program:
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x143042, 0xc0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x3, 0x0, 0x0, 0x4, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c678082004cb59d654cb9b1b165263bdbcef549ba197fce47ddfdd753abd950100172a00ffffff00f7ffffff000000f3e7f20000000200000000000600", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
fallocate(r0, 0x3, 0x0, 0x404042bbe)
[ 85.126285][ T5299] Bluetooth: hci0: command tx timeout
[ 85.314115][ T5322] loop0: detected capacity change from 0 to 512
[ 85.367398][ T5322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 85.416659][ T5322] loop0: detected capacity change from 512 to 0
[ 85.421378][ T172] I/O error, dev loop0, sector 32 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2
[ 85.434590][ T5322] ==================================================================
[ 85.438264][ T5322] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.442024][ T5322] Read of size 18446744073709551600 at addr ffff888038f19eb8 by task syz.0.0/5322
[ 85.445945][ T5322]
[ 85.447082][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.447102][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 85.447112][ T5322] Call Trace:
[ 85.447121][ T5322]
[ 85.447131][ T5322] dump_stack_lvl+0xe8/0x150
[ 85.447156][ T5322] print_report+0xba/0x230
[ 85.447175][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.447189][ T5322] kasan_report+0x117/0x150
[ 85.447204][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.447217][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.447229][ T5322] kasan_check_range+0x264/0x2c0
[ 85.447240][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.447254][ T5322] __asan_memmove+0x29/0x70
[ 85.447270][ T5322] ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.447285][ T5322] ext4_xattr_ibody_set+0x254/0x6a0
[ 85.447297][ T5322] ext4_destroy_inline_data_nolock+0x23a/0x5e0
[ 85.447313][ T5322] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[ 85.447334][ T5322] ? trace_kmalloc+0x2a/0x110
[ 85.447351][ T5322] ? __asan_memcpy+0x40/0x70
[ 85.447368][ T5322] ? ext4_read_inline_data+0x103/0x2c0
[ 85.447383][ T5322] ext4_convert_inline_data_nolock+0x208/0x990
[ 85.447399][ T5322] ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10
[ 85.447411][ T5322] ? down_write+0x16d/0x200
[ 85.447481][ T5322] ? ext4_get_inode_loc+0xc5/0xf0
[ 85.447501][ T5322] ext4_convert_inline_data+0x4ce/0x600
[ 85.447519][ T5322] ? __pfx_ext4_convert_inline_data+0x10/0x10
[ 85.447533][ T5322] ? down_write+0x16d/0x200
[ 85.447547][ T5322] ext4_fallocate+0x1e2/0x3d0
[ 85.447562][ T5322] vfs_fallocate+0x669/0x7e0
[ 85.447573][ T5322] ? __fget_files+0x2a/0x420
[ 85.447587][ T5322] ? __pfx_vfs_fallocate+0x10/0x10
[ 85.447597][ T5322] ? __fget_files+0x2a/0x420
[ 85.447610][ T5322] __x64_sys_fallocate+0xc0/0x110
[ 85.447621][ T5322] do_syscall_64+0x14d/0xf80
[ 85.447640][ T5322] ? trace_irq_disable+0x3b/0x150
[ 85.447657][ T5322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.447669][ T5322] ? clear_bhb_loop+0x40/0x90
[ 85.447680][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.447692][ T5322] RIP: 0033:0x7fb19b19c799
[ 85.447706][ T5322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 85.447737][ T5322] RSP: 002b:00007fb19bf92028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 85.447751][ T5322] RAX: ffffffffffffffda RBX: 00007fb19b415fa0 RCX: 00007fb19b19c799
[ 85.447759][ T5322] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[ 85.447766][ T5322] RBP: 00007fb19b232bd9 R08: 0000000000000000 R09: 0000000000000000
[ 85.447775][ T5322] R10: 0000000404042bbe R11: 0000000000000246 R12: 0000000000000000
[ 85.447782][ T5322] R13: 00007fb19b416038 R14: 00007fb19b415fa0 R15: 00007ffe735364a8
[ 85.447793][ T5322]
[ 85.447797][ T5322]
[ 85.588875][ T5322] The buggy address belongs to the physical page:
[ 85.591762][ T5322] page: refcount:2 mapcount:0 mapping:ffff88801cc25900 index:0x4 pfn:0x38f19
[ 85.595881][ T5322] memcg:ffff88801cac9a80
[ 85.598698][ T5322] aops:def_blk_aops ino:700000 dentry name(?):""
[ 85.603372][ T5322] flags: 0x4fff3800000482c(referenced|uptodate|lru|owner_2|private|node=1|zone=1|lastcpupid=0x7ff)
[ 85.608575][ T5322] raw: 04fff3800000482c ffffea0000fa9208 ffff8880304501a0 ffff88801cc25900
[ 85.612289][ T5322] raw: 0000000000000004 ffff8880473939f8 00000002ffffffff ffff88801cac9a80
[ 85.615851][ T5322] page dumped because: kasan: bad access detected
[ 85.618687][ T5322] page_owner tracks the page as allocated
[ 85.620923][ T5322] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5293, tgid 5293 (udevd), ts 85402329205, free_ts 85401053713
[ 85.631440][ T5322] post_alloc_hook+0x231/0x280
[ 85.633650][ T5322] get_page_from_freelist+0x24dc/0x2580
[ 85.636446][ T5322] __alloc_frozen_pages_noprof+0x18d/0x380
[ 85.639300][ T5322] alloc_pages_mpol+0x232/0x4a0
[ 85.642286][ T5322] alloc_pages_noprof+0xa8/0x190
[ 85.645356][ T5322] folio_alloc_noprof+0x1e/0x30
