Warning: Permanently added '10.128.10.14' (ED25519) to the list of known hosts.
2025/12/05 05:26:54 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[  137.049008][ T6175] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  137.297993][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  137.304604][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  140.071477][ T5147] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  140.079422][ T5147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  140.089666][ T5147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  140.098631][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  140.114244][ T5147] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  140.475315][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.484151][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.521134][  T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.529079][  T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.770732][ T6228] chnl_net:caif_netlink_parms(): no params data found
[  142.878510][ T6228] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.886376][ T6228] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.893631][ T6228] bridge_slave_0: entered allmulticast mode
[  142.901328][ T6228] bridge_slave_0: entered promiscuous mode
[  142.911044][ T6228] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.919118][ T6228] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.926527][ T6228] bridge_slave_1: entered allmulticast mode
[  142.933931][ T6228] bridge_slave_1: entered promiscuous mode
[  142.972047][ T6228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.984614][ T6228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  143.022901][ T6228] team0: Port device team_slave_0 added
[  143.031883][ T6228] team0: Port device team_slave_1 added
[  143.065311][ T6228] batman_adv: batadv0: Adding interface: batadv_slave_0
[  143.072282][ T6228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  143.098340][ T6228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  143.111092][ T6228] batman_adv: batadv0: Adding interface: batadv_slave_1
[  143.118121][ T6228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  143.144238][ T6228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  143.195532][ T6228] hsr_slave_0: entered promiscuous mode
[  143.202098][ T6228] hsr_slave_1: entered promiscuous mode
[  143.728379][ T6228] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  143.740193][ T6228] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  143.752076][ T6228] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  143.763748][ T6228] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  143.892761][ T6228] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.925507][ T6228] 8021q: adding VLAN 0 to HW filter on device team0
[  143.939652][ T2939] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.946825][ T2939] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.963412][ T1320] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.970605][ T1320] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.255521][ T6228] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.321071][ T6228] veth0_vlan: entered promiscuous mode
[  144.335493][ T6228] veth1_vlan: entered promiscuous mode
[  144.379170][ T6228] veth0_macvtap: entered promiscuous mode
[  144.391293][ T6228] veth1_macvtap: entered promiscuous mode
[  144.413973][ T6228] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.432641][ T6228] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.450001][ T1320] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.469170][ T1320] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.487548][ T1320] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.507909][ T1320] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.706616][ T1320] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.786552][ T1320] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.855397][ T1320] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.928983][ T1320] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/12/05 05:27:10 executed programs: 0
[  147.234516][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  147.242826][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  147.251169][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  147.260478][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  147.273418][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  147.510544][ T1320] bridge_slave_1: left allmulticast mode
[  147.517157][ T1320] bridge_slave_1: left promiscuous mode
