watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.4:14629]
Modules linked in:
irq event stamp: 50089815
hardirqs last  enabled at (50089814): [<ffffffff84400e46>] asm_sysvec_irq_work+0x16/0x20
hardirqs last disabled at (50089815): [<ffffffff841dfabb>] sysvec_apic_timer_interrupt+0xb/0xc0
softirqs last  enabled at (49873444): [<ffffffff8116c65b>] __irq_exit_rcu+0x11b/0x180
softirqs last disabled at (49873459): [<ffffffff8116c65b>] __irq_exit_rcu+0x11b/0x180
CPU: 0 PID: 14629 Comm: syz-executor.4 Not tainted 5.19.0-next-20220812 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:kcov_remote_start+0x167/0x6d0
Code: 48 c7 43 28 00 00 00 00 48 c7 c6 5d b8 45 81 48 89 df e8 cc 33 e4 ff 4d 85 ed 0f 84 dd fe ff ff e8 be cf 06 00 fb 48 83 c4 18 <5b> 5d 41 5c 41 5d 41 5e 41 5f e9 ea 81 1a 03 65 8b 05 e3 b5 bc 7e
RSP: 0018:ffff88806ce09c58 EFLAGS: 00000282
RAX: 0000000002fc49c2 RBX: ffff88806ce2b188 RCX: 1ffffffff0b5d6f1
RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000000
RBP: ffff88801b89d100 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
R13: 0000000000000200 R14: ffff88806ce2b188 R15: ffff88801b89d100
FS:  00007f0153c28700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000002000f038 CR3: 0000000039d6e000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 ieee80211_rx_list+0x447/0x26d0
 ieee80211_rx_napi+0xdb/0x380
 ieee80211_tasklet_handler+0xd4/0x130
 tasklet_action_common.constprop.0+0x208/0x2f0
 __do_softirq+0x1c8/0x8d0
 __irq_exit_rcu+0x11b/0x180
 irq_exit_rcu+0x5/0x20
 sysvec_apic_timer_interrupt+0x8e/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20
RIP: 0010:put_cpu_partial+0x115/0x1c0
Code: 39 43 28 75 61 48 c7 43 28 00 00 00 00 48 c7 c6 a0 de 77 81 48 89 df e8 89 0d b2 ff 48 85 ed 74 06 e8 7f a9 d4 ff fb 4d 85 ed <74> 21 5b 4c 89 ee 5d 4c 89 e7 41 5c 41 5d 41 5e 41 5f e9 84 fd ff
RSP: 0018:ffff888048c3f0d0 EFLAGS: 00000246
RAX: 0000000002f90231 RBX: ffff88806ce3c2e0 RCX: 1ffffffff0b5d6f1
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000200 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: ffff888007c4f780
R13: 0000000000000000 R14: ffffea0001077f00 R15: 0000000000000002
 qlist_free_all+0x6d/0x1a0
 kasan_quarantine_reduce+0x184/0x210
 __kasan_slab_alloc+0x7c/0x80
 kmem_cache_alloc_node+0x1bf/0x4b0
 __alloc_skb+0x210/0x300
 alloc_skb_with_frags+0x92/0x630
 sock_alloc_send_pskb+0x7ce/0x950
 __ip6_append_data.isra.0+0x2207/0x43f0
 ip6_make_skb+0x29c/0x4a0
 udpv6_sendmsg+0x1e21/0x2940
 inet6_sendmsg+0x105/0x140
 sock_sendmsg+0xf2/0x190
 ____sys_sendmsg+0x337/0x870
 ___sys_sendmsg+0x110/0x1b0
 __sys_sendmmsg+0x18b/0x460
 __x64_sys_sendmmsg+0x99/0x100
 do_syscall_64+0x3b/0x90
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f01566b2b19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f0153c28188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 00007f01567c5f60 RCX: 00007f01566b2b19
RDX: 0000000004000101 RSI: 0000000020002880 RDI: 0000000000000005
RBP: 00007f015670cf6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc13e583cf R14: 00007f0153c28300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 54 Comm: kmemleak Not tainted 5.19.0-next-20220812 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:scan_block+0x74/0x2a0
Code: 00 00 00 00 fc ff df 48 89 44 24 18 48 c1 e8 03 48 89 04 24 8b 05 6c d6 d0 03 85 c0 0f 84 7e 01 00 00 48 8b 04 24 80 3c 28 00 <0f> 85 d0 01 00 00 49 83 bd a8 04 00 00 00 0f 84 7f 01 00 00 e8 b3
RSP: 0018:ffff88800fcffda8 EFLAGS: 00000046
RAX: 1ffff11001f42ab5 RBX: ffff8880718d3458 RCX: ffffffff811d6b37
RDX: 1ffff110012bcd40 RSI: 0000000000000008 RDI: ffff8880095e6a00
RBP: dffffc0000000000 R08: 0000000000000000 R09: ffff8880095e6a07
R10: ffffed10012bcd40 R11: 0000000000000001 R12: ffff8880718d3ff9
R13: ffff88800fa15100 R14: ffffffffffffffff R15: 0000000000000092
FS:  0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c00289a000 CR3: 000000001d814000 CR4: 0000000000350ee0
Call Trace:
 <TASK>
 scan_gray_list+0x1eb/0x400
 kmemleak_scan+0x85a/0x16f0
 kmemleak_scan_thread+0x8f/0xb1
 kthread+0x2ed/0x3a0
 ret_from_fork+0x22/0x30
 </TASK>
----------------
Code disassembly (best guess):
   0:	48 c7 43 28 00 00 00 	movq   $0x0,0x28(%rbx)
   7:	00
   8:	48 c7 c6 5d b8 45 81 	mov    $0xffffffff8145b85d,%rsi
   f:	48 89 df             	mov    %rbx,%rdi
  12:	e8 cc 33 e4 ff       	callq  0xffe433e3
  17:	4d 85 ed             	test   %r13,%r13
  1a:	0f 84 dd fe ff ff    	je     0xfffffefd
  20:	e8 be cf 06 00       	callq  0x6cfe3
  25:	fb                   	sti
  26:	48 83 c4 18          	add    $0x18,%rsp
* 2a:	5b                   	pop    %rbx <-- trapping instruction
  2b:	5d                   	pop    %rbp
  2c:	41 5c                	pop    %r12
  2e:	41 5d                	pop    %r13
  30:	41 5e                	pop    %r14
  32:	41 5f                	pop    %r15
  34:	e9 ea 81 1a 03       	jmpq   0x31a8223
  39:	65 8b 05 e3 b5 bc 7e 	mov    %gs:0x7ebcb5e3(%rip),%eax        # 0x7ebcb623