program:
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000480)={[{@nouid32}, {@mblk_io_submit}, {@i_version}]}, 0x1, 0x746, &(0x7f0000000f40)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulG5vWUkGkogcpVop689Bud7ehZLdbspvShIpWFMGTSPHsj5M3/wFRBL15FDx7kkKRUi+CsDLb2bjt7jabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJlupiYiTd/e7c/taMV2SaDZf/y1p7ZPmo+MzqT1Z5rGI+O79iEO57nLrK6uLhUqlvJTl5xrVy3P1ldXDF6uFhfJC+dL88WePzp+Yf+bE/JbF+sd7r54/9dVLX9x498dfXnvr1JNJnIy92bbOOLbKbMxm38lk+hXe48WtLmzEklEfAJuS3po77t7lsT+mY0crBQD8l70dEU0AYMwk2n8AGDPt/wO0x/aGMQ72T3brhYjY1Sv+iWzMbldrHHT3neSekZEkIma2oPzZiLj65gdfp0sMaRwSoJd3rkfEuZnZ7vov6ZqzsFFPD7DP7H159R9sn2/T/s+JXv2f3Fr/J3r0f6Z63Lubsf79n7u5BcX0lfb/nuvZ/12btDazI8v9v9Xnm0wuXKyU07rtkYg4GJNTaf7IA8o49vHzP/Tb1tn/S5e0/HZfMDuOmxNT936mVGgUHibmTreuRzw+0Sv+ZO38J336v2cGLKPx/ROf99u2fvzD1fws4qme5//vGW1Jx/zEqeianzjXuh7m2ldFt/yH0/v6lT/q+NPzv/vB8c8knfM16xsv46dP/ny537bNXv87kzda6Z3ZuquFRmPpSMTO5JXu9R1TSNv59v5p/AcPPLj+63X9p38Tnhsw/sVPvzy/+fiHK42/tKHzv/HEgZ+/6R1PM5ttvO75P9ZKHczWDFL/DXqAD/PdAQAAAAAAAAAAAAAAAAAAAAAAAMCgchGxN5Jcfi2dy+Xzd9/h/WjszlVq9cahC7XlS6VovSt7JiZz7SddTnc8D/VI9jz8dn7+vvzRiNgXETem/tfK54u1SmnUwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZk+f9/+nfp0a9dEBAEOza9QHAABsO+0/AIwf7T8AjB/tPwCMH+0/AIwf7T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDdub06XRp/n77WjHNl66sLC/WrhwuleuL+epyMV+sLV3OL9RqC5Vyvlirrvf7KrXa5fnjsXx1rlGuN+bqK6tnq7XlS42zF6uFhfLZ8uS2RAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1NfWV0sVCrlJQkJCYm1xKhrJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/h78CAAD//6LRHug=")
open(&(0x7f0000000040)='./bus\x00', 0x14927e, 0x0)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0xf9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x8, 0x4, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000001c0)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
ioctl$sock_bt_hci(r1, 0x400448e4, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
sendfile(r0, r0, 0x0, 0x800000009) (fail_nth: 6)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x9567, 0x3, 0x0, 0x0, 0x1f, 0x5, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220fffff2ff00000000000000000e00", [0x4, 0x100]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
fallocate(r3, 0x10, 0x2007ffc, 0x7fff)
[ 147.960707][ T4671] Bluetooth: hci0: command tx timeout
[ 148.053114][ T5326] loop0: detected capacity change from 0 to 2048
[ 148.075652][ T5326] EXT4-fs: Ignoring removed mblk_io_submit option
[ 148.078417][ T5326] EXT4-fs: Ignoring removed i_version option
[ 148.157763][ T5326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 148.178729][ T24] audit: type=1800 audit(1773647201.634:2): pid=5326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0
[ 148.198874][ T5326] FAULT_INJECTION: forcing a failure.
