INFO: task kworker/1:1:31 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1     state:D stack:24680 pid:31    tgid:31    ppid:2      task_flags:0x4208060 flags:0x00080000
Workqueue: events __set_printk_clr_event
Call Trace:
 <TASK>
 __schedule+0x15dd/0x52d0
 schedule+0x164/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x7fe/0x1300
 trace_set_clr_event+0xc6/0x140
 __set_printk_clr_event+0x22/0x80
 process_scheduled_works+0xb6e/0x18c0
 worker_thread+0xa53/0xfc0
 kthread+0x388/0x470
 ret_from_fork+0x51e/0xb90
 ret_from_fork_asm+0x1a/0x30
 </TASK>
INFO: task syz.0.1423:10827 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1423      state:D stack:24800 pid:10827 tgid:10827 ppid:10104  task_flags:0x400040 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x15dd/0x52d0
 schedule+0x164/0x360
 schedule_timeout+0xc3/0x2c0
 wait_for_completion+0x2cc/0x5e0
 __synchronize_srcu+0x329/0x3e0
 perf_trace_event_unreg+0xc5/0x1c0
 perf_trace_destroy+0xa4/0x150
 __free_event+0x34e/0x7e0
 perf_event_release_kernel+0x45b/0x510
 perf_release+0x38/0x50
 __fput+0x44f/0xa70
 task_work_run+0x1d9/0x270
 exit_to_user_mode_loop+0xed/0x480
 do_syscall_64+0x32d/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f83c799c799
RSP: 002b:00007ffde23d1268 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00007f83c7c17da0 RCX: 00007f83c799c799
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f83c7c17da0 R08: 0000000000000006 R09: 0000000000000000
R10: 00007f83c7c17cb0 R11: 0000000000000246 R12: 0000000000033cc2
R13: 00007f83c7c1618c R14: 0000000000033a42 R15: 00007f83c7c16180
 </TASK>
INFO: task syz.4.1433:10854 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.4.1433      state:D stack:25600 pid:10854 tgid:10854 ppid:9990   task_flags:0x400040 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x15dd/0x52d0
 schedule+0x164/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x7fe/0x1300
 perf_trace_destroy+0x2e/0x150
 __free_event+0x34e/0x7e0
 perf_event_release_kernel+0x45b/0x510
 perf_release+0x38/0x50
 __fput+0x44f/0xa70
 task_work_run+0x1d9/0x270
 exit_to_user_mode_loop+0xed/0x480
 do_syscall_64+0x32d/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1ccdb9c799
RSP: 002b:00007ffec7defd08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00007f1ccde17da0 RCX: 00007f1ccdb9c799
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f1ccde17da0 R08: 0000000000000006 R09: 0000000000000000
R10: 00007f1ccde17cb0 R11: 0000000000000246 R12: 0000000000033fc1
R13: 00007f1ccde1618c R14: 0000000000033d81 R15: 00007f1ccde16180
 </TASK>
INFO: task syz.1.1428:10857 blocked for more than 143 seconds.
      Not tainted syzkaller #0
      Blocked by coredump.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.1428      state:D stack:22248 pid:10857 tgid:10857 ppid:5810   task_flags:0x40064c flags:0x00080001
Call Trace:
 <TASK>
 __schedule+0x15dd/0x52d0
 schedule+0x164/0x360
 schedule_timeout+0xc3/0x2c0
 wait_for_completion+0x2cc/0x5e0
 __synchronize_srcu+0x329/0x3e0
 perf_event_detach_bpf_prog+0x2a5/0x330
 _free_event+0x8f0/0xa90
 perf_event_release_kernel+0x45b/0x510
 perf_release+0x38/0x50
 __fput+0x44f/0xa70
 task_work_run+0x1d9/0x270
 do_exit+0x70f/0x23c0
 do_group_exit+0x21b/0x2d0
 get_signal+0x1284/0x1330
 arch_do_signal_or_restart+0xbc/0x830
 irqentry_exit+0x176/0x620
 asm_exc_page_fault+0x26/0x30
RIP: 0033:0x7fa353d9c7a1
RSP: 002b:00000000fffffeb0 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007fa354016090 RCX: 00007fa353d9c799
RDX: 0000000000000000 RSI: 00000000fffffeb0 RDI: 0000000002000400
RBP: 00007fa353e32c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 00007fa354016128 R14: 00007fa354016090 R15: 00007ffda6ed5bd8
 </TASK>
INFO: task syz.1.1436:10866 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.1436      state:D stack:27912 pid:10866 tgid:10865 ppid:5810   task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x15dd/0x52d0
 schedule+0x164/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x7fe/0x1300
 perf_trace_init+0x50/0x2d0
 perf_tp_event_init+0x8d/0x120
 perf_try_init_event+0x17f/0x870
 perf_event_alloc+0x1444/0x2e30
 __se_sys_perf_event_open+0x7a9/0x1d60
 do_syscall_64+0x14d/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa353d9c799
RSP: 002b:00007fa351fee028 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
RAX: ffffffffffffffda RBX: 00007fa354015fa0 RCX: 00007fa353d9c799
RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000040
RBP: 00007fa353e32c99 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
R13: 00007fa354016038 R14: 00007fa354015fa0 R15: 00007ffda6ed5bd8
 </TASK>

Showing all locks held in the system:
3 locks held by kworker/u8:0/12:
 #0: ffff88816cc55148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc90000117c40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
3 locks held by kworker/1:1/31:
 #0: ffff88810006b148 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc90000a67c40 (set_printk_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffffffff8e7ceb68 (event_mutex){+.+.}-{4:4}, at: trace_set_clr_event+0xc6/0x140
