EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.1:9643]
Modules linked in:
irq event stamp: 3690365
hardirqs last  enabled at (3690364): [<ffffffff8482356b>] irqentry_exit+0x3b/0x90
hardirqs last disabled at (3690365): [<ffffffff84821f2f>] sysvec_apic_timer_interrupt+0xf/0x80
softirqs last  enabled at (3610698): [<ffffffff811a7dec>] handle_softirqs+0x50c/0x770
softirqs last disabled at (3610701): [<ffffffff811a87f4>] irq_exit_rcu+0x94/0xc0
CPU: 0 UID: 0 PID: 9643 Comm: syz-executor.1 Not tainted 6.12.0-rc3-next-20241016 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:unwind_next_frame+0xc5a/0x2490
Code: 40 84 f6 0f 95 c0 84 c2 0f 85 3a 17 00 00 48 0f bf 41 02 ba 08 00 00 00 4c 89 ff 49 01 c6 4c 89 f6 e8 ca f1 ff ff 4d 8d 4f 40 <84> c0 0f 84 a4 f6 ff ff 4c 89 f7 e8 b6 e9 ff ff 49 8d 7f 50 48 89
RSP: 0018:ffff88806ce09778 EFLAGS: 00000286
RAX: ffff88806ce0a001 RBX: 0000000000000002 RCX: 0000000000000002
RDX: ffff88806ce09b01 RSI: ffff88806ce09b80 RDI: ffff88806ce097f8
RBP: ffff88806ce09840 R08: 0000000000000001 R09: ffff88806ce09828
R10: 000000000003c001 R11: 0000000000011082 R12: ffff88806ce09848
R13: ffff88806ce09830 R14: ffff88806ce09b80 R15: ffff88806ce097e8
FS:  00007fdd5fa95700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fdd5fa94ff8 CR3: 0000000037c58000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 arch_stack_walk+0x87/0xf0
 stack_trace_save+0x8f/0xc0
 kasan_save_stack+0x24/0x50
 __kasan_record_aux_stack+0x8c/0xa0
 __call_rcu_common.constprop.0+0x6a/0xaa0
 kmem_cache_free+0x2ae/0x470
 skb_release_data+0x814/0x990
 consume_skb+0xd0/0x160
 mac80211_hwsim_tx_frame+0x1f6/0x2a0
 mac80211_hwsim_beacon_tx+0x546/0x950
 __iterate_interfaces+0x2cb/0x5d0
 ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x1ab/0xa70
 hrtimer_run_softirq+0x14c/0x310
 handle_softirqs+0x1b1/0x770
 irq_exit_rcu+0x94/0xc0
 sysvec_apic_timer_interrupt+0x70/0x80
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50
Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 16 a6 ab fc 48 89 ef e8 0e 17 ac fc 80 e7 02 74 06 e8 24 26 d5 fc fb 65 ff 0d a4 54 7f 7b <74> 07 5b 5d e9 b3 1e 00 00 0f 1f 44 00 00 5b 5d e9 a7 1e 00 00 0f
RSP: 0018:ffff88801337fa28 EFLAGS: 00000246
RAX: 0000000000343529 RBX: 0000000000000202 RCX: 1ffffffff0c7dda1
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8484521c
RBP: ffff88803d4de250 R08: 0000000000000001 R09: 0000000000000001
R10: ffffffff863f274f R11: 00000000000c2f81 R12: ffff888009402640
R13: ffffea0000570300 R14: 0000000000000000 R15: ffff888015c0d6c0
 __delete_object+0x2b/0x50
 kmem_cache_free+0x2ae/0x470
 fput+0x376/0x3f0
 path_openat+0x1aaa/0x2980
 do_filp_open+0x1b8/0x410
 do_sys_openat2+0x164/0x1d0
 __x64_sys_openat+0x143/0x200
 do_syscall_64+0xbf/0x1d0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdd624d2a04
Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
RSP: 002b:00007fdd5fa95060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fdd62632f60 RCX: 00007fdd624d2a04
RDX: 0000000000000002 RSI: 00007fdd5fa950f0 RDI: 00000000ffffff9c
RBP: 00007fdd5fa950f0 R08: 0000000000000000 R09: 00007fdd5fa94f70
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
R13: 00007ffe622f878f R14: 00007fdd5fa95300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0x1e/0x30
loop5: detected capacity change from 0 to 512
EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET)
capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure
tmpfs: Bad value for 'mpol'
tmpfs: Bad value for 'mpol'
tmpfs: Bad value for 'mpol'
----------------
Code disassembly (best guess):
   0:	40 84 f6             	test   %sil,%sil
   3:	0f 95 c0             	setne  %al
   6:	84 c2                	test   %al,%dl
   8:	0f 85 3a 17 00 00    	jne    0x1748
   e:	48 0f bf 41 02       	movswq 0x2(%rcx),%rax
  13:	ba 08 00 00 00       	mov    $0x8,%edx
  18:	4c 89 ff             	mov    %r15,%rdi
  1b:	49 01 c6             	add    %rax,%r14
  1e:	4c 89 f6             	mov    %r14,%rsi
  21:	e8 ca f1 ff ff       	callq  0xfffff1f0
  26:	4d 8d 4f 40          	lea    0x40(%r15),%r9
* 2a:	84 c0                	test   %al,%al <-- trapping instruction
  2c:	0f 84 a4 f6 ff ff    	je     0xfffff6d6
  32:	4c 89 f7             	mov    %r14,%rdi
  35:	e8 b6 e9 ff ff       	callq  0xffffe9f0
  3a:	49 8d 7f 50          	lea    0x50(%r15),%rdi
  3e:	48                   	rex.W
  3f:	89                   	.byte 0x89