program: r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@stripe={'stripe', 0x3d, 0x8001}}, {@auto_da_alloc}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=") lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = creat(&(0x7f0000000380)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r6, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r5, &(0x7f0000000000), 0x100000}]) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0xc0189373, &(0x7f0000000b80)={{0x1, 0x1, 0x18, r0, {0x62e}}, './file1\x00'}) r7 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r4) setxattr$incfs_id(&(0x7f0000000d00)='./file1\x00', &(0x7f0000000d40), &(0x7f0000000d80)={'0000000000000000000000000000000', 0x32}, 0x20, 0x0) sendmsg$NLBL_CALIPSO_C_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="2501000000000000ffe200000008000200020000000800010003000000315029111e6e0374cef0be2a02a70e28497d763f6e15b26e07cac757b765efd00048bcb194e6cccd8295af21a44a260ca35a361eec28a904e98c19e88a55660257661e3c4954f660dfd268cbd0f6c035ebb8a5cf2f05cb106756061fd89fe7737341eb71064a7f62aad15c6ad87922244beb654f81510bc0892e42d9124f5128d63655d016ced260e084b3a9743d8c02b185529a55e65810fe88100c230584e6eee705e603f6cb2c6ca674ba5182c7632e789bad01d92d2cceb60e517d5aa46a7cee9dbf319c58f7e2d3f1572daf537464a58df130489ea6f04ba488b10fc1dc7ae6320b1fbc4b8baca40a8f214c44c3e8cff8ce95ac2b8e2aa3b451f7470b5191c9e1f777ca52e55d1b27f18f73fb1c69a8a6866c17b96df470e89783aa6765f69865"], 0x24}}, 0x0) sendmsg$NLBL_CALIPSO_C_LIST(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="7c8c16330b21a8f038a0766e92e98a2087646e9391f5d72658bcdc19a078fa71332b415b4f4def9793e8ea169356bc40bad078ddf8fd7054e5f070775a5b0a60d27b3b108739ea3e7868436bf1e27704b782c50000ed0181414d09fa7063c4395e68c6dd5e2b0864261056031787190abd0e6d9e74a8d0bc598d11", @ANYRES16=r7, @ANYBLOB="010025bd7000fedbdf25030000000800010002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2400c001}, 0x8040) sendmsg$NLBL_CALIPSO_C_ADD(r1, &(0x7f0000000900)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x2c, r7, 0x20, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x844}, 0xc000) sendmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0xe000}, 0x5}], 0x1, 0x8804) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) r8 = socket(0x10, 0x3, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4400000011000100000000000000000007000000", @ANYRES32=r10, @ANYBLOB="000000000000000024001a80200005801c00018008000200000000000800010000000000080003"], 0x44}}, 0x0) sendmmsg$alg(r8, &(0x7f0000000140), 0x4924b68, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_DAEMON(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)={0x28, r12, 0x73976972ba3f4b55, 0x0, 0x0, {0x8}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x28}}, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(r5, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x6400800}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x44, r12, 0x400, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x18}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004000}, 0x8840) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0x9, 0xa}, {0x1, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000600)=[{{&(0x7f0000000180)={0xa, 0x4e22, 0xfff, @local, 0x5}, 0x1c, 0x0}}], 0x1, 0x810) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000100)=ANY=[@ANYRESHEX=r0, @ANYRESHEX], 0xfe37, 0x0) [ 104.525686][ T5309] Bluetooth: hci0: command tx timeout [ 104.673533][ T5330] loop0: detected capacity change from 0 to 1024 [ 104.691322][ T5330] ======================================================= [ 104.691322][ T5330] WARNING: The mand mount option has been deprecated and [ 104.691322][ T5330] and is ignored by this kernel. Remove the mand [ 104.691322][ T5330] option from the mount to silence this warning. [ 104.691322][ T5330] ======================================================= [ 104.748713][ T5330] EXT4-fs (loop0): stripe (32769) is not aligned with cluster size (16), stripe is disabled [ 104.775735][ T5330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.808172][ T5330] ================================================================== [ 104.811762][ T5330] BUG: KASAN: slab-out-of-bounds in ext4_xattr_set_entry+0x17ab/0x1e20 [ 104.815696][ T5330] Write of size 1969448308 at addr ffff888036d2b000 by task syz.0.0/5330 [ 104.819683][ T5330] [ 104.820852][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 104.820865][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 104.820873][ T5330] Call Trace: [ 104.820881][ T5330] [ 104.820887][ T5330] dump_stack_lvl+0xe8/0x150 [ 104.820912][ T5330] print_report+0xba/0x230 [ 104.820927][ T5330] ? ext4_xattr_set_entry+0x17ab/0x1e20 [ 104.820939][ T5330] kasan_report+0x117/0x150 [ 104.820954][ T5330] ? ext4_xattr_set_entry+0x17ab/0x1e20 [ 104.820969][ T5330] kasan_check_range+0x264/0x2c0 [ 104.820981][ T5330] __asan_memset+0x22/0x50 [ 104.820995][ T5330] ext4_xattr_set_entry+0x17ab/0x1e20 [ 104.821012][ T5330] ext4_xattr_block_set+0x878/0x2ad0 [ 104.821024][ T5330] ? __pfx_ext4_free_in_core_inode+0x10/0x10 [ 104.821043][ T5330] ? __pfx_evict+0x10/0x10 [ 104.821053][ T5330] ? do_raw_spin_unlock+0x4d/0x210 [ 104.821067][ T5330] ? _raw_spin_unlock+0x28/0x50 [ 104.821146][ T5330] ? iput+0xb25/0xe80 [ 104.821165][ T5330] ? __pfx_ext4_xattr_block_set+0x10/0x10 [ 104.821177][ T5330] ? ext4_xattr_ibody_set+0x510/0x6a0 [ 104.821190][ T5330] ext4_xattr_set_handle+0xe34/0x14c0 [ 104.821206][ T5330] ? __pfx_ext4_xattr_set_handle+0x10/0x10 [ 104.821221][ T5330] ext4_xattr_set+0x255/0x340 [ 104.821235][ T5330] ? __pfx_ext4_xattr_set+0x10/0x10 [ 104.821247][ T5330] ? __pfx_evm_protect_xattr+0x10/0x10 [ 104.821293][ T5330] ? __pfx_ext4_xattr_trusted_set+0x10/0x10 [ 104.821307][ T5330] __vfs_setxattr+0x43c/0x480 [ 104.821326][ T5330] __vfs_setxattr_noperm+0x12d/0x660 [ 104.821341][ T5330] vfs_setxattr+0x163/0x360 [ 104.821355][ T5330] ? __pfx_vfs_setxattr+0x10/0x10 [ 104.821372][ T5330] filename_setxattr+0x296/0x630 [ 104.821390][ T5330] ? __pfx_filename_setxattr+0x10/0x10 [ 104.821403][ T5330] ? do_getname+0x151/0x250 [ 104.821415][ T5330] path_setxattrat+0x3eb/0x440 [ 104.821428][ T5330] ? __pfx_path_setxattrat+0x10/0x10 [ 104.821437][ T5330] ? do_futex+0x395/0x420 [ 104.821458][ T5330] ? rcu_is_watching+0x15/0xb0 [ 104.821473][ T5330] __x64_sys_lsetxattr+0xbf/0xe0 [ 104.821487][ T5330] do_syscall_64+0x14d/0xf80 [ 104.821498][ T5330] ? trace_irq_disable+0x3b/0x150 [ 104.821513][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.821524][ T5330] ? clear_bhb_loop+0x40/0x90 [ 104.821536][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.821555][ T5330] RIP: 0033:0x7fe9cc99c799 [ 104.821569][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 104.821580][ T5330] RSP: 002b:00007fe9cd833fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 104.821596][ T5330] RAX: ffffffffffffffda RBX: 00007fe9ccc15fa0 RCX: 00007fe9cc99c799 [ 104.821607][ T5330] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000280 [ 104.821616][ T5330] RBP: 00007fe9cca32c99 R08: 0000000000000000 R09: 0000000000000000 [ 104.821624][ T5330] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 104.821632][ T5330] R13: 00007fe9ccc16038 R14: 00007fe9ccc15fa0 R15: 00007ffefb0345b8 [ 104.821645][ T5330] [ 104.821648][ T5330] [ 104.962889][ T5330] Allocated by task 5330: [ 104.965024][ T5330] kasan_save_track+0x3e/0x80 [ 104.967183][ T5330] __kasan_kmalloc+0x93/0xb0 [ 104.969257][ T5330] __kmalloc_node_track_caller_noprof+0x4db/0x7b0 [ 104.972216][ T5330] kmemdup_noprof+0x2b/0x70 [ 104.974410][ T5330] ext4_xattr_block_set+0x787/0x2ad0 [ 104.977463][ T5330] ext4_xattr_set_handle+0xe34/0x14c0 [ 104.980035][ T5330] ext4_xattr_set+0x255/0x340 [ 104.982121][ T5330] __vfs_setxattr+0x43c/0x480 [ 104.984182][ T5330] __vfs_setxattr_noperm+0x12d/0x660 [ 104.986355][ T5330] vfs_setxattr+0x163/0x360 [ 104.987989][ T5330] filename_setxattr+0x296/0x630 [ 104.990251][ T5330] path_setxattrat+0x3eb/0x440 [ 104.992613][ T5330] __x64_sys_lsetxattr+0xbf/0xe0 [ 104.995212][ T5330] do_syscall_64+0x14d/0xf80 [ 104.997621][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.000327][ T5330] [ 105.001399][ T5330] The buggy address belongs to the object at ffff888036d2b000 [ 105.001399][ T5330] which belongs to the cache kmalloc-1k of size 1024 [ 105.007195][ T5330] The buggy address is located 0 bytes inside of [ 105.007195][ T5330] allocated 1024-byte region [ffff888036d2b000, ffff888036d2b400) [ 105.015026][ T5330] [ 105.016105][ T5330] The buggy address belongs to the physical page: [ 105.018973][ T5330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36d28 [ 105.022751][ T5330] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 105.026017][ T5330] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 105.029626][ T5330] page_type: f5(slab) [ 105.032067][ T5330] raw: 04fff00000000040 ffff88801ac41dc0 dead000000000122 0000000000000000 [ 105.036436][ T5330] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000 [ 105.040232][ T5330] head: 04fff00000000040 ffff88801ac41dc0 dead000000000122 0000000000000000 [ 105.044116][ T5330] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000 [ 105.048810][ T5330] head: 04fff00000000002 ffffea0000db4a01 00000000ffffffff 00000000ffffffff [ 105.053070][ T5330] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 105.057031][ T5330] page dumped because: kasan: bad access detected [ 105.059876][ T5330] page_owner tracks the page as allocated [ 105.062333][ T5330] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5330, tgid 5329 (syz.0.0), ts 104772802097, free_ts 26825918634 [ 105.073231][ T5330] post_alloc_hook+0x231/0x280 [ 105.075304][ T5330] get_page_from_freelist+0x24dc/0x2580 [ 105.077727][ T5330] __alloc_frozen_pages_noprof+0x18d/0x380 [ 105.080126][ T5330] allocate_slab+0x77/0x660 [ 105.082313][ T5330] refill_objects+0x331/0x3c0 [ 105.084995][ T5330] __pcs_replace_empty_main+0x2e6/0x730 [ 105.088490][ T5330] __kmalloc_noprof+0x474/0x760 [ 105.090859][ T5330] ext4_mb_init+0x5ed/0x2ad0 [ 105.092983][ T5330] ext4_fill_super+0x5647/0x6320 [ 105.095261][ T5330] get_tree_bdev_flags+0x431/0x4f0 [ 105.097422][ T5330] vfs_get_tree+0x92/0x2a0 [ 105.099462][ T5330] do_new_mount+0x341/0xd30 [ 105.101720][ T5330] __se_sys_mount+0x31d/0x420 [ 105.104392][ T5330] do_syscall_64+0x14d/0xf80 [ 105.106876][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.109228][ T5330] page last free pid 9 tgid 9 stack trace: [ 105.111811][ T5330] __free_frozen_pages+0xc2b/0xdb0 [ 105.113994][ T5330] vfree+0x25a/0x400 [ 105.115615][ T5330] delayed_vfree_work+0x55/0x80 [ 105.117961][ T5330] process_scheduled_works+0xb6e/0x18c0 [ 105.121010][ T5330] worker_thread+0xa53/0xfc0 [ 105.123317][ T5330] kthread+0x388/0x470 [ 105.124986][ T5330] ret_from_fork+0x51e/0xb90 [ 105.126953][ T5330] ret_from_fork_asm+0x1a/0x30 [ 105.128932][ T5330] [ 105.130022][ T5330] Memory state around the buggy address: [ 105.132858][ T5330] ffff888036d2b300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.137176][ T5330] ffff888036d2b380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.140855][ T5330] >ffff888036d2b400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.144695][ T5330] ^ [ 105.146576][ T5330] ffff888036d2b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.150524][ T5330] ffff888036d2b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.154938][ T5330] ================================================================== [ 105.172836][ T5330] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 105.176892][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 105.181241][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.186148][ T5330] Call Trace: [ 105.187714][ T5330] [ 105.189135][ T5330] vpanic+0x56c/0xa60 [ 105.191100][ T5330] ? __pfx_vpanic+0x10/0x10 [ 105.193420][ T5330] ? __pfx___schedule+0x10/0x10 [ 105.196144][ T5330] panic+0xc5/0xd0 [ 105.198126][ T5330] ? __pfx_panic+0x10/0x10 [ 105.200175][ T5330] ? preempt_schedule_common+0x82/0xd0 [ 105.202613][ T5330] ? ext4_xattr_set_entry+0x17ab/0x1e20 [ 105.205169][ T5330] check_panic_on_warn+0x89/0xb0 [ 105.207557][ T5330] ? ext4_xattr_set_entry+0x17ab/0x1e20 [ 105.210712][ T5330] end_report+0x73/0x180 [ 105.213047][ T5330] ? ext4_xattr_set_entry+0x17ab/0x1e20 [ 105.215689][ T5330] kasan_report+0x128/0x150 [ 105.217663][ T5330] ? ext4_xattr_set_entry+0x17ab/0x1e20 [ 105.220494][ T5330] kasan_check_range+0x264/0x2c0 [ 105.222963][ T5330] __asan_memset+0x22/0x50 [ 105.225043][ T5330] ext4_xattr_set_entry+0x17ab/0x1e20 [ 105.227544][ T5330] ext4_xattr_block_set+0x878/0x2ad0 [ 105.229885][ T5330] ? __pfx_ext4_free_in_core_inode+0x10/0x10 [ 105.232519][ T5330] ? __pfx_evict+0x10/0x10 [ 105.234779][ T5330] ? do_raw_spin_unlock+0x4d/0x210 [ 105.237472][ T5330] ? _raw_spin_unlock+0x28/0x50 [ 105.240116][ T5330] ? iput+0xb25/0xe80 [ 105.241885][ T5330] ? __pfx_ext4_xattr_block_set+0x10/0x10 [ 105.244253][ T5330] ? ext4_xattr_ibody_set+0x510/0x6a0 [ 105.246567][ T5330] ext4_xattr_set_handle+0xe34/0x14c0 [ 105.249067][ T5330] ? __pfx_ext4_xattr_set_handle+0x10/0x10 [ 105.251637][ T5330] ext4_xattr_set+0x255/0x340 [ 105.253978][ T5330] ? __pfx_ext4_xattr_set+0x10/0x10 [ 105.256311][ T5330] ? __pfx_evm_protect_xattr+0x10/0x10 [ 105.258636][ T5330] ? __pfx_ext4_xattr_trusted_set+0x10/0x10 [ 105.261042][ T5330] __vfs_setxattr+0x43c/0x480 [ 105.263453][ T5330] __vfs_setxattr_noperm+0x12d/0x660 [ 105.266196][ T5330] vfs_setxattr+0x163/0x360 [ 105.268289][ T5330] ? __pfx_vfs_setxattr+0x10/0x10 [ 105.270591][ T5330] filename_setxattr+0x296/0x630 [ 105.272835][ T5330] ? __pfx_filename_setxattr+0x10/0x10 [ 105.276002][ T5330] ? do_getname+0x151/0x250 [ 105.278522][ T5330] path_setxattrat+0x3eb/0x440 [ 105.280795][ T5330] ? __pfx_path_setxattrat+0x10/0x10 [ 105.283093][ T5330] ? do_futex+0x395/0x420 [ 105.284994][ T5330] ? rcu_is_watching+0x15/0xb0 [ 105.287621][ T5330] __x64_sys_lsetxattr+0xbf/0xe0 [ 105.290025][ T5330] do_syscall_64+0x14d/0xf80 [ 105.292088][ T5330] ? trace_irq_disable+0x3b/0x150 [ 105.294317][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.297159][ T5330] ? clear_bhb_loop+0x40/0x90 [ 105.299396][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.302388][ T5330] RIP: 0033:0x7fe9cc99c799 [ 105.304530][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.313637][ T5330] RSP: 002b:00007fe9cd833fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 105.317236][ T5330] RAX: ffffffffffffffda RBX: 00007fe9ccc15fa0 RCX: 00007fe9cc99c799 [ 105.321551][ T5330] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000280 [ 105.326320][ T5330] RBP: 00007fe9cca32c99 R08: 0000000000000000 R09: 0000000000000000 [ 105.329662][ T5330] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 105.333177][ T5330] R13: 00007fe9ccc16038 R14: 00007fe9ccc15fa0 R15: 00007ffefb0345b8 [ 105.337139][ T5330] [ 105.339125][ T5330] Kernel Offset: disabled [ 105.341086][ T5330] Rebooting in 86400 seconds..