[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.117' (ECDSA) to the list of known hosts. syzkaller login: [ 121.243799] IPVS: ftp: loaded support on port[0] = 21 [ 121.315718] chnl_net:caif_netlink_parms(): no params data found [ 121.384919] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.391565] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.399363] device bridge_slave_0 entered promiscuous mode [ 121.407344] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.413929] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.420905] device bridge_slave_1 entered promiscuous mode [ 121.439175] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 121.448050] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 121.466873] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 121.474322] team0: Port device team_slave_0 added [ 121.479733] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 121.487953] team0: Port device team_slave_1 added [ 121.504453] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 121.510699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.536870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.549133] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.556174] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.581895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 121.596277] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 121.604226] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 121.623824] device hsr_slave_0 entered promiscuous mode [ 121.629529] device hsr_slave_1 entered promiscuous mode [ 121.636967] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 121.644626] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 121.709558] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.715992] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.722792] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.729204] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.759753] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 121.767639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.776230] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 121.785503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 121.794983] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.801949] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.809551] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 121.820808] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 121.827013] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.837222] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 121.844899] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.851235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.861447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 121.870032] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.876420] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.894212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 121.902036] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 121.910521] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 121.919663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 121.930552] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 121.941333] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 121.948268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 121.956190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 121.969167] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 121.977165] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 121.984644] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 121.996576] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.029776] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 