Warning: Permanently added '10.128.1.83' (ED25519) to the list of known hosts. executing program executing program executing program executing program [ 41.554354][ T4034] input: syz1 as /devices/virtual/input/input3 [ 41.555242][ T4035] input: syz1 as /devices/virtual/input/input4 [ 41.559497][ T4031] input: syz1 as /devices/virtual/input/input5 [ 41.568778][ T4033] input: syz1 as /devices/virtual/input/input2 executing program [ 41.582780][ T4036] input: syz1 as /devices/virtual/input/input6 [ 41.624677][ T4033] [ 41.625377][ T4033] ====================================================== [ 41.627340][ T4033] WARNING: possible circular locking dependency detected [ 41.629358][ T4033] 5.15.183-syzkaller #0 Not tainted [ 41.630771][ T4033] ------------------------------------------------------ [ 41.632758][ T4033] syz-executor328/4033 is trying to acquire lock: [ 41.634470][ T4033] ffff0000c1db0870 (&newdev->mutex){+.+.}-{3:3}, at: uinput_request_submit+0x180/0x618 [ 41.637210][ T4033] [ 41.637210][ T4033] but task is already holding lock: [ 41.639223][ T4033] ffff0000c1db50b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x2d4/0x78c [ 41.641732][ T4033] [ 41.641732][ T4033] which lock already depends on the new lock. [ 41.641732][ T4033] [ 41.644585][ T4033] [ 41.644585][ T4033] the existing dependency chain (in reverse order) is: [ 41.647130][ T4033] [ 41.647130][ T4033] -> #3 (&ff->mutex){+.+.}-{3:3}: [ 41.649204][ T4033] __mutex_lock_common+0x194/0x1edc [ 41.650796][ T4033] mutex_lock_nested+0xac/0x11c [ 41.652322][ T4033] input_ff_upload+0x2d4/0x78c [ 41.653896][ T4033] evdev_ioctl_handler+0x1fec/0x2be0 [ 41.655512][ T4033] evdev_ioctl+0x38/0x4c [ 41.656840][ T4033] __arm64_sys_ioctl+0x14c/0x1c8 [ 41.658337][ T4033] invoke_syscall+0x98/0x2b8 [ 41.659758][ T4033] el0_svc_common+0x138/0x258 [ 41.661165][ T4033] do_el0_svc+0x58/0x14c [ 41.662500][ T4033] el0_svc+0x78/0x1e0 [ 41.663731][ T4033] el0t_64_sync_handler+0xcc/0xe4 [ 41.665244][ T4033] el0t_64_sync+0x1a0/0x1a4 [ 41.666651][ T4033] [ 41.666651][ T4033] -> #2 (&evdev->mutex){+.+.}-{3:3}: [ 41.668820][ T4033] __mutex_lock_common+0x194/0x1edc [ 41.670386][ T4033] mutex_lock_nested+0xac/0x11c [ 41.671987][ T4033] evdev_cleanup+0x30/0x15c [ 41.673321][ T4033] evdev_disconnect+0x50/0xb4 [ 41.674741][ T4033] __input_unregister_device+0x178/0x2fc [ 41.676503][ T4033] input_unregister_device+0xa8/0xf4 [ 41.678097][ T4033] uinput_destroy_device+0x598/0x774 [ 41.679724][ T4033] uinput_release+0x44/0x60 [ 41.681108][ T4033] __fput+0x1c0/0x7f8 [ 41.682336][ T4033] ____fput+0x20/0x30 [ 41.683565][ T4033] task_work_run+0x12c/0x1e0 [ 41.684939][ T4033] do_exit+0x67c/0x1f58 [ 41.686232][ T4033] do_group_exit+0x100/0x268 [ 41.687589][ T4033] __wake_up_parent+0x0/0x60 [ 41.689006][ T4033] invoke_syscall+0x98/0x2b8 [ 41.690410][ T4033] el0_svc_common+0x138/0x258 [ 41.691820][ T4033] do_el0_svc+0x58/0x14c [ 41.693151][ T4033] el0_svc+0x78/0x1e0 [ 41.694333][ T4033] el0t_64_sync_handler+0xcc/0xe4 [ 41.695847][ T4033] el0t_64_sync+0x1a0/0x1a4 [ 41.697228][ T4033] [ 41.697228][ T4033] -> #1 (input_mutex){+.+.}-{3:3}: [ 41.699291][ T4033] __mutex_lock_common+0x194/0x1edc [ 41.700865][ T4033] mutex_lock_interruptible_nested+0xac/0x11c [ 41.702667][ T4033] input_register_device+0x900/0xe34 [ 41.704262][ T4033] uinput_create_device+0x350/0x518 [ 41.705837][ T4033] uinput_ioctl_handler+0x3c4/0x10bc [ 41.707440][ T4033] uinput_ioctl+0x38/0x4c [ 41.708807][ T4033] __arm64_sys_ioctl+0x14c/0x1c8 [ 41.710375][ T4033] invoke_syscall+0x98/0x2b8 [ 41.711769][ T4033] el0_svc_common+0x138/0x258 [ 41.713259][ T4033] do_el0_svc+0x58/0x14c [ 41.714542][ T4033] el0_svc+0x78/0x1e0 [ 41.715811][ T4033] el0t_64_sync_handler+0xcc/0xe4 [ 41.717391][ T4033] el0t_64_sync+0x1a0/0x1a4 [ 41.718728][ T4033] [ 41.718728][ T4033] -> #0 (&newdev->mutex){+.