[ 148.198874][ T5326] name failslab, interval 1, probability 0, space 0, times 1
[ 148.206113][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 148.206135][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 148.206142][ T5326] Call Trace:
[ 148.206148][ T5326]
[ 148.206153][ T5326] dump_stack_lvl+0xe8/0x150
[ 148.206266][ T5326] should_fail_ex+0x412/0x560
[ 148.206328][ T5326] should_failslab+0xa8/0x100
[ 148.206356][ T5326] __kmalloc_node_noprof+0xf0/0x7c0
[ 148.206377][ T5326] ? alloc_slab_obj_exts+0xbf/0x240
[ 148.206398][ T5326] alloc_slab_obj_exts+0xbf/0x240
[ 148.206417][ T5326] __memcg_slab_post_alloc_hook+0x53c/0xa80
[ 148.206446][ T5326] __kmalloc_noprof+0x3bd/0x760
[ 148.206466][ T5326] ? alloc_pipe_info+0x1fc/0x4d0
[ 148.206477][ T5326] ? __kmalloc_noprof+0x1b8/0x760
[ 148.206497][ T5326] alloc_pipe_info+0x1fc/0x4d0
[ 148.206512][ T5326] splice_direct_to_actor+0xa08/0xc70
[ 148.206536][ T5326] ? __pfx_direct_splice_actor+0x10/0x10
[ 148.206553][ T5326] ? __pfx_aa_file_perm+0x10/0x10
[ 148.206573][ T5326] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 148.206588][ T5326] ? get_pid_task+0x20/0x1f0
[ 148.206607][ T5326] do_splice_direct+0x195/0x290
[ 148.206624][ T5326] ? __pfx_do_splice_direct+0x10/0x10
[ 148.206641][ T5326] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 148.206663][ T5326] ? rw_verify_area+0x255/0x4d0
[ 148.206681][ T5326] do_sendfile+0x535/0x7d0
[ 148.206703][ T5326] ? __pfx_do_sendfile+0x10/0x10
[ 148.206718][ T5326] ? __fget_files+0x3a0/0x420
[ 148.206741][ T5326] __se_sys_sendfile64+0x144/0x1a0
[ 148.206758][ T5326] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 148.206779][ T5326] do_syscall_64+0x14d/0xf80
[ 148.206825][ T5326] ? trace_irq_disable+0x3b/0x150
[ 148.206843][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.206858][ T5326] ? clear_bhb_loop+0x40/0x90
[ 148.206873][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.206885][ T5326] RIP: 0033:0x7fa66f99c799
[ 148.206900][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 148.206910][ T5326] RSP: 002b:00007fa670861fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 148.206925][ T5326] RAX: ffffffffffffffda RBX: 00007fa66fc15fa0 RCX: 00007fa66f99c799
[ 148.206934][ T5326] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 148.206942][ T5326] RBP: 00007fa670862050 R08: 0000000000000000 R09: 0000000000000000
[ 148.206949][ T5326] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[ 148.206956][ T5326] R13: 00007fa66fc16038 R14: 00007fa66fc15fa0 R15: 00007ffd5255bd88
[ 148.206977][ T5326]
[ 148.356480][ T5327] loop0: detected capacity change from 2048 to 0
[ 148.360840][ T5326] ==================================================================
[ 148.365397][ T5326] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.369049][ T5326] Read of size 18446744073709551600 at addr ffff888050b83eb8 by task syz.0.0/5326
[ 148.373443][ T5326]
[ 148.374517][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 148.374529][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 148.374534][ T5326] Call Trace:
[ 148.374541][ T5326]
[ 148.374546][ T5326] dump_stack_lvl+0xe8/0x150
[ 148.374562][ T5326] print_report+0xba/0x230
[ 148.374571][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.374580][ T5326] kasan_report+0x117/0x150
[ 148.374590][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.374598][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.374605][ T5326] kasan_check_range+0x264/0x2c0
[ 148.374613][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.374623][ T5326] __asan_memmove+0x29/0x70