[  147.522944][ T1320] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.595392][ T1320] bridge_slave_0: left allmulticast mode
[  147.601073][ T1320] bridge_slave_0: left promiscuous mode
[  147.624395][ T1320] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.049203][ T1320] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  148.061049][ T1320] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  148.071200][ T1320] bond0 (unregistering): Released all slaves
[  148.202785][ T1320] hsr_slave_0: left promiscuous mode
[  148.209481][ T1320] hsr_slave_1: left promiscuous mode
[  148.216489][ T1320] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.223928][ T1320] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.232760][ T1320] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.240677][ T1320] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.261061][ T1320] veth1_macvtap: left promiscuous mode
[  148.266834][ T1320] veth0_macvtap: left promiscuous mode
[  148.272507][ T1320] veth1_vlan: left promiscuous mode
[  148.279222][ T1320] veth0_vlan: left promiscuous mode
[  148.687244][ T1320] team0 (unregistering): Port device team_slave_1 removed
[  148.732754][ T1320] team0 (unregistering): Port device team_slave_0 removed
[  149.177183][ T6357] chnl_net:caif_netlink_parms(): no params data found
[  149.294676][   T52] Bluetooth: hci0: command tx timeout
[  149.495833][ T6357] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.503100][ T6357] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.511991][ T6357] bridge_slave_0: entered allmulticast mode
[  149.526651][ T6357] bridge_slave_0: entered promiscuous mode
[  149.542403][ T6357] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.549672][ T6357] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.558452][ T6357] bridge_slave_1: entered allmulticast mode
[  149.567740][ T6357] bridge_slave_1: entered promiscuous mode
[  149.839772][ T6357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  149.861551][ T6357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.970814][ T6357] team0: Port device team_slave_0 added
[  149.985821][ T6357] team0: Port device team_slave_1 added
[  150.036581][ T6357] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.043556][ T6357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  150.071518][ T6357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.092125][ T6357] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.106346][ T6357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  150.133915][ T6357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.251427][ T6357] hsr_slave_0: entered promiscuous mode
[  150.261908][ T6357] hsr_slave_1: entered promiscuous mode
[  150.766251][ T6357] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  150.778870][ T6357] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  150.790129][ T6357] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  150.803196][ T6357] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  150.910605][ T6357] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.937340][ T6357] 8021q: adding VLAN 0 to HW filter on device team0
[  150.951764][ T1320] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.958955][ T1320] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.977717][ T1320] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.984886][ T1320] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.265575][ T6357] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.330117][ T6357] veth0_vlan: entered promiscuous mode
[  151.343898][ T6357] veth1_vlan: entered promiscuous mode
[  151.374511][   T52] Bluetooth: hci0: command tx timeout
[  151.396735][ T6357] veth0_macvtap: entered promiscuous mode
[  151.408366][ T6357] veth1_macvtap: entered promiscuous mode
[  151.433741][ T6357] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.450352][ T6357] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.472924][ T1320] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.488059][ T1320] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.497838][ T1320] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.507190][ T1320] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.579126][  T161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.588840][  T161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.623948][ T1320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.633173][ T1320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.700007][ T6463] input: syz1 as /devices/virtual/input/input5
[  151.712553][ T6463] 
