last executing test programs: 609.662867ms ago: executing program 3 (id=4): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x3, 0x8, &(0x7f0000000d80)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000940)={r0, 0x0, 0xe, 0x0, &(0x7f0000000ac0)="ddc937981007901a80379c3e86dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 446.51565ms ago: executing program 3 (id=5): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10", 0x48}], 0x3}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x40000122) 411.839491ms ago: executing program 2 (id=3): syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000780), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=") open_by_handle_at(0xffffffffffffffff, 0x0, 0x6942) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189) socket$netlink(0x10, 0x3, 0x14) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, 0x0) 73.395728ms ago: executing program 3 (id=6): syz_usb_connect(0x3, 0x2d, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000061c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da09"], 0x0) r0 = socket(0x2b, 0x80801, 0x1) getpeername$l2tp6(r0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='contention_end\x00'}, 0x18) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x84000) 0s ago: executing program 1 (id=2): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0) openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000002240), 0x20140, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) dup(r0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000000) socket$rds(0x15, 0x5, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(0xffffffffffffffff, 0xc01064c5, 0x0) keyctl$search(0xa, 0x0, &(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1, 0x2e}, 0xffffffffffffffff) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.55' (ED25519) to the list of known hosts. [ 82.686464][ T5776] cgroup: Unknown subsys name 'net' [ 82.852086][ T5776] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.585657][ T5776] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.891862][ T5802] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.896070][ T5804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.900185][ T5802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.909029][ T5804] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.914950][ T5802] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.922160][ T5804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.927925][ T5802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.935499][ T5804] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.943646][ T5802] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.949079][ T5804] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.956543][ T5802] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 86.970504][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.972095][ T5802] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.985308][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.993965][ T5807] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.002348][ T5807] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.010424][ T5805] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 87.015979][ T5807] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.018695][ T5805] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.029775][ T5807] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 87.032895][ T5805] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.038905][ T5807] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.046326][ T5805] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 87.064326][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.631635][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 87.805733][ T5793] chnl_net:caif_netlink_parms(): no params data found [ 87.878904][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.886589][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.894732][ T5791] bridge_slave_0: entered allmulticast mode [ 87.901874][ T5791] bridge_slave_0: entered promiscuous mode [ 87.943796][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.951069][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.958908][ T5791] bridge_slave_1: entered allmulticast mode [ 87.966036][ T5791] bridge_slave_1: entered promiscuous mode [ 88.071777][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.101918][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 88.115056][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.146908][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.154270][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.161592][ T5793] bridge_slave_0: entered allmulticast mode [ 88.169978][ T5793] bridge_slave_0: entered promiscuous mode [ 88.184044][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.191190][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.198446][ T5793] bridge_slave_1: entered allmulticast mode [ 88.205541][ T5793] bridge_slave_1: entered promiscuous mode [ 88.220540][ T5791] team0: Port device team_slave_0 added [ 88.258308][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 88.270445][ T5791] team0: Port device team_slave_1 added [ 