watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.4:4758]
Modules linked in:
irq event stamp: 4320597
hardirqs last  enabled at (4320596): [<ffffffff8460144a>] asm_sysvec_apic_timer_interrupt+0x1a/0x20
hardirqs last disabled at (4320597): [<ffffffff8453a31f>] sysvec_apic_timer_interrupt+0xf/0x90
softirqs last  enabled at (4163666): [<ffffffff81190143>] irq_exit_rcu+0x93/0xc0
softirqs last disabled at (4163669): [<ffffffff81190143>] irq_exit_rcu+0x93/0xc0
CPU: 0 PID: 4758 Comm: syz-executor.4 Not tainted 6.5.0-rc2-next-20230718 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:ieee80211_prepare_and_rx_handle+0xd83/0x59c0
Code: 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 ca 3a 00 00 49 8b 47 28 48 89 04 24 48 85 c0 0f 85 a9 16 00 00 e8 7d c6 20 fd <48> 8b 54 24 10 48 b8 00 00 00 00 00 fc ff df 4c 8d ac 24 f8 00 00
RSP: 0018:ffff88806ce09a90 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000100
RDX: ffff888016458000 RSI: ffffffff842bcf63 RDI: 0000000000000001
RBP: ffff888043f7db50 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880415c8b80
R13: 0000000000000080 R14: 0000000000000001 R15: ffff88806ce09d70
FS:  00007f568c060700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007efd2c0c0018 CR3: 000000000f752000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 ieee80211_rx_for_interface+0x10e/0x200
 ieee80211_rx_list+0x1e34/0x2d10
 ieee80211_rx_napi+0xde/0x3c0
 ieee80211_tasklet_handler+0xd6/0x130
 tasklet_action_common.constprop.0+0x267/0x700
 __do_softirq+0x1b7/0x7d4
 irq_exit_rcu+0x93/0xc0
 sysvec_apic_timer_interrupt+0x6e/0x90
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:__orc_find+0x83/0xf0
Code: 01 d0 48 d1 f8 48 8d 5c 85 00 48 89 d8 48 c1 e8 03 42 0f b6 14 38 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 50 48 63 03 <48> 01 d8 48 39 c1 73 b0 4c 8d 63 fc 49 39 ec 73 b3 4d 29 ee 49 c1
RSP: 0018:ffff88801698f730 EFLAGS: 00000246
RAX: fffffffffbcb05c1 RBX: ffffffff85e325d8 RCX: ffffffff81ae2ba2
RDX: 0000000000000000 RSI: ffffffff8618889a RDI: ffffffff85e325d4
RBP: ffffffff85e325d4 R08: ffffffff8618889a R09: ffff88801698f828
R10: 0000000000038001 R11: 000000000002c1bd R12: ffffffff85e325dc
R13: ffffffff85e325d4 R14: ffffffff85e325d4 R15: dffffc0000000000
 unwind_next_frame+0x2b1/0x2490
 arch_stack_walk+0x87/0xf0
 stack_trace_save+0x90/0xd0
 kasan_save_stack+0x22/0x50
 kasan_set_track+0x25/0x30
 __kasan_slab_alloc+0x59/0x70
 kmem_cache_alloc+0x17b/0x390
 jbd2__journal_start+0x194/0x810
 __ext4_journal_start_sb+0x3d7/0x560
 ext4_alloc_file_blocks.isra.0+0x263/0xa80
 ext4_fallocate+0x440/0x38a0
 vfs_fallocate+0x493/0xe80
 __x64_sys_fallocate+0xd3/0x140
 do_syscall_64+0x3f/0x90
 entry_SYSCALL_64_after_hwframe+0x6e/0xd8
RIP: 0033:0x7f568eaeab19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f568c060188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
RAX: ffffffffffffffda RBX: 00007f568ebfdf60 RCX: 00007f568eaeab19
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
RBP: 00007f568eb44f6d R08: 0000000000000000 R09: 0000000000000000
R10: 00000000087ffffc R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcefc951ff R14: 00007f568c060300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0xf/0x20
----------------
Code disassembly (best guess), 6 bytes skipped:
   0:	48 c1 ea 03          	shr    $0x3,%rdx
   4:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   8:	0f 85 ca 3a 00 00    	jne    0x3ad8
   e:	49 8b 47 28          	mov    0x28(%r15),%rax
  12:	48 89 04 24          	mov    %rax,(%rsp)
  16:	48 85 c0             	test   %rax,%rax
  19:	0f 85 a9 16 00 00    	jne    0x16c8
  1f:	e8 7d c6 20 fd       	callq  0xfd20c6a1
* 24:	48 8b 54 24 10       	mov    0x10(%rsp),%rdx <-- trapping instruction
  29:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  30:	fc ff df
  33:	4c                   	rex.WR
  34:	8d                   	.byte 0x8d
  35:	ac                   	lods   %ds:(%rsi),%al
  36:	24 f8                	and    $0xf8,%al