Warning: Permanently added '10.128.1.223' (ED25519) to the list of known hosts.
2024/07/19 18:51:34 ignoring optional flag "sandboxArg"="0"
2024/07/19 18:51:34 parsed 1 programs
2024/07/19 18:51:35 executed programs: 0
[   51.082455][ T2442] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   52.234766][ T2448] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   52.242802][ T2448] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   52.250708][ T2448] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   52.259434][ T2448] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.959883][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.967734][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.976250][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   55.986355][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.994351][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.002354][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   56.027787][ T3140] input: syz1 as /devices/virtual/input/input5
[   56.035259][ T3140] 
[   56.037574][ T3140] ======================================================
[   56.044565][ T3140] WARNING: possible circular locking dependency detected
[   56.051562][ T3140] 6.1.100-syzkaller #0 Not tainted
[   56.056775][ T3140] ------------------------------------------------------
[   56.063788][ T3140] syz-executor.0/3140 is trying to acquire lock:
[   56.070148][ T3140] ffff888102fa2870 (&newdev->mutex){+.+.}-{3:3}, at: uinput_request_submit+0x12e/0x300
[   56.079960][ T3140] 
[   56.079960][ T3140] but task is already holding lock:
[   56.087565][ T3140] ffff88810eeabcb0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x21b/0x500
[   56.096328][ T3140] 
[   56.096328][ T3140] which lock already depends on the new lock.
[   56.096328][ T3140] 
[   56.106980][ T3140] 
[   56.106980][ T3140] the existing dependency chain (in reverse order) is:
[   56.116410][ T3140] 
[   56.116410][ T3140] -> #3 (&ff->mutex){+.+.}-{3:3}:
[   56.123853][ T3140]        __mutex_lock+0x99/0x970
[   56.128772][ T3140]        input_ff_flush+0x31/0xb0
[   56.133861][ T3140]        input_flush_device+0x55/0x80
[   56.139222][ T3140]        evdev_release+0x78/0x2e0
[   56.144232][ T3140]        __fput+0xfb/0x440
[   56.148717][ T3140]        task_work_run+0xfa/0x130
[   56.153806][ T3140]        exit_to_user_mode_loop+0xde/0x100
[   56.159583][ T3140]        exit_to_user_mode_prepare+0xa2/0x100
[   56.165622][ T3140]        syscall_exit_to_user_mode+0x5e/0x210
[   56.171787][ T3140]        do_syscall_64+0x47/0xb0
[   56.176876][ T3140]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   56.183346][ T3140] 
[   56.183346][ T3140] -> #2 (&dev->mutex#2){+.+.}-{3:3}:
[   56.190789][ T3140]        __mutex_lock+0x99/0x970
[   56.195802][ T3140]        input_register_handle+0x31/0x160
[   56.201505][ T3140]        kbd_connect+0x45/0xb0
[   56.206350][ T3140]        input_register_device+0x754/0x8a0
[   56.212311][ T3140]        acpi_button_add+0x401/0x5d0
[   56.217575][ T3140]        acpi_device_probe+0x49/0x1c0
[   56.223060][ T3140]        really_probe+0x1c5/0x690
[   56.228069][ T3140]        __driver_probe_device+0xdf/0x1e0
[   56.233781][ T3140]        driver_probe_device+0x2e/0x240
[   56.239300][ T3140]        __driver_attach+0x252/0x390
[   56.244642][ T3140]        bus_for_each_dev+0xb0/0x100
[   56.250072][ T3140]        bus_add_driver+0x15f/0x2e0
[   56.255465][ T3140]        driver_register+0x102/0x190
[   56.260738][ T3140]        do_one_initcall+0x17b/0x480
[   56.266022][ T3140]        do_initcall_level+0xd7/0x1aa
[   56.271473][ T3140]        do_initcalls+0x49/0x81
[   56.276322][ T3140]        kernel_init_freeable+0x212/0x2a9
[   56.282038][ T3140]        kernel_init+0x17/0x290
[   56.286923][ T3140]        ret_from_fork+0x1f/0x30
[   56.292386][ T3140] 
[   56.292386][ T3140] -> #1 (input_mutex){+.+.}-{3:3}:
[   56.300001][ T3140]        __mutex_lock+0x99/0x970
[   56.305013][ T3140]        input_register_device+0x633/0x8a0
[   56.310802][ T3140]        uinput_create_device+0x1c4/0x290
[   56.316794][ T3140]        uinput_ioctl_handler+0x582/0xae0
[   56.322489][ T3140]        __se_sys_ioctl+0xb4/0x120
[   56.328029][ T3140]        do_syscall_64+0x3b/0xb0
[   56.333023][ T3140]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   56.339505][ T3140] 
[   56.339505][ T3140] -> #0 (&newdev->mutex){+.+.}-{3:3}:
[   56.347081][ T3140]        __lock_acquire+0x146d/0x2830
[   56.352449][ T3140]        lock_acquire+0xe3/0x270
[   56.357537][ T3140]        __mutex_lock+0x99/0x970
[   56.362453][ T3140]        uinput_request_submit+0x12e/0x300
