bisecting cause commit starting from 84196390620ac0e5070ae36af84c137c6216a7dc
building syzkaller on 8092f30df01f3443831725509ef5a3dae26122c0
testing commit 84196390620ac0e5070ae36af84c137c6216a7dc with gcc (GCC) 10.2.1 20210217
kernel signature: a8c0bbc52cd6dba74699834cd8826baf6d23c6e9b0d4e6e7ddee3b24ba003769
all runs: crashed: UBSAN: shift-out-of-bounds in vhci_hub_control
testing release v5.11
testing commit f40ddce88593482919761f74910f42f4b84c004b with gcc (GCC) 10.2.1 20210217
kernel signature: 0060f998cf503ac1654a9c4262c8927768d9a752547f1a416fab09d8bbd9070a
all runs: crashed: UBSAN: shift-out-of-bounds in vhci_hub_control
testing release v5.10
testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 10.2.1 20210217
kernel signature: 73961e71ca0efa6aafc5c641f8455fc41ee9bf52ff7223de6347538f53332939
all runs: crashed: UBSAN: shift-out-of-bounds in vhci_hub_control
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 10.2.1 20210217
kernel signature: fe3639663fb9aae8e44209ef569e8c106ccddbf4461a180bc1d3dabcbb827a7f
all runs: crashed: UBSAN: shift-out-of-bounds in vhci_hub_control
testing release v5.8
testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.4.1 20210217
kernel signature: 7a1cc33ee932e0b87b3f2dd22a66495994ab75e23a095d86af765108e4dcdb96
all runs: crashed: UBSAN: shift-out-of-bounds in vhci_hub_control
testing release v5.7
testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.4.1 20210217
kernel signature: 2a10ad97fb56467057dde68d271443b7ff64c47201c3cee23a29ae53b4603f17
all runs: crashed: UBSAN: shift-out-of-bounds in vhci_hub_control
testing release v5.6
testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.4.1 20210217
kernel signature: d1e647c4a495a3b0c25108a95f48ec9095c9087958856c0a5703711da54e5c75
all runs: crashed: UBSAN: undefined-behaviour in vhci_hub_control
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.4.1 20210217
kernel signature: 8145ce4b442d969573b47090ddded3b854e27d0f02b6d66b1f9cc30943df21ed
all runs: crashed: UBSAN: undefined-behaviour in vhci_hub_control
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.4.1 20210217
kernel signature: 9d5d0917101654ef1fb025b2a267d64f58a137ee7f3631d18b93dbe47264a259
all runs: crashed: UBSAN: undefined-behaviour in vhci_hub_control
testing release v5.3
testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.4.1 20210217
kernel signature: f4ee03e42cb674ec457f683e7f65844e7956fde67418e3cbccd5e1f896c2cfdc
all runs: crashed: UBSAN: undefined-behaviour in vhci_hub_control
testing release v5.2
testing commit 0ecfebd2b52404ae0c54a878c872bb93363ada36 with gcc (GCC) 8.4.1 20210217
kernel signature: 5f51cccfeb5957b911b37f0592e5b5ed3b60dd71efba7780de9141573183b777
all runs: OK
# git bisect start 4d856f72c10ecb060868ed10ff1b1453943fc6c8 0ecfebd2b52404ae0c54a878c872bb93363ada36
Bisecting: 7848 revisions left to test after this (roughly 13 steps)
[43c95d3694cc448fdf50bd53b7ff3a5bb4655883] Merge tag 'pinctrl-v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

testing commit 43c95d3694cc448fdf50bd53b7ff3a5bb4655883 with gcc (GCC) 8.4.1 20210217
kernel signature: 2b967f8e1bdb1c23520da4db9f761fb3abb62da68a246377a677a67d5f697c20
all runs: OK
# git bisect good 43c95d3694cc448fdf50bd53b7ff3a5bb4655883
Bisecting: 3922 revisions left to test after this (roughly 12 steps)
[0e2a5b5bd9a6aaec85df347dd71432a1d2d10763] Merge branch 'parisc-5.3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux

testing commit 0e2a5b5bd9a6aaec85df347dd71432a1d2d10763 with gcc (GCC) 8.4.1 20210217
kernel signature: f3303c09e794f209cab2976ffd8a2165f1106ed01f63e59d4a4e96a9c9c3ad83
all runs: OK
# git bisect good 0e2a5b5bd9a6aaec85df347dd71432a1d2d10763
Bisecting: 1961 revisions left to test after this (roughly 11 steps)
[12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea] perf record: Fix module size on s390

