watchdog: BUG: soft lockup - CPU#1 stuck for 23s! [ksoftirqd/1:18]
Modules linked in:
irq event stamp: 10784237
hardirqs last enabled at (10784236): [<ffffffff81980aba>] slab_alloc_node mm/slab.c:3334 [inline]
hardirqs last enabled at (10784236): [<ffffffff81980aba>] kmem_cache_alloc_node+0x2da/0x3b0 mm/slab.c:3647
hardirqs last disabled at (10784237): [<ffffffff81003d00>] trace_hardirqs_off_thunk+0x1a/0x1c
softirqs last enabled at (2681798): [<ffffffff88400678>] __do_softirq+0x678/0x980 kernel/softirq.c:318
softirqs last disabled at (2681823): [<ffffffff81392417>] run_ksoftirqd+0x57/0x110 kernel/softirq.c:653
CPU: 1 PID: 18 Comm: ksoftirqd/1 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:orc_ip arch/x86/kernel/unwind_orc.c:26 [inline]
RIP: 0010:__orc_find+0x83/0xf0 arch/x86/kernel/unwind_orc.c:48
Code: 01 d0 48 d1 f8 48 8d 5c 85 00 48 89 d8 48 c1 e8 03 42 0f b6 14 38 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 48 48 63 03 <48> 01 d8 48 39 c1 73 b0 4c 8d 63 fc 49 39 ec 73 b3 4d 29 ee 49 c1
RSP: 0018:ffff8880b5acf488 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
RAX: fffffffffbaacdba RBX: ffffffff8b7dc444 RCX: ffffffff872892a5
RDX: 0000000000000000 RSI: ffffffff8c0102d8 RDI: ffffffff8b7dc444
RBP: ffffffff8b7dc444 R08: 0000000000000000 R09: ffffffff8c0102d8
R10: ffff8880b5acf65f R11: 0000000000074071 R12: ffffffff8b7dc444
R13: ffffffff8b7dc444 R14: ffffffff8b7dc444 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005596285bdaa0 CR3: 0000000009e6d000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
orc_find arch/x86/kernel/unwind_orc.c:159 [inline]
unwind_next_frame+0x339/0x1400 arch/x86/kernel/unwind_orc.c:422
__save_stack_trace+0x9f/0x190 arch/x86/kernel/stacktrace.c:44
save_stack mm/kasan/kasan.c:448 [inline]
set_track mm/kasan/kasan.c:460 [inline]
kasan_kmalloc+0xeb/0x160 mm/kasan/kasan.c:553
kmem_cache_alloc_node+0x146/0x3b0 mm/slab.c:3649
__alloc_skb+0x71/0x560 net/core/skbuff.c:193
__netdev_alloc_skb+0x76/0x460 net/core/skbuff.c:407
__netdev_alloc_skb_ip_align include/linux/skbuff.h:2700 [inline]
netdev_alloc_skb_ip_align include/linux/skbuff.h:2710 [inline]
br_ip6_multicast_alloc_query net/bridge/br_multicast.c:479 [inline]
br_multicast_alloc_query net/bridge/br_multicast.c:585 [inline]
__br_multicast_send_query+0x1a7/0x2dc0 net/bridge/br_multicast.c:941
br_multicast_send_query+0x216/0x3a0 net/bridge/br_multicast.c:988
br_multicast_query_expired net/bridge/br_multicast.c:1942 [inline]
br_ip6_multicast_query_expired+0xdc/0x110 net/bridge/br_multicast.c:1958
call_timer_fn+0x177/0x700 kernel/time/timer.c:1338
expire_timers+0x243/0x4e0 kernel/time/timer.c:1375
__run_timers kernel/time/timer.c:1696 [inline]
run_timer_softirq+0x21c/0x670 kernel/time/timer.c:1709
__do_softirq+0x265/0x980 kernel/softirq.c:292
run_ksoftirqd+0x57/0x110 kernel/softirq.c:653
smpboot_thread_fn+0x655/0x9e0 kernel/smpboot.c:164
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
----------------
Code disassembly (best guess):
0: 01 d0 add %edx,%eax
2: 48 d1 f8 sar %rax
5: 48 8d 5c 85 00 lea 0x0(%rbp,%rax,4),%rbx
a: 48 89 d8 mov %rbx,%rax
d: 48 c1 e8 03 shr $0x3,%rax
11: 42 0f b6 14 38 movzbl (%rax,%r15,1),%edx
16: 48 89 d8 mov %rbx,%rax
19: 83 e0 07 and $0x7,%eax
1c: 83 c0 03 add $0x3,%eax
1f: 38 d0 cmp %dl,%al
21: 7c 04 jl 0x27
23: 84 d2 test %dl,%dl
25: 75 48 jne 0x6f
27: 48 63 03 movslq (%rbx),%rax
* 2a: 48 01 d8 add %rbx,%rax <-- trapping instruction
2d: 48 39 c1 cmp %rax,%rcx
30: 73 b0 jae 0xffffffe2
32: 4c 8d 63 fc lea -0x4(%rbx),%r12
36: 49 39 ec cmp %rbp,%r12
39: 73 b3 jae 0xffffffee
3b: 4d 29 ee sub %r13,%r14
3e: 49 rex.WB
3f: c1 .byte 0xc1