EXT4-fs warning (device loop5): ext4_enable_quotas:7093: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
EXT4-fs (loop5): mount failed
watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.6:13906]
Modules linked in:
irq event stamp: 3906939
hardirqs last  enabled at (3906938): [<ffffffff8482356b>] irqentry_exit+0x3b/0x90
hardirqs last disabled at (3906939): [<ffffffff84821f2f>] sysvec_apic_timer_interrupt+0xf/0x80
softirqs last  enabled at (3874812): [<ffffffff811a7dec>] handle_softirqs+0x50c/0x770
softirqs last disabled at (3874819): [<ffffffff811a87f4>] irq_exit_rcu+0x94/0xc0
CPU: 0 UID: 0 PID: 13906 Comm: syz-executor.6 Not tainted 6.12.0-rc3-next-20241016 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:stack_depot_save_flags+0x6/0x900
Code: d8 4c 89 e6 48 89 ef e8 08 69 07 ff eb b9 e8 21 fe 4a 02 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 <41> 56 41 55 41 54 41 89 cc 55 53 48 83 ec 28 89 14 24 41 83 e4 fc
RSP: 0018:ffff88806ce091a0 EFLAGS: 00000287
RAX: 000000000000002c RBX: ffff88803ec8a008 RCX: 0000000000000001
RDX: 0000000000000000 RSI: 000000000000002c RDI: ffff88806ce091b0
RBP: ffff888008c41dc0 R08: 0000000000000001 R09: ffff888041170a38
R10: ffffffff863f274f R11: 00000000000c2f81 R12: 0000000000000000
R13: 0000000000000001 R14: ffffea0000fb2200 R15: ffff88803ec8a000
FS:  00007fa8ee764700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f261a289018 CR3: 000000000c51a000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 kasan_save_stack+0x34/0x50
 kasan_save_track+0x14/0x30
 kasan_save_free_info+0x3a/0x60
 __kasan_slab_free+0x38/0x50
 kfree+0x132/0x480
 ieee80211_inform_bss+0x7f6/0x10b0
 cfg80211_inform_single_bss_data+0x7fe/0x1c50
 cfg80211_inform_bss_data+0x20f/0x3510
 cfg80211_inform_bss_frame_data+0x250/0x690
 ieee80211_bss_info_update+0x2f6/0xa90
 ieee80211_scan_rx+0x474/0xac0
 ieee80211_rx_list+0x21ec/0x2cf0
 ieee80211_rx_napi+0xdc/0x3b0
 ieee80211_handle_queued_frames+0xd9/0x130
 tasklet_action_common+0x235/0x3b0
 handle_softirqs+0x1b1/0x770
 irq_exit_rcu+0x94/0xc0
 sysvec_apic_timer_interrupt+0x70/0x80
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:put_cpu_partial+0x10a/0x1b0
Code: 24 28 75 5b 49 c7 44 24 28 00 00 00 00 4c 89 e7 48 8d 35 00 00 00 00 e8 b4 ff ab ff 4d 85 ed 74 06 e8 ca 7f d5 ff fb 4d 85 f6 <74> 1c 5b 4c 89 f6 48 89 ef 5d 41 5c 41 5d 41 5e e9 c1 fa ff ff 44
RSP: 0018:ffff888040fbf330 EFLAGS: 00000246
RAX: 00000000003b2001 RBX: ffffea000034adc0 RCX: 1ffffffff0fdca53
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8183f876
RBP: ffff888008c4f780 R08: 0000000000000001 R09: fffffbfff0fda9d9
R10: ffffffff87ed4ecf R11: 00000000000007e0 R12: ffff88806ce40350
R13: 0000000000000200 R14: 0000000000000000 R15: ffff88800d2b7de0
 qlist_free_all+0x50/0x160
 kasan_quarantine_reduce+0x19c/0x230
 __kasan_slab_alloc+0x49/0x70
 __kmalloc_noprof+0x195/0x4b0
 bio_kmalloc+0x3e/0x70
 blk_rq_map_kern+0x488/0x8f0
 scsi_execute_cmd+0xbe8/0xe80
 sr_check_events+0x1b5/0xa80
 cdrom_check_events+0x68/0x110
 sr_block_check_events+0xc3/0x100
 disk_check_events+0xc7/0x420
 disk_check_media_change+0xfe/0x280
 sr_block_open+0xe8/0x280
 blkdev_get_whole+0x97/0x290
 bdev_open+0x2c7/0xe40
 blkdev_open+0x378/0x460
 do_dentry_open+0x71c/0x1420
 vfs_open+0x82/0x3f0
 path_openat+0x1cf3/0x2980
 do_filp_open+0x1b8/0x410
 do_sys_openat2+0x164/0x1d0
 __x64_sys_openat+0x143/0x200
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa8f11eeb19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa8ee764188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fa8f1301f60 RCX: 00007fa8f11eeb19
RDX: 0000000000121800 RSI: 0000000020002380 RDI: ffffffffffffff9c
RBP: 00007fa8f1248f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffec0c8a6f R14: 00007fa8ee764300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0x1e/0x30
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 0
CPU: 1 UID: 0 PID: 13938 Comm: syz-executor.5 Tainted: G             L     6.12.0-rc3-next-20241016 #1
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xfa/0x120
 should_fail_ex+0x4b1/0x5b0
 copy_page_from_iter_atomic+0x26e/0x15a0
 generic_perform_write+0x423/0x7e0
 shmem_file_write_iter+0x111/0x140
 vfs_write+0xbcc/0x1090
 __x64_sys_pwrite64+0x1fd/0x260
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe5e0756ab7
Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
RSP: 002b:00007fe5ddd18f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
RAX: ffffffffffffffda RBX: 00007fe5e07ed970 RCX: 00007fe5e0756ab7
RDX: 0000000000000060 RSI: 0000000020011c00 RDI: 0000000000000004
RBP: 0000000000000026 R08: 0000000000000000 R09: ffffffffffffffff
R10: 0000000000007c00 R11: 0000000000000293 R12: 0000000000000004
R13: 0000000000000004 R14: 00000000200003e0 R15: 0000000000000014
 </TASK>
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