88.303410][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.331282][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.403797][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.410776][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.437239][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.477748][ T5793] team0: Port device team_slave_0 added [ 88.486480][ T5793] team0: Port device team_slave_1 added [ 88.499184][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.506212][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.533366][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.545172][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.552313][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.559665][ T5792] bridge_slave_0: entered allmulticast mode [ 88.566820][ T5792] bridge_slave_0: entered promiscuous mode [ 88.575744][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.582922][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.590256][ T5792] bridge_slave_1: entered allmulticast mode [ 88.597544][ T5792] bridge_slave_1: entered promiscuous mode [ 88.693608][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.704867][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.711847][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.737956][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.751711][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.758981][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.784941][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.824578][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.862664][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.870251][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.877594][ T5790] bridge_slave_0: entered allmulticast mode [ 88.885416][ T5790] bridge_slave_0: entered promiscuous mode [ 88.923976][ T5791] hsr_slave_0: entered promiscuous mode [ 88.931070][ T5791] hsr_slave_1: entered promiscuous mode [ 88.939267][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.947487][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.954890][ T5790] bridge_slave_1: entered allmulticast mode [ 88.961933][ T5790] bridge_slave_1: entered promiscuous mode [ 88.984031][ T5792] team0: Port device team_slave_0 added [ 88.995615][ T5793] hsr_slave_0: entered promiscuous mode [ 89.002288][ T5793] hsr_slave_1: entered promiscuous mode [ 89.008855][ T5793] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.017036][ T5793] Cannot create hsr debugfs directory [ 89.052281][ T5792] team0: Port device team_slave_1 added [ 89.084653][ T5807] Bluetooth: hci1: command tx timeout [ 89.163860][ T5807] Bluetooth: hci3: command tx timeout [ 89.164596][ T5802] Bluetooth: hci0: command tx timeout [ 89.171517][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.181435][ T5802] Bluetooth: hci2: command tx timeout [ 89.192266][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.202124][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.209309][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.235833][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.254179][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.261199][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.287260][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.335894][ T5790] team0: Port device team_slave_0 added [ 89.362225][ T5790] team0: Port device team_slave_1 added [ 89.427927][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.434998][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.460968][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.504099][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.511088][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.537320][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.567495][ T5792] hsr_slave_0: entered promiscuous mode [ 89.575358][ T5792] hsr_slave_1: entered promiscuous mode [ 89.581802][ T5792] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.589608][ T5792] Cannot create hsr debugfs directory [ 89.715541][ T5790] hsr_slave_0: entered promiscuous mode [ 89.721985][ T5790] hsr_slave_1: entered promiscuous mode [ 89.729235][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.737600][ T5790] Cannot create hsr debugfs directory [ 89.869652][ T5793] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.909272][ T5793] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.919480][ T5793] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.953669][ T5793] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.051883][ T5791] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.077808][ T5791] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.088650][ T5791] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.117883][ T5791] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.201248][ T5792] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.212497][ T5792] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.226881][ T5792] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.237959][ T5792] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.320703][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.330833][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.342717][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.368791][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.498904][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.558318][ T5793] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.585417][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.592766][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.609708][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.616915][ T2988] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.640533][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.669574][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.696979][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.738405][ T2988] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.745714][ T2988] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.760214][ T2988] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.767398][ T2988] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.827168][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.842944][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.882639][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.889885][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.931009][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.938271][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.976823][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.045325][ T1080] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.052512][ T1080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.089993][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.097226][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.167222][ T5802] Bluetooth: hci1: command tx timeout [ 91.250465][ T5802] Bluetooth: hci0: command tx timeout [ 91.250764][ T5807] Bluetooth: hci3: command tx timeout [ 91.258042][ T5799] Bluetooth: hci2: command tx timeout [ 91.398805][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.509782][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.522413][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.583316][ T5793] veth0_vlan: entered promiscuous mode [ 91.620321][ T5793] veth1_vlan: entered promiscuous mode [ 91.686456][ T5791] veth0_vlan: entered promiscuous mode [ 91.740099][ T5791] veth1_vlan: entered promiscuous mode [ 91.756443][ T5792] veth0_vlan: entered promiscuous mode [ 91.769428][ T5793] veth0_macvtap: entered promiscuous mode [ 91.787548][ T5793] veth1_macvtap: entered promiscuous mode [ 91.812472][ T5792] veth1_vlan: entered promiscuous mode [ 91.838064][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.859809][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.898319][ T5791] veth0_macvtap: entered promiscuous mode [ 91.908432][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.921949][ T5793] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.932352][ T5793] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.941508][ T5793] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.951653][ T5793] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.972530][ T5791] veth1_macvtap: entered promiscuous mode [ 92.007988][ T5792] veth0_macvtap: entered promiscuous mode [ 92.029890][ T5792] veth1_macvtap: entered promiscuous mode [ 92.076361][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.088215][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.101059][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.115565][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.126972][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.140589][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.142529][ T23] cfg80211: failed to load regulatory.db [ 92.169991][ T5791] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.179553][ T5791] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.188757][ T5791] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.198889][ T5791] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.231322][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.242053][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.254407][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.264986][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.277156][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.289747][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.300362][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.310900][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.321481][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.332681][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.341720][ T5790] veth0_vlan: entered promiscuous mode [ 92.388939][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.401958][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.437689][ T5792] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.447599][ T5792] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.457243][ T5792] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.466637][ T5792] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.507724][ T5790] veth1_vlan: entered promiscuous mode [ 92.520846][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.541385][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.653894][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.661802][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.731835][ T5790] veth0_macvtap: entered promiscuous mode [ 92.760200][ T2988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.777868][ T2988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.802677][ T2988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.817434][ T5790] veth1_macvtap: entered promiscuous mode [ 92.835591][ T2988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.945124][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.962259][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.989331][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.028265][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.041990][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.071212][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.072126][ T5885] syz.2.3[5885]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 93.103267][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.118512][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.131206][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.169880][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.191785][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.212650][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.227880][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.248179][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.249310][ T5799] Bluetooth: hci1: command tx timeout [ 93.263178][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.279391][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.312776][ T5885] loop2: detected capacity change from 0 to 8192 [ 93.323773][ T5799] Bluetooth: hci3: command tx timeout [ 93.329393][ T5802] Bluetooth: hci2: command tx timeout [ 93.330947][ T5807] Bluetooth: hci0: command tx timeout [ 93.379799][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.433928][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.440445][ T5885] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 93.444341][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.466098][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.524746][ T5885] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 93.556020][ T5885] REISERFS (device loop2): using ordered data mode [ 93.562621][ T5885] reiserfs: using flush barriers [ 93.588922][ T5885] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 93.639142][ T5885] REISERFS (device loop2): checking transaction log (loop2) [ 93.735051][ T5885] REISERFS (device loop2): Using r5 hash to sort names [ 93.743593][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.751945][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.803515][ T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 93.818990][ T5885] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 93.916096][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.989738][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.997944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 94.007412][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 94.100281][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 94.417264][ T5885] [ 94.419658][ T5885] ====================================================== [ 94.426692][ T5885] WARNING: possible circular locking dependency detected [ 94.433759][ T5885] syzkaller #0 Not tainted [ 94.438192][ T5885] ------------------------------------------------------ [ 94.445221][ T5885] syz.2.3/5885 is trying to acquire lock: [ 94.450954][ T5885] ffff88807c61c418 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write_file+0x63/0x200 [ 94.460347][ T5885] [ 94.460347][ T5885] but task is already holding lock: [ 94.467733][ T5885] ffff8880795aa090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0xd0 [ 94.476745][ T5885] [ 94.476745][ T5885] which lock already depends on the new lock. [ 94.476745][ T5885] [ 94.487164][ T5885] [ 94.487164][ T5885] the existing dependency chain (in reverse order) is: [ 94.496198][ T5885] [ 94.496198][ T5885] -> #2 (&sbi->lock){+.+.}-{3:3}: [ 94.503441][ T5885] __mutex_lock+0x129/0xcc0 [ 94.508498][ T5885] reiserfs_write_lock+0x79/0xd0 [ 94.514008][ T5885] reiserfs_lookup+0x151/0x520 [ 94.519316][ T5885] __lookup_slow+0x281/0x3b0 [ 94.524461][ T5885] lookup_one_len+0x192/0x2c0 [ 94.529695][ T5885] reiserfs_lookup_privroot+0x89/0x180 [ 94.535703][ T5885] reiserfs_fill_super+0x1f44/0x2340 [ 94.541533][ T5885] mount_bdev+0x22b/0x2d0 [ 94.546411][ T5885] legacy_get_tree+0xea/0x180 [ 94.551634][ T5885] vfs_get_tree+0x8c/0x280 [ 94.556606][ T5885] do_new_mount+0x24b/0xa40 [ 94.561652][ T5885] __se_sys_mount+0x2da/0x3c0 [ 94.566874][ T5885] do_syscall_64+0x55/0xb0 [ 94.571840][ T5885] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.578296][ T5885] [ 94.578296][ T5885] -> #1 (&type->i_mutex_dir_key#8){+.+.}-{3:3}: [ 94.586764][ T5885] down_write+0x97/0x1f0 [ 94.591564][ T5885] path_openat+0x7c6/0x3190 [ 94.596630][ T5885] do_filp_open+0x1c5/0x3d0 [ 94.601687][ T5885] do_sys_openat2+0x12c/0x1c0 [ 94.606929][ T5885] __x64_sys_openat+0x139/0x160 [ 94.612339][ T5885] do_syscall_64+0x55/0xb0 [ 94.617323][ T5885] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.623781][ T5885] [ 94.623781][ T5885] -> #0 (sb_writers#13){.+.