program: syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0xffff, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x0, 0x0, 0x30314442}}) ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000040)={0x2, 0x40000105, 0x0, 0x0}) sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x305, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000800}, 0x200080c4) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x55, 0x1e5, 0x0, 0x0, {0x7, r6}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x0, 0x0, 0x0, {@ip4=@broadcast}}}]}, 0x38}}, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r7, 0xc1105511, &(0x7f0000000040)={0x7, 0x3, 0x40, 0x10000, 'syz1\x00', 0x4000041}) r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4) ioctl$KVM_SET_CPUID2(r8, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB='\a']) ioctl$KVM_RUN(r8, 0xae80, 0x0) [ 86.468691][ T10] cfg80211: failed to load regulatory.db [ 86.528799][ T5333] loop0: detected capacity change from 0 to 512 [ 86.591075][ T5333] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 86.596620][ T5333] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.640517][ T5333] ------------[ cut here ]------------ [ 86.642645][ T5333] WARNING: CPU: 0 PID: 5333 at arch/x86/kvm/../../../virt/kvm/pfncache.c:267 __kvm_gpc_refresh+0x1187/0x1310 [ 86.647543][ T5333] Modules linked in: [ 86.649141][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.653079][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.657876][ T5333] RIP: 0010:__kvm_gpc_refresh+0x1187/0x1310 [ 86.660336][ T5333] Code: c6 05 ec 32 27 0e 01 48 c7 c7 1c bb 6f 8d be 35 04 00 00 48 c7 c2 40 ea 61 8b e8 f4 d0 5d 00 e9 fe f1 ff ff e8 ca 67 80 00 90 <0f> 0b 90 bb ea ff ff ff e9 7e fe ff ff e8 b7 67 80 00 90 0f 0b 90 [ 86.668464][ T5333] RSP: 0018:ffffc9000fdcf360 EFLAGS: 00010283 [ 86.671133][ T5333] RAX: ffffffff813fac46 RBX: ffff888000000000 RCX: 0000000000100000 [ 86.674522][ T5333] RDX: ffffc9000dce2000 RSI: 0000000000000be2 RDI: 0000000000000be3 [ 86.678223][ T5333] RBP: ffffc9000fdcf4e8 R08: ffffffff8f7cf477 R09: 1ffffffff1ef9e8e [ 86.681721][ T5333] R10: dffffc0000000000 R11: fffffbfff1ef9e8f R12: ffff888032dcd3e0 [ 86.685180][ T5333] R13: dffffc0000000000 R14: ffff888000000000 R15: ffffffffffffff01 [ 86.688774][ T5333] FS: 00007f04957e56c0(0000) GS:ffff88808d733000(0000) knlGS:0000000000000000 [ 86.692810][ T5333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.695627][ T5333] CR2: 00007f0494bdfa60 CR3: 0000000041fc8000 CR4: 0000000000352ef0 [ 86.699062][ T5333] Call Trace: [ 86.700603][ T5333] [ 86.701936][ T5333] ? _raw_read_unlock_irqrestore+0x85/0x110 [ 86.704546][ T5333] ? kvm_gpc_refresh+0x31/0x140 [ 86.706861][ T5333] ? __pfx___kvm_gpc_refresh+0x10/0x10 [ 86.709324][ T5333] ? kvm_xen_set_evtchn+0x138/0x230 [ 86.711546][ T5333] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.713878][ T5333] kvm_gpc_refresh+0xe1/0x140 [ 86.716229][ T5333] ? kvm_xen_set_evtchn+0x138/0x230 [ 86.718632][ T5333] kvm_xen_set_evtchn+0x164/0x230 [ 86.720697][ T5333] kvm_xen_inject_timer_irqs+0xfd/0x200 [ 86.722980][ T5333] vcpu_run+0xc2c/0x7040 [ 86.724911][ T5333] ? unwind_get_return_address+0x4d/0x90 [ 86.727494][ T5333] ? __pfx_vcpu_run+0x10/0x10 [ 86.729722][ T5333] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 86.732248][ T5333] ? rcu_is_watching+0x15/0xb0 [ 86.734649][ T5333] kvm_arch_vcpu_ioctl_run+0xfc9/0x1940 [ 86.737709][ T5333] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 86.740102][ T5333] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 86.742871][ T5333] ? __lock_acquire+0xab9/0xd20 [ 86.745011][ T5333] kvm_vcpu_ioctl+0x95c/0xe90 [ 86.747696][ T5333] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 86.750033][ T5333] ? __fget_files+0x2a/0x420 [ 86.752085][ T5333] ? __fget_files+0x3a0/0x420 [ 86.754072][ T5333] ? __fget_files+0x2a/0x420 [ 86.756159][ T5333] ? bpf_lsm_file_ioctl+0x9/0x20 [ 86.758519][ T5333] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 86.760890][ T5333] __se_sys_ioctl+0xfc/0x170 [ 86.763004][ T5333] do_syscall_64+0xfa/0xfa0 [ 86.765075][ T5333] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.767727][ T5333] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.771082][ T5333] ? clear_bhb_loop+0x60/0xb0 [ 86.773613][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.776474][ T5333] RIP: 0033:0x7f049498efc9 [ 86.778281][ T5333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.786272][ T5333] RSP: 002b:00007f04957e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.790659][ T5333] RAX: ffffffffffffffda RBX: 00007f0494be5fa0 RCX: 00007f049498efc9 [ 86.795072][ T5333] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000b [ 