================================================================================ UBSAN: Undefined behaviour in ./include/net/sch_generic.h:1051:7 shift exponent 129 is too large for 32-bit type 'int' CPU: 1 PID: 3128 Comm: aoe_tx0 Not tainted 4.19.152-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422 qdisc_l2t include/net/sch_generic.h:1051 [inline] cbq_update net/sched/sch_cbq.c:567 [inline] cbq_dequeue.cold+0x189/0x18e net/sched/sch_cbq.c:814 dequeue_skb net/sched/sch_generic.c:282 [inline] qdisc_restart net/sched/sch_generic.c:385 [inline] __qdisc_run+0x1b9/0x1680 net/sched/sch_generic.c:403 qdisc_run include/net/pkt_sched.h:120 [inline] net_tx_action+0x51e/0xce0 net/core/dev.c:4592 __do_softirq+0x27d/0xad2 kernel/softirq.c:292 do_softirq_own_stack+0x2a/0x40 arch/x86/entry/entry_64.S:1092 do_softirq.part.0+0x168/0x200 kernel/softirq.c:336 do_softirq kernel/softirq.c:328 [inline] __local_bh_enable_ip+0x22d/0x2a0 kernel/softirq.c:189 local_bh_enable include/linux/bottom_half.h:32 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:721 [inline] __dev_queue_xmit+0x171a/0x2ec0 net/core/dev.c:3865 tx+0x68/0xb0 drivers/block/aoe/aoenet.c:63 kthread+0x1d9/0x390 drivers/block/aoe/aoecmd.c:1241 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 ================================================================================ audit: type=1400 audit(1603298256.975:32): avc: denied { relabelfrom } for pid=23995 comm="syz-executor.3" name="" dev="pipefs" ino=79118 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1 audit: type=1400 audit(1603298256.985:33): avc: denied { mac_admin } for pid=23995 comm="syz-executor.3" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 netlink: 1 bytes leftover after parsing attributes in process `syz-executor.3'. TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. IPVS: ftp: loaded support on port[0] = 21 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'. Cannot find add_set index 0 as target SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24313 comm=syz-executor.2 netlink: 2211 bytes leftover after parsing attributes in process `syz-executor.2'.