[ 85.647960][ T5322] filemap_alloc_folio_noprof+0x111/0x470
[ 85.651026][ T5322] page_cache_ra_unbounded+0x39b/0xa50
[ 85.653699][ T5322] force_page_cache_ra+0x26e/0x2e0
[ 85.656225][ T5322] filemap_get_pages+0x4c0/0x1f10
[ 85.658663][ T5322] filemap_read+0x447/0x1230
[ 85.661055][ T5322] blkdev_read_iter+0x30a/0x440
[ 85.663901][ T5322] vfs_read+0x582/0xa70
[ 85.666462][ T5322] ksys_read+0x150/0x270
[ 85.668437][ T5322] do_syscall_64+0x14d/0xf80
[ 85.670625][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.673376][ T5322] page last free pid 5322 tgid 5321 stack trace:
[ 85.676272][ T5322] free_unref_folios+0xed5/0x16d0
[ 85.678852][ T5322] folios_put_refs+0x789/0x8d0
[ 85.681306][ T5322] mapping_try_invalidate+0x3c2/0x4c0
[ 85.683792][ T5322] loop_set_status+0x29b/0xe40
[ 85.686105][ T5322] lo_ioctl+0xc21/0x1fb0
[ 85.688057][ T5322] blkdev_ioctl+0x5e3/0x740
[ 85.690209][ T5322] __se_sys_ioctl+0xfc/0x170
[ 85.692546][ T5322] do_syscall_64+0x14d/0xf80
[ 85.695133][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.698197][ T5322]
[ 85.699471][ T5322] Memory state around the buggy address:
[ 85.702141][ T5322] ffff888038f19d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.706086][ T5322] ffff888038f19e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.709790][ T5322] >ffff888038f19e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.713681][ T5322] ^
[ 85.716438][ T5322] ffff888038f19f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.720100][ T5322] ffff888038f19f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 85.724632][ T5322] ==================================================================
[ 85.750561][ T5322] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 85.753697][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.757798][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 85.762001][ T5322] Call Trace:
[ 85.763976][ T5322]
[ 85.766033][ T5322] vpanic+0x56c/0xa60
[ 85.768603][ T5322] ? __pfx_vpanic+0x10/0x10
[ 85.770610][ T5322] ? __pfx___schedule+0x10/0x10
[ 85.772971][ T5322] panic+0xc5/0xd0
[ 85.774639][ T5322] ? __pfx_panic+0x10/0x10
[ 85.776743][ T5322] ? preempt_schedule_thunk+0x16/0x30
[ 85.779276][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.782097][ T5322] check_panic_on_warn+0x89/0xb0
[ 85.784644][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.787566][ T5322] end_report+0x73/0x180
[ 85.789567][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.791874][ T5322] kasan_report+0x128/0x150
[ 85.793719][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.796109][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.798401][ T5322] kasan_check_range+0x264/0x2c0
[ 85.800847][ T5322] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.803682][ T5322] __asan_memmove+0x29/0x70
[ 85.806131][ T5322] ext4_xattr_set_entry+0x9c1/0x1e20
[ 85.808584][ T5322] ext4_xattr_ibody_set+0x254/0x6a0
[ 85.810802][ T5322] ext4_destroy_inline_data_nolock+0x23a/0x5e0
[ 85.813596][ T5322] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[ 85.817162][ T5322] ? trace_kmalloc+0x2a/0x110
[ 85.819886][ T5322] ? __asan_memcpy+0x40/0x70
[ 85.822175][ T5322] ? ext4_read_inline_data+0x103/0x2c0
[ 85.824722][ T5322] ext4_convert_inline_data_nolock+0x208/0x990
[ 85.827490][ T5322] ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10
[ 85.830573][ T5322] ? down_write+0x16d/0x200
[ 85.832482][ T5322] ? ext4_get_inode_loc+0xc5/0xf0
[ 85.834769][ T5322] ext4_convert_inline_data+0x4ce/0x600
[ 85.837273][ T5322] ? __pfx_ext4_convert_inline_data+0x10/0x10
[ 85.840440][ T5322] ? down_write+0x16d/0x200
[ 85.842838][ T5322] ext4_fallocate+0x1e2/0x3d0
[ 85.845100][ T5322] vfs_fallocate+0x669/0x7e0
[ 85.847087][ T5322] ? __fget_files+0x2a/0x420
[ 85.849084][ T5322] ? __pfx_vfs_fallocate+0x10/0x10
[ 85.851294][ T5322] ? __fget_files+0x2a/0x420
[ 85.853522][ T5322] __x64_sys_fallocate+0xc0/0x110
[ 85.855901][ T5322] do_syscall_64+0x14d/0xf80
[ 85.858264][ T5322] ? trace_irq_disable+0x3b/0x150
[ 85.860864][ T5322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.863647][ T5322] ? clear_bhb_loop+0x40/0x90
[ 85.865988][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.868505][ T5322] RIP: 0033:0x7fb19b19c799
[ 85.870396][ T5322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 85.879768][ T5322] RSP: 002b:00007fb19bf92028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 85.883792][ T5322] RAX: ffffffffffffffda RBX: 00007fb19b415fa0 RCX: 00007fb19b19c799
[ 85.887286][ T5322] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[ 85.890634][ T5322] RBP: 00007fb19b232bd9 R08: 0000000000000000 R09: 0000000000000000
[ 85.894021][ T5322] R10: 0000000404042bbe R11: 0000000000000246 R12: 0000000000000000
[ 85.897335][ T5322] R13: 00007fb19b416038 R14: 00007fb19b415fa0 R15: 00007ffe735364a8
[ 85.900794][ T5322]
[ 85.902437][ T5322] Kernel Offset: disabled
[ 85.904704][ T5322] Rebooting in 86400 seconds..