IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
batman_adv: batadv0: Interface activated: batadv_slave_1
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.4:9473]
Modules linked in:
irq event stamp: 4480725
hardirqs last  enabled at (4480724): [<ffffffff87400976>] restore_regs_and_return_to_kernel+0x0/0x2a
hardirqs last disabled at (4480725): [<ffffffff874018ae>] apic_timer_interrupt+0x8e/0xa0 arch/x86/entry/entry_64.S:793
softirqs last  enabled at (7684): [<ffffffff8760068b>] __do_softirq+0x68b/0x9ff kernel/softirq.c:314
softirqs last disabled at (9545): [<ffffffff81321d13>] invoke_softirq kernel/softirq.c:368 [inline]
softirqs last disabled at (9545): [<ffffffff81321d13>] irq_exit+0x193/0x240 kernel/softirq.c:409
CPU: 0 PID: 9473 Comm: syz-executor.4 Not tainted 4.14.260-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff88809b6442c0 task.stack: ffff88809e3c8000
RIP: 0010:netif_skb_features+0x2/0x9f0 net/core/dev.c:2964
RSP: 0018:ffff8880ba4076b0 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff10
RAX: ffff88809b6442c0 RBX: ffff8880af618540 RCX: 0000000000000000
RDX: 0000000000000100 RSI: ffff8880af618540 RDI: ffff88809b606b40
RBP: ffff88809b606b40 R08: 0000000000000286 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff88809bbce3b8
R13: ffff88809b606bea R14: ffff88809b606c18 R15: ffff8880af618540
FS:  00007fd8c7add700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd8c847c090 CR3: 00000000a332d000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 validate_xmit_skb+0x28/0x9f0 net/core/dev.c:3063
 __dev_queue_xmit+0x816/0x2480 net/core/dev.c:3513
 neigh_resolve_output+0x4e5/0x870 net/core/neighbour.c:1369
 neigh_output include/net/neighbour.h:500 [inline]
 ip6_finish_output2+0xf48/0x1f10 net/ipv6/ip6_output.c:120
 ip6_finish_output+0x5c6/0xd50 net/ipv6/ip6_output.c:192
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip6_output+0x1c5/0x660 net/ipv6/ip6_output.c:209
 dst_output include/net/dst.h:470 [inline]
 NF_HOOK include/linux/netfilter.h:250 [inline]
 ndisc_send_skb+0x82a/0x1390 net/ipv6/ndisc.c:483
 ndisc_send_rs+0x125/0x630 net/ipv6/ndisc.c:677
 addrconf_rs_timer+0x2bb/0x5a0 net/ipv6/addrconf.c:3769
 call_timer_fn+0x14a/0x650 kernel/time/timer.c:1280
 expire_timers+0x232/0x4d0 kernel/time/timer.c:1319
 __run_timers kernel/time/timer.c:1637 [inline]
 run_timer_softirq+0x1d5/0x5a0 kernel/time/timer.c:1650
 __do_softirq+0x24d/0x9ff kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x193/0x240 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:638 [inline]
 smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106
 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline]
RIP: 0010:lock_release+0x41e/0x870 kernel/locking/lockdep.c:4020
RSP: 0018:ffff88809e3cf708 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10
RAX: 1ffffffff11e1279 RBX: 1ffff11013c79ee4 RCX: 1ffff110136c896e
RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 0000000000000286
RBP: ffff88809b6442c0 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: ffff88809b6442c0 R12: 902dbacb38b3c08e
R13: 0000000000000003 R14: ffff88809b6442c0 R15: 0000000000000002
 page_remove_rmap+0x96/0xe0 mm/rmap.c:1293
 zap_pte_range mm/memory.c:1364 [inline]
 zap_pmd_range mm/memory.c:1466 [inline]
 zap_pud_range mm/memory.c:1495 [inline]
 zap_p4d_range mm/memory.c:1516 [inline]
 unmap_page_range+0xf3f/0x1ce0 mm/memory.c:1537
 unmap_single_vma+0x147/0x2b0 mm/memory.c:1582
 unmap_vmas+0x9d/0x160 mm/memory.c:1612
 exit_mmap+0x270/0x4d0 mm/mmap.c:3058
 __mmput kernel/fork.c:931 [inline]
 mmput kernel/fork.c:952 [inline]
 mmput+0xfa/0x420 kernel/fork.c:947
 exit_mm kernel/exit.c:548 [inline]
 do_exit+0x984/0x2850 kernel/exit.c:855
 do_group_exit+0x100/0x2e0 kernel/exit.c:965
 get_signal+0x38d/0x1ca0 kernel/signal.c:2412
 do_signal+0x7c/0x1550 arch/x86/kernel/signal.c:792
 exit_to_usermode_loop+0x160/0x200 arch/x86/entry/common.c:160
 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:270 [inline]
 do_syscall_64+0x4a3/0x640 arch/x86/entry/common.c:297
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7fd8c8367e99
RSP: 002b:00007fd8c7add218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00007fd8c847af68 RCX: 00007fd8c8367e99
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd8c847af6c
RBP: 00007fd8c847af60 R08: 000000000000000e R09: 0000000000000000
R10: 0000000020ffc000 R11: 0000000000000246 R12: 00007fd8c847af6c
