[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.247' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   56.121798][ T6526] ================================================================================
[   56.132219][ T6526] UBSAN: shift-out-of-bounds in net/ieee802154/nl802154.c:919:44
[   56.141509][ T6526] shift exponent -1 is negative
[   56.146761][ T6526] CPU: 0 PID: 6526 Comm: syz-executor563 Not tainted 5.15.0-rc5-syzkaller #0
[   56.156166][ T6526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.166388][ T6526] Call Trace:
[   56.169918][ T6526]  dump_stack_lvl+0xcd/0x134
[   56.174543][ T6526]  ubsan_epilogue+0xb/0x5a
[   56.179348][ T6526]  __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181
[   56.186190][ T6526]  ? br_nd_send+0x11d/0x18b0
[   56.190963][ T6526]  ? __nla_parse+0x3d/0x50
[   56.195453][ T6526]  ? nl802154_get_llsec_params+0x390/0x390
[   56.201335][ T6526]  nl802154_new_interface.cold+0x19/0x1e
[   56.207062][ T6526]  genl_family_rcv_msg_doit+0x228/0x320
[   56.212598][ T6526]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   56.220068][ T6526]  ? mutex_lock_io_nested+0x1150/0x1150
[   56.225688][ T6526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.232259][ T6526]  ? ns_capable+0xd9/0x100
[   56.236919][ T6526]  genl_rcv_msg+0x328/0x580
[   56.241405][ T6526]  ? genl_get_cmd+0x480/0x480
[   56.246066][ T6526]  ? nl802154_set_short_addr+0x5c0/0x5c0
[   56.251948][ T6526]  ? lock_release+0x720/0x720
[   56.256609][ T6526]  netlink_rcv_skb+0x153/0x420
[   56.261359][ T6526]  ? genl_get_cmd+0x480/0x480
[   56.266020][ T6526]  ? netlink_ack+0xa60/0xa60
[   56.270597][ T6526]  ? netlink_deliver_tap+0x1b1/0xc30
[   56.275959][ T6526]  ? _copy_from_iter+0x12b/0x1320
[   56.281084][ T6526]  genl_rcv+0x24/0x40
[   56.285461][ T6526]  netlink_unicast+0x533/0x7d0
[   56.290409][ T6526]  ? netlink_attachskb+0x890/0x890
[   56.295703][ T6526]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.301964][ T6526]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.308227][ T6526]  ? __phys_addr_symbol+0x2c/0x70
[   56.313273][ T6526]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   56.319012][ T6526]  ? __check_object_size+0x16e/0x3f0
[   56.324569][ T6526]  netlink_sendmsg+0x86d/0xdb0
[   56.329349][ T6526]  ? netlink_unicast+0x7d0/0x7d0
[   56.334302][ T6526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.340558][ T6526]  ? netlink_unicast+0x7d0/0x7d0
[   56.345489][ T6526]  sock_sendmsg+0xcf/0x120
[   56.350166][ T6526]  ____sys_sendmsg+0x6e8/0x810
[   56.354922][ T6526]  ? kernel_sendmsg+0x50/0x50
[   56.359693][ T6526]  ? do_recvmmsg+0x6d0/0x6d0
[   56.364265][ T6526]  ? find_held_lock+0x2d/0x110
[   56.369014][ T6526]  ? lock_chain_count+0x20/0x20
[   56.373846][ T6526]  ? __might_fault+0xd3/0x180
[   56.378507][ T6526]  ? lock_downgrade+0x6e0/0x6e0
[   56.383340][ T6526]  ___sys_sendmsg+0xf3/0x170
[   56.387916][ T6526]  ? sendmsg_copy_msghdr+0x160/0x160
[   56.393185][ T6526]  ? __lock_acquire+0x162f/0x54a0
[   56.398197][ T6526]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   56.404175][ T6526]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   56.410150][ T6526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.416390][ T6526]  ? __fget_light+0x215/0x280
[   56.421049][ T6526]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.427273][ T6526]  __sys_sendmsg+0xe5/0x1b0
[   56.431766][ T6526]  ? __sys_sendmsg_sock+0x30/0x30
[   56.436778][ T6526]  ? syscall_enter_from_user_mode+0x21/0x70
[   56.442657][ T6526]  do_syscall_64+0x35/0xb0
[   56.447051][ T6526]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   56.452925][ T6526] RIP: 0033:0x7f1347612c29
[   56.457322][ T6526] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   56.476908][ T6526] RSP: 002b:00007ffe780a8068 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.485298][ T6526] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1347612c29
[   56.493424][ T6526] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   56.501463][ T6526] RBP: 00007f13475d6690 R08: 000000000000000a R09: 0000000000000000
[   56.509412][ T6526] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f13475d6720
[   56.517364][ T6526] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   56.525551][ T6526] ================================================================================
[   56.535003][ T6526] Kernel panic - not syncing: panic_on_warn set ...