1 lock held by khungtaskd/34:
 #0: ffffffff8e75e5e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
3 locks held by kworker/u9:2/52:
 #0: ffff8881000ac148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc90000bc7c40 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff8881115c0788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xb4/0x4a0
6 locks held by kworker/u11:0/54:
 #0: ffff88811f984148 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc90000be7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff88811d670ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff88811d6700c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
 #5: ffff888161a8aaf8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5c0
3 locks held by kworker/u10:7/1098:
 #0: ffff8881000ac148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc9000641fc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
4 locks held by kworker/u11:1/5199:
 #0: ffff8881bb367148 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc900086cfc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff88816c1a00c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
 #3: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
2 locks held by getty/5637:
 #0: ffff8881007110a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc9000356b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
4 locks held by kworker/u11:2/5813:
 #0: ffff8881ba86a948 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc900064efc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff8881a95fc0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
 #3: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
5 locks held by kworker/u11:3/5816:
 #0: ffff88811277f948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc900064bfc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff888120328ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff8881203280c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
2 locks held by kworker/1:4/5860:
 #0: ffff88810006b148 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc9000661fc40 (xfrm_state_gc_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
4 locks held by kworker/0:4/5861:
3 locks held by kworker/u10:14/8003:
 #0: ffff8881000ac148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc90003e47c40 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff888114578788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xb4/0x4a0
1 lock held by syz.0.1423/10827:
 #0: ffffffff8e7ceb68 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
1 lock held by syz.4.1433/10854:
 #0: ffffffff8e7ceb68 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
1 lock held by syz.4.1433/10855:
3 locks held by syz.1.1436/10866:
 #0: ffffffff9a2d2ab8 (&pmus_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x2c/0x60
 #1: ffffffff9a2d2ab8 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0x1057/0x2e30
 #2: ffffffff8e7ceb68 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
2 locks held by dhcpcd/10868:
 #0: ffff88810affa260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
 #1: ffffffff8e764878 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770
1 lock held by dhcpcd/10869:
 #0: ffff8881bb2b8260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
7 locks held by syz-executor/10872:
 #0: ffff8881125c8420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x227/0xb90
 #1: ffff8881a7c85088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1de/0x540
 #2: ffff88816c3b9a58 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x231/0x540
 #3: ffffffff8f443108 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: new_device_store+0x13c/0x710
 #4: ffff8881763c5130 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
 #5: ffff8881751e7250 (&devlink->lock_key#9){+.+.}-{4:4}, at: nsim_drv_probe+0xc9/0xc20
 #6: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: register_nexthop_notifier+0x88/0x290
2 locks held by syz-executor/10875:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0
 #1: ffff8881bace0d88 (&dev_instance_lock_key#24){+.+.}-{4:4}, at: do_setlink+0x3d2/0x4590
1 lock held by dhcpcd/10892:
 #0: ffff8881a767c260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
1 lock held by syz-executor/10893:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by dhcpcd/10895:
 #0: ffff88819bafc260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
1 lock held by dhcpcd/10896:
 #0: ffff8881612be260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
1 lock held by syz-executor/10899:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/10902:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/10909:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by dhcpcd/10911:
 #0: ffff88819ba28260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
1 lock held by syz-executor/10914:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
4 locks held by kworker/u11:4/10916:
