C1] kasan_quarantine_put+0xd4/0x204 [ 74.496025][ C1] ____kasan_slab_free+0x124/0x164 [ 74.496803][ C1] __kasan_slab_free+0x18/0x28 [ 74.497536][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 74.498379][ C1] kmem_cache_free+0xdc/0x3b4 [ 74.499094][ C1] pgtable_pte_page_dtor+0x54/0x1c8 [ 74.499879][ C1] free_pgd_range+0x520/0xc04 [ 74.500568][ C1] free_pgtables+0x23c/0x278 [ 74.501245][ C1] exit_mmap+0x2bc/0x4e0 [ 74.501876][ C1] __mmput+0xec/0x3b8 [ 74.502489][ C1] mmput+0x80/0xc8 [ 74.503063][ C1] exit_mm+0x4a0/0x684 [ 74.503736][ C1] do_exit+0x4ec/0x1f58 [ 74.504447][ C1] do_group_exit+0x100/0x268 [ 74.505205][ C1] get_signal+0x73c/0x1340 [ 74.505948][ C1] do_notify_resume+0x35c/0x3128 [ 74.506794][ C1] el0_svc+0xf0/0x1e0 [ 74.507438][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.508261][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.508968][ C1] irq event stamp: 2924 [ 74.509647][ C1] hardirqs last enabled at (2923): [] kasan_quarantine_put+0xc4/0x204 [ 74.511229][ C1] hardirqs last disabled at (2924): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.512817][ C1] softirqs last enabled at (1208): [] local_bh_enable+0x10/0x34 [ 74.514251][ C1] softirqs last disabled at (1206): [] local_bh_disable+0x10/0x34 [ 74.515717][ C1] ---[ end trace 9e056b27e87ea923 ]--- [ 74.567794][ T5070] loop0: detected capacity change from 0 to 128 [ 74.570567][ T5070] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.572277][ T5070] Bad inode number on dev loop0: 2 is out of range [ 74.573488][ T5070] SysV FS: get root inode failed [ 74.574260][ T5070] oldfs: cannot read superblock [ 74.580329][ T4760] ------------[ cut here ]------------ [ 74.581162][ T4760] VFS: brelse: Trying to free free buffer [ 74.582071][ T4760] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.583275][ T4760] Modules linked in: [ 74.583779][ T4760] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.585158][ T4760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.586642][ T4760] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.587790][ T4760] pc : invalidate_bh_lru+0x128/0x234 [ 74.588588][ T4760] lr : invalidate_bh_lru+0x128/0x234 [ 74.589358][ T4760] sp : ffff80001fca77c0 [ 74.589953][ T4760] x29: ffff80001fca77c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 74.591209][ T4760] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 74.592497][ T4760] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c84e8 [ 74.593738][ T4760] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 74.594929][ T4760] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.596180][ T4760] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.597393][ T4760] x11: 0000000000000002 x10: 0000000000000000 x9 : 56a9f03fd884e100 [ 74.598590][ T4760] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.599908][ T4760] x5 : ffff80001fca70b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.601245][ T4760] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 74.602563][ T4760] Call trace: [ 74.603099][ T4760] invalidate_bh_lru+0x128/0x234 [ 74.603960][ T4760] smp_call_function_many_cond+0xa50/0xeb0 [ 74.604931][ T4760] on_each_cpu_cond_mask+0x5c/0xc4 [ 74.605747][ T4760] invalidate_bh_lrus+0x34/0x40 [ 74.606527][ T4760] blkdev_flush_mapping+0x168/0x31c [ 74.607387][ T4760] blkdev_put+0x490/0x6ac [ 74.608124][ T4760] blkdev_close+0x74/0xb0 [ 74.608787][ T4760] __fput+0x1c0/0x7f8 [ 74.609404][ T4760] ____fput+0x20/0x30 [ 74.609979][ T4760] task_work_run+0x12c/0x1e0 [ 74.610707][ T4760] do_notify_resume+0x24b4/0x3128 [ 74.611449][ T4760] el0_svc+0xf0/0x1e0 [ 74.612051][ T4760] el0t_64_sync_handler+0xcc/0xe4 [ 74.612814][ T4760] el0t_64_sync+0x1a0/0x1a4 [ 74.613536][ T4760] irq event stamp: 257200 [ 74.614183][ T4760] hardirqs last enabled at (257199): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 74.615745][ T4760] hardirqs last disabled at (257200): [] smp_call_function_many_cond+0xa44/0xeb0 [ 74.617352][ T4760] softirqs last enabled at (255816): [] local_bh_enable+0x10/0x34 [ 74.618796][ T4760] softirqs last disabled at (255814): [] local_bh_disable+0x10/0x34 [ 74.620209][ T4760] ---[ end trace 9e056b27e87ea924 ]--- [ 74.644029][ T5072] loop0: detected capacity change from 0 to 128 [ 74.649319][ T5072] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.650465][ T5072] Bad inode number on dev loop0: 2 is out of range [ 74.651495][ T5072] SysV FS: get root inode failed [ 74.652243][ T5072] oldfs: cannot read superblock [ 74.657272][ C1] ------------[ cut here ]------------ [ 74.658120][ C1] VFS: brelse: Trying to free free buffer [ 74.659069][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.660326][ C1] Modules linked in: [ 74.660941][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.662241][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.663648][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.664922][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 74.665718][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 74.666493][ C1] sp : ffff800008017de0 [ 74.667150][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45c [ 74.668431][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 74.669625][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd4d10 [ 74.670959][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 74.672308][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.673642][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.674893][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 74.676179][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.677492][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.678783][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.680027][ C1] Call trace: [ 74.680542][ C1] invalidate_bh_lru+0x128/0x234 [ 74.681291][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 74.682210][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.683342][ C1] ipi_handler+0x10c/0x710 [ 74.684101][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 74.684942][ C1] handle_domain_irq+0x144/0x1fc [ 74.685684][ C1] gic_handle_irq+0x78/0x1c8 [ 74.686370][ C1] call_on_irq_stack+0x30/0x48 [ 74.687066][ C1] do_interrupt_handler+0x6c/0x88 [ 74.687788][ C1] el1_interrupt+0x30/0x58 [ 74.688391][ C1] el1h_64_irq_handler+0x18/0x24 [ 74.689102][ C1] el1h_64_irq+0x78/0x7c [ 74.689693][ C1] qlist_free_all+0x78/0xa8 [ 74.690308][ C1] kasan_quarantine_reduce+0x124/0x130 [ 74.691113][ C1] __kasan_slab_alloc+0x34/0xcc [ 74.691898][ C1] slab_post_alloc_hook+0x74/0x408 [ 74.692726][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 74.693496][ C1] getname_flags+0xb8/0x450 [ 74.694185][ C1] __arm64_sys_mkdirat+0x80/0xa8 [ 74.694912][ C1] invoke_syscall+0x98/0x2b8 [ 74.695593][ C1] el0_svc_common+0x138/0x258 [ 74.696302][ C1] do_el0_svc+0x58/0x14c [ 74.696917][ C1] el0_svc+0x78/0x1e0 [ 74.697451][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 74.698174][ C1] el0t_64_sync+0x1a0/0x1a4 [ 74.698792][ C1] irq event stamp: 260398 [ 74.699389][ C1] hardirqs last enabled at (260397): [] put_cpu_partial+0x188/0x218 [ 74.700869][ C1] hardirqs last disabled at (260398): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.702293][ C1] softirqs last enabled at (259648): [] local_bh_enable+0x10/0x34 [ 74.703686][ C1] softirqs last disabled at (259646): [] local_bh_disable+0x10/0x34 [ 74.705039][ C1] ---[ end trace 9e056b27e87ea925 ]--- [ 74.737678][ T5074] loop0: detected capacity change from 0 to 128 [ 74.741771][ T5074] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.743154][ T5074] Bad inode number on dev loop0: 2 is out of range [ 74.752007][ T5074] SysV FS: get root inode failed [ 74.752793][ T5074] oldfs: cannot read superblock [ 74.753701][ C0] ------------[ cut here ]------------ [ 74.754550][ C0] VFS: brelse: Trying to free free buffer [ 74.755519][ C0] WARNING: CPU: 0 PID: 4141 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.756810][ C0] Modules linked in: [ 74.757389][ C0] CPU: 0 PID: 4141 Comm: kworker/0:8 Tainted: G W syzkaller #0 [ 74.758680][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.760136][ C0] Workqueue: rcu_gp process_srcu [ 74.760850][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.761959][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 74.762786][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 74.763543][ C0] sp : ffff800008007de0 [ 74.764107][ C0] x29: ffff800008007de0 x28: ffff0000cbfc3680 x27: 1fffe0003421625b [ 74.765316][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 74.766419][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c8888 [ 74.767571][ C0] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000010002 [ 74.768678][ C0] x17: 0000000000010002 x16: ffff800008302164 x15: 00000000ffffffff [ 74.769834][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.770997][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 77d27e86de5d3f00 [ 74.772138][ C0] x8 : 77d27e86de5d3f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.773338][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff800008302274 [ 74.774500][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.775735][ C0] Call trace: [ 74.776202][ C0] invalidate_bh_lru+0x128/0x234 [ 74.776979][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 74.777857][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 74.778901][ C0] ipi_handler+0x10c/0x710 [ 74.779541][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 74.780358][ C0] handle_domain_irq+0x144/0x1fc [ 74.781079][ C0] gic_handle_irq+0x78/0x1c8 [ 74.781723][ C0] call_on_irq_stack+0x30/0x48 [ 74.782430][ C0] do_interrupt_handler+0x6c/0x88 [ 74.783162][ C0] el1_interrupt+0x30/0x58 [ 74.783767][ C0] el1h_64_irq_handler+0x18/0x24 [ 74.784489][ C0] el1h_64_irq+0x78/0x7c [ 74.785099][ C0] arch_counter_get_cntvct+0x24/0x30 [ 74.785898][ C0] __const_udelay+0x1ac/0x1d8 [ 74.786573][ C0] try_check_zero+0x2cc/0x354 [ 74.787264][ C0] process_srcu+0x170/0xc30 [ 74.787907][ C0] process_one_work+0x79c/0x1140 [ 74.788633][ C0] worker_thread+0x8f4/0x101c [ 74.789341][ C0] kthread+0x374/0x454 [ 74.789898][ C0] ret_from_fork+0x10/0x20 [ 74.790579][ C0] irq event stamp: 36378 [ 74.791157][ C0] hardirqs last enabled at (36377): [] _raw_spin_unlock_irq+0x98/0x128 [ 74.792546][ C0] hardirqs last disabled at (36378): [] enter_el1_irq_or_nmi+0x10/0x1c [ 74.794095][ C0] softirqs last enabled at (33132): [] nsim_dev_trap_report_work+0x5fc/0x938 [ 74.795775][ C0] softirqs last disabled at (33130): [] nsim_dev_trap_report_work+0x578/0x938 [ 74.797310][ C0] ---[ end trace 9e056b27e87ea926 ]--- [ 74.908965][ T5078] loop0: detected capacity change from 0 to 128 [ 74.966045][ T5078] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 74.967343][ T5078] Bad inode number on dev loop0: 2 is out of range [ 74.968391][ T5078] SysV FS: get root inode failed [ 74.969127][ T5078] oldfs: cannot read superblock [ 74.975324][ C0] ------------[ cut here ]------------ [ 74.976291][ C0] VFS: brelse: Trying to free free buffer [ 74.977262][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 74.978655][ C0] Modules linked in: [ 74.979257][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 74.980637][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 74.982147][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 74.983293][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 74.984121][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 74.984943][ C0] sp : ffff800008007de0 [ 74.985544][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625b [ 74.986758][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 74.987982][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c8c28 [ 74.989381][ C0] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000010002 [ 74.990683][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 74.992001][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 74.993228][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 74.994490][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 74.995721][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 74.996993][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 74.998238][ C0] Call trace: [ 74.998735][ C0] invalidate_bh_lru+0x128/0x234 [ 74.999466][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 75.000319][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.001386][ C0] ipi_handler+0x10c/0x710 [ 75.002090][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 75.002944][ C0] handle_domain_irq+0x144/0x1fc [ 75.003702][ C0] gic_handle_irq+0x78/0x1c8 [ 75.004357][ C0] call_on_irq_stack+0x30/0x48 [ 75.005067][ C0] do_interrupt_handler+0x6c/0x88 [ 75.005791][ C0] el1_interrupt+0x30/0x58 [ 75.006424][ C0] el1h_64_irq_handler+0x18/0x24 [ 75.007158][ C0] el1h_64_irq+0x78/0x7c [ 75.007769][ C0] call_rcu+0x580/0x8fc [ 75.008377][ C0] security_inode_free+0xbc/0xd8 [ 75.009084][ C0] __destroy_inode+0x2f0/0x80c [ 75.009764][ C0] evict+0x6b0/0x810 [ 75.010350][ C0] iput+0x6c4/0x77c [ 75.010947][ C0] dentry_unlink_inode+0x360/0x438 [ 75.011688][ C0] __dentry_kill+0x320/0x598 [ 75.012344][ C0] dentry_kill+0xc8/0x248 [ 75.012976][ C0] dput+0x23c/0x458 [ 75.013606][ C0] __fput+0x494/0x7f8 [ 75.014301][ C0] ____fput+0x20/0x30 [ 75.014979][ C0] task_work_run+0x12c/0x1e0 [ 75.015754][ C0] do_notify_resume+0x24b4/0x3128 [ 75.016568][ C0] el0_svc+0xf0/0x1e0 [ 75.017210][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 75.018032][ C0] el0t_64_sync+0x1a0/0x1a4 [ 75.018716][ C0] irq event stamp: 271076 [ 75.019345][ C0] hardirqs last enabled at (271075): [] call_rcu+0x570/0x8fc [ 75.020748][ C0] hardirqs last disabled at (271076): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.022212][ C0] softirqs last enabled at (271058): [] release_sock+0x1d0/0x258 [ 75.023580][ C0] softirqs last disabled at (271056): [] release_sock+0x34/0x258 [ 75.024969][ C0] ---[ end trace 9e056b27e87ea927 ]--- [ 75.076769][ T5080] loop0: detected capacity change from 0 to 128 [ 75.117023][ T5080] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.118632][ T5080] Bad inode number on dev loop0: 2 is out of range [ 75.119659][ T5080] SysV FS: get root inode failed [ 75.120572][ T5080] oldfs: cannot read superblock [ 75.128790][ T5032] ------------[ cut here ]------------ [ 75.129606][ T5032] VFS: brelse: Trying to free free buffer [ 75.130496][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.131819][ T5032] Modules linked in: [ 75.132368][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 75.133574][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.135125][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.136290][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 75.137072][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 75.137871][ T5032] sp : ffff80001fd877c0 [ 75.138581][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 75.139850][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 75.141115][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c9060 [ 75.142434][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 75.143705][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.145047][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.146335][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 75.147732][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.149091][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.150419][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.151695][ T5032] Call trace: [ 75.152202][ T5032] invalidate_bh_lru+0x128/0x234 [ 75.152984][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 75.153898][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.154748][ T5032] invalidate_bh_lrus+0x34/0x40 [ 75.155486][ T5032] blkdev_flush_mapping+0x168/0x31c [ 75.156332][ T5032] blkdev_put+0x490/0x6ac [ 75.157022][ T5032] blkdev_close+0x74/0xb0 [ 75.157669][ T5032] __fput+0x1c0/0x7f8 [ 75.158261][ T5032] ____fput+0x20/0x30 [ 75.158820][ T5032] task_work_run+0x12c/0x1e0 [ 75.159516][ T5032] do_notify_resume+0x24b4/0x3128 [ 75.160289][ T5032] el0_svc+0xf0/0x1e0 [ 75.160911][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 75.161687][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 75.162388][ T5032] irq event stamp: 102814 [ 75.163012][ T5032] hardirqs last enabled at (102813): [] kasan_quarantine_put+0xc4/0x204 [ 75.164503][ T5032] hardirqs last disabled at (102814): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.166046][ T5032] softirqs last enabled at (102540): [] local_bh_enable+0x10/0x34 [ 75.167451][ T5032] softirqs last disabled at (102538): [] local_bh_disable+0x10/0x34 [ 75.168919][ T5032] ---[ end trace 9e056b27e87ea928 ]--- [ 75.206582][ T5082] loop0: detected capacity change from 0 to 128 [ 75.210273][ T5082] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.211473][ T5082] Bad inode number on dev loop0: 2 is out of range [ 75.212551][ T5082] SysV FS: get root inode failed [ 75.213376][ T5082] oldfs: cannot read superblock [ 75.217043][ C1] ------------[ cut here ]------------ [ 75.217939][ C1] VFS: brelse: Trying to free free buffer [ 75.218928][ C1] WARNING: CPU: 1 PID: 4519 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.220237][ C1] Modules linked in: [ 75.220850][ C1] CPU: 1 PID: 4519 Comm: syz-execprog Tainted: G W syzkaller #0 [ 75.222219][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.223726][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.224909][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.225718][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.226502][ C1] sp : ffff800008017de0 [ 75.227115][ C1] x29: ffff800008017de0 x28: ffff0000d7440000 x27: 1fffe0003421a45c [ 75.228408][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.229606][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd1148 [ 75.230835][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 75.231982][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.233191][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.234390][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : fe6e268f2662a600 [ 75.235598][ C1] x8 : fe6e268f2662a600 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.236800][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.238072][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 75.239415][ C1] Call trace: [ 75.239943][ C1] invalidate_bh_lru+0x128/0x234 [ 75.240734][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.241687][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.242758][ C1] ipi_handler+0x10c/0x710 [ 75.243423][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.244298][ C1] handle_domain_irq+0x144/0x1fc [ 75.245050][ C1] gic_handle_irq+0x78/0x1c8 [ 75.245750][ C1] call_on_irq_stack+0x30/0x48 [ 75.246466][ C1] do_interrupt_handler+0x6c/0x88 [ 75.247217][ C1] el1_interrupt+0x30/0x58 [ 75.247862][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.248602][ C1] el1h_64_irq+0x78/0x7c [ 75.249180][ C1] finish_lock_switch+0xb8/0x1c4 [ 75.249905][ C1] finish_task_switch+0x120/0x6b0 [ 75.250622][ C1] __schedule+0xe0c/0x1bf8 [ 75.251250][ C1] schedule+0x11c/0x1c8 [ 75.251890][ C1] do_nanosleep+0x1a8/0x654 [ 75.252562][ C1] __arm64_sys_nanosleep+0x368/0x484 [ 75.253356][ C1] invoke_syscall+0x98/0x2b8 [ 75.254080][ C1] el0_svc_common+0x138/0x258 [ 75.254775][ C1] do_el0_svc+0x58/0x14c [ 75.255410][ C1] el0_svc+0x78/0x1e0 [ 75.255988][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.256740][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.257398][ C1] irq event stamp: 25508 [ 75.258064][ C1] hardirqs last enabled at (25507): [] finish_lock_switch+0xb0/0x1c4 [ 75.259465][ C1] hardirqs last disabled at (25508): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.260891][ C1] softirqs last enabled at (25496): [] local_bh_enable+0x10/0x34 [ 75.262184][ C1] softirqs last disabled at (25494): [] local_bh_disable+0x10/0x34 [ 75.263520][ C1] ---[ end trace 9e056b27e87ea929 ]--- [ 75.323950][ T5084] loop0: detected capacity change from 0 to 128 [ 75.326406][ T5084] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.327520][ T5084] Bad inode number on dev loop0: 2 is out of range [ 75.328556][ T5084] SysV FS: get root inode failed [ 75.329326][ T5084] oldfs: cannot read superblock [ 75.341738][ T5032] ------------[ cut here ]------------ [ 75.342617][ T5032] VFS: brelse: Trying to free free buffer [ 75.343510][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.344960][ T5032] Modules linked in: [ 75.345581][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 75.346932][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.348540][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.349769][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 75.350574][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 75.351420][ T5032] sp : ffff80001fd877c0 [ 75.352107][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 75.353425][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 75.354652][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c9400 [ 75.355863][ T5032] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 75.357111][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.358418][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.359688][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 75.360938][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.362216][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.363491][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.364827][ T5032] Call trace: [ 75.365336][ T5032] invalidate_bh_lru+0x128/0x234 [ 75.366142][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 75.367091][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.367949][ T5032] invalidate_bh_lrus+0x34/0x40 [ 75.368706][ T5032] blkdev_flush_mapping+0x168/0x31c [ 75.369505][ T5032] blkdev_put+0x490/0x6ac [ 75.370120][ T5032] blkdev_close+0x74/0xb0 [ 75.370753][ T5032] __fput+0x1c0/0x7f8 [ 75.371365][ T5032] ____fput+0x20/0x30 [ 75.371935][ T5032] task_work_run+0x12c/0x1e0 [ 75.372642][ T5032] do_notify_resume+0x24b4/0x3128 [ 75.373354][ T5032] el0_svc+0xf0/0x1e0 [ 75.373941][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 75.374655][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 75.375354][ T5032] irq event stamp: 111592 [ 75.376081][ T5032] hardirqs last enabled at (111591): [] kasan_quarantine_put+0xc4/0x204 [ 75.377731][ T5032] hardirqs last disabled at (111592): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.379478][ T5032] softirqs last enabled at (111328): [] local_bh_enable+0x10/0x34 [ 75.380967][ T5032] softirqs last disabled at (111326): [] local_bh_disable+0x10/0x34 [ 75.382425][ T5032] ---[ end trace 9e056b27e87ea92a ]--- [ 75.408597][ T5088] loop0: detected capacity change from 0 to 128 [ 75.410815][ T5088] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.412030][ T5088] Bad inode number on dev loop0: 2 is out of range [ 75.412934][ T5088] SysV FS: get root inode failed [ 75.413755][ T5088] oldfs: cannot read superblock [ 75.421358][ C1] ------------[ cut here ]------------ [ 75.422234][ C1] VFS: brelse: Trying to free free buffer [ 75.423163][ C1] WARNING: CPU: 1 PID: 5089 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.424461][ C1] Modules linked in: [ 75.425042][ C1] CPU: 1 PID: 5089 Comm: syz-executor Tainted: G W syzkaller #0 [ 75.426321][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.427719][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.429043][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 75.429854][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 75.430658][ C1] sp : ffff800008017de0 [ 75.431316][ C1] x29: ffff800008017de0 x28: ffff0000c16d3680 x27: 1fffe0003421a45c [ 75.432552][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 75.433753][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd14e8 [ 75.434921][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 75.436077][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.437244][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.438400][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 44e0b3ac33a7dc00 [ 75.439799][ C1] x8 : 44e0b3ac33a7dc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.441212][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.442592][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 75.443882][ C1] Call trace: [ 75.444391][ C1] invalidate_bh_lru+0x128/0x234 [ 75.445121][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 75.446082][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 75.447125][ C1] ipi_handler+0x10c/0x710 [ 75.447784][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 75.448619][ C1] handle_domain_irq+0x144/0x1fc [ 75.449381][ C1] gic_handle_irq+0x78/0x1c8 [ 75.450076][ C1] call_on_irq_stack+0x30/0x48 [ 75.450736][ C1] do_interrupt_handler+0x6c/0x88 [ 75.451459][ C1] el1_interrupt+0x30/0x58 [ 75.452108][ C1] el1h_64_irq_handler+0x18/0x24 [ 75.452823][ C1] el1h_64_irq+0x78/0x7c [ 75.453476][ C1] put_cpu_partial+0x198/0x218 [ 75.454169][ C1] __slab_free+0x184/0x254 [ 75.454781][ C1] ___cache_free+0x178/0x1bc [ 75.455421][ C1] qlink_free+0x5c/0xa4 [ 75.456018][ C1] qlist_free_all+0x40/0xa8 [ 75.456734][ C1] kasan_quarantine_reduce+0x124/0x130 [ 75.457551][ C1] __kasan_slab_alloc+0x34/0xcc [ 75.458271][ C1] slab_post_alloc_hook+0x74/0x408 [ 75.459030][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 75.459703][ C1] getname_flags+0xb8/0x450 [ 75.460371][ C1] user_path_at_empty+0x40/0x1a0 [ 75.461062][ C1] __arm64_sys_chdir+0xb4/0x26c [ 75.461719][ C1] invoke_syscall+0x98/0x2b8 [ 75.462363][ C1] el0_svc_common+0x138/0x258 [ 75.463178][ C1] do_el0_svc+0x58/0x14c [ 75.463858][ C1] el0_svc+0x78/0x1e0 [ 75.464482][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 75.465353][ C1] el0t_64_sync+0x1a0/0x1a4 [ 75.466095][ C1] irq event stamp: 296 [ 75.466747][ C1] hardirqs last enabled at (295): [] put_cpu_partial+0x188/0x218 [ 75.468277][ C1] hardirqs last disabled at (296): [] enter_el1_irq_or_nmi+0x10/0x1c [ 75.469755][ C1] softirqs last enabled at (14): [] local_bh_enable+0x10/0x34 [ 75.471203][ C1] softirqs last disabled at (12): [] local_bh_disable+0x10/0x34 [ 75.472752][ C1] ---[ end trace 9e056b27e87ea92b ]--- [ 75.498050][ T5090] loop0: detected capacity change from 0 to 128 [ 75.557969][ T5090] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.559795][ T5090] Bad inode number on dev loop0: 2 is out of range [ 75.560828][ T5090] SysV FS: get root inode failed [ 75.561589][ T5090] oldfs: cannot read superblock [ 75.569006][ T5032] ------------[ cut here ]------------ [ 75.569901][ T5032] VFS: brelse: Trying to free free buffer [ 75.570864][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.572125][ T5032] Modules linked in: [ 75.572736][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 75.573992][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.575439][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.576569][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 75.577362][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 75.578182][ T5032] sp : ffff80001fd877c0 [ 75.578811][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 75.580058][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 75.581294][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c97a0 [ 75.582479][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 75.583723][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.584933][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.586140][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 75.587318][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.588569][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.589878][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.591154][ T5032] Call trace: [ 75.591634][ T5032] invalidate_bh_lru+0x128/0x234 [ 75.592407][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 75.593341][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.594189][ T5032] invalidate_bh_lrus+0x34/0x40 [ 75.594984][ T5032] blkdev_flush_mapping+0x168/0x31c [ 75.595732][ T5032] blkdev_put+0x490/0x6ac [ 75.596383][ T5032] blkdev_close+0x74/0xb0 [ 75.597054][ T5032] __fput+0x1c0/0x7f8 [ 75.597677][ T5032] ____fput+0x20/0x30 [ 75.598234][ T5032] task_work_run+0x12c/0x1e0 [ 75.598938][ T5032] do_notify_resume+0x24b4/0x3128 [ 75.599689][ T5032] el0_svc+0xf0/0x1e0 [ 75.600263][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 75.600986][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 75.601706][ T5032] irq event stamp: 126058 [ 75.602381][ T5032] hardirqs last enabled at (126057): [] kasan_quarantine_put+0xc4/0x204 [ 75.603894][ T5032] hardirqs last disabled at (126058): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.605514][ T5032] softirqs last enabled at (125796): [] local_bh_enable+0x10/0x34 [ 75.606974][ T5032] softirqs last disabled at (125794): [] local_bh_disable+0x10/0x34 [ 75.608439][ T5032] ---[ end trace 9e056b27e87ea92c ]--- [ 75.647538][ T5092] loop0: detected capacity change from 0 to 128 [ 75.697338][ T5092] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.698702][ T5092] Bad inode number on dev loop0: 2 is out of range [ 75.699684][ T5092] SysV FS: get root inode failed [ 75.700431][ T5092] oldfs: cannot read superblock [ 75.719406][ T5032] ------------[ cut here ]------------ [ 75.720307][ T5032] VFS: brelse: Trying to free free buffer [ 75.721250][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.722695][ T5032] Modules linked in: [ 75.723409][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 75.724674][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.726272][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.727465][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 75.728215][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 75.729000][ T5032] sp : ffff80001fd877c0 [ 75.729605][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 75.730799][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 75.731991][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c9b40 [ 75.733225][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 75.734404][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.735605][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.736790][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 75.737974][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.739182][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.740473][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.741744][ T5032] Call trace: [ 75.742205][ T5032] invalidate_bh_lru+0x128/0x234 [ 75.742952][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 75.743959][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.744839][ T5032] invalidate_bh_lrus+0x34/0x40 [ 75.745642][ T5032] blkdev_flush_mapping+0x168/0x31c [ 75.746513][ T5032] blkdev_put+0x490/0x6ac [ 75.747253][ T5032] blkdev_close+0x74/0xb0 [ 75.747926][ T5032] __fput+0x1c0/0x7f8 [ 75.748551][ T5032] ____fput+0x20/0x30 [ 75.749185][ T5032] task_work_run+0x12c/0x1e0 [ 75.749880][ T5032] do_notify_resume+0x24b4/0x3128 [ 75.750638][ T5032] el0_svc+0xf0/0x1e0 [ 75.751252][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 75.751994][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 75.752641][ T5032] irq event stamp: 133766 [ 75.753327][ T5032] hardirqs last enabled at (133765): [] kasan_quarantine_put+0xc4/0x204 [ 75.754875][ T5032] hardirqs last disabled at (133766): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.756364][ T5032] softirqs last enabled at (133514): [] local_bh_enable+0x10/0x34 [ 75.757787][ T5032] softirqs last disabled at (133512): [] local_bh_disable+0x10/0x34 [ 75.759120][ T5032] ---[ end trace 9e056b27e87ea92d ]--- [ 75.777742][ T5096] loop0: detected capacity change from 0 to 128 [ 75.817115][ T5096] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 75.818328][ T5096] Bad inode number on dev loop0: 2 is out of range [ 75.819425][ T5096] SysV FS: get root inode failed [ 75.820213][ T5096] oldfs: cannot read superblock [ 75.825343][ T5032] ------------[ cut here ]------------ [ 75.826145][ T5032] VFS: brelse: Trying to free free buffer [ 75.827088][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 75.828444][ T5032] Modules linked in: [ 75.829094][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 75.830346][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 75.831834][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 75.832999][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 75.833744][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 75.834518][ T5032] sp : ffff80001fd877c0 [ 75.835156][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 75.836365][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 75.837615][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2c9ee0 [ 75.838906][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 75.840129][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 75.841431][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 75.842717][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 75.844067][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 75.845365][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 75.846601][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 75.847916][ T5032] Call trace: [ 75.848433][ T5032] invalidate_bh_lru+0x128/0x234 [ 75.849190][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 75.850088][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 75.850852][ T5032] invalidate_bh_lrus+0x34/0x40 [ 75.851606][ T5032] blkdev_flush_mapping+0x168/0x31c [ 75.852374][ T5032] blkdev_put+0x490/0x6ac [ 75.853089][ T5032] blkdev_close+0x74/0xb0 [ 75.853752][ T5032] __fput+0x1c0/0x7f8 [ 75.854373][ T5032] ____fput+0x20/0x30 [ 75.854959][ T5032] task_work_run+0x12c/0x1e0 [ 75.855655][ T5032] do_notify_resume+0x24b4/0x3128 [ 75.856415][ T5032] el0_svc+0xf0/0x1e0 [ 75.857007][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 75.857770][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 75.858545][ T5032] irq event stamp: 137928 [ 75.859263][ T5032] hardirqs last enabled at (137927): [] kasan_quarantine_put+0xc4/0x204 [ 75.860894][ T5032] hardirqs last disabled at (137928): [] smp_call_function_many_cond+0xa44/0xeb0 [ 75.862651][ T5032] softirqs last enabled at (137666): [] local_bh_enable+0x10/0x34 [ 75.864066][ T5032] softirqs last disabled at (137664): [] local_bh_disable+0x10/0x34 [ 75.865532][ T5032] ---[ end trace 9e056b27e87ea92e ]--- [ 75.921546][ T5099] loop0: detected capacity change from 0 to 128 [ 76.025870][ T5099] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.027029][ T5099] Bad inode number on dev loop0: 2 is out of range [ 76.027971][ T5099] SysV FS: get root inode failed [ 76.028683][ T5099] oldfs: cannot read superblock [ 76.060397][ T5032] ------------[ cut here ]------------ [ 76.061302][ T5032] VFS: brelse: Trying to free free buffer [ 76.062219][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.063480][ T5032] Modules linked in: [ 76.064112][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 76.065325][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.066851][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.067952][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 76.068736][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 76.069489][ T5032] sp : ffff80001fd877c0 [ 76.070099][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45c [ 76.071336][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 76.072539][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd1888 [ 76.073670][ T5032] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000000003 [ 76.074865][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.076009][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.077232][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 76.078403][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.079593][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.080819][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.082004][ T5032] Call trace: [ 76.082469][ T5032] invalidate_bh_lru+0x128/0x234 [ 76.083252][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 76.084105][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.084836][ T5032] invalidate_bh_lrus+0x34/0x40 [ 76.085671][ T5032] blkdev_flush_mapping+0x168/0x31c [ 76.086559][ T5032] blkdev_put+0x490/0x6ac [ 76.087298][ T5032] blkdev_close+0x74/0xb0 [ 76.087994][ T5032] __fput+0x1c0/0x7f8 [ 76.088617][ T5032] ____fput+0x20/0x30 [ 76.089255][ T5032] task_work_run+0x12c/0x1e0 [ 76.089925][ T5032] do_notify_resume+0x24b4/0x3128 [ 76.090679][ T5032] el0_svc+0xf0/0x1e0 [ 76.091296][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 76.092058][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 76.092733][ T5032] irq event stamp: 145466 [ 76.093423][ T5032] hardirqs last enabled at (145465): [] kasan_quarantine_put+0xc4/0x204 [ 76.094926][ T5032] hardirqs last disabled at (145466): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.096587][ T5032] softirqs last enabled at (145232): [] local_bh_enable+0x10/0x34 [ 76.098102][ T5032] softirqs last disabled at (145230): [] local_bh_disable+0x10/0x34 [ 76.099556][ T5032] ---[ end trace 9e056b27e87ea92f ]--- [ 76.147035][ T5103] loop0: detected capacity change from 0 to 128 [ 76.196249][ T5103] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.197422][ T5103] Bad inode number on dev loop0: 2 is out of range [ 76.198382][ T5103] SysV FS: get root inode failed [ 76.199077][ T5103] oldfs: cannot read superblock [ 76.199956][ T5103] ------------[ cut here ]------------ [ 76.200708][ T5103] VFS: brelse: Trying to free free buffer [ 76.201541][ T5103] WARNING: CPU: 1 PID: 5103 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.202873][ T5103] Modules linked in: [ 76.203533][ T5103] CPU: 1 PID: 5103 Comm: syz.0.61 Tainted: G W syzkaller #0 [ 76.204793][ T5103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.206380][ T5103] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.207565][ T5103] pc : invalidate_bh_lru+0x128/0x234 [ 76.208352][ T5103] lr : invalidate_bh_lru+0x128/0x234 [ 76.209139][ T5103] sp : ffff80001b9376e0 [ 76.209733][ T5103] x29: ffff80001b9376e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 76.210927][ T5103] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 76.212125][ T5103] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debd1c28 [ 76.213301][ T5103] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 76.214488][ T5103] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.215633][ T5103] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.216807][ T5103] x11: 0000000000000002 x10: 0000000000000000 x9 : 64ec6e3530733500 [ 76.217963][ T5103] x8 : 64ec6e3530733500 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.219125][ T5103] x5 : ffff80001b936fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.220262][ T5103] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.221433][ T5103] Call trace: [ 76.221931][ T5103] invalidate_bh_lru+0x128/0x234 [ 76.222650][ T5103] smp_call_function_many_cond+0xa50/0xeb0 [ 76.223473][ T5103] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.224289][ T5103] invalidate_bh_lrus+0x34/0x40 [ 76.225062][ T5103] blkdev_flush_mapping+0x168/0x31c [ 76.225845][ T5103] blkdev_put+0x490/0x6ac [ 76.226514][ T5103] kill_block_super+0x98/0xdc [ 76.227215][ T5103] deactivate_locked_super+0xb8/0x13c [ 76.227984][ T5103] mount_bdev+0x284/0x358 [ 76.228613][ T5103] sysv_mount+0x44/0x58 [ 76.229218][ T5103] legacy_get_tree+0xd4/0x16c [ 76.229913][ T5103] vfs_get_tree+0x90/0x274 [ 76.230566][ T5103] do_new_mount+0x228/0x810 [ 76.231209][ T5103] path_mount+0x5b4/0x1000 [ 76.231856][ T5103] __arm64_sys_mount+0x514/0x5e4 [ 76.232548][ T5103] invoke_syscall+0x98/0x2b8 [ 76.233238][ T5103] el0_svc_common+0x138/0x258 [ 76.233915][ T5103] do_el0_svc+0x58/0x14c [ 76.234531][ T5103] el0_svc+0x78/0x1e0 [ 76.235088][ T5103] el0t_64_sync_handler+0xcc/0xe4 [ 76.235822][ T5103] el0t_64_sync+0x1a0/0x1a4 [ 76.236486][ T5103] irq event stamp: 1114 [ 76.237082][ T5103] hardirqs last enabled at (1113): [] kasan_quarantine_put+0xc4/0x204 [ 76.238474][ T5103] hardirqs last disabled at (1114): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.239962][ T5103] softirqs last enabled at (904): [] local_bh_enable+0x10/0x34 [ 76.241313][ T5103] softirqs last disabled at (902): [] local_bh_disable+0x10/0x34 [ 76.242632][ T5103] ---[ end trace 9e056b27e87ea930 ]--- [ 76.322462][ T5105] loop0: detected capacity change from 0 to 128 [ 76.329586][ T5105] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.330759][ T5105] Bad inode number on dev loop0: 2 is out of range [ 76.331714][ T5105] SysV FS: get root inode failed [ 76.332545][ T5105] oldfs: cannot read superblock [ 76.341132][ C1] ------------[ cut here ]------------ [ 76.341966][ C1] VFS: brelse: Trying to free free buffer [ 76.342880][ C1] WARNING: CPU: 1 PID: 526 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.344172][ C1] Modules linked in: [ 76.344768][ C1] CPU: 1 PID: 526 Comm: kworker/u4:4 Tainted: G W syzkaller #0 [ 76.346124][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.347616][ C1] Workqueue: netns cleanup_net [ 76.348311][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.349445][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.350190][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.351010][ C1] sp : ffff800008017de0 [ 76.351633][ C1] x29: ffff800008017de0 x28: ffff0000c8469b40 x27: 1fffe0003421a45b [ 76.352849][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 76.354082][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debcd060 [ 76.355289][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010002 [ 76.356488][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.357706][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.358879][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : c6e98c1c9a1f3700 [ 76.360071][ C1] x8 : c6e98c1c9a1f3700 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.361277][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.362564][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.363742][ C1] Call trace: [ 76.364236][ C1] invalidate_bh_lru+0x128/0x234 [ 76.364935][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.365818][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.366811][ C1] ipi_handler+0x10c/0x710 [ 76.367480][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.368280][ C1] handle_domain_irq+0x144/0x1fc [ 76.368976][ C1] gic_handle_irq+0x78/0x1c8 [ 76.369612][ C1] call_on_irq_stack+0x30/0x48 [ 76.370307][ C1] do_interrupt_handler+0x6c/0x88 [ 76.371023][ C1] el1_interrupt+0x30/0x58 [ 76.371652][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.372360][ C1] el1h_64_irq+0x78/0x7c [ 76.373009][ C1] __local_bh_enable_ip+0x200/0x380 [ 76.373776][ C1] _raw_spin_unlock_bh+0xec/0x174 [ 76.374532][ C1] tcp_metrics_flush_all+0x288/0x348 [ 76.375314][ C1] tcp_net_metrics_exit_batch+0x18/0x24 [ 76.376173][ C1] cleanup_net+0x644/0xa98 [ 76.376822][ C1] process_one_work+0x79c/0x1140 [ 76.377520][ C1] worker_thread+0x8f4/0x101c [ 76.378189][ C1] kthread+0x374/0x454 [ 76.378787][ C1] ret_from_fork+0x10/0x20 [ 76.379406][ C1] irq event stamp: 1465088 [ 76.380031][ C1] hardirqs last enabled at (1465087): [] __local_bh_enable_ip+0x1f8/0x380 [ 76.381462][ C1] hardirqs last disabled at (1465088): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.382890][ C1] softirqs last enabled at (1465086): [] tcp_metrics_flush_all+0x288/0x348 [ 76.384379][ C1] softirqs last disabled at (1465084): [] tcp_metrics_flush_all+0x80/0x348 [ 76.385799][ C1] ---[ end trace 9e056b27e87ea931 ]--- [ 76.418088][ T5107] loop0: detected capacity change from 0 to 128 [ 76.455651][ T5107] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.457099][ T5107] Bad inode number on dev loop0: 2 is out of range [ 76.458107][ T5107] SysV FS: get root inode failed [ 76.458853][ T5107] oldfs: cannot read superblock [ 76.478319][ T5109] ------------[ cut here ]------------ [ 76.479281][ T5109] VFS: brelse: Trying to free free buffer [ 76.480255][ T5109] WARNING: CPU: 1 PID: 5109 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.481619][ T5109] Modules linked in: [ 76.482200][ T5109] CPU: 1 PID: 5109 Comm: syz.0.64 Tainted: G W syzkaller #0 [ 76.483532][ T5109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.485068][ T5109] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.486305][ T5109] pc : invalidate_bh_lru+0x128/0x234 [ 76.487165][ T5109] lr : invalidate_bh_lru+0x128/0x234 [ 76.488087][ T5109] sp : ffff80001ba677c0 [ 76.488777][ T5109] x29: ffff80001ba677c0 x28: ffff80001418d000 x27: 1fffe0003421a45e [ 76.490105][ T5109] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000003 [ 76.491395][ T5109] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debcd400 [ 76.492699][ T5109] x20: ffff0001a10d22f0 x19: ffff8000113da820 x18: 0000000000000003 [ 76.493874][ T5109] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.495032][ T5109] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.496207][ T5109] x11: 0000000000000002 x10: 0000000000000000 x9 : cec15b809c55f500 [ 76.497466][ T5109] x8 : cec15b809c55f500 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.498638][ T5109] x5 : ffff80001ba670b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.499764][ T5109] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.500954][ T5109] Call trace: [ 76.501406][ T5109] invalidate_bh_lru+0x128/0x234 [ 76.502148][ T5109] smp_call_function_many_cond+0xa50/0xeb0 [ 76.502993][ T5109] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.503708][ T5109] invalidate_bh_lrus+0x34/0x40 [ 76.504399][ T5109] blkdev_flush_mapping+0x168/0x31c [ 76.505190][ T5109] blkdev_put+0x490/0x6ac [ 76.505805][ T5109] blkdev_close+0x74/0xb0 [ 76.506449][ T5109] __fput+0x1c0/0x7f8 [ 76.507019][ T5109] ____fput+0x20/0x30 [ 76.507647][ T5109] task_work_run+0x12c/0x1e0 [ 76.508397][ T5109] do_notify_resume+0x24b4/0x3128 [ 76.509139][ T5109] el0_svc+0xf0/0x1e0 [ 76.509724][ T5109] el0t_64_sync_handler+0xcc/0xe4 [ 76.510429][ T5109] el0t_64_sync+0x1a0/0x1a4 [ 76.511082][ T5109] irq event stamp: 764 [ 76.511724][ T5109] hardirqs last enabled at (763): [] finish_lock_switch+0xb0/0x1c4 [ 76.513134][ T5109] hardirqs last disabled at (764): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.514632][ T5109] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 76.515940][ T5109] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 76.517336][ T5109] ---[ end trace 9e056b27e87ea932 ]--- [ 76.567049][ T5111] loop0: detected capacity change from 0 to 128 [ 76.625858][ T5111] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.627093][ T5111] Bad inode number on dev loop0: 2 is out of range [ 76.628163][ T5111] SysV FS: get root inode failed [ 76.628886][ T5111] oldfs: cannot read superblock [ 76.635428][ C1] ------------[ cut here ]------------ [ 76.636319][ C1] VFS: brelse: Trying to free free buffer [ 76.637090][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.638518][ C1] Modules linked in: [ 76.639102][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.640470][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.641975][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.643156][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 76.643903][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 76.644699][ C1] sp : ffff800008017de0 [ 76.645330][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45b [ 76.646580][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 76.647822][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc96b8 [ 76.648994][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010002 [ 76.650261][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.651542][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.652743][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 76.653956][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.655183][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.656410][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.657607][ C1] Call trace: [ 76.658087][ C1] invalidate_bh_lru+0x128/0x234 [ 76.658843][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 76.659722][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.660782][ C1] ipi_handler+0x10c/0x710 [ 76.661432][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 76.662272][ C1] handle_domain_irq+0x144/0x1fc [ 76.663027][ C1] gic_handle_irq+0x78/0x1c8 [ 76.663652][ C1] call_on_irq_stack+0x30/0x48 [ 76.664346][ C1] do_interrupt_handler+0x6c/0x88 [ 76.665128][ C1] el1_interrupt+0x30/0x58 [ 76.665788][ C1] el1h_64_irq_handler+0x18/0x24 [ 76.666538][ C1] el1h_64_irq+0x78/0x7c [ 76.667172][ C1] __sanitizer_cov_trace_pc+0x24/0xac [ 76.667959][ C1] xt_target_to_user+0x88/0x1a8 [ 76.668712][ C1] do_ipt_get_ctl+0xfc0/0x13a8 [ 76.669417][ C1] nf_getsockopt+0x264/0x284 [ 76.670110][ C1] ip_getsockopt+0xffc/0x158c [ 76.670822][ C1] tcp_getsockopt+0x208/0x2e78 [ 76.671587][ C1] sock_common_getsockopt+0xa8/0xc4 [ 76.672413][ C1] __sys_getsockopt+0x1b8/0x250 [ 76.673150][ C1] __arm64_sys_getsockopt+0xb8/0xd4 [ 76.673923][ C1] invoke_syscall+0x98/0x2b8 [ 76.674607][ C1] el0_svc_common+0x138/0x258 [ 76.675296][ C1] do_el0_svc+0x58/0x14c [ 76.675931][ C1] el0_svc+0x78/0x1e0 [ 76.676532][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 76.677387][ C1] el0t_64_sync+0x1a0/0x1a4 [ 76.678128][ C1] irq event stamp: 318848 [ 76.678832][ C1] hardirqs last enabled at (318847): [] alloc_counters+0x3d4/0x7a4 [ 76.680391][ C1] hardirqs last disabled at (318848): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.681897][ C1] softirqs last enabled at (318826): [] release_sock+0x1d0/0x258 [ 76.683331][ C1] softirqs last disabled at (318824): [] release_sock+0x34/0x258 [ 76.684743][ C1] ---[ end trace 9e056b27e87ea933 ]--- 1970/01/01 00:01:16 executed programs: 53 [ 76.727414][ T5113] loop0: detected capacity change from 0 to 128 [ 76.767559][ T5113] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.768751][ T5113] Bad inode number on dev loop0: 2 is out of range [ 76.769756][ T5113] SysV FS: get root inode failed [ 76.770550][ T5113] oldfs: cannot read superblock [ 76.777034][ C0] ------------[ cut here ]------------ [ 76.777915][ C0] VFS: brelse: Trying to free free buffer [ 76.778811][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.780065][ C0] Modules linked in: [ 76.780608][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 76.781926][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.783396][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.784609][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 76.785406][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 76.786231][ C0] sp : ffff800008007de0 [ 76.786818][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 76.787980][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 76.789124][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd248318 [ 76.790377][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 76.791613][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.792809][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.794017][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 76.795144][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.796362][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.797581][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 76.798751][ C0] Call trace: [ 76.799249][ C0] invalidate_bh_lru+0x128/0x234 [ 76.800006][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 76.800931][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 76.801913][ C0] ipi_handler+0x10c/0x710 [ 76.802526][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 76.803343][ C0] handle_domain_irq+0x144/0x1fc [ 76.804026][ C0] gic_handle_irq+0x78/0x1c8 [ 76.804666][ C0] call_on_irq_stack+0x30/0x48 [ 76.805335][ C0] do_interrupt_handler+0x6c/0x88 [ 76.806006][ C0] el1_interrupt+0x30/0x58 [ 76.806607][ C0] el1h_64_irq_handler+0x18/0x24 [ 76.807327][ C0] el1h_64_irq+0x78/0x7c [ 76.807942][ C0] arch_local_irq_restore+0x8/0x10 [ 76.808658][ C0] ___might_sleep+0x98/0x4d4 [ 76.809334][ C0] __might_sleep+0x98/0x124 [ 76.809975][ C0] __might_fault+0x80/0x128 [ 76.810653][ C0] do_ip6t_get_ctl+0xdf0/0x13a8 [ 76.811378][ C0] nf_getsockopt+0x264/0x284 [ 76.812097][ C0] ipv6_getsockopt+0x52c/0x2584 [ 76.812759][ C0] tcp_getsockopt+0x208/0x2e78 [ 76.813404][ C0] sock_common_getsockopt+0xa8/0xc4 [ 76.814188][ C0] __sys_getsockopt+0x1b8/0x250 [ 76.814929][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 76.815632][ C0] invoke_syscall+0x98/0x2b8 [ 76.816310][ C0] el0_svc_common+0x138/0x258 [ 76.817021][ C0] do_el0_svc+0x58/0x14c [ 76.817660][ C0] el0_svc+0x78/0x1e0 [ 76.818249][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 76.818928][ C0] el0t_64_sync+0x1a0/0x1a4 [ 76.819520][ C0] irq event stamp: 323228 [ 76.820122][ C0] hardirqs last enabled at (323227): [] alloc_counters+0x3d4/0x7a4 [ 76.821527][ C0] hardirqs last disabled at (323228): [] enter_el1_irq_or_nmi+0x10/0x1c [ 76.822911][ C0] softirqs last enabled at (323154): [] local_bh_enable+0x10/0x34 [ 76.824446][ C0] softirqs last disabled at (323152): [] local_bh_disable+0x10/0x34 [ 76.825803][ C0] ---[ end trace 9e056b27e87ea934 ]--- [ 76.858049][ T5115] loop0: detected capacity change from 0 to 128 [ 76.868029][ T5115] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 76.869207][ T5115] Bad inode number on dev loop0: 2 is out of range [ 76.870218][ T5115] SysV FS: get root inode failed [ 76.870992][ T5115] oldfs: cannot read superblock [ 76.876458][ T5032] ------------[ cut here ]------------ [ 76.877295][ T5032] VFS: brelse: Trying to free free buffer [ 76.878264][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 76.879603][ T5032] Modules linked in: [ 76.880201][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 76.881404][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 76.882938][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 76.884112][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 76.884904][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 76.885692][ T5032] sp : ffff80001fd877c0 [ 76.886306][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 76.887547][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 76.888818][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2486b8 [ 76.890085][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 76.891350][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 76.892664][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 76.893909][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 76.895212][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 76.896437][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 76.897803][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 76.899163][ T5032] Call trace: [ 76.899708][ T5032] invalidate_bh_lru+0x128/0x234 [ 76.900508][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 76.901422][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 76.902223][ T5032] invalidate_bh_lrus+0x34/0x40 [ 76.903015][ T5032] blkdev_flush_mapping+0x168/0x31c [ 76.903805][ T5032] blkdev_put+0x490/0x6ac [ 76.904433][ T5032] blkdev_close+0x74/0xb0 [ 76.905041][ T5032] __fput+0x1c0/0x7f8 [ 76.905620][ T5032] ____fput+0x20/0x30 [ 76.906259][ T5032] task_work_run+0x12c/0x1e0 [ 76.906910][ T5032] do_notify_resume+0x24b4/0x3128 [ 76.907628][ T5032] el0_svc+0xf0/0x1e0 [ 76.908240][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 76.908944][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 76.909621][ T5032] irq event stamp: 179284 [ 76.910198][ T5032] hardirqs last enabled at (179283): [] kasan_quarantine_put+0xc4/0x204 [ 76.911583][ T5032] hardirqs last disabled at (179284): [] smp_call_function_many_cond+0xa44/0xeb0 [ 76.913086][ T5032] softirqs last enabled at (178998): [] local_bh_enable+0x10/0x34 [ 76.914484][ T5032] softirqs last disabled at (178996): [] local_bh_disable+0x10/0x34 [ 76.915911][ T5032] ---[ end trace 9e056b27e87ea935 ]--- [ 76.966746][ T5117] loop0: detected capacity change from 0 to 128 [ 77.005282][ T5117] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.006575][ T5117] Bad inode number on dev loop0: 2 is out of range [ 77.007612][ T5117] SysV FS: get root inode failed [ 77.008429][ T5117] oldfs: cannot read superblock [ 77.009214][ T5117] ------------[ cut here ]------------ [ 77.010031][ T5117] VFS: brelse: Trying to free free buffer [ 77.010979][ T5117] WARNING: CPU: 1 PID: 5117 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.012308][ T5117] Modules linked in: [ 77.012910][ T5117] CPU: 1 PID: 5117 Comm: syz.0.68 Tainted: G W syzkaller #0 [ 77.014207][ T5117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.015675][ T5117] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.016834][ T5117] pc : invalidate_bh_lru+0x128/0x234 [ 77.017600][ T5117] lr : invalidate_bh_lru+0x128/0x234 [ 77.018397][ T5117] sp : ffff80001fe276e0 [ 77.018993][ T5117] x29: ffff80001fe276e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 77.020250][ T5117] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 77.021489][ T5117] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc9a58 [ 77.022693][ T5117] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 77.023951][ T5117] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.025286][ T5117] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.026584][ T5117] x11: 0000000000000002 x10: 0000000000000000 x9 : 04723ab62d5d7e00 [ 77.027924][ T5117] x8 : 04723ab62d5d7e00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.029228][ T5117] x5 : ffff80001fe26fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.030491][ T5117] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.031896][ T5117] Call trace: [ 77.032457][ T5117] invalidate_bh_lru+0x128/0x234 [ 77.033213][ T5117] smp_call_function_many_cond+0xa50/0xeb0 [ 77.034128][ T5117] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.034875][ T5117] invalidate_bh_lrus+0x34/0x40 [ 77.035626][ T5117] blkdev_flush_mapping+0x168/0x31c [ 77.036441][ T5117] blkdev_put+0x490/0x6ac [ 77.037081][ T5117] kill_block_super+0x98/0xdc [ 77.037807][ T5117] deactivate_locked_super+0xb8/0x13c [ 77.038573][ T5117] mount_bdev+0x284/0x358 [ 77.039218][ T5117] sysv_mount+0x44/0x58 [ 77.039843][ T5117] legacy_get_tree+0xd4/0x16c [ 77.040522][ T5117] vfs_get_tree+0x90/0x274 [ 77.041156][ T5117] do_new_mount+0x228/0x810 [ 77.041830][ T5117] path_mount+0x5b4/0x1000 [ 77.042485][ T5117] __arm64_sys_mount+0x514/0x5e4 [ 77.043196][ T5117] invoke_syscall+0x98/0x2b8 [ 77.043839][ T5117] el0_svc_common+0x138/0x258 [ 77.044593][ T5117] do_el0_svc+0x58/0x14c [ 77.045264][ T5117] el0_svc+0x78/0x1e0 [ 77.045904][ T5117] el0t_64_sync_handler+0xcc/0xe4 [ 77.046781][ T5117] el0t_64_sync+0x1a0/0x1a4 [ 77.047525][ T5117] irq event stamp: 1130 [ 77.048186][ T5117] hardirqs last enabled at (1129): [] kasan_quarantine_put+0xc4/0x204 [ 77.049794][ T5117] hardirqs last disabled at (1130): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.051521][ T5117] softirqs last enabled at (884): [] local_bh_enable+0x10/0x34 [ 77.052938][ T5117] softirqs last disabled at (882): [] local_bh_disable+0x10/0x34 [ 77.054446][ T5117] ---[ end trace 9e056b27e87ea936 ]--- [ 77.129668][ T5119] loop0: detected capacity change from 0 to 128 [ 77.166911][ T5119] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.168128][ T5119] Bad inode number on dev loop0: 2 is out of range [ 77.169100][ T5119] SysV FS: get root inode failed [ 77.169965][ T5119] oldfs: cannot read superblock [ 77.179412][ C0] ------------[ cut here ]------------ [ 77.180285][ C0] VFS: brelse: Trying to free free buffer [ 77.181211][ C0] WARNING: CPU: 0 PID: 5121 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.182581][ C0] Modules linked in: [ 77.183140][ C0] CPU: 0 PID: 5121 Comm: syz.0.70 Tainted: G W syzkaller #0 [ 77.184424][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.185870][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.187059][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 77.187946][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 77.188829][ C0] sp : ffff800008007de0 [ 77.189499][ C0] x29: ffff800008007de0 x28: ffff0000c22c1b40 x27: 1fffe0003421625c [ 77.190768][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 77.191975][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd248a58 [ 77.193161][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 77.194462][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.195703][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.196988][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 51584ee5106dc600 [ 77.198238][ C0] x8 : 51584ee5106dc600 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.199411][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.200637][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.201870][ C0] Call trace: [ 77.202357][ C0] invalidate_bh_lru+0x128/0x234 [ 77.203093][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.204016][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.205031][ C0] ipi_handler+0x10c/0x710 [ 77.205696][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 77.206623][ C0] handle_domain_irq+0x144/0x1fc [ 77.207429][ C0] gic_handle_irq+0x78/0x1c8 [ 77.208195][ C0] call_on_irq_stack+0x30/0x48 [ 77.208975][ C0] do_interrupt_handler+0x6c/0x88 [ 77.209804][ C0] el0_interrupt+0x94/0x260 [ 77.210529][ C0] __el0_irq_handler_common+0x18/0x24 [ 77.211391][ C0] el0t_64_irq_handler+0x10/0x1c [ 77.212159][ C0] el0t_64_irq+0x1a0/0x1a4 [ 77.212828][ C0] irq event stamp: 50 [ 77.213392][ C0] hardirqs last enabled at (49): [] el0t_64_sync_handler+0xd8/0xe4 [ 77.214850][ C0] hardirqs last disabled at (50): [] __el0_irq_handler_common+0x18/0x24 [ 77.216399][ C0] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 77.217822][ C0] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 77.219256][ C0] ---[ end trace 9e056b27e87ea937 ]--- [ 77.256920][ T5121] loop0: detected capacity change from 0 to 128 [ 77.259641][ T5121] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.260899][ T5121] Bad inode number on dev loop0: 2 is out of range [ 77.262065][ T5121] SysV FS: get root inode failed [ 77.262867][ T5121] oldfs: cannot read superblock [ 77.270186][ T5032] ------------[ cut here ]------------ [ 77.271066][ T5032] VFS: brelse: Trying to free free buffer [ 77.272050][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.273433][ T5032] Modules linked in: [ 77.274030][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 77.275277][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.276845][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.278019][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 77.278821][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 77.279637][ T5032] sp : ffff80001fd877c0 [ 77.280263][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 77.281503][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 77.282687][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000debc9df8 [ 77.283908][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 77.285065][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.286221][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.287543][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 77.288817][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.290124][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.291390][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 77.292806][ T5032] Call trace: [ 77.293402][ T5032] invalidate_bh_lru+0x128/0x234 [ 77.294271][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 77.295239][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 77.296069][ T5032] invalidate_bh_lrus+0x34/0x40 [ 77.296878][ T5032] blkdev_flush_mapping+0x168/0x31c [ 77.297740][ T5032] blkdev_put+0x490/0x6ac [ 77.298439][ T5032] blkdev_close+0x74/0xb0 [ 77.299100][ T5032] __fput+0x1c0/0x7f8 [ 77.299703][ T5032] ____fput+0x20/0x30 [ 77.300347][ T5032] task_work_run+0x12c/0x1e0 [ 77.301095][ T5032] do_notify_resume+0x24b4/0x3128 [ 77.301944][ T5032] el0_svc+0xf0/0x1e0 [ 77.302591][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 77.303414][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 77.304162][ T5032] irq event stamp: 195094 [ 77.304902][ T5032] hardirqs last enabled at (195093): [] kasan_quarantine_put+0xc4/0x204 [ 77.306465][ T5032] hardirqs last disabled at (195094): [] smp_call_function_many_cond+0xa44/0xeb0 [ 77.308061][ T5032] softirqs last enabled at (194830): [] local_bh_enable+0x10/0x34 [ 77.309465][ T5032] softirqs last disabled at (194828): [] local_bh_disable+0x10/0x34 [ 77.310925][ T5032] ---[ end trace 9e056b27e87ea938 ]--- [ 77.358394][ T5123] loop0: detected capacity change from 0 to 128 [ 77.360834][ T5123] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.362057][ T5123] Bad inode number on dev loop0: 2 is out of range [ 77.363037][ T5123] SysV FS: get root inode failed [ 77.363763][ T5123] oldfs: cannot read superblock [ 77.380684][ C1] ------------[ cut here ]------------ [ 77.381641][ C1] VFS: brelse: Trying to free free buffer [ 77.382558][ C1] WARNING: CPU: 1 PID: 5125 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.383932][ C1] Modules linked in: [ 77.384479][ C1] CPU: 1 PID: 5125 Comm: syz.0.72 Tainted: G W syzkaller #0 [ 77.385777][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.387305][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.388483][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 77.389238][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 77.390039][ C1] sp : ffff800008017de0 [ 77.390670][ C1] x29: ffff800008017de0 x28: ffff0000c85351c0 x27: 1fffe0003421a45c [ 77.391879][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 77.393054][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2846230 [ 77.394297][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 77.395530][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.396746][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.398035][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 0c83123917379900 [ 77.399314][ C1] x8 : 0c83123917379900 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.400613][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.401852][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.403116][ C1] Call trace: [ 77.403606][ C1] invalidate_bh_lru+0x128/0x234 [ 77.404387][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.405322][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.406364][ C1] ipi_handler+0x10c/0x710 [ 77.407101][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 77.407896][ C1] handle_domain_irq+0x144/0x1fc [ 77.408611][ C1] gic_handle_irq+0x78/0x1c8 [ 77.409267][ C1] call_on_irq_stack+0x30/0x48 [ 77.409932][ C1] do_interrupt_handler+0x6c/0x88 [ 77.410660][ C1] el1_interrupt+0x30/0x58 [ 77.411343][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.412085][ C1] el1h_64_irq+0x78/0x7c [ 77.412664][ C1] lock_is_held_type+0x34/0x198 [ 77.413334][ C1] devcgroup_check_permission+0x170/0x800 [ 77.414180][ C1] inode_permission+0x2ac/0x3c0 [ 77.414862][ C1] may_open+0x274/0x3b8 [ 77.415483][ C1] path_openat+0x1e54/0x26e4 [ 77.416201][ C1] do_filp_open+0x164/0x330 [ 77.416873][ C1] do_sys_openat2+0x128/0x3d8 [ 77.417599][ C1] __arm64_sys_openat+0x120/0x154 [ 77.418354][ C1] invoke_syscall+0x98/0x2b8 [ 77.419009][ C1] el0_svc_common+0x138/0x258 [ 77.419803][ C1] do_el0_svc+0x58/0x14c [ 77.420455][ C1] el0_svc+0x78/0x1e0 [ 77.421056][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 77.421874][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.422571][ C1] irq event stamp: 644 [ 77.423117][ C1] hardirqs last enabled at (643): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 77.424841][ C1] hardirqs last disabled at (644): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.426256][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 77.427535][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 77.428825][ C1] ---[ end trace 9e056b27e87ea939 ]--- [ 77.455495][ T5125] loop0: detected capacity change from 0 to 128 [ 77.536745][ T5125] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.537973][ T5125] Bad inode number on dev loop0: 2 is out of range [ 77.538946][ T5125] SysV FS: get root inode failed [ 77.539696][ T5125] oldfs: cannot read superblock [ 77.548063][ C0] ------------[ cut here ]------------ [ 77.548924][ C0] VFS: brelse: Trying to free free buffer [ 77.549835][ C0] WARNING: CPU: 0 PID: 5126 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.551210][ C0] Modules linked in: [ 77.551782][ C0] CPU: 0 PID: 5126 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.553155][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.554697][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.555940][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 77.556777][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 77.557614][ C0] sp : ffff800008007de0 [ 77.558256][ C0] x29: ffff800008007de0 x28: ffff0000d0c63680 x27: 1fffe0003421625c [ 77.559512][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 77.560800][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd248df8 [ 77.562068][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 77.563326][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.564580][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.565746][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 92e1dc74d291fc00 [ 77.566951][ C0] x8 : 92e1dc74d291fc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.568151][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.569316][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.570513][ C0] Call trace: [ 77.571008][ C0] invalidate_bh_lru+0x128/0x234 [ 77.571746][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.572587][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.573586][ C0] ipi_handler+0x10c/0x710 [ 77.574244][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 77.575036][ C0] handle_domain_irq+0x144/0x1fc [ 77.575742][ C0] gic_handle_irq+0x78/0x1c8 [ 77.576406][ C0] call_on_irq_stack+0x30/0x48 [ 77.577129][ C0] do_interrupt_handler+0x6c/0x88 [ 77.577900][ C0] el1_interrupt+0x30/0x58 [ 77.578569][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.579258][ C0] el1h_64_irq+0x78/0x7c [ 77.579907][ C0] kfree_link+0x0/0x30 [ 77.580515][ C0] link_path_walk+0x590/0xb8c [ 77.581203][ C0] path_openat+0x1c0/0x26e4 [ 77.581913][ C0] do_filp_open+0x164/0x330 [ 77.582550][ C0] do_sys_openat2+0x128/0x3d8 [ 77.583203][ C0] __arm64_sys_openat+0x120/0x154 [ 77.583938][ C0] invoke_syscall+0x98/0x2b8 [ 77.584551][ C0] el0_svc_common+0x138/0x258 [ 77.585252][ C0] do_el0_svc+0x58/0x14c [ 77.585937][ C0] el0_svc+0x78/0x1e0 [ 77.586518][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.587364][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.588089][ C0] irq event stamp: 766 [ 77.588734][ C0] hardirqs last enabled at (765): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 77.590280][ C0] hardirqs last disabled at (766): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.591738][ C0] softirqs last enabled at (456): [] local_bh_enable+0x10/0x34 [ 77.593123][ C0] softirqs last disabled at (454): [] local_bh_disable+0x10/0x34 [ 77.594451][ C0] ---[ end trace 9e056b27e87ea93a ]--- [ 77.657634][ T5127] loop0: detected capacity change from 0 to 128 [ 77.660452][ T5127] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.661654][ T5127] Bad inode number on dev loop0: 2 is out of range [ 77.662723][ T5127] SysV FS: get root inode failed [ 77.663560][ T5127] oldfs: cannot read superblock [ 77.672264][ C1] ------------[ cut here ]------------ [ 77.673165][ C1] VFS: brelse: Trying to free free buffer [ 77.674085][ C1] WARNING: CPU: 1 PID: 5128 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.675327][ C1] Modules linked in: [ 77.675875][ C1] CPU: 1 PID: 5128 Comm: syz.0.74 Tainted: G W syzkaller #0 [ 77.677049][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.678510][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.679711][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 77.680491][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 77.681290][ C1] sp : ffff800008017de0 [ 77.681921][ C1] x29: ffff800008017de0 x28: ffff0000cc53b680 x27: 1fffe0003421a45c [ 77.683047][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 77.684317][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28465d0 [ 77.685466][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 77.686659][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.687884][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.689114][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 7de93a846967a900 [ 77.690335][ C1] x8 : 7de93a846967a900 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.691533][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.692819][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 77.694102][ C1] Call trace: [ 77.694553][ C1] invalidate_bh_lru+0x128/0x234 [ 77.695315][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 77.696262][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.697241][ C1] ipi_handler+0x10c/0x710 [ 77.697888][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 77.698724][ C1] handle_domain_irq+0x144/0x1fc [ 77.699464][ C1] gic_handle_irq+0x78/0x1c8 [ 77.700175][ C1] call_on_irq_stack+0x30/0x48 [ 77.700938][ C1] do_interrupt_handler+0x6c/0x88 [ 77.701688][ C1] el1_interrupt+0x30/0x58 [ 77.702373][ C1] el1h_64_irq_handler+0x18/0x24 [ 77.703140][ C1] el1h_64_irq+0x78/0x7c [ 77.703804][ C1] memset+0x84/0x88 [ 77.704395][ C1] arch_stack_walk+0x200/0x2b4 [ 77.705018][ C1] stack_trace_save+0x94/0xd8 [ 77.705708][ C1] __kasan_slab_alloc+0x8c/0xcc [ 77.706357][ C1] slab_post_alloc_hook+0x74/0x408 [ 77.707147][ C1] kmem_cache_alloc+0x1e0/0x3e4 [ 77.707876][ C1] pte_alloc_one+0x78/0x258 [ 77.708577][ C1] __pte_alloc+0x34/0x21c [ 77.709214][ C1] handle_mm_fault+0x238c/0x2970 [ 77.709918][ C1] do_page_fault+0x694/0xad4 [ 77.710556][ C1] do_translation_fault+0xe0/0x130 [ 77.711303][ C1] do_mem_abort+0x6c/0x1ac [ 77.711941][ C1] el0_da+0x90/0x1fc [ 77.712466][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 77.713172][ C1] el0t_64_sync+0x1a0/0x1a4 [ 77.713847][ C1] irq event stamp: 1104 [ 77.714461][ C1] hardirqs last enabled at (1103): [] try_charge_memcg+0x1d8/0x11bc [ 77.715893][ C1] hardirqs last disabled at (1104): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.717387][ C1] softirqs last enabled at (1082): [] local_bh_enable+0x10/0x34 [ 77.718837][ C1] softirqs last disabled at (1080): [] local_bh_disable+0x10/0x34 [ 77.720369][ C1] ---[ end trace 9e056b27e87ea93b ]--- [ 77.748190][ T5129] loop0: detected capacity change from 0 to 128 [ 77.750721][ T5129] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.751894][ T5129] Bad inode number on dev loop0: 2 is out of range [ 77.752834][ T5129] SysV FS: get root inode failed [ 77.753619][ T5129] oldfs: cannot read superblock [ 77.757852][ C0] ------------[ cut here ]------------ [ 77.758750][ C0] VFS: brelse: Trying to free free buffer [ 77.759638][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.760948][ C0] Modules linked in: [ 77.761533][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 77.762850][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.764270][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.765409][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 77.766203][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 77.767048][ C0] sp : ffff800008007de0 [ 77.767709][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 77.769021][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 77.770344][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2bfb40 [ 77.771661][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 77.772968][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 77.774347][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 77.775679][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 77.776969][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 77.778283][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 77.779571][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 77.780786][ C0] Call trace: [ 77.781308][ C0] invalidate_bh_lru+0x128/0x234 [ 77.782029][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 77.782938][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 77.784028][ C0] ipi_handler+0x10c/0x710 [ 77.784737][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 77.785673][ C0] handle_domain_irq+0x144/0x1fc [ 77.786433][ C0] gic_handle_irq+0x78/0x1c8 [ 77.787135][ C0] call_on_irq_stack+0x30/0x48 [ 77.787917][ C0] do_interrupt_handler+0x6c/0x88 [ 77.788738][ C0] el1_interrupt+0x30/0x58 [ 77.789420][ C0] el1h_64_irq_handler+0x18/0x24 [ 77.790182][ C0] el1h_64_irq+0x78/0x7c [ 77.790826][ C0] ___slab_alloc+0x2e8/0xda8 [ 77.791547][ C0] __slab_alloc+0x68/0xc0 [ 77.792193][ C0] kmem_cache_alloc+0x2ac/0x3e4 [ 77.792967][ C0] __alloc_file+0x30/0x240 [ 77.793660][ C0] alloc_empty_file+0xa0/0x184 [ 77.794356][ C0] path_openat+0xcc/0x26e4 [ 77.795055][ C0] do_filp_open+0x164/0x330 [ 77.795777][ C0] do_sys_openat2+0x128/0x3d8 [ 77.796523][ C0] __arm64_sys_openat+0x120/0x154 [ 77.797323][ C0] invoke_syscall+0x98/0x2b8 [ 77.798067][ C0] el0_svc_common+0x138/0x258 [ 77.798777][ C0] do_el0_svc+0x58/0x14c [ 77.799406][ C0] el0_svc+0x78/0x1e0 [ 77.800030][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 77.800793][ C0] el0t_64_sync+0x1a0/0x1a4 [ 77.801432][ C0] irq event stamp: 346070 [ 77.802063][ C0] hardirqs last enabled at (346069): [] ___slab_alloc+0x2d8/0xda8 [ 77.803502][ C0] hardirqs last disabled at (346070): [] enter_el1_irq_or_nmi+0x10/0x1c [ 77.804917][ C0] softirqs last enabled at (346040): [] local_bh_enable+0x10/0x34 [ 77.806310][ C0] softirqs last disabled at (346038): [] local_bh_disable+0x10/0x34 [ 77.807777][ C0] ---[ end trace 9e056b27e87ea93c ]--- [ 77.866278][ T5131] loop0: detected capacity change from 0 to 128 [ 77.959400][ T5131] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 77.960545][ T5131] Bad inode number on dev loop0: 2 is out of range [ 77.961496][ T5131] SysV FS: get root inode failed [ 77.962188][ T5131] oldfs: cannot read superblock [ 77.986055][ T5032] ------------[ cut here ]------------ [ 77.987035][ T5032] VFS: brelse: Trying to free free buffer [ 77.987989][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 77.989427][ T5032] Modules linked in: [ 77.990018][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 77.991304][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 77.992779][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 77.993931][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 77.994707][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 77.995520][ T5032] sp : ffff80001fd877c0 [ 77.996177][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 77.997360][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 77.998519][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2846970 [ 77.999731][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 78.000864][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.002225][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.003578][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 78.004896][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.006153][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.007365][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.008565][ T5032] Call trace: [ 78.009017][ T5032] invalidate_bh_lru+0x128/0x234 [ 78.009730][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 78.010624][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.011448][ T5032] invalidate_bh_lrus+0x34/0x40 [ 78.012187][ T5032] blkdev_flush_mapping+0x168/0x31c [ 78.012929][ T5032] blkdev_put+0x490/0x6ac [ 78.013623][ T5032] blkdev_close+0x74/0xb0 [ 78.014240][ T5032] __fput+0x1c0/0x7f8 [ 78.014863][ T5032] ____fput+0x20/0x30 [ 78.015441][ T5032] task_work_run+0x12c/0x1e0 [ 78.016148][ T5032] do_notify_resume+0x24b4/0x3128 [ 78.016887][ T5032] el0_svc+0xf0/0x1e0 [ 78.017498][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 78.018230][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 78.018965][ T5032] irq event stamp: 228008 [ 78.019666][ T5032] hardirqs last enabled at (228007): [] kasan_quarantine_put+0xc4/0x204 [ 78.021278][ T5032] hardirqs last disabled at (228008): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.022916][ T5032] softirqs last enabled at (227730): [] local_bh_enable+0x10/0x34 [ 78.024367][ T5032] softirqs last disabled at (227728): [] local_bh_disable+0x10/0x34 [ 78.025879][ T5032] ---[ end trace 9e056b27e87ea93d ]--- [ 78.087195][ T5135] loop0: detected capacity change from 0 to 128 [ 78.090055][ T5135] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.091287][ T5135] Bad inode number on dev loop0: 2 is out of range [ 78.092242][ T5135] SysV FS: get root inode failed [ 78.093010][ T5135] oldfs: cannot read superblock [ 78.096592][ T5032] ------------[ cut here ]------------ [ 78.097432][ T5032] VFS: brelse: Trying to free free buffer [ 78.098304][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.099493][ T5032] Modules linked in: [ 78.100010][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 78.101351][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.102995][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.104189][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 78.105044][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 78.105909][ T5032] sp : ffff80001fd877c0 [ 78.106552][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 78.107801][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 78.109204][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2846d10 [ 78.110560][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 78.111818][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.113130][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.114408][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 78.115651][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.116868][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.118278][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.119700][ T5032] Call trace: [ 78.120210][ T5032] invalidate_bh_lru+0x128/0x234 [ 78.120976][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 78.121868][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.122673][ T5032] invalidate_bh_lrus+0x34/0x40 [ 78.123408][ T5032] blkdev_flush_mapping+0x168/0x31c [ 78.124164][ T5032] blkdev_put+0x490/0x6ac [ 78.124836][ T5032] blkdev_close+0x74/0xb0 [ 78.125543][ T5032] __fput+0x1c0/0x7f8 [ 78.126147][ T5032] ____fput+0x20/0x30 [ 78.126726][ T5032] task_work_run+0x12c/0x1e0 [ 78.127533][ T5032] do_notify_resume+0x24b4/0x3128 [ 78.128317][ T5032] el0_svc+0xf0/0x1e0 [ 78.128953][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 78.129772][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 78.130500][ T5032] irq event stamp: 231710 [ 78.131162][ T5032] hardirqs last enabled at (231709): [] kasan_quarantine_put+0xc4/0x204 [ 78.132649][ T5032] hardirqs last disabled at (231710): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.134341][ T5032] softirqs last enabled at (231444): [] local_bh_enable+0x10/0x34 [ 78.135770][ T5032] softirqs last disabled at (231442): [] local_bh_disable+0x10/0x34 [ 78.137231][ T5032] ---[ end trace 9e056b27e87ea93e ]--- [ 78.173146][ T5137] loop0: detected capacity change from 0 to 128 [ 78.175987][ T5137] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.177211][ T5137] Bad inode number on dev loop0: 2 is out of range [ 78.178243][ T5137] SysV FS: get root inode failed [ 78.179026][ T5137] oldfs: cannot read superblock [ 78.183518][ C1] ------------[ cut here ]------------ [ 78.184289][ C1] VFS: brelse: Trying to free free buffer [ 78.185216][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.186476][ C1] Modules linked in: [ 78.187054][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.188330][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.189836][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.190993][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.191794][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.192555][ C1] sp : ffff800008017de0 [ 78.193141][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45c [ 78.194459][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.195812][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2849148 [ 78.197135][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.198510][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.199892][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.201163][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 78.202415][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.203723][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.204939][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.206261][ C1] Call trace: [ 78.206768][ C1] invalidate_bh_lru+0x128/0x234 [ 78.207552][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.208437][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.209451][ C1] ipi_handler+0x10c/0x710 [ 78.210083][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.210956][ C1] handle_domain_irq+0x144/0x1fc [ 78.211711][ C1] gic_handle_irq+0x78/0x1c8 [ 78.212339][ C1] call_on_irq_stack+0x30/0x48 [ 78.213003][ C1] do_interrupt_handler+0x6c/0x88 [ 78.213753][ C1] el1_interrupt+0x30/0x58 [ 78.214388][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.215128][ C1] el1h_64_irq+0x78/0x7c [ 78.215772][ C1] ___cache_free+0x48/0x1bc [ 78.216426][ C1] qlink_free+0x5c/0xa4 [ 78.217021][ C1] qlist_free_all+0x40/0xa8 [ 78.217675][ C1] kasan_quarantine_reduce+0x124/0x130 [ 78.218455][ C1] __kasan_slab_alloc+0x34/0xcc [ 78.219174][ C1] slab_post_alloc_hook+0x74/0x408 [ 78.219941][ C1] __kmalloc+0x208/0x44c [ 78.220561][ C1] tomoyo_encode+0x274/0x4a4 [ 78.221238][ C1] tomoyo_realpath_from_path+0x4bc/0x510 [ 78.222084][ C1] tomoyo_path_perm+0x1b4/0x440 [ 78.222833][ C1] tomoyo_inode_getattr+0x28/0x38 [ 78.223537][ C1] security_inode_getattr+0xd8/0x124 [ 78.224297][ C1] vfs_statx+0x118/0x458 [ 78.224996][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 78.225880][ C1] invoke_syscall+0x98/0x2b8 [ 78.226618][ C1] el0_svc_common+0x138/0x258 [ 78.227378][ C1] do_el0_svc+0x58/0x14c [ 78.228046][ C1] el0_svc+0x78/0x1e0 [ 78.228667][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.229448][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.230157][ C1] irq event stamp: 359676 [ 78.230808][ C1] hardirqs last enabled at (359675): [] put_cpu_partial+0x188/0x218 [ 78.232241][ C1] hardirqs last disabled at (359676): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.233650][ C1] softirqs last enabled at (358184): [] local_bh_enable+0x10/0x34 [ 78.235045][ C1] softirqs last disabled at (358182): [] local_bh_disable+0x10/0x34 [ 78.236496][ C1] ---[ end trace 9e056b27e87ea93f ]--- [ 78.262448][ T5139] loop0: detected capacity change from 0 to 128 [ 78.265176][ T5139] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.266249][ T5139] Bad inode number on dev loop0: 2 is out of range [ 78.267246][ T5139] SysV FS: get root inode failed [ 78.267982][ T5139] oldfs: cannot read superblock [ 78.275349][ C1] ------------[ cut here ]------------ [ 78.276172][ C1] VFS: brelse: Trying to free free buffer [ 78.277087][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.278430][ C1] Modules linked in: [ 78.278956][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.280211][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.281559][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.282735][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.283503][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.284248][ C1] sp : ffff800008017de0 [ 78.284834][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45c [ 78.286151][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.287375][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28494e8 [ 78.288625][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.289772][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.290999][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.292241][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 78.293472][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.294729][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.296006][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.297273][ C1] Call trace: [ 78.297829][ C1] invalidate_bh_lru+0x128/0x234 [ 78.298636][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.299515][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.300594][ C1] ipi_handler+0x10c/0x710 [ 78.301202][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.301961][ C1] handle_domain_irq+0x144/0x1fc [ 78.302750][ C1] gic_handle_irq+0x78/0x1c8 [ 78.303475][ C1] call_on_irq_stack+0x30/0x48 [ 78.304261][ C1] do_interrupt_handler+0x6c/0x88 [ 78.305014][ C1] el1_interrupt+0x30/0x58 [ 78.305755][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.306519][ C1] el1h_64_irq+0x78/0x7c [ 78.307128][ C1] kasan_check_range+0x1cc/0x2b0 [ 78.307849][ C1] memcpy+0xb4/0xe8 [ 78.308411][ C1] copy_mm+0x6e0/0x1090 [ 78.309082][ C1] copy_process+0x14d8/0x34ac [ 78.309766][ C1] kernel_clone+0x1d8/0x9d4 [ 78.310432][ C1] __arm64_sys_clone+0x138/0x190 [ 78.311183][ C1] invoke_syscall+0x98/0x2b8 [ 78.311958][ C1] el0_svc_common+0x138/0x258 [ 78.312726][ C1] do_el0_svc+0x58/0x14c [ 78.313425][ C1] el0_svc+0x78/0x1e0 [ 