[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.210' (ECDSA) to the list of known hosts.
syzkaller login: [   45.169945] audit: type=1400 audit(1602971654.842:8): avc:  denied  { execmem } for  pid=6468 comm="syz-executor009" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   45.194186] IPVS: ftp: loaded support on port[0] = 21
[   45.276205] chnl_net:caif_netlink_parms(): no params data found
[   45.368283] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.375173] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.383187] device bridge_slave_0 entered promiscuous mode
[   45.390462] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.397921] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.405264] device bridge_slave_1 entered promiscuous mode
[   45.423042] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   45.432317] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   45.450432] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   45.457895] team0: Port device team_slave_0 added
[   45.463941] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   45.471386] team0: Port device team_slave_1 added
[   45.486970] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.493275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.518563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.530158] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.536541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.561818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.572981] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   45.580410] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   45.601418] device hsr_slave_0 entered promiscuous mode
[   45.607304] device hsr_slave_1 entered promiscuous mode
[   45.613787] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   45.620866] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   45.688885] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.695492] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.702589] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.708948] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.744640] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   45.750726] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.760352] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   45.769124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.778555] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.786445] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.793984] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   45.805592] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   45.811922] 8021q: adding VLAN 0 to HW filter on device team0
[   45.821574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.829176] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.835578] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.852300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.859866] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.866277] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.873592] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   45.882143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   45.897083] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   45.907102] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   45.918442] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   45.925728] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   45.933768] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.942377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.949959] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   45.963372] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   45.973780] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   45.980470] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   45.990091] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.003934] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   46.013842] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   46.049436] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   46.057966] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   46.065296] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   46.074802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   46.082725] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   46.089584] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   46.098781] device veth0_vlan entered promiscuous mode
[   46.108211] device veth1_vlan entered promiscuous mode
[   46.115718] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[   46.124503] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[   46.136500] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   46.146732] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   46.154558] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   46.162488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   46.172707] device veth0_macvtap entered promiscuous mode
[   46.178822] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[   46.187436] device veth1_macvtap entered promiscuous mode
[   46.196993] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   46.206682] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   46.217526] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.224859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.234053] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   46.244274] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.252601] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.369697] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[   46.378573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.400104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.404857] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
executing program
[   46.414183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.415207] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   46.430613] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.446440] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   46.640985] ================================================================================
[   46.649730] UBSAN: Undefined behaviour in ./include/net/red.h:272:18
[   46.656207] shift exponent 223 is too large for 64-bit type 'long unsigned int'
[   46.663636] CPU: 0 PID: 3723 Comm: kworker/0:2 Not tainted 4.19.152-syzkaller #0
[   46.671155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   46.680512] Workqueue: ipv6_addrconf addrconf_dad_work
[   46.685768] Call Trace:
[   46.688341]  dump_stack+0x22c/0x33e
[   46.691953]  ubsan_epilogue+0xe/0x3a
[   46.695651]  __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250
[   46.701781]  ? kvm_clock_get_cycles+0x14/0x30
[   46.706258]  ? ktime_get+0x21b/0x320
[   46.709959]  red_enqueue+0x2064/0x2200
[   46.713831]  ? red_graft+0x320/0x320
[   46.717526]  ? __dev_queue_xmit+0x1425/0x2ec0
[   46.722007]  __dev_queue_xmit+0x14e1/0x2ec0
[   46.726331]  ? ctnetlink_conntrack_event+0xc82/0x1405
[   46.731519]  ? netdev_pick_tx+0x350/0x350
[   46.735668]  ? mark_held_locks+0xa6/0xf0
[   46.739718]  ? ip_finish_output2+0x1073/0x1640
[   46.744290]  ip_finish_output2+0xc04/0x1640
[   46.748602]  ? ip_reply_glue_bits+0xb0/0xb0
[   46.752910]  ? lock_downgrade+0x750/0x750
[   46.757056]  ip_finish_output+0x88e/0xd80
[   46.761187]  ip_output+0x203/0x650
[   46.764710]  ? ip_mc_output+0xff0/0xff0
[   46.768668]  ? ip_fragment.constprop.0+0x240/0x240
[   46.773580]  ? prandom_u32+0xa3/0x100
[   46.777363]  ip_local_out+0xaf/0x170
[   46.781080]  iptunnel_xmit+0x63e/0xa30
[   46.784957]  geneve_xmit+0xf46/0x2ac0
[   46.788747]  ? geneve_fill_metadata_dst+0x1590/0x1590
[   46.793923]  ? netif_skb_features+0x3f9/0xb20
[   46.798406]  dev_hard_start_xmit+0x1a8/0x960
[   46.802811]  __dev_queue_xmit+0x276a/0x2ec0
[   46.807136]  ? __neigh_create+0x1286/0x1d80
[   46.811440]  ? netdev_pick_tx+0x350/0x350
[   46.815575]  ? ip6_finish_output2+0x1184/0x2370
[   46.820247]  ? memcpy+0x35/0x50
[   46.823517]  neigh_resolve_output+0x55a/0x950
[   46.828011]  ip6_finish_output2+0x1184/0x2370
[   46.832504]  ? ip6_append_data+0x300/0x300
[   46.836717]  ? lock_downgrade+0x750/0x750
[   46.840849]  ? check_preemption_disabled+0x41/0x2b0
[   46.845850]  ip6_finish_output+0x610/0xcc0
[   46.850086]  ip6_output+0x205/0x7c0
[   46.853695]  ? ip6_finish_output+0xcc0/0xcc0
[   46.858086]  ? ip6_fragment+0x3390/0x3390
[   46.862233]  ? check_preemption_disabled+0x41/0x2b0
[   46.867230]  ndisc_send_skb+0xa6b/0x1860
[   46.871288]  ? pndisc_constructor+0x250/0x250
[   46.875765]  ? __kmalloc_node_track_caller+0x38/0x70
[   46.880848]  ? do_ipv6_setsockopt.constprop.0.cold+0x8c/0x8c
[   46.886679]  ? __alloc_skb+0x36d/0x580
[   46.890586]  ? skb_set_owner_w+0x21f/0x370
[   46.894824]  ndisc_send_ns+0x51d/0x840
[   46.898706]  ? addrconf_dad_work+0xab2/0x1130
[   46.903196]  ? pndisc_redo+0x20/0x20
[   46.906891]  ? mark_held_locks+0xa6/0xf0
[   46.910932]  ? addrconf_dad_work+0x677/0x1130
[   46.915408]  ? __local_bh_enable_ip+0x159/0x2a0
[   46.920076]  addrconf_dad_work+0xb78/0x1130
[   46.924398]  ? addrconf_dad_completed+0xb60/0xb60
[   46.929242]  process_one_work+0x796/0x14e0
[   46.933462]  ? init_worker_pool+0x5c0/0x5c0
[   46.937780]  worker_thread+0x64c/0x1130
[   46.941741]  ? __kthread_parkme+0x133/0x1e0
[   46.946041]  ? rescuer_thread+0xce0/0xce0
[   46.950174]  kthread+0x33f/0x460
[   46.953525]  ? kthread_park+0x180/0x180
[   46.957492]  ret_from_fork+0x24/0x30
[   46.961191] ================================================================================
[