watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.7:13849]
Modules linked in:
irq event stamp: 6459547
hardirqs last  enabled at (6459546): [<ffffffff8460144a>] asm_sysvec_apic_timer_interrupt+0x1a/0x20
hardirqs last disabled at (6459547): [<ffffffff843f35ef>] sysvec_apic_timer_interrupt+0xf/0xc0
softirqs last  enabled at (6439458): [<ffffffff8118333b>] __irq_exit_rcu+0x11b/0x180
softirqs last disabled at (6439461): [<ffffffff8118333b>] __irq_exit_rcu+0x11b/0x180
CPU: 0 PID: 13849 Comm: syz-executor.7 Not tainted 6.1.0-rc7-next-20221130 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:mac80211_hwsim_tx_frame+0x181/0x2a0
Code: 0f 85 2f 01 00 00 48 8d bb 48 3e 00 00 48 83 83 38 3e 00 00 01 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 ec 00 00 00 49 8d 7c 24 70 4c 8b b3 48 3e 00 00 48 b8 00 00
RSP: 0018:ffff88806ce09ce8 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: ffff88804468b3a0 RCX: 0000000000000100
RDX: 1ffff110088d1e3d RSI: ffffffff82fd100b RDI: ffff88804468f1e8
RBP: ffff888044688de0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: ffff888020e98000
R13: ffff88804468b638 R14: 0000000000000000 R15: ffff888044688e30
FS:  00007fe0f771d700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555557edc58 CR3: 000000004452a000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 mac80211_hwsim_beacon_tx+0x566/0xab0
 __iterate_interfaces+0x2d3/0x560
 ieee80211_iterate_active_interfaces_atomic+0x74/0x180
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x54b/0xba0
 hrtimer_run_softirq+0x176/0x350
 __do_softirq+0x1c7/0x8f9
 __irq_exit_rcu+0x11b/0x180
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0x92/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:qlist_free_all+0x36/0x1a0
Code: 41 57 41 56 41 55 49 89 fd 41 54 49 bc 00 00 00 00 00 fc ff df 55 48 89 f5 53 48 83 ec 08 eb 4d 49 63 86 c0 00 00 00 49 8b 18 <4c> 89 f7 49 29 c0 4c 89 c6 4d 89 c7 e8 39 f4 ff ff 48 89 c1 0f 1f
RSP: 0018:ffff888046257900 EFLAGS: 00000202
RAX: 0000000000000000 RBX: ffff88801ae897a0 RCX: ffff88800844f780
RDX: ffffea00006ba200 RSI: ffffea0000432180 RDI: 0000000040000000
RBP: 0000000000000000 R08: ffff88801ae88510 R09: 0000000080120010
R10: ffffea0000432180 R11: 0000000000000000 R12: dffffc0000000000
R13: ffff888046257940 R14: ffff88800844f780 R15: ffff888010c86510
 kasan_quarantine_reduce+0x196/0x230
 __kasan_slab_alloc+0x4c/0x70
 kmem_cache_alloc+0x1e1/0x410
 jbd2_journal_add_journal_head+0x374/0x5d0
 jbd2_journal_get_create_access+0x44/0x560
 __ext4_journal_get_create_access+0x54/0x1f0
 ext4_getblk+0x374/0x7b0
 ext4_bread+0x2e/0x1a0
 ext4_append+0x21d/0x530
 ext4_init_new_dir+0x262/0x4c0
 ext4_mkdir+0x3d3/0xb20
 vfs_mkdir+0x495/0x740
 do_mkdirat+0x16e/0x2d0
 __x64_sys_mkdir+0xf6/0x150
 do_syscall_64+0x3f/0x90
 entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7fe0fa1a6c27
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fe0f771cfa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe0fa1a6c27
RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000700
RBP: 00007fe0f771d040 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200006c0
R13: 0000000020000700 R14: 00007fe0f771d000 R15: 0000000020000140
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0xf/0x20
9pnet_fd: Insufficient options for proto=fd
FAT-fs (loop6): bogus number of reserved sectors
FAT-fs (loop6): Can't find a valid FAT filesystem
----------------
Code disassembly (best guess):
   0:	0f 85 2f 01 00 00    	jne    0x135
   6:	48 8d bb 48 3e 00 00 	lea    0x3e48(%rbx),%rdi
   d:	48 83 83 38 3e 00 00 	addq   $0x1,0x3e38(%rbx)
  14:	01
  15:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  1c:	fc ff df
  1f:	48 89 fa             	mov    %rdi,%rdx
  22:	48 c1 ea 03          	shr    $0x3,%rdx
  26:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
* 2a:	0f 85 ec 00 00 00    	jne    0x11c <-- trapping instruction
  30:	49 8d 7c 24 70       	lea    0x70(%r12),%rdi
  35:	4c 8b b3 48 3e 00 00 	mov    0x3e48(%rbx),%r14
  3c:	48                   	rex.W
  3d:	b8                   	.byte 0xb8