78.314110][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.314940][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.315632][ C1] irq event stamp: 365680 [ 78.316352][ C1] hardirqs last enabled at (365679): [] pte_alloc_one+0x194/0x258 [ 78.317899][ C1] hardirqs last disabled at (365680): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.319432][ C1] softirqs last enabled at (365522): [] local_bh_enable+0x10/0x34 [ 78.320866][ C1] softirqs last disabled at (365520): [] local_bh_disable+0x10/0x34 [ 78.322319][ C1] ---[ end trace 9e056b27e87ea940 ]--- [ 78.347385][ T5141] loop0: detected capacity change from 0 to 128 [ 78.350952][ T5141] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.352131][ T5141] Bad inode number on dev loop0: 2 is out of range [ 78.353154][ T5141] SysV FS: get root inode failed [ 78.353981][ T5141] oldfs: cannot read superblock [ 78.361629][ C0] ------------[ cut here ]------------ [ 78.362591][ C0] VFS: brelse: Trying to free free buffer [ 78.363519][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.364883][ C0] Modules linked in: [ 78.365475][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.366850][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.368448][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.369604][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.370414][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.371209][ C0] sp : ffff800008007de0 [ 78.371826][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 78.373132][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 78.374398][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2bfee0 [ 78.375696][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.376899][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.378114][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.379296][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 78.380437][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.381651][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.383012][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.384372][ C0] Call trace: [ 78.384885][ C0] invalidate_bh_lru+0x128/0x234 [ 78.385676][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.386656][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.387708][ C0] ipi_handler+0x10c/0x710 [ 78.388390][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.389231][ C0] handle_domain_irq+0x144/0x1fc [ 78.389965][ C0] gic_handle_irq+0x78/0x1c8 [ 78.390607][ C0] call_on_irq_stack+0x30/0x48 [ 78.391329][ C0] do_interrupt_handler+0x6c/0x88 [ 78.392005][ C0] el1_interrupt+0x30/0x58 [ 78.392644][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.393391][ C0] el1h_64_irq+0x78/0x7c [ 78.394042][ C0] __sanitizer_cov_trace_pc+0xa8/0xac [ 78.394838][ C0] translate_table+0xe4c/0x1850 [ 78.395527][ C0] do_ip6t_set_ctl+0xa10/0xe00 [ 78.396200][ C0] nf_setsockopt+0x270/0x290 [ 78.396847][ C0] ipv6_setsockopt+0x1a18/0x36dc [ 78.397574][ C0] tcp_setsockopt+0x1d4/0x1bf4 [ 78.398299][ C0] sock_common_setsockopt+0xb0/0xcc [ 78.399042][ C0] __sys_setsockopt+0x260/0x36c [ 78.399793][ C0] __arm64_sys_setsockopt+0xb8/0xd4 [ 78.400546][ C0] invoke_syscall+0x98/0x2b8 [ 78.401215][ C0] el0_svc_common+0x138/0x258 [ 78.401860][ C0] do_el0_svc+0x58/0x14c [ 78.402456][ C0] el0_svc+0x78/0x1e0 [ 78.403028][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.403798][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.404436][ C0] irq event stamp: 368474 [ 78.405074][ C0] hardirqs last enabled at (368473): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 78.406526][ C0] hardirqs last disabled at (368474): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.407916][ C0] softirqs last enabled at (368466): [] release_sock+0x1d0/0x258 [ 78.409226][ C0] softirqs last disabled at (368464): [] release_sock+0x34/0x258 [ 78.410557][ C0] ---[ end trace 9e056b27e87ea941 ]--- [ 78.438012][ T5143] loop0: detected capacity change from 0 to 128 [ 78.446367][ T5143] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.447500][ T5143] Bad inode number on dev loop0: 2 is out of range [ 78.448435][ T5143] SysV FS: get root inode failed [ 78.449201][ T5143] oldfs: cannot read superblock [ 78.454679][ C0] ------------[ cut here ]------------ [ 78.455525][ C0] VFS: brelse: Trying to free free buffer [ 78.456452][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.457810][ C0] Modules linked in: [ 78.458439][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.459917][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.461487][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.462609][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.463419][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.464259][ C0] sp : ffff800008007de0 [ 78.464865][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625b [ 78.466103][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 78.467320][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2869d10 [ 78.468574][ C0] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000010003 [ 78.469790][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.471005][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.472210][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 78.473387][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.474601][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.475743][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.476905][ C0] Call trace: [ 78.477369][ C0] invalidate_bh_lru+0x128/0x234 [ 78.478079][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.478967][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.479968][ C0] ipi_handler+0x10c/0x710 [ 78.480587][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.481410][ C0] handle_domain_irq+0x144/0x1fc [ 78.482179][ C0] gic_handle_irq+0x78/0x1c8 [ 78.482865][ C0] call_on_irq_stack+0x30/0x48 [ 78.483550][ C0] do_interrupt_handler+0x6c/0x88 [ 78.484332][ C0] el1_interrupt+0x30/0x58 [ 78.484977][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.485674][ C0] el1h_64_irq+0x78/0x7c [ 78.486330][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 78.487173][ C0] debug_object_active_state+0x16c/0x34c [ 78.488015][ C0] call_rcu+0x6c/0x8fc [ 78.488575][ C0] evict+0x748/0x810 [ 78.489117][ C0] iput+0x6c4/0x77c [ 78.489690][ C0] do_unlinkat+0x360/0x600 [ 78.490317][ C0] __arm64_sys_unlinkat+0xe0/0xfc [ 78.490998][ C0] invoke_syscall+0x98/0x2b8 [ 78.491641][ C0] el0_svc_common+0x138/0x258 [ 78.492312][ C0] do_el0_svc+0x58/0x14c [ 78.492926][ C0] el0_svc+0x78/0x1e0 [ 78.493511][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.494225][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.494867][ C0] irq event stamp: 370430 [ 78.495544][ C0] hardirqs last enabled at (370429): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 78.497120][ C0] hardirqs last disabled at (370430): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.498545][ C0] softirqs last enabled at (370372): [] handle_softirqs+0xa4c/0xbf0 [ 78.499976][ C0] softirqs last disabled at (370367): [] __irq_exit_rcu+0x240/0x440 [ 78.501299][ C0] ---[ end trace 9e056b27e87ea942 ]--- [ 78.521873][ T5145] loop0: detected capacity change from 0 to 128 [ 78.524936][ T5145] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.526040][ T5145] Bad inode number on dev loop0: 2 is out of range [ 78.527009][ T5145] SysV FS: get root inode failed [ 78.527688][ T5145] oldfs: cannot read superblock [ 78.532041][ C1] ------------[ cut here ]------------ [ 78.532841][ C1] VFS: brelse: Trying to free free buffer [ 78.533730][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.534987][ C1] Modules linked in: [ 78.535655][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.537170][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.538876][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.540092][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.540923][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.541779][ C1] sp : ffff800008017de0 [ 78.542413][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45c [ 78.543639][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.544862][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2849888 [ 78.546100][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.547306][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.548501][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.549661][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 78.550832][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.552027][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.553278][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.554490][ C1] Call trace: [ 78.554965][ C1] invalidate_bh_lru+0x128/0x234 [ 78.555730][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.556610][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.557606][ C1] ipi_handler+0x10c/0x710 [ 78.558297][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.559134][ C1] handle_domain_irq+0x144/0x1fc [ 78.559927][ C1] gic_handle_irq+0x78/0x1c8 [ 78.560623][ C1] call_on_irq_stack+0x30/0x48 [ 78.561327][ C1] do_interrupt_handler+0x6c/0x88 [ 78.562080][ C1] el1_interrupt+0x30/0x58 [ 78.562735][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.563437][ C1] el1h_64_irq+0x78/0x7c [ 78.564067][ C1] kasan_quarantine_put+0xd4/0x204 [ 78.564825][ C1] ____kasan_slab_free+0x124/0x164 [ 78.565547][ C1] __kasan_slab_free+0x18/0x28 [ 78.566211][ C1] slab_free_freelist_hook+0x128/0x1e8 [ 78.567059][ C1] kfree+0x170/0x40c [ 78.567648][ C1] tomoyo_path_perm+0x334/0x440 [ 78.568340][ C1] tomoyo_inode_getattr+0x28/0x38 [ 78.569135][ C1] security_inode_getattr+0xd8/0x124 [ 78.569900][ C1] vfs_statx+0x118/0x458 [ 78.570564][ C1] __arm64_sys_newfstatat+0x10c/0x190 [ 78.571396][ C1] invoke_syscall+0x98/0x2b8 [ 78.572109][ C1] el0_svc_common+0x138/0x258 [ 78.572818][ C1] do_el0_svc+0x58/0x14c [ 78.573474][ C1] el0_svc+0x78/0x1e0 [ 78.574063][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.574816][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.575513][ C1] irq event stamp: 373528 [ 78.576159][ C1] hardirqs last enabled at (373527): [] kasan_quarantine_put+0xc4/0x204 [ 78.577606][ C1] hardirqs last disabled at (373528): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.579042][ C1] softirqs last enabled at (372890): [] local_bh_enable+0x10/0x34 [ 78.580652][ C1] softirqs last disabled at (372888): [] local_bh_disable+0x10/0x34 [ 78.582189][ C1] ---[ end trace 9e056b27e87ea943 ]--- [ 78.613349][ T5147] loop0: detected capacity change from 0 to 128 [ 78.615693][ T5147] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.616842][ T5147] Bad inode number on dev loop0: 2 is out of range [ 78.617903][ T5147] SysV FS: get root inode failed [ 78.618711][ T5147] oldfs: cannot read superblock [ 78.629219][ T5149] ------------[ cut here ]------------ [ 78.630099][ T5149] VFS: brelse: Trying to free free buffer [ 78.631045][ T5149] WARNING: CPU: 0 PID: 5149 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.632433][ T5149] Modules linked in: [ 78.633065][ T5149] CPU: 0 PID: 5149 Comm: syz.0.84 Tainted: G W syzkaller #0 [ 78.634625][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.636066][ T5149] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.637257][ T5149] pc : invalidate_bh_lru+0x128/0x234 [ 78.638093][ T5149] lr : invalidate_bh_lru+0x128/0x234 [ 78.638910][ T5149] sp : ffff80001fe377c0 [ 78.639538][ T5149] x29: ffff80001fe377c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 78.640755][ T5149] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 78.641986][ T5149] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286f148 [ 78.643189][ T5149] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 78.644376][ T5149] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.645650][ T5149] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.646919][ T5149] x11: 0000000000000002 x10: 0000000000000000 x9 : 5e3dc4711f052400 [ 78.648067][ T5149] x8 : 5e3dc4711f052400 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.649217][ T5149] x5 : ffff80001fe370b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.650464][ T5149] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 78.651715][ T5149] Call trace: [ 78.652170][ T5149] invalidate_bh_lru+0x128/0x234 [ 78.652898][ T5149] smp_call_function_many_cond+0xa50/0xeb0 [ 78.653798][ T5149] on_each_cpu_cond_mask+0x5c/0xc4 [ 78.654543][ T5149] invalidate_bh_lrus+0x34/0x40 [ 78.655216][ T5149] blkdev_flush_mapping+0x168/0x31c [ 78.655963][ T5149] blkdev_put+0x490/0x6ac [ 78.656576][ T5149] blkdev_close+0x74/0xb0 [ 78.657246][ T5149] __fput+0x1c0/0x7f8 [ 78.657871][ T5149] ____fput+0x20/0x30 [ 78.658488][ T5149] task_work_run+0x12c/0x1e0 [ 78.659231][ T5149] do_notify_resume+0x24b4/0x3128 [ 78.660021][ T5149] el0_svc+0xf0/0x1e0 [ 78.660649][ T5149] el0t_64_sync_handler+0xcc/0xe4 [ 78.661455][ T5149] el0t_64_sync+0x1a0/0x1a4 [ 78.662111][ T5149] irq event stamp: 748 [ 78.662708][ T5149] hardirqs last enabled at (747): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 78.664230][ T5149] hardirqs last disabled at (748): [] smp_call_function_many_cond+0xa44/0xeb0 [ 78.665821][ T5149] softirqs last enabled at (720): [] local_bh_enable+0x10/0x34 [ 78.667269][ T5149] softirqs last disabled at (718): [] local_bh_disable+0x10/0x34 [ 78.668616][ T5149] ---[ end trace 9e056b27e87ea944 ]--- [ 78.725525][ T5151] loop0: detected capacity change from 0 to 128 [ 78.799802][ T5151] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.801037][ T5151] Bad inode number on dev loop0: 2 is out of range [ 78.802039][ T5151] SysV FS: get root inode failed [ 78.802952][ T5151] oldfs: cannot read superblock [ 78.805468][ C1] ------------[ cut here ]------------ [ 78.806267][ C1] VFS: brelse: Trying to free free buffer [ 78.807156][ C1] WARNING: CPU: 1 PID: 5151 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.808399][ C1] Modules linked in: [ 78.808947][ C1] CPU: 1 PID: 5151 Comm: syz.0.85 Tainted: G W syzkaller #0 [ 78.810150][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.811676][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.812777][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 78.813600][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 78.814348][ C1] sp : ffff800008017de0 [ 78.814958][ C1] x29: ffff800008017de0 x28: ffff0000d7801b40 x27: 1fffe0003421a45c [ 78.816130][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 78.817506][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2849c28 [ 78.818856][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 78.820229][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.821550][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.822906][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : e9b400612a803600 [ 78.824132][ C1] x8 : e9b400612a803600 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.825379][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.826599][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 78.827832][ C1] Call trace: [ 78.828309][ C1] invalidate_bh_lru+0x128/0x234 [ 78.829039][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 78.829935][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.831061][ C1] ipi_handler+0x10c/0x710 [ 78.831772][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 78.832653][ C1] handle_domain_irq+0x144/0x1fc [ 78.833349][ C1] gic_handle_irq+0x78/0x1c8 [ 78.834112][ C1] call_on_irq_stack+0x30/0x48 [ 78.834847][ C1] do_interrupt_handler+0x6c/0x88 [ 78.835597][ C1] el1_interrupt+0x30/0x58 [ 78.836271][ C1] el1h_64_irq_handler+0x18/0x24 [ 78.837035][ C1] el1h_64_irq+0x78/0x7c [ 78.837695][ C1] lock_page_memcg+0x120/0x234 [ 78.838510][ C1] page_remove_rmap+0x3c/0xfd0 [ 78.839241][ C1] unmap_page_range+0xbb4/0x1958 [ 78.839981][ C1] unmap_single_vma+0x13c/0x1e4 [ 78.840687][ C1] unmap_vmas+0x104/0x200 [ 78.841275][ C1] exit_mmap+0x2a8/0x4e0 [ 78.841940][ C1] __mmput+0xec/0x3b8 [ 78.842547][ C1] mmput+0x80/0xc8 [ 78.843153][ C1] exit_mm+0x4a0/0x684 [ 78.843791][ C1] do_exit+0x4ec/0x1f58 [ 78.844479][ C1] do_group_exit+0x100/0x268 [ 78.845246][ C1] get_signal+0x73c/0x1340 [ 78.845948][ C1] do_notify_resume+0x35c/0x3128 [ 78.846792][ C1] el0_svc+0xf0/0x1e0 [ 78.847473][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 78.848338][ C1] el0t_64_sync+0x1a0/0x1a4 [ 78.849042][ C1] irq event stamp: 2214 [ 78.849666][ C1] hardirqs last enabled at (2213): [] lock_page_memcg+0x110/0x234 [ 78.851107][ C1] hardirqs last disabled at (2214): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.852738][ C1] softirqs last enabled at (1210): [] local_bh_enable+0x10/0x34 [ 78.854240][ C1] softirqs last disabled at (1208): [] local_bh_disable+0x10/0x34 [ 78.855725][ C1] ---[ end trace 9e056b27e87ea945 ]--- [ 78.891809][ T5153] loop0: detected capacity change from 0 to 128 [ 78.932728][ T5153] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 78.933920][ T5153] Bad inode number on dev loop0: 2 is out of range [ 78.935083][ T5153] SysV FS: get root inode failed [ 78.935807][ T5153] oldfs: cannot read superblock [ 78.940896][ C0] ------------[ cut here ]------------ [ 78.941769][ C0] VFS: brelse: Trying to free free buffer [ 78.942627][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 78.943828][ C0] Modules linked in: [ 78.944393][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 78.945787][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 78.947215][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 78.948325][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 78.949117][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 78.949894][ C0] sp : ffff800008007de0 [ 78.950508][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 78.951697][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 78.952790][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286f4e8 [ 78.953945][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 78.955136][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 78.956330][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 78.957564][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 56a9f03fd884e100 [ 78.958830][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.960083][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 78.961266][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 78.962461][ C0] Call trace: [ 78.962939][ C0] invalidate_bh_lru+0x128/0x234 [ 78.963648][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 78.964533][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 78.965541][ C0] ipi_handler+0x10c/0x710 [ 78.966158][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 78.966981][ C0] handle_domain_irq+0x144/0x1fc [ 78.967646][ C0] gic_handle_irq+0x78/0x1c8 [ 78.968261][ C0] call_on_irq_stack+0x30/0x48 [ 78.968971][ C0] do_interrupt_handler+0x6c/0x88 [ 78.969716][ C0] el1_interrupt+0x30/0x58 [ 78.970448][ C0] el1h_64_irq_handler+0x18/0x24 [ 78.971273][ C0] el1h_64_irq+0x78/0x7c [ 78.971991][ C0] sock_lock_init+0x130/0x70c [ 78.972760][ C0] sk_alloc+0xc0/0x388 [ 78.973436][ C0] inet_create+0x668/0xca4 [ 78.974132][ C0] __sock_create+0x4b0/0x8b4 [ 78.974839][ C0] __sys_socket+0xf0/0x18c [ 78.975536][ C0] __arm64_sys_socket+0x7c/0x94 [ 78.976234][ C0] invoke_syscall+0x98/0x2b8 [ 78.976906][ C0] el0_svc_common+0x138/0x258 [ 78.977588][ C0] do_el0_svc+0x58/0x14c [ 78.978300][ C0] el0_svc+0x78/0x1e0 [ 78.978898][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 78.979666][ C0] el0t_64_sync+0x1a0/0x1a4 [ 78.980301][ C0] irq event stamp: 385794 [ 78.980964][ C0] hardirqs last enabled at (385793): [] mod_objcg_mlstate+0x13c/0x228 [ 78.982364][ C0] hardirqs last disabled at (385794): [] enter_el1_irq_or_nmi+0x10/0x1c [ 78.983853][ C0] softirqs last enabled at (385746): [] release_sock+0x1d0/0x258 [ 78.985215][ C0] softirqs last disabled at (385744): [] release_sock+0x34/0x258 [ 78.986572][ C0] ---[ end trace 9e056b27e87ea946 ]--- [ 79.027353][ T5155] loop0: detected capacity change from 0 to 128 [ 79.067809][ T5155] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.069075][ T5155] Bad inode number on dev loop0: 2 is out of range [ 79.070007][ T5155] SysV FS: get root inode failed [ 79.070718][ T5155] oldfs: cannot read superblock [ 79.078276][ C1] ------------[ cut here ]------------ [ 79.079207][ C1] VFS: brelse: Trying to free free buffer [ 79.080121][ C1] WARNING: CPU: 1 PID: 5156 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.081475][ C1] Modules linked in: [ 79.082077][ C1] CPU: 1 PID: 5156 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.083445][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.084978][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.086140][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 79.086896][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 79.087659][ C1] sp : ffff800008017de0 [ 79.088291][ C1] x29: ffff800008017de0 x28: ffff0000d15651c0 x27: 1fffe0003421a45c [ 79.089495][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 79.090776][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2a5060 [ 79.092023][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010003 [ 79.093256][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.094517][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.095795][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : ddf066a144145100 [ 79.097056][ C1] x8 : ddf066a144145100 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.098321][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.099576][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.100786][ C1] Call trace: [ 79.101246][ C1] invalidate_bh_lru+0x128/0x234 [ 79.102029][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.102864][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.103837][ C1] ipi_handler+0x10c/0x710 [ 79.104501][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 79.105321][ C1] handle_domain_irq+0x144/0x1fc [ 79.106015][ C1] gic_handle_irq+0x78/0x1c8 [ 79.106695][ C1] call_on_irq_stack+0x30/0x48 [ 79.107375][ C1] do_interrupt_handler+0x6c/0x88 [ 79.108134][ C1] el1_interrupt+0x30/0x58 [ 79.108814][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.109505][ C1] el1h_64_irq+0x78/0x7c [ 79.110136][ C1] __sanitizer_cov_trace_const_cmp8+0x3c/0xc0 [ 79.111028][ C1] filemap_map_pages+0x958/0xc50 [ 79.111762][ C1] handle_mm_fault+0x19c4/0x2970 [ 79.112502][ C1] do_page_fault+0x694/0xad4 [ 79.113188][ C1] do_translation_fault+0xe0/0x130 [ 79.113961][ C1] do_mem_abort+0x6c/0x1ac [ 79.114616][ C1] el0_da+0x90/0x1fc [ 79.115185][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 79.115903][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.116534][ C1] irq event stamp: 518 [ 79.117094][ C1] hardirqs last enabled at (517): [] lock_page_memcg+0x110/0x234 [ 79.118445][ C1] hardirqs last disabled at (518): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.119895][ C1] softirqs last enabled at (418): [] local_bh_enable+0x10/0x34 [ 79.121246][ C1] softirqs last disabled at (416): [] local_bh_disable+0x10/0x34 [ 79.122700][ C1] ---[ end trace 9e056b27e87ea947 ]--- [ 79.156876][ T5157] loop0: detected capacity change from 0 to 128 [ 79.159864][ T5157] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.161087][ T5157] Bad inode number on dev loop0: 2 is out of range [ 79.162182][ T5157] SysV FS: get root inode failed [ 79.162979][ T5157] oldfs: cannot read superblock [ 79.172486][ T5032] ------------[ cut here ]------------ [ 79.173473][ T5032] VFS: brelse: Trying to free free buffer [ 79.174406][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.175706][ T5032] Modules linked in: [ 79.176304][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 79.177618][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.179134][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.180374][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 79.181200][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 79.182008][ T5032] sp : ffff80001fd877c0 [ 79.182672][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625c [ 79.183875][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.185067][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286f888 [ 79.186258][ T5032] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000000003 [ 79.187577][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.188911][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.190169][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 79.191497][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.192786][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.193978][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.195238][ T5032] Call trace: [ 79.195727][ T5032] invalidate_bh_lru+0x128/0x234 [ 79.196489][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 79.197415][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.198294][ T5032] invalidate_bh_lrus+0x34/0x40 [ 79.199112][ T5032] blkdev_flush_mapping+0x168/0x31c [ 79.200033][ T5032] blkdev_put+0x490/0x6ac [ 79.200738][ T5032] blkdev_close+0x74/0xb0 [ 79.201468][ T5032] __fput+0x1c0/0x7f8 [ 79.202116][ T5032] ____fput+0x20/0x30 [ 79.202769][ T5032] task_work_run+0x12c/0x1e0 [ 79.203540][ T5032] do_notify_resume+0x24b4/0x3128 [ 79.204370][ T5032] el0_svc+0xf0/0x1e0 [ 79.204387][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 79.204399][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 79.204406][ T5032] irq event stamp: 281706 [ 79.204409][ T5032] hardirqs last enabled at (281705): [] kasan_quarantine_put+0xc4/0x204 [ 79.204419][ T5032] hardirqs last disabled at (281706): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.210165][ T5032] softirqs last enabled at (281444): [] local_bh_enable+0x10/0x34 [ 79.211487][ T5032] softirqs last disabled at (281442): [] local_bh_disable+0x10/0x34 [ 79.212964][ T5032] ---[ end trace 9e056b27e87ea948 ]--- [ 79.254857][ T5159] loop0: detected capacity change from 0 to 128 [ 79.257131][ T5159] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.258366][ T5159] Bad inode number on dev loop0: 2 is out of range [ 79.259662][ T5159] SysV FS: get root inode failed [ 79.260680][ T5159] oldfs: cannot read superblock [ 79.268102][ C0] ------------[ cut here ]------------ [ 79.269052][ C0] VFS: brelse: Trying to free free buffer [ 79.270037][ C0] WARNING: CPU: 0 PID: 5160 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.271380][ C0] Modules linked in: [ 79.271989][ C0] CPU: 0 PID: 5160 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.273329][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.274929][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.276175][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.277005][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.277805][ C0] sp : ffff800008007de0 [ 79.278444][ C0] x29: ffff800008007de0 x28: ffff0000d80d9b40 x27: 1fffe0003421625c [ 79.279676][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.280893][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e286fc28 [ 79.282130][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.283472][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.284828][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.286144][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : bde7f4a24fbb1600 [ 79.287389][ C0] x8 : bde7f4a24fbb1600 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.288653][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.289935][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.291233][ C0] Call trace: [ 79.291774][ C0] invalidate_bh_lru+0x128/0x234 [ 79.292598][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.293487][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.294667][ C0] ipi_handler+0x10c/0x710 [ 79.295394][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.296260][ C0] handle_domain_irq+0x144/0x1fc [ 79.297005][ C0] gic_handle_irq+0x78/0x1c8 [ 79.297695][ C0] call_on_irq_stack+0x30/0x48 [ 79.298437][ C0] do_interrupt_handler+0x6c/0x88 [ 79.299147][ C0] el1_interrupt+0x30/0x58 [ 79.299809][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.300532][ C0] el1h_64_irq+0x78/0x7c [ 79.301152][ C0] unwind_frame+0x88/0x668 [ 79.301768][ C0] arch_stack_walk+0x200/0x2b4 [ 79.302452][ C0] stack_trace_save+0x94/0xd8 [ 79.303151][ C0] __kasan_kmalloc+0xb0/0xf0 [ 79.303771][ C0] __kmalloc+0x298/0x44c [ 79.304357][ C0] tomoyo_encode+0x274/0x4a4 [ 79.305074][ C0] tomoyo_path_perm+0x234/0x440 [ 79.305741][ C0] tomoyo_path_symlink+0xa8/0xec [ 79.306446][ C0] security_path_symlink+0xec/0x13c [ 79.307186][ C0] do_symlinkat+0x108/0x5a8 [ 79.307868][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 79.308564][ C0] invoke_syscall+0x98/0x2b8 [ 79.309256][ C0] el0_svc_common+0x138/0x258 [ 79.309975][ C0] do_el0_svc+0x58/0x14c [ 79.310604][ C0] el0_svc+0x78/0x1e0 [ 79.311171][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.311904][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.312561][ C0] irq event stamp: 638 [ 79.313101][ C0] hardirqs last enabled at (637): [] kasan_quarantine_put+0xc4/0x204 [ 79.314464][ C0] hardirqs last disabled at (638): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.315766][ C0] softirqs last enabled at (458): [] local_bh_enable+0x10/0x34 [ 79.317048][ C0] softirqs last disabled at (456): [] local_bh_disable+0x10/0x34 [ 79.318408][ C0] ---[ end trace 9e056b27e87ea949 ]--- [ 79.338979][ T5161] loop0: detected capacity change from 0 to 128 [ 79.341918][ T5161] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.343178][ T5161] Bad inode number on dev loop0: 2 is out of range [ 79.344307][ T5161] SysV FS: get root inode failed [ 79.345171][ T5161] oldfs: cannot read superblock [ 79.353786][ C1] ------------[ cut here ]------------ [ 79.354598][ C1] VFS: brelse: Trying to free free buffer [ 79.355519][ C1] WARNING: CPU: 1 PID: 5163 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.356805][ C1] Modules linked in: [ 79.357416][ C1] CPU: 1 PID: 5163 Comm: syz.0.91 Tainted: G W syzkaller #0 [ 79.358700][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.360238][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.361345][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 79.362161][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 79.362935][ C1] sp : ffff800008017de0 [ 79.363548][ C1] x29: ffff800008017de0 x28: ffff0000d0ce9b40 x27: 1fffe0003421a45c [ 79.364711][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 79.365980][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2a5400 [ 79.367255][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.368526][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.369708][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.370882][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : d9ca6f8bba3a0700 [ 79.372012][ C1] x8 : d9ca6f8bba3a0700 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.373153][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.374306][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.375466][ C1] Call trace: [ 79.375920][ C1] invalidate_bh_lru+0x128/0x234 [ 79.376666][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.377512][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.378520][ C1] ipi_handler+0x10c/0x710 [ 79.379171][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 79.380067][ C1] handle_domain_irq+0x144/0x1fc [ 79.380911][ C1] gic_handle_irq+0x78/0x1c8 [ 79.381644][ C1] call_on_irq_stack+0x30/0x48 [ 79.382358][ C1] do_interrupt_handler+0x6c/0x88 [ 79.383172][ C1] el0_interrupt+0x94/0x260 [ 79.383859][ C1] __el0_irq_handler_common+0x18/0x24 [ 79.384656][ C1] el0t_64_irq_handler+0x10/0x1c [ 79.385404][ C1] el0t_64_irq+0x1a0/0x1a4 [ 79.386026][ C1] irq event stamp: 166 [ 79.386550][ C1] hardirqs last enabled at (165): [] el0t_64_sync_handler+0xd8/0xe4 [ 79.388045][ C1] hardirqs last disabled at (166): [] __el0_irq_handler_common+0x18/0x24 [ 79.389651][ C1] softirqs last enabled at (8): [] local_bh_enable+0x10/0x34 [ 79.391014][ C1] softirqs last disabled at (6): [] local_bh_disable+0x10/0x34 [ 79.392370][ C1] ---[ end trace 9e056b27e87ea94a ]--- [ 79.457897][ T5163] loop0: detected capacity change from 0 to 128 [ 79.460605][ T5163] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.461701][ T5163] Bad inode number on dev loop0: 2 is out of range [ 79.462634][ T5163] SysV FS: get root inode failed [ 79.463450][ T5163] oldfs: cannot read superblock [ 79.473203][ T5032] ------------[ cut here ]------------ [ 79.474095][ T5032] VFS: brelse: Trying to free free buffer [ 79.475039][ T5032] WARNING: CPU: 0 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.476454][ T5032] Modules linked in: [ 79.477057][ T5032] CPU: 0 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 79.478291][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.479784][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.480966][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 79.481798][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 79.482598][ T5032] sp : ffff80001fd877c0 [ 79.483270][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421625b [ 79.484466][ T5032] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 79.485650][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a8a58 [ 79.486919][ T5032] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000000003 [ 79.488211][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.489373][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.490585][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 79.491824][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.493066][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.494345][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 79.495585][ T5032] Call trace: [ 79.496125][ T5032] invalidate_bh_lru+0x128/0x234 [ 79.496931][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 79.497848][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 79.498727][ T5032] invalidate_bh_lrus+0x34/0x40 [ 79.499571][ T5032] blkdev_flush_mapping+0x168/0x31c [ 79.500433][ T5032] blkdev_put+0x490/0x6ac [ 79.501152][ T5032] blkdev_close+0x74/0xb0 [ 79.501828][ T5032] __fput+0x1c0/0x7f8 [ 79.502483][ T5032] ____fput+0x20/0x30 [ 79.503148][ T5032] task_work_run+0x12c/0x1e0 [ 79.503857][ T5032] do_notify_resume+0x24b4/0x3128 [ 79.504616][ T5032] el0_svc+0xf0/0x1e0 [ 79.505241][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 79.506041][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 79.506722][ T5032] irq event stamp: 298106 [ 79.507372][ T5032] hardirqs last enabled at (298105): [] kasan_quarantine_put+0xc4/0x204 [ 79.508854][ T5032] hardirqs last disabled at (298106): [] smp_call_function_many_cond+0xa44/0xeb0 [ 79.510459][ T5032] softirqs last enabled at (297840): [] local_bh_enable+0x10/0x34 [ 79.511796][ T5032] softirqs last disabled at (297838): [] local_bh_disable+0x10/0x34 [ 79.513257][ T5032] ---[ end trace 9e056b27e87ea94b ]--- [ 79.557368][ T5165] loop0: detected capacity change from 0 to 128 [ 79.595739][ T5165] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.596864][ T5165] Bad inode number on dev loop0: 2 is out of range [ 79.597782][ T5165] SysV FS: get root inode failed [ 79.598635][ T5165] oldfs: cannot read superblock [ 79.608624][ C1] ------------[ cut here ]------------ [ 79.609541][ C1] VFS: brelse: Trying to free free buffer [ 79.610442][ C1] WARNING: CPU: 1 PID: 5166 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.611819][ C1] Modules linked in: [ 79.612425][ C1] CPU: 1 PID: 5166 Comm: syz.0.93 Tainted: G W syzkaller #0 [ 79.613707][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.615181][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.616353][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 79.617134][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 79.617932][ C1] sp : ffff800008017de0 [ 79.618587][ C1] x29: ffff800008017de0 x28: ffff0000d8490000 x27: 1fffe0003421a45c [ 79.619869][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 79.621132][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2a57a0 [ 79.622433][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.623745][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.624950][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.626191][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 6df92769f0c9f300 [ 79.627438][ C1] x8 : 6df92769f0c9f300 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.628606][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.629763][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.631031][ C1] Call trace: [ 79.631525][ C1] invalidate_bh_lru+0x128/0x234 [ 79.632249][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 79.633167][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.634173][ C1] ipi_handler+0x10c/0x710 [ 79.634795][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 79.635585][ C1] handle_domain_irq+0x144/0x1fc [ 79.636345][ C1] gic_handle_irq+0x78/0x1c8 [ 79.637075][ C1] call_on_irq_stack+0x30/0x48 [ 79.637922][ C1] do_interrupt_handler+0x6c/0x88 [ 79.638743][ C1] el1_interrupt+0x30/0x58 [ 79.639453][ C1] el1h_64_irq_handler+0x18/0x24 [ 79.640207][ C1] el1h_64_irq+0x78/0x7c [ 79.640913][ C1] count_memcg_event_mm+0x1d0/0x308 [ 79.641714][ C1] handle_mm_fault+0x1a0/0x2970 [ 79.642431][ C1] do_page_fault+0x694/0xad4 [ 79.643117][ C1] do_translation_fault+0xe0/0x130 [ 79.643936][ C1] do_mem_abort+0x6c/0x1ac [ 79.644604][ C1] el0_ia+0xe0/0x2d0 [ 79.645174][ C1] el0t_64_sync_handler+0xc0/0xe4 [ 79.645927][ C1] el0t_64_sync+0x1a0/0x1a4 [ 79.646567][ C1] irq event stamp: 1354 [ 79.647171][ C1] hardirqs last enabled at (1353): [] count_memcg_event_mm+0x1b0/0x308 [ 79.648619][ C1] hardirqs last disabled at (1354): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.650146][ C1] softirqs last enabled at (1104): [] local_bh_enable+0x10/0x34 [ 79.651746][ C1] softirqs last disabled at (1102): [] local_bh_disable+0x10/0x34 [ 79.653209][ C1] ---[ end trace 9e056b27e87ea94c ]--- [ 79.707069][ T5167] loop0: detected capacity change from 0 to 128 [ 79.748441][ T5167] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.749673][ T5167] Bad inode number on dev loop0: 2 is out of range [ 79.750779][ T5167] SysV FS: get root inode failed [ 79.752028][ T5167] oldfs: cannot read superblock [ 79.760058][ C0] ------------[ cut here ]------------ [ 79.760981][ C0] VFS: brelse: Trying to free free buffer [ 79.761903][ C0] WARNING: CPU: 0 PID: 5168 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.763334][ C0] Modules linked in: [ 79.763940][ C0] CPU: 0 PID: 5168 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.765384][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.766968][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.768141][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.768942][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.769738][ C0] sp : ffff800008007de0 [ 79.770334][ C0] x29: ffff800008007de0 x28: ffff0000d0ce8000 x27: 1fffe0003421625c [ 79.771583][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.772756][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a8df8 [ 79.773959][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 79.775261][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.776398][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.777623][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 103e9e70579d5700 [ 79.778864][ C0] x8 : 103e9e70579d5700 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.780053][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.781259][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 79.782460][ C0] Call trace: [ 79.782923][ C0] invalidate_bh_lru+0x128/0x234 [ 79.783676][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.784581][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.785711][ C0] ipi_handler+0x10c/0x710 [ 79.786331][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.787164][ C0] handle_domain_irq+0x144/0x1fc [ 79.787917][ C0] gic_handle_irq+0x78/0x1c8 [ 79.788568][ C0] call_on_irq_stack+0x30/0x48 [ 79.789308][ C0] do_interrupt_handler+0x6c/0x88 [ 79.790082][ C0] el1_interrupt+0x30/0x58 [ 79.790707][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.791474][ C0] el1h_64_irq+0x78/0x7c [ 79.792099][ C0] tomoyo_check_acl+0x26c/0x378 [ 79.792812][ C0] tomoyo_path_permission+0x164/0x310 [ 79.793634][ C0] tomoyo_path_perm+0x270/0x440 [ 79.794323][ C0] tomoyo_path_symlink+0xa8/0xec [ 79.795009][ C0] security_path_symlink+0xec/0x13c [ 79.795702][ C0] do_symlinkat+0x108/0x5a8 [ 79.796349][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 79.797181][ C0] invoke_syscall+0x98/0x2b8 [ 79.797898][ C0] el0_svc_common+0x138/0x258 [ 79.798623][ C0] do_el0_svc+0x58/0x14c [ 79.799281][ C0] el0_svc+0x78/0x1e0 [ 79.799895][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 79.800715][ C0] el0t_64_sync+0x1a0/0x1a4 [ 79.801375][ C0] irq event stamp: 706 [ 79.802030][ C0] hardirqs last enabled at (705): [] kasan_quarantine_put+0xc4/0x204 [ 79.803542][ C0] hardirqs last disabled at (706): [] enter_el1_irq_or_nmi+0x10/0x1c [ 79.805060][ C0] softirqs last enabled at (462): [] local_bh_enable+0x10/0x34 [ 79.806454][ C0] softirqs last disabled at (460): [] local_bh_disable+0x10/0x34 [ 79.807822][ C0] ---[ end trace 9e056b27e87ea94d ]--- [ 79.854947][ T5169] loop0: detected capacity change from 0 to 128 [ 79.950199][ T5169] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 79.951401][ T5169] Bad inode number on dev loop0: 2 is out of range [ 79.952481][ T5169] SysV FS: get root inode failed [ 79.953316][ T5169] oldfs: cannot read superblock [ 79.960789][ C0] ------------[ cut here ]------------ [ 79.961656][ C0] VFS: brelse: Trying to free free buffer [ 79.962617][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 79.964021][ C0] Modules linked in: [ 79.964641][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 79.966001][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 79.967487][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 79.968726][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 79.969516][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 79.970311][ C0] sp : ffff800008007de0 [ 79.970974][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 79.972318][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 79.973613][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e285cc28 [ 79.974883][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 79.976169][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 79.977428][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 79.978669][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 79.979914][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 79.981113][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 79.982360][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 79.983544][ C0] Call trace: [ 79.984081][ C0] invalidate_bh_lru+0x128/0x234 [ 79.984749][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 79.985671][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 79.986667][ C0] ipi_handler+0x10c/0x710 [ 79.987356][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 79.988126][ C0] handle_domain_irq+0x144/0x1fc [ 79.988836][ C0] gic_handle_irq+0x78/0x1c8 [ 79.989486][ C0] call_on_irq_stack+0x30/0x48 [ 79.990255][ C0] do_interrupt_handler+0x6c/0x88 [ 79.991041][ C0] el1_interrupt+0x30/0x58 [ 79.991723][ C0] el1h_64_irq_handler+0x18/0x24 [ 79.992450][ C0] el1h_64_irq+0x78/0x7c [ 79.993101][ C0] rcu_lockdep_current_cpu_online+0xcc/0x1e0 [ 79.993998][ C0] rcu_read_lock_held+0x20/0x50 [ 79.994737][ C0] get_obj_cgroup_from_current+0x2f4/0x524 [ 79.995633][ C0] slab_pre_alloc_hook+0xa8/0xec [ 79.996391][ C0] kmem_cache_alloc+0x94/0x3e4 [ 79.997099][ C0] anon_vma_fork+0x190/0x49c [ 79.997822][ C0] copy_mm+0x7bc/0x1090 [ 79.998437][ C0] copy_process+0x14d8/0x34ac [ 79.999083][ C0] kernel_clone+0x1d8/0x9d4 [ 79.999745][ C0] __arm64_sys_clone+0x138/0x190 [ 80.000474][ C0] invoke_syscall+0x98/0x2b8 [ 80.001145][ C0] el0_svc_common+0x138/0x258 [ 80.001778][ C0] do_el0_svc+0x58/0x14c [ 80.002381][ C0] el0_svc+0x78/0x1e0 [ 80.002987][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.003677][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.004326][ C0] irq event stamp: 411058 [ 80.004913][ C0] hardirqs last enabled at (411057): [] mod_objcg_mlstate+0x13c/0x228 [ 80.006341][ C0] hardirqs last disabled at (411058): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.007901][ C0] softirqs last enabled at (410924): [] local_bh_enable+0x10/0x34 [ 80.009288][ C0] softirqs last disabled at (410922): [] local_bh_disable+0x10/0x34 [ 80.010677][ C0] ---[ end trace 9e056b27e87ea94e ]--- [ 80.037701][ T5171] loop0: detected capacity change from 0 to 128 [ 80.082141][ T5171] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.083324][ T5171] Bad inode number on dev loop0: 2 