+}-{0:0}: [ 94.631323][ T5885] __lock_acquire+0x2ddb/0x7c80 [ 94.636726][ T5885] lock_acquire+0x197/0x410 [ 94.641778][ T5885] sb_start_write+0x4d/0x1c0 [ 94.646933][ T5885] mnt_want_write_file+0x63/0x200 [ 94.652510][ T5885] reiserfs_ioctl+0x112/0x2d0 [ 94.657910][ T5885] __se_sys_ioctl+0xfd/0x170 [ 94.663066][ T5885] do_syscall_64+0x55/0xb0 [ 94.668031][ T5885] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.674480][ T5885] [ 94.674480][ T5885] other info that might help us debug this: [ 94.674480][ T5885] [ 94.684724][ T5885] Chain exists of: [ 94.684724][ T5885] sb_writers#13 --> &type->i_mutex_dir_key#8 --> &sbi->lock [ 94.684724][ T5885] [ 94.697985][ T5885] Possible unsafe locking scenario: [ 94.697985][ T5885] [ 94.705450][ T5885] CPU0 CPU1 [ 94.710834][ T5885] ---- ---- [ 94.716225][ T5885] lock(&sbi->lock); [ 94.720245][ T5885] lock(&type->i_mutex_dir_key#8); [ 94.728088][ T5885] lock(&sbi->lock); [ 94.734658][ T5885] rlock(sb_writers#13); [ 94.739060][ T5885] [ 94.739060][ T5885] *** DEADLOCK *** [ 94.739060][ T5885] [ 94.747232][ T5885] 1 lock held by syz.2.3/5885: [ 94.752038][ T5885] #0: ffff8880795aa090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0xd0 [ 94.761490][ T5885] [ 94.761490][ T5885] stack backtrace: [ 94.767418][ T5885] CPU: 0 PID: 5885 Comm: syz.2.3 Not tainted syzkaller #0 [ 94.774557][ T5885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 94.784644][ T5885] Call Trace: [ 94.787949][ T5885] [ 94.790910][ T5885] dump_stack_lvl+0x16c/0x230 [ 94.795618][ T5885] ? load_image+0x3b0/0x3b0 [ 94.800147][ T5885] ? show_regs_print_info+0x20/0x20 [ 94.805378][ T5885] ? print_circular_bug+0x12b/0x1a0 [ 94.810642][ T5885] check_noncircular+0x2bd/0x3c0 [ 94.815626][ T5885] ? lockdep_hardirqs_on+0x98/0x150 [ 94.820870][ T5885] ? print_deadlock_bug+0x5d0/0x5d0 [ 94.826096][ T5885] ? lockdep_lock+0xe0/0x220 [ 94.830714][ T5885] ? __schedule+0x14da/0x44d0 [ 94.835428][ T5885] ? _find_first_zero_bit+0xd3/0x100 [ 94.840747][ T5885] __lock_acquire+0x2ddb/0x7c80 [ 94.845640][ T5885] ? verify_lock_unused+0x140/0x140 [ 94.850871][ T5885] ? lock_acquire+0x1f2/0x410 [ 94.855580][ T5885] ? preempt_schedule+0xab/0xc0 [ 94.860514][ T5885] ? preempt_schedule_common+0x82/0xc0 [ 94.866017][ T5885] ? preempt_schedule+0xab/0xc0 [ 94.870907][ T5885] ? schedule_preempt_disabled+0x20/0x20 [ 94.876665][ T5885] ? __mutex_trylock_common+0x153/0x250 [ 94.882254][ T5885] ? trace_raw_output_contention_end+0xd0/0xd0 [ 94.888457][ T5885] lock_acquire+0x197/0x410 [ 94.892988][ T5885] ? mnt_want_write_file+0x63/0x200 [ 94.898225][ T5885] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 94.904239][ T5885] ? __might_sleep+0xe0/0xe0 [ 94.908860][ T5885] ? read_lock_is_recursive+0x20/0x20 [ 94.914256][ T5885] ? mutex_lock_nested+0x20/0x20 [ 94.919224][ T5885] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 94.924882][ T5885] sb_start_write+0x4d/0x1c0 [ 94.929508][ T5885] ? mnt_want_write_file+0x63/0x200 [ 94.934740][ T5885] mnt_want_write_file+0x63/0x200 [ 94.939812][ T5885] reiserfs_ioctl+0x112/0x2d0 [ 94.944516][ T5885] ? reiserfs_unpack+0x600/0x600 [ 94.949478][ T5885] __se_sys_ioctl+0xfd/0x170 [ 94.954103][ T5885] do_syscall_64+0x55/0xb0 [ 94.958555][ T5885] ? clear_bhb_loop+0x40/0x90 [ 94.963253][ T5885] ? clear_bhb_loop+0x40/0x90 [ 94.967952][ T5885] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.973905][ T5885] RIP: 0033:0x7ff83d78eba9 [ 94.978351][ T5885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.997996][ T5885] RSP: 002b:00007ff83e5db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.006442][ T5885] RAX: ffffffffffffffda RBX: 00007ff83d9d5fa0 RCX: 00007ff83d78eba9 [ 95.014447][ T5885] RDX: 0000000000000000 RSI: 0000000040087602 RDI: 0000000000000004 [ 95.022471][ T5885] RBP: 00007ff83d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 95.030474][ T5885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 95.038553][ T5885] R13: 00007ff83d9d6038 R14: 00007ff83d9d5fa0 R15: 00007ffedf6872b8 [ 95.046561][ T5885] [ 95.077067][ T28] audit: type=1800 audit(1757979284.183:2): pid=5885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3" name="file2" dev="loop2" ino=2 res=0 errno=0 [ 95.233822][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.241727][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.314448][ T23] usb 4-1: Using ep0 maxpacket: 32 [ 95.333115][ T5807] Bluetooth: hci1: command tx timeout [ 95.347172][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 95.380374][ T23] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 95.389985][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.399503][ T23] usb 4-1: Product: syz [ 95.403488][ T5807] Bluetooth: hci0: command tx timeout [ 95.404576][ T5799] Bluetooth: hci3: command tx timeout [ 95.409103][ T5807] Bluetooth: hci2: command tx timeout [ 95.415818][ T23] usb 4-1: Manufacturer: syz [ 95.425741][ T23] usb 4-1: SerialNumber: syz [ 95.435175][ T23] usb 4-1: config 0 descriptor?? [ 95.440884][ T5892] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 95.451226][ T23] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input5 [ 95.666622][ T788] usb 4-1: USB disconnect, device number 2 [ 95.666631][ C1] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19