[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.179' (ECDSA) to the list of known hosts. syzkaller login: [ 210.102576] IPVS: ftp: loaded support on port[0] = 21 [ 210.166589] chnl_net:caif_netlink_parms(): no params data found [ 210.251234] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.257805] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.265761] device bridge_slave_0 entered promiscuous mode [ 210.273288] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.279930] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.286797] device bridge_slave_1 entered promiscuous mode [ 210.303239] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 210.311805] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 210.328578] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 210.335847] team0: Port device team_slave_0 added [ 210.341444] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 210.348443] team0: Port device team_slave_1 added [ 210.363974] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.370256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.395497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.406666] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.412979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.438199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.448981] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 210.456246] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 210.474019] device hsr_slave_0 entered promiscuous mode [ 210.479616] device hsr_slave_1 entered promiscuous mode [ 210.485423] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 210.492511] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 210.547795] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.554222] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.561088] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.567429] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.595627] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 210.602711] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.611083] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 210.619225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 210.637204] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.644590] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.654200] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 210.660552] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.668492] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 210.676175] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.682574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.692811] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.700387] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.706698] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.724717] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 210.734522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 210.745666] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 210.752881] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 210.760592] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 210.768045] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 210.776180] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 210.783752] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 210.790683] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 210.803054] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 210.810456] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 210.817072] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 210.826999] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 210.876047] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 210.885500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 210.914993] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 210.922867] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 210.930075] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 210.938141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 210.945598] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 210.952736] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 210.961428] device veth0_vlan entered promiscuous mode [ 210.970107] device veth1_vlan entered promiscuous mode [ 210.975822] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 210.984567] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 210.995668] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 211.004732] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 211.011911] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 211.019489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 211.028298] device veth0_macvtap entered promiscuous mode [ 211.034373] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 211.042481] device veth1_macvtap entered promiscuous mode [ 211.051540] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 211.060547] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 211.070014] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 211.076659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 211.095262] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 211.104294] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 211.111541] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 211.158847] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 211.193938] device bond_slave_0 entered promiscuous mode [ 211.199500] device bond_slave_1 entered promiscuous mode [ 211.205319] device macvlan2 entered promiscuous mode [ 211.211597] device bond0 entered promiscuous mode [ 211.216760] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 211.224216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan2: link becomes ready [ 211.232244] batman_adv: batadv0: Adding interface: macvlan2 [ 211.237951] batman_adv: batadv0: The MTU of interface macvlan2 is too small (0) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.262698] batman_adv: batadv0: Interface activated: macvlan2 [ 211.269765] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.280377] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.291757] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.302269] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.312784] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.323277] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.333783] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.344378] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.354743] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 211.365221] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.277843] net_ratelimit: 8188 callbacks suppressed [ 216.277847] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.293191] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.303513] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.313715] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.324011] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.334253] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.344484] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.354708] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.364988] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 