is out of range [ 80.084732][ T5171] SysV FS: get root inode failed [ 80.085563][ T5171] oldfs: cannot read superblock [ 80.090068][ C1] ------------[ cut here ]------------ [ 80.091009][ C1] VFS: brelse: Trying to free free buffer [ 80.092015][ C1] WARNING: CPU: 1 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.093464][ C1] Modules linked in: [ 80.094064][ C1] CPU: 1 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.095423][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.096972][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.098155][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.099029][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.099837][ C1] sp : ffff800008017de0 [ 80.100541][ C1] x29: ffff800008017de0 x28: ffff0000de341b40 x27: 1fffe0003421a45b [ 80.101708][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 80.102919][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2a5b40 [ 80.104117][ C1] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000010003 [ 80.105305][ C1] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.106504][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.107784][ C1] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 80.108970][ C1] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.110218][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.111405][ C1] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.112599][ C1] Call trace: [ 80.113119][ C1] invalidate_bh_lru+0x128/0x234 [ 80.113888][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.114802][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.115860][ C1] ipi_handler+0x10c/0x710 [ 80.116516][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.117317][ C1] handle_domain_irq+0x144/0x1fc [ 80.118043][ C1] gic_handle_irq+0x78/0x1c8 [ 80.118683][ C1] call_on_irq_stack+0x30/0x48 [ 80.119358][ C1] do_interrupt_handler+0x6c/0x88 [ 80.120151][ C1] el1_interrupt+0x30/0x58 [ 80.120794][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.121465][ C1] el1h_64_irq+0x78/0x7c [ 80.122058][ C1] rcu_is_watching+0x5c/0x134 [ 80.122797][ C1] get_obj_cgroup_from_current+0x188/0x524 [ 80.123701][ C1] slab_pre_alloc_hook+0xa8/0xec [ 80.124443][ C1] kmem_cache_alloc+0x94/0x3e4 [ 80.125179][ C1] __d_alloc+0x3c/0x65c [ 80.125792][ C1] d_alloc+0x54/0x204 [ 80.126368][ C1] lookup_one_qstr_excl+0xbc/0x230 [ 80.127197][ C1] filename_create+0x1cc/0x39c [ 80.127933][ C1] do_mkdirat+0xa8/0x508 [ 80.128565][ C1] __arm64_sys_mkdirat+0x90/0xa8 [ 80.129288][ C1] invoke_syscall+0x98/0x2b8 [ 80.129969][ C1] el0_svc_common+0x138/0x258 [ 80.130733][ C1] do_el0_svc+0x58/0x14c [ 80.131361][ C1] el0_svc+0x78/0x1e0 [ 80.131956][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 80.132697][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.133389][ C1] irq event stamp: 412414 [ 80.133984][ C1] hardirqs last enabled at (412413): [] read_seqbegin+0x1fc/0x304 [ 80.135400][ C1] hardirqs last disabled at (412414): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.136850][ C1] softirqs last enabled at (411646): [] local_bh_enable+0x10/0x34 [ 80.138200][ C1] softirqs last disabled at (411644): [] local_bh_disable+0x10/0x34 [ 80.139618][ C1] ---[ end trace 9e056b27e87ea94f ]--- [ 80.196387][ T5173] loop0: detected capacity change from 0 to 128 [ 80.198783][ T5173] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.200041][ T5173] Bad inode number on dev loop0: 2 is out of range [ 80.201219][ T5173] SysV FS: get root inode failed [ 80.201927][ T5173] oldfs: cannot read superblock [ 80.210765][ C0] ------------[ cut here ]------------ [ 80.211700][ C0] VFS: brelse: Trying to free free buffer [ 80.212654][ C0] WARNING: CPU: 0 PID: 5174 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.214096][ C0] Modules linked in: [ 80.214729][ C0] CPU: 0 PID: 5174 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.216231][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.217892][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.219135][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.219959][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.220770][ C0] sp : ffff800008007de0 [ 80.221426][ C0] x29: ffff800008007de0 x28: ffff0000dca6b680 x27: 1fffe0003421625c [ 80.222616][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 80.223875][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e287db40 [ 80.225143][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 80.226346][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.227628][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.228959][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 7724ab023ec08800 [ 80.230154][ C0] x8 : 7724ab023ec08800 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.231394][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.232589][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.233833][ C0] Call trace: [ 80.234347][ C0] invalidate_bh_lru+0x128/0x234 [ 80.235089][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.236037][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.237195][ C0] ipi_handler+0x10c/0x710 [ 80.237881][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.238709][ C0] handle_domain_irq+0x144/0x1fc [ 80.239434][ C0] gic_handle_irq+0x78/0x1c8 [ 80.240204][ C0] call_on_irq_stack+0x30/0x48 [ 80.240967][ C0] do_interrupt_handler+0x6c/0x88 [ 80.241708][ C0] el1_interrupt+0x30/0x58 [ 80.242410][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.243204][ C0] el1h_64_irq+0x78/0x7c [ 80.243879][ C0] unwind_frame+0x20/0x668 [ 80.244551][ C0] arch_stack_walk+0x200/0x2b4 [ 80.245255][ C0] stack_trace_save+0x94/0xd8 [ 80.245886][ C0] __kasan_kmalloc+0xb0/0xf0 [ 80.246582][ C0] __kmalloc+0x298/0x44c [ 80.247236][ C0] tomoyo_encode+0x274/0x4a4 [ 80.247940][ C0] tomoyo_realpath_from_path+0x4bc/0x510 [ 80.248739][ C0] tomoyo_path_perm+0x1b4/0x440 [ 80.249497][ C0] tomoyo_path_symlink+0xa8/0xec [ 80.250339][ C0] security_path_symlink+0xec/0x13c [ 80.251251][ C0] do_symlinkat+0x108/0x5a8 [ 80.252003][ C0] __arm64_sys_symlinkat+0xa4/0xbc [ 80.252849][ C0] invoke_syscall+0x98/0x2b8 [ 80.253589][ C0] el0_svc_common+0x138/0x258 [ 80.254345][ C0] do_el0_svc+0x58/0x14c [ 80.255003][ C0] el0_svc+0x78/0x1e0 [ 80.255675][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.256501][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.257181][ C0] irq event stamp: 732 [ 80.257814][ C0] hardirqs last enabled at (731): [] ___slab_alloc+0xc34/0xda8 [ 80.259275][ C0] hardirqs last disabled at (732): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.260817][ C0] softirqs last enabled at (464): [] local_bh_enable+0x10/0x34 [ 80.262226][ C0] softirqs last disabled at (462): [] local_bh_disable+0x10/0x34 [ 80.263588][ C0] ---[ end trace 9e056b27e87ea950 ]--- [ 80.288852][ T5175] loop0: detected capacity change from 0 to 128 [ 80.291907][ T5175] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.293039][ T5175] Bad inode number on dev loop0: 2 is out of range [ 80.294065][ T5175] SysV FS: get root inode failed [ 80.294973][ T5175] oldfs: cannot read superblock [ 80.310938][ C0] ------------[ cut here ]------------ [ 80.311826][ C0] VFS: brelse: Trying to free free buffer [ 80.312691][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.313884][ C0] Modules linked in: [ 80.314405][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.315659][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.317077][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.318185][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.318997][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.319876][ C0] sp : ffff800008007de0 [ 80.320525][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 80.321851][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 80.323113][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e287d148 [ 80.324482][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 80.325745][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.326937][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.328181][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 80.329333][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.330462][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.331638][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.332790][ C0] Call trace: [ 80.333262][ C0] invalidate_bh_lru+0x128/0x234 [ 80.334027][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.334920][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.335939][ C0] ipi_handler+0x10c/0x710 [ 80.336599][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.337400][ C0] handle_domain_irq+0x144/0x1fc [ 80.338123][ C0] gic_handle_irq+0x78/0x1c8 [ 80.338780][ C0] call_on_irq_stack+0x30/0x48 [ 80.339450][ C0] do_interrupt_handler+0x6c/0x88 [ 80.340285][ C0] el1_interrupt+0x30/0x58 [ 80.340972][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.341768][ C0] el1h_64_irq+0x78/0x7c [ 80.342447][ C0] _raw_spin_unlock_irqrestore+0xb8/0x14c [ 80.343325][ C0] debug_check_no_obj_freed+0x450/0x46c [ 80.344175][ C0] slab_free_freelist_hook+0x9c/0x1e8 [ 80.345014][ C0] kfree+0x170/0x40c [ 80.345620][ C0] __vunmap+0x8ec/0x9bc [ 80.346271][ C0] vfree+0xbc/0x154 [ 80.346805][ C0] do_ip6t_get_ctl+0x10ec/0x13a8 [ 80.347574][ C0] nf_getsockopt+0x264/0x284 [ 80.348201][ C0] ipv6_getsockopt+0x52c/0x2584 [ 80.348898][ C0] tcp_getsockopt+0x208/0x2e78 [ 80.349580][ C0] sock_common_getsockopt+0xa8/0xc4 [ 80.350339][ C0] __sys_getsockopt+0x1b8/0x250 [ 80.351011][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 80.351791][ C0] invoke_syscall+0x98/0x2b8 [ 80.352496][ C0] el0_svc_common+0x138/0x258 [ 80.353187][ C0] do_el0_svc+0x58/0x14c [ 80.353827][ C0] el0_svc+0x78/0x1e0 [ 80.354404][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.355174][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.355810][ C0] irq event stamp: 422136 [ 80.356401][ C0] hardirqs last enabled at (422135): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.357944][ C0] hardirqs last disabled at (422136): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.359416][ C0] softirqs last enabled at (421982): [] release_sock+0x1d0/0x258 [ 80.360853][ C0] softirqs last disabled at (421980): [] release_sock+0x34/0x258 [ 80.362353][ C0] ---[ end trace 9e056b27e87ea951 ]--- [ 80.388915][ T5179] loop0: detected capacity change from 0 to 128 [ 80.465348][ T5179] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.466734][ T5179] Bad inode number on dev loop0: 2 is out of range [ 80.467818][ T5179] SysV FS: get root inode failed [ 80.468604][ T5179] oldfs: cannot read superblock [ 80.479233][ C0] ------------[ cut here ]------------ [ 80.480131][ C0] VFS: brelse: Trying to free free buffer [ 80.481051][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.482391][ C0] Modules linked in: [ 80.482972][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 80.484327][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.485866][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.487074][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.487888][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.488647][ C0] sp : ffff800008007de0 [ 80.489282][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625b [ 80.490489][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 80.491647][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e287d4e8 [ 80.492898][ C0] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000010003 [ 80.494213][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.495388][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.496651][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 80.497872][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.498985][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.500274][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 80.501561][ C0] Call trace: [ 80.502074][ C0] invalidate_bh_lru+0x128/0x234 [ 80.502832][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.503800][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.504857][ C0] ipi_handler+0x10c/0x710 [ 80.505501][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.506355][ C0] handle_domain_irq+0x144/0x1fc [ 80.507112][ C0] gic_handle_irq+0x78/0x1c8 [ 80.507803][ C0] call_on_irq_stack+0x30/0x48 [ 80.508576][ C0] do_interrupt_handler+0x6c/0x88 [ 80.509315][ C0] el1_interrupt+0x30/0x58 [ 80.509975][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.510715][ C0] el1h_64_irq+0x78/0x7c [ 80.511359][ C0] arch_local_irq_restore+0x8/0x10 [ 80.512138][ C0] rcu_read_lock_any_held+0x38/0xdc [ 80.512900][ C0] cgroup_threadgroup_change_end+0xe4/0x3b4 [ 80.513785][ C0] cgroup_css_set_put_fork+0x6c/0x15c [ 80.514578][ C0] cgroup_post_fork+0x434/0x62c [ 80.515312][ C0] copy_process+0x3164/0x34ac [ 80.516045][ C0] kernel_clone+0x1d8/0x9d4 [ 80.516707][ C0] __arm64_sys_clone+0x138/0x190 [ 80.517446][ C0] invoke_syscall+0x98/0x2b8 [ 80.518152][ C0] el0_svc_common+0x138/0x258 [ 80.518819][ C0] do_el0_svc+0x58/0x14c [ 80.519467][ C0] el0_svc+0x78/0x1e0 [ 80.520031][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.520770][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.521404][ C0] irq event stamp: 425446 [ 80.522029][ C0] hardirqs last enabled at (425445): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 80.523731][ C0] hardirqs last disabled at (425446): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.525178][ C0] softirqs last enabled at (425242): [] local_bh_enable+0x10/0x34 [ 80.526533][ C0] softirqs last disabled at (425240): [] local_bh_disable+0x10/0x34 [ 80.527933][ C0] ---[ end trace 9e056b27e87ea952 ]--- [ 80.567171][ T5181] loop0: detected capacity change from 0 to 128 [ 80.617705][ T5181] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.618746][ T5181] Bad inode number on dev loop0: 2 is out of range [ 80.619791][ T5181] SysV FS: get root inode failed [ 80.620521][ T5181] oldfs: cannot read superblock [ 80.628862][ C1] ------------[ cut here ]------------ [ 80.629720][ C1] VFS: brelse: Trying to free free buffer [ 80.630554][ C1] WARNING: CPU: 1 PID: 5182 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.631720][ C1] Modules linked in: [ 80.632336][ C1] CPU: 1 PID: 5182 Comm: syz.0.101 Tainted: G W syzkaller #0 [ 80.633781][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.635368][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.636590][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 80.637382][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 80.638197][ C1] sp : ffff800008017de0 [ 80.638882][ C1] x29: ffff800008017de0 x28: ffff0000d0d90000 x27: 1fffe0003421a45c [ 80.640151][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 80.641371][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000dd2a5ee0 [ 80.642596][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010004 [ 80.643816][ C1] x17: 0000000000010004 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.645032][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.646225][ C1] x11: 0000000000010003 x10: 0000000000010003 x9 : 9cad5e4124ab1f00 [ 80.647421][ C1] x8 : 9cad5e4124ab1f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.648611][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.649795][ C1] x2 : 0000000000000001 x1 : 0000000100010003 x0 : 0000000000000027 [ 80.650989][ C1] Call trace: [ 80.651483][ C1] invalidate_bh_lru+0x128/0x234 [ 80.652175][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 80.653080][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.654032][ C1] ipi_handler+0x10c/0x710 [ 80.654670][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 80.655571][ C1] handle_domain_irq+0x144/0x1fc [ 80.656311][ C1] gic_handle_irq+0x78/0x1c8 [ 80.657031][ C1] call_on_irq_stack+0x30/0x48 [ 80.657740][ C1] do_interrupt_handler+0x6c/0x88 [ 80.658555][ C1] el1_interrupt+0x30/0x58 [ 80.659210][ C1] el1h_64_irq_handler+0x18/0x24 [ 80.659920][ C1] el1h_64_irq+0x78/0x7c [ 80.660553][ C1] lock_release+0x4a0/0x8e8 [ 80.661222][ C1] local_lock_release+0xb8/0x190 [ 80.661941][ C1] lru_cache_add+0x4b8/0x6e4 [ 80.662597][ C1] lru_cache_add_inactive_or_unevictable+0x130/0x2f0 [ 80.663554][ C1] handle_mm_fault+0x22d0/0x2970 [ 80.664300][ C1] do_page_fault+0x694/0xad4 [ 80.664963][ C1] do_translation_fault+0xe0/0x130 [ 80.665707][ C1] do_mem_abort+0x6c/0x1ac [ 80.666365][ C1] el0_da+0x90/0x1fc [ 80.666932][ C1] el0t_64_sync_handler+0xd8/0xe4 [ 80.667639][ C1] el0t_64_sync+0x1a0/0x1a4 [ 80.668351][ C1] irq event stamp: 1128 [ 80.668961][ C1] hardirqs last enabled at (1127): [] charge_memcg+0x190/0x220 [ 80.670222][ C1] hardirqs last disabled at (1128): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.671650][ C1] softirqs last enabled at (1052): [] local_bh_enable+0x10/0x34 [ 80.673006][ C1] softirqs last disabled at (1050): [] local_bh_disable+0x10/0x34 [ 80.674353][ C1] ---[ end trace 9e056b27e87ea953 ]--- [ 80.697716][ T5183] loop0: detected capacity change from 0 to 128 [ 80.700721][ T5183] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.701894][ T5183] Bad inode number on dev loop0: 2 is out of range [ 80.702963][ T5183] SysV FS: get root inode failed [ 80.703666][ T5183] oldfs: cannot read superblock [ 80.716957][ C0] ------------[ cut here ]------------ [ 80.717773][ C0] VFS: brelse: Trying to free free buffer [ 80.718619][ C0] WARNING: CPU: 0 PID: 5185 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.719871][ C0] Modules linked in: [ 80.720423][ C0] CPU: 0 PID: 5185 Comm: syz.0.102 Tainted: G W syzkaller #0 [ 80.721644][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.722969][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.724064][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.724826][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.725667][ C0] sp : ffff800008007de0 [ 80.726264][ C0] x29: ffff800008007de0 x28: ffff0000ccadd1c0 x27: 1fffe0003421625c [ 80.727464][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 80.728671][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e287d888 [ 80.729826][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 80.730972][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.732153][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.733236][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 08b0826a20a65100 [ 80.734416][ C0] x8 : 08b0826a20a65100 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.735639][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.736846][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 80.737974][ C0] Call trace: [ 80.738412][ C0] invalidate_bh_lru+0x128/0x234 [ 80.739177][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 80.740071][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 80.741123][ C0] ipi_handler+0x10c/0x710 [ 80.741756][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 80.742566][ C0] handle_domain_irq+0x144/0x1fc [ 80.743305][ C0] gic_handle_irq+0x78/0x1c8 [ 80.744045][ C0] call_on_irq_stack+0x30/0x48 [ 80.744735][ C0] do_interrupt_handler+0x6c/0x88 [ 80.745452][ C0] el1_interrupt+0x30/0x58 [ 80.746110][ C0] el1h_64_irq_handler+0x18/0x24 [ 80.746808][ C0] el1h_64_irq+0x78/0x7c [ 80.747448][ C0] cmpxchg_double_slab+0xf8/0x2bc [ 80.748176][ C0] __slab_free+0x78/0x254 [ 80.748790][ C0] ___cache_free+0x178/0x1bc [ 80.749483][ C0] qlink_free+0x5c/0xa4 [ 80.750191][ C0] qlist_free_all+0x40/0xa8 [ 80.750832][ C0] kasan_quarantine_reduce+0x124/0x130 [ 80.751704][ C0] __kasan_slab_alloc+0x34/0xcc [ 80.752413][ C0] slab_post_alloc_hook+0x74/0x408 [ 80.753159][ C0] __kmalloc+0x208/0x44c [ 80.753796][ C0] tomoyo_realpath_from_path+0xcc/0x510 [ 80.754661][ C0] tomoyo_check_open_permission+0x168/0x2fc [ 80.755515][ C0] tomoyo_file_open+0x130/0x1b0 [ 80.756229][ C0] security_file_open+0x6c/0xac [ 80.756933][ C0] do_dentry_open+0x29c/0xebc [ 80.757583][ C0] vfs_open+0x7c/0x90 [ 80.758217][ C0] path_openat+0x1f80/0x26e4 [ 80.758871][ C0] do_filp_open+0x164/0x330 [ 80.759548][ C0] do_sys_openat2+0x128/0x3d8 [ 80.760216][ C0] __arm64_sys_openat+0x120/0x154 [ 80.760998][ C0] invoke_syscall+0x98/0x2b8 [ 80.761658][ C0] el0_svc_common+0x138/0x258 [ 80.762348][ C0] do_el0_svc+0x58/0x14c [ 80.762972][ C0] el0_svc+0x78/0x1e0 [ 80.763509][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 80.764219][ C0] el0t_64_sync+0x1a0/0x1a4 [ 80.764841][ C0] irq event stamp: 1110 [ 80.765454][ C0] hardirqs last enabled at (1109): [] put_cpu_partial+0x188/0x218 [ 80.766890][ C0] hardirqs last disabled at (1110): [] enter_el1_irq_or_nmi+0x10/0x1c [ 80.768337][ C0] softirqs last enabled at (342): [] handle_softirqs+0xa4c/0xbf0 [ 80.769690][ C0] softirqs last disabled at (291): [] __irq_exit_rcu+0x240/0x440 [ 80.771018][ C0] ---[ end trace 9e056b27e87ea954 ]--- [ 80.807465][ T5185] loop0: detected capacity change from 0 to 128 [ 80.847980][ T5185] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.849109][ T5185] Bad inode number on dev loop0: 2 is out of range [ 80.850156][ T5185] SysV FS: get root inode failed [ 80.850900][ T5185] oldfs: cannot read superblock [ 80.857949][ T5032] ------------[ cut here ]------------ [ 80.858902][ T5032] VFS: brelse: Trying to free free buffer [ 80.859784][ T5032] WARNING: CPU: 1 PID: 5032 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.861130][ T5032] Modules linked in: [ 80.861735][ T5032] CPU: 1 PID: 5032 Comm: udevd Tainted: G W syzkaller #0 [ 80.863077][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.864664][ T5032] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.865896][ T5032] pc : invalidate_bh_lru+0x128/0x234 [ 80.866689][ T5032] lr : invalidate_bh_lru+0x128/0x234 [ 80.867470][ T5032] sp : ffff80001fd877c0 [ 80.868079][ T5032] x29: ffff80001fd877c0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 80.869326][ T5032] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 80.870542][ T5032] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a9318 [ 80.871707][ T5032] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 80.872977][ T5032] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 80.874175][ T5032] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 80.875429][ T5032] x11: 0000000000000002 x10: 0000000000000000 x9 : a3a8f4330151da00 [ 80.876651][ T5032] x8 : a3a8f4330151da00 x7 : 0000000000000001 x6 : 0000000000000001 [ 80.877875][ T5032] x5 : ffff80001fd870b8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 80.879092][ T5032] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 