[ 71.739205][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.745653][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts. 2024/10/20 04:05:49 ignoring optional flag "sandboxArg"="0" 2024/10/20 04:05:49 ignoring optional flag "type"="gce" 2024/10/20 04:05:49 parsed 1 programs [ 76.858494][ T1190] cfg80211: failed to load regulatory.db 2024/10/20 04:05:51 executed programs: 0 [ 78.505785][ T5528] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.551864][ T5239] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.560732][ T5239] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.569988][ T5239] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.578763][ T5239] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.587449][ T5239] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.594955][ T5239] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.688482][ T5533] chnl_net:caif_netlink_parms(): no params data found [ 78.730745][ T5533] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.737974][ T5533] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.745207][ T5533] bridge_slave_0: entered allmulticast mode [ 78.752786][ T5533] bridge_slave_0: entered promiscuous mode [ 78.760225][ T5533] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.767522][ T5533] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.774743][ T5533] bridge_slave_1: entered allmulticast mode [ 78.781961][ T5533] bridge_slave_1: entered promiscuous mode [ 78.801804][ T5533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.812964][ T5533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.835784][ T5533] team0: Port device team_slave_0 added [ 78.844124][ T5533] team0: Port device team_slave_1 added [ 78.861901][ T5533] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.869068][ T5533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.895197][ T5533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.907496][ T5533] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.914481][ T5533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.941193][ T5533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.970512][ T5533] hsr_slave_0: entered promiscuous mode [ 78.978026][ T5533] hsr_slave_1: entered promiscuous mode [ 79.532296][ T5533] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.544059][ T5533] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.554879][ T5533] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.565020][ T5533] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.589727][ T5533] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.597127][ T5533] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.604548][ T5533] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.611913][ T5533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.673929][ T5533] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.692916][ T66] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.701807][ T66] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.722753][ T5533] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.736364][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.743595][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.771655][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.778873][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.809148][ T5533] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 79.823448][ T5533] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.988845][ T5533] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.032987][ T5533] veth0_vlan: entered promiscuous mode [ 80.051505][ T5533] veth1_vlan: entered promiscuous mode [ 80.094403][ T5533] veth0_macvtap: entered promiscuous mode [ 80.106117][ T5533] veth1_macvtap: entered promiscuous mode [ 80.129830][ T5533] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.144433][ T5533] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.161403][ T5533] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.172885][ T5533] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.182873][ T5533] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.192228][ T5533] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.278459][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.286336][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.320316][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.329076][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.401379][ T5608] input: syz1 as /devices/virtual/input/input5 [ 80.431323][ T5608] [ 80.433702][ T5608] ====================================================== [ 80.440736][ T5608] WARNING: possible circular locking dependency detected [ 80.447775][ T5608] 6.12.0-rc3-syzkaller-g715ca9dd687f #0 Not tainted [ 80.454386][ T5608] ------------------------------------------------------ [ 80.461872][ T5608] syz-executor.0/5608 is trying to acquire lock: [ 80.468393][ T5608] ffff888022f1a070 (&newdev->mutex){+.