testing commit 12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea with gcc (GCC) 8.4.1 20210217
kernel signature: 55538fbace905958aa4f45b00e16c9d64f9dcccbde085ced675ffd60d3a63602
all runs: OK
# git bisect good 12a6d2940b5f02b4b9f71ce098e3bb02bc24a9ea
Bisecting: 984 revisions left to test after this (roughly 10 steps)
[85d8d3b172eb37b23dcdbe9fa7a85e343642bfea] Merge tag 'hyperv-fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux

testing commit 85d8d3b172eb37b23dcdbe9fa7a85e343642bfea with gcc (GCC) 8.4.1 20210217
kernel signature: 0c20c1be559856f245b1888017d92bb1ef9175da5f3c0d3730b57bdc9a8517f5
all runs: OK
# git bisect good 85d8d3b172eb37b23dcdbe9fa7a85e343642bfea
Bisecting: 496 revisions left to test after this (roughly 9 steps)
[6525771f58cbc6ab97b5cff9069865cde8283346] Merge tag 'arc-5.3-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

testing commit 6525771f58cbc6ab97b5cff9069865cde8283346 with gcc (GCC) 8.4.1 20210217
kernel signature: fcf2b7552e9c036773d5f1a1c9bc582c6524f3f5e04af175edfff027f0101954
all runs: OK
# git bisect good 6525771f58cbc6ab97b5cff9069865cde8283346
Bisecting: 251 revisions left to test after this (roughly 8 steps)
[345464fb760d1b772e891538b498e111c588b692] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

testing commit 345464fb760d1b772e891538b498e111c588b692 with gcc (GCC) 8.4.1 20210217
kernel signature: d38d5c7d94d593d8d301c8ded66a6c1b485f430a966a2947d0264a44961c55d4
all runs: OK
# git bisect good 345464fb760d1b772e891538b498e111c588b692
Bisecting: 126 revisions left to test after this (roughly 7 steps)
[840ce8f8073edb3ff3d2c2c7a6ef211f4176961c] Merge tag 'pinctrl-v5.3-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

testing commit 840ce8f8073edb3ff3d2c2c7a6ef211f4176961c with gcc (GCC) 8.4.1 20210217
kernel signature: 49352dd1747356fdf84b6164f10e6555f1bd5e537cadc4f6b55b8506501a82c1
all runs: OK
# git bisect good 840ce8f8073edb3ff3d2c2c7a6ef211f4176961c
Bisecting: 63 revisions left to test after this (roughly 6 steps)
[c3dc1fa72249e4472b90ecef4dbafe25f0f07889] net: hns3: fix spelling mistake "undeflow" -> "underflow"

testing commit c3dc1fa72249e4472b90ecef4dbafe25f0f07889 with gcc (GCC) 8.4.1 20210217
kernel signature: f46cad961669b52203f08d226d6fe4c305bbe503a5943a719cf496ca5355aba7
all runs: OK
# git bisect good c3dc1fa72249e4472b90ecef4dbafe25f0f07889
Bisecting: 30 revisions left to test after this (roughly 5 steps)
[1c4c5e2528af0c803fb1171632074f4070229a75] Merge tag 'mmc-v5.3-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc

testing commit 1c4c5e2528af0c803fb1171632074f4070229a75 with gcc (GCC) 8.4.1 20210217
kernel signature: 80139d3d67b450743f2c27004bbcf5c40e363aa5f00c15da7082626c48bf0a01
all runs: OK
# git bisect good 1c4c5e2528af0c803fb1171632074f4070229a75
Bisecting: 14 revisions left to test after this (roughly 4 steps)
[ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d] Merge branch 'sctp_do_bind-leak'

testing commit ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d with gcc (GCC) 8.4.1 20210217
kernel signature: 82109ca32dbc7b11850303e3f881a50af0dc6696b143bbf9b6e74c1505bbfb1d
all runs: OK
# git bisect good ae3b06ed55b1554e9a91bf959c6b0b5e212e7f4d
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[a9c20bb0206ae9384bd470a6832dd8913730add9] Merge tag 'kvm-s390-master-5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into kvm-master

testing commit a9c20bb0206ae9384bd470a6832dd8913730add9 with gcc (GCC) 8.4.1 20210217
kernel signature: aa6e141dddcb36e1a07bfa3d26b62394d1cd390f6fbcf823ba3a128580993978
all runs: OK
# git bisect good a9c20bb0206ae9384bd470a6832dd8913730add9
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[b03c036e6f96340dd311817c7b964dad183c4141] Merge tag 'riscv/for-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux

