[ OK ] Started Getty on tty4. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.33' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 68.214429][ T8492] ================================================================================ [ 68.224712][ T8492] UBSAN: shift-out-of-bounds in net/sched/sch_api.c:389:22 [ 68.233096][ T8492] shift exponent 129 is too large for 32-bit type 'int' [ 68.240274][ T8492] CPU: 1 PID: 8492 Comm: syz-executor693 Not tainted 5.10.0-rc6-next-20201207-syzkaller #0 [ 68.250240][ T8492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.260276][ T8492] Call Trace: [ 68.263563][ T8492] dump_stack+0x107/0x163 [ 68.267879][ T8492] ubsan_epilogue+0xb/0x5a [ 68.272276][ T8492] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 68.279018][ T8492] ? rcu_read_lock_sched_held+0x3a/0x70 [ 68.284543][ T8492] ? unpoison_range+0x2c/0x50 [ 68.289201][ T8492] qdisc_get_rtab.cold+0x1d/0x90 [ 68.294120][ T8492] tbf_change+0xcfa/0x1710 [ 68.298550][ T8492] ? lockdep_unlock+0x11c/0x290 [ 68.303377][ T8492] ? __lock_acquire+0x252d/0x54b0 [ 68.308384][ T8492] ? mark_lock+0xf7/0x1720 [ 68.312781][ T8492] ? tbf_dequeue+0xd70/0xd70 [ 68.317355][ T8492] ? lock_chain_count+0x20/0x20 [ 68.322193][ T8492] ? find_held_lock+0x2d/0x110 [ 68.327072][ T8492] ? tbf_init+0x5e/0xd0 [ 68.331220][ T8492] ? ktime_get+0x1bf/0x1e0 [ 68.335618][ T8492] ? lockdep_hardirqs_on+0x79/0x100 [ 68.340793][ T8492] ? ktime_get+0x159/0x1e0 [ 68.345224][ T8492] tbf_init+0x91/0xd0 [ 68.349221][ T8492] ? tbf_change+0x1710/0x1710 [ 68.353874][ T8492] qdisc_create+0x4ba/0x13a0 [ 68.358447][ T8492] ? apparmor_capable+0x1d8/0x460 [ 68.363448][ T8492] ? tc_get_qdisc+0xb20/0xb20 [ 68.368160][ T8492] ? __nla_parse+0x3d/0x50 [ 68.372558][ T8492] tc_modify_qdisc+0x4c8/0x1a30 [ 68.377395][ T8492] ? rtnetlink_rcv_msg+0x443/0xb80 [ 68.382482][ T8492] ? qdisc_create+0x13a0/0x13a0 [ 68.387352][ T8492] ? qdisc_create+0x13a0/0x13a0 [ 68.392215][ T8492] rtnetlink_rcv_msg+0x498/0xb80 [ 68.397168][ T8492] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.401957][ T8492] netlink_rcv_skb+0x153/0x420 [ 68.406727][ T8492] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.411499][ T8492] ? netlink_ack+0xab0/0xab0 [ 68.416089][ T8492] ? netlink_deliver_tap+0x2c4/0xc00 [ 68.421398][ T8492] netlink_unicast+0x533/0x7d0 [ 68.426181][ T8492] ? netlink_attachskb+0x870/0x870 [ 68.431295][ T8492] ? _copy_from_iter_full+0x275/0x850 [ 68.436681][ T8492] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.442941][ T8492] ? __phys_addr_symbol+0x2c/0x70 [ 68.447975][ T8492] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 68.453702][ T8492] ? __check_object_size+0x171/0x3f0 [ 68.459019][ T8492] netlink_sendmsg+0x907/0xe40 [ 68.463802][ T8492] ? netlink_unicast+0x7d0/0x7d0 [ 68.468764][ T8492] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.475012][ T8492] ? netlink_unicast+0x7d0/0x7d0 [ 68.479949][ T8492] sock_sendmsg+0xcf/0x120 [ 68.484347][ T8492] ____sys_sendmsg+0x6e8/0x810 [ 68.489091][ T8492] ? kernel_sendmsg+0x50/0x50 [ 68.493743][ T8492] ? do_recvmmsg+0x6c0/0x6c0 [ 68.498322][ T8492] ? fs_reclaim_release+0x9c/0xe0 [ 68.503328][ T8492] ___sys_sendmsg+0xf3/0x170 [ 68.507899][ T8492] ? sendmsg_copy_msghdr+0x160/0x160 [ 68.513182][ T8492] ? lockdep_init_map_waits+0x26a/0x720 [ 68.518765][ T8492] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 68.524736][ T8492] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.531077][ T8492] ? percpu_counter_add_batch+0xbd/0x180 [ 68.536707][ T8492] ? find_held_lock+0x2d/0x110 [ 68.541462][ T8492] ? fd_install+0x250/0x6e0 [ 68.545990][ T8492] ? lock_downgrade+0x6d0/0x6d0 [ 68.550843][ T8492] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.557147][ T8492] ? __fget_light+0x215/0x280 [ 68.561825][ T8492] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.568056][ T8492] __sys_sendmsg+0xe5/0x1b0 [ 68.572543][ T8492] ? __sys_sendmsg_sock+0xb0/0xb0 [ 68.577598][ T8492] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.583482][ T8492] do_syscall_64+0x2d/0x70 [ 68.587885][ T8492] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.593756][ T8492] RIP: 0033:0x440fe9 [ 68.597634][ T8492] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.617228][ T8492] RSP: 002b:00007ffe2d643648 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.625626][ T8492] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440fe9 [ 68.633626][ T8492] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004 [ 68.641588][ T8492] RBP: 00000000006cb018 R08: 0000000000000000 R09: 00000000004002c8 [ 68.649545][ T8492] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004027f0 [ 68.657497][ T8492] R13: 0000000000402880 R14: 0000000000000000 R15: 0000000000000000 [ 68.665862][ T8492] ================================================================================ [ 68.675225][ T8492] Kernel panic - not syncing: panic_on_warn set ... [ 68.681823][ T8492] CPU: 1 PID: 8492 Comm: syz-executor693 Not tainted 5.10.0-rc6-next-20201207-syzkaller #0 [ 68.691796][ T8492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.701836][ T8492] Call Trace: [ 68.705114][ T8492] dump_stack+0x107/0x163 [ 68.709437][ T8492] panic+0x343/0x77f [ 68.713316][ T8492] ? __warn_printk+0xf3/0xf3 [ 68.717899][ T8492] ? ubsan_epilogue+0x3e/0x5a [ 68.722566][ T8492] ubsan_epilogue+0x54/0x5a [ 68.727056][ T8492] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 68.733802][ T8492] ? rcu_read_lock_sched_held+0x3a/0x70 [ 68.739332][ T8492] ? unpoison_range+0x2c/0x50 [ 68.744003][ T8492] qdisc_get_rtab.cold+0x1d/0x90 [ 68.748935][ T8492] tbf_change+0xcfa/0x1710 [ 68.753334][ T8492] ? lockdep_unlock+0x11c/0x290 [ 68.758167][ T8492] ? __lock_acquire+0x252d/0x54b0 [ 68.763188][ T8492] ? mark_lock+0xf7/0x1720 [ 68.767589][ T8492] ? tbf_dequeue+0xd70/0xd70 [ 68.772175][ T8492] ? lock_chain_count+0x20/0x20 [ 68.777028][ T8492] ? find_held_lock+0x2d/0x110 [ 68.781795][ T8492] ? tbf_init+0x5e/0xd0 [ 68.785949][ T8492] ? ktime_get+0x1bf/0x1e0 [ 68.790362][ T8492] ? lockdep_hardirqs_on+0x79/0x100 [ 68.795544][ T8492] ? ktime_get+0x159/0x1e0 [ 68.799960][ T8492] tbf_init+0x91/0xd0 [ 68.803933][ T8492] ? tbf_change+0x1710/0x1710 [ 68.808605][ T8492] qdisc_create+0x4ba/0x13a0 [ 68.813195][ T8492] ? apparmor_capable+0x1d8/0x460 [ 68.818205][ T8492] ? tc_get_qdisc+0xb20/0xb20 [ 68.822884][ T8492] ? __nla_parse+0x3d/0x50 [ 68.827299][ T8492] tc_modify_qdisc+0x4c8/0x1a30 [ 68.832144][ T8492] ? rtnetlink_rcv_msg+0x443/0xb80 [ 68.837241][ T8492] ? qdisc_create+0x13a0/0x13a0 [ 68.842092][ T8492] ? qdisc_create+0x13a0/0x13a0 [ 68.846931][ T8492] rtnetlink_rcv_msg+0x498/0xb80 [ 68.851857][ T8492] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.856628][ T8492] netlink_rcv_skb+0x153/0x420 [ 68.861376][ T8492] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.866124][ T8492] ? netlink_ack+0xab0/0xab0 [ 68.870697][ T8492] ? netlink_deliver_tap+0x2c4/0xc00 [ 68.875978][ T8492] netlink_unicast+0x533/0x7d0 [ 68.880738][ T8492] ? netlink_attachskb+0x870/0x870 [ 68.885833][ T8492] ? _copy_from_iter_full+0x275/0x850 [ 68.891203][ T8492] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.897426][ T8492] ? __phys_addr_symbol+0x2c/0x70 [ 68.902432][ T8492] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 68.908135][ T8492] ? __check_object_size+0x171/0x3f0 [ 68.913408][ T8492] netlink_sendmsg+0x907/0xe40 [ 68.918164][ T8492] ? netlink_unicast+0x7d0/0x7d0 [ 68.923089][ T8492] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.929313][ T8492] ? netlink_unicast+0x7d0/0x7d0 [ 68.934234][ T8492] sock_sendmsg+0xcf/0x120 [ 68.938652][ T8492] ____sys_sendmsg+0x6e8/0x810 [ 68.943457][ T8492] ? kernel_sendmsg+0x50/0x50 [ 68.948117][ T8492] ? do_recvmmsg+0x6c0/0x6c0 [ 68.952691][ T8492] ? fs_reclaim_release+0x9c/0xe0 [ 68.957707][ T8492] ___sys_sendmsg+0xf3/0x170 [ 68.962281][ T8492] ? sendmsg_copy_msghdr+0x160/0x160 [ 68.967552][ T8492] ? lockdep_init_map_waits+0x26a/0x720 [ 68.973081][ T8492] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 68.979045][ T8492] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.985269][ T8492] ? percpu_counter_add_batch+0xbd/0x180 [ 68.990889][ T8492] ? find_held_lock+0x2d/0x110 [ 68.995642][ T8492] ? fd_install+0x250/0x6e0 [ 69.000129][ T8492] ? lock_downgrade+0x6d0/0x6d0 [ 69.004962][ T8492] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 69.011181][ T8492] ? __fget_light+0x215/0x280 [ 69.015842][ T8492] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 69.022066][ T8492] __sys_sendmsg+0xe5/0x1b0 [ 69.026554][ T8492] ? __sys_sendmsg_sock+0xb0/0xb0 [ 69.031575][ T8492] ? syscall_enter_from_user_mode+0x1d/0x50 [ 69.037453][ T8492] do_syscall_64+0x2d/0x70 [ 69.041855][ T8492] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.047733][ T8492] RIP: 0033:0x440fe9 [ 69.051622][ T8492] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.071208][ T8492] RSP: 002b:00007ffe2d643648 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.079604][ T8492] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440fe9 [ 69.087559][ T8492] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004 [ 69.095511][ T8492] RBP: 00000000006cb018 R08: 0000000000000000 R09: 00000000004002c8 [ 69.103464][ T8492] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004027f0 [ 69.111418][ T8492] R13: 0000000000402880 R14: 0000000000000000 R15: 0000000000000000 [ 69.120176][ T8492] Kernel Offset: disabled [ 69.124582][ T8492] Rebooting in 86400 seconds..