[ 148.374635][ T5326] ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.374651][ T5326] ext4_xattr_ibody_set+0x254/0x6a0
[ 148.374663][ T5326] ext4_destroy_inline_data_nolock+0x23a/0x5e0
[ 148.374680][ T5326] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[ 148.374691][ T5326] ? down_write+0x16d/0x200
[ 148.374702][ T5326] ext4_convert_inline_data_to_extent+0x547/0xde0
[ 148.374714][ T5326] ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[ 148.374723][ T5326] ? ext4_inode_journal_mode+0x193/0x470
[ 148.374732][ T5326] ? ext4_try_to_write_inline_data+0x49/0xa0
[ 148.374742][ T5326] ext4_write_begin+0x357/0x18c0
[ 148.374751][ T5326] ? __xa_set_mark+0x6f/0xa0
[ 148.374761][ T5326] ? __mark_inode_dirty+0x4cf/0x1470
[ 148.374769][ T5326] ? __pfx_ext4_write_begin+0x10/0x10
[ 148.374777][ T5326] ? __ext4_handle_dirty_metadata+0x2fd/0x810
[ 148.374787][ T5326] ext4_da_write_begin+0x355/0xd80
[ 148.374798][ T5326] ? __pfx_ext4_da_write_begin+0x10/0x10
[ 148.374808][ T5326] generic_perform_write+0x2e2/0x8f0
[ 148.374819][ T5326] ? __pfx_generic_perform_write+0x10/0x10
[ 148.374827][ T5326] ? file_update_time_flags+0x400/0x4a0
[ 148.374839][ T5326] ? ext4_write_checks+0x24b/0x2c0
[ 148.374850][ T5326] ext4_buffered_write_iter+0xce/0x3a0
[ 148.374862][ T5326] ext4_file_write_iter+0x298/0x1bf0
[ 148.374876][ T5326] ? splice_from_pipe_next+0x61c/0x670
[ 148.374886][ T5326] ? __pfx_ext4_file_write_iter+0x10/0x10
[ 148.374897][ T5326] ? __asan_memset+0x22/0x50
[ 148.374907][ T5326] iter_file_splice_write+0x9a1/0x10f0
[ 148.374920][ T5326] ? __pfx_iter_file_splice_write+0x10/0x10
[ 148.374932][ T5326] ? __pfx_iter_file_splice_write+0x10/0x10
[ 148.374941][ T5326] direct_splice_actor+0x101/0x160
[ 148.374951][ T5326] splice_direct_to_actor+0x53a/0xc70
[ 148.374962][ T5326] ? __pfx_direct_splice_actor+0x10/0x10
[ 148.374976][ T5326] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 148.374989][ T5326] ? get_pid_task+0x20/0x1f0
[ 148.375001][ T5326] do_splice_direct+0x195/0x290
[ 148.375012][ T5326] ? __pfx_do_splice_direct+0x10/0x10
[ 148.375021][ T5326] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 148.375032][ T5326] ? rw_verify_area+0x255/0x4d0
[ 148.375044][ T5326] do_sendfile+0x535/0x7d0
[ 148.375053][ T5326] ? __pfx_do_sendfile+0x10/0x10
[ 148.375062][ T5326] ? __fget_files+0x3a0/0x420
[ 148.375072][ T5326] __se_sys_sendfile64+0x144/0x1a0
[ 148.375081][ T5326] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 148.375090][ T5326] do_syscall_64+0x14d/0xf80
[ 148.375098][ T5326] ? trace_irq_disable+0x3b/0x150
[ 148.375109][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.375116][ T5326] ? clear_bhb_loop+0x40/0x90
[ 148.375124][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.375132][ T5326] RIP: 0033:0x7fa66f99c799
[ 148.375141][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 148.375147][ T5326] RSP: 002b:00007fa670861fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 148.375156][ T5326] RAX: ffffffffffffffda RBX: 00007fa66fc15fa0 RCX: 00007fa66f99c799
[ 148.375162][ T5326] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 148.375166][ T5326] RBP: 00007fa670862050 R08: 0000000000000000 R09: 0000000000000000
[ 148.375171][ T5326] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[ 148.375176][ T5326] R13: 00007fa66fc16038 R14: 00007fa66fc15fa0 R15: 00007ffd5255bd88
[ 148.375183][ T5326]
[ 148.375186][ T5326]
[ 148.567526][ T5326] The buggy address belongs to the physical page:
[ 148.570759][ T5326] page: refcount:3 mapcount:0 mapping:ffff88801cc2d900 index:0x2 pfn:0x50b83
[ 148.574889][ T5326] memcg:ffff88801c6c8d40
