print_req_error: I/O error, dev loop3, sector 208000
Buffer I/O error on dev loop3p5, logical block 208000, async page read
print_req_error: I/O error, dev loop3, sector 208000
Buffer I/O error on dev loop3p2, logical block 208000, async page read
================================================================================
UBSAN: Undefined behaviour in net/core/gen_estimator.c:87:38
shift exponent -246 is negative
CPU: 0 PID: 2322 Comm: kworker/0:1H Not tainted 4.19.148-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: kblockd blk_mq_run_work_fn
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 est_timer.cold+0x96/0x126 net/core/gen_estimator.c:87
 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338
 expire_timers+0x243/0x500 kernel/time/timer.c:1375
 __run_timers kernel/time/timer.c:1703 [inline]
 run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716
 __do_softirq+0x27d/0xad2 kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x22d/0x270 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x15f/0x5d0 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:console_unlock+0xd82/0x1080 kernel/printk/printk.c:2465
Code: 89 48 c1 e8 03 42 80 3c 38 00 0f 85 e9 02 00 00 48 83 3d c8 88 08 08 00 0f 84 ce 00 00 00 e8 f5 c1 16 00 48 8b 7c 24 18 57 9d <0f> 1f 44 00 00 e9 fb fc ff ff e8 df c1 16 00 0f 0b 48 c7 c7 c0 15
RSP: 0018:ffff8880a339f6f8 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
RAX: ffff8880a33920c0 RBX: 0000000000000200 RCX: 1ffff1101467253c
RDX: 0000000000000000 RSI: ffffffff815b00eb RDI: 0000000000000293
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000056
R13: ffffffff84ae0220 R14: ffffffff8a6edcd0 R15: dffffc0000000000
 vprintk_emit+0x2b8/0x7c0 kernel/printk/printk.c:1965
 vprintk_func+0x77/0x224 kernel/printk/printk_safe.c:397
 printk+0xba/0xed kernel/printk/printk.c:2040
 buffer_io_error fs/buffer.c:133 [inline]
 buffer_io_error fs/buffer.c:130 [inline]
 end_buffer_async_read+0x75c/0xc20 fs/buffer.c:267
 end_bio_bh_io_sync+0xe2/0x130 fs/buffer.c:2992
 bio_endio+0x47d/0x840 block/bio.c:1780
 req_bio_endio block/blk-core.c:278 [inline]
 blk_update_request+0x30f/0xea0 block/blk-core.c:3111
 blk_mq_end_request+0x4a/0x340 block/blk-mq.c:544
 blk_mq_dispatch_rq_list+0xf7d/0x1a00 block/blk-mq.c:1204
 blk_mq_do_dispatch_sched+0x187/0x400 block/blk-mq-sched.c:117
 blk_mq_sched_dispatch_requests+0x389/0x5b0 block/blk-mq-sched.c:213
 __blk_mq_run_hw_queue+0x185/0x290 block/blk-mq.c:1317
 blk_mq_run_work_fn+0x48/0x60 block/blk-mq.c:1550
 process_one_work+0x796/0x14e0 kernel/workqueue.c:2155
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2298
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
================================================================================
================================================================================
UBSAN: Undefined behaviour in net/core/gen_estimator.c:88:23
shift exponent 255 is too large for 64-bit type 'long long unsigned int'
CPU: 0 PID: 2322 Comm: kworker/0:1H Not tainted 4.19.148-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: kblockd blk_mq_run_work_fn
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 est_timer.cold+0xd6/0x126 net/core/gen_estimator.c:88
 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338
 expire_timers+0x243/0x500 kernel/time/timer.c:1375
 __run_timers kernel/time/timer.c:1703 [inline]
 run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716
 __do_softirq+0x27d/0xad2 kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x22d/0x270 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x15f/0x5d0 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:console_unlock+0xd82/0x1080 kernel/printk/printk.c:2465
Code: 89 48 c1 e8 03 42 80 3c 38 00 0f 85 e9 02 00 00 48 83 3d c8 88 08 08 00 0f 84 ce 00 00 00 e8 f5 c1 16 00 48 8b 7c 24 18 57 9d <0f> 1f 44 00 00 e9 fb fc ff ff e8 df c1 16 00 0f 0b 48 c7 c7 c0 15
RSP: 0018:ffff8880a339f6f8 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
RAX: ffff8880a33920c0 RBX: 0000000000000200 RCX: 1ffff1101467253c
RDX: 0000000000000000 RSI: ffffffff815b00eb RDI: 0000000000000293
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000056
R13: ffffffff84ae0220 R14: ffffffff8a6edcd0 R15: dffffc0000000000
 vprintk_emit+0x2b8/0x7c0 kernel/printk/printk.c:1965
 vprintk_func+0x77/0x224 kernel/printk/printk_safe.c:397
 printk+0xba/0xed kernel/printk/printk.c:2040
 buffer_io_error fs/buffer.c:133 [inline]
 buffer_io_error fs/buffer.c:130 [inline]
 end_buffer_async_read+0x75c/0xc20 fs/buffer.c:267
 end_bio_bh_io_sync+0xe2/0x130 fs/buffer.c:2992
 bio_endio+0x47d/0x840 block/bio.c:1780
 req_bio_endio block/blk-core.c:278 [inline]
 blk_update_request+0x30f/0xea0 block/blk-core.c:3111
