program:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500), 0xfd, 0x574, &(0x7f0000000cc0)="$eJzs3U1rG0cfAPD/ylLenOexAyG0PZRADk0JkWO7LykUkh5LGxpo76mwFRMsR8GSQ+wGmhyaSy8lFEppoPQD9N5j6Bfopwi0gVCCaQ+l4LLyylFsyW+RIyX6/WDtGe1KM6PZ/2pmV2IDGFjH0z+5iFcj4pskYqRlXT6ylcdXt1t+fHMqXZJYWfn0zyTOrXutJPs/nGVeiYhfv4o4ldtYbm1xabZUqZTns/xYfe7aWG1x6fSVudJMeaZ8dWJy8uzbkxPvvftO19r65sW/v//k/odnvz6x/N3PD4/cTeJ8HM7Wpe3qQhG3WjPHS/9mqUKcX7fheBcK6ydJryvArgxlcV6I9BgwEkNZ1AMvvy8jYgUYUIn4hwHVHAc05/Zdmge/MB59sDoB2tj+/Oq5kTjQmBsdWk6emhml893RLpSflvHLH/fupktsfh7i4BZ5gB25dTsizuTzG49/SXb8270zjZPHm1tfxqB9/kAv3U/HP8mtiA3xn1sb/0Sb8c9wm9jdja3jP/ewC8V0lI7/3m87/l07dI0OZbn/NcZ8heTylUr5TET8PyJORmF/mt/ses7Z5Qcrnda1jv/SJS2/ORbM6vEwv//p50yX6qVnaXOrR7cjXms7/k3W+j9p0//p+3Fxm2UcK997vdO6rdu/t1Z+inijbf8/uaKVbH59cqyxP4w194qN/rpz7LdO5fe6/Wn/H9q8/aNJ6/Xa2s7L+PHAP+VO63a7/+9LPmuk92WP3SjV6/PjEfuSj/PD6x+fePLcZr65fdr+kyfax/9m+386+fp8m+2/c/ROx037of+nd9T/O088+OiLHzqVv73+f6uROpk9sp3j33Yr+CzvHQAAAAAAAPSbXEQcjiRXXEvncsXi6vc7jsahXKVaq5+6XF24Oh2N38qORiHXvNI90vJ9iPHs+7DN/MS6/GREHImIb4cONvLFqWpluteNBwAAAAAAAAAAAAAAAAAAgD4x3OH3/6nfh3pdO2DPNW5ssL/XtQB6Yctb/nfjTk9AX9oy/oGX1s7j35kBeFn4/IfBJf5hcIl/GFzbjf/CyB5XBHjufP7D4BL/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FUXL1xIl5Xlxzen0vz09cWF2er109Pl2mxxbmGqOFWdv1acqVZnKuXiVHVuq9erVKvXxidi4cZYvVyrj9UWly7NVReu1i9dmSvNlC+VC8+lVQAAAAAAAAAAAAAAAAAAAPBiqS0uzZYqlfK8RMfEueiLauxlA1ft6un5fmmFRFcTPT4wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECL/wIAAP//AzIzTA==")
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
r1 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000009a40)={0x0, {}, 0x0, {}, 0x7, 0x0, 0x200000a, 0x0, "22536af39b7c7cb7435b0a43852dbc3a9ada34cc97af10fd4fc8a15748328c53096c2f359e9ba743d30b59c491a7b3e74d938981061383374a1d58471a2d2dfe", "0410b1617b6228918d46cc632e9e13be3626f4e25310f5db74161ccef2c5cf5e", [0x100000000]})
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
write$cgroup_subtree(r1, &(0x7f00000000c0)={[{0x2b, 'blkio'}]}, 0x7)
fallocate(r1, 0x0, 0x5, 0x9)

[   84.883189][ T5289] Bluetooth: hci0: command tx timeout
[   85.011491][ T5325] loop0: detected capacity change from 0 to 1024
[   85.049775][ T5325] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.093514][ T5325] loop0: detected capacity change from 1024 to 1023
[   85.103843][ T5325] ==================================================================
[   85.106935][ T5325] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x92b/0x1ed0
[   85.110309][ T5325] Read of size 18446744073709551600 at addr ffff88801f4612b8 by task syz.0.0/5325
[   85.114857][ T5325] 
[   85.116601][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.116620][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.116629][ T5325] Call Trace:
[   85.116639][ T5325]  <TASK>
[   85.116645][ T5325]  dump_stack_lvl+0xe8/0x150
[   85.116667][ T5325]  print_address_description+0x55/0x1e0
[   85.116684][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.116702][ T5325]  print_report+0x58/0x70
[   85.116713][ T5325]  kasan_report+0x117/0x150
[   85.116741][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.116758][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.116771][ T5325]  kasan_check_range+0x264/0x2c0
[   85.116788][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.116802][ T5325]  __asan_memmove+0x29/0x70
[   85.116816][ T5325]  ext4_xattr_set_entry+0x92b/0x1ed0
[   85.116834][ T5325]  ext4_xattr_ibody_set+0x262/0x710
[   85.116849][ T5325]  ext4_destroy_inline_data_nolock+0x23a/0x5f0
[   85.116867][ T5325]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   85.116886][ T5325]  ? trace_kmalloc+0x2a/0xf0
[   85.116901][ T5325]  ? __asan_memcpy+0x40/0x70
[   85.116914][ T5325]  ? ext4_read_inline_data+0x100/0x2b0
[   85.116933][ T5325]  ext4_convert_inline_data_nolock+0x208/0x980
[   85.116948][ T5325]  ? __pfx___ext4_get_inode_loc+0x10/0x10
[   85.116962][ T5325]  ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10
