sd 0:0:1:0: [sg0] tag#8066 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
================================================================================
UBSAN: Undefined behaviour in ./include/net/red.h:272:18
shift exponent 174 is too large for 64-bit type 'long unsigned int'
CPU: 1 PID: 8106 Comm: syz-executor.5 Not tainted 4.19.147-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 red_calc_qavg_from_idle_time include/net/red.h:272 [inline]
 red_adaptative_algo include/net/red.h:404 [inline]
 red_adaptative_timer+0x7ed/0x870 net/sched/sch_red.c:266
 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338
 expire_timers+0x243/0x500 kernel/time/timer.c:1375
 __run_timers kernel/time/timer.c:1703 [inline]
 run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716
 __do_softirq+0x27d/0xad2 kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x22d/0x270 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x15f/0x5d0 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:console_trylock_spinning kernel/printk/printk.c:1724 [inline]
RIP: 0010:vprintk_emit+0x6a0/0x7c0 kernel/printk/printk.c:1964
Code: 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 0f 85 10 01 00 00 48 83 3d 64 5e 08 08 00 74 60 e8 95 97 16 00 4c 89 ff 57 9d <0f> 1f 44 00 00 e9 5c fe ff ff e8 81 97 16 00 0f 0b 48 c7 c7 80 11
RSP: 0018:ffff888046dbeb98 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
RAX: 0000000000040000 RBX: 0000000000000200 RCX: ffffc9001059d000
RDX: 0000000000040000 RSI: ffffffff815b2b4b RDI: 0000000000000246
RBP: ffff888046dbebd8 R08: 00000000746da9a2 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000053
R13: 1ffffffff12c7135 R14: ffff888046d846c0 R15: 0000000000000246
 dev_vprintk_emit+0x2e3/0x640 drivers/base/core.c:3248
 dev_printk_emit+0xbb/0xf0 drivers/base/core.c:3259
 __dev_printk+0x108/0x260 drivers/base/core.c:3271
 dev_printk+0xd1/0x110 drivers/base/core.c:3288
 scsi_print_command+0x5db/0x77c drivers/scsi/scsi_logging.c:226
 scsi_io_completion_action drivers/scsi/scsi_lib.c:925 [inline]
 scsi_io_completion+0x1240/0x1870 drivers/scsi/scsi_lib.c:1121
 scsi_softirq_done+0x336/0x3d0 drivers/scsi/scsi_lib.c:1758
 __blk_mq_complete_request block/blk-mq.c:583 [inline]
 blk_mq_complete_request+0x472/0x660 block/blk-mq.c:620
 scsi_dispatch_cmd+0x55a/0xc40 drivers/scsi/scsi_lib.c:1849
 scsi_queue_rq+0x1477/0x1aa0 drivers/scsi/scsi_lib.c:2139
 blk_mq_dispatch_rq_list+0xcf4/0x1a00 block/blk-mq.c:1186
 blk_mq_do_dispatch_sched+0x187/0x400 block/blk-mq-sched.c:117
 blk_mq_sched_dispatch_requests+0x389/0x5b0 block/blk-mq-sched.c:213
 __blk_mq_run_hw_queue+0x185/0x290 block/blk-mq.c:1317
 __blk_mq_delay_run_hw_queue+0x4d8/0x5a0 block/blk-mq.c:1385
 blk_mq_run_hw_queue+0x16b/0x2f0 block/blk-mq.c:1422
 blk_mq_sched_insert_request+0x368/0x760 block/blk-mq-sched.c:406
 blk_execute_rq_nowait+0x194/0x350 block/blk-exec.c:64
 sg_common_write.constprop.0+0xfb0/0x2110 drivers/scsi/sg.c:847
 sg_new_write.isra.0+0x6f4/0xa10 drivers/scsi/sg.c:785
 sg_write.part.0+0xa53/0xe10 drivers/scsi/sg.c:643
 sg_write+0x45/0x70 drivers/scsi/sg.c:622
 __vfs_write+0xf7/0x770 fs/read_write.c:485
 vfs_write+0x1f3/0x540 fs/read_write.c:549
 ksys_write+0x12b/0x2a0 fs/read_write.c:599
 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45e179
Code: 3d b2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b b2 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f96f4ea9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000039680 RCX: 000000000045e179
RDX: 0000000000000186 RSI: 00000000200002c0 RDI: 0000000000000004
RBP: 000000000118cf80 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c
R13: 00007fffc7acbeff R14: 00007f96f4eaa9c0 R15: 000000000118cf4c
================================================================================
sd 0:0:1:0: [sg0] tag#8066 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[c0]: 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[c0]: 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
hrtimer: interrupt took 55765 ns
sd 0:0:1:0: [sg0] tag#8071 CDB: Test Unit Ready
sd 0:0:1:0: [sg0] tag#8066 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
sd 0:0:1:0: [sg0] tag#8071 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB: Test Unit Ready
sd 0:0:1:0: [sg0] tag#8071 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[c0]: 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8066 CDB[c0]: 00 00 00 00 00 00 00 00
netlink: 'syz-executor.0': attribute type 1 has an invalid length.
audit: type=1400 audit(1601067911.123:9): avc:  denied  { create } for  pid=8204 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
audit: type=1400 audit(1601067911.163:10): avc:  denied  { name_bind } for  pid=8204 comm="syz-executor.5" src=20003 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
audit: type=1400 audit(1601067911.163:11): avc:  denied  { node_bind } for  pid=8204 comm="syz-executor.5" src=20003 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1
audit: type=1400 audit(1601067911.213:12): avc:  denied  { name_connect } for  pid=8204 comm="syz-executor.5" dest=20003 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
team0: Port device team_slave_0 removed
bond0: Enslaving team_slave_0 as an active interface with an up link
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
netlink: 'syz-executor.0': attribute type 1 has an invalid length.
syz-executor.0 (8218) used greatest stack depth: 22376 bytes left
netlink: 'syz-executor.0': attribute type 1 has an invalid length.
sd 0:0:1:0: [sg0] tag#8071 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
sd 0:0:1:0: [sg0] tag#8071 CDB: Test Unit Ready
sd 0:0:1:0: [sg0] tag#8071 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[c0]: 00 00 00 00 00 00 00 00
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
sd 0:0:1:0: [sg0] tag#8071 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
sd 0:0:1:0: [sg0] tag#8071 CDB: Test Unit Ready
sd 0:0:1:0: [sg0] tag#8071 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[c0]: 00 00 00 00 00 00 00 00
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
batman_adv: batadv0: Interface deactivated: batadv_slave_0
batman_adv: batadv0: Removing interface: batadv_slave_0
bond0: batadv_slave_0 is up - this may be due to an out of date ifenslave
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
sd 0:0:1:0: [sg0] tag#8071 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
sd 0:0:1:0: [sg0] tag#8071 CDB: Test Unit Ready
sd 0:0:1:0: [sg0] tag#8071 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
audit: type=1800 audit(1601067915.023:13): pid=8330 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=15812 res=0
sd 0:0:1:0: [sg0] tag#8071 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[c0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[d0]: 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
sd 0:0:1:0: [sg0] tag#8071 CDB: Test Unit Ready
sd 0:0:1:0: [sg0] tag#8071 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[c0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
sd 0:0:1:0: [sg0] tag#8071 CDB[d0]: 00 00 00 00
audit: type=1326 audit(1601067917.573:14): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8375 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460fba code=0x0
mmap: syz-executor.0 (8390) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.