[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.135' (ECDSA) to the list of known hosts. syzkaller login: [ 107.416087] IPVS: ftp: loaded support on port[0] = 21 [ 107.484747] chnl_net:caif_netlink_parms(): no params data found [ 107.545143] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.551917] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.560403] device bridge_slave_0 entered promiscuous mode [ 107.567951] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.574311] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.582174] device bridge_slave_1 entered promiscuous mode [ 107.599390] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 107.608054] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 107.626146] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 107.633469] team0: Port device team_slave_0 added [ 107.639531] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 107.647493] team0: Port device team_slave_1 added [ 107.661961] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.668276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.694166] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.705829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.712521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.738208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.752008] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 107.760405] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 107.779336] device hsr_slave_0 entered promiscuous mode [ 107.785008] device hsr_slave_1 entered promiscuous mode [ 107.791604] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 107.799036] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 107.862393] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.868812] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.875522] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.881917] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.911215] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 107.918879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.928407] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 107.937314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 107.945431] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.952651] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.959923] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 107.970653] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 107.977053] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.985455] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 107.993360] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.999759] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.009571] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 108.017428] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.023756] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.043500] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 108.053432] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.065054] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 108.072738] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 108.080688] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 108.088934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 108.096763] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 108.104204] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 108.111171] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 108.123992] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 108.131690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 108.138486] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 108.150309] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.182472] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 