netlink: 388 bytes leftover after parsing attributes in process `syz-executor.2'.
================================================================================
UBSAN: Undefined behaviour in net/sched/sch_api.c:375:22
shift exponent 93 is too large for 32-bit type 'int'
CPU: 0 PID: 9368 Comm: syz-executor.2 Not tainted 4.19.150-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
binder: 9383:9384 unknown command 0
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
binder: 9383:9384 ioctl c0306201 20000200 returned -22
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 __detect_linklayer net/sched/sch_api.c:375 [inline]
 qdisc_get_rtab.cold+0x1d/0x8e net/sched/sch_api.c:421
 tcf_police_init+0xe0c/0x11d0 net/sched/act_police.c:129
 tcf_action_init_1+0x1b0/0xc40 net/sched/act_api.c:873
 tcf_exts_validate+0x128/0x430 net/sched/cls_api.c:2060
 route4_set_parms net/sched/cls_route.c:396 [inline]
 route4_change+0x712/0x2560 net/sched/cls_route.c:514
 tc_new_tfilter+0xb38/0x1570 net/sched/cls_api.c:1320
 rtnetlink_rcv_msg+0x498/0xc10 net/core/rtnetlink.c:4778
 netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x717/0xcc0 net/netlink/af_netlink.c:1909
 sock_sendmsg_nosec net/socket.c:622 [inline]
 sock_sendmsg+0xc7/0x130 net/socket.c:632
 ___sys_sendmsg+0x3b3/0x8f0 net/socket.c:2115
 __sys_sendmmsg+0x195/0x470 net/socket.c:2210
 __do_sys_sendmmsg net/socket.c:2239 [inline]
 __se_sys_sendmmsg net/socket.c:2236 [inline]
 __x64_sys_sendmmsg+0x99/0x100 net/socket.c:2236
 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45de59
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f7a3aaf1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 0000000000027f40 RCX: 000000000045de59
RDX: 04924924924926d3 RSI: 0000000020000200 RDI: 0000000000000005
RBP: 000000000118bf68 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffd17bf320f R14: 00007f7a3aaf29c0 R15: 000000000118bf2c
================================================================================
================================================================================
UBSAN: Undefined behaviour in net/sched/sch_api.c:376:24
shift exponent 93 is too large for 32-bit type 'int'
CPU: 0 PID: 9368 Comm: syz-executor.2 Not tainted 4.19.150-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 __detect_linklayer net/sched/sch_api.c:376 [inline]
 qdisc_get_rtab.cold+0x7f/0x8e net/sched/sch_api.c:421
 tcf_police_init+0xe0c/0x11d0 net/sched/act_police.c:129
 tcf_action_init_1+0x1b0/0xc40 net/sched/act_api.c:873
 tcf_exts_validate+0x128/0x430 net/sched/cls_api.c:2060
 route4_set_parms net/sched/cls_route.c:396 [inline]
 route4_change+0x712/0x2560 net/sched/cls_route.c:514
new mount options do not match the existing superblock, will be ignored
 tc_new_tfilter+0xb38/0x1570 net/sched/cls_api.c:1320
 rtnetlink_rcv_msg+0x498/0xc10 net/core/rtnetlink.c:4778
 netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x717/0xcc0 net/netlink/af_netlink.c:1909
 sock_sendmsg_nosec net/socket.c:622 [inline]
 sock_sendmsg+0xc7/0x130 net/socket.c:632
 ___sys_sendmsg+0x3b3/0x8f0 net/socket.c:2115
 __sys_sendmmsg+0x195/0x470 net/socket.c:2210
 __do_sys_sendmmsg net/socket.c:2239 [inline]
 __se_sys_sendmmsg net/socket.c:2236 [inline]
 __x64_sys_sendmmsg+0x99/0x100 net/socket.c:2236
 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45de59
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f7a3aaf1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 0000000000027f40 RCX: 000000000045de59
RDX: 04924924924926d3 RSI: 0000000020000200 RDI: 0000000000000005
RBP: 000000000118bf68 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffd17bf320f R14: 00007f7a3aaf29c0 R15: 000000000118bf2c
================================================================================
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
new mount options do not match the existing superblock, will be ignored
netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
audit: type=1326 audit(1602855539.456:24): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0x0
audit: type=1326 audit(1602855540.127:25): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0x0