[ 71.778091][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.784665][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 Warning: Permanently added '10.128.0.196' (ED25519) to the list of known hosts. 2024/10/20 04:40:05 ignoring optional flag "sandboxArg"="0" 2024/10/20 04:40:05 ignoring optional flag "type"="gce" 2024/10/20 04:40:05 parsed 1 programs 2024/10/20 04:40:07 executed programs: 0 [ 75.503616][ T5529] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 75.548751][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.559322][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.568078][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.576944][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.585142][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.592559][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.687326][ T5535] chnl_net:caif_netlink_parms(): no params data found [ 75.728701][ T5535] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.736026][ T5535] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.743258][ T5535] bridge_slave_0: entered allmulticast mode [ 75.750186][ T5535] bridge_slave_0: entered promiscuous mode [ 75.757892][ T5535] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.765175][ T5535] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.772506][ T5535] bridge_slave_1: entered allmulticast mode [ 75.779278][ T5535] bridge_slave_1: entered promiscuous mode [ 75.799386][ T5535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.810480][ T5535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.834143][ T5535] team0: Port device team_slave_0 added [ 75.841910][ T5535] team0: Port device team_slave_1 added [ 75.860277][ T5535] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.867615][ T5535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.894016][ T5535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.907234][ T5535] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.914198][ T5535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.940383][ T5535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.970467][ T5535] hsr_slave_0: entered promiscuous mode [ 75.976949][ T5535] hsr_slave_1: entered promiscuous mode [ 76.483248][ T5535] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 76.494488][ T5535] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 76.504537][ T5535] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 76.517081][ T5535] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 76.547440][ T5535] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.555182][ T5535] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.562894][ T5535] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.570378][ T5535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.634068][ T5535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.655853][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.664030][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.686907][ T5535] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.701988][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.709317][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.731944][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.739186][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.897562][ T8] cfg80211: failed to load regulatory.db [ 76.944125][ T5535] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.982945][ T5535] veth0_vlan: entered promiscuous mode [ 77.001537][ T5535] veth1_vlan: entered promiscuous mode [ 77.031532][ T5535] veth0_macvtap: entered promiscuous mode [ 77.049722][ T5535] veth1_macvtap: entered promiscuous mode [ 77.074430][ T5535] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.087042][ T5535] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.101640][ T5535] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.113216][ T5535] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.122561][ T5535] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.134289][ T5535] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.212747][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.226217][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.253992][ T2982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.263116][ T2982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.330085][ T5603] input: syz1 as /devices/virtual/input/input5 [ 77.344773][ T5603] [ 77.347144][ T5603] ====================================================== [ 77.354173][ T5603] WARNING: possible circular locking dependency detected [ 77.361202][ T5603] 6.12.0-rc3-syzkaller-g715ca9dd687f #0 Not tainted [ 77.368066][ T5603] ------------------------------------------------------ [ 77.375280][ T5603] syz-executor.0/5603 is trying to acquire lock: [ 77.381713][ T5603] ffff88802f8db070 (&newdev->mutex){+.