108.192797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 108.227385] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 108.234291] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 108.241151] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 108.249992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 108.258349] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 108.265139] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 108.273984] device veth0_vlan entered promiscuous mode [ 108.282682] device veth1_vlan entered promiscuous mode [ 108.288807] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 108.298130] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 108.309318] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 108.318426] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 108.325602] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 108.333358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 108.343043] device veth0_macvtap entered promiscuous mode [ 108.349616] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 108.357731] device veth1_macvtap entered promiscuous mode [ 108.365761] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 108.375394] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 108.385154] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.392834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 108.401116] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 108.411674] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.418525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 135.134057] watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [kworker/0:2:3687] [ 135.141631] Modules linked in: [ 135.144807] irq event stamp: 60299707 [ 135.148592] hardirqs last enabled at (60299706): [] ktime_get+0x235/0x2f0 [ 135.157152] hardirqs last disabled at (60299707): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 135.166929] softirqs last enabled at (12278): [] icmp6_dst_alloc+0x3de/0x660 [ 135.175744] softirqs last disabled at (12280): [] ip6_finish_output2+0x1f2/0x2290 [ 135.185427] CPU: 0 PID: 3687 Comm: kworker/0:2 Not tainted 4.19.211-syzkaller #0 [ 135.192935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 135.202275] Workqueue: ipv6_addrconf addrconf_dad_work [ 135.207534] RIP: 0010:preempt_count_add+0x8f/0x190 [ 135.212443] Code: b6 04 02 38 c3 7c 08 84 c0 0f 85 da 00 00 00 8b 15 c6 c8 e2 0b 85 d2 75 11 65 8b 05 ab 70 c0 7e 0f b6 c0 3d f4 00 00 00 7f 64 <65> 8b 05 9a 70 c0 7e 25 ff ff ff 7f 39 c5 74 03 5b 5d c3 48 8b 5c [ 135.231409] RSP: 0000:ffff8880a8406c18 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13 [ 135.239093] RAX: 0000000000000002 RBX: 0000000000000003 RCX: 0000000000000000 [ 135.246343] RDX: 0000000000000000 RSI: ffffffff868c9402 RDI: 0000000000000001 [ 135.253592] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000006 [ 135.260844] R10: 0000000000000005 R11: ffffffff8c66501b R12: 1ffff11015080d8d [ 135.268093] R13: dffffc0000000000 R14: ffff8880b05da5b0 R15: ffff8880a8406e40 [ 135.275342] FS: 0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 [ 135.283546] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.289405] CR2: 00007f549e886a98 CR3: 0000000009e6d000 CR4: 00000000003406f0 [ 135.296656] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 135.303925] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 135.311172] Call Trace: [ 135.313745] _raw_spin_lock+0xe/0x40 [ 135.317441] tcf_police_act+0x7a/0xe60 [ 135.321311] ? tcf_police_dump+0x960/0x960 [ 135.325526] ? tcf_action_exec+0x16f/0x400 [ 135.329742] tcf_action_exec+0x160/0x400 [ 135.333787] basic_classify+0x184/0x2b0 [ 