================================================================================
UBSAN: Undefined behaviour in sound/core/oss/pcm_oss.c:720:23
shift exponent 54394 is too large for 32-bit type 'int'
CPU: 1 PID: 15396 Comm: syz-executor.1 Not tainted 4.19.152-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 snd_pcm_oss_period_size sound/core/oss/pcm_oss.c:720 [inline]
 snd_pcm_oss_change_params_locked.cold+0xf7/0x11a sound/core/oss/pcm_oss.c:943
 snd_pcm_oss_change_params sound/core/oss/pcm_oss.c:1102 [inline]
 snd_pcm_oss_make_ready+0xe6/0x2e0 sound/core/oss/pcm_oss.c:1161
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15408 comm=syz-executor.3
 snd_pcm_oss_sync+0x1de/0x870 sound/core/oss/pcm_oss.c:1722
 snd_pcm_oss_release+0x26c/0x300 sound/core/oss/pcm_oss.c:2561
 __fput+0x2ce/0x8a0 fs/file_table.c:278
 task_work_run+0x141/0x1c0 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:193 [inline]
 exit_to_usermode_loop+0x269/0x2c0 arch/x86/entry/common.c:167
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x57c/0x670 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4177b1
Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a4 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:00007ffe2856d9b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004177b1
RDX: 0000001b2f820000 RSI: 000000000000183f RDI: 0000000000000003
RBP: 0000000000000001 R08: 0000000078ccd83f R09: 0000000078ccd843
R10: 00007ffe2856da90 R11: 0000000000000293 R12: ffffffffffffffff
R13: 000000000026d5d6 R14: 00000000000003e8 R15: 000000000118bf2c
================================================================================
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond284: link is not ready
8021q: adding VLAN 0 to HW filter on device bond284
xt_socket: unknown flags 0x2
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
xt_socket: unknown flags 0x2
IPv6: ADDRCONF(NETDEV_UP): bond285: link is not ready
8021q: adding VLAN 0 to HW filter on device bond285
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
xt_socket: unknown flags 0x2
IPv6: ADDRCONF(NETDEV_UP): bond286: link is not ready
8021q: adding VLAN 0 to HW filter on device bond286
selinux_nlmsg_perm: 2 callbacks suppressed
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15588 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond287: link is not ready
8021q: adding VLAN 0 to HW filter on device bond287
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15678 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond288: link is not ready
8021q: adding VLAN 0 to HW filter on device bond288
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15740 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond289: link is not ready
8021q: adding VLAN 0 to HW filter on device bond289
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15812 comm=syz-executor.3
IPv6: ADDRCONF(NETDEV_UP): bond290: link is not ready
8021q: adding VLAN 0 to HW filter on device bond290
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15895 comm=syz-executor.3
IPv6: ADDRCONF(NETDEV_UP): bond291: link is not ready
8021q: adding VLAN 0 to HW filter on device bond291
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15980 comm=syz-executor.3
socket_mt_v1_check: 10 callbacks suppressed
xt_socket: unknown flags 0x2
validate_nla: 2 callbacks suppressed
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond292: link is not ready
xt_socket: unknown flags 0x2
8021q: adding VLAN 0 to HW filter on device bond292
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16068 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
xt_socket: unknown flags 0x2
IPv6: ADDRCONF(NETDEV_UP): bond293: link is not ready
8021q: adding VLAN 0 to HW filter on device bond293
xt_socket: unknown flags 0x2
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16148 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond294: link is not ready
xt_socket: unknown flags 0x2
8021q: adding VLAN 0 to HW filter on device bond294
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16242 comm=syz-executor.3
xt_socket: unknown flags 0x2
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond295: link is not ready
8021q: adding VLAN 0 to HW filter on device bond295
xt_socket: unknown flags 0x2
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16332 comm=syz-executor.3
xt_socket: unknown flags 0x2
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond296: link is not ready
8021q: adding VLAN 0 to HW filter on device bond296
xt_socket: unknown flags 0x2
xt_socket: unknown flags 0x2
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond297: link is not ready
8021q: adding VLAN 0 to HW filter on device bond297
selinux_nlmsg_perm: 1 callbacks suppressed
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16512 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond298: link is not ready
8021q: adding VLAN 0 to HW filter on device bond298
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16604 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond299: link is not ready
8021q: adding VLAN 0 to HW filter on device bond299
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16703 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond300: link is not ready
8021q: adding VLAN 0 to HW filter on device bond300
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16790 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond301: link is not ready
8021q: adding VLAN 0 to HW filter on device bond301
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16875 comm=syz-executor.3
IPv6: ADDRCONF(NETDEV_UP): bond302: link is not ready
8021q: adding VLAN 0 to HW filter on device bond302
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16948 comm=syz-executor.3
socket_mt_v1_check: 9 callbacks suppressed
xt_socket: unknown flags 0x2
validate_nla: 1 callbacks suppressed
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond303: link is not ready
xt_socket: unknown flags 0x2
8021q: adding VLAN 0 to HW filter on device bond303
audit: type=1326 audit(1603139026.325:18118): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17003 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0x0
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17022 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
xt_socket: unknown flags 0x2
IPv6: ADDRCONF(NETDEV_UP): bond304: link is not ready
8021q: adding VLAN 0 to HW filter on device bond304
xt_socket: unknown flags 0x2
audit: type=1326 audit(1603139027.085:18119): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17003 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0x0
xt_socket: unknown flags 0x2
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17101 comm=syz-executor.3
netlink: 'syz-executor.3': attribute type 1 has an invalid length.
IPv6: ADDRCONF(NETDEV_UP): bond305: link is not ready