================================================================================
UBSAN: Undefined behaviour in net/sched/sch_api.c:375:22
shift exponent 255 is too large for 32-bit type 'int'
CPU: 1 PID: 8487 Comm: syz-executor.0 Not tainted 4.19.152-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 __detect_linklayer net/sched/sch_api.c:375 [inline]
 qdisc_get_rtab.cold+0x1d/0x8e net/sched/sch_api.c:421
 tbf_change+0x99d/0x1230 net/sched/sch_tbf.c:325
 tbf_init+0x91/0xc4 net/sched/sch_tbf.c:433
 qdisc_create+0x534/0x1080 net/sched/sch_api.c:1155
 tc_modify_qdisc+0x4c0/0x195b net/sched/sch_api.c:1571
 rtnetlink_rcv_msg+0x498/0xc10 net/core/rtnetlink.c:4778
 netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x717/0xcc0 net/netlink/af_netlink.c:1909
 sock_sendmsg_nosec net/socket.c:622 [inline]
 sock_sendmsg+0xc7/0x130 net/socket.c:632
 ___sys_sendmsg+0x7bb/0x8f0 net/socket.c:2115
 __sys_sendmsg net/socket.c:2153 [inline]
 __do_sys_sendmsg net/socket.c:2162 [inline]
 __se_sys_sendmsg net/socket.c:2160 [inline]
 __x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45de59
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fe41a839c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002e600 RCX: 000000000045de59
RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffdb46a533f R14: 00007fe41a83a9c0 R15: 000000000118bf2c
================================================================================
================================================================================
UBSAN: Undefined behaviour in net/sched/sch_api.c:376:24
shift exponent 255 is too large for 32-bit type 'int'
CPU: 0 PID: 8487 Comm: syz-executor.0 Not tainted 4.19.152-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 __detect_linklayer net/sched/sch_api.c:376 [inline]
 qdisc_get_rtab.cold+0x7f/0x8e net/sched/sch_api.c:421
 tbf_change+0x99d/0x1230 net/sched/sch_tbf.c:325
 tbf_init+0x91/0xc4 net/sched/sch_tbf.c:433
 qdisc_create+0x534/0x1080 net/sched/sch_api.c:1155
 tc_modify_qdisc+0x4c0/0x195b net/sched/sch_api.c:1571
 rtnetlink_rcv_msg+0x498/0xc10 net/core/rtnetlink.c:4778
 netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x717/0xcc0 net/netlink/af_netlink.c:1909
 sock_sendmsg_nosec net/socket.c:622 [inline]
 sock_sendmsg+0xc7/0x130 net/socket.c:632
 ___sys_sendmsg+0x7bb/0x8f0 net/socket.c:2115
 __sys_sendmsg net/socket.c:2153 [inline]
 __do_sys_sendmsg net/socket.c:2162 [inline]
 __se_sys_sendmsg net/socket.c:2160 [inline]
 __x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45de59
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fe41a839c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002e600 RCX: 000000000045de59
RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffdb46a533f R14: 00007fe41a83a9c0 R15: 000000000118bf2c
================================================================================
sch_tbf: burst 0 is lower than device lo mtu (65550) !
sch_tbf: burst 0 is lower than device lo mtu (65550) !
sch_tbf: burst 0 is lower than device lo mtu (65550) !
sch_tbf: burst 0 is lower than device lo mtu (65550) !
sch_tbf: burst 0 is lower than device lo mtu (65550) !
netlink: 'syz-executor.4': attribute type 1 has an invalid length.
netlink: 'syz-executor.4': attribute type 1 has an invalid length.
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
netlink: 'syz-executor.4': attribute type 1 has an invalid length.
CUSE: unknown device info "ÿÿÿÿ"
CUSE: unknown device info "!"
CUSE: unknown device info "*
ÇÍäÈ2Õ–IÍ?²"
CUSE: unknown device info "!"
CUSE: zero length info key specified
netlink: 'syz-executor.4': attribute type 1 has an invalid length.
CUSE: unknown device info "ÿÿÿÿ"
CUSE: unknown device info "!"
CUSE: unknown device info "*
ÇÍäÈ2Õ–IÍ?²"
CUSE: unknown device info "!"
CUSE: zero length info key specified
audit: type=1400 audit(1602937448.168:19): avc:  denied  { create } for  pid=8668 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1
audit: type=1400 audit(1602937448.238:20): avc:  denied  { name_connect } for  pid=8668 comm="syz-executor.4" dest=20000 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
CUSE: unknown device info "ÿÿÿÿ"
CUSE: unknown device info "!"
CUSE: unknown device info "*
ÇÍäÈ2Õ–IÍ?²"
CUSE: unknown device info "!"
nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
CUSE: zero length info key specified
syz-executor.4 (8670) used greatest stack depth: 23120 bytes left
CUSE: unknown device info "ÿÿÿÿ"
CUSE: unknown device info "!"
audit: type=1400 audit(1602937448.988:21): avc:  denied  { name_bind } for  pid=8726 comm="syz-executor.4" src=20000 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
CUSE: unknown device info "*
ÇÍäÈ2Õ–IÍ?²"
audit: type=1400 audit(1602937448.998:22): avc:  denied  { node_bind } for  pid=8726 comm="syz-executor.4" src=20000 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1
CUSE: unknown device info "!"
CUSE: zero length info key specified
CUSE: unknown device info "ÿÿÿÿ"
CUSE: unknown device info "!"
CUSE: unknown device info "*
ÇÍäÈ2Õ–IÍ?²"
CUSE: unknown device info "!"
CUSE: zero length info key specified
tmpfs: Bad value 'interleave"' for mount option 'mpol'
tmpfs: Bad value 'interleave"' for mount option 'mpol'