+.}-{3:3}, at: uinput_request_submit+0x19c/0x740 [ 77.391444][ T5603] [ 77.391444][ T5603] but task is already holding lock: [ 77.398822][ T5603] ffff88802f8db8b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x3e4/0xb00 [ 77.407753][ T5603] [ 77.407753][ T5603] which lock already depends on the new lock. [ 77.407753][ T5603] [ 77.418170][ T5603] [ 77.418170][ T5603] the existing dependency chain (in reverse order) is: [ 77.427204][ T5603] [ 77.427204][ T5603] -> #3 (&ff->mutex){+.+.}-{3:3}: [ 77.434549][ T5603] lock_acquire+0x1ed/0x550 [ 77.439699][ T5603] __mutex_lock+0x136/0xd70 [ 77.444752][ T5603] input_ff_flush+0x5e/0x140 [ 77.449993][ T5603] input_flush_device+0x9c/0xc0 [ 77.455486][ T5603] evdev_release+0xf6/0x7d0 [ 77.460547][ T5603] __fput+0x23f/0x880 [ 77.465080][ T5603] __x64_sys_close+0x7f/0x110 [ 77.470305][ T5603] do_syscall_64+0xf3/0x230 [ 77.475367][ T5603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.481815][ T5603] [ 77.481815][ T5603] -> #2 (&dev->mutex#2){+.+.}-{3:3}: [ 77.489334][ T5603] lock_acquire+0x1ed/0x550 [ 77.494482][ T5603] __mutex_lock+0x136/0xd70 [ 77.499544][ T5603] input_register_handle+0x6d/0x3b0 [ 77.505640][ T5603] kbd_connect+0xbf/0x130 [ 77.510552][ T5603] input_register_device+0xd3b/0x1110 [ 77.516482][ T5603] acpi_button_add+0x6c6/0xb90 [ 77.521800][ T5603] acpi_device_probe+0xa5/0x2b0 [ 77.527199][ T5603] really_probe+0x2b8/0xad0 [ 77.532344][ T5603] __driver_probe_device+0x1a2/0x390 [ 77.538179][ T5603] driver_probe_device+0x50/0x430 [ 77.543755][ T5603] __driver_attach+0x45f/0x710 [ 77.549176][ T5603] bus_for_each_dev+0x239/0x2b0 [ 77.554595][ T5603] bus_add_driver+0x346/0x670 [ 77.559830][ T5603] driver_register+0x23a/0x320 [ 77.565159][ T5603] do_one_initcall+0x248/0x880 [ 77.570476][ T5603] do_initcall_level+0x157/0x210 [ 77.575999][ T5603] do_initcalls+0x3f/0x80 [ 77.580965][ T5603] kernel_init_freeable+0x435/0x5d0 [ 77.586808][ T5603] kernel_init+0x1d/0x2b0 [ 77.591683][ T5603] ret_from_fork+0x4b/0x80 [ 77.596652][ T5603] ret_from_fork_asm+0x1a/0x30 [ 77.601962][ T5603] [ 77.601962][ T5603] -> #1 (input_mutex){+.+.}-{3:3}: [ 77.609468][ T5603] lock_acquire+0x1ed/0x550 [ 77.614619][ T5603] __mutex_lock+0x136/0xd70 [ 77.619765][ T5603] input_register_device+0xaee/0x1110 [ 77.626122][ T5603] uinput_create_device+0x40e/0x630 [ 77.631962][ T5603] uinput_ioctl_handler+0x488/0x1770 [ 77.637931][ T5603] __se_sys_ioctl+0xf9/0x170 [ 77.643164][ T5603] do_syscall_64+0xf3/0x230 [ 77.648303][ T5603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.654755][ T5603] [ 77.654755][ T5603] -> #0 (&newdev->mutex){+.+.}-{3:3}: [ 77.662353][ T5603] validate_chain+0x18ef/0x5920 [ 77.667763][ T5603] __lock_acquire+0x1384/0x2050 [ 77.673168][ T5603] lock_acquire+0x1ed/0x550 [ 77.678310][ T5603] __mutex_lock+0x136/0xd70 [ 77.683535][ T5603] uinput_request_submit+0x19c/0x740 [ 77.689379][ T5603] uinput_dev_upload_effect+0x199/0x240 [ 77.695481][ T5603] input_ff_upload+0x5df/0xb00 [ 77.700794][ T5603] evdev_ioctl_handler+0x17cd/0x21a0 [ 77.706628][ T5603] __se_sys_ioctl+0xf9/0x170 [ 77.711773][ T5603] do_syscall_64+0xf3/0x230 [ 77.716820][ T5603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.723356][ T5603] [ 77.723356][ T5603] other info that might help us debug this: [ 77.723356][ T5603] [ 77.733615][ T5603] Chain exists of: [ 77.733615][ T5603] &newdev->mutex --> &dev->mutex#2 --> &ff->mutex [ 77.733615][ T5603] [ 77.746093][ T5603] Possible unsafe locking scenario: [ 77.746093][ T5603] [ 77.753648][ T5603] CPU0 CPU1 [ 77.759201][ T5603] ---- ---- [ 77.764588][ T5603] lock(&ff->mutex); [ 77.768608][ T5603] lock(&dev->mutex#2); [ 77.775590][ T5603] lock(&ff->mutex); [ 77.782124][ T5603] lock(&newdev->mutex); [ 77.786852][ T5603] [ 77.786852][ T5603] *** DEADLOCK *** [ 77.786852][ T5603] [ 77.795453][ T5603] 2 locks held by syz-executor.0/5603: [ 77.801020][ T5603] #0: ffff88802f8d4110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_ioctl_handler+0x122/0x21a0 [ 77.811192][ T5603] #1: ffff88802f8db8b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x3e4/0xb00 [ 77.820570][ T5603] [ 77.820570][ T5603] stack backtrace: [ 77.826765][ T5603] CPU: 0 UID: 0 PID: 5603 