135.337743] tcf_classify+0x120/0x3c0 [ 135.341526] prio_enqueue+0x3bb/0x7a0 [ 135.345307] ? prio_reset+0x160/0x160 [ 135.349089] ? __dev_queue_xmit+0x134e/0x2e00 [ 135.353568] __dev_queue_xmit+0x140a/0x2e00 [ 135.357874] ? netdev_pick_tx+0x2f0/0x2f0 [ 135.362015] ? mark_held_locks+0xa6/0xf0 [ 135.366062] ? ip_finish_output2+0xfbc/0x15a0 [ 135.370543] ip_finish_output2+0xb6d/0x15a0 [ 135.374847] ? ip_send_check+0xb0/0xb0 [ 135.378713] ? ip_output+0x3a5/0x5f0 [ 135.382406] ip_finish_output+0xae9/0x10b0 [ 135.386620] ip_output+0x203/0x5f0 [ 135.390139] ? ip_mc_output+0xec0/0xec0 [ 135.394101] ? ip_fragment.constprop.0+0x240/0x240 [ 135.399013] ? prandom_u32+0x171/0x1f0 [ 135.402881] ip_local_out+0xaf/0x170 [ 135.406578] iptunnel_xmit+0x63b/0x9d0 [ 135.410446] ? erspan_changelink+0x150/0x220 [ 135.414836] geneve_xmit+0x120d/0x2e60 [ 135.418711] ? geneve_fill_metadata_dst+0x1580/0x1580 [ 135.423885] ? __lock_acquire+0x6de/0x3ff0 [ 135.428103] ? netif_skb_features+0x5c1/0xb30 [ 135.432581] ? check_preemption_disabled+0x41/0x280 [ 135.437580] dev_hard_start_xmit+0x1a8/0x920 [ 135.441973] __dev_queue_xmit+0x269d/0x2e00 [ 135.446282] ? netdev_pick_tx+0x2f0/0x2f0 [ 135.450412] ? ip6_finish_output2+0x113d/0x2290 [ 135.455065] ? memcpy+0x35/0x50 [ 135.458326] neigh_resolve_output+0x55a/0x910 [ 135.462807] ip6_finish_output2+0x113d/0x2290 [ 135.467284] ? ip6_forward_finish+0x4b0/0x4b0 [ 135.471769] ? lock_downgrade+0x720/0x720 [ 135.475897] ? lock_acquire+0x170/0x3c0 [ 135.479854] ? check_preemption_disabled+0x41/0x280 [ 135.484853] ip6_finish_output+0x89b/0x10f0 [ 135.489157] ip6_output+0x205/0x770 [ 135.492766] ? ip6_finish_output+0x10f0/0x10f0 [ 135.497334] ? ip6_fragment+0x34e0/0x34e0 [ 135.501461] ? check_preemption_disabled+0x41/0x280 [ 135.506457] ndisc_send_skb+0xa24/0x1720 [ 135.510589] ? ndisc_alloc_skb+0x320/0x320 [ 135.514805] ? ipv6_setsockopt+0x160/0x160 [ 135.519019] ? kmem_cache_alloc_node_trace+0x351/0x3b0 [ 135.524278] ? __alloc_skb+0x34f/0x560 [ 135.528145] ? skb_set_owner_w+0x1f6/0x330 [ 135.532361] ndisc_send_ns+0x51d/0x840 [ 135.536228] ? addrconf_dad_work+0xa48/0x10a0 [ 135.540708] ? pndisc_redo+0x20/0x20 [ 135.544403] ? mark_held_locks+0xa6/0xf0 [ 135.548444] ? __local_bh_enable_ip+0x159/0x270 [ 135.553095] addrconf_dad_work+0xb0e/0x10a0 [ 135.557400] ? addrconf_dad_completed+0xb60/0xb60 [ 135.562227] process_one_work+0x864/0x1570 [ 135.566443] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 135.571098] worker_thread+0x64c/0x1130 [ 135.575056] ? __kthread_parkme+0x133/0x1e0 [ 135.579360] ? process_one_work+0x1570/0x1570 [ 135.583850] kthread+0x33f/0x460 [ 135.587201] ? kthread_park+0x180/0x180 [ 135.591161] ret_from_fork+0x24/0x30 [ 135.594861] Kernel panic - not syncing: softlockup: hung tasks [ 135.600826] CPU: 0 PID: 3687 Comm: kworker/0:2 Tainted: G L 4.19.211-syzkaller #0 [ 135.609735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 135.619082] Workqueue: ipv6_addrconf addrconf_dad_work [ 135.624422] Call Trace: [ 135.626986] [ 135.629119] dump_stack+0x1fc/0x2ef [ 135.632730] panic+0x26a/0x50e [ 135.635901] ? __warn_printk+0xf3/0xf3 [ 135.639775] ? watchdog_timer_fn.cold+0x5/0x25 [ 135.644340] ? watchdog_timer_fn+0x53e/0x580 [ 135.648733] watchdog_timer_fn.cold+0x16/0x25 [ 135.653215] __hrtimer_run_queues+0x3f6/0xe60 [ 135.657691] ? softlockup_fn+0xb0/0xb0 [ 135.661563] ? hrtimer_fixup_free+0xa0/0xa0 [ 135.665864] ? kvm_clock_get_cycles+0x14/0x30 [ 135.670341] ? ktime_get_update_offsets_now+0x2ec/0x460 [ 135.675691] hrtimer_interrupt+0x326/0x9e0 [ 135.679913] smp_apic_timer_interrupt+0x10c/0x550 [ 135.684739] apic_timer_interrupt+0xf/0x20 [ 135.688955] [ 135.691177] RIP: 0010:preempt_count_add+0x8f/0x190 [ 135.696087] Code: b6 04 02 38 c3 7c 08 