[ 82.143344][ T46] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.116' (ED25519) to the list of known hosts. 2024/08/07 03:40:10 ignoring optional flag "sandboxArg"="0" 2024/08/07 03:40:10 parsed 1 programs 2024/08/07 03:40:12 executed programs: 0 [ 85.906209][ T5522] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.960210][ T4619] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.969313][ T4619] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.977161][ T4619] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.986705][ T4619] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.995811][ T4619] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 86.003583][ T4619] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 86.130109][ T5531] chnl_net:caif_netlink_parms(): no params data found [ 86.185376][ T5531] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.193378][ T5531] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.201126][ T5531] bridge_slave_0: entered allmulticast mode [ 86.208068][ T5531] bridge_slave_0: entered promiscuous mode [ 86.215959][ T5531] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.223265][ T5531] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.230527][ T5531] bridge_slave_1: entered allmulticast mode [ 86.237377][ T5531] bridge_slave_1: entered promiscuous mode [ 86.262846][ T5531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.275463][ T5531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.306597][ T5531] team0: Port device team_slave_0 added [ 86.315215][ T5531] team0: Port device team_slave_1 added [ 86.338347][ T5531] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.346053][ T5531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.372276][ T5531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.385551][ T5531] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.392844][ T5531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.419943][ T5531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.456606][ T5531] hsr_slave_0: entered promiscuous mode [ 86.463704][ T5531] hsr_slave_1: entered promiscuous mode [ 87.082018][ T5531] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.096579][ T5531] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.107779][ T5531] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.118632][ T5531] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.151329][ T5531] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.158525][ T5531] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.166835][ T5531] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.174245][ T5531] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.190362][ T5239] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.198602][ T5239] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.277339][ T5531] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.305127][ T5531] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.323712][ T5239] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.331499][ T5239] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.353406][ T5239] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.360991][ T5239] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.417995][ T5531] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 87.606426][ T5531] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.666144][ T5531] veth0_vlan: entered promiscuous mode [ 87.681317][ T5531] veth1_vlan: entered promiscuous mode [ 87.719349][ T5531] veth0_macvtap: entered promiscuous mode [ 87.737129][ T5531] veth1_macvtap: entered promiscuous mode [ 87.761144][ T5531] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.776106][ T5531] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.790649][ T5531] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.800632][ T5531] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.810989][ T5531] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.820428][ T5531] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.905579][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.918647][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.953656][ T146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.962324][ T146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.032706][ T5598] input: syz1 as /devices/virtual/input/input5 [ 88.050849][ T5598] [ 88.053276][ T5598] ====================================================== [ 88.060568][ T5598] WARNING: possible circular locking dependency detected [ 88.068072][ T5598] 6.11.0-rc2-syzkaller-gd4560686726f #0 Not tainted [ 88.074868][ T5598] ------------------------------------------------------ [ 88.082443][ T5598] syz-executor.0/5598 is trying to acquire lock: [ 88.089303][ T5598] ffff888011c93070 (&newdev->mutex){+.