 blk_mq_end_request+0x4a/0x340 block/blk-mq.c:544
 blk_mq_dispatch_rq_list+0xf7d/0x1a00 block/blk-mq.c:1204
 blk_mq_do_dispatch_sched+0x187/0x400 block/blk-mq-sched.c:117
 blk_mq_sched_dispatch_requests+0x389/0x5b0 block/blk-mq-sched.c:213
 __blk_mq_run_hw_queue+0x185/0x290 block/blk-mq.c:1317
 blk_mq_run_work_fn+0x48/0x60 block/blk-mq.c:1550
 process_one_work+0x796/0x14e0 kernel/workqueue.c:2155
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2298
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
================================================================================
================================================================================
UBSAN: Undefined behaviour in net/core/gen_estimator.c:90:46
shift exponent -246 is negative
CPU: 0 PID: 2322 Comm: kworker/0:1H Not tainted 4.19.148-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: kblockd blk_mq_run_work_fn
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 est_timer.cold+0x17/0x126 net/core/gen_estimator.c:90
 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338
 expire_timers+0x243/0x500 kernel/time/timer.c:1375
 __run_timers kernel/time/timer.c:1703 [inline]
 run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716
 __do_softirq+0x27d/0xad2 kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x22d/0x270 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x15f/0x5d0 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:console_unlock+0xd82/0x1080 kernel/printk/printk.c:2465
Code: 89 48 c1 e8 03 42 80 3c 38 00 0f 85 e9 02 00 00 48 83 3d c8 88 08 08 00 0f 84 ce 00 00 00 e8 f5 c1 16 00 48 8b 7c 24 18 57 9d <0f> 1f 44 00 00 e9 fb fc ff ff e8 df c1 16 00 0f 0b 48 c7 c7 c0 15
RSP: 0018:ffff8880a339f6f8 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
RAX: ffff8880a33920c0 RBX: 0000000000000200 RCX: 1ffff1101467253c
RDX: 0000000000000000 RSI: ffffffff815b00eb RDI: 0000000000000293
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000056
R13: ffffffff84ae0220 R14: ffffffff8a6edcd0 R15: dffffc0000000000
 vprintk_emit+0x2b8/0x7c0 kernel/printk/printk.c:1965
 vprintk_func+0x77/0x224 kernel/printk/printk_safe.c:397
 printk+0xba/0xed kernel/printk/printk.c:2040
 buffer_io_error fs/buffer.c:133 [inline]
 buffer_io_error fs/buffer.c:130 [inline]
 end_buffer_async_read+0x75c/0xc20 fs/buffer.c:267
 end_bio_bh_io_sync+0xe2/0x130 fs/buffer.c:2992
 bio_endio+0x47d/0x840 block/bio.c:1780
 req_bio_endio block/blk-core.c:278 [inline]
 blk_update_request+0x30f/0xea0 block/blk-core.c:3111
 blk_mq_end_request+0x4a/0x340 block/blk-mq.c:544
 blk_mq_dispatch_rq_list+0xf7d/0x1a00 block/blk-mq.c:1204
 blk_mq_do_dispatch_sched+0x187/0x400 block/blk-mq-sched.c:117
 blk_mq_sched_dispatch_requests+0x389/0x5b0 block/blk-mq-sched.c:213
 __blk_mq_run_hw_queue+0x185/0x290 block/blk-mq.c:1317
 blk_mq_run_work_fn+0x48/0x60 block/blk-mq.c:1550
 process_one_work+0x796/0x14e0 kernel/workqueue.c:2155
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2298
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
================================================================================
================================================================================
UBSAN: Undefined behaviour in net/core/gen_estimator.c:91:22
shift exponent 255 is too large for 64-bit type 'long long unsigned int'
CPU: 0 PID: 2322 Comm: kworker/0:1H Not tainted 4.19.148-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: kblockd blk_mq_run_work_fn
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x22c/0x33e lib/dump_stack.c:118
 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161
 __ubsan_handle_shift_out_of_bounds.cold+0x1c4/0x250 lib/ubsan.c:422
 est_timer.cold+0x5b/0x126 net/core/gen_estimator.c:91
 call_timer_fn+0x177/0x760 kernel/time/timer.c:1338
 expire_timers+0x243/0x500 kernel/time/timer.c:1375
 __run_timers kernel/time/timer.c:1703 [inline]
 run_timer_softirq+0x259/0x730 kernel/time/timer.c:1716
 __do_softirq+0x27d/0xad2 kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x22d/0x270 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x15f/0x5d0 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:console_unlock+0xd82/0x1080 kernel/printk/printk.c:2465
Code: 89 48 c1 e8 03 42 80 3c 38 00 0f 85 e9 02 00 00 48 83 3d c8 88 08 08 00 0f 84 ce 00 00 00 e8 f5 c1 16 00 48 8b 7c 24 18 57 9d <0f> 1f 44 00 00 e9 fb fc ff ff e8 df c1 16 00 0f 0b 48 c7 c7 c0 15
RSP: 0018:ffff8880a339f6f8 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
RAX: ffff8880a33920c0 RBX: 0000000000000200 RCX: 1ffff1101467253c
RDX: 0000000000000000 RSI: ffffffff815b00eb RDI: 0000000000000293
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000056
R13: ffffffff84ae0220 R14: ffffffff8a6edcd0 R15: dffffc0000000000
