[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.174' (ECDSA) to the list of known hosts.
syzkaller login: [   39.545616] audit: type=1400 audit(1601630221.413:8): avc:  denied  { execmem } for  pid=6512 comm="syz-executor666" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   40.622029] IPVS: ftp: loaded support on port[0] = 21
[   40.736440] chnl_net:caif_netlink_parms(): no params data found
[   40.836691] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.843416] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.850743] device bridge_slave_0 entered promiscuous mode
[   40.859160] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.866579] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.873957] device bridge_slave_1 entered promiscuous mode
[   40.891965] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   40.901659] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   40.921335] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   40.928777] team0: Port device team_slave_0 added
[   40.934761] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   40.941972] team0: Port device team_slave_1 added
[   40.958662] batman_adv: batadv0: Adding interface: batadv_slave_0
[   40.964977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.990522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   41.002138] batman_adv: batadv0: Adding interface: batadv_slave_1
[   41.008503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   41.033766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   41.045194] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   41.052904] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   41.072771] device hsr_slave_0 entered promiscuous mode
[   41.078559] device hsr_slave_1 entered promiscuous mode
[   41.085049] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   41.092113] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   41.161672] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.168200] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.175096] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.181535] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.215439] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   41.221511] 8021q: adding VLAN 0 to HW filter on device bond0
[   41.230546] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   41.239669] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.249448] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.257563] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.265117] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   41.276563] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   41.283127] 8021q: adding VLAN 0 to HW filter on device team0
[   41.291829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.301368] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.307989] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.330718] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   41.340798] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   41.352931] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   41.359850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.367870] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.374277] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.381520] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   41.389563] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   41.397369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.405149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.412875] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   41.419698] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   41.431444] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   41.440322] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   41.448235] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   41.459307] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.474243] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   41.485164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.520901] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   41.528569] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   41.535938] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   41.545732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.553679] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   41.560569] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   41.569592] device veth0_vlan entered promiscuous mode
[   41.579154] device veth1_vlan entered promiscuous mode
[   41.585529] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[   41.595855] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[   41.607752] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   41.617130] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   41.625115] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   41.633168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.642519] device veth0_macvtap entered promiscuous mode
[   41.648659] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[   41.657487] device veth1_macvtap entered promiscuous mode
[   41.666275] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   41.675524] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   41.686203] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.693562] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   41.703147] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   41.713574] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.720349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   41.815331] netlink: 96 bytes leftover after parsing attributes in process `syz-executor666'.
[   42.051999] ================================================================================
[   42.060823] UBSAN: Undefined behaviour in ./include/net/sch_generic.h:1051:7
[   42.068097] shift exponent 129 is too large for 32-bit type 'int'
[   42.074343] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.149-syzkaller #0
[   42.081601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   42.090939] Call Trace:
[   42.093526]  dump_stack+0x22c/0x33e
[   42.097157]  ubsan_epilogue+0xe/0x3a
[   42.100854]  __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250
[   42.106994]  ? mark_held_locks+0xa6/0xf0
[   42.111055]  ? kvm_clock_get_cycles+0x14/0x30
[   42.115548]  ? ktime_get+0x21b/0x320
[   42.119246]  cbq_dequeue.cold+0x189/0x18e
[   42.123404]  ? mark_held_locks+0xf0/0xf0
[   42.127444]  ? set_next_entity+0xb52/0x1e80
[   42.131750]  ? finish_task_switch+0x174/0x8b0
[   42.136231]  __qdisc_run+0x1b9/0x1680
[   42.140017]  net_tx_action+0x520/0xce0
[   42.143904]  ? __do_softirq+0x27d/0xad2
[   42.147874]  __do_softirq+0x27d/0xad2
[   42.151661]  ? __local_bh_enable_ip+0x2a0/0x2a0
[   42.156309]  run_ksoftirqd+0x57/0x130
[   42.160101]  smpboot_thread_fn+0x66e/0xa30
[   42.164319]  ? _raw_spin_unlock_irqrestore+0x7d/0xf0
[   42.169403]  ? __smpboot_create_thread+0x460/0x460
[   42.174317]  ? _raw_spin_unlock_irqrestore+0x6a/0xf0
[   42.179402]  ? __kthread_parkme+0x133/0x1e0
[   42.183709]  ? __smpboot_create_thread+0x460/0x460
[   42.188621]  kthread+0x33f/0x460
[   42.191967]  ? kthread_park+0x180/0x180
[   42.195920]  ret_from_fork+0x24/0x30
[   42.199611] =====================