+.}-{3:3}, at: uinput_request_submit+0x19c/0x740 [ 88.099380][ T5598] [ 88.099380][ T5598] but task is already holding lock: [ 88.107311][ T5598] ffff888011c920b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x3e4/0xb00 [ 88.116571][ T5598] [ 88.116571][ T5598] which lock already depends on the new lock. [ 88.116571][ T5598] [ 88.128634][ T5598] [ 88.128634][ T5598] the existing dependency chain (in reverse order) is: [ 88.138440][ T5598] [ 88.138440][ T5598] -> #3 (&ff->mutex){+.+.}-{3:3}: [ 88.147048][ T5598] lock_acquire+0x1ed/0x550 [ 88.153299][ T5598] __mutex_lock+0x136/0xd70 [ 88.158990][ T5598] input_ff_flush+0x5e/0x140 [ 88.164395][ T5598] input_flush_device+0x9c/0xc0 [ 88.170054][ T5598] evdev_release+0xf9/0x7d0 [ 88.175376][ T5598] __fput+0x24a/0x8a0 [ 88.180270][ T5598] __x64_sys_close+0x7f/0x110 [ 88.185604][ T5598] do_syscall_64+0xf3/0x230 [ 88.190858][ T5598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.197650][ T5598] [ 88.197650][ T5598] -> #2 (&dev->mutex#2){+.+.}-{3:3}: [ 88.205431][ T5598] lock_acquire+0x1ed/0x550 [ 88.210493][ T5598] __mutex_lock+0x136/0xd70 [ 88.215550][ T5598] input_register_handle+0x6d/0x3b0 [ 88.221590][ T5598] kbd_connect+0xbf/0x130 [ 88.227313][ T5598] input_register_device+0xd3b/0x1110 [ 88.233339][ T5598] acpi_button_add+0x6c6/0xb90 [ 88.238743][ T5598] acpi_device_probe+0xa5/0x2b0 [ 88.244316][ T5598] really_probe+0x2b8/0xad0 [ 88.249676][ T5598] __driver_probe_device+0x1a2/0x390 [ 88.255778][ T5598] driver_probe_device+0x50/0x430 [ 88.262375][ T5598] __driver_attach+0x45f/0x710 [ 88.267974][ T5598] bus_for_each_dev+0x239/0x2b0 [ 88.274175][ T5598] bus_add_driver+0x346/0x670 [ 88.279896][ T5598] driver_register+0x23a/0x320 [ 88.285493][ T5598] do_one_initcall+0x248/0x880 [ 88.291343][ T5598] do_initcall_level+0x157/0x210 [ 88.297199][ T5598] do_initcalls+0x3f/0x80 [ 88.302468][ T5598] kernel_init_freeable+0x435/0x5d0 [ 88.308842][ T5598] kernel_init+0x1d/0x2b0 [ 88.314185][ T5598] ret_from_fork+0x4b/0x80 [ 88.319873][ T5598] ret_from_fork_asm+0x1a/0x30 [ 88.326871][ T5598] [ 88.326871][ T5598] -> #1 (input_mutex){+.+.}-{3:3}: [ 88.334568][ T5598] lock_acquire+0x1ed/0x550 [ 88.340759][ T5598] __mutex_lock+0x136/0xd70 [ 88.346140][ T5598] input_register_device+0xaee/0x1110 [ 88.352789][ T5598] uinput_create_device+0x40e/0x630 [ 88.359727][ T5598] uinput_ioctl_handler+0x48b/0x1770 [ 88.368125][ T5598] __se_sys_ioctl+0xfc/0x170 [ 88.373920][ T5598] do_syscall_64+0xf3/0x230 [ 88.379429][ T5598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.386739][ T5598] [ 88.386739][ T5598] -> #0 (&newdev->mutex){+.+.}-{3:3}: [ 88.394869][ T5598] validate_chain+0x18e0/0x5900 [ 88.400713][ T5598] __lock_acquire+0x137a/0x2040 [ 88.406204][ T5598] lock_acquire+0x1ed/0x550 [ 88.411439][ T5598] __mutex_lock+0x136/0xd70 [ 88.416491][ T5598] uinput_request_submit+0x19c/0x740 [ 88.422893][ T5598] uinput_dev_upload_effect+0x199/0x240 [ 88.429087][ T5598] input_ff_upload+0x5df/0xb00 [ 88.434629][ T5598] evdev_ioctl_handler+0x17d0/0x21b0 [ 88.440726][ T5598] __se_sys_ioctl+0xfc/0x170 [ 88.445955][ T5598] do_syscall_64+0xf3/0x230 [ 88.451182][ T5598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.457811][ T5598] [ 88.457811][ T5598] other info that might help us debug this: [ 88.457811][ T5598] [ 88.469026][ T5598] Chain exists of: [ 88.469026][ T5598] &newdev->mutex --> &dev->mutex#2 --> &ff->mutex [ 88.469026][ T5598] [ 88.481763][ T5598] Possible unsafe locking scenario: [ 88.481763][ T5598] [ 88.490341][ T5598] CPU0 CPU1 [ 88.496128][ T5598] ---- ---- [ 88.502148][ T5598] lock(&ff->mutex); [ 88.507391][ T5598] lock(&dev->mutex#2); [ 88.514971][ T5598] lock(&ff->mutex); [ 88.521995][ T5598] lock(&newdev->mutex); [ 88.527051][ T5598] [ 88.527051][ T5598] *** DEADLOCK *** [ 88.527051][ T5598] [ 88.535207][ T5598] 2 locks held by syz-executor.0/5598: [ 88.541147][ T5598] #0: ffff888026193110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_ioctl_handler+0x125/0x21b0 [ 88.551564][ T5598] #1: ffff888011c920b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x3e4/0xb00 [ 88.561362][ T5598] [ 88.561362][ T5598] stack backtrace: [ 88.567550][ T5598] CPU: 0 UID: 0 PID: 5598 Comm: syz-executor.0 Not tainted 6.11.0-rc2-syzkaller-gd4560686726f #0 [ 88.578714][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 