warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [syz-executor.2:4577]
Modules linked in:
irq event stamp: 12005959
hardirqs last  enabled at (12005958): [<ffffffff8460158a>] asm_sysvec_irq_work+0x1a/0x20
hardirqs last disabled at (12005959): [<ffffffff8449ad9f>] sysvec_apic_timer_interrupt+0xf/0x90
softirqs last  enabled at (11979330): [<ffffffff8118e26c>] __irq_exit_rcu+0xcc/0x110
softirqs last disabled at (11979333): [<ffffffff8118e26c>] __irq_exit_rcu+0xcc/0x110
CPU: 0 PID: 4577 Comm: syz-executor.2 Not tainted 6.3.0-rc7-next-20230421 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:mac80211_hwsim_tx_frame_no_nl.isra.0+0xb21/0x1330
Code: 84 c0 0f 85 e9 02 00 00 e8 4c 58 3c fe be 20 08 00 00 4c 89 ef e8 0f d0 51 00 49 89 c2 48 85 c0 0f 84 53 fc ff ff 4c 89 14 24 <e8> 2a 58 3c fe 48 8b 44 24 10 48 89 df 48 8d 70 04 e8 79 b3 fe ff
RSP: 0018:ffff88806ce09b80 EFLAGS: 00000282
RAX: ffff88800e050c80 RBX: ffff8880427fb3e0 RCX: 0000000000000100
RDX: ffff8880429cd040 RSI: ffffffff83615272 RDI: ffff8880417a9358
RBP: dffffc0000000000 R08: 0000000000000007 R09: 0000000000000000
R10: ffff88800e050c80 R11: 0000000000000001 R12: ffff8880429a33e0
R13: ffff8880181de780 R14: ffff8880429a3678 R15: ffff8880181de7f0
FS:  00007ff8087ca700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007feb9449a000 CR3: 0000000016d64000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 mac80211_hwsim_tx_frame+0x1ee/0x2a0
 mac80211_hwsim_beacon_tx+0x427/0x730
 __iterate_interfaces+0x2d3/0x580
 ieee80211_iterate_active_interfaces_atomic+0x73/0x1c0
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x59d/0xb60
 hrtimer_run_softirq+0x14c/0x310
 __do_softirq+0x1b7/0x7d4
 __irq_exit_rcu+0xcc/0x110
 irq_exit_rcu+0x9/0x20
 sysvec_apic_timer_interrupt+0x6e/0x90
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:lock_release+0x3da/0x680
Code: ff ff ff ff 65 0f c1 05 84 1b d5 7e 83 f8 01 0f 85 22 01 00 00 48 f7 04 24 00 02 00 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c5 48 c7 45 00 00 00 00 00 c7 45 08 00 00 00 00 48 8b 84 24
RSP: 0018:ffff888042b6f0b8 EFLAGS: 00000206
RAX: dffffc0000000000 RBX: 07fffce4416edac2 RCX: ffff888042b6f108
RDX: 1ffff11008539b32 RSI: 0000000000000000 RDI: ffff8880429cd990
RBP: 1ffff1100856de19 R08: 0000000000000001 R09: ffff8880429cd998
R10: fffffbfff0ba5aaa R11: 0000000000000001 R12: 0000000000000002
R13: ffffffff820bd489 R14: 0000000000000003 R15: ffff8880429cd040
 _raw_spin_unlock+0x16/0x40
 dd_insert_requests+0x9b9/0xc30
 blk_mq_flush_plug_list+0x532/0x1c90
 __blk_flush_plug+0x28d/0x420
 io_schedule+0xbd/0x140
 blk_mq_get_tag+0x567/0xbd0
 __blk_mq_alloc_requests+0x615/0xf30
 blk_mq_submit_bio+0xaaf/0x1d50
 __submit_bio+0x7d/0x230
 submit_bio_noacct_nocheck+0x7d0/0xb00
 submit_bio_noacct+0x6ac/0x1160
 submit_bio+0x8f/0x1c0
 blk_next_bio+0x57/0x70
 __blkdev_issue_zero_pages+0x216/0x460
 blkdev_issue_zeroout+0x3c6/0x440
 jbd2_journal_flush+0xa21/0xc90
 __ext4_ioctl+0x9f7/0x4240
 __x64_sys_ioctl+0x19e/0x210
 do_syscall_64+0x3f/0x90
 entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7ff80b254b19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ff8087ca188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007ff80b367f60 RCX: 00007ff80b254b19