[  151.714885][ T6463] ======================================================
[  151.721884][ T6463] WARNING: possible circular locking dependency detected
[  151.729057][ T6463] syzkaller #0 Not tainted
[  151.733454][ T6463] ------------------------------------------------------
[  151.740463][ T6463] syz.0.17/6463 is trying to acquire lock:
[  151.746295][ T6463] ffff8880291e8870 (&newdev->mutex){+.+.}-{4:4}, at: uinput_request_submit+0x188/0x6f0
[  151.755958][ T6463] 
[  151.755958][ T6463] but task is already holding lock:
[  151.763311][ T6463] ffff888032ecd0b0 (&ff->mutex){+.+.}-{4:4}, at: input_ff_upload+0x398/0xb30
[  151.772134][ T6463] 
[  151.772134][ T6463] which lock already depends on the new lock.
[  151.772134][ T6463] 
[  151.782526][ T6463] 
[  151.782526][ T6463] the existing dependency chain (in reverse order) is:
[  151.791534][ T6463] 
[  151.791534][ T6463] -> #3 (&ff->mutex){+.+.}-{4:4}:
[  151.798752][ T6463]        __mutex_lock+0x187/0x1350
[  151.803859][ T6463]        input_ff_flush+0x5d/0x170
[  151.808976][ T6463]        input_flush_device+0xb4/0x110
[  151.814602][ T6463]        evdev_release+0xe1/0x800
[  151.819619][ T6463]        __fput+0x44c/0xa70
[  151.824111][ T6463]        fput_close_sync+0x113/0x220
[  151.829392][ T6463]        __x64_sys_close+0x7f/0x110
[  151.834671][ T6463]        do_syscall_64+0xfa/0xf80
[  151.839686][ T6463]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.846085][ T6463] 
[  151.846085][ T6463] -> #2 (&dev->mutex#2){+.+.}-{4:4}:
[  151.853566][ T6463]        __mutex_lock+0x187/0x1350
[  151.858667][ T6463]        input_register_handle+0x18f/0x530
[  151.864548][ T6463]        kbd_connect+0xc3/0x140
[  151.869409][ T6463]        input_register_device+0xd00/0x1140
[  151.875305][ T6463]        acpi_button_add+0x6b9/0xb70
[  151.880927][ T6463]        acpi_device_probe+0xa8/0x2d0
[  151.886379][ T6463]        really_probe+0x26d/0x9e0
[  151.891399][ T6463]        __driver_probe_device+0x18c/0x2f0
[  151.897362][ T6463]        driver_probe_device+0x4f/0x430
[  151.902896][ T6463]        __driver_attach+0x452/0x700
[  151.908205][ T6463]        bus_for_each_dev+0x233/0x2b0
[  151.913574][ T6463]        bus_add_driver+0x345/0x640
[  151.918765][ T6463]        driver_register+0x23a/0x320
[  151.924043][ T6463]        do_one_initcall+0x1fb/0x7f0
[  151.929328][ T6463]        do_initcall_level+0x104/0x190
[  151.934779][ T6463]        do_initcalls+0x59/0xa0
[  151.939622][ T6463]        kernel_init_freeable+0x334/0x4b0
[  151.945333][ T6463]        kernel_init+0x1d/0x1d0
[  151.950175][ T6463]        ret_from_fork+0x599/0xb30
[  151.955275][ T6463]        ret_from_fork_asm+0x1a/0x30
[  151.960815][ T6463] 
[  151.960815][ T6463] -> #1 (input_mutex){+.+.}-{4:4}:
[  151.968114][ T6463]        __mutex_lock+0x187/0x1350
[  151.973224][ T6463]        input_register_device+0xa76/0x1140
[  151.979120][ T6463]        uinput_create_device+0x422/0x670
[  151.984858][ T6463]        uinput_ioctl_handler+0x3f0/0x1570
[  151.990671][ T6463]        __se_sys_ioctl+0xfc/0x170
[  151.995835][ T6463]        do_syscall_64+0xfa/0xf80
[  152.000850][ T6463]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.007341][ T6463] 
[  152.007341][ T6463] -> #0 (&newdev->mutex){+.+.}-{4:4}:
[  152.014937][ T6463]        __lock_acquire+0x15a6/0x2cf0
[  152.020306][ T6463]        lock_acquire+0x117/0x340
[  152.025413][ T6463]        __mutex_lock+0x187/0x1350
[  152.030511][ T6463]        uinput_request_submit+0x188/0x6f0
[  152.036323][ T6463]        uinput_dev_upload_effect+0x150/0x1e0
[  152.042386][ T6463]        input_ff_upload+0x5fb/0xb30
[  152.047668][ T6463]        evdev_ioctl_handler+0x1644/0x1f10
[  152.053479][ T6463]        __se_sys_ioctl+0xfc/0x170
[  152.058594][ T6463]        do_syscall_64+0xfa/0xf80
[  152.063609][ T6463]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.070011][ T6463] 
[  152.070011][ T6463] other info that might help us debug this:
[  152.070011][ T6463] 
[  152.080228][ T6463] Chain exists of:
[  152.080228][ T6463]   &newdev->mutex --> &dev->mutex#2 --> &ff->mutex
[  152.080228][ T6463] 
[  152.092588][ T6463]  Possible unsafe locking scenario:
[  152.092588][ T6463] 
[  152.100027][ T6463]        CPU0                    CPU1
[  152.105380][ T6463]        ----                    ----
[  152.110731][ T6463]   lock(&ff->mutex);
[  152.114712][ T6463]                                lock(&dev->mutex#2);
[  152.121505][ T6463]                                lock(&ff->mutex);
[  152.128005][ T6463]   lock(&newdev->mutex);
[  152.132335][ T6463] 
[  152.132335][ T6463]  *** DEADLOCK ***
