================================================================================ UBSAN: Undefined behaviour in sound/core/oss/pcm_oss.c:720:23 shift exponent 255 is too large for 32-bit type 'int' CPU: 0 PID: 8676 Comm: syz-executor.1 Not tainted 4.19.152-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422 snd_pcm_oss_period_size sound/core/oss/pcm_oss.c:720 [inline] snd_pcm_oss_change_params_locked.cold+0xf7/0x11a sound/core/oss/pcm_oss.c:943 snd_pcm_oss_change_params sound/core/oss/pcm_oss.c:1102 [inline] snd_pcm_oss_make_ready+0xe6/0x2e0 sound/core/oss/pcm_oss.c:1161 snd_pcm_oss_set_trigger+0x350/0x770 sound/core/oss/pcm_oss.c:2061 snd_pcm_oss_poll+0x662/0xb10 sound/core/oss/pcm_oss.c:2842 vfs_poll include/linux/poll.h:90 [inline] do_select+0x937/0x1670 fs/select.c:507 core_sys_select+0x3cc/0x840 fs/select.c:650 kern_select+0x13d/0x1c0 fs/select.c:691 __do_sys_select fs/select.c:700 [inline] __se_sys_select fs/select.c:697 [inline] __x64_sys_select+0xba/0x150 fs/select.c:697 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45de59 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f0c10342c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 RAX: ffffffffffffffda RBX: 0000000000027a00 RCX: 000000000045de59 RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040 RBP: 000000000118bf70 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000280 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffdad54a48f R14: 00007f0c103439c0 R15: 000000000118bf2c ================================================================================ x_tables: duplicate underflow at hook 1 x_tables: duplicate underflow at hook 1 x_tables: duplicate underflow at hook 1 x_tables: duplicate underflow at hook 1 usb usb6: usbfs: process 8760 (syz-executor.3) did not claim interface 0 before use x_tables: duplicate underflow at hook 1 netlink: 'syz-executor.1': attribute type 2 has an invalid length. netlink: 'syz-executor.1': attribute type 1 has an invalid length. can: request_module (can-proto-3) failed. blktrace: Concurrent blktraces are not allowed on nbd4 can: request_module (can-proto-3) failed. x_tables: duplicate underflow at hook 1 netlink: 220 bytes leftover after parsing attributes in process `syz-executor.5'. usb usb6: usbfs: process 9025 (syz-executor.0) did not claim interface 0 before use usb usb6: usbfs: process 9042 (syz-executor.0) did not claim interface 0 before use usb usb6: usbfs: process 9067 (syz-executor.0) did not claim interface 0 before use usb usb6: usbfs: process 9082 (syz-executor.0) did not claim interface 0 before use x_tables: duplicate underflow at hook 1 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. tmpfs: Bad mount option pcr usb usb6: usbfs: process 9217 (syz-executor.4) did not claim interface 0 before use usb usb6: selecting invalid altsetting 4 x_tables: duplicate underflow at hook 1 tmpfs: Bad mount option pcr usb usb6: usbfs: process 9233 (syz-executor.4) did not claim interface 0 before use usb usb6: selecting invalid altsetting 4 usb usb6: usbfs: process 9253 (syz-executor.4) did not claim interface 0 before use usb usb6: selecting invalid altsetting 4 SELinux: security_context_str_to_sid(sysadm_u) failed for (dev tmpfs, type tmpfs) errno=-22 SELinux: security_context_str_to_sid(sysadm_u) failed for (dev tmpfs, type tmpfs) errno=-22 usb usb6: usbfs: process 9282 (syz-executor.4) did not claim interface 0 before use usb usb6: selecting invalid altsetting 4 hub 6-0:1.0: USB hub found hub 6-0:1.0: 1 port detected x_tables: duplicate underflow at hook 1 netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. usb usb6: usbfs: process 9374 (syz-executor.5) did not claim interface 0 before use x_tables: duplicate underflow at hook 1 usb usb6: usbfs: process 9381 (syz-executor.0) did not claim interface 0 before use usb usb6: usbfs: process 9400 (syz-executor.0) did not claim interface 0 before use usb usb6: usbfs: process 9421 (syz-executor.0) did not claim interface 0 before use tmpfs: Bad value '' for mount option 'huge' tmpfs: Bad value '' for mount option 'huge' tmpfs: Bad value 'neverøÀ‡O<ø ' for mount option 'huge' usb usb6: usbfs: process 9543 (syz-executor.4) did not claim interface 0 before use tmpfs: Bad value 'neverøÀ‡O<ø ' for mount option 'huge' usb usb6: usbfs: process 9556 (syz-executor.4) did not claim interface 0 before use usb usb6: usbfs: process 9572 (syz-executor.4) did not claim interface 0 before use