Warning: Permanently added '10.128.10.61' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 40.365141] audit: type=1400 audit(1602891209.399:8): avc: denied { execmem } for pid=6499 comm="syz-executor044" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.368997] ================================================================================ [ 40.393727] UBSAN: Undefined behaviour in drivers/usb/usbip/vhci_hcd.c:603:42 [ 40.400981] shift exponent 768 is too large for 32-bit type 'int' [ 40.407206] CPU: 1 PID: 6499 Comm: syz-executor044 Not tainted 4.19.150-syzkaller #0 [ 40.415077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.424423] Call Trace: [ 40.426997] dump_stack+0x22c/0x33e [ 40.430609] ubsan_epilogue+0xe/0x3a [ 40.434305] __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 [ 40.440445] ? vhci_hub_control+0x715/0x2590 [ 40.444833] ? do_raw_spin_lock+0xcb/0x220 [ 40.449055] vhci_hub_control.cold+0x18a/0x48c [ 40.453623] ? vhci_hcd_probe+0x230/0x230 [ 40.457755] ? rcu_read_lock_sched_held+0x174/0x1e0 [ 40.462755] ? __kmalloc+0x436/0x4f0 [ 40.466447] ? usb_hcd_submit_urb+0x663/0x20d0 [ 40.471017] usb_hcd_submit_urb+0xb7e/0x20d0 [ 40.475414] ? vhci_hcd_probe+0x230/0x230 [ 40.479580] ? unlink1+0x500/0x500 [ 40.483098] ? ksys_ioctl+0x9b/0xc0 [ 40.486702] ? __x64_sys_ioctl+0x6f/0xb0 [ 40.490760] ? do_syscall_64+0xf9/0x670 [ 40.494729] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.500071] ? do_syscall_64+0xf9/0x670 [ 40.504022] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.509377] ? rcu_read_lock_sched_held+0x174/0x1e0 [ 40.514377] usb_submit_urb+0xba2/0x13b0 [ 40.518439] usb_start_wait_urb+0x108/0x2b0 [ 40.522754] ? usb_api_blocking_completion+0xa0/0xa0 [ 40.527841] ? __kmalloc+0x436/0x4f0 [ 40.531534] ? memset+0x20/0x40 [ 40.534807] usb_control_msg+0x31c/0x4a0 [ 40.538861] ? usb_start_wait_urb+0x2b0/0x2b0 [ 40.543337] ? __mutex_add_waiter+0x160/0x160 [ 40.547822] ? snoop_urb+0x64/0x2c0 [ 40.551430] proc_control+0x360/0x6d0 [ 40.555209] ? proc_do_submiturb+0x3af0/0x3af0 [ 40.559773] ? lock_acquire+0x170/0x3f0 [ 40.563728] ? check_preemption_disabled+0x41/0x2b0 [ 40.568733] usbdev_do_ioctl+0x15fc/0x3580 [ 40.572960] ? proc_bulk+0x700/0x700 [ 40.576655] ? avc_ss_reset+0x170/0x170 [ 40.580618] ? __kasan_slab_free+0x186/0x1f0 [ 40.585018] ? kmem_cache_free+0x7f/0x2b0 [ 40.589155] ? putname+0xe1/0x130 [ 40.592598] ? do_sys_open+0x2ba/0x520 [ 40.596465] ? do_syscall_64+0xf9/0x670 [ 40.600418] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.605775] ? mark_held_locks+0xf0/0xf0 [ 40.609817] ? find_held_lock+0x2d/0x110 [ 40.613871] ? debug_check_no_obj_freed+0x201/0x482 [ 40.618871] ? lock_downgrade+0x750/0x750 [ 40.623007] ? usbdev_compat_ioctl+0x30/0x30 [ 40.627396] usbdev_ioctl+0x21/0x30 [ 40.631004] do_vfs_ioctl+0xcdb/0x12e0 [ 40.634888] ? selinux_file_ioctl+0x44f/0x5e0 [ 40.639377] ? ioctl_preallocate+0x200/0x200 [ 40.643776] ? selinux_parse_skb.constprop.0+0x1f0/0x1f0 [ 40.649218] ? follow_managed+0xf0/0xa70 [ 40.653281] ? putname+0xe1/0x130 [ 40.656726] ? rcu_read_lock_sched_held+0x174/0x1e0 [ 40.661724] ? putname+0xe1/0x130 [ 40.665166] ksys_ioctl+0x9b/0xc0 [ 40.668599] __x64_sys_ioctl+0x6f/0xb0 [ 40.672468] do_syscall_64+0xf9/0x670 [ 40.676252] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.681427] RIP: 0033:0x443f39 [ 40.684619] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 40.703533] RSP: 002b:00007ffc4b82d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 40.711223] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: