syzkaller login: qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x197000)
[   97.276675][    T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:4741' (ED25519) to the list of known hosts.
2026/03/26 10:28:24 parsed 1 programs
[  106.295291][ T5308] cgroup: Unknown subsys name 'net'
[  106.352818][ T5308] cgroup: Unknown subsys name 'cpuset'
[  106.359458][ T5308] cgroup: Unknown subsys name 'rlimit'
[  143.350081][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  143.353318][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  157.445990][ T1010] ata1.00: exception Emask 0x0 SAct 0x40000000 SErr 0x0 action 0x6 frozen
[  157.450522][ T1010] ata1.00: failed command: WRITE FPDMA QUEUED
[  157.454056][ T1010] ata1.00: cmd 61/b8:f0:ae:6a:04/0c:00:00:00:00/40 tag 30 ncq dma 1667072 ou
[  157.454056][ T1010]          res 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
[  157.463351][ T1010] ata1.00: status: { DRDY }
[  157.467528][ T1010] ata1: hard resetting link
[  157.789030][ T1010] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  157.795076][ T1010] ata1.00: configured for UDMA/100
[  157.798716][ T1010] ata1: EH complete
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x400000)
[  204.790597][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  204.793478][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  218.245736][ T1010] ata1.00: exception Emask 0x0 SAct 0x100 SErr 0x0 action 0x6 frozen
[  218.249370][ T1010] ata1.00: failed command: WRITE FPDMA QUEUED
[  218.252128][ T1010] ata1.00: cmd 61/00:40:36:e1:04/20:00:00:00:00/40 tag 8 ncq dma 4194304 ou
[  218.252128][ T1010]          res 40/00:00:00:00:00/00:00:00:00:00/00 Emask 0x4 (timeout)
[  218.263085][ T1010] ata1.00: status: { DRDY }
[  218.266662][ T1010] ata1: hard resetting link
[  218.587396][ T1010] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  218.591753][ T1010] ata1.00: configured for UDMA/100
[  218.594781][ T1010] ata1: EH complete
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x386000)
[  218.757085][ T1010] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  218.760269][ T1010] ata1: failed to read log page 10h (errno=-5)
[  218.763189][ T1010] ata1.00: NCQ disabled due to excessive errors
[  218.768262][ T1010] ata1.00: exception Emask 0x1 SAct 0x20 SErr 0x0 action 0x0
[  218.771915][ T1010] ata1.00: irq_stat 0x41000008
[  218.773848][ T1010] ata1.00: failed command: WRITE FPDMA QUEUED
[  218.776888][ T1010] ata1.00: cmd 61/30:28:36:61:0c/1c:00:00:00:00/40 tag 5 ncq dma 3694592 ou
[  218.776888][ T1010]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  218.784123][ T1010] ata1.00: status: { DRDY }
[  218.787209][ T1010] ata1.00: error: { ABRT }
[  218.791097][ T1010] ata1.00: configured for UDMA/100
[  218.793745][ T1010] ata1: EH complete
Setting up swapspace version 1, size = 127995904 bytes
[  220.530835][ T5308] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  225.836929][ T5347] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  227.081348][   T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  227.087044][   T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  227.091425][   T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  227.095305][   T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  227.099880][   T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  227.681863][   T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.697954][   T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.767739][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.778236][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.643178][ T5418] chnl_net:caif_netlink_parms(): no params data found
[  234.784272][ T5418] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.792770][ T5418] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.796860][ T5418] bridge_slave_0: entered allmulticast mode
[  234.801527][ T5418] bridge_slave_0: entered promiscuous mode
[  234.808636][ T5418] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.812360][ T5418] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.816469][ T5418] bridge_slave_1: entered allmulticast mode
[  234.820589][ T5418] bridge_slave_1: entered promiscuous mode
[  234.867587][ T5418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.875275][ T5418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.904420][ T5418] team0: Port device team_slave_0 added
[  234.911366][ T5418] team0: Port device team_slave_1 added
[  234.933920][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.937205][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  234.949057][ T5418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.957572][ T5418] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.960329][ T5418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  234.973338][ T5418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  235.017731][ T5418] hsr_slave_0: entered promiscuous mode
[  235.021698][ T5418] hsr_slave_1: entered promiscuous mode
[  235.250538][ T5418] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  235.262621][ T5418] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  235.272147][ T5418] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  235.282605][ T5418] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  235.322988][ T5418] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.326153][ T5418] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.329519][ T5418] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.332286][ T5418] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.409063][ T5418] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.425271][   T96] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.431497][   T96] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.440715][ T5418] 8021q: adding VLAN 0 to HW filter on device team0
[  235.451166][   T96] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.454000][   T96] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.472871][   T96] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.476317][   T96] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.647565][ T5418] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.684503][ T5418] veth0_vlan: entered promiscuous mode
[  235.692879][ T5418] veth1_vlan: entered promiscuous mode
[  235.719888][ T5418] veth0_macvtap: entered promiscuous mode
[  235.727832][ T5418] veth1_macvtap: entered promiscuous mode
[  235.744797][ T5418] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.762921][ T5418] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.778475][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.784747][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.794432][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.811701][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.972616][ T1049] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.016903][ T1049] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.064753][ T1049] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.127553][ T1049] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2026/03/26 10:30:37 executed programs: 0
[  236.625210][ T4665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  236.633865][ T4665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  236.639713][ T4665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  236.643341][ T4665] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  236.657574][ T4665] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  236.860020][ T5443] chnl_net:caif_netlink_parms(): no params data found
[  237.000798][ T5443] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.006533][ T5443] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.010412][ T5443] bridge_slave_0: entered allmulticast mode
[  237.014337][ T5443] bridge_slave_0: entered promiscuous mode
[  237.019869][ T5443] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.022818][ T5443] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.029622][ T5443] bridge_slave_1: entered allmulticast mode
[  237.034650][ T5443] bridge_slave_1: entered promiscuous mode