[   56.541668][ T6526] CPU: 0 PID: 6526 Comm: syz-executor563 Not tainted 5.15.0-rc5-syzkaller #0
[   56.550417][ T6526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   56.560464][ T6526] Call Trace:
[   56.563817][ T6526]  dump_stack_lvl+0xcd/0x134
[   56.568575][ T6526]  panic+0x2b0/0x6dd
[   56.572458][ T6526]  ? __warn_printk+0xf3/0xf3
[   56.577236][ T6526]  ? dump_stack_lvl+0x120/0x134
[   56.582187][ T6526]  ? ubsan_epilogue+0x3e/0x5a
[   56.586856][ T6526]  ubsan_epilogue+0x54/0x5a
[   56.591350][ T6526]  __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181
[   56.598102][ T6526]  ? br_nd_send+0x11d/0x18b0
[   56.602687][ T6526]  ? __nla_parse+0x3d/0x50
[   56.607314][ T6526]  ? nl802154_get_llsec_params+0x390/0x390
[   56.613120][ T6526]  nl802154_new_interface.cold+0x19/0x1e
[   56.618764][ T6526]  genl_family_rcv_msg_doit+0x228/0x320
[   56.624562][ T6526]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   56.631924][ T6526]  ? mutex_lock_io_nested+0x1150/0x1150
[   56.637648][ T6526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.643966][ T6526]  ? ns_capable+0xd9/0x100
[   56.648372][ T6526]  genl_rcv_msg+0x328/0x580
[   56.652954][ T6526]  ? genl_get_cmd+0x480/0x480
[   56.657795][ T6526]  ? nl802154_set_short_addr+0x5c0/0x5c0
[   56.663424][ T6526]  ? lock_release+0x720/0x720
[   56.668120][ T6526]  netlink_rcv_skb+0x153/0x420
[   56.672880][ T6526]  ? genl_get_cmd+0x480/0x480
[   56.677551][ T6526]  ? netlink_ack+0xa60/0xa60
[   56.682139][ T6526]  ? netlink_deliver_tap+0x1b1/0xc30
[   56.687535][ T6526]  ? _copy_from_iter+0x12b/0x1320
[   56.692562][ T6526]  genl_rcv+0x24/0x40
[   56.696743][ T6526]  netlink_unicast+0x533/0x7d0
[   56.701501][ T6526]  ? netlink_attachskb+0x890/0x890
[   56.706605][ T6526]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.712844][ T6526]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.719248][ T6526]  ? __phys_addr_symbol+0x2c/0x70
[   56.724261][ T6526]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   56.729973][ T6526]  ? __check_object_size+0x16e/0x3f0
[   56.735252][ T6526]  netlink_sendmsg+0x86d/0xdb0
[   56.740184][ T6526]  ? netlink_unicast+0x7d0/0x7d0
[   56.745115][ T6526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.751520][ T6526]  ? netlink_unicast+0x7d0/0x7d0
[   56.756446][ T6526]  sock_sendmsg+0xcf/0x120
[   56.760948][ T6526]  ____sys_sendmsg+0x6e8/0x810
[   56.765991][ T6526]  ? kernel_sendmsg+0x50/0x50
[   56.770656][ T6526]  ? do_recvmmsg+0x6d0/0x6d0
[   56.775234][ T6526]  ? find_held_lock+0x2d/0x110
[   56.780078][ T6526]  ? lock_chain_count+0x20/0x20
[   56.784929][ T6526]  ? __might_fault+0xd3/0x180
[   56.789621][ T6526]  ? lock_downgrade+0x6e0/0x6e0
[   56.794472][ T6526]  ___sys_sendmsg+0xf3/0x170
[   56.799058][ T6526]  ? sendmsg_copy_msghdr+0x160/0x160
[   56.804337][ T6526]  ? __lock_acquire+0x162f/0x54a0
[   56.809538][ T6526]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   56.815509][ T6526]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   56.821489][ T6526]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   56.827726][ T6526]  ? __fget_light+0x215/0x280
[   56.832396][ T6526]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   56.838640][ T6526]  __sys_sendmsg+0xe5/0x1b0
[   56.843144][ T6526]  ? __sys_sendmsg_sock+0x30/0x30
[   56.848173][ T6526]  ? syscall_enter_from_user_mode+0x21/0x70
[   56.854062][ T6526]  do_syscall_64+0x35/0xb0
[   56.858469][ T6526]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   56.864358][ T6526] RIP: 0033:0x7f1347612c29
[   56.868760][ T6526] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   56.888380][ T6526] RSP: 002b:00007ffe780a8068 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.896785][ T6526] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1347612c29
[   56.904743][ T6526] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   56.912877][ T6526] RBP: 00007f13475d6690 R08: 000000000000000a R09: 0000000000000000
[   56.920837][ T6526] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f13475d6720
[   56.928795][ T6526] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   56.938193][ T6526] Kernel Offset: disabled
[   56.942583][ T6526] Rebooting in 86400 seconds..