122.039788] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 122.070666] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 122.078121] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 122.084944] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 122.095439] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 122.102964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 122.110031] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 122.119098] device veth0_vlan entered promiscuous mode [ 122.128097] device veth1_vlan entered promiscuous mode [ 122.134327] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 122.142461] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 122.154058] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 122.163053] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 122.171621] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 122.179701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 122.189564] device veth0_macvtap entered promiscuous mode [ 122.196012] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 122.204370] device veth1_macvtap entered promiscuous mode [ 122.212997] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 122.222431] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 122.233168] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 122.240398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 122.248612] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 122.259042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 122.266611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 147.242002] watchdog: BUG: soft lockup - CPU#1 stuck for 23s! [kworker/1:1:33] [ 147.249389] Modules linked in: [ 147.252559] irq event stamp: 55240811 [ 147.256345] hardirqs last enabled at (55240810): [] ktime_get+0x235/0x2f0 [ 147.264900] hardirqs last disabled at (55240811): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 147.274585] softirqs last enabled at (53946): [] icmp6_dst_alloc+0x3de/0x660 [ 147.283400] softirqs last disabled at (53948): [] ip6_finish_output2+0x1f2/0x2290 [ 147.293174] CPU: 1 PID: 33 Comm: kworker/1:1 Not tainted 4.19.211-syzkaller #0 [ 147.300509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 147.309850] Workqueue: ipv6_addrconf addrconf_dad_work [ 147.315203] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x50 [ 147.320545] Code: e8 11 dd 35 00 e9 ab fe ff ff 4c 89 ef e8 04 dd 35 00 e9 23 fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8b 34 24 <65> 48 8b 04 25 c0 df 01 00 65 8b 15 cc 59 9f 7e 81 e2 00 01 1f 00 [ 147.339434] RSP: 0018:ffff8880b510ec38 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 [ 147.347123] RAX: 00000000ffffb99c RBX: ffff88809a7ee080 RCX: ffffffff868c9678 [ 147.354377] RDX: 00000000ffffb99c RSI: ffffffff868c968a RDI: 0000000000000007 [ 147.361630] RBP: ffff8880a54fc400 R08: 0000000000000088 R09: 0000000000000000 [ 147.368883] R10: 0000000000000007 R11: ffffffff8c66505b R12: 1ffff11016a21d8d [ 147.376133] R13: ffff8880a54fc428 R14: ffff88809a7ee0f0 R15: 00000000ffffc322 [ 147.383386] FS: 0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 147.391590] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.397452] CR2: 0000000020000080 CR3: 00000000b0cc0000 CR4: 00000000003406e0 [ 147.404701] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 147.412218] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 147.419565] Call Trace: [ 147.422141] tcf_police_act+0x2fa/0xe60 [ 147.426108] ? tcf_police_dump+0x960/0x960 [ 147.430324] ? tcf_action_exec+0x16f/0x400 [ 147.434538] tcf_action_exec+0x160/0x400 [ 147.438580] basic_classify+0x184/0x2b0 [ 147.442535] tcf_classify+0x120/0x3c0 [ 