last executing test programs: 811.205134ms ago: executing program 2 (id=65): setgid(0x0) 785.673575ms ago: executing program 2 (id=68): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/damon/attrs', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/damon/attrs', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/damon/attrs', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/damon/attrs', 0x800, 0x0) 784.414685ms ago: executing program 2 (id=75): signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) 728.393306ms ago: executing program 2 (id=86): tkill(0x0, 0x0) 705.422966ms ago: executing program 2 (id=93): pkey_alloc(0x0, 0x0) 704.872716ms ago: executing program 2 (id=98): rt_sigreturn() 119.516157ms ago: executing program 0 (id=223): pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 79.493528ms ago: executing program 0 (id=227): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/btf/vmlinux', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/btf/vmlinux', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/btf/vmlinux', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/btf/vmlinux', 0x800, 0x0) 79.262898ms ago: executing program 1 (id=229): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current', 0x2, 0x0) 79.232188ms ago: executing program 4 (id=230): open_tree(0xffffffffffffffff, &(0x7f0000000000), 0x0) 78.984518ms ago: executing program 3 (id=231): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio', 0x800, 0x0) 78.900838ms ago: executing program 4 (id=232): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vndbinder', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vndbinder', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vndbinder', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vndbinder', 0x800, 0x0) 78.728028ms ago: executing program 1 (id=233): syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$I2C(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$I2C(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$I2C(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$I2C(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$I2C(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$I2C(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$I2C(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$I2C(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$I2C(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$I2C(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$I2C(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$I2C(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$I2C(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$I2C(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$I2C(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$I2C(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$I2C(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$I2C(&(0x7f0000000500), 0x4, 0x800) 78.624488ms ago: executing program 3 (id=234): unlinkat(0xffffffffffffffff, &(0x7f0000000000), 0x0) 44.958149ms ago: executing program 0 (id=235): nanosleep(&(0x7f0000000000), 0x0) 44.834289ms ago: executing program 4 (id=236): socket$inet6(0xa, 0x1, 0x0) 44.790479ms ago: executing program 0 (id=237): socket(0x1, 0x1, 0x0) 44.710779ms ago: executing program 1 (id=238): kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) 44.679119ms ago: executing program 3 (id=239): chdir(&(0x7f0000000000)) 44.636939ms ago: executing program 0 (id=240): getitimer(0x0, &(0x7f0000000000)) 44.563219ms ago: executing program 4 (id=241): rseq(&(0x7f0000000000), 0x0, 0x0, 0x0) 1.05323ms ago: executing program 1 (id=242): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/create', 0x2, 0x0) 977.19µs ago: executing program 3 (id=243): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/syslog', 0x2, 0x0) 913.05µs ago: executing program 1 (id=244): sched_yield() 835.81µs ago: executing program 4 (id=245): fanotify_init(0x0, 0x0) 713.26µs ago: executing program 0 (id=246): socket$inet_tcp(0x2, 0x1, 0x0) 443µs ago: executing program 3 (id=247): map_shadow_stack(0x0, 0x0, 0x0) 171.54µs ago: executing program 4 (id=248): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys', 0x0, 0x0) 70.3µs ago: executing program 1 (id=249): preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=250): io_getevents(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.237' (ED25519) to the list of known hosts. [ 26.976253][ T4032] cgroup: Unknown subsys name 'net' [ 27.254903][ T4032] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 27.558920][ T4032] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 28.403285][ T4074] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 29.362385][ T4296] Internal error: Oops - BTI: 0000000036000001 [#1] PREEMPT SMP [ 29.363735][ T4296] Modules linked in: [ 29.364415][ T4296] CPU: 0 PID: 4296 Comm: syz.3.250 Not tainted syzkaller #0 [ 29.365621][ T4296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 29.367307][ T4296] pstate: 42400405 (nZcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=jc) [ 29.368598][ T4296] pc : lookup_ioctx+0x108/0x7d0 [ 29.369403][ T4296] lr : lookup_ioctx+0xe4/0x7d0 [ 29.370211][ T4296] sp : ffff80001f9d7b20 [ 29.370883][ T4296] x29: ffff80001f9d7b20 x28: ffff0000d95e0000 x27: dfff800000000000 [ 29.372169][ T4296] x26: ffff80001f9d7b80 x25: ffff700003f3af70 x24: ffff0000d2a85080 [ 29.373383][ T4296] x23: dfff800000000000 x22: 00000000fffffff2 x21: 0000000000000000 [ 29.374684][ T4296] x20: ffff0000d95e0000 x19: 0000000000000000 x18: 0000000000000000 [ 29.375999][ T4296] x17: 0000000000000000 x16: ffff800008a1a0d8 x15: 0000000000000000 [ 29.377340][ T4296] x14: 0000000000000000 x13: 1ffff0000283006b x12: 0000000000ff0100 [ 29.378645][ T4296] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000ffffffffffff [ 29.379928][ T4296] x8 : 0000000000000000 x7 : ffff800008751314 x6 : 0000000000000000 [ 29.381178][ T4296] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001 [ 29.382380][ T4296] x2 : 0000000000000008 x1 : 0000000000000001 x0 : 0000000000000000 [ 29.383562][ T4296] Call trace: [ 29.384106][ T4296] lookup_ioctx+0x108/0x7d0 [ 29.384840][ T4296] do_io_getevents+0x120/0x394 [ 29.385602][ T4296] __arm64_sys_io_getevents+0x160/0x23c [ 29.386550][ T4296] invoke_syscall+0x98/0x2b8 [ 29.387247][ T4296] el0_svc_common+0x138/0x258 [ 29.388050][ T4296] do_el0_svc+0x58/0x14c [ 29.388773][ T4296] el0_svc+0x78/0x1e0 [ 29.389444][ T4296] el0t_64_sync_handler+0xcc/0xe4 [ 29.390248][ T4296] el0t_64_sync+0x1a0/0x1a4 [ 29.390929][ T4296] Code: d503229f 2a1f03f6 2a1f03e0 b8400953 (2a1603e1) [ 29.391927][ T4296] ---[ end trace 86a45ad9c197b843 ]--- [ 29.551495][ T4296] Kernel panic - not syncing: Oops - BTI: Fatal exception [ 29.552574][ T4296] SMP: stopping secondary CPUs [ 29.553328][ T4296] Kernel Offset: disabled [ 29.553970][ T4296] CPU features: 0x8,000003c1,7d33ffd9 [ 29.554768][ T4296] Memory Limit: none [ 29.719115][ T4296] Rebooting in 86400 seconds..