[  152.132335][ T6463] 
[  152.140509][ T6463] 2 locks held by syz.0.17/6463:
[  152.145610][ T6463]  #0: ffff88807a0ba118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_ioctl_handler+0x121/0x1f10
[  152.155567][ T6463]  #1: ffff888032ecd0b0 (&ff->mutex){+.+.}-{4:4}, at: input_ff_upload+0x398/0xb30
[  152.164840][ T6463] 
[  152.164840][ T6463] stack backtrace:
[  152.170718][ T6463] CPU: 1 UID: 0 PID: 6463 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  152.170742][ T6463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  152.170754][ T6463] Call Trace:
[  152.170763][ T6463]  <TASK>
[  152.170772][ T6463]  dump_stack_lvl+0x189/0x250
[  152.170801][ T6463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.170825][ T6463]  ? __pfx__printk+0x10/0x10
[  152.170856][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.170880][ T6463]  ? print_lock_name+0xde/0x100
[  152.170911][ T6463]  print_circular_bug+0x2e2/0x300
[  152.170941][ T6463]  check_noncircular+0x12e/0x150
[  152.170971][ T6463]  __lock_acquire+0x15a6/0x2cf0
[  152.170997][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171023][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171050][ T6463]  ? uinput_request_submit+0x188/0x6f0
[  152.171081][ T6463]  lock_acquire+0x117/0x340
[  152.171101][ T6463]  ? uinput_request_submit+0x188/0x6f0
[  152.171134][ T6463]  ? __lock_acquire+0x146f/0x2cf0
[  152.171158][ T6463]  __mutex_lock+0x187/0x1350
[  152.171179][ T6463]  ? uinput_request_submit+0x188/0x6f0
[  152.171216][ T6463]  ? uinput_request_submit+0x188/0x6f0
[  152.171248][ T6463]  ? __pfx___mutex_lock+0x10/0x10
[  152.171272][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171295][ T6463]  ? do_raw_spin_unlock+0x122/0x240
[  152.171325][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171347][ T6463]  ? _raw_spin_unlock+0x28/0x50
[  152.171376][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171399][ T6463]  ? uinput_request_alloc_id+0x3cf/0x400
[  152.171431][ T6463]  uinput_request_submit+0x188/0x6f0
[  152.171464][ T6463]  ? __pfx___mutex_trylock_common+0x10/0x10
[  152.171491][ T6463]  ? __pfx_uinput_request_submit+0x10/0x10
[  152.171522][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171545][ T6463]  ? rcu_is_watching+0x15/0xb0
[  152.171572][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171594][ T6463]  ? trace_contention_end+0x39/0x100
[  152.171621][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171649][ T6463]  ? __mutex_lock+0x335/0x1350
[  152.171674][ T6463]  uinput_dev_upload_effect+0x150/0x1e0
[  152.171705][ T6463]  ? input_ff_upload+0x398/0xb30
[  152.171735][ T6463]  ? __pfx_uinput_dev_upload_effect+0x10/0x10
[  152.171774][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171800][ T6463]  input_ff_upload+0x5fb/0xb30
[  152.171834][ T6463]  evdev_ioctl_handler+0x1644/0x1f10
[  152.171862][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171885][ T6463]  ? do_vfs_ioctl+0xbe8/0x1430
[  152.171913][ T6463]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  152.171934][ T6463]  ? __pfx_evdev_ioctl_handler+0x10/0x10
[  152.171967][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.171990][ T6463]  ? do_futex+0x333/0x420
[  152.172020][ T6463]  ? __fget_files+0x2a/0x420
[  152.172043][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.172065][ T6463]  ? __fget_files+0x3a0/0x420
[  152.172085][ T6463]  ? __fget_files+0x2a/0x420
[  152.172107][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.172130][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.172154][ T6463]  ? __pfx_evdev_ioctl+0x10/0x10
[  152.172178][ T6463]  __se_sys_ioctl+0xfc/0x170
[  152.172206][ T6463]  do_syscall_64+0xfa/0xf80
[  152.172227][ T6463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.172247][ T6463]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.172270][ T6463]  ? exc_page_fault+0xab/0x100
[  152.172289][ T6463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.172309][ T6463] RIP: 0033:0x7f306d78f6c9
[  152.172328][ T6463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.172344][ T6463] RSP: 002b:00007f306e5c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  152.172365][ T6463] RAX: ffffffffffffffda RBX: 00007f306d9e5fa0 RCX: 00007f306d78f6c9
[  152.172380][ T6463] RDX: 0000200000000300 RSI: 0000000040304580 RDI: 0000000000000004
[  152.172394][ T6463] RBP: 00007f306d811f91 R08: 0000000000000000 R09: 0000000000000000
[  152.172407][ T6463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.172419][ T6463] R13: 00007f306d9e6038 R14: 00007f306d9e5fa0 R15: 00007ffdf518cf38
[  152.172443][ T6463]  </TASK>