[ 148.576778][ T5326] aops:def_blk_aops ino:700000 dentry name(?):""
[ 148.579886][ T5326] flags: 0x4fff18000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[ 148.585480][ T5326] raw: 04fff18000004214 0000000000000000 dead000000000122 ffff88801cc2d900
[ 148.590161][ T5326] raw: 0000000000000002 ffff8880481030e8 00000003ffffffff ffff88801c6c8d40
[ 148.593825][ T5326] page dumped because: kasan: bad access detected
[ 148.596826][ T5326] page_owner tracks the page as allocated
[ 148.599366][ T5326] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5326, tgid 5325 (syz.0.0), ts 148341713791, free_ts 148341009364
[ 148.608761][ T5326] post_alloc_hook+0x231/0x280
[ 148.610846][ T5326] get_page_from_freelist+0x24dc/0x2580
[ 148.613273][ T5326] __alloc_frozen_pages_noprof+0x18d/0x380
[ 148.616003][ T5326] alloc_pages_mpol+0x232/0x4a0
[ 148.618543][ T5326] alloc_pages_noprof+0xa8/0x190
[ 148.621195][ T5326] folio_alloc_noprof+0x1e/0x30
[ 148.623546][ T5326] filemap_alloc_folio_noprof+0x111/0x470
[ 148.626180][ T5326] __filemap_get_folio_mpol+0x3fc/0xb00
[ 148.628717][ T5326] bdev_getblk+0x1f6/0x6e0
[ 148.630847][ T5326] __ext4_get_inode_loc+0x528/0xfa0
[ 148.633139][ T5326] ext4_get_inode_loc+0x81/0xf0
[ 148.635483][ T5326] ext4_read_inline_folio+0x237/0x870
[ 148.638477][ T5326] ext4_readpage_inline+0x23f/0x6a0
[ 148.641151][ T5326] ext4_read_folio+0x15e/0x550
[ 148.643594][ T5326] filemap_read_folio+0x137/0x3b0
[ 148.645901][ T5326] filemap_get_pages+0x1744/0x1f10
[ 148.648276][ T5326] page last free pid 5327 tgid 5325 stack trace:
[ 148.651340][ T5326] free_unref_folios+0xed5/0x16d0
[ 148.653930][ T5326] folios_put_refs+0x789/0x8d0
[ 148.655961][ T5326] mapping_try_invalidate+0x3c2/0x4c0
[ 148.658245][ T5326] loop_set_status+0x29b/0xe40
[ 148.660676][ T5326] lo_ioctl+0xc21/0x1fb0
[ 148.662979][ T5326] blkdev_ioctl+0x5e3/0x740
[ 148.665505][ T5326] __se_sys_ioctl+0xfc/0x170
[ 148.667866][ T5326] do_syscall_64+0x14d/0xf80
[ 148.669828][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.672415][ T5326]
[ 148.673532][ T5326] Memory state around the buggy address:
[ 148.676239][ T5326] ffff888050b83d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 148.680307][ T5326] ffff888050b83e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 148.684457][ T5326] >ffff888050b83e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 148.688370][ T5326] ^
[ 148.691009][ T5326] ffff888050b83f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 148.694742][ T5326] ffff888050b83f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 148.698804][ T5326] ==================================================================
[ 148.725435][ T5326] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 148.729442][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 148.734477][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 148.739885][ T5326] Call Trace:
[ 148.741792][ T5326]
[ 148.743567][ T5326] vpanic+0x56c/0xa60
[ 148.746047][ T5326] ? __pfx_vpanic+0x10/0x10
[ 148.748325][ T5326] ? __pfx___schedule+0x10/0x10
[ 148.750228][ T5326] panic+0xc5/0xd0
[ 148.751868][ T5326] ? __pfx_panic+0x10/0x10
[ 148.753829][ T5326] ? preempt_schedule_thunk+0x16/0x30
[ 148.756419][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.759275][ T5326] check_panic_on_warn+0x89/0xb0
[ 148.761822][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.764536][ T5326] end_report+0x73/0x180
[ 148.766459][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.769010][ T5326] kasan_report+0x128/0x150
[ 148.771097][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.774253][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.777756][ T5326] kasan_check_range+0x264/0x2c0