ext4 filesystem being mounted at /syzkaller-testdir227768559/syzkaller.qPe1xp/204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 0
CPU: 0 UID: 0 PID: 13964 Comm: syz-executor.5 Tainted: G             L     6.12.0-rc3-next-20241016 #1
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xfa/0x120
 should_fail_ex+0x4b1/0x5b0
 copy_page_from_iter_atomic+0x26e/0x15a0
 generic_perform_write+0x423/0x7e0
 shmem_file_write_iter+0x111/0x140
 vfs_write+0xbcc/0x1090
 __x64_sys_pwrite64+0x1fd/0x260
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe5e0756ab7
Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
RSP: 002b:00007fe5ddd18f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
RAX: ffffffffffffffda RBX: 00007fe5e07ed970 RCX: 00007fe5e0756ab7
RDX: 0000000000000020 RSI: 0000000020011e00 RDI: 0000000000000004
RBP: 0000000000000026 R08: 0000000000000000 R09: ffffffffffffffff
R10: 0000000000008400 R11: 0000000000000293 R12: 0000000000000004
R13: 0000000000000004 R14: 0000000020000410 R15: 0000000000000016
 </TASK>
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
ext4 filesystem being mounted at /syzkaller-testdir227768559/syzkaller.qPe1xp/205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 0
CPU: 1 UID: 0 PID: 13994 Comm: syz-executor.5 Tainted: G             L     6.12.0-rc3-next-20241016 #1
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xfa/0x120
 should_fail_ex+0x4b1/0x5b0
 copy_page_from_iter_atomic+0x26e/0x15a0
 generic_perform_write+0x423/0x7e0
 shmem_file_write_iter+0x111/0x140
 vfs_write+0xbcc/0x1090
 __x64_sys_pwrite64+0x1fd/0x260
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe5e0756ab7
Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
RSP: 002b:00007fe5ddd18f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
RAX: ffffffffffffffda RBX: 00007fe5e07ed970 RCX: 00007fe5e0756ab7
RDX: 0000000000000020 RSI: 0000000020011f00 RDI: 0000000000000004
RBP: 0000000000000026 R08: 0000000000000000 R09: ffffffffffffffff
R10: 0000000000008800 R11: 0000000000000293 R12: 0000000000000004
R13: 0000000000000004 R14: 0000000020000428 R15: 0000000000000017
 </TASK>
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
ext4 filesystem being mounted at /syzkaller-testdir227768559/syzkaller.qPe1xp/206/file0 supports timestamps until 2038-01-19 (0x7fffffff)
EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 0
CPU: 0 UID: 0 PID: 14015 Comm: syz-executor.5 Tainted: G             L     6.12.0-rc3-next-20241016 #1
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xfa/0x120
 should_fail_ex+0x4b1/0x5b0
 copy_page_from_iter_atomic+0x26e/0x15a0
 generic_perform_write+0x423/0x7e0
 shmem_file_write_iter+0x111/0x140
 vfs_write+0xbcc/0x1090
 __x64_sys_pwrite64+0x1fd/0x260
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe5e0756ab7
Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
RSP: 002b:00007fe5ddd18f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
RAX: ffffffffffffffda RBX: 00007fe5e07ed970 RCX: 00007fe5e0756ab7
RDX: 0000000000000020 RSI: 0000000020012000 RDI: 0000000000000004
RBP: 0000000000000026 R08: 0000000000000000 R09: ffffffffffffffff
R10: 0000000000008c00 R11: 0000000000000293 R12: 0000000000000004
R13: 0000000000000004 R14: 0000000020000440 R15: 0000000000000018
 </TASK>
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
ext4 filesystem being mounted at /syzkaller-testdir227768559/syzkaller.qPe1xp/207/file0 supports timestamps until 2038-01-19 (0x7fffffff)
EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
Bluetooth: hci4: command tx timeout
----------------
Code disassembly (best guess):
   0:	d8 4c 89 e6          	fmuls  -0x1a(%rcx,%rcx,4)
   4:	48 89 ef             	mov    %rbp,%rdi
   7:	e8 08 69 07 ff       	callq  0xff076914
   c:	eb b9                	jmp    0xffffffc7
   e:	e8 21 fe 4a 02       	callq  0x24afe34
  13:	90                   	nop
  14:	90                   	nop
  15:	90                   	nop
  16:	90                   	nop
  17:	90                   	nop
  18:	90                   	nop
  19:	90                   	nop
  1a:	90                   	nop
  1b:	90                   	nop
  1c:	90                   	nop
  1d:	90                   	nop
  1e:	90                   	nop
  1f:	90                   	nop
  20:	90                   	nop
  21:	90                   	nop
  22:	90                   	nop
  23:	90                   	nop
  24:	f3 0f 1e fa          	endbr64
  28:	41 57                	push   %r15
* 2a:	41 56                	push   %r14 <-- trapping instruction
  2c:	41 55                	push   %r13
  2e:	41 54                	push   %r12
  30:	41 89 cc             	mov    %ecx,%r12d
  33:	55                   	push   %rbp
  34:	53                   	push   %rbx
  35:	48 83 ec 28          	sub    $0x28,%rsp
  39:	89 14 24             	mov    %edx,(%rsp)
  3c:	41 83 e4 fc          	and    $0xfffffffc,%r12d