 vprintk_emit+0x2b8/0x7c0 kernel/printk/printk.c:1965
 vprintk_func+0x77/0x224 kernel/printk/printk_safe.c:397
 printk+0xba/0xed kernel/printk/printk.c:2040
 buffer_io_error fs/buffer.c:133 [inline]
 buffer_io_error fs/buffer.c:130 [inline]
 end_buffer_async_read+0x75c/0xc20 fs/buffer.c:267
 end_bio_bh_io_sync+0xe2/0x130 fs/buffer.c:2992
 bio_endio+0x47d/0x840 block/bio.c:1780
 req_bio_endio block/blk-core.c:278 [inline]
 blk_update_request+0x30f/0xea0 block/blk-core.c:3111
 blk_mq_end_request+0x4a/0x340 block/blk-mq.c:544
 blk_mq_dispatch_rq_list+0xf7d/0x1a00 block/blk-mq.c:1204
 blk_mq_do_dispatch_sched+0x187/0x400 block/blk-mq-sched.c:117
 blk_mq_sched_dispatch_requests+0x389/0x5b0 block/blk-mq-sched.c:213
 __blk_mq_run_hw_queue+0x185/0x290 block/blk-mq.c:1317
 blk_mq_run_work_fn+0x48/0x60 block/blk-mq.c:1550
 process_one_work+0x796/0x14e0 kernel/workqueue.c:2155
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2298
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
================================================================================
print_req_error: I/O error, dev loop3, sector 208001
Buffer I/O error on dev loop3p2, logical block 208001, async page read
print_req_error: I/O error, dev loop3, sector 208001
Buffer I/O error on dev loop3p5, logical block 208001, async page read
Buffer I/O error on dev loop3p2, logical block 208002, async page read
Buffer I/O error on dev loop3p5, logical block 208002, async page read
Buffer I/O error on dev loop3p2, logical block 208003, async page read
Buffer I/O error on dev loop3p5, logical block 208003, async page read
Buffer I/O error on dev loop3p2, logical block 208004, async page read
Buffer I/O error on dev loop3p5, logical block 208004, async page read
nla_parse: 12 callbacks suppressed
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
__ntfs_error: 38 callbacks suppressed
ntfs: (device loop0): ntfs_fill_super(): Unable to determine device size.
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
audit: type=1800 audit(1601433425.050:53): pid=4571 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=15835 res=0
ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume.
EXT4-fs (sda1): re-mounted. Opts: (null)
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=112 sclass=netlink_route_socket pid=4592 comm=syz-executor.5
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
overlayfs: filesystem on './file1' not supported as upperdir
print_req_error: 200 callbacks suppressed
print_req_error: I/O error, dev loop3, sector 1
print_req_error: I/O error, dev loop3, sector 1
buffer_io_error: 170 callbacks suppressed
Buffer I/O error on dev loop3p1, logical block 0, async page read
print_req_error: I/O error, dev loop3, sector 1
Buffer I/O error on dev loop3p1, logical block 0, async page read
print_req_error: I/O error, dev loop3, sector 208000
print_req_error: I/O error, dev loop3, sector 1
Buffer I/O error on dev loop3p1, logical block 0, async page read
print_req_error: I/O error, dev loop3, sector 208000
Buffer I/O error on dev loop3p2, logical block 208000, async page read
print_req_error: I/O error, dev loop3, sector 208001
Buffer I/O error on dev loop3p2, logical block 208001, async page read
print_req_error: I/O error, dev loop3, sector 208002
print_req_error: I/O error, dev loop3, sector 208003
Buffer I/O error on dev loop3p2, logical block 208002, async page read
print_req_error: I/O error, dev loop3, sector 208004
Buffer I/O error on dev loop3p2, logical block 208004, async page read
Buffer I/O error on dev loop3p2, logical block 208003, async page read
Buffer I/O error on dev loop3p2, logical block 208005, async page read
Buffer I/O error on dev loop3p2, logical block 208006, async page read
nla_parse: 33 callbacks suppressed
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
__ntfs_error: 36 callbacks suppressed
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
program syz-executor.5 is using a deprecated SCSI ioctl, please convert it to SG_IO
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume.
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
ntfs: (device loop0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
program syz-executor.5 is using a deprecated SCSI ioctl, please convert it to SG_IO
ntfs: (device loop0): ntfs_fill_super(): Not an NTFS volume.
sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
program syz-executor.5 is using a deprecated SCSI ioctl, please convert it to SG_IO
ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid.
sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
program syz-executor.5 is using a deprecated SCSI ioctl, please convert it to SG_IO
sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0