80.880366][ T5032] Call trace: [ 80.880874][ T5032] invalidate_bh_lru+0x128/0x234 [ 80.881665][ T5032] smp_call_function_many_cond+0xa50/0xeb0 [ 80.882599][ T5032] on_each_cpu_cond_mask+0x5c/0xc4 [ 80.883367][ T5032] invalidate_bh_lrus+0x34/0x40 [ 80.884150][ T5032] blkdev_flush_mapping+0x168/0x31c [ 80.884923][ T5032] blkdev_put+0x490/0x6ac [ 80.885630][ T5032] blkdev_close+0x74/0xb0 [ 80.886283][ T5032] __fput+0x1c0/0x7f8 [ 80.886933][ T5032] ____fput+0x20/0x30 [ 80.887519][ T5032] task_work_run+0x12c/0x1e0 [ 80.888236][ T5032] do_notify_resume+0x24b4/0x3128 [ 80.889016][ T5032] el0_svc+0xf0/0x1e0 [ 80.889606][ T5032] el0t_64_sync_handler+0xcc/0xe4 [ 80.890372][ T5032] el0t_64_sync+0x1a0/0x1a4 [ 80.891029][ T5032] irq event stamp: 345478 [ 80.891660][ T5032] hardirqs last enabled at (345477): [] kasan_quarantine_put+0xc4/0x204 [ 80.893066][ T5032] hardirqs last disabled at (345478): [] smp_call_function_many_cond+0xa44/0xeb0 [ 80.894649][ T5032] softirqs last enabled at (345206): [] local_bh_enable+0x10/0x34 [ 80.896053][ T5032] softirqs last disabled at (345204): [] local_bh_disable+0x10/0x34 [ 80.897479][ T5032] ---[ end trace 9e056b27e87ea955 ]--- [ 80.937312][ T5187] loop0: detected capacity change from 0 to 128 [ 80.979834][ T5187] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 80.981012][ T5187] Bad inode number on dev loop0: 2 is out of range [ 80.982102][ T5187] SysV FS: get root inode failed [ 80.982913][ T5187] oldfs: cannot read superblock [ 80.989412][ C0] ------------[ cut here ]------------ [ 80.990317][ C0] VFS: brelse: Trying to free free buffer [ 80.991265][ C0] WARNING: CPU: 0 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 80.992512][ C0] Modules linked in: [ 80.993099][ C0] CPU: 0 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 80.994242][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 80.995796][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 80.996946][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 80.997736][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 80.998509][ C0] sp : ffff800008007de0 [ 80.999096][ C0] x29: ffff800008007de0 x28: ffff0000d6abb680 x27: 1fffe0003421625c [ 81.000313][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 81.001500][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2825318 [ 81.002689][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 81.003962][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.005145][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.006400][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 588cec668cba1a00 [ 81.007667][ C0] x8 : 588cec668cba1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.008881][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.010019][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.011224][ C0] Call trace: [ 81.011710][ C0] invalidate_bh_lru+0x128/0x234 [ 81.012455][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.013315][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.014351][ C0] ipi_handler+0x10c/0x710 [ 81.015029][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.015840][ C0] handle_domain_irq+0x144/0x1fc [ 81.016571][ C0] gic_handle_irq+0x78/0x1c8 [ 81.017245][ C0] call_on_irq_stack+0x30/0x48 [ 81.017976][ C0] do_interrupt_handler+0x6c/0x88 [ 81.018706][ C0] el1_interrupt+0x30/0x58 [ 81.019346][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.020093][ C0] el1h_64_irq+0x78/0x7c [ 81.020719][ C0] lock_release+0x4a0/0x8e8 [ 81.021392][ C0] up_read+0x8c/0xe8 [ 81.021990][ C0] kernfs_iop_permission+0x1cc/0x2e0 [ 81.022820][ C0] inode_permission+0x1d0/0x3c0 [ 81.023618][ C0] link_path_walk+0x268/0xb8c [ 81.024449][ C0] path_lookupat+0x90/0x3d0 [ 81.025195][ C0] filename_lookup+0x180/0x414 [ 81.025967][ C0] user_path_at_empty+0x5c/0x1a0 [ 81.026742][ C0] vfs_statx+0xf4/0x458 [ 81.027391][ C0] __arm64_sys_newfstatat+0x10c/0x190 [ 81.028244][ C0] invoke_syscall+0x98/0x2b8 [ 81.028900][ C0] el0_svc_common+0x138/0x258 [ 81.029592][ C0] do_el0_svc+0x58/0x14c [ 81.030231][ C0] el0_svc+0x78/0x1e0 [ 81.030807][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.031535][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.032211][ C0] irq event stamp: 1405092 [ 81.032876][ C0] hardirqs last enabled at (1405091): [] seqcount_lockdep_reader_access+0x1f4/0x2bc [ 81.034549][ C0] hardirqs last disabled at (1405092): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.036078][ C0] softirqs last enabled at (1404680): [] local_bh_enable+0x10/0x34 [ 81.037458][ C0] softirqs last disabled at (1404678): [] local_bh_disable+0x10/0x34 [ 81.038879][ C0] ---[ end trace 9e056b27e87ea956 ]--- [ 81.062688][ T5189] loop0: detected capacity change from 0 to 128 [ 81.065593][ T5189] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.066680][ T5189] Bad inode number on dev loop0: 2 is out of range [ 81.067771][ T5189] SysV FS: get root inode failed [ 81.068523][ T5189] oldfs: cannot read superblock [ 81.080416][ C1] ------------[ cut here ]------------ [ 81.081364][ C1] VFS: brelse: Trying to free free buffer [ 81.082268][ C1] WARNING: CPU: 1 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.083605][ C1] Modules linked in: [ 81.084145][ C1] CPU: 1 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 81.085452][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.086979][ C1] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.088141][ C1] pc : invalidate_bh_lru+0x128/0x234 [ 81.088946][ C1] lr : invalidate_bh_lru+0x128/0x234 [ 81.089768][ C1] sp : ffff800008017de0 [ 81.090444][ C1] x29: ffff800008017de0 x28: ffff0000d6abb680 x27: 1fffe0003421a45c [ 81.091648][ C1] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000001 [ 81.092839][ C1] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a96b8 [ 81.094035][ C1] x20: ffff0001a10d22e0 x19: ffff8000113da820 x18: 0000000000010002 [ 81.095270][ C1] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.096500][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.097698][ C1] x11: 0000000000010001 x10: 0000000000010001 x9 : 588cec668cba1a00 [ 81.098953][ C1] x8 : 588cec668cba1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.100140][ C1] x5 : ffff8000080176d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.101268][ C1] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.102512][ C1] Call trace: [ 81.102971][ C1] invalidate_bh_lru+0x128/0x234 [ 81.103711][ C1] flush_smp_call_function_queue+0x38c/0x81c [ 81.104652][ C1] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.105640][ C1] ipi_handler+0x10c/0x710 [ 81.106219][ C1] handle_percpu_devid_irq+0x29c/0x76c [ 81.107040][ C1] handle_domain_irq+0x144/0x1fc [ 81.107751][ C1] gic_handle_irq+0x78/0x1c8 [ 81.108396][ C1] call_on_irq_stack+0x30/0x48 [ 81.109059][ C1] do_interrupt_handler+0x6c/0x88 [ 81.109769][ C1] el1_interrupt+0x30/0x58 [ 81.110397][ C1] el1h_64_irq_handler+0x18/0x24 [ 81.111069][ C1] el1h_64_irq+0x78/0x7c [ 81.111626][ C1] __sanitizer_cov_trace_cmp8+0xbc/0xc0 [ 81.112400][ C1] arch_stack_walk+0x200/0x2b4 [ 81.113090][ C1] stack_trace_save+0x94/0xd8 [ 81.113817][ C1] __kasan_kmalloc+0xb0/0xf0 [ 81.114487][ C1] __kmalloc+0x298/0x44c [ 81.115133][ C1] tomoyo_realpath_from_path+0xcc/0x510 [ 81.115900][ C1] tomoyo_check_open_permission+0x168/0x2fc [ 81.116783][ C1] tomoyo_file_open+0x130/0x1b0 [ 81.117557][ C1] security_file_open+0x6c/0xac [ 81.118355][ C1] do_dentry_open+0x29c/0xebc [ 81.119137][ C1] vfs_open+0x7c/0x90 [ 81.119738][ C1] path_openat+0x1f80/0x26e4 [ 81.120477][ C1] do_filp_open+0x164/0x330 [ 81.121157][ C1] do_sys_openat2+0x128/0x3d8 [ 81.121870][ C1] __arm64_sys_openat+0x120/0x154 [ 81.122632][ C1] invoke_syscall+0x98/0x2b8 [ 81.123333][ C1] el0_svc_common+0x138/0x258 [ 81.124108][ C1] do_el0_svc+0x58/0x14c [ 81.124797][ C1] el0_svc+0x78/0x1e0 [ 81.125447][ C1] el0t_64_sync_handler+0xcc/0xe4 [ 81.126245][ C1] el0t_64_sync+0x1a0/0x1a4 [ 81.126951][ C1] irq event stamp: 1408632 [ 81.127574][ C1] hardirqs last enabled at (1408631): [] read_seqbegin+0x1fc/0x304 [ 81.128986][ C1] hardirqs last disabled at (1408632): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.130468][ C1] softirqs last enabled at (1408610): [] local_bh_enable+0x10/0x34 [ 81.131815][ C1] softirqs last disabled at (1408608): [] local_bh_disable+0x10/0x34 [ 81.133211][ C1] ---[ end trace 9e056b27e87ea957 ]--- [ 81.181412][ T5193] loop0: detected capacity change from 0 to 128 [ 81.184236][ T5193] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.185770][ T5193] Bad inode number on dev loop0: 2 is out of range [ 81.186815][ T5193] SysV FS: get root inode failed [ 81.187669][ T5193] oldfs: cannot read superblock [ 81.195294][ C0] ------------[ cut here ]------------ [ 81.196120][ C0] VFS: brelse: Trying to free free buffer [ 81.197024][ C0] WARNING: CPU: 0 PID: 5194 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.198328][ C0] Modules linked in: [ 81.198916][ C0] CPU: 0 PID: 5194 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.200192][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.201651][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.202779][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.203578][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.204365][ C0] sp : ffff800008007de0 [ 81.204975][ C0] x29: ffff800008007de0 x28: ffff0000e83fd1c0 x27: 1fffe0003421625c [ 81.206180][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 81.207392][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28256b8 [ 81.208601][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010002 [ 81.209787][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.210994][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.212213][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 02d2a1c694821f00 [ 81.213445][ C0] x8 : 02d2a1c694821f00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.214691][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.215943][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.217122][ C0] Call trace: [ 81.217623][ C0] invalidate_bh_lru+0x128/0x234 [ 81.218384][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.219291][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.220251][ C0] ipi_handler+0x10c/0x710 [ 81.220932][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.221741][ C0] handle_domain_irq+0x144/0x1fc [ 81.222496][ C0] gic_handle_irq+0x78/0x1c8 [ 81.223138][ C0] call_on_irq_stack+0x30/0x48 [ 81.223962][ C0] do_interrupt_handler+0x6c/0x88 [ 81.224818][ C0] el0_interrupt+0x94/0x260 [ 81.225580][ C0] __el0_irq_handler_common+0x18/0x24 [ 81.226443][ C0] el0t_64_irq_handler+0x10/0x1c [ 81.227214][ C0] el0t_64_irq+0x1a0/0x1a4 [ 81.227908][ C0] irq event stamp: 794 [ 81.228541][ C0] hardirqs last enabled at (793): [] el0t_64_sync_handler+0xd8/0xe4 [ 81.230186][ C0] hardirqs last disabled at (794): [] __el0_irq_handler_common+0x18/0x24 [ 81.231842][ C0] softirqs last enabled at (474): [] local_bh_enable+0x10/0x34 [ 81.233406][ C0] softirqs last disabled at (472): [] local_bh_disable+0x10/0x34 [ 81.234945][ C0] ---[ end trace 9e056b27e87ea958 ]--- [ 81.256257][ T5195] loop0: detected capacity change from 0 to 128 [ 81.299570][ T5195] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.300718][ T5195] Bad inode number on dev loop0: 2 is out of range [ 81.301769][ T5195] SysV FS: get root inode failed [ 81.302542][ T5195] oldfs: cannot read superblock [ 81.304721][ C0] ------------[ cut here ]------------ [ 81.305554][ C0] VFS: brelse: Trying to free free buffer [ 81.306491][ C0] WARNING: CPU: 0 PID: 3662 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.307773][ C0] Modules linked in: [ 81.308335][ C0] CPU: 0 PID: 3662 Comm: udevd Tainted: G W syzkaller #0 [ 81.309582][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.311118][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.312210][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.313020][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.313780][ C0] sp : ffff800008007de0 [ 81.314365][ C0] x29: ffff800008007de0 x28: ffff0000d6abb680 x27: 1fffe0003421625b [ 81.315553][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000000 [ 81.316728][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2825a58 [ 81.317902][ C0] x20: ffff0001a10b12d8 x19: ffff8000113da820 x18: 0000000000010002 [ 81.319070][ C0] x17: 0000000000010002 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.320263][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.321486][ C0] x11: 0000000000010001 x10: 0000000000010001 x9 : 588cec668cba1a00 [ 81.322734][ C0] x8 : 588cec668cba1a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.323930][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.325099][ C0] x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000027 [ 81.326327][ C0] Call trace: [ 81.326795][ C0] invalidate_bh_lru+0x128/0x234 [ 81.327486][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.328365][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.329247][ C0] ipi_handler+0x10c/0x710 [ 81.329918][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.330686][ C0] handle_domain_irq+0x144/0x1fc [ 81.331380][ C0] gic_handle_irq+0x78/0x1c8 [ 81.332052][ C0] call_on_irq_stack+0x30/0x48 [ 81.332746][ C0] do_interrupt_handler+0x6c/0x88 [ 81.333579][ C0] el1_interrupt+0x30/0x58 [ 81.334249][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.334952][ C0] el1h_64_irq+0x78/0x7c [ 81.335607][ C0] stack_depot_save+0x204/0x49c [ 81.336332][ C0] kasan_set_track+0x68/0x84 [ 81.337043][ C0] kasan_set_free_info+0x28/0x4c [ 81.337751][ C0] ____kasan_slab_free+0x118/0x164 [ 81.338565][ C0] __kasan_slab_free+0x18/0x28 [ 81.339224][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 81.339973][ C0] kfree+0x170/0x40c [ 81.340527][ C0] tomoyo_check_open_permission+0x240/0x2fc [ 81.341364][ C0] tomoyo_file_open+0x130/0x1b0 [ 81.342095][ C0] security_file_open+0x6c/0xac [ 81.342836][ C0] do_dentry_open+0x29c/0xebc [ 81.343519][ C0] vfs_open+0x7c/0x90 [ 81.344144][ C0] path_openat+0x1f80/0x26e4 [ 81.344792][ C0] do_filp_open+0x164/0x330 [ 81.345469][ C0] do_sys_openat2+0x128/0x3d8 [ 81.346125][ C0] __arm64_sys_openat+0x120/0x154 [ 81.346879][ C0] invoke_syscall+0x98/0x2b8 [ 81.347565][ C0] el0_svc_common+0x138/0x258 [ 81.348242][ C0] do_el0_svc+0x58/0x14c [ 81.348869][ C0] el0_svc+0x78/0x1e0 [ 81.349540][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.350234][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.350920][ C0] irq event stamp: 1418282 [ 81.351554][ C0] hardirqs last enabled at (1418281): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 81.353138][ C0] hardirqs last disabled at (1418282): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.354579][ C0] softirqs last enabled at (1418236): [] local_bh_enable+0x10/0x34 [ 81.355897][ C0] softirqs last disabled at (1418234): [] local_bh_disable+0x10/0x34 [ 81.357339][ C0] ---[ end trace 9e056b27e87ea959 ]--- [ 81.407304][ T5197] loop0: detected capacity change from 0 to 128 [ 81.410084][ T5197] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.411313][ T5197] Bad inode number on dev loop0: 2 is out of range [ 81.412363][ T5197] SysV FS: get root inode failed [ 81.413099][ T5197] oldfs: cannot read superblock [ 81.413874][ T5197] ------------[ cut here ]------------ [ 81.414653][ T5197] VFS: brelse: Trying to free free buffer [ 81.415586][ T5197] WARNING: CPU: 1 PID: 5197 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.416900][ T5197] Modules linked in: [ 81.417508][ T5197] CPU: 1 PID: 5197 Comm: syz.0.108 Tainted: G W syzkaller #0 [ 81.418744][ T5197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.420250][ T5197] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.421322][ T5197] pc : invalidate_bh_lru+0x128/0x234 [ 81.422079][ T5197] lr : invalidate_bh_lru+0x128/0x234 [ 81.422834][ T5197] sp : ffff8000202176e0 [ 81.423435][ T5197] x29: ffff8000202176e0 x28: ffff80001418d000 x27: 1fffe0003421a45b [ 81.424723][ T5197] x26: 0000000000000001 x25: ffff0001a10d22d8 x24: 0000000000000000 [ 81.425943][ T5197] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e28a9a58 [ 81.427175][ T5197] x20: ffff0001a10d22d8 x19: ffff8000113da820 x18: 0000000000000003 [ 81.428426][ T5197] x17: 0000000000000000 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.429594][ T5197] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.430830][ T5197] x11: 0000000000000002 x10: 0000000000000000 x9 : 56632f2e8d7eff00 [ 81.432002][ T5197] x8 : 56632f2e8d7eff00 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.433134][ T5197] x5 : ffff800020216fd8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.434347][ T5197] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000027 [ 81.435526][ T5197] Call trace: [ 81.436014][ T5197] invalidate_bh_lru+0x128/0x234 [ 81.436755][ T5197] smp_call_function_many_cond+0xa50/0xeb0 [ 81.437666][ T5197] on_each_cpu_cond_mask+0x5c/0xc4 [ 81.438483][ T5197] invalidate_bh_lrus+0x34/0x40 [ 81.439279][ T5197] blkdev_flush_mapping+0x168/0x31c [ 81.440110][ T5197] blkdev_put+0x490/0x6ac [ 81.440800][ T5197] kill_block_super+0x98/0xdc [ 81.441537][ T5197] deactivate_locked_super+0xb8/0x13c [ 81.442461][ T5197] mount_bdev+0x284/0x358 [ 81.443199][ T5197] sysv_mount+0x44/0x58 [ 81.443879][ T5197] legacy_get_tree+0xd4/0x16c [ 81.444593][ T5197] vfs_get_tree+0x90/0x274 [ 81.445298][ T5197] do_new_mount+0x228/0x810 [ 81.445970][ T5197] path_mount+0x5b4/0x1000 [ 81.446654][ T5197] __arm64_sys_mount+0x514/0x5e4 [ 81.447367][ T5197] invoke_syscall+0x98/0x2b8 [ 81.448093][ T5197] el0_svc_common+0x138/0x258 [ 81.448857][ T5197] do_el0_svc+0x58/0x14c [ 81.449544][ T5197] el0_svc+0x78/0x1e0 [ 81.450172][ T5197] el0t_64_sync_handler+0xcc/0xe4 [ 81.450930][ T5197] el0t_64_sync+0x1a0/0x1a4 [ 81.451613][ T5197] irq event stamp: 1068 [ 81.452209][ T5197] hardirqs last enabled at (1067): [] kasan_quarantine_put+0xc4/0x204 [ 81.453768][ T5197] hardirqs last disabled at (1068): [] smp_call_function_many_cond+0xa44/0xeb0 [ 81.455210][ T5197] softirqs last enabled at (866): [] local_bh_enable+0x10/0x34 [ 81.456530][ T5197] softirqs last disabled at (864): [] local_bh_disable+0x10/0x34 [ 81.457884][ T5197] ---[ end trace 9e056b27e87ea95a ]--- [ 81.563369][ T5201] loop0: detected capacity change from 0 to 128 [ 81.571362][ T5201] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.572520][ T5201] Bad inode number on dev loop0: 2 is out of range [ 81.573466][ T5201] SysV FS: get root inode failed [ 81.574175][ T5201] oldfs: cannot read superblock [ 81.579641][ C0] ------------[ cut here ]------------ [ 81.580495][ C0] VFS: brelse: Trying to free free buffer [ 81.581386][ C0] WARNING: CPU: 0 PID: 4760 at fs/buffer.c:1148 invalidate_bh_lru+0x128/0x234 [ 81.582622][ C0] Modules linked in: [ 81.583228][ C0] CPU: 0 PID: 4760 Comm: syz-executor Tainted: G W syzkaller #0 [ 81.584523][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 81.585942][ C0] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 81.587079][ C0] pc : invalidate_bh_lru+0x128/0x234 [ 81.587852][ C0] lr : invalidate_bh_lru+0x128/0x234 [ 81.588602][ C0] sp : ffff800008007de0 [ 81.589186][ C0] x29: ffff800008007de0 x28: ffff0000de341b40 x27: 1fffe0003421625c [ 81.590285][ C0] x26: 0000000000000001 x25: ffff0001a10b12d8 x24: 0000000000000001 [ 81.591402][ C0] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000e2825df8 [ 81.592530][ C0] x20: ffff0001a10b12e0 x19: ffff8000113da820 x18: 0000000000010003 [ 81.593658][ C0] x17: 0000000000010003 x16: ffff8000111ceed0 x15: 00000000ffffffff [ 81.594809][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 81.595933][ C0] x11: 0000000000010002 x10: 0000000000010002 x9 : 56a9f03fd884e100 [ 81.597111][ C0] x8 : 56a9f03fd884e100 x7 : 0000000000000001 x6 : 0000000000000001 [ 81.598269][ C0] x5 : ffff8000080076d8 x4 : ffff80001426f5a0 x3 : ffff8000085043fc [ 81.599412][ C0] x2 : 0000000000000001 x1 : 0000000100010002 x0 : 0000000000000027 [ 81.600530][ C0] Call trace: [ 81.601059][ C0] invalidate_bh_lru+0x128/0x234 [ 81.601745][ C0] flush_smp_call_function_queue+0x38c/0x81c [ 81.602625][ C0] generic_smp_call_function_single_interrupt+0x18/0x24 [ 81.603667][ C0] ipi_handler+0x10c/0x710 [ 81.604307][ C0] handle_percpu_devid_irq+0x29c/0x76c [ 81.605123][ C0] handle_domain_irq+0x144/0x1fc [ 81.605821][ C0] gic_handle_irq+0x78/0x1c8 [ 81.606465][ C0] call_on_irq_stack+0x30/0x48 [ 81.607159][ C0] do_interrupt_handler+0x6c/0x88 [ 81.607900][ C0] el1_interrupt+0x30/0x58 [ 81.608547][ C0] el1h_64_irq_handler+0x18/0x24 [ 81.609323][ C0] el1h_64_irq+0x78/0x7c [ 81.609913][ C0] arch_stack_walk+0x1fc/0x2b4 [ 81.610610][ C0] stack_trace_save+0x94/0xd8 [ 81.611277][ C0] kasan_set_track+0x4c/0x84 [ 81.611928][ C0] kasan_set_free_info+0x28/0x4c [ 81.612636][ C0] ____kasan_slab_free+0x118/0x164 [ 81.613373][ C0] __kasan_slab_free+0x18/0x28 [ 81.614085][ C0] slab_free_freelist_hook+0x128/0x1e8 [ 81.614865][ C0] kmem_cache_free+0xdc/0x3b4 [ 81.615548][ C0] free_vmap_area_noflush+0x690/0x8d0 [ 81.616330][ C0] remove_vm_area+0x1ac/0x1c4 [ 81.617000][ C0] __vunmap+0x304/0x9bc [ 81.617642][ C0] vfree+0xbc/0x154 [ 81.618189][ C0] do_ip6t_get_ctl+0x10ec/0x13a8 [ 81.618920][ C0] nf_getsockopt+0x264/0x284 [ 81.619662][ C0] ipv6_getsockopt+0x52c/0x2584 [ 81.620400][ C0] tcp_getsockopt+0x208/0x2e78 [ 81.621137][ C0] sock_common_getsockopt+0xa8/0xc4 [ 81.621938][ C0] __sys_getsockopt+0x1b8/0x250 [ 81.622685][ C0] __arm64_sys_getsockopt+0xb8/0xd4 [ 81.623543][ C0] invoke_syscall+0x98/0x2b8 [ 81.624287][ C0] el0_svc_common+0x138/0x258 [ 81.625010][ C0] do_el0_svc+0x58/0x14c [ 81.625674][ C0] el0_svc+0x78/0x1e0 [ 81.626294][ C0] el0t_64_sync_handler+0xcc/0xe4 [ 81.627075][ C0] el0t_64_sync+0x1a0/0x1a4 [ 81.627730][ C0] irq event stamp: 455486 [ 81.628395][ C0] hardirqs last enabled at (455485): [] _raw_spin_unlock_irqrestore+0xa8/0x14c [ 81.629949][ C0] hardirqs last disabled at (455486): [] enter_el1_irq_or_nmi+0x10/0x1c [ 81.631467][ C0] softirqs last enabled at (455178): [] release_sock+0x1d0/0x258 [ 81.633028][ C0] softirqs last disabled at (455176): [] release_sock+0x34/0x258 [ 81.634495][ C0] ---[ end trace 9e056b27e87ea95b ]--- [ 81.664909][ T5203] loop0: detected capacity change from 0 to 128 [ 81.670028][ T5203] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 81.671222][ T5203] Bad inode number on dev loop0: 2 is out of range [ 81.672325][ T5203] SysV FS: get root inode failed [ 81.673179][ T5203] oldfs: cannot read superblock