147.446318] prio_enqueue+0x3bb/0x7a0 [ 147.450099] ? prio_reset+0x160/0x160 [ 147.453877] ? __dev_queue_xmit+0x134e/0x2e00 [ 147.458354] __dev_queue_xmit+0x140a/0x2e00 [ 147.462658] ? netdev_pick_tx+0x2f0/0x2f0 [ 147.466792] ? mark_held_locks+0xa6/0xf0 [ 147.470833] ? ip_finish_output2+0xfbc/0x15a0 [ 147.475311] ip_finish_output2+0xb6d/0x15a0 [ 147.479615] ? ip_send_check+0xb0/0xb0 [ 147.483485] ? ip_output+0x3a5/0x5f0 [ 147.487182] ip_finish_output+0xae9/0x10b0 [ 147.491395] ip_output+0x203/0x5f0 [ 147.494912] ? ip_mc_output+0xec0/0xec0 [ 147.498874] ? ip_fragment.constprop.0+0x240/0x240 [ 147.503782] ? prandom_u32+0x171/0x1f0 [ 147.507649] ip_local_out+0xaf/0x170 [ 147.511346] iptunnel_xmit+0x63b/0x9d0 [ 147.515220] ? erspan_changelink+0x150/0x220 [ 147.519610] geneve_xmit+0x120d/0x2e60 [ 147.523484] ? geneve_fill_metadata_dst+0x1580/0x1580 [ 147.528656] ? __lock_acquire+0x6de/0x3ff0 [ 147.532872] ? netif_skb_features+0x5c1/0xb30 [ 147.537350] ? check_preemption_disabled+0x41/0x280 [ 147.542348] dev_hard_start_xmit+0x1a8/0x920 [ 147.546739] __dev_queue_xmit+0x269d/0x2e00 [ 147.551042] ? netdev_pick_tx+0x2f0/0x2f0 [ 147.555188] ? ip6_finish_output2+0x113d/0x2290 [ 147.559873] ? memcpy+0x35/0x50 [ 147.563150] neigh_resolve_output+0x55a/0x910 [ 147.567636] ip6_finish_output2+0x113d/0x2290 [ 147.572112] ? ip6_forward_finish+0x4b0/0x4b0 [ 147.576600] ? lock_downgrade+0x720/0x720 [ 147.580754] ? lock_acquire+0x170/0x3c0 [ 147.584721] ? check_preemption_disabled+0x41/0x280 [ 147.589721] ip6_finish_output+0x89b/0x10f0 [ 147.594025] ip6_output+0x205/0x770 [ 147.597632] ? ip6_finish_output+0x10f0/0x10f0 [ 147.602196] ? ip6_fragment+0x34e0/0x34e0 [ 147.606327] ? check_preemption_disabled+0x41/0x280 [ 147.611327] ndisc_send_skb+0xa24/0x1720 [ 147.615373] ? ndisc_alloc_skb+0x320/0x320 [ 147.619717] ? ipv6_setsockopt+0x160/0x160 [ 147.623933] ? kmem_cache_alloc_node_trace+0x351/0x3b0 [ 147.629194] ? __alloc_skb+0x34f/0x560 [ 147.633061] ? skb_set_owner_w+0x1f6/0x330 [ 147.637277] ndisc_send_ns+0x51d/0x840 [ 147.641146] ? addrconf_dad_work+0xa48/0x10a0 [ 147.645743] ? pndisc_redo+0x20/0x20 [ 147.649461] ? mark_held_locks+0xa6/0xf0 [ 147.653518] ? __local_bh_enable_ip+0x159/0x270 [ 147.658177] addrconf_dad_work+0xb0e/0x10a0 [ 147.662485] ? addrconf_dad_completed+0xb60/0xb60 [ 147.667315] process_one_work+0x864/0x1570 [ 147.671539] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 147.676193] worker_thread+0x64c/0x1130 [ 147.680185] ? __kthread_parkme+0x133/0x1e0 [ 147.684501] ? process_one_work+0x1570/0x1570 [ 147.688991] kthread+0x33f/0x460 [ 147.692342] ? kthread_park+0x180/0x180 [ 147.696305] ret_from_fork+0x24/0x30 [ 147.700011] Kernel panic - not syncing: softlockup: hung tasks [ 147.705967] CPU: 1 PID: 33 Comm: kworker/1:1 Tainted: G L 4.19.211-syzkaller #0 [ 147.714693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 147.724037] Workqueue: ipv6_addrconf addrconf_dad_work [ 147.729379] Call Trace: [ 147.731945] [ 147.734084] dump_stack+0x1fc/0x2ef [ 147.737695] panic+0x26a/0x50e [ 147.740869] ? __warn_printk+0xf3/0xf3 [ 147.744740] ? watchdog_timer_fn.cold+0x5/0x25 [ 147.749303] ? watchdog_timer_fn+0x53e/0x580 [ 147.753708] watchdog_timer_fn.cold+0x16/0x25 [ 147.758205] __hrtimer_run_queues+0x3f6/0xe60 [ 147.762693] ? softlockup_fn+0xb0/0xb0 [ 147.766570] ? hrtimer_fixup_free+0xa0/0xa0 [ 147.770872] ? kvm_clock_get_cycles+0x14/0x30 [ 147.775346] ? ktime_get_update_offsets_now+0x2ec/0x460 [ 147.780691] hrtimer_interrupt+0x326/0x9e0 [ 147.784915] smp_apic_timer_interrupt+0x10c/0x550 [ 147.789745] apic_timer_interrupt+0xf/0x20 [ 147.793954] [ 147.796262] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x50 [ 147.801629] Code: e8 11 dd 35 00 e9 ab fe ff ff 4c 89 ef e8 