 #0: ffff8881a77e9948 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc9000692fc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff888175ca80c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
 #3: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
1 lock held by syz-executor/10918:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
5 locks held by kworker/u11:5/10921:
 #0: ffff8881bef0a948 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc900065dfc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff8881bc110ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff8881bc1100c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
5 locks held by kworker/u11:6/10922:
 #0: ffff8881bef0b148 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc9000658fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff8881bc114ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff8881bc1140c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
1 lock held by syz-executor/10925:
 #0: ffffffff8fbceb48 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
5 locks held by kworker/u11:9/10928:
 #0: ffff88816b8a9148 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
 #1: ffffc9000657fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
 #2: ffff8881a8958ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff8881a89580c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8fd5bc28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150
 nmi_cpu_backtrace+0x274/0x2d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 sys_info+0x135/0x170
 watchdog+0xfd9/0x1030
 kthread+0x388/0x470
 ret_from_fork+0x51e/0xb90
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 10855 Comm: syz.4.1433 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:__sanitizer_cov_trace_pc+0x17/0x70
Code: cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 0d c8 bd 56 11 65 8b 15 e9 bd 56 11 <81> e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 a4 16 00 00
RSP: 0000:ffffc90000006dc0 EFLAGS: 00000006
RAX: ffffffff8baaa4d6 RBX: ffff888121028350 RCX: ffff88811272ba80
RDX: 0000000000010302 RSI: ffff88802bf578c8 RDI: ffff888121028c28
RBP: 1ffff110057eaf19 R08: ffffffff9a509993 R09: 1ffffffff34a1332
R10: dffffc0000000000 R11: fffffbfff34a1333 R12: ffff88802bf578c8
R13: dffffc0000000000 R14: ffff88802bf578c8 R15: ffff888121028c28
FS:  00007f1cce9bf6c0(0000) GS:ffff88818de5a000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00002000000029c0 CR3: 000000011bde6000 CR4: 00000000000006f0
DR0: 00000000000000d4 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 timerqueue_del+0x56/0x100
 __hrtimer_run_queues+0x37b/0xcc0
 hrtimer_interrupt+0x42b/0x1010
 __sysvec_apic_timer_interrupt+0x102/0x460
 sysvec_apic_timer_interrupt+0x52/0xc0
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:__kernel_text_address+0x0/0x30
Code: c1 03 38 c1 7c c1 48 c7 c7 80 6c 11 90 e8 28 1b a0 00 eb b3 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <0f> 1f 40 d6 53 48 89 fb e8 33 00 00 00 48 81 fb 00 a0 7d 91 0f 93
RSP: 0000:ffffc90000007180 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffc900000071f0 RCX: 0000000000000301
RDX: 0000000000000002 RSI: ffffffff8e169d5a RDI: ffffffff8baedade
RBP: ffffc90000007230 R08: 0000000000000018 R09: ffffffff8e75e5e0
R10: ffffc900000071f8 R11: ffffffff81b0c390 R12: ffff88811272ba80
R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000000e3e
 unwind_get_return_address+0x4d/0x90
 arch_stack_walk+0xfb/0x150
 stack_trace_save+0xa9/0x100
 kasan_save_track+0x3e/0x80
 kasan_save_free_info+0x46/0x50
 __kasan_slab_free+0x5c/0x80
 kmem_cache_free+0x187/0x630
 skb_release_data+0x6c3/0x940
 __kfree_skb+0x5d/0x210
 ieee80211_rx_handlers+0x4100/0xc7d0
 ieee80211_prepare_and_rx_handle+0x25a1/0x67f0
 ieee80211_rx_list+0x2b53/0x3710
 ieee80211_rx_napi+0x1b1/0x3e0
 ieee80211_handle_queued_frames+0xe8/0x1e0
 tasklet_action_common+0x2da/0x4b0
 handle_softirqs+0x22a/0x870
 __irq_exit_rcu+0x5f/0x150
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0xa6/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:irqentry_exit+0x14e/0x620
Code: 00 00 c0 4c 8d a0 00 e0 ff 3f bd ff ff ff 9f 4c 8d 7c 24 18 f7 c7 37 03 00 00 74 64 49 89 fd e8 f8 af 1e f6 4c 89 e8 fb a8 30 <74> 08 e8 4b 23 01 00 4c 89 e8 a9 00 01 00 00 74 0b 4c 89 f7 e8 19
RSP: 0000:ffffc90005e9fee8 EFLAGS: 00000202
RAX: 0000000000000012 RBX: ffff88811272ba80 RCX: 0000000000000046
RDX: 0000000000000000 RSI: ffffffff8def8e53 RDI: ffffffff8c27ca00
RBP: 000000009fffffff R08: ffffffff9011b4b7 R09: 1ffffffff2023696
R10: dffffc0000000000 R11: fffffbfff2023697 R12: 00000000ffffe000
R13: 0000000000000012 R14: ffffc90005e9ff48 R15: ffffc90005e9ff00
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0033:0x7f1ccdb9c799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f1cce9bf028 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 00007f1ccde15fa0 RCX: 00007f1ccdb9c799
RDX: 00002000000006c0 RSI: 0000000000005452 RDI: 0000000000000003
RBP: 00007f1ccdc32c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1ccde16038 R14: 00007f1ccde15fa0 R15: 00007ffec7defba8
 </TASK>
