syzkaller login: [ 193.488994][ T2920] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 193.544742][ T2920] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 193.619846][ T2920] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 193.670197][ T2920] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:60362' (ECDSA) to the list of known hosts. 1970/01/01 00:03:54 fuzzer started 1970/01/01 00:04:00 connecting to host at localhost:39277 1970/01/01 00:04:01 checking machine... 1970/01/01 00:04:01 checking revisions... executing program 1970/01/01 00:04:05 testing simple program... executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 275.464159][ T3096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.506829][ T3096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 279.928192][ T3096] device hsr_slave_0 entered promiscuous mode [ 279.970056][ T3096] device hsr_slave_1 entered promiscuous mode executing program [ 282.120008][ T3096] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 282.191744][ T3096] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 282.262142][ T3096] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 282.314158][ T3096] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 287.201828][ T3096] 8021q: adding VLAN 0 to HW filter on device bond0 executing program [ 287.562032][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 287.610478][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready executing program [ 290.876818][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 290.911161][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 291.040883][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 291.069931][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 291.583343][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 291.633842][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 291.670748][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 291.717724][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 291.800189][ T3301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 291.814665][ T3301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 292.352015][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 292.354541][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program executing program executing program [ 299.431849][ T2732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 299.441948][ T2732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 302.878930][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 302.891217][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 302.952576][ T2732] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 302.973806][ T2732] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 303.032535][ T3096] device veth0_vlan entered promiscuous mode [ 303.268705][ T3096] device veth1_vlan entered promiscuous mode [ 303.977685][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 304.000764][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 304.111077][ T3096] device veth0_macvtap entered promiscuous mode [ 304.228473][ T3096] device veth1_macvtap entered promiscuous mode [ 304.577726][ T1950] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 304.597794][ T1950] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 304.618038][ T1950] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 304.959125][ T3096] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.962285][ T3096] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.963829][ T3096] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.966892][ T3096] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.149659][ T2732] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 305.182994][ T2732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 306.651760][ T3096] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation executing program 1970/01/01 00:05:08 building call list... executing program [ 727.755694][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 430s! [kworker/0:3:3301] [ 727.757584][ C0] Modules linked in: [ 727.758729][ C0] irq event stamp: 128499 [ 727.760111][ C0] hardirqs last enabled at (128498): [<ffffffff800051a0>] restore_all+0x12/0x6e [ 727.761590][ C0] hardirqs last disabled at (128499): [<ffffffff80005094>] _save_context+0x80/0x90 [ 727.762809][ C0] softirqs last enabled at (45742): [<ffffffff82ba5a08>] __do_softirq+0x628/0x90c [ 727.764156][ C0] softirqs last disabled at (45749): [<ffffffff800369a0>] irq_exit+0x1a0/0x1b6 [ 727.765961][ C0] CPU: 0 PID: 3301 Comm: kworker/0:3 Not tainted 5.14.0-syzkaller #0 [ 727.767173][ C0] Hardware name: riscv-virtio,qemu (DT) [ 727.768477][ C0] Workqueue: events nsim_dev_trap_report_work [ 727.769844][ C0] epc : __kmalloc_node_track_caller+0xaa/0x3d2 [ 727.770984][ C0] ra : __kmalloc_node_track_caller+0x70/0x3d2 [ 727.772031][ C0] epc : ffffffff803e2a1a ra : ffffffff803e29e0 sp : ffffffe00e97f4d0 [ 727.773057][ C0] gp : ffffffff83f967d8 tp : ffffffe0081a2f80 t0 : ffffffe008c0e728 [ 727.774042][ C0] t1 : ffffffc7f07f2d69 t2 : 000000000545de2b s0 : ffffffe00e97f570 [ 727.775026][ C0] s1 : ffffffe005601c80 a0 : 0000000000000000 a1 : 0000000000000007 [ 727.776867][ C0] a2 : 1ffffffff07aa51f a3 : ffffffff80a9711a a4 : 0000000004000000 [ 727.777901][ C0] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : 7126f9b37a026000 [ 727.778876][ C0] s2 : ffffffff83f96adc s3 : 0000000000082a20 s4 : 0000000000000200 [ 727.779860][ C0] s5 : ffffffffffffffff s6 : ffffffff827d9302 s7 : ffffffff83f9a0d0 [ 727.780879][ C0] s8 : 0000000000000000 s9 : 0000000000082a20 s10: ffffffffffffffff [ 727.781853][ C0] s11: 0000000000000000 t3 : 7126f9b37a026000 t4 : ffffffc7f07f2d69 [ 727.782824][ C0] t5 : ffffffc7f07f2d6a t6 : ffffffe009428026 [ 727.783665][ C0] status: 0000000000000120 badaddr: 0000000000000000 cause: 8000000000000005 [ 727.784786][ C0] [<ffffffff803e2a1a>] __kmalloc_node_track_caller+0xaa/0x3d2 [ 727.786937][ C0] [<ffffffff821a8952>] __alloc_skb+0xee/0x2e2 [ 727.787943][ C0] [<ffffffff827d9302>] ndisc_alloc_skb+0x9e/0x1a0 [ 727.788986][ C0] [<ffffffff827e09d8>] ndisc_send_rs+0x24c/0x378 [ 727.789988][ C0] [<ffffffff8279c322>] addrconf_rs_timer+0x2ac/0x4c4 [ 727.791010][ C0] [<ffffffff80123b68>] call_timer_fn+0x10e/0x654 [ 727.792031][ C0] [<ffffffff8012448e>] __run_timers.part.0+0x3e0/0x442 [ 727.793137][ C0] [<ffffffff80124566>] run_timer_softirq+0x76/0xe0 [ 727.794189][ C0] [<ffffffff82ba5650>] __do_softirq+0x270/0x90c [ 727.795471][ C0] [<ffffffff800369a0>] irq_exit+0x1a0/0x1b6 [ 727.797256][ C0] [<ffffffff800e88dc>] handle_domain_irq+0x106/0x178 [ 727.798333][ C0] [<ffffffff80af3486>] riscv_intc_irq+0x80/0xca [ 727.799385][ C0] [<ffffffff8000515e>] ret_from_exception+0x0/0x14 [ 727.800408][ C0] [<ffffffff803e29e0>] __kmalloc_node_track_caller+0x70/0x3d2 [ 727.802015][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 727.803232][ C0] CPU: 0 PID: 3301 Comm: kworker/0:3 Tainted: G L 5.14.0-syzkaller #0 [ 727.804387][ C0] Hardware name: riscv-virtio,qemu (DT) [ 727.805301][ C0] Workqueue: events nsim_dev_trap_report_work [ 727.806552][ C0] Call Trace: [ 727.807167][ C0] [<ffffffff800095ae>] dump_backtrace+0x2e/0x3c [ 727.808717][ C0] SMP: stopping secondary CPUs [ 727.810714][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 08:37:21 Registers: info registers vcpu 0 pc ffffffff800e19f8 mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff80005004 mepc ffffffff803e2a1a sepc ffffffff803e2a1a mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff800e19f4 x2/sp ffffffe00e97ee50 x3/gp ffffffff83f967d8 x4/tp ffffffe0081a2f80 x5/t0 ffffffff852b2bc7 x6/t1 0000000000000001 x7/t2 0000000000000000 x8/s0 ffffffe00e97ef70 x9/s1 ffffffff83f9a4f8 x10/a0 0000000000000000 x11/a1 00000000000f0000 x12/a2 0000000000010102 x13/a3 ffffffff800e19f4 x14/a4 ffffffe0081a2f80 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffffff800e1cce x18/s2 0000000000000000 x19/s3 ffffffff83f9a4e8 x20/s4 ffffffff83f96378 x21/s5 ffffffff83c49780 x22/s6 0000000000000120 x23/s7 ffffffff8132c1f2 x24/s8 0000000000000000 x25/s9 ffffffff83f9a528 x26/s10 ffffffff83de9c08 x27/s11 0000000000000000 x28/t3 7126f9b37a026000 x29/t4 ffffffc7f0a56576 x30/t5 ffffffc7f0a56579 x31/t6 ffffffff852b2bc7 f0/ft0 412059f1348f8841 f1/ft1 c1162e42fefa39ef f2/ft2 4120000000000000 f3/ft3 40a0e781ddfe0126 f4/ft4 40f106a000000000 f5/ft5 403886082806b1d5 f6/ft6 3feafe0df17f6a08 f7/ft7 3fd795b57c986daa f8/fs0 3fecbe2633ca738f f9/fs1 3fc95281f7cc6bac f10/fa0 3fc86cc121b8a5b2 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff803e2a1a mhartid 0000000000000001 mstatus 00000000000000a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff80005004 mepc ffffffff8000e836 sepc ffffffff803e2a1a mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff803e29e0 x2/sp ffffffe008bcbb40 x3/gp ffffffff83f967d8 x4/tp ffffffe00b6adf00 x5/t0 ffffffe015752368 x6/t1 0000000000000001 x7/t2 0000000000000001 x8/s0 ffffffe008bcbbe0 x9/s1 ffffffe005601c80 x10/a0 0000000000000000 x11/a1 0000000000000007 x12/a2 1ffffffff07aa51f x13/a3 ffffffff80a9711a x14/a4 0000000004000000 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 7126f9b37a026000 x18/s2 ffffffff83f96adc x19/s3 0000000000082a20 x20/s4 0000000000000200 x21/s5 ffffffffffffffff x22/s6 ffffffff8220d484 x23/s7 ffffffff83f9a0d0 x24/s8 0000000000000000 x25/s9 0000000000082a20 x26/s10 ffffffff83eae178 x27/s11 0000000000000001 x28/t3 0000000000000001 x29/t4 ffffffc401179740 x30/t5 ffffffc401179741 x31/t6 ffffffe0156f9058 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000