86.798882][ T5333] RBP: 00007f0494a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 86.802405][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.806284][ T5333] R13: 00007f0494be6038 R14: 00007f0494be5fa0 R15: 00007ffc2c4e60d8 [ 86.810244][ T5333] [ 86.811781][ T5333] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 86.815104][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.819048][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.823950][ T5333] Call Trace: [ 86.825448][ T5333] [ 86.826763][ T5333] dump_stack_lvl+0x99/0x250 [ 86.828742][ T5333] ? __asan_memcpy+0x40/0x70 [ 86.830749][ T5333] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.833011][ T5333] ? __pfx__printk+0x10/0x10 [ 86.835016][ T5333] vpanic+0x237/0x6d0 [ 86.836685][ T5333] ? __pfx_vpanic+0x10/0x10 [ 86.838611][ T5333] panic+0xb9/0xc0 [ 86.840225][ T5333] ? __pfx_panic+0x10/0x10 [ 86.842104][ T5333] __warn+0x31b/0x4b0 [ 86.843804][ T5333] ? __kvm_gpc_refresh+0x1187/0x1310 [ 86.846141][ T5333] ? __kvm_gpc_refresh+0x1187/0x1310 [ 86.848332][ T5333] report_bug+0x2be/0x4f0 [ 86.850107][ T5333] ? __kvm_gpc_refresh+0x1187/0x1310 [ 86.852274][ T5333] ? __kvm_gpc_refresh+0x1187/0x1310 [ 86.854439][ T5333] ? __kvm_gpc_refresh+0x1189/0x1310 [ 86.856732][ T5333] handle_bug+0x84/0x160 [ 86.858557][ T5333] exc_invalid_op+0x1a/0x50 [ 86.860568][ T5333] asm_exc_invalid_op+0x1a/0x20 [ 86.862761][ T5333] RIP: 0010:__kvm_gpc_refresh+0x1187/0x1310 [ 86.865425][ T5333] Code: c6 05 ec 32 27 0e 01 48 c7 c7 1c bb 6f 8d be 35 04 00 00 48 c7 c2 40 ea 61 8b e8 f4 d0 5d 00 e9 fe f1 ff ff e8 ca 67 80 00 90 <0f> 0b 90 bb ea ff ff ff e9 7e fe ff ff e8 b7 67 80 00 90 0f 0b 90 [ 86.873790][ T5333] RSP: 0018:ffffc9000fdcf360 EFLAGS: 00010283 [ 86.876554][ T5333] RAX: ffffffff813fac46 RBX: ffff888000000000 RCX: 0000000000100000 [ 86.879983][ T5333] RDX: ffffc9000dce2000 RSI: 0000000000000be2 RDI: 0000000000000be3 [ 86.883244][ T5333] RBP: ffffc9000fdcf4e8 R08: ffffffff8f7cf477 R09: 1ffffffff1ef9e8e [ 86.886874][ T5333] R10: dffffc0000000000 R11: fffffbfff1ef9e8f R12: ffff888032dcd3e0 [ 86.890372][ T5333] R13: dffffc0000000000 R14: ffff888000000000 R15: ffffffffffffff01 [ 86.893843][ T5333] ? __kvm_gpc_refresh+0x1186/0x1310 [ 86.896146][ T5333] ? _raw_read_unlock_irqrestore+0x85/0x110 [ 86.898754][ T5333] ? kvm_gpc_refresh+0x31/0x140 [ 86.900965][ T5333] ? __pfx___kvm_gpc_refresh+0x10/0x10 [ 86.903241][ T5333] ? kvm_xen_set_evtchn+0x138/0x230 [ 86.905556][ T5333] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.907729][ T5333] kvm_gpc_refresh+0xe1/0x140 [ 86.909667][ T5333] ? kvm_xen_set_evtchn+0x138/0x230 [ 86.911796][ T5333] kvm_xen_set_evtchn+0x164/0x230 [ 86.913815][ T5333] kvm_xen_inject_timer_irqs+0xfd/0x200 [ 86.916325][ T5333] vcpu_run+0xc2c/0x7040 [ 86.918033][ T5333] ? unwind_get_return_address+0x4d/0x90 [ 86.920463][ T5333] ? __pfx_vcpu_run+0x10/0x10 [ 86.922529][ T5333] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 86.926006][ T5333] ? rcu_is_watching+0x15/0xb0 [ 86.929008][ T5333] kvm_arch_vcpu_ioctl_run+0xfc9/0x1940 [ 86.931974][ T5333] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 86.935207][ T5333] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 86.938459][ T5333] ? __lock_acquire+0xab9/0xd20 [ 86.941039][ T5333] kvm_vcpu_ioctl+0x95c/0xe90 [ 86.943663][ T5333] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 86.946489][ T5333] ? __fget_files+0x2a/0x420 [ 86.948757][ T5333] ? __fget_files+0x3a0/0x420 [ 86.950723][ T5333] ? __fget_files+0x2a/0x420 [ 86.952746][ T5333] ? bpf_lsm_file_ioctl+0x9/0x20 [ 86.954932][ T5333] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 86.957225][ T5333] __se_sys_ioctl+0xfc/0x170 [ 86.959205][ T5333] do_syscall_64+0xfa/0xfa0 [ 86.961205][ T5333] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.963424][ T5333] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.966049][ T5333] ? clear_bhb_loop+0x60/0xb0 [ 86.968170][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.970764][ T5333] RIP: 0033:0x7f049498efc9 [ 86.972732][ T5333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.981334][ T5333] RSP: 002b:00007f04957e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.985161][ T5333] RAX: ffffffffffffffda RBX: 00007f0494be5fa0 RCX: 00007f049498efc9 [ 86.988566][ T5333] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000b [ 86.991996][ T5333] RBP: 00007f0494a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 86.995410][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.998775][ T5333] R13: 00007f0494be6038 R14: 00007f0494be5fa0 R15: 00007ffc2c4e60d8 [ 87.002216][ T5333] [ 87.003894][ T5333] Kernel Offset: disabled [ 87.005810][ T5333] Rebooting in 86400 seconds..