88.588885][ T5598] Call Trace: [ 88.592184][ T5598] [ 88.595132][ T5598] dump_stack_lvl+0x241/0x360 [ 88.599845][ T5598] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.605083][ T5598] ? print_circular_bug+0x130/0x1a0 [ 88.610314][ T5598] check_noncircular+0x36a/0x4a0 [ 88.615281][ T5598] ? __pfx_check_noncircular+0x10/0x10 [ 88.620786][ T5598] ? lockdep_lock+0x123/0x2b0 [ 88.625506][ T5598] ? stack_trace_save+0x118/0x1d0 [ 88.630562][ T5598] ? __pfx_stack_trace_save+0x10/0x10 [ 88.635966][ T5598] ? check_noncircular+0x259/0x4a0 [ 88.641105][ T5598] validate_chain+0x18e0/0x5900 [ 88.645978][ T5598] ? __pfx_check_noncircular+0x10/0x10 [ 88.651480][ T5598] ? __pfx_validate_chain+0x10/0x10 [ 88.656801][ T5598] ? __pfx_validate_chain+0x10/0x10 [ 88.662033][ T5598] ? stack_trace_save+0x118/0x1d0 [ 88.667176][ T5598] ? __pfx_stack_trace_save+0x10/0x10 [ 88.672687][ T5598] ? mark_lock+0x9a/0x350 [ 88.677272][ T5598] __lock_acquire+0x137a/0x2040 [ 88.682173][ T5598] lock_acquire+0x1ed/0x550 [ 88.686879][ T5598] ? uinput_request_submit+0x19c/0x740 [ 88.692468][ T5598] ? __pfx_lock_acquire+0x10/0x10 [ 88.697534][ T5598] ? __pfx___might_resched+0x10/0x10 [ 88.702875][ T5598] __mutex_lock+0x136/0xd70 [ 88.707666][ T5598] ? uinput_request_submit+0x19c/0x740 [ 88.713649][ T5598] ? uinput_request_alloc_id+0x3c5/0x3f0 [ 88.719449][ T5598] ? do_raw_spin_lock+0x14f/0x370 [ 88.724627][ T5598] ? __pfx_lock_release+0x10/0x10 [ 88.729690][ T5598] ? uinput_request_submit+0x19c/0x740 [ 88.735367][ T5598] ? __pfx___mutex_lock+0x10/0x10 [ 88.740433][ T5598] ? _raw_spin_unlock+0x28/0x50 [ 88.745310][ T5598] ? uinput_request_alloc_id+0x3c5/0x3f0 [ 88.750966][ T5598] uinput_request_submit+0x19c/0x740 [ 88.756280][ T5598] ? preempt_schedule+0xe1/0xf0 [ 88.761244][ T5598] ? __pfx_preempt_schedule+0x10/0x10 [ 88.766647][ T5598] ? __pfx_uinput_request_submit+0x10/0x10 [ 88.772554][ T5598] ? __pfx___mutex_trylock_common+0x10/0x10 [ 88.778679][ T5598] ? preempt_schedule_thunk+0x1a/0x30 [ 88.784086][ T5598] uinput_dev_upload_effect+0x199/0x240 [ 88.789759][ T5598] ? __pfx_uinput_dev_upload_effect+0x10/0x10 [ 88.796400][ T5598] input_ff_upload+0x5df/0xb00 [ 88.801205][ T5598] evdev_ioctl_handler+0x17d0/0x21b0 [ 88.806522][ T5598] ? tomoyo_path_number_perm+0x208/0x880 [ 88.812362][ T5598] ? __pfx_evdev_ioctl_handler+0x10/0x10 [ 88.818050][ T5598] ? bpf_lsm_file_ioctl+0x9/0x10 [ 88.823024][ T5598] ? security_file_ioctl+0x87/0xb0 [ 88.828253][ T5598] ? __pfx_evdev_ioctl+0x10/0x10 [ 88.833406][ T5598] __se_sys_ioctl+0xfc/0x170 [ 88.838233][ T5598] do_syscall_64+0xf3/0x230 [ 88.842862][ T5598] ? clear_bhb_loop+0x35/0x90 [ 88.847749][ T5598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.853766][ T5598] RIP: 0033:0x7f6172e7dca9 [ 88.858218][ T5598] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 88.878118][ T5598] RSP: 002b:00007f6173bdf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.886647][ T5598] RAX: ffffffffffffffda RBX: 00007f6172fabf80 RCX: 00007f6172e7dca9 [ 88.894728][ T5598] RDX: 0000000020000300 RSI: 0000000040304580 RDI: 0000000000000004 [ 88.903598][ T5598] RBP: 00007f6172ec947e R08: 0000000000000000 R09: 0000000000000000 [ 88.912133][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.920574][ T5598] R13: 000000000000000b R14: 00007f6172fabf80 R15: 00007ffc75efd9a8 [ 88.929134][ T5598] [ 88.949903][ T5232] Bluetooth: hci0: command tx timeout [ 89.116040][ T5650] input: syz1 as /devices/virtual/input/input6 [ 89.966935][ T5713] input: syz1 as /devices/virtual/input/input7 [ 90.794992][ T5549] udevd[5549]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 90.840166][ T5780] input: syz1 as /devices/virtual/input/input8 [ 91.028913][ T5232] Bluetooth: hci0: command tx timeout 2024/08/07 03:40:18 executed programs: 4 [ 91.702106][ T5847] input: syz1 as /devices/virtual/input/input9 [ 92.531940][ T5549] udevd[5549]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 92.555740][ T5895] input: syz1 as /devices/virtual/input/input10 [ 93.099685][ T5232] Bluetooth: hci0: command tx timeout [ 93.409793][ T5897] input: syz1 as /devices/virtual/input/input11 [ 94.262469][ T5899] input: syz1 as /devices/virtual/input/input12 [ 95.116595][ T5901] input: syz1 as /devices/virtual/input/input13 [ 95.178914][ T5232] Bluetooth: hci0: command tx timeout [ 95.966763][ T5903] input: syz1 as /devices/virtual/input/input14 2024/08/07 03:40:23 executed programs: 10 [ 96.818661][ T5905] input: syz1 as /devices/virtual/input/input15 [ 97.669918][ T5907] input: syz1 as /devices/virtual/input/input16