[  237.071935][ T5443] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.079025][ T5443] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.105941][ T5443] team0: Port device team_slave_0 added
[  237.112803][ T5443] team0: Port device team_slave_1 added
[  237.153048][ T5443] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.156301][ T5443] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  237.169346][ T5443] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.176440][ T5443] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.180938][ T5443] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  237.193866][ T5443] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.235678][ T5443] hsr_slave_0: entered promiscuous mode
[  237.238776][ T5443] hsr_slave_1: entered promiscuous mode
[  237.242071][ T5443] debugfs: 'hsr0' already exists in 'hsr'
[  237.246285][ T5443] Cannot create hsr debugfs directory
[  238.530954][ T1049] bridge_slave_1: left allmulticast mode
[  238.533720][ T1049] bridge_slave_1: left promiscuous mode
[  238.540377][ T1049] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.554756][ T1049] bridge_slave_0: left allmulticast mode
[  238.558697][ T1049] bridge_slave_0: left promiscuous mode
[  238.561386][ T1049] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.711414][ T4665] Bluetooth: hci0: command tx timeout
[  238.717704][ T1049] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  238.724622][ T1049] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  238.733873][ T1049] bond0 (unregistering): Released all slaves
[  238.845631][ T1049] hsr_slave_0: left promiscuous mode
[  238.860862][ T1049] hsr_slave_1: left promiscuous mode
[  238.863813][ T1049] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.881392][ T1049] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.897545][ T1049] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.902036][ T1049] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.924765][ T1049] veth1_macvtap: left promiscuous mode
[  238.935867][ T1049] veth0_macvtap: left promiscuous mode
[  238.939290][ T1049] veth1_vlan: left promiscuous mode
[  238.942427][ T1049] veth0_vlan: left promiscuous mode
[  239.380896][ T1049] team0 (unregistering): Port device team_slave_1 removed
[  239.395180][ T1049] team0 (unregistering): Port device team_slave_0 removed
[  239.887277][ T5443] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  239.899522][ T5443] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  239.926241][ T5443] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  239.946750][ T5443] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  240.167664][ T5443] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.184486][ T5443] 8021q: adding VLAN 0 to HW filter on device team0
[  240.192449][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.196546][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.220108][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.223378][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.400012][ T5443] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.442318][ T5443] veth0_vlan: entered promiscuous mode
[  240.453151][ T5443] veth1_vlan: entered promiscuous mode
[  240.477794][ T5443] veth0_macvtap: entered promiscuous mode
[  240.485198][ T5443] veth1_macvtap: entered promiscuous mode
[  240.501591][ T5443] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.513467][ T5443] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.525113][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.531564][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.551581][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.558722][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.647029][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.650807][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.692076][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.697564][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.774713][ T5472] iommufd_mock iommufd_mock0: Adding to iommu group 11