RDX: 0000000020000180 RSI: 000000004004662b RDI: 0000000000000005
RBP: 00007ff80b2aef6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff6e59323f R14: 00007ff8087ca300 R15: 0000000000022000
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.3.0-rc7-next-20230421 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:queued_spin_lock_slowpath+0x128/0xb20
Code: 00 00 00 65 48 2b 04 25 28 00 00 00 0f 85 5c 09 00 00 48 81 c4 88 00 00 00 5b 5d 41 5c 41 5d 41 5e 41 5f e9 7e 21 00 00 f3 90 <e9> 71 ff ff ff 44 8b 74 24 48 41 81 fe 00 01 00 00 0f 84 e4 00 00
RSP: 0018:ffff88806cf09a28 EFLAGS: 00000202
RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff844be18b
RDX: fffffbfff0b4ac09 RSI: 0000000000000004 RDI: ffffffff85a56040
RBP: ffffffff85a56040 R08: 0000000000000000 R09: ffffffff85a56043
R10: fffffbfff0b4ac08 R11: 0000000000000001 R12: 0000000000000003
R13: fffffbfff0b4ac08 R14: 0000000000000001 R15: 1ffff1100d9e1346
FS:  0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f510ce0b010 CR3: 000000000f1f6000 CR4: 0000000000350ee0
Call Trace:
 <IRQ>
 do_raw_spin_lock+0x1e0/0x270
 mac80211_hwsim_tx_frame_no_nl.isra.0+0x6e7/0x1330
 mac80211_hwsim_tx_frame+0x1ee/0x2a0
 mac80211_hwsim_beacon_tx+0x427/0x730
 __iterate_interfaces+0x2d3/0x580
 ieee80211_iterate_active_interfaces_atomic+0x73/0x1c0
 mac80211_hwsim_beacon+0x105/0x200
 __hrtimer_run_queues+0x59d/0xb60
 hrtimer_run_softirq+0x14c/0x310
 __do_softirq+0x1b7/0x7d4
 __irq_exit_rcu+0xcc/0x110
 irq_exit_rcu+0x9/0x20
 sysvec_apic_timer_interrupt+0x6e/0x90
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:default_idle+0xf/0x20
Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 aa 38 00 fb f4 <fa> e9 df 2f 02 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
RSP: 0018:ffff888008dcfe68 EFLAGS: 00000206
RAX: 000000000021c2f3 RBX: 0000000000000001 RCX: ffffffff8449c36e
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff81286525
RBP: dffffc0000000000 R08: 0000000000000001 R09: ffff88806cf34f83
R10: ffffed100d9e69f0 R11: 0000000000000001 R12: ffffffff85d2d550
R13: 1ffff110011b9fd2 R14: 0000000000000000 R15: 0000000000000000
 default_idle_call+0x67/0xa0
 do_idle+0x305/0x3c0
 cpu_startup_entry+0x18/0x20
 start_secondary+0x1ca/0x220
 secondary_startup_64_no_verify+0x106/0x10b
 </TASK>
----------------
Code disassembly (best guess):
   0:	84 c0                	test   %al,%al
   2:	0f 85 e9 02 00 00    	jne    0x2f1
   8:	e8 4c 58 3c fe       	callq  0xfe3c5859
   d:	be 20 08 00 00       	mov    $0x820,%esi
  12:	4c 89 ef             	mov    %r13,%rdi
  15:	e8 0f d0 51 00       	callq  0x51d029
  1a:	49 89 c2             	mov    %rax,%r10
  1d:	48 85 c0             	test   %rax,%rax
  20:	0f 84 53 fc ff ff    	je     0xfffffc79
  26:	4c 89 14 24          	mov    %r10,(%rsp)
* 2a:	e8 2a 58 3c fe       	callq  0xfe3c5859 <-- trapping instruction
  2f:	48 8b 44 24 10       	mov    0x10(%rsp),%rax
  34:	48 89 df             	mov    %rbx,%rdi
  37:	48 8d 70 04          	lea    0x4(%rax),%rsi
  3b:	e8 79 b3 fe ff       	callq  0xfffeb3b9