+.}-{3:3}: [ 41.720901][ T4033] __lock_acquire+0x2928/0x651c [ 41.722435][ T4033] lock_acquire+0x1f4/0x620 [ 41.723786][ T4033] __mutex_lock_common+0x194/0x1edc [ 41.725361][ T4033] mutex_lock_interruptible_nested+0xac/0x11c [ 41.727243][ T4033] uinput_request_submit+0x180/0x618 [ 41.728826][ T4033] uinput_dev_upload_effect+0x130/0x1c0 [ 41.730568][ T4033] input_ff_upload+0x454/0x78c [ 41.731986][ T4033] evdev_ioctl_handler+0x1fec/0x2be0 [ 41.733600][ T4033] evdev_ioctl+0x38/0x4c [ 41.734908][ T4033] __arm64_sys_ioctl+0x14c/0x1c8 [ 41.736415][ T4033] invoke_syscall+0x98/0x2b8 [ 41.737788][ T4033] el0_svc_common+0x138/0x258 [ 41.739298][ T4033] do_el0_svc+0x58/0x14c [ 41.740557][ T4033] el0_svc+0x78/0x1e0 [ 41.741842][ T4033] el0t_64_sync_handler+0xcc/0xe4 [ 41.743373][ T4033] el0t_64_sync+0x1a0/0x1a4 [ 41.744737][ T4033] [ 41.744737][ T4033] other info that might help us debug this: [ 41.744737][ T4033] [ 41.747636][ T4033] Chain exists of: [ 41.747636][ T4033] &newdev->mutex --> &evdev->mutex --> &ff->mutex [ 41.747636][ T4033] [ 41.751105][ T4033] Possible unsafe locking scenario: [ 41.751105][ T4033] [ 41.753224][ T4033] CPU0 CPU1 [ 41.754687][ T4033] ---- ---- [ 41.756142][ T4033] lock(&ff->mutex); [ 41.757237][ T4033] lock(&evdev->mutex); [ 41.759117][ T4033] lock(&ff->mutex); [ 41.760901][ T4033] lock(&newdev->mutex); [ 41.762080][ T4033] [ 41.762080][ T4033] *** DEADLOCK *** [ 41.762080][ T4033] [ 41.764312][ T4033] 2 locks held by syz-executor328/4033: [ 41.765899][ T4033] #0: ffff0000c2e2a110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_ioctl_handler+0x114/0x2be0 [ 41.768629][ T4033] #1: ffff0000c1db50b0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x2d4/0x78c [ 41.771195][ T4033] [ 41.771195][ T4033] stack backtrace: [ 41.772850][ T4033] CPU: 1 PID: 4033 Comm: syz-executor328 Not tainted 5.15.183-syzkaller #0 [ 41.775235][ T4033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 41.778055][ T4033] Call trace: [ 41.778930][ T4033] dump_backtrace+0x0/0x43c [ 41.780181][ T4033] show_stack+0x2c/0x3c [ 41.781326][ T4033] __dump_stack+0x30/0x40 [ 41.782540][ T4033] dump_stack_lvl+0xf8/0x160 [ 41.783809][ T4033] dump_stack+0x1c/0x5c [ 41.784997][ T4033] print_circular_bug+0x148/0x1b0 [ 41.786426][ T4033] check_noncircular+0x240/0x2d4 [ 41.787782][ T4033] __lock_acquire+0x2928/0x651c [ 41.789136][ T4033] lock_acquire+0x1f4/0x620 [ 41.790388][ T4033] __mutex_lock_common+0x194/0x1edc [ 41.791845][ T4033] mutex_lock_interruptible_nested+0xac/0x11c [ 41.793869][ T4033] uinput_request_submit+0x180/0x618 [ 41.795328][ T4033] uinput_dev_upload_effect+0x130/0x1c0 [ 41.796918][ T4033] input_ff_upload+0x454/0x78c [ 41.798244][ T4033] evdev_ioctl_handler+0x1fec/0x2be0 [ 41.799675][ T4033] evdev_ioctl+0x38/0x4c [ 41.800898][ T4033] __arm64_sys_ioctl+0x14c/0x1c8 [ 41.802284][ T4033] invoke_syscall+0x98/0x2b8 [ 41.803535][ T4033] el0_svc_common+0x138/0x258 [ 41.804820][ T4033] do_el0_svc+0x58/0x14c [ 41.806140][ T4033] el0_svc+0x78/0x1e0 [ 41.807267][ T4033] el0t_64_sync_handler+0xcc/0xe4 [ 41.808713][ T4033] el0t_64_sync+0x1a0/0x1a4 executing program [ 41.817300][ T4039] input: syz1 as /devices/virtual/input/input7 executing program [ 41.829475][ T4040] input: syz1 as /devices/virtual/input/input8 executing program [ 41.869524][ T4041] input: syz1 as /devices/virtual/input/input9 executing program [ 46.660985][ T4042] input: syz1 as /devices/virtual/input/input10 executing program [ 46.891529][ T4043] input: syz1 as /devices/virtual/input/input11 executing program [ 46.935391][ T4044] input: syz1 as /devices/virtual/input/input12 executing program [ 46.971822][ T4045] input: syz1 as /devices/virtual/input/input13