program: r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x40, &(0x7f00000000c0), 0xff, 0x4df, &(0x7f0000010a80)="$eJzs3c9rHFUcAPDv7Cb9GZuotdraarSKwR9Jk/6wBw8qCoIKgh7qMSZprd020kRoS9AoUs8F7+JR8OjJmxdRD+IfoOBRCkWD0FQUIrM7k2R/Jdsm6TbJ5wPbfW/2zcx7M+9l37y3Mw1g0+pN/0kiuiLi14jorkSrE/RW3mZnpkZuzEyNJDE39+afSTnd9ZmpkTxpvt7OLNJXiCh8msTzSf1+Jy5eOjNcKo2dz+IDk2ffH5i4eOmZ02eHT42dGjs3dPz4kcODzx4bOlq1XoNN1dneYFlaruv7Phzfv/eVt6+8PnLiyjs/fp1ua8+ByudZOba0sPmIG3W5eDViui5Zb3rU/porq/3s8ZZ2tH7ctSicdLQxI9yUYkSkp6uz3P67oxgLJ687Xv6krZkD1lT63bS1+cfTc8AGlkS7cwC0R/5Fn17/5q/47zZ1Pu4A115YuOifnZkamZ0fz+iIQra8cw333xsRJ6b/+SJ9Rc14CgDAWij3bZ6u6f+VFWJP+b0y17Erm0PpiYi7I+KeiLg3InZHxH0R5bT3R8QDlZXnulvcf29NvL7/U7jaMM+rJO3/Pbeo7zc7M1U9HFaInmL5rTLH0ROdycnTpbFD2THpi86taXxwiX1891LzaaXF/b/0leahJgNXOyoL5jcyOjw5vFoH4drHEfs6qsqfHf9kfiYgrQF7I2LfzW16Vx44/eRX+5slalT+vC+8rFWYZ5r7MuKJyvmfjpry55Im85NpHT82dHRgW5TGDg3ktaLeT79cfqPZ/ldU/lWQnv8d1fW/JkX330llvrYzSqWx8xM3v4/Lv33W9Jpm+fLP1/95af3fkrxVnrP++d3KsgvDk5PnByO2JK+V41lj2Rbp8qGFdS9k8Tx9Wv6+g43qf6H8Ny6y8/9gRKSV+EDEroci4uEs749ExKMRcXCJ8v/w4mPvLVH+JJJo6/kfjcbtP9OTLJ6vv4VA8cz33zabt2/t/B8pz673ZUvKf/+W0WoGV3j4AAAAYF0oRERXJIX+Sri3KwqF/v7Kb/h3x45CaXxi8qmT4x+cG63cI9ATnYV8pKt70XjoYJL//r0SH8rGivPPD2fjxp8Xt5fj/SPjpdE2lx02u53V7T/y9p/6o9ju3AFrrvk82hK3BgAbQm37L7QpH8Dt18rvaFwLwMbUoP0veobGv9W3CtU/5wJYxzoahIDNoVGr/6gmXtf/b/SULWDdqW//vzd4ZB2wEen1w+al/cPmpf3DprSS+/pvPZDfLLBk4jyLDdNsa/kO/80SyB8Ps5b72h4LS6JQDnRF07V2tOto5GPVSybubmWDEfHNivNTXIVypS2meklxuQKuMNDqf4YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwZ/s/AAD//16M4Cg=") perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0xb}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) r1 = creat(&(0x7f0000000380)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) write$FUSE_BMAP(r1, &(0x7f00000026c0)={0x18, 0x7b3620c31cc0b28a}, 0x18) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x139) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f00000003c0)={&(0x7f00000002c0)=""/168, 0xa8, 0x6, 0x6}) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3, 0x80000000, 0x0, 0x0, 0x19, 0x5, "ef359f413bb93852f7d6a4ae5c70f20ff8ee09e737ff0edf1139c2eb4b68c660e677df7019051caafa00afaaf755a314a10400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a323ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000522100000001", [0x8, 0x100]}) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x100000, 0x100fbff}]) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000071b2310000000000000088ff2a75b12d51da64e76ce917"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x17}, 0x80) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080)={[{@lazytime}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@resgid}], [], 0x3d}, 0x1, 0x522, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRdkVrJ00tI16KEVCcKoElPsSEieK4sRR7LSbqIKsOHBEQgiQOJULFyROnJBQJS4cEVIlOIMAgRBs4YAEdCrb43Q3GSfZjWNn4++TJvPmeeb97zma8byZp5kARtZTEfFyRLybpun1iJjM8gvZFHudqbXeO3feWGxNSaTpq/9IIsnyumWlbY/E1WyzyxHxlS9GfD05HLexs7u2UKtVt7LlSnN9s9LY2b2xur6wUl2pbszNzT4//8L8c/MzfWnnRES89Pm/fP87P/nCS7/89Ot/vPm3a99Isvw40I77VDzqw07TS+3v4u4Nth4w2HlUbLcwM563xtihnNtnXCcAAHr7QER8IiKux2SMHX06CwAAADyE0s9OxP+S7r27Qy71yAcAAAAeIoX2GNikUM7G+05EoVAuR3sM74fiSqFWbzQ/tVzf3ljqjJWdilJhebVWncnGCk9FKWktz7bT7y8/e2B5LiIej4jvTY63l8uL9drSsC9+AAAAwIi4eqD//+/JTv8fAAAAuGCmhl0BAAAA4Mzp/wMAAMDFp/8PAAAAF9qXXnmlNaXd918vvbazvVZ/7cZStbFWXt9eLC/WtzbLK/X6SvuZfevHlVer1zc/ExvbtyrNaqNZaezs3lyvb280b67e8wpsAAAAYIAe/9hbv08iYu/F8fbUculkm55wNeC