216.375241] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.287033] net_ratelimit: 8203 callbacks suppressed [ 221.287037] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.302359] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.312569] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.322773] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.333576] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.343838] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.354077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.364364] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.374579] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 221.384814] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.296599] net_ratelimit: 8207 callbacks suppressed [ 226.296603] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.311935] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.322139] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.332682] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.342882] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.353090] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.363432] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.373646] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.383845] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 226.394044] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.305269] net_ratelimit: 8195 callbacks suppressed [ 231.305273] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.320593] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.330790] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.340980] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.351174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.361799] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.371987] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.382196] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.392391] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 231.402583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 236.264562] watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [kworker/u4:3:977] [ 236.272168] Modules linked in: [ 236.275353] irq event stamp: 192001 [ 236.278971] hardirqs last enabled at (192000): [] kvm_wait+0x14b/0x240 [ 236.287273] hardirqs last disabled at (192001): [] apic_timer_interrupt+0x8e/0xa0 [ 236.296442] softirqs last enabled at (182062): [] batadv_forw_packet_steal+0x112/0x180 [ 236.306132] softirqs last disabled at (182072): [] batadv_tt_local_commit_changes+0x1a/0x30 [ 236.316867] CPU: 0 PID: 977 Comm: kworker/u4:3 Not tainted 4.14.285-syzkaller #0 [ 236.324385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.333802] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 236.340888] task: ffff8880b382c000 task.stack: ffff8880b3830000 [ 236.346932] RIP: 0010:native_safe_halt+0xe/0x10 [ 236.351582] RSP: 0018:ffff8880b3837b70 EFLAGS: 000002c2 ORIG_RAX: ffffffffffffff10 [ 236.359277] RAX: 1ffffffff11e1344 RBX: ffff8880b2c0d298 RCX: 1ffff11016705924 [ 236.366536] RDX: dffffc0000000000 RSI: ffff8880b382c900 RDI: ffff8880b382c884 [ 236.373791] RBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000 [ 236.381046] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000286 [ 236.388300] R13: dffffc0000000000 R14: ffff8880b2c0d299 R15: ffffed10174869f8 [ 236.395561] FS: 0000000000000000(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 236.403785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.409658] CR2: 00007f6ac6e9e028 CR3: 00000000a068b000 CR4: 00000000003406f0 [ 236.416917] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 236.424174] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 236.431450] Call Trace: [ 236.434030] kvm_wait+0x179/0x240 [ 236.437478] __pv_queued_spin_lock_slowpath+0x722/0x910 [ 236.442832] ? batadv_tt_local_commit_changes+0x1a/0x30 [ 236.448187] do_raw_spin_lock+0x178/0x200 [ 236.452322] batadv_tt_local_commit_changes+0x1a/0x30 [ 236.457501] batadv_iv_ogm_schedule_buff+0xcfb/0xf80 [ 236.462598] ? process_one_work+0x6c4/0x14a0 [ 236.466997] batadv_iv_send_outstanding_bat_ogm_packet+0x5a7/0x6f0 [ 236.473306] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 236.479186] process_one_work+0x793/0x14a0 [ 236.483415] ? work_busy+0x320/0x320 [ 236.487115] ? worker_thread+0x158/0xff0 [ 236.491167] ? _raw_spin_unlock_irq+0x24/0x80 [ 236.495660] worker_thread+0x5cc/0xff0 [ 236.499547] ? rescuer_thread+0xc80/0xc80 [ 236.503682] kthread+0x30d/0x420 [ 236.507036] ? kthread_create_on_node+0xd0/0xd0 [ 236.511693] ret_from_fork+0x24/0x30 [ 236.515398] Code: 1e 5b fa e9 4f ff ff ff 48 89 ef e8 0d 1e 5b fa eb 93 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 0f 00 2d 54 ad 63 00 fb f4 90 0f 1f 44 00 00 0f 00 2d 44 ad 63 00 f4 c3 90 90 41 55 41 [ 236.534626] Kernel panic - not syncing: softlockup: hung tasks [ 236.540583] CPU: 0 PID: 977 Comm: kworker/u4:3 Tainted: G L 4.14.285-syzkaller #0 [ 236.549310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.558745] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 236.565832] Call Trace: [ 236.568401] [ 236.570544] dump_stack+0x1b2/0x281 [ 236.574159] panic+0x1f9/0x42d [ 236.577339] ? add_taint.cold+0x16/0x16 [ 236.581309] watchdog_timer_fn.cold+0x16/0x25 [ 236.585796] __hrtimer_run_queues+0x30b/0xc80 [ 236.590279] ? watchdog+0x50/0x50 [ 236.593723] ? retrigger_next_event+0x310/0x310 [ 236.598377] ? ktime_get_update_offsets_now+0x272/0x3f0 [ 236.603733] hrtimer_interrupt+0x1e6/0x5e0 [ 236.607969] smp_apic_timer_interrupt+0x117/0x5e0 [ 236.612798] apic_timer_interrupt+0x93/0xa0 [ 236.617104] [ 236.619334] RIP: 0010:native_safe_halt+0xe/0x10 [ 236.623982] RSP: 0018:ffff8880b3837b70 EFLAGS: 000002c2 ORIG_RAX: ffffffffffffff10 [ 236.631676] RAX: 1ffffffff11e1344 RBX: ffff8880b2c0d298 RCX: 1ffff11016705924 [ 236.638939] RDX: dffffc0000000000 RSI: ffff8880b382c900 RDI: ffff8880b382c884 [ 236.646192] RBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000 [ 236.653455] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000286 [ 236.660710] R13: dffffc0000000000 R14: ffff8880b2c0d299 R15: ffffed10174869f8 [ 236.667980] kvm_wait+0x179/0x240 [ 236.671420] __pv_queued_spin_lock_slowpath+0x722/0x910 [ 236.676795] ? batadv_tt_local_commit_changes+0x1a/0x30 [ 236.682162] do_raw_spin_lock+0x178/0x200 [ 236.686320] batadv_tt_local_commit_changes+0x1a/0x30 [ 236.691506] batadv_iv_ogm_schedule_buff+0xcfb/0xf80 [ 236.696604] ? process_one_work+0x6c4/0x14a0 [ 236.701007] batadv_iv_send_outstanding_bat_ogm_packet+0x5a7/0x6f0 [ 236.707317] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 236.712756] process_one_work+0x793/0x14a0 [ 236.716984] ? work_busy+0x320/0x320 [ 236.720682] ? worker_thread+0x158/0xff0 [ 236.724730] ? _raw_spin_unlock_irq+0x24/0x80 [ 236.729215] worker_thread+0x5cc/0xff0 [ 236.733097] ? rescuer_thread+0xc80/0xc80 [ 236.737234] kthread+0x30d/0x420 [ 236.740584] ? kthread_create_on_node+0xd0/0xd0 [ 236.745242] ret_from_fork+0x24/0x30 [ 236.749272] Kernel Offset: disabled [ 236.752927] Rebooting in 86400 seconds..