loop4: detected capacity change from 0 to 10
loop7: detected capacity change from 0 to 10
loop5: detected capacity change from 0 to 10
watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [syz-executor.2:5865]
Modules linked in:
irq event stamp: 3897817
hardirqs last  enabled at (3897816): [<ffffffff8482356b>] irqentry_exit+0x3b/0x90
hardirqs last disabled at (3897817): [<ffffffff84821f2f>] sysvec_apic_timer_interrupt+0xf/0x80
softirqs last  enabled at (3874906): [<ffffffff811a7dec>] handle_softirqs+0x50c/0x770
softirqs last disabled at (3874909): [<ffffffff811a87f4>] irq_exit_rcu+0x94/0xc0
CPU: 1 UID: 0 PID: 5865 Comm: syz-executor.2 Not tainted 6.12.0-rc3-next-20241016 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:unwind_next_frame+0xbfb/0x2490
Code: 05 01 e8 38 5f 1e 00 4c 8b 4c 24 08 e9 24 f7 ff ff 48 be 00 00 00 00 00 fc ff df 48 8d 79 02 48 89 f8 48 c1 e8 03 0f b6 14 30 <48> 8d 41 03 49 89 c0 49 c1 e8 03 41 0f b6 34 30 49 89 f8 41 83 e0
RSP: 0018:ffff88806cf095f8 EFLAGS: 00000217
RAX: 1ffffffff0d0794b RBX: 0000000000000001 RCX: ffffffff8683ca5a
RDX: 0000000000000000 RSI: dffffc0000000000 RDI: ffffffff8683ca5c
RBP: ffff88806cf096c0 R08: ffffffff8683ca5e R09: ffff88806cf096a8
R10: 000000000003c001 R11: 0000000000025667 R12: ffff88806cf096c8
R13: ffff88806cf096b0 R14: ffff888038247ab8 R15: ffff88806cf09668
FS:  00007f866e68d700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b3062b000 CR3: 00000000123c0000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 arch_stack_walk+0x87/0xf0
 stack_trace_save+0x8f/0xc0
 kasan_save_stack+0x24/0x50
 kasan_save_track+0x14/0x30
 __kasan_slab_alloc+0x59/0x70
 kmem_cache_alloc_node_noprof+0x14c/0x3e0
 __alloc_skb+0x2ad/0x370
 skb_copy+0x1d5/0x3b0
 mac80211_hwsim_tx_frame_no_nl.isra.0+0xafb/0x1320
 mac80211_hwsim_tx_frame+0x1ee/0x2a0
 mac80211_hwsim_beacon_tx+0x546/0x950
 __iterate_interfaces+0x2cb/0x5d0
 ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x1ab/0xa70
 hrtimer_run_softirq+0x14c/0x310
 handle_softirqs+0x1b1/0x770
 irq_exit_rcu+0x94/0xc0
 sysvec_apic_timer_interrupt+0x70/0x80
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:memset_orig+0x33/0xb0
Code: b6 ce 48 b8 01 01 01 01 01 01 01 01 48 0f af c1 41 89 f9 41 83 e1 07 75 70 48 89 d1 48 c1 e9 06 74 35 0f 1f 44 00 00 48 ff c9 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
RSP: 0018:ffff8880382477f8 EFLAGS: 00000206
RAX: ffffffffffffffff RBX: ffffffff857d31e8 RCX: 0000000000000039
RDX: 0000000000001000 RSI: 00000000000000ff RDI: ffffed1006c90180
RBP: ffffffff857d31f8 R08: 0000000000000000 R09: 0000000000000000
R10: ffffed1006c90000 R11: 0000000000000000 R12: 0000000036480000
R13: 0000000000000000 R14: 0000000000000003 R15: ffffea0000d92000
 free_unref_page+0x270/0xc40
 __put_partials+0xd8/0x110
 qlist_free_all+0x50/0x160
 kasan_quarantine_reduce+0x19c/0x230
 __kasan_slab_alloc+0x49/0x70
 kmem_cache_alloc_noprof+0x13d/0x3d0
 __alloc_object+0x2f/0x270
 __create_object+0x1d/0x80
 kmem_cache_alloc_noprof+0x300/0x3d0
 security_file_alloc+0x35/0x130
 init_file+0x95/0x230
 alloc_empty_file+0x94/0x1e0
 path_openat+0xe1/0x2980
 do_filp_open+0x1b8/0x410
 do_sys_openat2+0x164/0x1d0
 __x64_sys_openat+0x143/0x200
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f86710caa04
Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
RSP: 002b:00007f866e68ced0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f8671161970 RCX: 00007f86710caa04
RDX: 0000000000000002 RSI: 00007f866e68d000 RDI: 00000000ffffff9c
RBP: 00007f866e68d000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
R13: 0000000000000003 R14: 0000000020000230 R15: 0000000000000002
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at default_idle+0x1e/0x30
loop2: detected capacity change from 0 to 10
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
raw_sendmsg: syz-executor.5 forgot to set AF_INET. Fix it!
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	01 e8                	add    %ebp,%eax
   2:	38 5f 1e             	cmp    %bl,0x1e(%rdi)
   5:	00 4c 8b 4c          	add    %cl,0x4c(%rbx,%rcx,4)
   9:	24 08                	and    $0x8,%al
   b:	e9 24 f7 ff ff       	jmpq   0xfffff734
  10:	48 be 00 00 00 00 00 	movabs $0xdffffc0000000000,%rsi
  17:	fc ff df
  1a:	48 8d 79 02          	lea    0x2(%rcx),%rdi
  1e:	48 89 f8             	mov    %rdi,%rax
  21:	48 c1 e8 03          	shr    $0x3,%rax
  25:	0f b6 14 30          	movzbl (%rax,%rsi,1),%edx
* 29:	48 8d 41 03          	lea    0x3(%rcx),%rax <-- trapping instruction
  2d:	49 89 c0             	mov    %rax,%r8
  30:	49 c1 e8 03          	shr    $0x3,%r8
  34:	41 0f b6 34 30       	movzbl (%r8,%rsi,1),%esi
  39:	49 89 f8             	mov    %rdi,%r8
  3c:	41                   	rex.B
  3d:	83                   	.byte 0x83
  3e:	e0                   	.byte 0xe0