[  240.786556][ T4665] Bluetooth: hci0: command tx timeout
[  240.790466][ T5472] ------------[ cut here ]------------
[  240.793487][ T5472] !iommu_table->driver_ops || !iommu_table->driver_ops->change_top || !iommu_table->driver_ops->get_top_lock
[  240.793506][ T5472] WARNING: drivers/iommu/generic_pt/fmt/../iommu_pt.h:1251 at pt_iommu_amdv1_init+0x631/0x9f0, CPU#0: syz.0.17/5472
[  240.805727][ T5472] Modules linked in:
[  240.807839][ T5472] CPU: 0 UID: 0 PID: 5472 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  240.812206][ T5472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  240.818425][ T5472] RIP: 0010:pt_iommu_amdv1_init+0x631/0x9f0
[  240.821425][ T5472] Code: 48 89 df 44 89 fa e8 de 05 00 00 48 89 c3 48 3d 01 f0 ff ff 72 1e e8 de 77 6f fc eb 5e e8 d7 77 6f fc eb 05 e8 d0 77 6f fc 90 <0f> 0b 90 bb ea ff ff ff eb 47 e8 c0 77 6f fc 43 80 7c 35 00 00 74
[  240.836142][ T5472] RSP: 0018:ffffc9000e277a20 EFLAGS: 00010293
[  240.841851][ T5472] RAX: ffffffff855639f9 RBX: 0000000000000000 RCX: ffff8880369c24c0
[  240.846512][ T5472] RDX: 0000000000000000 RSI: 0000000000000034 RDI: 0000000000000000
[  240.850198][ T5472] RBP: ffff8880540f4f70 R08: ffff8880540f4f97 R09: 0000000000000000
[  240.853683][ T5472] R10: ffff8880540f4f68 R11: ffffed100a81e9f3 R12: ffff8880540f4f88
[  240.857290][ T5472] R13: 1ffff1100a81e9f1 R14: dffffc0000000000 R15: 0000000000000cc0
[  240.861682][ T5472] FS:  000055558cba0500(0000) GS:ffff88808ca51000(0000) knlGS:0000000000000000
[  240.866656][ T5472] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  240.869730][ T5472] CR2: 0000000000000000 CR3: 0000000037dbd000 CR4: 0000000000352ef0
[  240.873866][ T5472] Call Trace:
[  240.876061][ T5472]  <TASK>
[  240.877731][ T5472]  mock_domain_alloc_paging_flags+0x3ba/0x780
[  240.880895][ T5472]  ? __pfx_mock_domain_alloc_paging_flags+0x10/0x10
[  240.883730][ T5472]  ? _raw_spin_unlock+0x28/0x50
[  240.886246][ T5472]  ? _iommufd_object_alloc+0x187/0x210
[  240.888844][ T5472]  ? __pfx_mock_domain_alloc_paging_flags+0x10/0x10
[  240.893057][ T5472]  iommufd_hwpt_paging_alloc+0x3ab/0x830
[  240.896797][ T5472]  iommufd_hwpt_alloc+0x496/0xc10
[  240.899373][ T5472]  ? __pfx_iommufd_hwpt_alloc+0x10/0x10
[  240.901665][ T5472]  iommufd_fops_ioctl+0x4b5/0x5d0
[  240.903832][ T5472]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  240.906594][ T5472]  ? __se_sys_futex+0x3a8/0x450
[  240.909185][ T5472]  ? rcu_is_watching+0x15/0xb0
[  240.912048][ T5472]  ? bpf_lsm_file_ioctl+0x9/0x20
[  240.914542][ T5472]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  240.917136][ T5472]  __se_sys_ioctl+0xfc/0x170
[  240.919224][ T5472]  do_syscall_64+0x14d/0xf80
[  240.921378][ T5472]  ? trace_irq_disable+0x3b/0x150
[  240.923864][ T5472]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.927444][ T5472]  ? clear_bhb_loop+0x40/0x90
[  240.929920][ T5472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.932789][ T5472] RIP: 0033:0x7f7b6999c799
[  240.934710][ T5472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  240.950710][ T5472] RSP: 002b:00007ffd240fb7c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  240.955264][ T5472] RAX: ffffffffffffffda RBX: 00007f7b69c15fa0 RCX: 00007f7b6999c799
[  240.959267][ T5472] RDX: 0000200000000200 RSI: 0000000000003b89 RDI: 0000000000000008
[  240.963302][ T5472] RBP: 00007f7b69a32c99 R08: 0000000000000000 R09: 0000000000000000
[  240.968022][ T5472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.971565][ T5472] R13: 00007f7b69c15fac R14: 00007f7b69c15fa0 R15: 00007f7b69c15fa0
[  240.974986][ T5472]  </TASK>
[  240.976653][ T5472] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  240.981147][ T5472] CPU: 0 UID: 0 PID: 5472 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  240.985649][ T5472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  240.990252][ T5472] Call Trace:
[  240.991796][ T5472]  <TASK>
[  240.993171][ T5472]  vpanic+0x56c/0xa60
[  240.995044][ T5472]  ? __pfx__printk+0x10/0x10