[   85.116977][ T5325]  ? down_write+0x16d/0x200
[   85.117042][ T5325]  ext4_convert_inline_data+0x484/0x5c0
[   85.117063][ T5325]  ? __pfx_ext4_convert_inline_data+0x10/0x10
[   85.117080][ T5325]  ? down_write+0x16d/0x200
[   85.117093][ T5325]  ? __pfx_down_write+0x10/0x10
[   85.117106][ T5325]  ext4_fallocate+0x1e2/0x400
[   85.117121][ T5325]  vfs_fallocate+0x65a/0x7e0
[   85.117135][ T5325]  ? __pfx_vfs_fallocate+0x10/0x10
[   85.117150][ T5325]  __x64_sys_fallocate+0xbf/0x110
[   85.117162][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.117174][ T5325]  do_syscall_64+0x174/0x580
[   85.117191][ T5325]  ? trace_irq_disable+0x3b/0x140
[   85.117208][ T5325]  ? clear_bhb_loop+0x40/0x90
[   85.117223][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.117237][ T5325] RIP: 0033:0x7fcd36f9ce59
[   85.117251][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.117263][ T5325] RSP: 002b:00007fcd37e3dfe8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   85.117279][ T5325] RAX: ffffffffffffffda RBX: 00007fcd37215fa0 RCX: 00007fcd36f9ce59
[   85.117288][ T5325] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000005
[   85.117295][ T5325] RBP: 00007fcd37032e6f R08: 0000000000000000 R09: 0000000000000000
[   85.117302][ T5325] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[   85.117309][ T5325] R13: 00007fcd37216038 R14: 00007fcd37215fa0 R15: 00007ffc75028d18
[   85.117320][ T5325]  </TASK>
[   85.117325][ T5325] 
[   85.247526][ T5325] The buggy address belongs to the physical page:
[   85.249924][ T5325] page: refcount:3 mapcount:0 mapping:ffff88801cc25940 index:0x2 pfn:0x1f461
[   85.253185][ T5325] memcg:ffff88803eb97e80
[   85.254796][ T5325] aops:def_blk_aops ino:700000 dentry name(?):""
[   85.257307][ T5325] flags: 0xfff18000004214(referenced|dirty|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[   85.261417][ T5325] raw: 00fff18000004214 0000000000000000 dead000000000122 ffff88801cc25940
[   85.265715][ T5325] raw: 0000000000000002 ffff88801ccc28c0 00000003ffffffff ffff88803eb97e80
[   85.269338][ T5325] page dumped because: kasan: bad access detected
[   85.271914][ T5325] page_owner tracks the page as allocated
[   85.274316][ T5325] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5325, tgid 5324 (syz.0.0), ts 85102265866, free_ts 85016373641
[   85.282793][ T5325]  post_alloc_hook+0x1f9/0x250
[   85.284846][ T5325]  get_page_from_freelist+0x21fa/0x2270
[   85.287298][ T5325]  __alloc_frozen_pages_noprof+0x18d/0x380
[   85.289673][ T5325]  alloc_pages_mpol+0x212/0x380
[   85.291650][ T5325]  alloc_pages_noprof+0xac/0x2a0
[   85.293707][ T5325]  folio_alloc_noprof+0x1e/0x30
[   85.296106][ T5325]  filemap_alloc_folio_noprof+0x111/0x470
[   85.299041][ T5325]  __filemap_get_folio_mpol+0x402/0x1000
[   85.301664][ T5325]  bdev_getblk+0x1f4/0x6e0
[   85.303507][ T5325]  __ext4_get_inode_loc+0x56c/0xf40
[   85.305624][ T5325]  ext4_get_inode_loc+0x81/0xf0
[   85.307493][ T5325]  ext4_xattr_ibody_get+0x113/0x4b0
[   85.309751][ T5325]  ext4_xattr_get+0x121/0x690
[   85.311765][ T5325]  __vfs_getxattr+0x412/0x440
[   85.314026][ T5325]  cap_inode_need_killpriv+0x45/0x60
[   85.316655][ T5325]  security_inode_need_killpriv+0x85/0x240
[   85.319576][ T5325] page last free pid 75 tgid 75 stack trace:
[   85.322177][ T5325]  free_unref_folios+0xd87/0x14a0
[   85.324366][ T5325]  shrink_folio_list+0x2b7d/0x5320
[   85.326773][ T5325]  evict_folios+0x3821/0x4b40
[   85.328888][ T5325]  try_to_shrink_lruvec+0xb4f/0xed0
[   85.331146][ T5325]  shrink_one+0x233/0x730
[   85.332926][ T5325]  shrink_node+0x3303/0x3b60
[   85.334752][ T5325]  kswapd+0x17b6/0x31c0
[   85.336899][ T5325]  kthread+0x388/0x470
[   85.339203][ T5325]  ret_from_fork+0x514/0xb70
[   85.340943][ T5325]  ret_from_fork_asm+0x1a/0x30
[   85.342714][ T5325] 
[   85.343757][ T5325] Memory state around the buggy address:
