================================================================================ UBSAN: Undefined behaviour in ./include/net/red.h:272:18 shift exponent 223 is too large for 64-bit type 'long unsigned int' CPU: 1 PID: 18 Comm: ksoftirqd/1 Not tainted 4.19.148-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422 red_calc_qavg_from_idle_time include/net/red.h:272 [inline] red_adaptative_algo include/net/red.h:404 [inline] red_adaptative_timer+0x7ed/0x870 net/sched/sch_red.c:266 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338 expire_timers+0x243/0x500 kernel/time/timer.c:1375 __run_timers kernel/time/timer.c:1703 [inline] run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716 __do_softirq+0x27d/0xad2 kernel/softirq.c:292 run_ksoftirqd+0x57/0x130 kernel/softirq.c:653 smpboot_thread_fn+0x66e/0xa30 kernel/smpboot.c:164 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 ================================================================================ audit: type=1326 audit(1601176296.749:18): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12128 comm=5B2C7320F7189F08A5432CA4A02F6F exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460fba code=0x0 netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond1: link is not ready 8021q: adding VLAN 0 to HW filter on device bond1 bond1: The slave device specified does not support setting the MAC address netlink: 'syz-executor.2': attribute type 1 has an invalid length. bond2 (uninitialized): Released all slaves netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond2: link is not ready 8021q: adding VLAN 0 to HW filter on device bond2 bond2: The slave device specified does not support setting the MAC address XFS (loop5): Invalid superblock magic number XFS (loop5): Invalid superblock magic number netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond3: link is not ready 8021q: adding VLAN 0 to HW filter on device bond3 bond3: The slave device specified does not support setting the MAC address netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond4: link is not ready 8021q: adding VLAN 0 to HW filter on device bond4 bond4: The slave device specified does not support setting the MAC address netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond5: link is not ready 8021q: adding VLAN 0 to HW filter on device bond5 netlink: 'syz-executor.2': attribute type 1 has an invalid length. bond6 (uninitialized): Released all slaves netlink: 'syz-executor.2': attribute type 1 has an invalid length. bond6 (uninitialized): Released all slaves netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond6: link is not ready 8021q: adding VLAN 0 to HW filter on device bond6 netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond7: link is not ready 8021q: adding VLAN 0 to HW filter on device bond7 netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond8: link is not ready 8021q: adding VLAN 0 to HW filter on device bond8 nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond9: link is not ready 8021q: adding VLAN 0 to HW filter on device bond9 netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond10: link is not ready 8021q: adding VLAN 0 to HW filter on device bond10 netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond11: link is not ready 8021q: adding VLAN 0 to HW filter on device bond11 netlink: 'syz-executor.2': attribute type 1 has an invalid length. IPv6: ADDRCONF(NETDEV_UP): bond12: link is not ready 8021q: adding VLAN 0 to HW filter on device bond12 xt_limit: Overflow, try lower: 201326592/100663292 netlink: 'syz-executor.2': attribute type 1 has an invalid length. xt_limit: Overflow, try lower: 201326592/100663292