watchdog: BUG: soft lockup - CPU#0 stuck for 21s! [syz-executor.7:4697]
Modules linked in:
irq event stamp: 4459743
hardirqs last  enabled at (4459742): [<ffffffff8460144a>] asm_sysvec_apic_timer_interrupt+0x1a/0x20
hardirqs last disabled at (4459743): [<ffffffff84457c7f>] sysvec_apic_timer_interrupt+0xf/0x90
softirqs last  enabled at (4447764): [<ffffffff8118d1ec>] __irq_exit_rcu+0xcc/0x110
softirqs last disabled at (4447767): [<ffffffff8118d1ec>] __irq_exit_rcu+0xcc/0x110
CPU: 0 PID: 4697 Comm: syz-executor.7 Not tainted 6.2.0-rc5-next-20230127 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:_raw_spin_unlock_irqrestore+0x34/0x50
Code: c7 18 53 48 89 f3 48 8b 74 24 10 e8 86 b8 e5 fc 48 89 ef e8 0e 35 e6 fc 80 e7 02 74 06 e8 94 f5 0a fd fb 65 ff 0d f4 02 bc 7b <74> 07 5b 5d e9 27 28 00 00 0f 1f 44 00 00 5b 5d e9 1b 28 00 00 0f
RSP: 0018:ffff88806ce09b18 EFLAGS: 00000206
RAX: 0000000000440cce RBX: 0000000000000246 RCX: ffffffff812c9c2f
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8447868c
RBP: ffffffff856d3100 R08: 0000000000000001 R09: ffffffff8769896f
R10: fffffbfff0ed312d R11: 0000000000000001 R12: ffff888008795dc0
R13: 0000000000000820 R14: 0000000000000000 R15: 0000000000000820
FS:  00007f169fb66700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2bf22000 CR3: 0000000019054000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 kmem_cache_alloc_node+0x215/0x330
 __alloc_skb+0x21a/0x310
 __netdev_alloc_skb+0x72/0x370
 __ieee80211_beacon_get+0x3d9/0x13c0
 ieee80211_beacon_get_tim+0x99/0x540
 mac80211_hwsim_beacon_tx+0x1d3/0xb10
 __iterate_interfaces+0x2d3/0x580
 ieee80211_iterate_active_interfaces_atomic+0x73/0x1c0
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x54b/0xcb0
 hrtimer_run_softirq+0x14c/0x310
 __do_softirq+0x258/0x8a2
 __irq_exit_rcu+0xcc/0x110
 irq_exit_rcu+0x9/0x20
 sysvec_apic_timer_interrupt+0x6e/0x90
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:kasan_quarantine_put+0x83/0x1d0
Code: 00 00 00 00 48 03 50 10 48 89 50 10 48 89 d3 48 81 fa 00 00 10 00 77 59 41 bd 01 00 00 00 4d 85 e4 74 39 e8 af cd d2 ff fb 5b <44> 89 e8 5d 41 5c 41 5d 41 5e e9 42 00 c8 02 e8 79 cf d2 ff 48 c7
RSP: 0018:ffff888044877720 EFLAGS: 00000202
RAX: 00000000003a251f RBX: ffff88801fbc5000 RCX: ffffffff812c9c2f
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff817fae71
RBP: ffff888008441780 R08: 0000000000000001 R09: ffffffff8769896f
R10: fffffbfff0ed312d R11: 0000000000000001 R12: 0000000000000200
R13: 0000000000000001 R14: ffff888008784640 R15: ffff88800fb98000
 __kmem_cache_free+0xd1/0x2f0
 __free_slab+0x73/0x100
 qlist_free_all+0x6d/0x1a0
 kasan_quarantine_reduce+0x199/0x230
 __kasan_slab_alloc+0x49/0x70
 __kmem_cache_alloc_node+0x17e/0x310
 kmalloc_trace+0x26/0x120
 ipv4_sysctl_init_net+0x168/0x380
 ops_init+0xbb/0x6b0
 setup_net+0x3d9/0x990
 copy_net_ns+0x321/0x770
 create_new_namespaces+0x3f6/0xb30
 copy_namespaces+0x414/0x500
 copy_process+0x2a5e/0x7390
 kernel_clone+0xeb/0x8c0
 __do_sys_clone3+0x1d5/0x2e0
 do_syscall_64+0x3f/0x90
 entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7f16a25f0b19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f169fb66188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
RAX: ffffffffffffffda RBX: 00007f16a2703f60 RCX: 00007f16a25f0b19
RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020004c00
RBP: 00007f16a264af6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffe74e669f R14: 00007f169fb66300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at default_idle+0xf/0x20
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	18 53 48             	sbb    %dl,0x48(%rbx)
   3:	89 f3                	mov    %esi,%ebx
   5:	48 8b 74 24 10       	mov    0x10(%rsp),%rsi
   a:	e8 86 b8 e5 fc       	callq  0xfce5b895
   f:	48 89 ef             	mov    %rbp,%rdi
  12:	e8 0e 35 e6 fc       	callq  0xfce63525
  17:	80 e7 02             	and    $0x2,%bh
  1a:	74 06                	je     0x22
  1c:	e8 94 f5 0a fd       	callq  0xfd0af5b5
  21:	fb                   	sti
  22:	65 ff 0d f4 02 bc 7b 	decl   %gs:0x7bbc02f4(%rip)        # 0x7bbc031d
* 29:	74 07                	je     0x32 <-- trapping instruction
  2b:	5b                   	pop    %rbx
  2c:	5d                   	pop    %rbp
  2d:	e9 27 28 00 00       	jmpq   0x2859
  32:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  37:	5b                   	pop    %rbx
  38:	5d                   	pop    %rbp
  39:	e9 1b 28 00 00       	jmpq   0x2859
  3e:	0f                   	.byte 0xf