+.}-{3:3}, at: uinput_request_submit+0x19c/0x740 [ 80.478153][ T5608] [ 80.478153][ T5608] but task is already holding lock: [ 80.485625][ T5608] ffff888022f188b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x3e4/0xb00 [ 80.494502][ T5608] [ 80.494502][ T5608] which lock already depends on the new lock. [ 80.494502][ T5608] [ 80.504974][ T5608] [ 80.504974][ T5608] the existing dependency chain (in reverse order) is: [ 80.514006][ T5608] [ 80.514006][ T5608] -> #3 (&ff->mutex){+.+.}-{3:3}: [ 80.521283][ T5608] lock_acquire+0x1ed/0x550 [ 80.526602][ T5608] __mutex_lock+0x136/0xd70 [ 80.531658][ T5608] input_ff_flush+0x5e/0x140 [ 80.536802][ T5608] input_flush_device+0x9c/0xc0 [ 80.542407][ T5608] evdev_release+0xf6/0x7d0 [ 80.547548][ T5608] __fput+0x23f/0x880 [ 80.552078][ T5608] __x64_sys_close+0x7f/0x110 [ 80.557289][ T5608] do_syscall_64+0xf3/0x230 [ 80.562340][ T5608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.568817][ T5608] [ 80.568817][ T5608] -> #2 (&dev->mutex#2){+.+.}-{3:3}: [ 80.576430][ T5608] lock_acquire+0x1ed/0x550 [ 80.581557][ T5608] __mutex_lock+0x136/0xd70 [ 80.586583][ T5608] input_register_handle+0x6d/0x3b0 [ 80.592492][ T5608] kbd_connect+0xbf/0x130 [ 80.597410][ T5608] input_register_device+0xd3b/0x1110 [ 80.603440][ T5608] acpi_button_add+0x6c6/0xb90 [ 80.608775][ T5608] acpi_device_probe+0xa5/0x2b0 [ 80.614211][ T5608] really_probe+0x2b8/0xad0 [ 80.619273][ T5608] __driver_probe_device+0x1a2/0x390 [ 80.625120][ T5608] driver_probe_device+0x50/0x430 [ 80.630704][ T5608] __driver_attach+0x45f/0x710 [ 80.636196][ T5608] bus_for_each_dev+0x239/0x2b0 [ 80.636673][ T5239] Bluetooth: hci0: command tx timeout [ 80.641616][ T5608] bus_add_driver+0x346/0x670 [ 80.641644][ T5608] driver_register+0x23a/0x320 [ 80.657600][ T5608] do_one_initcall+0x248/0x880 [ 80.662921][ T5608] do_initcall_level+0x157/0x210 [ 80.668424][ T5608] do_initcalls+0x3f/0x80 [ 80.673321][ T5608] kernel_init_freeable+0x435/0x5d0 [ 80.679075][ T5608] kernel_init+0x1d/0x2b0 [ 80.683959][ T5608] ret_from_fork+0x4b/0x80 [ 80.688944][ T5608] ret_from_fork_asm+0x1a/0x30 [ 80.694266][ T5608] [ 80.694266][ T5608] -> #1 (input_mutex){+.+.}-{3:3}: [ 80.701614][ T5608] lock_acquire+0x1ed/0x550 [ 80.706694][ T5608] __mutex_lock+0x136/0xd70 [ 80.711750][ T5608] input_register_device+0xaee/0x1110 [ 80.717693][ T5608] uinput_create_device+0x40e/0x630 [ 80.723448][ T5608] uinput_ioctl_handler+0x488/0x1770 [ 80.729377][ T5608] __se_sys_ioctl+0xf9/0x170 [ 80.734529][ T5608] do_syscall_64+0xf3/0x230 [ 80.739601][ T5608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.746164][ T5608] [ 80.746164][ T5608] -> #0 (&newdev->mutex){+.+.}-{3:3}: [ 80.753832][ T5608] validate_chain+0x18ef/0x5920 [ 80.759247][ T5608] __lock_acquire+0x1384/0x2050 [ 80.764669][ T5608] lock_acquire+0x1ed/0x550 [ 80.769766][ T5608] __mutex_lock+0x136/0xd70 [ 80.774824][ T5608] uinput_request_submit+0x19c/0x740 [ 80.780674][ T5608] uinput_dev_upload_effect+0x199/0x240 [ 80.786779][ T5608] input_ff_upload+0x5df/0xb00 [ 80.792094][ T5608] evdev_ioctl_handler+0x17cd/0x21a0 [ 80.798017][ T5608] __se_sys_ioctl+0xf9/0x170 [ 80.803169][ T5608] do_syscall_64+0xf3/0x230 [ 80.808222][ T5608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.814677][ T5608] [ 80.814677][ T5608] other info that might help us debug this: [ 80.814677][ T5608] [ 80.824936][ T5608] Chain exists of: [ 80.824936][ T5608] &newdev->mutex --> &dev->mutex#2 --> &ff->mutex [ 80.824936][ T5608] [ 80.837419][ T5608] Possible unsafe locking scenario: [ 80.837419][ T5608] [ 80.844906][ T5608] CPU0 CPU1 [ 80.850296][ T5608] ---- ---- [ 80.855682][ T5608] lock(&ff->mutex); [ 80.859700][ T5608] lock(&dev->mutex#2); [ 80.866506][ T5608] lock(&ff->mutex); [ 80.873037][ T5608] lock(&newdev->mutex); [ 80.877403][ T5608] [ 80.877403][ T5608] *** DEADLOCK *** [ 80.877403][ T5608] [ 80.885668][ T5608] 2 locks held by syz-executor.0/5608: [ 80.891233][ T5608] #0: ffff88802fd60110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_ioctl_handler+0x122/0x21a0 [ 