testing commit b03c036e6f96340dd311817c7b964dad183c4141 with gcc (GCC) 8.4.1 20210217
kernel signature: d421634efb62e465220fb9eb6d242169f8c4b7aebafa0dd5f2f42b6c0e6d3261
all runs: OK
# git bisect good b03c036e6f96340dd311817c7b964dad183c4141
Bisecting: 2 revisions left to test after this (roughly 1 step)
[1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e] Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost

testing commit 1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e with gcc (GCC) 8.4.1 20210217
kernel signature: 234b2711afc70c028cfc47f148665593bdbe3867bedde0e45b1b64c7ffc802ef
all runs: OK
# git bisect good 1f9c632cde0c3d781463a88ce430a8dd4a7c1a0e
Bisecting: 0 revisions left to test after this (roughly 1 step)
[72dbcf72156641fde4d8ea401e977341bfd35a05] Revert "ext4: make __ext4_get_inode_loc plug"

testing commit 72dbcf72156641fde4d8ea401e977341bfd35a05 with gcc (GCC) 8.4.1 20210217
kernel signature: 471c8e41ef8d681ca6fd7d2eed44deeb9b730b7548ff054c33dbb41dda5de2b2
all runs: OK
# git bisect good 72dbcf72156641fde4d8ea401e977341bfd35a05
4d856f72c10ecb060868ed10ff1b1453943fc6c8 is the first bad commit
commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Sun Sep 15 14:19:32 2019 -0700

    Linux 5.3

 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

culprit signature: f4ee03e42cb674ec457f683e7f65844e7956fde67418e3cbccd5e1f896c2cfdc
parent  signature: 471c8e41ef8d681ca6fd7d2eed44deeb9b730b7548ff054c33dbb41dda5de2b2
revisions tested: 25, total time: 5h26m29.662962772s (build: 2h38m50.700725312s, test: 2h42m13.565283264s)
first bad commit: 4d856f72c10ecb060868ed10ff1b1453943fc6c8 Linux 5.3
recipients (to): ["linux-kbuild@vger.kernel.org" "michal.lkml@markovi.net" "torvalds@linux-foundation.org" "yamada.masahiro@socionext.com"]
recipients (cc): ["linux-kernel@vger.kernel.org"]
crash: UBSAN: undefined-behaviour in vhci_hub_control
================================================================================
UBSAN: Undefined behaviour in drivers/usb/usbip/vhci_hcd.c:604:42
shift exponent 768 is too large for 32-bit type 'int'
CPU: 0 PID: 10592 Comm: syz-executor.2 Not tainted 5.3.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x86/0xca lib/dump_stack.c:113
 ubsan_epilogue+0xd/0x3a lib/ubsan.c:158
 __ubsan_handle_shift_out_of_bounds.cold.14+0x21/0x68 lib/ubsan.c:404
 vhci_hub_control.cold.5+0xa5/0x2b2 drivers/usb/usbip/vhci_hcd.c:604
 rh_call_control drivers/usb/core/hcd.c:682 [inline]
 rh_urb_enqueue drivers/usb/core/hcd.c:841 [inline]
 usb_hcd_submit_urb+0x7dd/0x21d0 drivers/usb/core/hcd.c:1551
 usb_submit_urb+0xa65/0x1280 drivers/usb/core/urb.c:569
 usb_start_wait_urb+0x106/0x500 drivers/usb/core/message.c:57
 usb_internal_control_msg drivers/usb/core/message.c:101 [inline]
 usb_control_msg+0x331/0x570 drivers/usb/core/message.c:152
 proc_control+0x2a9/0x5b0 drivers/usb/core/devio.c:1119
 usbdev_do_ioctl+0x196a/0x2da0 drivers/usb/core/devio.c:2436
 usbdev_ioctl+0x9/0x10 drivers/usb/core/devio.c:2600
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:509 [inline]
 do_vfs_ioctl+0x196/0x1150 fs/ioctl.c:696
 ksys_ioctl+0x62/0x90 fs/ioctl.c:713
 __do_sys_ioctl fs/ioctl.c:720 [inline]
 __se_sys_ioctl fs/ioctl.c:718 [inline]
 __x64_sys_ioctl+0x6e/0xb0 fs/ioctl.c:718
 do_syscall_64+0xa3/0x4b0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x466459
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f9cc119a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
RDX: 0000000020000000 RSI: 00000000c0185500 RDI: 0000000000000003
RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007fff5c7e606f R14: 00007f9cc119a300 R15: 0000000000022000
================================================================================