last executing test programs: 170.32984ms ago: executing program 3 (id=185): syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$sg(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$sg(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$sg(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$sg(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$sg(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$sg(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$sg(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$sg(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$sg(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$sg(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$sg(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$sg(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$sg(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$sg(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$sg(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$sg(&(0x7f0000000500), 0x4, 0x800) 170.26803ms ago: executing program 4 (id=186): sched_setattr(0x0, &(0x7f0000000000), 0x0) 148.629496ms ago: executing program 0 (id=189): socket$inet(0x2, 0x1, 0x0) 148.256096ms ago: executing program 2 (id=191): syz_open_dev$mouse(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$mouse(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$mouse(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$mouse(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$mouse(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$mouse(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$mouse(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$mouse(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$mouse(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$mouse(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$mouse(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$mouse(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$mouse(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$mouse(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$mouse(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$mouse(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$mouse(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$mouse(&(0x7f0000000500), 0x4, 0x800) 148.166966ms ago: executing program 4 (id=192): pkey_mprotect(0x0, 0x0, 0x0, 0xffffffffffffffff) 127.509603ms ago: executing program 3 (id=193): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/direct', 0x2, 0x0) 127.369663ms ago: executing program 0 (id=194): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/access', 0x2, 0x0) 127.266563ms ago: executing program 2 (id=195): epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)) 127.015933ms ago: executing program 2 (id=197): sysinfo(&(0x7f0000000000)) 126.952163ms ago: executing program 4 (id=198): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse', 0x2, 0x0) 88.092216ms ago: executing program 3 (id=199): socket(0x1e, 0x2, 0x0) 87.889796ms ago: executing program 0 (id=200): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uhid', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uhid', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uhid', 0x800, 0x0) 87.714436ms ago: executing program 4 (id=201): socket$phonet(0x23, 0x2, 0x1) 87.327486ms ago: executing program 2 (id=203): syz_open_dev$dmmidi(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$dmmidi(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$dmmidi(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$dmmidi(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$dmmidi(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$dmmidi(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$dmmidi(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$dmmidi(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$dmmidi(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$dmmidi(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$dmmidi(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$dmmidi(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$dmmidi(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$dmmidi(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$dmmidi(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$dmmidi(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$dmmidi(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$dmmidi(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$dmmidi(&(0x7f0000000500), 0x4, 0x800) 87.266376ms ago: executing program 3 (id=204): set_mempolicy_home_node(0x0, 0x0, 0x0, 0x0) 86.978446ms ago: executing program 3 (id=207): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/cipso', 0x2, 0x0) 59.594081ms ago: executing program 0 (id=208): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/exec', 0x2, 0x0) 59.305301ms ago: executing program 3 (id=210): syz_open_dev$midi(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$midi(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$midi(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$midi(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$midi(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$midi(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$midi(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$midi(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$midi(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$midi(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$midi(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$midi(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$midi(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$midi(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$midi(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$midi(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$midi(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$midi(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$midi(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$midi(&(0x7f0000000500), 0x4, 0x800) 59.263791ms ago: executing program 0 (id=211): socket$inet6_icmp(0xa, 0x2, 0x3a) 59.232651ms ago: executing program 1 (id=212): socket$inet_tcp(0x2, 0x1, 0x0) 59.136511ms ago: executing program 1 (id=213): linkat(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffffff, &(0x7f0000000000), 0x0) 59.074241ms ago: executing program 0 (id=214): sync() 59.010581ms ago: executing program 1 (id=215): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/acpi_thermal_rel', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/acpi_thermal_rel', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/acpi_thermal_rel', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/acpi_thermal_rel', 0x800, 0x0) 11.331473ms ago: executing program 4 (id=216): kexec_load(0x0, 0x0, &(0x7f0000000000), 0x0) 11.111182ms ago: executing program 1 (id=217): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/member', 0x2, 0x0) 11.057433ms ago: executing program 1 (id=218): sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) 10.763412ms ago: executing program 4 (id=219): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey', 0x800, 0x0) 10.609702ms ago: executing program 2 (id=220): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor', 0x800, 0x0) 5.669491ms ago: executing program 1 (id=221): semget(0xffffffffffffffff, 0x0, 0x0) 0s ago: executing program 2 (id=222): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video36', 0x2, 0x0) 0s ago: executing program 1 (id=224): io_destroy(0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.164' (ED25519) to the list of known hosts. [ 34.711762][ T4030] cgroup: Unknown subsys name 'net' [ 35.006704][ T4030] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.316296][ T4030] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 36.284703][ T4109] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 37.021018][ T4271] Internal error: Oops - BTI: 0000000036000001 [#1] PREEMPT SMP [ 37.022467][ T4271] Modules linked in: [ 37.023168][ T4271] CPU: 1 PID: 4271 Comm: syz.1.224 Not tainted syzkaller #0 [ 37.024312][ T4271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026 [ 37.025911][ T4271] pstate: 42400405 (nZcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=jc) [ 37.027168][ T4271] pc : lookup_ioctx+0x108/0x7c8 [ 37.027961][ T4271] lr : lookup_ioctx+0xe4/0x7c8 [ 37.028788][ T4271] sp : ffff80001fc37c40 [ 37.029482][ T4271] x29: ffff80001fc37c40 x28: ffff0000cef8b680 x27: 0000000000000000 [ 37.030832][ T4271] x26: 1fffe00019df16d0 x25: 1ffff00003f86fd6 x24: ffff0000dcd12e00 [ 37.032089][ T4271] x23: dfff800000000000 x22: 00000000fffffff2 x21: 0000000000000000 [ 37.033406][ T4271] x20: ffff0000cef8b680 x19: 0000000000000000 x18: 0000000000000000 [ 37.034755][ T4271] x17: 0000000000000000 x16: ffff800008a22da8 x15: 0000000000000000 [ 37.036027][ T4271] x14: 0000000000000003 x13: 1ffff0000285202b x12: 0000000000ff0100 [ 37.037375][ T4271] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000ffffffffffff [ 37.038707][ T4271] x8 : 0000000000000000 x7 : ffff8000087586bc x6 : 0000000000000000 [ 37.040003][ T4271] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001 [ 37.041287][ T4271] x2 : 0000000000000008 x1 : 0000000000000001 x0 : 0000000000000000 [ 37.042659][ T4271] Call trace: [ 37.043164][ T4271] lookup_ioctx+0x108/0x7c8 [ 37.043876][ T4271] __arm64_sys_io_destroy+0x9c/0x1d8 [ 37.044792][ T4271] invoke_syscall+0x98/0x2b0 [ 37.045606][ T4271] el0_svc_common+0x138/0x258 [ 37.046407][ T4271] do_el0_svc+0x58/0x13c [ 37.047139][ T4271] el0_svc+0x78/0x1d0 [ 37.047802][ T4271] el0t_64_sync_handler+0xcc/0xe4 [ 37.048586][ T4271] el0t_64_sync+0x1a0/0x1a4 [ 37.049377][ T4271] Code: d503229f 2a1f03f6 2a1f03e0 b8400953 (2a1603e1) [ 37.050524][ T4271] ---[ end trace a01c96dd89a58c62 ]--- [ 37.106859][ T4033] ODEBUG: Out of memory. ODEBUG disabled [ 37.235192][ T4271] Kernel panic - not syncing: Oops - BTI: Fatal exception [ 37.236425][ T4271] SMP: stopping secondary CPUs [ 37.237235][ T4271] Kernel Offset: disabled [ 37.237955][ T4271] CPU features: 0x8,000003c1,7d33ffd9 [ 37.238819][ T4271] Memory Limit: none [ 37.415895][ T4271] Rebooting in 86400 seconds..