[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.61' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 68.729577][ T8450] ================================================================================ [ 68.739367][ T8450] UBSAN: shift-out-of-bounds in net/sched/sch_api.c:389:22 [ 68.747543][ T8450] shift exponent 129 is too large for 32-bit type 'int' [ 68.754552][ T8450] CPU: 0 PID: 8450 Comm: syz-executor907 Not tainted 5.11.0-rc3-syzkaller #0 [ 68.763314][ T8450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.773364][ T8450] Call Trace: [ 68.776651][ T8450] dump_stack+0x107/0x163 [ 68.781002][ T8450] ubsan_epilogue+0xb/0x5a [ 68.785408][ T8450] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 68.792176][ T8450] ? unpoison_range+0x3a/0x60 [ 68.796855][ T8450] qdisc_get_rtab.cold+0x1d/0x90 [ 68.801828][ T8450] tbf_change+0xcfa/0x16e0 [ 68.806251][ T8450] ? lockdep_unlock+0x11c/0x290 [ 68.811117][ T8450] ? __lock_acquire+0x251a/0x54f0 [ 68.816152][ T8450] ? mark_lock+0xf7/0x1720 [ 68.820583][ T8450] ? tbf_dequeue+0xd70/0xd70 [ 68.825184][ T8450] ? lock_chain_count+0x20/0x20 [ 68.830038][ T8450] ? find_held_lock+0x2d/0x110 [ 68.834811][ T8450] ? tbf_init+0x5e/0xd0 [ 68.838975][ T8450] ? ktime_get+0x1bf/0x1e0 [ 68.843394][ T8450] ? lockdep_hardirqs_on+0x79/0x100 [ 68.848591][ T8450] ? ktime_get+0x159/0x1e0 [ 68.853002][ T8450] tbf_init+0x91/0xd0 [ 68.856988][ T8450] ? tbf_change+0x16e0/0x16e0 [ 68.861652][ T8450] qdisc_create+0x4ba/0x1270 [ 68.866236][ T8450] ? tc_get_qdisc+0xad0/0xad0 [ 68.870917][ T8450] ? __nla_parse+0x3d/0x50 [ 68.875332][ T8450] tc_modify_qdisc+0x4c8/0x1990 [ 68.880448][ T8450] ? rtnetlink_rcv_msg+0x3f9/0xad0 [ 68.885554][ T8450] ? qdisc_create+0x1270/0x1270 [ 68.890417][ T8450] ? qdisc_create+0x1270/0x1270 [ 68.895269][ T8450] rtnetlink_rcv_msg+0x44e/0xad0 [ 68.900200][ T8450] ? rtnetlink_put_metrics+0x510/0x510 [ 68.905670][ T8450] netlink_rcv_skb+0x153/0x420 [ 68.910432][ T8450] ? rtnetlink_put_metrics+0x510/0x510 [ 68.915929][ T8450] ? netlink_ack+0xaa0/0xaa0 [ 68.920520][ T8450] ? netlink_deliver_tap+0x227/0xb70 [ 68.925812][ T8450] netlink_unicast+0x533/0x7d0 [ 68.930589][ T8450] ? netlink_attachskb+0x870/0x870 [ 68.935689][ T8450] ? _copy_from_iter_full+0x275/0x850 [ 68.941068][ T8450] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.947306][ T8450] ? __phys_addr_symbol+0x2c/0x70 [ 68.952322][ T8450] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 68.958031][ T8450] ? __check_object_size+0x171/0x3f0 [ 68.963316][ T8450] netlink_sendmsg+0x856/0xd90 [ 68.968075][ T8450] ? netlink_unicast+0x7d0/0x7d0 [ 68.973017][ T8450] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.979251][ T8450] ? netlink_unicast+0x7d0/0x7d0 [ 68.984189][ T8450] sock_sendmsg+0xcf/0x120 [ 68.988612][ T8450] ____sys_sendmsg+0x6e8/0x810 [ 68.993379][ T8450] ? kernel_sendmsg+0x50/0x50 [ 68.998043][ T8450] ? do_recvmmsg+0x6c0/0x6c0 [ 69.002625][ T8450] ? fs_reclaim_release+0x9c/0xe0 [ 69.007684][ T8450] ___sys_sendmsg+0xf3/0x170 [ 69.012278][ T8450] ? sendmsg_copy_msghdr+0x160/0x160 [ 69.017552][ T8450] ? lockdep_init_map_waits+0x26a/0x720 [ 69.023101][ T8450] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 69.029082][ T8450] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 69.035324][ T8450] ? percpu_counter_add_batch+0xbd/0x180 [ 69.040958][ T8450] ? find_held_lock+0x2d/0x110 [ 69.045723][ T8450] ? fd_install+0x1e3/0x640 [ 69.050224][ T8450] ? lock_downgrade+0x6d0/0x6d0 [ 69.055072][ T8450] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 69.061320][ T8450] ? __fget_light+0x215/0x280 [ 69.065994][ T8450] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 69.072233][ T8450] __sys_sendmsg+0xe5/0x1b0 [ 69.076731][ T8450] ? __sys_sendmsg_sock+0xb0/0xb0 [ 69.081751][ T8450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 69.087653][ T8450] do_syscall_64+0x2d/0x70 [ 69.092058][ T8450] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.097959][ T8450] RIP: 0033:0x440fe9 [ 69.101849][ T8450] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.121456][ T8450] RSP: 002b:00007ffcb42b20a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.129872][ T8450] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440fe9 [ 69.137846][ T8450] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004 [ 69.145808][ T8450] RBP: 00000000006cb018 R08: 0000000000000000 R09: 00000000004002c8 [ 69.153811][ T8450] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004027f0 [ 69.161773][ T8450] R13: 0000000000402880 R14: 0000000000000000 R15: 0000000000000000 [ 69.171214][ T8450] ================================================================================ [ 69.180994][ T8450] Kernel panic - not syncing: panic_on_warn set ... [ 69.187595][ T8450] CPU: 0 PID: 8450 Comm: syz-executor907 Not tainted 5.11.0-rc3-syzkaller #0 [ 69.196380][ T8450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.206437][ T8450] Call Trace: [ 69.209706][ T8450] dump_stack+0x107/0x163 [ 69.214035][ T8450] panic+0x306/0x73d [ 69.217939][ T8450] ? __warn_printk+0xf3/0xf3 [ 69.222542][ T8450] ? ubsan_epilogue+0x3e/0x5a [ 69.227239][ T8450] ubsan_epilogue+0x54/0x5a [ 69.231738][ T8450] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 69.238496][ T8450] ? unpoison_range+0x3a/0x60 [ 69.243185][ T8450] qdisc_get_rtab.cold+0x1d/0x90 [ 69.248142][ T8450] tbf_change+0xcfa/0x16e0 [ 69.252553][ T8450] ? lockdep_unlock+0x11c/0x290 [ 69.257412][ T8450] ? __lock_acquire+0x251a/0x54f0 [ 69.262438][ T8450] ? mark_lock+0xf7/0x1720 [ 69.266854][ T8450] ? tbf_dequeue+0xd70/0xd70 [ 69.271454][ T8450] ? lock_chain_count+0x20/0x20 [ 69.276301][ T8450] ? find_held_lock+0x2d/0x110 [ 69.281068][ T8450] ? tbf_init+0x5e/0xd0 [ 69.285316][ T8450] ? ktime_get+0x1bf/0x1e0 [ 69.289733][ T8450] ? lockdep_hardirqs_on+0x79/0x100 [ 69.294921][ T8450] ? ktime_get+0x159/0x1e0 [ 69.299330][ T8450] tbf_init+0x91/0xd0 [ 69.303314][ T8450] ? tbf_change+0x16e0/0x16e0 [ 69.307979][ T8450] qdisc_create+0x4ba/0x1270 [ 69.312568][ T8450] ? tc_get_qdisc+0xad0/0xad0 [ 69.317251][ T8450] ? __nla_parse+0x3d/0x50 [ 69.321666][ T8450] tc_modify_qdisc+0x4c8/0x1990 [ 69.326511][ T8450] ? rtnetlink_rcv_msg+0x3f9/0xad0 [ 69.331615][ T8450] ? qdisc_create+0x1270/0x1270 [ 69.336466][ T8450] ? qdisc_create+0x1270/0x1270 [ 69.341304][ T8450] rtnetlink_rcv_msg+0x44e/0xad0 [ 69.346249][ T8450] ? rtnetlink_put_metrics+0x510/0x510 [ 69.351713][ T8450] netlink_rcv_skb+0x153/0x420 [ 69.356470][ T8450] ? rtnetlink_put_metrics+0x510/0x510 [ 69.361922][ T8450] ? netlink_ack+0xaa0/0xaa0 [ 69.366507][ T8450] ? netlink_deliver_tap+0x227/0xb70 [ 69.371789][ T8450] netlink_unicast+0x533/0x7d0 [ 69.376547][ T8450] ? netlink_attachskb+0x870/0x870 [ 69.381645][ T8450] ? _copy_from_iter_full+0x275/0x850 [ 69.387008][ T8450] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 69.393330][ T8450] ? __phys_addr_symbol+0x2c/0x70 [ 69.398343][ T8450] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 69.404063][ T8450] ? __check_object_size+0x171/0x3f0 [ 69.409342][ T8450] netlink_sendmsg+0x856/0xd90 [ 69.414106][ T8450] ? netlink_unicast+0x7d0/0x7d0 [ 69.419050][ T8450] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 69.425293][ T8450] ? netlink_unicast+0x7d0/0x7d0 [ 69.430217][ T8450] sock_sendmsg+0xcf/0x120 [ 69.434635][ T8450] ____sys_sendmsg+0x6e8/0x810 [ 69.439386][ T8450] ? kernel_sendmsg+0x50/0x50 [ 69.444056][ T8450] ? do_recvmmsg+0x6c0/0x6c0 [ 69.448637][ T8450] ? fs_reclaim_release+0x9c/0xe0 [ 69.453659][ T8450] ___sys_sendmsg+0xf3/0x170 [ 69.458251][ T8450] ? sendmsg_copy_msghdr+0x160/0x160 [ 69.463537][ T8450] ? lockdep_init_map_waits+0x26a/0x720 [ 69.469111][ T8450] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 69.475089][ T8450] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 69.481320][ T8450] ? percpu_counter_add_batch+0xbd/0x180 [ 69.486977][ T8450] ? find_held_lock+0x2d/0x110 [ 69.491745][ T8450] ? fd_install+0x1e3/0x640 [ 69.496235][ T8450] ? lock_downgrade+0x6d0/0x6d0 [ 69.501076][ T8450] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 69.507344][ T8450] ? __fget_light+0x215/0x280 [ 69.512019][ T8450] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 69.518256][ T8450] __sys_sendmsg+0xe5/0x1b0 [ 69.522754][ T8450] ? __sys_sendmsg_sock+0xb0/0xb0 [ 69.527778][ T8450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 69.533666][ T8450] do_syscall_64+0x2d/0x70 [ 69.538072][ T8450] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.543972][ T8450] RIP: 0033:0x440fe9 [ 69.547854][ T8450] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.567455][ T8450] RSP: 002b:00007ffcb42b20a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.575872][ T8450] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440fe9 [ 69.583848][ T8450] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004 [ 69.591813][ T8450] RBP: 00000000006cb018 R08: 0000000000000000 R09: 00000000004002c8 [ 69.599777][ T8450] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004027f0 [ 69.607747][ T8450] R13: 0000000000402880 R14: 0000000000000000 R15: 0000000000000000 [ 69.616409][ T8450] Kernel Offset: disabled [ 69.620818][ T8450] Rebooting in 86400 seconds..