syz-executor.1 (4332) used greatest stack depth: 23576 bytes left
FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [syz-executor.4:4301]
Modules linked in:
irq event stamp: 7532105
hardirqs last  enabled at (7532104): [<ffffffff84200d06>] asm_sysvec_apic_timer_interrupt+0x16/0x20
hardirqs last disabled at (7532105): [<ffffffff841dca9b>] sysvec_apic_timer_interrupt+0xb/0xc0
softirqs last  enabled at (7519414): [<ffffffff8116c69b>] __irq_exit_rcu+0x11b/0x180
softirqs last disabled at (7519417): [<ffffffff8116c69b>] __irq_exit_rcu+0x11b/0x180
CPU: 0 PID: 4301 Comm: syz-executor.4 Not tainted 5.19.0-rc8-next-20220727 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:unwind_next_frame+0x1c5/0x20b0
Code: 8d 43 ff 39 c6 0f 83 18 15 00 00 48 b8 00 00 00 00 00 fc ff df 89 f2 48 8d 3c 95 68 59 04 86 48 89 f9 48 c1 e9 03 0f b6 0c 01 <48> 89 f8 83 e0 07 83 c0 03 38 c8 7c 27 84 c9 74 23 48 89 54 24 28
RSP: 0018:ffff88806ce098f0 EFLAGS: 00000212
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: 0000000000000000
RDX: 000000000000369e RSI: 000000000000369e RDI: ffffffff860533e0
RBP: ffff88806ce099c8 R08: ffffffff850c3c00 R09: ffffffff85eb5a60
R10: ffffed100d9c133b R11: 000000000003403c R12: ffff88806ce099b1
R13: ffff88806ce099d0 R14: ffff88806ce09970 R15: ffffffff81369ebd
FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffad45ef998 CR3: 0000000018026000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 arch_stack_walk+0x83/0xf0
 stack_trace_save+0x8c/0xc0
 __create_object.isra.0+0x389/0xc10
 __kmalloc_node_track_caller+0x284/0x480
 __alloc_skb+0xdd/0x300
 __netdev_alloc_skb+0x72/0x3e0
 __ieee80211_beacon_get+0x3e7/0x1380
 ieee80211_beacon_get_tim+0x95/0x4e0
 mac80211_hwsim_beacon_tx+0x1ce/0xaa0
 __iterate_interfaces+0x2d3/0x560
 ieee80211_iterate_active_interfaces_atomic+0x70/0x180
 mac80211_hwsim_beacon+0x101/0x200
 __hrtimer_run_queues+0x5de/0xbd0
 hrtimer_run_softirq+0x172/0x340
 __do_softirq+0x1c8/0x8d0
 __irq_exit_rcu+0x11b/0x180
 irq_exit_rcu+0x5/0x20
 sysvec_apic_timer_interrupt+0x8e/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20
RIP: 0010:__tlb_remove_page_size+0x11c/0x420
Code: 0f 85 86 02 00 00 8b 6d 0c 44 89 ff 89 ee e8 ab 39 d9 ff 41 39 ef 74 32 e8 71 3d d9 ff 89 ee 44 89 ff 45 31 e4 e8 94 39 d9 ff <41> 39 ef 0f 87 bc 00 00 00 e8 56 3d d9 ff 44 89 e0 5b 5d 41 5c 41
RSP: 0018:ffff88800de1f6f8 EFLAGS: 00000293
RAX: 0000000000000000 RBX: ffff88800de1fa30 RCX: ffffffff816c6d8c
RDX: ffff88800fba9b00 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00000000000001fe R08: 0000000000000004 R09: 000000000000017d
R10: 00000000000001fe R11: 0000000000000001 R12: 0000000000000000
R13: ffffea0000efe080 R14: ffff88800de1fa58 R15: 000000000000017d
 unmap_page_range+0x1055/0x2e20
 unmap_single_vma+0x196/0x360
 unmap_vmas+0x18f/0x330
 exit_mmap+0x186/0x440
 mmput+0xc8/0x380
 do_exit+0xb3e/0x2940
 do_group_exit+0xd0/0x2a0
 get_signal+0x2205/0x24b0
 arch_do_signal_or_restart+0x89/0x1be0
 exit_to_user_mode_prepare+0x131/0x1a0
 syscall_exit_to_user_mode+0x19/0x40
 do_syscall_64+0x48/0x90
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f5e44550b19
Code: Unable to access opcode bytes at RIP 0x7f5e44550aef.
RSP: 002b:00007f5e41ac6188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
RAX: 0000000000000007 RBX: 00007f5e44663f60 RCX: 00007f5e44550b19
RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000080
RBP: 00007f5e445aaf6d R08: 0000000000000000 R09: 0000000000000000
R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffdadec6b7f R14: 00007f5e41ac6300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0xb/0x10
rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 26295 jiffies s: 333 root: 0x1/.
rcu: blocking rcu_node structures (internal RCU debug):
Task dump for CPU 0:
task:syz-executor.4  state:R  running task     stack:26872 pid: 4301 ppid:   293 flags:0x0000400c
Call Trace:
 <TASK>
 </TASK>
----------------
Code disassembly (best guess):
   0:	8d 43 ff             	lea    -0x1(%rbx),%eax
   3:	39 c6                	cmp    %eax,%esi
   5:	0f 83 18 15 00 00    	jae    0x1523
   b:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  12:	fc ff df
  15:	89 f2                	mov    %esi,%edx
  17:	48 8d 3c 95 68 59 04 	lea    -0x79fba698(,%rdx,4),%rdi
  1e:	86
  1f:	48 89 f9             	mov    %rdi,%rcx
  22:	48 c1 e9 03          	shr    $0x3,%rcx
  26:	0f b6 0c 01          	movzbl (%rcx,%rax,1),%ecx
* 2a:	48 89 f8             	mov    %rdi,%rax <-- trapping instruction
  2d:	83 e0 07             	and    $0x7,%eax
  30:	83 c0 03             	add    $0x3,%eax
  33:	38 c8                	cmp    %cl,%al
  35:	7c 27                	jl     0x5e
  37:	84 c9                	test   %cl,%cl
  39:	74 23                	je     0x5e
  3b:	48 89 54 24 28       	mov    %rdx,0x28(%rsp)