[   56.368319][ T3140]        uinput_dev_upload_effect+0x107/0x130
[   56.374451][ T3140]        input_ff_upload+0x307/0x500
[   56.379714][ T3140]        evdev_ioctl_handler+0x1120/0x1560
[   56.385582][ T3140]        __se_sys_ioctl+0xb4/0x120
[   56.390773][ T3140]        do_syscall_64+0x3b/0xb0
[   56.395783][ T3140]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   56.402347][ T3140] 
[   56.402347][ T3140] other info that might help us debug this:
[   56.402347][ T3140] 
[   56.412549][ T3140] Chain exists of:
[   56.412549][ T3140]   &newdev->mutex --> &dev->mutex#2 --> &ff->mutex
[   56.412549][ T3140] 
[   56.424850][ T3140]  Possible unsafe locking scenario:
[   56.424850][ T3140] 
[   56.432275][ T3140]        CPU0                    CPU1
[   56.437609][ T3140]        ----                    ----
[   56.443121][ T3140]   lock(&ff->mutex);
[   56.447072][ T3140]                                lock(&dev->mutex#2);
[   56.453889][ T3140]                                lock(&ff->mutex);
[   56.460539][ T3140]   lock(&newdev->mutex);
[   56.464846][ T3140] 
[   56.464846][ T3140]  *** DEADLOCK ***
[   56.464846][ T3140] 
[   56.473309][ T3140] 2 locks held by syz-executor.0/3140:
[   56.478744][ T3140]  #0: ffff888105f87110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_ioctl_handler+0x55/0x1560
[   56.488713][ T3140]  #1: ffff88810eeabcb0 (&ff->mutex){+.+.}-{3:3}, at: input_ff_upload+0x21b/0x500
[   56.498164][ T3140] 
[   56.498164][ T3140] stack backtrace:
[   56.504120][ T3140] CPU: 0 PID: 3140 Comm: syz-executor.0 Not tainted 6.1.100-syzkaller #0
[   56.512675][ T3140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   56.522713][ T3140] Call Trace:
[   56.525966][ T3140]  <TASK>
[   56.528875][ T3140]  dump_stack_lvl+0xfa/0x181
[   56.533442][ T3140]  print_circular_bug+0x2c5/0x300
[   56.538534][ T3140]  check_noncircular+0x106/0x110
[   56.543475][ T3140]  __lock_acquire+0x146d/0x2830
[   56.548302][ T3140]  ? __lock_acquire+0x1eca/0x2830
[   56.553302][ T3140]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   56.559517][ T3140]  ? lockdep_hardirqs_on+0x94/0xf0
[   56.564604][ T3140]  ? uinput_request_submit+0x12e/0x300
[   56.570210][ T3140]  lock_acquire+0xe3/0x270
[   56.574697][ T3140]  ? uinput_request_submit+0x12e/0x300
[   56.580407][ T3140]  ? lock_acquire+0x14c/0x270
[   56.585066][ T3140]  ? uinput_request_submit+0x12e/0x300
[   56.590588][ T3140]  __mutex_lock+0x99/0x970
[   56.595340][ T3140]  ? uinput_request_submit+0x12e/0x300
[   56.601227][ T3140]  ? uinput_request_alloc_id+0x1ec/0x200
[   56.606844][ T3140]  uinput_request_submit+0x12e/0x300
[   56.612373][ T3140]  uinput_dev_upload_effect+0x107/0x130
[   56.617921][ T3140]  input_ff_upload+0x307/0x500
[   56.622937][ T3140]  evdev_ioctl_handler+0x1120/0x1560
[   56.628220][ T3140]  ? evdev_poll+0xd0/0xd0
[   56.632538][ T3140]  __se_sys_ioctl+0xb4/0x120
[   56.637196][ T3140]  do_syscall_64+0x3b/0xb0
[   56.641689][ T3140]  ? clear_bhb_loop+0x45/0xa0
[   56.646492][ T3140]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   56.652367][ T3140] RIP: 0033:0x7f70aa07dca9
[   56.656944][ T3140] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   56.677099][ T3140] RSP: 002b:00007f70aadb20c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   56.685511][ T3140] RAX: ffffffffffffffda RBX: 00007f70aa1abf80 RCX: 00007f70aa07dca9
[   56.693563][ T3140] RDX: 0000000020000300 RSI: 0000000040304580 RDI: 0000000000000004
[   56.701524][ T3140] RBP: 00007f70aa0c947e R08: 0000000000000000 R09: 0000000000000000
[   56.709579][ T3140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   56.717546][ T3140] R13: 0000000000000006 R14: 00007f70aa1abf80 R15: 00007ffc8834ce08
[   56.725513][ T3140]  </TASK>
2024/07/19 18:51:41 executed programs: 1
[   56.866731][ T3142] input: syz1 as /devices/virtual/input/input6
[   57.705200][ T3144] input: syz1 as /devices/virtual/input/input7
[   58.544956][ T3146] input: syz1 as /devices/virtual/input/input8
[   59.384222][ T3148] input: syz1 as /devices/virtual/input/input9
[   60.223398][ T3150] input: syz1 as /devices/virtual/input/input10
[   61.067274][ T3152] input: syz1 as /devices/virtual/input/input11
2024/07/19 18:51:46 executed programs: 7
[   61.905576][ T3154] input: syz1 as /devices/virtual/input/input12
[   62.743958][ T3156] input: syz1 as /devices/virtual/input/input13
[   63.582867][ T3158] input: syz1 as /devices/virtual/input/input14
[   64.423038][ T3160] input: syz1 as /devices/virtual/input/input15
[   65.261806][ T3162] input: syz1 as /devices/virtual/input/input16