bridge0: port 2(bridge_slave_1) entered forwarding state IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.2:6391] Modules linked in: irq event stamp: 14050674 hardirqs last enabled at (14050673): [] kfree+0x104/0x270 mm/slab.c:3816 hardirqs last disabled at (14050674): [] apic_timer_interrupt+0x95/0xa0 arch/x86/entry/entry_64.S:793 softirqs last enabled at (14040050): [] __do_softirq+0x644/0x9a2 kernel/softirq.c:314 softirqs last disabled at (14040043): [] invoke_softirq kernel/softirq.c:368 [inline] softirqs last disabled at (14040043): [] irq_exit+0x15f/0x1a0 kernel/softirq.c:409 CPU: 0 PID: 6391 Comm: syz-executor.2 Not tainted 4.14.227-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8881d257c080 task.stack: ffff8881d1718000 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline] RIP: 0010:kfree+0x117/0x270 mm/slab.c:3816 RSP: 0018:ffff8881d171f948 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10 RAX: 0000000000000007 RBX: ffff8881d1949d00 RCX: 1ffff1103a4af925 watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [syz-executor.0:6397] RDX: 0000000000000000 RSI: ffff8881d257c908 RDI: 0000000000000286 Modules linked in: RBP: ffff8881d171f968 R08: ffff8881d257c928 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000286 R13: ffff8881f64007c0 R14: ffffffff8192ea4f R15: 0000000000000000 FS: 00007fa53388a700(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 irq event stamp: 13883280 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 hardirqs last enabled at (13883279): [] seqcount_lockdep_reader_access include/linux/seqlock.h:83 [inline] hardirqs last enabled at (13883279): [] read_seqcount_begin include/linux/seqlock.h:164 [inline] hardirqs last enabled at (13883279): [] current_kernel_time64+0x137/0x1b0 kernel/time/timekeeping.c:2169 hardirqs last disabled at (13883280): [] apic_timer_interrupt+0x95/0xa0 arch/x86/entry/entry_64.S:793 CR2: 000000000052c071 CR3: 00000001e3807002 CR4: 00000000001606f0 softirqs last enabled at (13877744): [] __do_softirq+0x644/0x9a2 kernel/softirq.c:314 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 softirqs last disabled at (13877737): [] invoke_softirq kernel/softirq.c:368 [inline] softirqs last disabled at (13877737): [] irq_exit+0x15f/0x1a0 kernel/softirq.c:409 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 CPU: 1 PID: 6397 Comm: syz-executor.0 Not tainted 4.14.227-syzkaller #0 Call Trace: Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 iter_file_splice_write+0x49f/0xc20 fs/splice.c:776 task: ffff8881e8182200 task.stack: ffff8881d0c48000 RIP: 0010:lock_is_held include/linux/lockdep.h:437 [inline] RIP: 0010:___might_sleep+0x1ed/0x2a0 kernel/sched/core.c:6003 RSP: 0018:ffff8881d0c4f878 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10 RAX: 0000000000000001 RBX: ffff8881e8182200 RCX: 1ffff1103d03054f do_splice_from fs/splice.c:851 [inline] direct_splice_actor+0x104/0x1c0 fs/splice.c:1018 RDX: 0000000000000000 RSI: 00000000000001a3 RDI: ffff8881e8182a84 RBP: ffff8881d0c4f8a0 R08: 0000000000000001 R09: 0000000000000000 splice_direct_to_actor+0x27c/0x750 fs/splice.c:973 R10: 0000000000000028 R11: ffff8881e8182200 R12: 0000000000000000 R13: ffffffff87608bf4 R14: 00000000000001a3 R15: ffff8881f64007c0 FS: 00007f6da050d700(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000052c071 CR3: 00000001e6e59005 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 do_splice_direct+0x144/0x250 fs/splice.c:1061 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __might_sleep+0x93/0xb0 kernel/sched/core.c:5991 slab_pre_alloc_hook mm/slab.h:419 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2de/0x7b0 mm/slab.c:3729 do_sendfile+0x488/0xe60 fs/read_write.c:1441 kmalloc_array include/linux/slab.h:607 [inline] kcalloc include/linux/slab.h:618 [inline] iter_file_splice_write+0x126/0xc20 fs/splice.c:692 SYSC_sendfile64 fs/read_write.c:1496 [inline] SyS_sendfile64+0x97/0x110 fs/read_write.c:1488 do_splice_from fs/splice.c:851 [inline] direct_splice_actor+0x104/0x1c0 fs/splice.c:1018 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292 splice_direct_to_actor+0x27c/0x750 fs/splice.c:973 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x460c99 do_splice_direct+0x144/0x250 fs/splice.c:1061 do_sendfile+0x488/0xe60 fs/read_write.c:1441 SYSC_sendfile64 fs/read_write.c:1496 [inline] SyS_sendfile64+0x97/0x110 fs/read_write.c:1488 RSP: 002b:00007fa53388a1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000460c99 RDX: 0000000020000000 RSI: 0000000000000003 RDI: 0000000000000003 RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292 R10: 00008080fffffffe R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000004f5328 R14: 00000000004b2ba5 R15: 00007fa53388a6bc Code: entry_SYSCALL_64_after_hwframe+0x46/0xbb 0f RIP: 0033:0x460c99 1f RSP: 002b:00007f6da050d1a8 EFLAGS: 00000246 44 ORIG_RAX: 0000000000000028 00 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000460c99 00 RDX: 0000000020000000 RSI: 0000000000000003 RDI: 0000000000000003 e8 RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000 aa R10: 00008080fffffffe R11: 0000000000000246 R12: 00000000ffffffff fa R13: 00000000004f5328 R14: 00000000004b2ba5 R15: 00007f6da050d6bc c3 Code: ff ea 5b 03 41 0f 5c b6 41 14 5d 02 41 48 5e 89 5d f8 c3 83 e8 e0 8c 6a c4 07 ff 83 48 c0 83 3d 03 0c 38 07 d0 10 7c 06 09 00 84 0f d2 84 74 4e 05 01 e8 00 d2 00 8a 4c 43 89 00 e7 f6 57 43 9d 24 <0f> 02 1f 0f 44 85 00 a8 00 fe 5b ff 41 ff 5c e9 41 e2 5d fe 41 ff 5e ff 5d c3 ff 4c ff 89 f2 ff 48 ff 89 48 de c7 4c c7 e0