================================================================================ UBSAN: Undefined behaviour in ./include/net/red.h:272:18 shift exponent 102 is too large for 64-bit type 'long unsigned int' CPU: 1 PID: 6499 Comm: syz-fuzzer Not tainted 4.19.148-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422 red_calc_qavg_from_idle_time include/net/red.h:272 [inline] red_adaptative_algo include/net/red.h:404 [inline] red_adaptative_timer+0x7ed/0x870 net/sched/sch_red.c:266 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338 expire_timers+0x243/0x500 kernel/time/timer.c:1375 __run_timers kernel/time/timer.c:1703 [inline] run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716 __do_softirq+0x27d/0xad2 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:372 [inline] irq_exit+0x22d/0x270 kernel/softirq.c:412 exiting_irq arch/x86/include/asm/apic.h:544 [inline] smp_apic_timer_interrupt+0x15f/0x5d0 arch/x86/kernel/apic/apic.c:1094 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894 RIP: 0033:0x7764a6 Code: 44 48 89 8c 24 98 00 00 00 48 8d 05 d4 8f 15 00 48 89 04 24 e8 db 68 c9 ff 48 8b 44 24 08 48 8b 8c 24 98 00 00 00 0f b6 51 04 <8b> 19 48 8b 49 08 89 18 88 50 04 48 89 48 08 48 8d 0d 44 5f 3b 00 RSP: 002b:000000c00efce998 EFLAGS: 00000216 ORIG_RAX: ffffffffffffff13 RAX: 000000c01276b1e0 RBX: 0000000000000000 RCX: 000000c002a5beb0 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000010 RBP: 000000c00efcea88 R08: 00000000008cf460 R09: 0000000000203001 R10: 000000c01276b1e0 R11: 0000000000000001 R12: ffffffffffffffff R13: 000000000000011f R14: 000000000000011e R15: 0000000000000200 ================================================================================ netlink: 'syz-executor.5': attribute type 5 has an invalid length. device team_slave_0 entered promiscuous mode device team_slave_1 entered promiscuous mode device macsec1 entered promiscuous mode device team0 entered promiscuous mode netlink: 'syz-executor.5': attribute type 5 has an invalid length. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=104 sclass=netlink_route_socket pid=8841 comm=syz-executor.1 netlink: 'syz-executor.5': attribute type 5 has an invalid length. audit: type=1804 audit(1601397436.236:15): pid=8881 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/16/cgroup.controllers" dev="sda1" ino=15866 res=1 8021q: VLANs not supported on ipvlan1 audit: type=1804 audit(1601397436.376:16): pid=8900 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/16/memory.events" dev="sda1" ino=15865 res=1 audit: type=1800 audit(1601397436.376:17): pid=8900 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=15865 res=0 audit: type=1804 audit(1601397436.786:18): pid=8886 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/16/cgroup.controllers" dev="sda1" ino=15866 res=1 8021q: VLANs not supported on ipvlan1 audit: type=1804 audit(1601397436.816:19): pid=8900 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/16/memory.events" dev="sda1" ino=15865 res=1 audit: type=1800 audit(1601397436.816:20): pid=8900 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=15865 res=0 audit: type=1804 audit(1601397437.516:21): pid=8935 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/17/cgroup.controllers" dev="sda1" ino=15868 res=1 audit: type=1804 audit(1601397437.606:22): pid=8947 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir298793284/syzkaller.WvR9Jh/11/cgroup.controllers" dev="sda1" ino=15879 res=1 audit: type=1804 audit(1601397437.686:23): pid=8956 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/17/memory.events" dev="sda1" ino=15865 res=1 audit: type=1800 audit(1601397437.686:24): pid=8956 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=15865 res=0 netlink: 176 bytes leftover after parsing attributes in process `syz-executor.3'. nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 kauditd_printk_skb: 9 callbacks suppressed audit: type=1804 audit(1601397441.906:34): pid=9191 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/21/cgroup.controllers" dev="sda1" ino=15889 res=1 audit: type=1804 audit(1601397442.036:35): pid=9191 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/21/memory.events" dev="sda1" ino=15888 res=1 audit: type=1800 audit(1601397442.036:36): pid=9191 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=15888 res=0 audit: type=1804 audit(1601397442.876:37): pid=9258 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/22/cgroup.controllers" dev="sda1" ino=15896 res=1 IPVS: ftp: loaded support on port[0] = 21 audit: type=1804 audit(1601397443.006:38): pid=9271 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir097804089/syzkaller.QCnA02/22/memory.events" dev="sda1" ino=15894 res=1 audit: type=1800 audit(1601397443.006:39): pid=9271 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="memory.events" dev="sda1" ino=15894 res=0