[  240.997330][ T5472]  ? __pfx_vpanic+0x10/0x10
[  240.999873][ T5472]  ? is_bpf_text_address+0x292/0x2b0
[  241.002495][ T5472]  ? is_bpf_text_address+0x26/0x2b0
[  241.004836][ T5472]  panic+0xc5/0xd0
[  241.006439][ T5472]  ? __pfx_panic+0x10/0x10
[  241.008684][ T5472]  __warn+0x315/0x4f0
[  241.010415][ T5472]  ? pt_iommu_amdv1_init+0x631/0x9f0
[  241.013180][ T5472]  ? pt_iommu_amdv1_init+0x631/0x9f0
[  241.016193][ T5472]  __report_bug+0x29a/0x540
[  241.018599][ T5472]  ? pt_iommu_amdv1_init+0x631/0x9f0
[  241.021216][ T5472]  ? __pfx___report_bug+0x10/0x10
[  241.023520][ T5472]  ? iommufd_hwpt_alloc+0x496/0xc10
[  241.025797][ T5472]  ? iommufd_fops_ioctl+0x4b5/0x5d0
[  241.028291][ T5472]  ? __se_sys_ioctl+0xfc/0x170
[  241.031207][ T5472]  ? do_syscall_64+0x14d/0xf80
[  241.034305][ T5472]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.037417][ T5472]  ? pt_iommu_amdv1_init+0x631/0x9f0
[  241.040123][ T5472]  report_bug+0x16a/0x220
[  241.042106][ T5472]  ? pt_iommu_amdv1_init+0x631/0x9f0
[  241.045545][ T5472]  ? pt_iommu_amdv1_init+0x633/0x9f0
[  241.048737][ T5472]  handle_bug+0x9c/0x200
[  241.051300][ T5472]  exc_invalid_op+0x1a/0x50
[  241.053334][ T5472]  asm_exc_invalid_op+0x1a/0x20
[  241.055440][ T5472] RIP: 0010:pt_iommu_amdv1_init+0x631/0x9f0
[  241.058026][ T5472] Code: 48 89 df 44 89 fa e8 de 05 00 00 48 89 c3 48 3d 01 f0 ff ff 72 1e e8 de 77 6f fc eb 5e e8 d7 77 6f fc eb 05 e8 d0 77 6f fc 90 <0f> 0b 90 bb ea ff ff ff eb 47 e8 c0 77 6f fc 43 80 7c 35 00 00 74
[  241.067234][ T5472] RSP: 0018:ffffc9000e277a20 EFLAGS: 00010293
[  241.070266][ T5472] RAX: ffffffff855639f9 RBX: 0000000000000000 RCX: ffff8880369c24c0
[  241.073862][ T5472] RDX: 0000000000000000 RSI: 0000000000000034 RDI: 0000000000000000
[  241.077720][ T5472] RBP: ffff8880540f4f70 R08: ffff8880540f4f97 R09: 0000000000000000
[  241.081988][ T5472] R10: ffff8880540f4f68 R11: ffffed100a81e9f3 R12: ffff8880540f4f88
[  241.085640][ T5472] R13: 1ffff1100a81e9f1 R14: dffffc0000000000 R15: 0000000000000cc0
[  241.089129][ T5472]  ? pt_iommu_amdv1_init+0x629/0x9f0
[  241.092088][ T5472]  mock_domain_alloc_paging_flags+0x3ba/0x780
[  241.095625][ T5472]  ? __pfx_mock_domain_alloc_paging_flags+0x10/0x10
[  241.098849][ T5472]  ? _raw_spin_unlock+0x28/0x50
[  241.100944][ T5472]  ? _iommufd_object_alloc+0x187/0x210
[  241.103308][ T5472]  ? __pfx_mock_domain_alloc_paging_flags+0x10/0x10
[  241.106377][ T5472]  iommufd_hwpt_paging_alloc+0x3ab/0x830
[  241.109658][ T5472]  iommufd_hwpt_alloc+0x496/0xc10
[  241.112257][ T5472]  ? __pfx_iommufd_hwpt_alloc+0x10/0x10
[  241.114712][ T5472]  iommufd_fops_ioctl+0x4b5/0x5d0
[  241.117211][ T5472]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  241.120053][ T5472]  ? __se_sys_futex+0x3a8/0x450
[  241.122867][ T5472]  ? rcu_is_watching+0x15/0xb0
[  241.125482][ T5472]  ? bpf_lsm_file_ioctl+0x9/0x20
[  241.127753][ T5472]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  241.130321][ T5472]  __se_sys_ioctl+0xfc/0x170
[  241.132558][ T5472]  do_syscall_64+0x14d/0xf80
[  241.134632][ T5472]  ? trace_irq_disable+0x3b/0x150
[  241.137031][ T5472]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.140663][ T5472]  ? clear_bhb_loop+0x40/0x90
[  241.143181][ T5472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.145829][ T5472] RIP: 0033:0x7f7b6999c799
[  241.147932][ T5472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  241.156842][ T5472] RSP: 002b:00007ffd240fb7c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  241.161734][ T5472] RAX: ffffffffffffffda RBX: 00007f7b69c15fa0 RCX: 00007f7b6999c799
[  241.165254][ T5472] RDX: 0000200000000200 RSI: 0000000000003b89 RDI: 0000000000000008
[  241.168490][ T5472] RBP: 00007f7b69a32c99 R08: 0000000000000000 R09: 0000000000000000
[  241.172090][ T5472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  241.175742][ T5472] R13: 00007f7b69c15fac R14: 00007f7b69c15fa0 R15: 00007f7b69c15fa0
[  241.179351][ T5472]  </TASK>
[  241.181391][ T5472] Kernel Offset: disabled
[  241.183606][ T5472] Rebooting in 86400 seconds..