04 dd 35 00 e9 23 fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8b 34 24 <65> 48 8b 04 25 c0 df 01 00 65 8b 15 cc 59 9f 7e 81 e2 00 01 1f 00 [ 147.820523] RSP: 0018:ffff8880b510ec38 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 [ 147.828213] RAX: 00000000ffffb99c RBX: ffff88809a7ee080 RCX: ffffffff868c9678 [ 147.835459] RDX: 00000000ffffb99c RSI: ffffffff868c968a RDI: 0000000000000007 [ 147.842720] RBP: ffff8880a54fc400 R08: 0000000000000088 R09: 0000000000000000 [ 147.849969] R10: 0000000000000007 R11: ffffffff8c66505b R12: 1ffff11016a21d8d [ 147.857217] R13: ffff8880a54fc428 R14: ffff88809a7ee0f0 R15: 00000000ffffc322 [ 147.864482] ? tcf_police_act+0x2e8/0xe60 [ 147.868608] ? tcf_police_act+0x2fa/0xe60 [ 147.872737] tcf_police_act+0x2fa/0xe60 [ 147.876690] ? tcf_police_dump+0x960/0x960 [ 147.880906] ? tcf_action_exec+0x16f/0x400 [ 147.885120] tcf_action_exec+0x160/0x400 [ 147.889163] basic_classify+0x184/0x2b0 [ 147.893118] tcf_classify+0x120/0x3c0 [ 147.896900] prio_enqueue+0x3bb/0x7a0 [ 147.900678] ? prio_reset+0x160/0x160 [ 147.904457] ? __dev_queue_xmit+0x134e/0x2e00 [ 147.908934] __dev_queue_xmit+0x140a/0x2e00 [ 147.913236] ? netdev_pick_tx+0x2f0/0x2f0 [ 147.917373] ? mark_held_locks+0xa6/0xf0 [ 147.921413] ? ip_finish_output2+0xfbc/0x15a0 [ 147.925977] ip_finish_output2+0xb6d/0x15a0 [ 147.930293] ? ip_send_check+0xb0/0xb0 [ 147.934156] ? ip_output+0x3a5/0x5f0 [ 147.937851] ip_finish_output+0xae9/0x10b0 [ 147.942064] ip_output+0x203/0x5f0 [ 147.945582] ? ip_mc_output+0xec0/0xec0 [ 147.949537] ? ip_fragment.constprop.0+0x240/0x240 [ 147.954447] ? prandom_u32+0x171/0x1f0 [ 147.958315] ip_local_out+0xaf/0x170 [ 147.962012] iptunnel_xmit+0x63b/0x9d0 [ 147.965877] ? erspan_changelink+0x150/0x220 [ 147.970268] geneve_xmit+0x120d/0x2e60 [ 147.974161] ? geneve_fill_metadata_dst+0x1580/0x1580 [ 147.979359] ? __lock_acquire+0x6de/0x3ff0 [ 147.983587] ? netif_skb_features+0x5c1/0xb30 [ 147.988070] ? check_preemption_disabled+0x41/0x280 [ 147.993073] dev_hard_start_xmit+0x1a8/0x920 [ 147.997476] __dev_queue_xmit+0x269d/0x2e00 [ 148.001782] ? netdev_pick_tx+0x2f0/0x2f0 [ 148.005931] ? ip6_finish_output2+0x113d/0x2290 [ 148.010590] ? memcpy+0x35/0x50 [ 148.013886] neigh_resolve_output+0x55a/0x910 [ 148.018370] ip6_finish_output2+0x113d/0x2290 [ 148.022848] ? ip6_forward_finish+0x4b0/0x4b0 [ 148.027336] ? lock_downgrade+0x720/0x720 [ 148.031482] ? lock_acquire+0x170/0x3c0 [ 148.035458] ? check_preemption_disabled+0x41/0x280 [ 148.040462] ip6_finish_output+0x89b/0x10f0 [ 148.044764] ip6_output+0x205/0x770 [ 148.048373] ? ip6_finish_output+0x10f0/0x10f0 [ 148.052932] ? ip6_fragment+0x34e0/0x34e0 [ 148.057059] ? check_preemption_disabled+0x41/0x280 [ 148.062057] ndisc_send_skb+0xa24/0x1720 [ 148.066100] ? ndisc_alloc_skb+0x320/0x320 [ 148.070429] ? ipv6_setsockopt+0x160/0x160 [ 148.074646] ? kmem_cache_alloc_node_trace+0x351/0x3b0 [ 148.079904] ? __alloc_skb+0x34f/0x560 [ 148.083783] ? skb_set_owner_w+0x1f6/0x330 [ 148.088014] ndisc_send_ns+0x51d/0x840 [ 148.091896] ? addrconf_dad_work+0xa48/0x10a0 [ 148.096378] ? pndisc_redo+0x20/0x20 [ 148.100075] ? mark_held_locks+0xa6/0xf0 [ 148.104116] ? __local_bh_enable_ip+0x159/0x270 [ 148.108766] addrconf_dad_work+0xb0e/0x10a0 [ 148.113069] ? addrconf_dad_completed+0xb60/0xb60 [ 148.117893] process_one_work+0x864/0x1570 [ 148.122111] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 148.126764] worker_thread+0x64c/0x1130 [ 148.130726] ? __kthread_parkme+0x133/0x1e0 [ 148.135045] ? process_one_work+0x1570/0x1570 [ 148.139519] kthread+0x33f/0x460 [ 148.142866] ? kthread_park+0x180/0x180 [ 148.146824] ret_from_fork+0x24/0x30 [ 148.150819] Kernel Offset: disabled [ 148.154475] Rebooting in 86400 seconds..