================================================================================ UBSAN: Undefined behaviour in net/netfilter/ipset/ip_set_hash_gen.h:125:6 shift exponent 32 is too large for 32-bit type 'unsigned int' CPU: 1 PID: 9396 Comm: syz-executor.3 Not tainted 4.19.150-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422 htable_bits net/netfilter/ipset/ip_set_hash_gen.h:125 [inline] hash_mac_create.cold+0x19/0x25 net/netfilter/ipset/ip_set_hash_gen.h:1290 ip_set_create+0x70e/0x1380 net/netfilter/ipset/ip_set_core.c:940 nfnetlink_rcv_msg+0xeff/0x1210 net/netfilter/nfnetlink.c:233 netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455 nfnetlink_rcv+0x1b2/0x41b net/netfilter/nfnetlink.c:565 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x717/0xcc0 net/netlink/af_netlink.c:1909 sock_sendmsg_nosec net/socket.c:622 [inline] sock_sendmsg+0xc7/0x130 net/socket.c:632 ___sys_sendmsg+0x7bb/0x8f0 net/socket.c:2115 __sys_sendmsg net/socket.c:2153 [inline] __do_sys_sendmsg net/socket.c:2162 [inline] __se_sys_sendmsg net/socket.c:2160 [inline] __x64_sys_sendmsg+0x132/0x220 net/socket.c:2160 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45de59 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f5bb7d2cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000029b40 RCX: 000000000045de59 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffd4b1a038f R14: 00007f5bb7d2d9c0 R15: 000000000118bf2c ================================================================================ overlayfs: failed to resolve './file0`ry$$Wu.J./file0': -2 overlayfs: unrecognized mount option "./file1" or missing value overlayfs: failed to resolve './file0`ry$$Wu.J./file0': -2 overlayfs: failed to resolve './file0`ry$$Wu.J./file0': -2 EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,errors=continue device wlan1 entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready device wlan1 left promiscuous mode device wlan1 entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready device wlan1 left promiscuous mode FAT-fs (loop1): Directory bread(block 6) failed FAT-fs (loop1): Directory bread(block 6) failed FAT-fs (loop1): Directory bread(block 6) failed FAT-fs (loop1): Directory bread(block 6) failed device wlan1 entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready FAT-fs (loop1): Directory bread(block 6) failed FAT-fs (loop1): Directory bread(block 6) failed device wlan1 left promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9598 comm=syz-executor.5 FAT-fs (loop1): Directory bread(block 6) failed FAT-fs (loop1): Directory bread(block 6) failed device wlan1 entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready FAT-fs (loop1): Directory bread(block 6) failed device ipvlan2 entered promiscuous mode audit: type=1800 audit(1602703107.985:27): pid=9637 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15935 res=0 gfs2: gfs2 mount does not exist FAT-fs (loop1): Directory bread(block 6) failed device ipvlan3 entered promiscuous mode overlayfs: missing 'lowerdir' overlayfs: missing 'lowerdir' gfs2: gfs2 mount does not exist FAT-fs (loop1): Directory bread(block 6) failed FAT-fs (loop1): Directory bread(block 6) failed overlayfs: missing 'lowerdir' overlayfs: missing 'lowerdir' 9pnet: p9_fd_create_unix (9728): problem connecting socket: qY3aK/file0: -20 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3729 sclass=netlink_route_socket pid=9724 comm=syz-executor.5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3729 sclass=netlink_route_socket pid=9724 comm=syz-executor.5 A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. Failed to obtain node identity Enabling of bearer rejected, failed to enable media netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. Failed to obtain node identity Enabling of bearer rejected, failed to enable media netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. Unknown ioctl 35299 IPVS: ftp: loaded support on port[0] = 21