R13: 00007fff66b0b4ff R14: 00007fd8c7add300 R15: 0000000000022000
Code: 24 08 e8 e2 bd ba fb 48 8b 54 24 08 e9 75 fb ff ff e8 43 be ba fb e9 0a ff ff ff 4c 89 f7 e8 36 be ba fb e9 74 fe ff ff 90 41 57 <41> 56 41 55 41 54 55 48 bd 00 00 00 00 00 fc ff df 53 48 89 fb 
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 9478 Comm: syz-executor.2 Not tainted 4.14.260-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff88809b7a2440 task.stack: ffff88808dfc0000
RIP: 0010:paravirt_sched_clock arch/x86/include/asm/paravirt.h:175 [inline]
RIP: 0010:sched_clock+0x0/0x40 arch/x86/kernel/tsc.c:228
RSP: 0018:ffff8880ba507f68 EFLAGS: 00000082
RAX: 0000000000000001 RBX: ffff8880ba5286d0 RCX: 1ffffffff1198dad
RDX: 0000000000010000 RSI: ffffffff87ccf200 RDI: 0000000000000001
RBP: ffff88809b7a2440 R08: ffff88809afb3270 R09: 0000000000000001
R10: 0000000000000000 R11: ffff88809b7a2440 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  00007f59de8be700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f59df25d090 CR3: 000000009d0a8000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 sched_clock_cpu+0x18/0x1b0 kernel/sched/clock.c:363
 irqtime_account_irq+0x63/0x280 kernel/sched/cputime.c:63
 account_irq_exit_time include/linux/vtime.h:114 [inline]
 irq_exit+0x49/0x240 kernel/softirq.c:406
 irq_work_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:824
 </IRQ>
RIP: 0010:__sanitizer_cov_trace_pc+0x23/0x50 kernel/kcov.c:68
RSP: 0018:ffff88808dfc77b8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff09
RAX: ffff88809b7a2440 RBX: dffffc0000000000 RCX: ffff88808dfc79d0
RDX: 0000000000000000 RSI: ffff88808dfc79d0 RDI: ffffea0002302f48
RBP: ffff88809b1d2e60 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: ffff88809b7a2440 R12: ffffea0002302f40
R13: ffffea0002302f60 R14: 00007f59df1cd000 R15: ffffea0002302f40
 constant_test_bit arch/x86/include/asm/bitops.h:328 [inline]
 PageSwapBacked include/linux/page-flags.h:288 [inline]
 mm_counter_file include/linux/mm.h:1542 [inline]
 mm_counter include/linux/mm.h:1551 [inline]
 zap_pte_range mm/memory.c:1363 [inline]
 zap_pmd_range mm/memory.c:1466 [inline]
 zap_pud_range mm/memory.c:1495 [inline]
 zap_p4d_range mm/memory.c:1516 [inline]
 unmap_page_range+0xed4/0x1ce0 mm/memory.c:1537
 unmap_single_vma+0x147/0x2b0 mm/memory.c:1582
 unmap_vmas+0x9d/0x160 mm/memory.c:1612
 exit_mmap+0x270/0x4d0 mm/mmap.c:3058
 __mmput kernel/fork.c:931 [inline]
 mmput kernel/fork.c:952 [inline]
 mmput+0xfa/0x420 kernel/fork.c:947
 exit_mm kernel/exit.c:548 [inline]
 do_exit+0x984/0x2850 kernel/exit.c:855
 do_group_exit+0x100/0x2e0 kernel/exit.c:965
 get_signal+0x38d/0x1ca0 kernel/signal.c:2412
 do_signal+0x7c/0x1550 arch/x86/kernel/signal.c:792
 exit_to_usermode_loop+0x160/0x200 arch/x86/entry/common.c:160
 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:270 [inline]
 do_syscall_64+0x4a3/0x640 arch/x86/entry/common.c:297
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f59df148e99
RSP: 002b:00007f59de8be218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00007f59df25bf68 RCX: 00007f59df148e99
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f59df25bf6c
RBP: 00007f59df25bf60 R08: 000000000000000e R09: 0000000000000000
R10: 0000000020ffc000 R11: 0000000000000246 R12: 00007f59df25bf6c
R13: 00007ffe37ee198f R14: 00007f59de8be300 R15: 0000000000022000
Code: d3 ea f6 c1 40 48 0f 45 c2 48 01 f0 65 ff 0d 78 0d e6 7e 74 01 c3 55 48 89 e5 e8 28 aa e3 ff 5d c3 66 2e 0f 1f 84 00 00 00 00 00 <48> c7 c0 f0 93 f0 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 
----------------
Code disassembly (best guess):
   0:	24 08                	and    $0x8,%al
   2:	e8 e2 bd ba fb       	callq  0xfbbabde9
   7:	48 8b 54 24 08       	mov    0x8(%rsp),%rdx
   c:	e9 75 fb ff ff       	jmpq   0xfffffb86
  11:	e8 43 be ba fb       	callq  0xfbbabe59
  16:	e9 0a ff ff ff       	jmpq   0xffffff25
  1b:	4c 89 f7             	mov    %r14,%rdi
  1e:	e8 36 be ba fb       	callq  0xfbbabe59
  23:	e9 74 fe ff ff       	jmpq   0xfffffe9c
  28:	90                   	nop
  29:	41 57                	push   %r15
* 2b:	41 56                	push   %r14 <-- trapping instruction
  2d:	41 55                	push   %r13
  2f:	41 54                	push   %r12
  31:	55                   	push   %rbp
  32:	48 bd 00 00 00 00 00 	movabs $0xdffffc0000000000,%rbp
  39:	fc ff df
  3c:	53                   	push   %rbx
  3d:	48 89 fb             	mov    %rdi,%rbx