[  152.582968][ T6462] BUG: unable to handle page fault for address: fffffffffffffff8
[  152.590717][ T6462] #PF: supervisor read access in kernel mode
[  152.596690][ T6462] #PF: error_code(0x0000) - not-present page
[  152.602652][ T6462] PGD dd3f067 P4D dd3f067 PUD dd41067 PMD 0 
[  152.608640][ T6462] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[  152.614262][ T6462] CPU: 0 UID: 0 PID: 6462 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  152.623356][ T6462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  152.633390][ T6462] RIP: 0010:complete+0x99/0x1b0
[  152.638232][ T6462] Code: 89 e7 e8 0a 08 8c 00 4d 8b 3c 24 4d 39 e7 0f 84 d4 00 00 00 49 8d 7f f8 48 89 f8 48 c1 e8 03 80 3c 28 00 74 05 e8 e7 07 8c 00 <49> 8b 7f f8 be 03 00 00 00 31 d2 e8 37 45 f6 ff 4c 89 ff e8 8f 98
[  152.657996][ T6462] RSP: 0018:ffffc90003077c98 EFLAGS: 00010046
[  152.664052][ T6462] RAX: 1fffffffffffffff RBX: ffffc90003087a58 RCX: dffffc0000000000
[  152.672205][ T6462] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffffffffffffff8
[  152.680209][ T6462] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  152.688207][ T6462] R10: dffffc0000000000 R11: fffff5200060ef70 R12: ffffc90003087a98
[  152.696176][ T6462] R13: 0000000000000001 R14: 0000000000000212 R15: 0000000000000000
[  152.704150][ T6462] FS:  0000555566291500(0000) GS:ffff88812608e000(0000) knlGS:0000000000000000
[  152.713256][ T6462] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.719914][ T6462] CR2: fffffffffffffff8 CR3: 0000000075070000 CR4: 0000000000350ef0
[  152.727874][ T6462] Call Trace:
[  152.731139][ T6462]  <TASK>
[  152.734056][ T6462]  uinput_destroy_device+0x11a/0x8c0
[  152.739546][ T6462]  ? __pfx_uinput_release+0x10/0x10
[  152.744769][ T6462]  uinput_release+0x3b/0x50
[  152.749277][ T6462]  __fput+0x44c/0xa70
[  152.753253][ T6462]  task_work_run+0x1d4/0x260
[  152.757841][ T6462]  ? __pfx_task_work_run+0x10/0x10
[  152.762946][ T6462]  ? __se_sys_close_range+0x4ed/0x650
[  152.768309][ T6462]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.773931][ T6462]  ? rcu_is_watching+0x15/0xb0
[  152.778682][ T6462]  exit_to_user_mode_loop+0xff/0x4f0
[  152.783954][ T6462]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.789569][ T6462]  ? rcu_is_watching+0x15/0xb0
[  152.794333][ T6462]  do_syscall_64+0x2e3/0xf80
[  152.798912][ T6462]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.804957][ T6462]  ? srso_alias_return_thunk+0x5/0xfbef5
[  152.810577][ T6462]  ? exc_page_fault+0xab/0x100
[  152.815341][ T6462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.821235][ T6462] RIP: 0033:0x7f306d78f6c9
[  152.825638][ T6462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.845232][ T6462] RSP: 002b:00007ffdf518d098 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  152.853670][ T6462] RAX: 0000000000000000 RBX: 00007f306d9e7da0 RCX: 00007f306d78f6c9
[  152.861754][ T6462] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  152.869727][ T6462] RBP: 00007f306d9e7da0 R08: 0000000000000000 R09: 00000006f518d38f
[  152.877689][ T6462] R10: 00007f306d9e7cb0 R11: 0000000000000246 R12: 00000000000253a5
[  152.885649][ T6462] R13: 00007ffdf518d190 R14: ffffffffffffffff R15: 00007ffdf518d1b0
[  152.893712][ T6462]  </TASK>
[  152.896727][ T6462] Modules linked in:
[  152.900606][ T6462] CR2: fffffffffffffff8
[  152.904743][ T6462] ---[ end trace 0000000000000000 ]---
[  152.910182][ T6462] RIP: 0010:complete+0x99/0x1b0
[  152.915029][ T6462] Code: 89 e7 e8 0a 08 8c 00 4d 8b 3c 24 4d 39 e7 0f 84 d4 00 00 00 49 8d 7f f8 48 89 f8 48 c1 e8 03 80 3c 28 00 74 05 e8 e7 07 8c 00 <49> 8b 7f f8 be 03 00 00 00 31 d2 e8 37 45 f6 ff 4c 89 ff e8 8f 98
[  152.934627][ T6462] RSP: 0018:ffffc90003077c98 EFLAGS: 00010046
[  152.940696][ T6462] RAX: 1fffffffffffffff RBX: ffffc90003087a58 RCX: dffffc0000000000
[  152.948665][ T6462] RDX: 0000000000000001 RSI: 0000000000000004 RDI: fffffffffffffff8
[  152.956629][ T6462] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  152.964592][ T6462] R10: dffffc0000000000 R11: fffff5200060ef70 R12: ffffc90003087a98
[  152.972654][ T6462] R13: 0000000000000001 R14: 0000000000000212 R15: 0000000000000000
[  152.980737][ T6462] FS:  0000555566291500(0000) GS:ffff88812608e000(0000) knlGS:0000000000000000
[  152.989658][ T6462] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.996228][ T6462] CR2: fffffffffffffff8 CR3: 0000000075070000 CR4: 0000000000350ef0
[  153.004192][ T6462] Kernel panic - not syncing: Fatal exception
[  153.010677][ T6462] Kernel Offset: disabled
[  153.015003][ T6462] Rebooting in 86400 seconds..