================================================================================ UBSAN: Undefined behaviour in ./include/linux/log2.h:61:13 shift exponent 64 is too large for 64-bit type 'long unsigned int' CPU: 0 PID: 8088 Comm: syz-executor.2 Not tainted 4.19.152-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422 __roundup_pow_of_two include/linux/log2.h:61 [inline] snd_pcm_oss_period_size sound/core/oss/pcm_oss.c:747 [inline] snd_pcm_oss_change_params_locked.cold+0x6d/0x11a sound/core/oss/pcm_oss.c:943 snd_pcm_oss_change_params sound/core/oss/pcm_oss.c:1102 [inline] snd_pcm_oss_get_active_substream+0x164/0x1c0 sound/core/oss/pcm_oss.c:1119 snd_pcm_oss_get_channels sound/core/oss/pcm_oss.c:1806 [inline] snd_pcm_oss_set_channels+0x244/0x380 sound/core/oss/pcm_oss.c:1798 snd_pcm_oss_ioctl+0x12dd/0x33c0 sound/core/oss/pcm_oss.c:2644 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xcdb/0x12e0 fs/ioctl.c:688 ksys_ioctl+0x9b/0xc0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:710 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45de59 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f3b3bc10c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000015f40 RCX: 000000000045de59 RDX: 0000000020000000 RSI: 00000000c0045006 RDI: 0000000000000008 RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffe884a63df R14: 00007f3b3bc119c0 R15: 000000000118bf2c ================================================================================ overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. overlayfs: filesystem on './file0' not supported as upperdir capability: warning: `syz-executor.0' uses 32-bit capabilities (legacy support in use) ptrace attach of "/root/syz-executor.0"[8122] was attempted by "/root/syz-executor.0"[8130] overlayfs: conflicting lowerdir path overlayfs: conflicting lowerdir path audit: type=1804 audit(1603121303.118:9): pid=8164 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir246197437/syzkaller.1iZdc3/3/bus" dev="sda1" ino=15772 res=1 overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. FAT-fs (loop5): bogus number of reserved sectors FAT-fs (loop5): Can't find a valid FAT filesystem FAT-fs (loop5): bogus number of reserved sectors FAT-fs (loop5): Can't find a valid FAT filesystem audit: type=1804 audit(1603121304.108:10): pid=8216 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir246197437/syzkaller.1iZdc3/4/bus" dev="sda1" ino=15755 res=1 IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 EXT4-fs (loop5): Unrecognized mount option "" or missing value audit: type=1804 audit(1603121306.199:11): pid=8292 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir246197437/syzkaller.1iZdc3/5/bus" dev="sda1" ino=15793 res=1 hfs: unable to parse mount options audit: type=1804 audit(1603121307.379:12): pid=8328 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir246197437/syzkaller.1iZdc3/6/bus" dev="sda1" ino=15797 res=1 audit: type=1804 audit(1603121307.499:13): pid=8332 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir837463980/syzkaller.wzg5Pf/11/bus" dev="sda1" ino=15798 res=1 audit: type=1804 audit(1603121307.539:14): pid=8333 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.5" name="/root/syzkaller-testdir837463980/syzkaller.wzg5Pf/11/bus" dev="sda1" ino=15798 res=1 netlink: 'syz-executor.0': attribute type 1 has an invalid length. audit: type=1804 audit(1603121308.419:15): pid=8364 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir246197437/syzkaller.1iZdc3/7/bus" dev="sda1" ino=15797 res=1 netlink: 'syz-executor.0': attribute type 1 has an invalid length. ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover. ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. audit: type=1804 audit(1603121311.219:16): pid=8505 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir246197437/syzkaller.1iZdc3/8/bus" dev="sda1" ino=15811 res=1 overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.