[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 67.942746][ T8482] IPVS: ftp: loaded support on port[0] = 21 [ 67.983855][ T8482] ================================================================================ [ 67.993281][ T8482] UBSAN: shift-out-of-bounds in ./include/net/red.h:252:22 [ 68.000579][ T8482] shift exponent 52 is too large for 32-bit type 'int' [ 68.007524][ T8482] CPU: 0 PID: 8482 Comm: syz-executor135 Not tainted 5.10.0-rc6-next-20201207-syzkaller #0 [ 68.017476][ T8482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.027543][ T8482] Call Trace: [ 68.030832][ T8482] dump_stack+0x107/0x163 [ 68.035143][ T8482] ubsan_epilogue+0xb/0x5a [ 68.039542][ T8482] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 68.046285][ T8482] ? rwlock_bug.part.0+0x90/0x90 [ 68.051209][ T8482] __red_change.cold+0x57/0xf5 [ 68.055969][ T8482] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 68.061783][ T8482] ? nla_get_range_signed+0x520/0x520 [ 68.067147][ T8482] ? red_graft+0x7a0/0x7a0 [ 68.071570][ T8482] ? debug_object_destroy+0x210/0x210 [ 68.076938][ T8482] ? __nla_parse+0x3d/0x50 [ 68.081338][ T8482] red_init+0x16b/0x260 [ 68.085493][ T8482] ? red_change+0x1c0/0x1c0 [ 68.089992][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.096208][ T8482] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 68.102441][ T8482] ? red_change+0x1c0/0x1c0 [ 68.106921][ T8482] qdisc_create+0x4ba/0x13a0 [ 68.111496][ T8482] ? apparmor_capable+0x1d8/0x460 [ 68.116500][ T8482] ? tc_get_qdisc+0xb20/0xb20 [ 68.121174][ T8482] ? __nla_parse+0x3d/0x50 [ 68.125572][ T8482] tc_modify_qdisc+0x4c8/0x1a30 [ 68.130422][ T8482] ? rtnetlink_rcv_msg+0x443/0xb80 [ 68.135524][ T8482] ? qdisc_create+0x13a0/0x13a0 [ 68.140383][ T8482] ? qdisc_create+0x13a0/0x13a0 [ 68.145217][ T8482] rtnetlink_rcv_msg+0x498/0xb80 [ 68.150138][ T8482] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.154909][ T8482] netlink_rcv_skb+0x153/0x420 [ 68.159656][ T8482] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.164410][ T8482] ? netlink_ack+0xab0/0xab0 [ 68.168976][ T8482] ? netlink_deliver_tap+0x2c4/0xc00 [ 68.174254][ T8482] netlink_unicast+0x533/0x7d0 [ 68.179007][ T8482] ? netlink_attachskb+0x870/0x870 [ 68.184108][ T8482] ? _copy_from_iter_full+0x275/0x850 [ 68.189474][ T8482] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.195693][ T8482] ? __phys_addr_symbol+0x2c/0x70 [ 68.200704][ T8482] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 68.206404][ T8482] ? __check_object_size+0x171/0x3f0 [ 68.211676][ T8482] netlink_sendmsg+0x907/0xe40 [ 68.216422][ T8482] ? netlink_unicast+0x7d0/0x7d0 [ 68.221343][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.227562][ T8482] ? netlink_unicast+0x7d0/0x7d0 [ 68.232595][ T8482] sock_sendmsg+0xcf/0x120 [ 68.236992][ T8482] ____sys_sendmsg+0x6e8/0x810 [ 68.241758][ T8482] ? kernel_sendmsg+0x50/0x50 [ 68.246411][ T8482] ? do_recvmmsg+0x6c0/0x6c0 [ 68.250985][ T8482] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 68.256948][ T8482] ___sys_sendmsg+0xf3/0x170 [ 68.261519][ T8482] ? sendmsg_copy_msghdr+0x160/0x160 [ 68.266788][ T8482] ? lock_downgrade+0x6d0/0x6d0 [ 68.271658][ T8482] ? _copy_to_user+0xdc/0x150 [ 68.276330][ T8482] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.282550][ T8482] ? move_addr_to_user+0xad/0x1e0 [ 68.287557][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.293777][ T8482] ? __fget_light+0x215/0x280 [ 68.298436][ T8482] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.304662][ T8482] __sys_sendmsg+0xe5/0x1b0 [ 68.309147][ T8482] ? __sys_sendmsg_sock+0xb0/0xb0 [ 68.314166][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.320399][ T8482] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.326278][ T8482] do_syscall_64+0x2d/0x70 [ 68.330689][ T8482] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.336558][ T8482] RIP: 0033:0x440c19 [ 68.340435][ T8482] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.360020][ T8482] RSP: 002b:00007ffc8ed30548 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.368412][ T8482] RAX: ffffffffffffffda RBX: 00000000004a24f0 RCX: 0000000000440c19 [ 68.376372][ T8482] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003 [ 68.384325][ T8482] RBP: 00007ffc8ed30550 R08: 0000000120080522 R09: 0000000120080522 [ 68.392276][ T8482] R10: 0000000120080522 R11: 0000000000000246 R12: 00000000004a24f0 [ 68.400228][ T8482] R13: 0000000000402140 R14: 0000000000000000 R15: 0000000000000000 [ 68.408276][ T8482] ================================================================================ [ 68.418224][ T8482] Kernel panic - not syncing: panic_on_warn set ... [ 68.424822][ T8482] CPU: 0 PID: 8482 Comm: syz-executor135 Not tainted 5.10.0-rc6-next-20201207-syzkaller #0 [ 68.434792][ T8482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.444839][ T8482] Call Trace: [ 68.448113][ T8482] dump_stack+0x107/0x163 [ 68.452436][ T8482] panic+0x343/0x77f [ 68.456312][ T8482] ? __warn_printk+0xf3/0xf3 [ 68.460889][ T8482] ? ubsan_epilogue+0x3e/0x5a [ 68.465549][ T8482] ubsan_epilogue+0x54/0x5a [ 68.470035][ T8482] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 68.476775][ T8482] ? rwlock_bug.part.0+0x90/0x90 [ 68.481698][ T8482] __red_change.cold+0x57/0xf5 [ 68.486446][ T8482] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 68.492238][ T8482] ? nla_get_range_signed+0x520/0x520 [ 68.497590][ T8482] ? red_graft+0x7a0/0x7a0 [ 68.501989][ T8482] ? debug_object_destroy+0x210/0x210 [ 68.507344][ T8482] ? __nla_parse+0x3d/0x50 [ 68.511744][ T8482] red_init+0x16b/0x260 [ 68.515889][ T8482] ? red_change+0x1c0/0x1c0 [ 68.520392][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.526726][ T8482] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 68.532962][ T8482] ? red_change+0x1c0/0x1c0 [ 68.537451][ T8482] qdisc_create+0x4ba/0x13a0 [ 68.542034][ T8482] ? apparmor_capable+0x1d8/0x460 [ 68.547046][ T8482] ? tc_get_qdisc+0xb20/0xb20 [ 68.551711][ T8482] ? __nla_parse+0x3d/0x50 [ 68.556129][ T8482] tc_modify_qdisc+0x4c8/0x1a30 [ 68.560991][ T8482] ? rtnetlink_rcv_msg+0x443/0xb80 [ 68.566090][ T8482] ? qdisc_create+0x13a0/0x13a0 [ 68.570987][ T8482] ? qdisc_create+0x13a0/0x13a0 [ 68.575823][ T8482] rtnetlink_rcv_msg+0x498/0xb80 [ 68.580789][ T8482] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.585552][ T8482] netlink_rcv_skb+0x153/0x420 [ 68.590304][ T8482] ? rtnl_fdb_dump+0xa00/0xa00 [ 68.595046][ T8482] ? netlink_ack+0xab0/0xab0 [ 68.599615][ T8482] ? netlink_deliver_tap+0x2c4/0xc00 [ 68.604888][ T8482] netlink_unicast+0x533/0x7d0 [ 68.609636][ T8482] ? netlink_attachskb+0x870/0x870 [ 68.614740][ T8482] ? _copy_from_iter_full+0x275/0x850 [ 68.620091][ T8482] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.626395][ T8482] ? __phys_addr_symbol+0x2c/0x70 [ 68.631397][ T8482] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 68.637092][ T8482] ? __check_object_size+0x171/0x3f0 [ 68.642366][ T8482] netlink_sendmsg+0x907/0xe40 [ 68.647224][ T8482] ? netlink_unicast+0x7d0/0x7d0 [ 68.652159][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.658390][ T8482] ? netlink_unicast+0x7d0/0x7d0 [ 68.663769][ T8482] sock_sendmsg+0xcf/0x120 [ 68.668168][ T8482] ____sys_sendmsg+0x6e8/0x810 [ 68.672911][ T8482] ? kernel_sendmsg+0x50/0x50 [ 68.677575][ T8482] ? do_recvmmsg+0x6c0/0x6c0 [ 68.682150][ T8482] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 68.688114][ T8482] ___sys_sendmsg+0xf3/0x170 [ 68.692684][ T8482] ? sendmsg_copy_msghdr+0x160/0x160 [ 68.697961][ T8482] ? lock_downgrade+0x6d0/0x6d0 [ 68.702831][ T8482] ? _copy_to_user+0xdc/0x150 [ 68.707532][ T8482] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.713825][ T8482] ? move_addr_to_user+0xad/0x1e0 [ 68.718865][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.725116][ T8482] ? __fget_light+0x215/0x280 [ 68.729814][ T8482] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 68.736072][ T8482] __sys_sendmsg+0xe5/0x1b0 [ 68.740591][ T8482] ? __sys_sendmsg_sock+0xb0/0xb0 [ 68.745631][ T8482] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 68.752013][ T8482] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.757920][ T8482] do_syscall_64+0x2d/0x70 [ 68.762348][ T8482] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.768249][ T8482] RIP: 0033:0x440c19 [ 68.772157][ T8482] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.791772][ T8482] RSP: 002b:00007ffc8ed30548 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.800258][ T8482] RAX: ffffffffffffffda RBX: 00000000004a24f0 RCX: 0000000000440c19 [ 68.808215][ T8482] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003 [ 68.816168][ T8482] RBP: 00007ffc8ed30550 R08: 0000000120080522 R09: 0000000120080522 [ 68.824210][ T8482] R10: 0000000120080522 R11: 0000000000000246 R12: 00000000004a24f0 [ 68.832177][ T8482] R13: 0000000000402140 R14: 0000000000000000 R15: 0000000000000000 [ 68.840327][ T8482] Kernel Offset: disabled [ 68.844738][ T8482] Rebooting in 86400 seconds..