8Ku6nkmyes1v/4bHO/M8DqhQwEGPDrgAwNMVhVwAYmtKwKwAMXXLM5z0H7/wmm3+8v/UBAAD6b/oj+ff/j78uuFcYQPWAM+T+H4wu+z+MrvZ5/klH8jrjhwul5AwARt6p7/8fK03vq0IAAEDfTbSnpFDOLu9NRKFQLkc82n4tQClZXq1VZyLisYj43WTpkdbybHvL5Ng+AwAAAAAAAAAAAAAAAAAAAAAAAADQkaZJpAAAAMCFFlH4a/KrzrP8pyefmTh4feBS8p/JyF4R+vqPXv3BrYVmc2u2lf/P/fzmD7P8Z4dxBQMAAABGQvF+Vu7207v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop3fuvLHYnQYZ9++fi4ipvPjFuNyeX45SRFz5VxLFu7ZLImKsD/HHW38+nBc/aVVrP2Re/PE3Tx9/7/aR8WMq+xby4l89fXgYaW+1jj8v5+1/hXiqPc/f/4oR9yw/qN7Hv9g//o312P8fPWGMJ97+WaVn/NsRTxTzjz/d+EmP+E/nFfjzbx/K+tpXd3d7xU/fjJjO/f1J7olVaa5vVho7uzdW1xdWqivVjbm52efnX5h/bn6msrxaq2Z/c2N896O/ePeo9l/pEX/qmPY/k1PepZy8/799684HO8lSXvxrT+fE//WPszUOxy9kv32fzNKtz6e76b1O+m5P/vS3Tx7V/qUe7T/u/3+tV6EHXP/yt/50wlUBgAFo7OyuLdRq1a3zkXgx+l5yq4c/9HY9fIn/pueiGmeb+GZfC0zTNG3tU6coJ4nBfQnJ0VUd9pEJAADot/dP+oddEwAAAAAAAAAAAAAAAAAAABhdg3jS2MGYe/uppB+P0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iv3AgAA//8ZWuAG") [ 110.275906][ T4654] Bluetooth: hci0: command tx timeout [ 110.416660][ T5334] loop0: detected capacity change from 0 to 512 [ 110.431358][ T5334] ======================================================= [ 110.431358][ T5334] WARNING: The mand mount option has been deprecated and [ 110.431358][ T5334] and is ignored by this kernel. Remove the mand [ 110.431358][ T5334] option from the mount to silence this warning. [ 110.431358][ T5334] ======================================================= [ 110.510687][ T5334] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.0: inode has both inline data and extents flags [ 110.529668][ T5334] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 110.530993][ T5334] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.0: couldn't read orphan inode 15 (err -117) [ 110.541137][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 110.541201][ C0] EXT4-fs (loop0): initial error at time 1782303327: ext4_orphan_get:1399: inode 15 [ 110.541221][ C0] EXT4-fs (loop0): last error at time 1782303327: ext4_orphan_get:1399: inode 15 [ 110.553335][ T5334] loop0: lost filesystem error report for type 5 error -117 [ 110.556630][ T5334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.920981][ T5335] loop0: detected capacity change from 512 to 511 [ 110.993244][ T5334] ================================================================== [ 110.996770][ T5334] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.000960][ T5334] Read of size 18446744073709551600 at addr ffff88801aa515b8 by task syz.0.0/5334 [ 111.005652][ T5334] [ 111.006815][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 111.006835][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.006843][ T5334] Call Trace: [ 111.006853][ T5334] [ 111.006861][ T5334] dump_stack_lvl+0xe8/0x150 [ 111.006883][ T5334] print_address_description+0x55/0x1e0 [ 111.006905][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.006923][ T5334] print_report+0x58/0x70 [ 111.006934][ T5334] kasan_report+0x117/0x150 [ 111.006955][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.006969][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.006983][ T5334] kasan_check_range+0x264/0x2c0 [ 111.006994][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.007009][ T5334] __asan_memmove+0x29/0x70 [ 111.007022][ T5334] ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.007042][ T5334] ext4_xattr_ibody_set+0x262/0x710 [ 111.007058][ T5334] ext4_destroy_inline_data_nolock+0x23a/0x5f0 [ 111.007076][ T5334] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10 [ 111.007094][ T5334] ? down_write+0x16d/0x200 [ 111.007160][ T5334] ? ext4_inode_journal_mode+0x18d/0x470 [ 111.007175][ T5334] ? ext4_fc_track_inode+0x4d/0x3f0 [ 111.007194][ T5334] ? ext4_fc_track_inode+0xf3/0x3f0 [ 111.007210][ T5334] ext4_convert_inline_data_to_extent+0x549/0xde0 [ 111.007230][ T5334] ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10 [ 111.007246][ T5334] ? clockevents_program_event+0x491/0x630 [ 111.007261][ T5334] ? ext4_inode_journal_mode+0x18d/0x470 [ 111.007273][ T5334] ? ext4_chunk_trans_extent+0x201/0x2a0 [ 111.007287][ T5334] ? ext4_try_to_write_inline_data+0x49/0xa0 [ 111.007303][ T5334] ext4_write_begin+0x349/0x1850 [ 111.007324][ T5334] ? __pfx_ext4_write_begin+0x10/0x10 [ 111.007340][ T5334] ? ext4_block_zero_range+0xfb/0xa50 [ 111.007353][ T5334] ? ext4_inode_journal_mode+0x18d/0x470 [ 111.007367][ T5334] generic_perform_write+0x2d5/0x8f0 [ 111.007384][ T5334] ? __pfx_generic_perform_write+0x10/0x10 [ 111.007397][ T5334] ext4_buffered_write_iter+0xcb/0x370 [ 111.007406][ T5334] ext4_file_write_iter+0x947/0x1c70 [ 111.007420][ T5334] ? io_submit_one+0x798/0x13d0 [ 111.007432][ T5334] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 111.007447][ T5334] ? aio_write+0x547/0x870 [ 111.007459][ T5334] aio_write+0x5cd/0x870 [ 111.007470][ T5334] ? trace_irq_disable+0x3b/0x140 [ 111.007482][ T5334] ? __pfx_aio_write+0x10/0x10 [ 111.007497][ T5334] ? __might_fault+0xaf/0x130 [ 111.007516][ T5334] io_submit_one+0x798/0x13d0 [ 111.007529][ T5334] ? lockdep_hardirqs_on+0x7a/0x110 [ 111.007543][ T5334] ? irqentry_exit+0x218/0x8f0 [ 111.007558][ T5334] ? __pfx_io_submit_one+0x10/0x10 [ 111.007569][ T5334] ? __might_fault+0xaf/0x130 [ 111.007584][ T5334] ? __might_fault+0xaf/0x130 [ 111.007598][ T5334] __se_sys_io_submit+0x195/0x340 [ 111.007616][ T5334] ? __pfx___se_sys_io_submit+0x10/0x10 [ 111.007635][ T5334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.007647][ T5334] do_syscall_64+0x174/0x580 [ 111.007662][ T5334] ? clear_bhb_loop+0x40/0x90 [ 111.007675][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.007686][ T5334] RIP: 0033:0x7f90bf79ce59 [ 111.007700][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.007709][ T5334] RSP: 002b:00007f90c063ffe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 111.007723][ T5334] RAX: ffffffffffffffda RBX: 00007f90bfa15fa0 RCX: 00007f90bf79ce59 [ 111.007734][ T5334] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f90c05f6000 [ 111.007743][ T5334] RBP: 00007f90bf832e6f R08: 0000000000000000 R09: 0000000000000000 [ 111.007751][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.007758][ T5334] R13: 00007f90bfa16038 R14: 00007f90bfa15fa0 R15: 00007ffccb2abe68 [ 111.007772][ T5334] [ 111.007777][ T5334] [ 111.179342][ T5334] The buggy address belongs to the physical page: [ 111.182177][ T5334] page: refcount:3 mapcount:0 mapping:ffff88801cc25940 index:0x2 pfn:0x1aa51 [ 111.186036][ T5334] memcg:ffff88801cf67c80 [ 111.188417][ T5334] aops:def_blk_aops ino:700000 dentry name(?):"" [ 111.192387][ T5334] flags: 0xfff18000004214(referenced|dirty|workingset|private|node=0|zone=1|lastcpupid=0x7ff) [ 111.197269][ T5334] raw: 00fff18000004214 0000000000000000 dead000000000122 ffff88801cc25940 [ 111.201371][ T5334] raw: 0000000000000002 ffff888043effa80 00000003ffffffff ffff88801cf67c80 [ 111.205849][ T5334] page