sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
blk_print_req_error: 2 callbacks suppressed
I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
loop5: detected capacity change from 0 to 40
watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.7:13857]
Modules linked in:
irq event stamp: 8781853
hardirqs last  enabled at (8781852): [<ffffffff8460144a>] asm_sysvec_apic_timer_interrupt+0x1a/0x20
hardirqs last disabled at (8781853): [<ffffffff843fe0af>] sysvec_apic_timer_interrupt+0xf/0xc0
softirqs last  enabled at (8769590): [<ffffffff8118443b>] __irq_exit_rcu+0x11b/0x180
softirqs last disabled at (8769593): [<ffffffff8118443b>] __irq_exit_rcu+0x11b/0x180
CPU: 0 PID: 13857 Comm: syz-executor.7 Not tainted 6.1.0-rc8-next-20221207 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:unwind_next_frame+0x35f/0x2130
Code: 00 fc ff df 4d 8d 48 04 4c 89 ca 48 c1 ea 03 0f b6 04 02 4c 89 ca 83 e2 07 38 d0 7f 08 84 c0 0f 85 e4 14 00 00 41 0f b6 40 04 <a8> 0f 0f 85 a2 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 78 05
RSP: 0018:ffff88806ce09720 EFLAGS: 00000246
RAX: 0000000000000015 RBX: 0000000000000002 RCX: ffffffff817d43db
RDX: 0000000000000002 RSI: ffffffff860ee816 RDI: ffffffff85dbeda4
RBP: ffff88806ce097f8 R08: ffffffff860ee85e R09: ffffffff860ee862
R10: ffffed100d9c1301 R11: 0000000000038001 R12: ffff88806ce097e1
R13: ffff88806ce09800 R14: ffff88806ce097a0 R15: ffffffff817d43db
FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055e384204898 CR3: 0000000005426000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 arch_stack_walk+0x87/0xf0
 stack_trace_save+0x90/0xd0
 kasan_save_stack+0x22/0x50
 kasan_set_track+0x25/0x30
 __kasan_slab_alloc+0x5c/0x70
 kmem_cache_alloc_node+0x1f5/0x420
 __alloc_skb+0x21a/0x310
 __netdev_alloc_skb+0x76/0x3e0
 __ieee80211_beacon_get+0x3d9/0x1310
 ieee80211_beacon_get_tim+0x99/0x4f0
 mac80211_hwsim_beacon_tx+0x1d2/0xab0
 __iterate_interfaces+0x2d3/0x560
 ieee80211_iterate_active_interfaces_atomic+0x74/0x180
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x54b/0xba0
 hrtimer_run_softirq+0x176/0x350
 __do_softirq+0x1c7/0x8f9
 __irq_exit_rcu+0x11b/0x180
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0x92/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:__rcu_read_unlock+0xc8/0x520
Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 9f 01 00 00 8b 85 f8 03 00 00 85 c0 75 58 <65> 48 8b 1c 25 00 89 03 00 48 8d bb f4 03 00 00 48 b8 00 00 00 00
RSP: 0018:ffff88803ca076a8 EFLAGS: 00000202
RAX: 00000000007e60b5 RBX: ffff888046ca9ac0 RCX: ffffffff812b8edf
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff8762e8c7
R10: fffffbfff0ec5d18 R11: 0000000000000001 R12: ffff88806ce3a040
R13: ffffea0000e68700 R14: 0000000000000200 R15: ffff88803ca07af8
 unlock_page_memcg+0xc7/0x230
 page_remove_rmap+0x240/0x620
 unmap_page_range+0x1fdf/0x2c10
 unmap_single_vma+0x190/0x2a0
 unmap_vmas+0x226/0x380
 exit_mmap+0x158/0x680
 mmput+0xd5/0x390
 do_exit+0x99b/0x2720
 do_group_exit+0xd4/0x2a0
 get_signal+0x21b7/0x22f0
 arch_do_signal_or_restart+0x79/0x5a0
 exit_to_user_mode_prepare+0x131/0x1a0
 irqentry_exit_to_user_mode+0x9/0x30
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0033:0x7f30e6f8eff5
Code: Unable to access opcode bytes at 0x7f30e6f8efcb.
RSP: 002b:00007f30e453ae68 EFLAGS: 00000286
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 00000000ffffffff RSI: 0000000000000001 RDI: 00007f30e453ae80
RBP: 00007f30e453b0f0 R08: 0000000000000000 R09: 00007f30e453af70
R10: 0000000000000000 R11: 000000000015eaac R12: 000000000000007f
R13: 00007f30e453ae80 R14: 00007f30e701ed30 R15: 00007f30e453b000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0xf/0x20
----------------
Code disassembly (best guess), 3 bytes skipped:
   0:	df 4d 8d             	fisttps -0x73(%rbp)
   3:	48 04 4c             	rex.W add $0x4c,%al
   6:	89 ca                	mov    %ecx,%edx
   8:	48 c1 ea 03          	shr    $0x3,%rdx
   c:	0f b6 04 02          	movzbl (%rdx,%rax,1),%eax
  10:	4c 89 ca             	mov    %r9,%rdx
  13:	83 e2 07             	and    $0x7,%edx
  16:	38 d0                	cmp    %dl,%al
  18:	7f 08                	jg     0x22
  1a:	84 c0                	test   %al,%al
  1c:	0f 85 e4 14 00 00    	jne    0x1506
  22:	41 0f b6 40 04       	movzbl 0x4(%r8),%eax
* 27:	a8 0f                	test   $0xf,%al <-- trapping instruction
  29:	0f 85 a2 01 00 00    	jne    0x1d1
  2f:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  36:	fc ff df
  39:	49 8d 78 05          	lea    0x5(%r8),%rdi