[   85.346302][ T5325]  ffff88801f461180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.349608][ T5325]  ffff88801f461200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.353770][ T5325] >ffff88801f461280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.357881][ T5325]                                         ^
[   85.360459][ T5325]  ffff88801f461300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.363857][ T5325]  ffff88801f461380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   85.367060][ T5325] ==================================================================
[   85.397452][ T5325] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.400805][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.404579][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.409186][ T5325] Call Trace:
[   85.410935][ T5325]  <TASK>
[   85.412358][ T5325]  vpanic+0x56c/0xa60
[   85.414357][ T5325]  ? __pfx_vpanic+0x10/0x10
[   85.416609][ T5325]  ? rcu_is_watching+0x15/0xb0
[   85.418745][ T5325]  panic+0xc5/0xd0
[   85.420413][ T5325]  ? __pfx_panic+0x10/0x10
[   85.422630][ T5325]  ? preempt_schedule_thunk+0x16/0x40
[   85.425316][ T5325]  ? preempt_schedule_thunk+0x16/0x40
[   85.428018][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.430715][ T5325]  check_panic_on_warn+0x89/0xb0
[   85.433062][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.435480][ T5325]  end_report+0x73/0x170
[   85.437345][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.439540][ T5325]  kasan_report+0x128/0x150
[   85.441521][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.444912][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.448042][ T5325]  kasan_check_range+0x264/0x2c0
[   85.450197][ T5325]  ? ext4_xattr_set_entry+0x92b/0x1ed0
[   85.452527][ T5325]  __asan_memmove+0x29/0x70
[   85.454273][ T5325]  ext4_xattr_set_entry+0x92b/0x1ed0
[   85.456548][ T5325]  ext4_xattr_ibody_set+0x262/0x710
[   85.458710][ T5325]  ext4_destroy_inline_data_nolock+0x23a/0x5f0
[   85.461288][ T5325]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   85.464101][ T5325]  ? trace_kmalloc+0x2a/0xf0
[   85.466316][ T5325]  ? __asan_memcpy+0x40/0x70
[   85.468779][ T5325]  ? ext4_read_inline_data+0x100/0x2b0
[   85.471563][ T5325]  ext4_convert_inline_data_nolock+0x208/0x980
[   85.474333][ T5325]  ? __pfx___ext4_get_inode_loc+0x10/0x10
[   85.476585][ T5325]  ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10
[   85.479247][ T5325]  ? down_write+0x16d/0x200
[   85.481123][ T5325]  ext4_convert_inline_data+0x484/0x5c0
[   85.483560][ T5325]  ? __pfx_ext4_convert_inline_data+0x10/0x10
[   85.486196][ T5325]  ? down_write+0x16d/0x200
[   85.488246][ T5325]  ? __pfx_down_write+0x10/0x10
[   85.490959][ T5325]  ext4_fallocate+0x1e2/0x400
[   85.493460][ T5325]  vfs_fallocate+0x65a/0x7e0
[   85.495633][ T5325]  ? __pfx_vfs_fallocate+0x10/0x10
[   85.497789][ T5325]  __x64_sys_fallocate+0xbf/0x110
[   85.499836][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.502379][ T5325]  do_syscall_64+0x174/0x580
[   85.504375][ T5325]  ? trace_irq_disable+0x3b/0x140
[   85.506774][ T5325]  ? clear_bhb_loop+0x40/0x90
[   85.509374][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.512410][ T5325] RIP: 0033:0x7fcd36f9ce59
[   85.514405][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.521996][ T5325] RSP: 002b:00007fcd37e3dfe8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   85.525861][ T5325] RAX: ffffffffffffffda RBX: 00007fcd37215fa0 RCX: 00007fcd36f9ce59
[   85.529723][ T5325] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000005
[   85.533003][ T5325] RBP: 00007fcd37032e6f R08: 0000000000000000 R09: 0000000000000000
[   85.536237][ T5325] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[   85.540177][ T5325] R13: 00007fcd37216038 R14: 00007fcd37215fa0 R15: 00007ffc75028d18
[   85.544939][ T5325]  </TASK>
[   85.547339][ T5325] Kernel Offset: disabled
[   85.549764][ T5325] Rebooting in 86400 seconds..