80.901204][ T5608] #1: ffff888022f188b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x3e4/0xb00 [ 80.910501][ T5608] [ 80.910501][ T5608] stack backtrace: [ 80.916429][ T5608] CPU: 1 UID: 0 PID: 5608 Comm: syz-executor.0 Not tainted 6.12.0-rc3-syzkaller-g715ca9dd687f #0 [ 80.926953][ T5608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 80.937044][ T5608] Call Trace: [ 80.940361][ T5608] [ 80.943412][ T5608] dump_stack_lvl+0x241/0x360 [ 80.948257][ T5608] ? __pfx_dump_stack_lvl+0x10/0x10 [ 80.953704][ T5608] ? __pfx__printk+0x10/0x10 [ 80.958324][ T5608] print_circular_bug+0x13a/0x1b0 [ 80.963395][ T5608] check_noncircular+0x36a/0x4a0 [ 80.968377][ T5608] ? __pfx_check_noncircular+0x10/0x10 [ 80.973869][ T5608] ? lockdep_lock+0x123/0x2b0 [ 80.978587][ T5608] ? stack_trace_save+0x118/0x1d0 [ 80.983655][ T5608] ? __pfx_stack_trace_save+0x10/0x10 [ 80.989150][ T5608] ? check_noncircular+0x259/0x4a0 [ 80.994341][ T5608] validate_chain+0x18ef/0x5920 [ 80.999229][ T5608] ? __pfx_check_noncircular+0x10/0x10 [ 81.004821][ T5608] ? __pfx_validate_chain+0x10/0x10 [ 81.010060][ T5608] ? __pfx_validate_chain+0x10/0x10 [ 81.015387][ T5608] ? stack_trace_save+0x118/0x1d0 [ 81.020445][ T5608] ? __pfx_stack_trace_save+0x10/0x10 [ 81.025860][ T5608] ? mark_lock+0x9a/0x360 [ 81.030362][ T5608] __lock_acquire+0x1384/0x2050 [ 81.035260][ T5608] lock_acquire+0x1ed/0x550 [ 81.039802][ T5608] ? uinput_request_submit+0x19c/0x740 [ 81.045299][ T5608] ? __pfx_lock_acquire+0x10/0x10 [ 81.050445][ T5608] ? __pfx___might_resched+0x10/0x10 [ 81.055783][ T5608] __mutex_lock+0x136/0xd70 [ 81.060318][ T5608] ? uinput_request_submit+0x19c/0x740 [ 81.065815][ T5608] ? uinput_request_alloc_id+0x3c5/0x3f0 [ 81.071487][ T5608] ? do_raw_spin_lock+0x14f/0x370 [ 81.076557][ T5608] ? __pfx_lock_release+0x10/0x10 [ 81.081618][ T5608] ? uinput_request_submit+0x19c/0x740 [ 81.087113][ T5608] ? __pfx___mutex_lock+0x10/0x10 [ 81.092177][ T5608] ? _raw_spin_unlock+0x28/0x50 [ 81.097068][ T5608] ? uinput_request_alloc_id+0x3c5/0x3f0 [ 81.102734][ T5608] uinput_request_submit+0x19c/0x740 [ 81.108060][ T5608] ? __pfx_uinput_request_submit+0x10/0x10 [ 81.113906][ T5608] ? __pfx___mutex_trylock_common+0x10/0x10 [ 81.119840][ T5608] ? rcu_is_watching+0x15/0xb0 [ 81.124639][ T5608] uinput_dev_upload_effect+0x199/0x240 [ 81.130307][ T5608] ? __pfx_uinput_dev_upload_effect+0x10/0x10 [ 81.136457][ T5608] input_ff_upload+0x5df/0xb00 [ 81.141275][ T5608] evdev_ioctl_handler+0x17cd/0x21a0 [ 81.146594][ T5608] ? tomoyo_path_number_perm+0x208/0x880 [ 81.152268][ T5608] ? __pfx_evdev_ioctl_handler+0x10/0x10 [ 81.157954][ T5608] ? __pfx_evdev_ioctl+0x10/0x10 [ 81.162926][ T5608] __se_sys_ioctl+0xf9/0x170 [ 81.167559][ T5608] do_syscall_64+0xf3/0x230 [ 81.172110][ T5608] ? clear_bhb_loop+0x35/0x90 [ 81.176820][ T5608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.182771][ T5608] RIP: 0033:0x7f590327dca9 [ 81.187221][ T5608] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 81.207109][ T5608] RSP: 002b:00007f59040390c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.215552][ T5608] RAX: ffffffffffffffda RBX: 00007f59033abf80 RCX: 00007f590327dca9 [ 81.223562][ T5608] RDX: 0000000020000300 RSI: 0000000040304580 RDI: 0000000000000004 [ 81.231655][ T5608] RBP: 00007f59032c947e R08: 0000000000000000 R09: 0000000000000000 [ 81.240101][ T5608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.248545][ T5608] R13: 000000000000000b R14: 00007f59033abf80 R15: 00007fff07d1bd48 [ 81.256550][ T5608] [ 81.399941][ T5666] input: syz1 as /devices/virtual/input/input6 [ 82.254445][ T5747] input: syz1 as /devices/virtual/input/input7 [ 82.696829][ T5239] Bluetooth: hci0: command tx timeout [ 83.108772][ T5831] input: syz1 as /devices/virtual/input/input8 2024/10/20 04:05:56 executed programs: 4 [ 83.954762][ T5894] input: syz1 as /devices/virtual/input/input9 [ 84.776656][ T5239] Bluetooth: hci0: command tx timeout [ 84.803469][ T5896] input: syz1 as /devices/virtual/input/input10 [ 85.652668][ T5898] input: syz1 as /devices/virtual/input/input11 [ 86.500906][ T5900] input: syz1 as /devices/virtual/input/input12 [ 86.856669][ T5239] Bluetooth: hci0: command tx timeout [ 87.348294][ T5902] input: syz1 as /devices/virtual/input/input13 [ 88.202309][ T5904] input: syz1 as /devices/virtual/input/input14 2024/10/20 04:06:01 executed programs: 10 [ 89.051365][ T5906] input: syz1 as /devices/virtual/input/input15 [ 89.900152][ T5908] input: syz1 as /devices/virtual/input/input16