[ 148.780889][ T5326] ? ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.783966][ T5326] __asan_memmove+0x29/0x70
[ 148.786445][ T5326] ext4_xattr_set_entry+0x9c1/0x1e20
[ 148.789696][ T5326] ext4_xattr_ibody_set+0x254/0x6a0
[ 148.792629][ T5326] ext4_destroy_inline_data_nolock+0x23a/0x5e0
[ 148.795491][ T5326] ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[ 148.798473][ T5326] ? down_write+0x16d/0x200
[ 148.800710][ T5326] ext4_convert_inline_data_to_extent+0x547/0xde0
[ 148.804082][ T5326] ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[ 148.806893][ T5326] ? ext4_inode_journal_mode+0x193/0x470
[ 148.809501][ T5326] ? ext4_try_to_write_inline_data+0x49/0xa0
[ 148.812252][ T5326] ext4_write_begin+0x357/0x18c0
[ 148.814824][ T5326] ? __xa_set_mark+0x6f/0xa0
[ 148.816969][ T5326] ? __mark_inode_dirty+0x4cf/0x1470
[ 148.819354][ T5326] ? __pfx_ext4_write_begin+0x10/0x10
[ 148.821792][ T5326] ? __ext4_handle_dirty_metadata+0x2fd/0x810
[ 148.824683][ T5326] ext4_da_write_begin+0x355/0xd80
[ 148.826916][ T5326] ? __pfx_ext4_da_write_begin+0x10/0x10
[ 148.829322][ T5326] generic_perform_write+0x2e2/0x8f0
[ 148.831712][ T5326] ? __pfx_generic_perform_write+0x10/0x10
[ 148.834553][ T5326] ? file_update_time_flags+0x400/0x4a0
[ 148.837650][ T5326] ? ext4_write_checks+0x24b/0x2c0
[ 148.840542][ T5326] ext4_buffered_write_iter+0xce/0x3a0
[ 148.842988][ T5326] ext4_file_write_iter+0x298/0x1bf0
[ 148.845360][ T5326] ? splice_from_pipe_next+0x61c/0x670
[ 148.847780][ T5326] ? __pfx_ext4_file_write_iter+0x10/0x10
[ 148.850245][ T5326] ? __asan_memset+0x22/0x50
[ 148.852378][ T5326] iter_file_splice_write+0x9a1/0x10f0
[ 148.854919][ T5326] ? __pfx_iter_file_splice_write+0x10/0x10
[ 148.858045][ T5326] ? __pfx_iter_file_splice_write+0x10/0x10
[ 148.861217][ T5326] direct_splice_actor+0x101/0x160
[ 148.863830][ T5326] splice_direct_to_actor+0x53a/0xc70
[ 148.866157][ T5326] ? __pfx_direct_splice_actor+0x10/0x10
[ 148.868587][ T5326] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 148.871374][ T5326] ? get_pid_task+0x20/0x1f0
[ 148.874169][ T5326] do_splice_direct+0x195/0x290
[ 148.877472][ T5326] ? __pfx_do_splice_direct+0x10/0x10
[ 148.879953][ T5326] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 148.882401][ T5326] ? rw_verify_area+0x255/0x4d0
[ 148.884642][ T5326] do_sendfile+0x535/0x7d0
[ 148.886630][ T5326] ? __pfx_do_sendfile+0x10/0x10
[ 148.888764][ T5326] ? __fget_files+0x3a0/0x420
[ 148.890862][ T5326] __se_sys_sendfile64+0x144/0x1a0
[ 148.893948][ T5326] ? __pfx___se_sys_sendfile64+0x10/0x10
[ 148.897431][ T5326] do_syscall_64+0x14d/0xf80
[ 148.899729][ T5326] ? trace_irq_disable+0x3b/0x150
[ 148.902696][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.905441][ T5326] ? clear_bhb_loop+0x40/0x90
[ 148.907634][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.911075][ T5326] RIP: 0033:0x7fa66f99c799
[ 148.913453][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 148.921850][ T5326] RSP: 002b:00007fa670861fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 148.926032][ T5326] RAX: ffffffffffffffda RBX: 00007fa66fc15fa0 RCX: 00007fa66f99c799
[ 148.931711][ T5326] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 148.935549][ T5326] RBP: 00007fa670862050 R08: 0000000000000000 R09: 0000000000000000
[ 148.938851][ T5326] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[ 148.942682][ T5326] R13: 00007fa66fc16038 R14: 00007fa66fc15fa0 R15: 00007ffd5255bd88
[ 148.946135][ T5326]
[ 148.947959][ T5326] Kernel Offset: disabled
[ 148.950056][ T5326] Rebooting in 86400 seconds..