Comm: syz-executor.0 Not tainted 6.12.0-rc3-syzkaller-g715ca9dd687f #0 [ 77.837593][ T5603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 77.847693][ T5603] Call Trace: [ 77.850990][ T5603] [ 77.853937][ T5603] dump_stack_lvl+0x241/0x360 [ 77.858633][ T5603] ? __pfx_dump_stack_lvl+0x10/0x10 [ 77.863851][ T5603] ? __pfx__printk+0x10/0x10 [ 77.868636][ T5603] print_circular_bug+0x13a/0x1b0 [ 77.873696][ T5603] check_noncircular+0x36a/0x4a0 [ 77.878744][ T5603] ? __pfx_check_noncircular+0x10/0x10 [ 77.884315][ T5603] ? lockdep_lock+0x123/0x2b0 [ 77.889026][ T5603] ? stack_trace_save+0x118/0x1d0 [ 77.894338][ T5603] ? __pfx_stack_trace_save+0x10/0x10 [ 77.899825][ T5603] ? check_noncircular+0x259/0x4a0 [ 77.905065][ T5603] validate_chain+0x18ef/0x5920 [ 77.909966][ T5603] ? __pfx_check_noncircular+0x10/0x10 [ 77.915463][ T5603] ? __pfx_validate_chain+0x10/0x10 [ 77.920881][ T5603] ? __pfx_validate_chain+0x10/0x10 [ 77.926111][ T5603] ? stack_trace_save+0x118/0x1d0 [ 77.931163][ T5603] ? __pfx_stack_trace_save+0x10/0x10 [ 77.936658][ T5603] ? mark_lock+0x9a/0x360 [ 77.941122][ T5603] __lock_acquire+0x1384/0x2050 [ 77.946099][ T5603] lock_acquire+0x1ed/0x550 [ 77.950721][ T5603] ? uinput_request_submit+0x19c/0x740 [ 77.956301][ T5603] ? __pfx_lock_acquire+0x10/0x10 [ 77.961357][ T5603] ? __pfx___might_resched+0x10/0x10 [ 77.966678][ T5603] __mutex_lock+0x136/0xd70 [ 77.971236][ T5603] ? uinput_request_submit+0x19c/0x740 [ 77.976725][ T5603] ? uinput_request_alloc_id+0x3c5/0x3f0 [ 77.982647][ T5603] ? do_raw_spin_lock+0x14f/0x370 [ 77.987702][ T5603] ? __pfx_lock_release+0x10/0x10 [ 77.993019][ T5603] ? uinput_request_submit+0x19c/0x740 [ 77.998812][ T5603] ? __pfx___mutex_lock+0x10/0x10 [ 78.003955][ T5603] ? _raw_spin_unlock+0x28/0x50 [ 78.008839][ T5603] ? uinput_request_alloc_id+0x3c5/0x3f0 [ 78.014502][ T5603] uinput_request_submit+0x19c/0x740 [ 78.019926][ T5603] ? __pfx_uinput_request_submit+0x10/0x10 [ 78.025856][ T5603] ? __pfx___mutex_trylock_common+0x10/0x10 [ 78.031967][ T5603] ? rcu_is_watching+0x15/0xb0 [ 78.036850][ T5603] uinput_dev_upload_effect+0x199/0x240 [ 78.042446][ T5603] ? __pfx_uinput_dev_upload_effect+0x10/0x10 [ 78.048650][ T5603] input_ff_upload+0x5df/0xb00 [ 78.053893][ T5603] evdev_ioctl_handler+0x17cd/0x21a0 [ 78.059306][ T5603] ? tomoyo_path_number_perm+0x208/0x880 [ 78.064967][ T5603] ? __pfx_evdev_ioctl_handler+0x10/0x10 [ 78.070741][ T5603] ? __pfx_evdev_ioctl+0x10/0x10 [ 78.075804][ T5603] __se_sys_ioctl+0xf9/0x170 [ 78.080660][ T5603] do_syscall_64+0xf3/0x230 [ 78.085279][ T5603] ? clear_bhb_loop+0x35/0x90 [ 78.090425][ T5603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.096417][ T5603] RIP: 0033:0x7fedb147dca9 [ 78.100866][ T5603] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 78.120841][ T5603] RSP: 002b:00007fedb21d60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 78.129466][ T5603] RAX: ffffffffffffffda RBX: 00007fedb15abf80 RCX: 00007fedb147dca9 [ 78.137659][ T5603] RDX: 0000000020000300 RSI: 0000000040304580 RDI: 0000000000000004 [ 78.145844][ T5603] RBP: 00007fedb14c947e R08: 0000000000000000 R09: 0000000000000000 [ 78.153843][ T5603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.161842][ T5603] R13: 000000000000000b R14: 00007fedb15abf80 R15: 00007fff97647648 [ 78.169934][ T5603] [ 78.174450][ T54] Bluetooth: hci0: command tx timeout [ 78.308564][ T5666] input: syz1 as /devices/virtual/input/input6 [ 79.169994][ T5748] input: syz1 as /devices/virtual/input/input7 [ 80.040721][ T5834] input: syz1 as /devices/virtual/input/input8 [ 80.255104][ T54] Bluetooth: hci0: command tx timeout 2024/10/20 04:40:12 executed programs: 4 [ 80.888130][ T5897] input: syz1 as /devices/virtual/input/input9 [ 81.737717][ T5899] input: syz1 as /devices/virtual/input/input10 [ 82.335102][ T54] Bluetooth: hci0: command tx timeout [ 82.583217][ T5901] input: syz1 as /devices/virtual/input/input11 [ 83.431765][ T5903] input: syz1 as /devices/virtual/input/input12 [ 84.279454][ T5905] input: syz1 as /devices/virtual/input/input13 [ 84.425183][ T54] Bluetooth: hci0: command tx timeout [ 85.133092][ T5907] input: syz1 as /devices/virtual/input/input14 2024/10/20 04:40:17 executed programs: 10 [ 85.982967][ T5909] input: syz1 as /devices/virtual/input/input15 [ 86.816340][ T5537] udevd[5537]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory [ 86.827322][ T5537] udevd[5537]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 86.852463][ T5911] input: syz1 as /devices/virtual/input/input16