dumped because: kasan: bad access detected [ 111.209181][ T5334] page_owner tracks the page as allocated [ 111.211788][ T5334] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5334, tgid 5332 (syz.0.0), ts 110962059746, free_ts 110958649447 [ 111.220272][ T5334] post_alloc_hook+0x1f9/0x250 [ 111.222502][ T5334] get_page_from_freelist+0x21fa/0x2270 [ 111.225167][ T5334] __alloc_frozen_pages_noprof+0x18d/0x380 [ 111.228187][ T5334] alloc_pages_mpol+0x212/0x380 [ 111.230364][ T5334] alloc_pages_noprof+0xac/0x2a0 [ 111.232616][ T5334] folio_alloc_noprof+0x1e/0x30 [ 111.234879][ T5334] filemap_alloc_folio_noprof+0x111/0x470 [ 111.237795][ T5334] __filemap_get_folio_mpol+0x402/0x1000 [ 111.240634][ T5334] bdev_getblk+0x1f4/0x6e0 [ 111.242510][ T5334] __ext4_get_inode_loc+0x56c/0xf40 [ 111.244598][ T5334] ext4_reserve_inode_write+0x18b/0x360 [ 111.246811][ T5334] __ext4_mark_inode_dirty+0x13e/0x700 [ 111.248725][ T5334] ext4_dirty_inode+0xd0/0x110 [ 111.250611][ T5334] __mark_inode_dirty+0x3a8/0x13b0 [ 111.252912][ T5334] file_update_time_flags+0x3ee/0x4a0 [ 111.255423][ T5334] ext4_write_checks+0x2a9/0x480 [ 111.257644][ T5334] page last free pid 5290 tgid 5290 stack trace: [ 111.260324][ T5334] free_unref_folios+0xd84/0x14a0 [ 111.262554][ T5334] folio_batch_move_lru+0x877/0xa60 [ 111.264847][ T5334] lru_add_drain_cpu+0xbc/0x750 [ 111.267050][ T5334] lru_add_drain+0x121/0x3e0 [ 111.269501][ T5334] __folio_batch_release+0x48/0x90 [ 111.272304][ T5334] shmem_undo_range+0x4e6/0x15d0 [ 111.274465][ T5334] shmem_evict_inode+0x280/0xa80 [ 111.276592][ T5334] evict+0x624/0xb50 [ 111.278131][ T5334] dentry_kill+0x1b9/0x880 [ 111.279809][ T5334] finish_dput+0x1a/0x260 [ 111.281554][ T5334] filename_renameat2+0x61b/0x9a0 [ 111.284133][ T5334] __se_sys_rename+0x55/0x2c0 [ 111.286964][ T5334] do_syscall_64+0x174/0x580 [ 111.289477][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.292302][ T5334] [ 111.293313][ T5334] Memory state around the buggy address: [ 111.295675][ T5334] ffff88801aa51480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.299178][ T5334] ffff88801aa51500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.302667][ T5334] >ffff88801aa51580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.306842][ T5334] ^ [ 111.309531][ T5334] ffff88801aa51600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.313070][ T5334] ffff88801aa51680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 111.316722][ T5334] ================================================================== [ 111.388469][ T5334] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 111.391497][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 111.395461][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.400967][ T5334] Call Trace: [ 111.402577][ T5334] [ 111.403938][ T5334] vpanic+0x56c/0xa60 [ 111.405760][ T5334] ? __pfx_vpanic+0x10/0x10 [ 111.407764][ T5334] ? irqentry_exit+0x218/0x8f0 [ 111.409657][ T5334] ? trace_irq_disable+0x3b/0x140 [ 111.411963][ T5334] panic+0xc5/0xd0 [ 111.413738][ T5334] ? __pfx_panic+0x10/0x10 [ 111.416034][ T5334] ? preempt_schedule_thunk+0x16/0x40 [ 111.418406][ T5334] ? preempt_schedule_thunk+0x16/0x40 [ 111.420474][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.422626][ T5334] check_panic_on_warn+0x89/0xb0 [ 111.424668][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.427259][ T5334] end_report+0x73/0x170 [ 111.429634][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.432215][ T5334] kasan_report+0x128/0x150 [ 111.434386][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.436841][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.439348][ T5334] kasan_check_range+0x264/0x2c0 [ 111.441723][ T5334] ? ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.444476][ T5334] __asan_memmove+0x29/0x70 [ 111.447371][ T5334] ext4_xattr_set_entry+0x92b/0x1ed0 [ 111.450024][ T5334] ext4_xattr_ibody_set+0x262/0x710 [ 111.452510][ T5334] ext4_destroy_inline_data_nolock+0x23a/0x5f0 [ 111.456142][ T5334] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10 [ 111.459234][ T5334] ? down_write+0x16d/0x200 [ 111.461360][ T5334] ? ext4_inode_journal_mode+0x18d/0x470 [ 111.463984][ T5334] ? ext4_fc_track_inode+0x4d/0x3f0 [ 111.466446][ T5334] ? ext4_fc_track_inode+0xf3/0x3f0 [ 111.468780][ T5334] ext4_convert_inline_data_to_extent+0x549/0xde0 [ 111.471688][ T5334] ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10 [ 111.475416][ T5334] ? clockevents_program_event+0x491/0x630 [ 111.478230][ T5334] ? ext4_inode_journal_mode+0x18d/0x470 [ 111.480699][ T5334] ? ext4_chunk_trans_extent+0x201/0x2a0 [ 111.483151][ T5334] ? ext4_try_to_write_inline_data+0x49/0xa0 [ 111.485842][ T5334] ext4_write_begin+0x349/0x1850 [ 111.488057][ T5334] ? __pfx_ext4_write_begin+0x10/0x10 [ 111.490458][ T5334] ? ext4_block_zero_range+0xfb/0xa50 [ 111.493196][ T5334] ? ext4_inode_journal_mode+0x18d/0x470 [ 111.496320][ T5334] generic_perform_write+0x2d5/0x8f0 [ 111.498686][ T5334] ? __pfx_generic_perform_write+0x10/0x10 [ 111.501259][ T5334] ext4_buffered_write_iter+0xcb/0x370 [ 111.503759][ T5334] ext4_file_write_iter+0x947/0x1c70 [ 111.506188][ T5334] ? io_submit_one+0x798/0x13d0 [ 111.508238][ T5334] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 111.510680][ T5334] ? aio_write+0x547/0x870 [ 111.512660][ T5334] aio_write+0x5cd/0x870 [ 111.514938][ T5334] ? trace_irq_disable+0x3b/0x140 [ 111.517658][ T5334] ? __pfx_aio_write+0x10/0x10 [ 111.519933][ T5334] ? __might_fault+0xaf/0x130 [ 111.521791][ T5334] io_submit_one+0x798/0x13d0 [ 111.523762][ T5334] ? lockdep_hardirqs_on+0x7a/0x110 [ 111.525870][ T5334] ? irqentry_exit+0x218/0x8f0 [ 111.527815][ T5334] ? __pfx_io_submit_one+0x10/0x10 [ 111.529987][ T5334] ? __might_fault+0xaf/0x130 [ 111.532236][ T5334] ? __might_fault+0xaf/0x130 [ 111.534803][ T5334] __se_sys_io_submit+0x195/0x340 [ 111.537176][ T5334] ? __pfx___se_sys_io_submit+0x10/0x10 [ 111.539658][ T5334] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.542206][ T5334] do_syscall_64+0x174/0x580 [ 111.544268][ T5334] ? clear_bhb_loop+0x40/0x90 [ 111.546550][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.549938][ T5334] RIP: 0033:0x7f90bf79ce59 [ 111.552236][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.560603][ T5334] RSP: 002b:00007f90c063ffe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 111.566166][ T5334] RAX: ffffffffffffffda RBX: 00007f90bfa15fa0 RCX: 00007f90bf79ce59 [ 111.570045][ T5334] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007f90c05f6000 [ 111.573963][ T5334] RBP: 00007f90bf832e6f R08: 0000000000000000 R09: 0000000000000000 [ 111.577663][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.581594][ T5334] R13: 00007f90bfa16038 R14: 00007f90bfa15fa0 R15: 00007ffccb2abe68 [ 111.585143][ T5334] [ 111.586925][ T5334] Kernel Offset: disabled [ 111.588754][ T5334] Rebooting in 86400 seconds..