84 c0 0f 85 da 00 00 00 8b 15 c6 c8 e2 0b 85 d2 75 11 65 8b 05 ab 70 c0 7e 0f b6 c0 3d f4 00 00 00 7f 64 <65> 8b 05 9a 70 c0 7e 25 ff ff ff 7f 39 c5 74 03 5b 5d c3 48 8b 5c [ 135.714985] RSP: 0000:ffff8880a8406c18 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13 [ 135.722702] RAX: 0000000000000002 RBX: 0000000000000003 RCX: 0000000000000000 [ 135.729956] RDX: 0000000000000000 RSI: ffffffff868c9402 RDI: 0000000000000001 [ 135.737205] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000006 [ 135.744452] R10: 0000000000000005 R11: ffffffff8c66501b R12: 1ffff11015080d8d [ 135.751713] R13: dffffc0000000000 R14: ffff8880b05da5b0 R15: ffff8880a8406e40 [ 135.758971] ? tcf_police_act+0x72/0xe60 [ 135.763016] _raw_spin_lock+0xe/0x40 [ 135.766712] tcf_police_act+0x7a/0xe60 [ 135.770581] ? tcf_police_dump+0x960/0x960 [ 135.774798] ? tcf_action_exec+0x16f/0x400 [ 135.779013] tcf_action_exec+0x160/0x400 [ 135.783055] basic_classify+0x184/0x2b0 [ 135.787013] tcf_classify+0x120/0x3c0 [ 135.790795] prio_enqueue+0x3bb/0x7a0 [ 135.794575] ? prio_reset+0x160/0x160 [ 135.798355] ? __dev_queue_xmit+0x134e/0x2e00 [ 135.802842] __dev_queue_xmit+0x140a/0x2e00 [ 135.807145] ? netdev_pick_tx+0x2f0/0x2f0 [ 135.811284] ? mark_held_locks+0xa6/0xf0 [ 135.815325] ? ip_finish_output2+0xfbc/0x15a0 [ 135.819803] ip_finish_output2+0xb6d/0x15a0 [ 135.824104] ? ip_send_check+0xb0/0xb0 [ 135.827969] ? ip_output+0x3a5/0x5f0 [ 135.831667] ip_finish_output+0xae9/0x10b0 [ 135.835882] ip_output+0x203/0x5f0 [ 135.839401] ? ip_mc_output+0xec0/0xec0 [ 135.843354] ? ip_fragment.constprop.0+0x240/0x240 [ 135.848261] ? prandom_u32+0x171/0x1f0 [ 135.852130] ip_local_out+0xaf/0x170 [ 135.855838] iptunnel_xmit+0x63b/0x9d0 [ 135.859704] ? erspan_changelink+0x150/0x220 [ 135.864097] geneve_xmit+0x120d/0x2e60 [ 135.867986] ? geneve_fill_metadata_dst+0x1580/0x1580 [ 135.873157] ? __lock_acquire+0x6de/0x3ff0 [ 135.877373] ? netif_skb_features+0x5c1/0xb30 [ 135.881851] ? check_preemption_disabled+0x41/0x280 [ 135.886851] dev_hard_start_xmit+0x1a8/0x920 [ 135.891244] __dev_queue_xmit+0x269d/0x2e00 [ 135.895555] ? netdev_pick_tx+0x2f0/0x2f0 [ 135.899686] ? ip6_finish_output2+0x113d/0x2290 [ 135.904339] ? memcpy+0x35/0x50 [ 135.907601] neigh_resolve_output+0x55a/0x910 [ 135.912081] ip6_finish_output2+0x113d/0x2290 [ 135.916558] ? ip6_forward_finish+0x4b0/0x4b0 [ 135.921033] ? lock_downgrade+0x720/0x720 [ 135.925159] ? lock_acquire+0x170/0x3c0 [ 135.929115] ? check_preemption_disabled+0x41/0x280 [ 135.934114] ip6_finish_output+0x89b/0x10f0 [ 135.938417] ip6_output+0x205/0x770 [ 135.942025] ? ip6_finish_output+0x10f0/0x10f0 [ 135.946591] ? ip6_fragment+0x34e0/0x34e0 [ 135.950725] ? check_preemption_disabled+0x41/0x280 [ 135.955722] ndisc_send_skb+0xa24/0x1720 [ 135.959768] ? ndisc_alloc_skb+0x320/0x320 [ 135.963990] ? ipv6_setsockopt+0x160/0x160 [ 135.968211] ? kmem_cache_alloc_node_trace+0x351/0x3b0 [ 135.973487] ? __alloc_skb+0x34f/0x560 [ 135.977357] ? skb_set_owner_w+0x1f6/0x330 [ 135.981574] ndisc_send_ns+0x51d/0x840 [ 135.985441] ? addrconf_dad_work+0xa48/0x10a0 [ 135.990005] ? pndisc_redo+0x20/0x20 [ 135.993702] ? mark_held_locks+0xa6/0xf0 [ 135.997746] ? __local_bh_enable_ip+0x159/0x270 [ 136.002395] addrconf_dad_work+0xb0e/0x10a0 [ 136.006703] ? addrconf_dad_completed+0xb60/0xb60 [ 136.012049] process_one_work+0x864/0x1570 [ 136.016266] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 136.020947] worker_thread+0x64c/0x1130 [ 136.024902] ? __kthread_parkme+0x133/0x1e0 [ 136.029202] ? process_one_work+0x1570/0x1570 [ 136.033674] kthread+0x33f/0x460 [ 136.037019] ? kthread_park+0x180/0x180 [ 136.040975] ret_from_fork+0x24/0x30 [ 136.044953] Kernel Offset: disabled [ 136.048628] Rebooting in 86400 seconds..