Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 73.831342][ T8473] ================================================================================ [ 73.840836][ T8473] UBSAN: shift-out-of-bounds in net/netfilter/ipset/ip_set_hash_gen.h:151:6 [ 73.849503][ T8473] shift exponent 32 is too large for 32-bit type 'unsigned int' [ 73.858264][ T8473] CPU: 0 PID: 8473 Comm: syz-executor542 Not tainted 5.10.0-rc6-next-20201207-syzkaller #0 [ 73.868254][ T8473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.878299][ T8473] Call Trace: [ 73.881591][ T8473] dump_stack+0x107/0x163 [ 73.885909][ T8473] ubsan_epilogue+0xb/0x5a [ 73.890321][ T8473] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 73.897072][ T8473] ? rcu_read_lock_sched_held+0x3a/0x70 [ 73.902642][ T8473] ? unpoison_range+0x2c/0x50 [ 73.907305][ T8473] ? ____kasan_kmalloc.constprop.0+0xa0/0xd0 [ 73.913272][ T8473] hash_ipmark_create.cold+0x96/0x9b [ 73.918548][ T8473] ? __nla_parse+0x3d/0x50 [ 73.922951][ T8473] ? hash_ipmark6_list+0x1160/0x1160 [ 73.928221][ T8473] ip_set_create+0x610/0x1380 [ 73.932903][ T8473] ? __find_set_type_get+0x420/0x420 [ 73.938209][ T8473] ? find_held_lock+0x2d/0x110 [ 73.942960][ T8473] ? __find_set_type_get+0x420/0x420 [ 73.948252][ T8473] nfnetlink_rcv_msg+0xecc/0x1180 [ 73.953269][ T8473] ? nfnetlink_rcv+0x420/0x420 [ 73.958016][ T8473] ? __kernel_text_address+0x9/0x30 [ 73.963207][ T8473] ? __lock_acquire+0xbdc/0x54b0 [ 73.968132][ T8473] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.974095][ T8473] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 73.980065][ T8473] netlink_rcv_skb+0x153/0x420 [ 73.984817][ T8473] ? nfnetlink_rcv+0x420/0x420 [ 73.989564][ T8473] ? netlink_ack+0xab0/0xab0 [ 73.994142][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.000372][ T8473] ? ns_capable_common+0x117/0x140 [ 74.005517][ T8473] nfnetlink_rcv+0x1ac/0x420 [ 74.010090][ T8473] ? nfnetlink_rcv_batch+0x21e0/0x21e0 [ 74.015542][ T8473] netlink_unicast+0x533/0x7d0 [ 74.020310][ T8473] ? netlink_attachskb+0x870/0x870 [ 74.025444][ T8473] ? _copy_from_iter_full+0x275/0x850 [ 74.030801][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.037029][ T8473] ? __phys_addr_symbol+0x2c/0x70 [ 74.042043][ T8473] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 74.047762][ T8473] ? __check_object_size+0x171/0x3f0 [ 74.053045][ T8473] netlink_sendmsg+0x907/0xe40 [ 74.057799][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 74.062730][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.068956][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 74.073878][ T8473] sock_sendmsg+0xcf/0x120 [ 74.078281][ T8473] ____sys_sendmsg+0x6e8/0x810 [ 74.083033][ T8473] ? kernel_sendmsg+0x50/0x50 [ 74.087690][ T8473] ? do_recvmmsg+0x6c0/0x6c0 [ 74.092267][ T8473] ? find_held_lock+0x2d/0x110 [ 74.097053][ T8473] ___sys_sendmsg+0xf3/0x170 [ 74.101631][ T8473] ? sendmsg_copy_msghdr+0x160/0x160 [ 74.106918][ T8473] ? do_huge_pmd_anonymous_page+0x927/0x23c0 [ 74.112904][ T8473] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 74.119131][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.125363][ T8473] ? find_held_lock+0x2d/0x110 [ 74.130112][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.136355][ T8473] ? __fget_light+0x215/0x280 [ 74.141029][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.147294][ T8473] __sys_sendmsg+0xe5/0x1b0 [ 74.151787][ T8473] ? __sys_sendmsg_sock+0xb0/0xb0 [ 74.156845][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.163115][ T8473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 74.168998][ T8473] do_syscall_64+0x2d/0x70 [ 74.173402][ T8473] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.179280][ T8473] RIP: 0033:0x440419 [ 74.183161][ T8473] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.202784][ T8473] RSP: 002b:00007ffdadcbeb88 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.211195][ T8473] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440419 [ 74.219186][ T8473] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 74.227151][ T8473] RBP: 00000000006ca018 R08: 0000000000000005 R09: 00000000004002c8 [ 74.235121][ T8473] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000401c20 [ 74.243084][ T8473] R13: 0000000000401cb0 R14: 0000000000000000 R15: 0000000000000000 [ 74.251674][ T8473] ================================================================================ [ 74.261631][ T8473] Kernel panic - not syncing: panic_on_warn set ... [ 74.268260][ T8473] CPU: 0 PID: 8473 Comm: syz-executor542 Not tainted 5.10.0-rc6-next-20201207-syzkaller #0 [ 74.278255][ T8473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.288328][ T8473] Call Trace: [ 74.291611][ T8473] dump_stack+0x107/0x163 [ 74.295931][ T8473] panic+0x343/0x77f [ 74.299811][ T8473] ? __warn_printk+0xf3/0xf3 [ 74.304398][ T8473] ? ubsan_epilogue+0x3e/0x5a [ 74.309080][ T8473] ubsan_epilogue+0x54/0x5a [ 74.313571][ T8473] __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 [ 74.320337][ T8473] ? rcu_read_lock_sched_held+0x3a/0x70 [ 74.325887][ T8473] ? unpoison_range+0x2c/0x50 [ 74.330552][ T8473] ? ____kasan_kmalloc.constprop.0+0xa0/0xd0 [ 74.336537][ T8473] hash_ipmark_create.cold+0x96/0x9b [ 74.341914][ T8473] ? __nla_parse+0x3d/0x50 [ 74.346326][ T8473] ? hash_ipmark6_list+0x1160/0x1160 [ 74.351600][ T8473] ip_set_create+0x610/0x1380 [ 74.356269][ T8473] ? __find_set_type_get+0x420/0x420 [ 74.361551][ T8473] ? find_held_lock+0x2d/0x110 [ 74.366303][ T8473] ? __find_set_type_get+0x420/0x420 [ 74.371604][ T8473] nfnetlink_rcv_msg+0xecc/0x1180 [ 74.376632][ T8473] ? nfnetlink_rcv+0x420/0x420 [ 74.381382][ T8473] ? __kernel_text_address+0x9/0x30 [ 74.386592][ T8473] ? __lock_acquire+0xbdc/0x54b0 [ 74.391547][ T8473] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.397510][ T8473] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 74.403481][ T8473] netlink_rcv_skb+0x153/0x420 [ 74.408232][ T8473] ? nfnetlink_rcv+0x420/0x420 [ 74.412980][ T8473] ? netlink_ack+0xab0/0xab0 [ 74.417582][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.423805][ T8473] ? ns_capable_common+0x117/0x140 [ 74.428934][ T8473] nfnetlink_rcv+0x1ac/0x420 [ 74.433520][ T8473] ? nfnetlink_rcv_batch+0x21e0/0x21e0 [ 74.438974][ T8473] netlink_unicast+0x533/0x7d0 [ 74.443729][ T8473] ? netlink_attachskb+0x870/0x870 [ 74.448826][ T8473] ? _copy_from_iter_full+0x275/0x850 [ 74.454212][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.460445][ T8473] ? __phys_addr_symbol+0x2c/0x70 [ 74.465455][ T8473] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 74.471159][ T8473] ? __check_object_size+0x171/0x3f0 [ 74.476475][ T8473] netlink_sendmsg+0x907/0xe40 [ 74.481244][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 74.486180][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.492406][ T8473] ? netlink_unicast+0x7d0/0x7d0 [ 74.497337][ T8473] sock_sendmsg+0xcf/0x120 [ 74.501740][ T8473] ____sys_sendmsg+0x6e8/0x810 [ 74.506492][ T8473] ? kernel_sendmsg+0x50/0x50 [ 74.511151][ T8473] ? do_recvmmsg+0x6c0/0x6c0 [ 74.515724][ T8473] ? find_held_lock+0x2d/0x110 [ 74.520476][ T8473] ___sys_sendmsg+0xf3/0x170 [ 74.525074][ T8473] ? sendmsg_copy_msghdr+0x160/0x160 [ 74.530368][ T8473] ? do_huge_pmd_anonymous_page+0x927/0x23c0 [ 74.536334][ T8473] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 74.542574][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.548799][ T8473] ? find_held_lock+0x2d/0x110 [ 74.553549][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.559788][ T8473] ? __fget_light+0x215/0x280 [ 74.564452][ T8473] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.570683][ T8473] __sys_sendmsg+0xe5/0x1b0 [ 74.575171][ T8473] ? __sys_sendmsg_sock+0xb0/0xb0 [ 74.580188][ T8473] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 74.586452][ T8473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 74.592346][ T8473] do_syscall_64+0x2d/0x70 [ 74.596764][ T8473] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 74.602639][ T8473] RIP: 0033:0x440419 [ 74.606532][ T8473] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.626130][ T8473] RSP: 002b:00007ffdadcbeb88 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.634534][ T8473] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440419 [ 74.642492][ T8473] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 74.650447][ T8473] RBP: 00000000006ca018 R08: 0000000000000005 R09: 00000000004002c8 [ 74.658401][ T8473] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000401c20 [ 74.666359][ T8473] R13: 0000000000401cb0 R14: 0000000000000000 R15: 0000000000000000 [ 74.674878][ T8473] Kernel Offset: disabled [ 74.679285][ T8473] Rebooting in 86400 seconds..