program: r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000006940)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@nombcache}, {@quota}, {@nombcache}, {@abort}, {@errors_remount}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000200)=ANY=[@ANYBLOB="3b9ef250c3f7018cd3a5d44200cd935129a663f4c8", @ANYBLOB="57b61e77e7c57142b6fe014e77f6cdcfa4712dd62cd9ded4fc0c5756ce3092995cbecb31131a0a44e1ea1e97720b400c65e620eda703864f4cfb02d02b75f7c665fc7a8857c4661c05768c584fa66fe1ff24db728ed41fdbd225b9cb558f7c1957c0ca7d136c2c32d23ed0cdfffd9930373ed822242dd216a2f723244574e8d276d2c64f253a2253a43eb42a8e88c8f70e1d", @ANYRES16=r0], 0xfe37, 0x0) r1 = creat(&(0x7f0000000140)='./file2\x00', 0x1ad) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', 0x0}) sendto$packet(r4, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb10000000800894f4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r5}, 0x14) sendmsg$nl_route(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@ipv4_newrule={0x28, 0x20, 0x301, 0x0, 0x25dfdbff, {0x2, 0x0, 0x10, 0x8, 0x0, 0x0, 0x0, 0x5, 0x18}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x8}]}, 0x28}}, 0x4) r6 = socket$qrtr(0x2a, 0x2, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000140)={{0x2, 0x4e24, @remote}, {0x6, @random="cf7e5dd99f9c"}, 0x38, {0x2, 0x4e24, @broadcast}, 'dummy0\x00'}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000100)="06ff03076844268cb89e14f008004ee0ffff00febabec41177fb86dd1402e000030c62079f4b4d2f87e5feca6aab055013f2325f1a3901050b038da1880b25181aa59d943be30043d50ea5a6b868", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) connect$qrtr(r6, &(0x7f0000000000)={0x2a, 0xffffffff, 0xfffffffe}, 0xc) connect$qrtr(r6, &(0x7f0000000100)={0x2a, 0x4, 0xfffffffe}, 0xc) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001080), r9) r11 = fsopen(&(0x7f0000000040)='autofs\x00', 0x0) close_range(r11, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r10, 0x405, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x192a}]}, 0x1c}}, 0x2000000) syz_emit_ethernet(0x4a, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450a003c00650000f1069078640101026401010000aa000000000000000000090000000300004e2000004e2200000001000000010000000000d60100"], 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x20, 0x140c, 0x20, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x5}]}, 0x20}}, 0x80) utime(&(0x7f0000006a80)='./file1\x00', 0x0) sendmsg(r2, &(0x7f0000000540)={&(0x7f0000000400)=@llc={0x1a, 0x306, 0x4, 0x10, 0x5, 0x50, @broadcast}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000480)="3ef7967966a1a5a5ac6b6e436c581013d0a53f1ba6d73c9e2d0401f5f6cb45e3c712a76cb9c8005fe082e0b0cb13d7f2b454cb46d764a596fcc798386c5fbe452b7f08791c28994b5c9484017c680c889cd33175c91d23278c067874433282b7683c4585bc27cc3b546276b8555316e1149c61d55cf4cd68dbf5bb6345f4ef7816cf4c12268f38e554b2d71cfd834e255b12381bc8ba0359998dbc657acf3cd1", 0xa0}], 0x1, &(0x7f0000000d80)=[{0xc0, 0x109, 0x4, "34fa7e44254267887f7f29ce4b8d52180189b85cd78206c12628df7263bb99588d357123bc37185e97b7dae556d409206405c3a8a5a1f8516891f51ace5c363533aa8c86b3ae8fc514be48b382d0095f2f78684a93179cc968d1d382ea47067655cdeb73e4cbd8793335f7cf53ce630bd4efa36a86c4b7036c487e552b05506cec99148839407e9893a7d45cecd9367efba5704e7220fd5af16ee977e6e530aa779fcaab12a0f5201fafe8975896542d"}, {0x10, 0x10c}, {0xc8, 0x1, 0x7, "8d18b7149147a70d791c410ee4d03038d567dee9c921003b19c58863438e20b055a76e3754624e874bd5fb61726b209b2ed8884003dc56fed742e6f3039734e02d168999a8170cca9157211120526ee73450f6eab6bcafcdd9193b202883726dc97c0ea9eddcf9cb832cce29ab30358bfbd3cdaefdcbc9724be6ec6c956dac431298c63bae819b595ea8aa88be0d7b136c76d90a2f774213d2216f14c3bc22a6cb0e1465a6b40a215f07124b1ca83b8f22cb564c68fb"}, {0x18, 0x109, 0x80000000, "49b405"}, {0xf8, 0x84, 0x3, "b4a9972778b609cd7b0ab737d8e7905a7d66c5602a1939bb3e2c9942fc0918dec2418b0696c6c45b54069b03ad3e0531782db3f590082cb0442ef8889d08cd6a765ef9d28014f02729ee29e755e5d78485041c3e428e5f1ec7d45232e82188b99fb8cec496d19fbee20c4d52646dfa07f3cca4a1a6642a695d774c861976ba007026b3d3b165e36b6e414aac752801670b480aadebb71f97a5893d5f2f10a19a41b9dba39ee1d230aba39f2a5178d08c48c4179b88b15765562fb160bca8667d58875ccf0113dbc445ded658df833d52a055d4fe588a59458da12539719e7b19fa29d2d0"}], 0x2a8}, 0x4000000) [ 88.300810][ T10] cfg80211: failed to load regulatory.db [ 88.305889][ T5315] Bluetooth: hci0: command tx timeout [ 88.437245][ T5340] loop0: detected capacity change from 0 to 512 [ 88.479486][ T5340] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 88.513745][ T5340] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 88.537957][ T5340] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 88.561660][ T5340] EXT4-fs (loop0): 1 truncate cleaned up [ 88.567905][ T5340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.630848][ T5340] ================================================================== [ 88.634696][ T5340] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x8e9/0x1e20 [ 88.638402][ T5340] Read of size 18446744073709551572 at addr ffff8880526a8850 by task syz.0.0/5340 [ 88.642732][ T5340] [ 88.643833][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 88.643849][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.643858][ T5340] Call Trace: [ 88.643865][ T5340] [ 88.643872][ T5340] dump_stack_lvl+0x189/0x250 [ 88.643898][ T5340] ? __kasan_check_byte+0x12/0x40 [ 88.643915][ T5340] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.643929][ T5340] ? lock_release+0x4b/0x3e0 [ 88.643950][ T5340] ? __virt_addr_valid+0x4a5/0x5c0 [ 88.643966][ T5340] print_report+0xca/0x240 [ 88.643978][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 88.643993][ T5340] kasan_report+0x118/0x150 [ 88.644007][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 88.644021][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 88.644035][ T5340] kasan_check_range+0x2b0/0x2c0 [ 88.644049][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 88.644062][ T5340] __asan_memmove+0x29/0x70 [ 88.644073][ T5340] ext4_xattr_set_entry+0x8e9/0x1e20 [ 88.644093][ T5340] ext4_xattr_block_set+0x872/0x2ac0 [ 88.644111][ T5340] ? fs_reclaim_acquire+0x7d/0x100 [ 88.644129][ T5340] ? __pfx_check_xattrs+0x10/0x10 [ 88.644143][ T5340] ? __pfx_ext4_xattr_block_set+0x10/0x10 [ 88.644158][ T5340] ? ext4_xattr_block_find+0x2d4/0x350 [ 88.644172][ T5340] ext4_expand_extra_isize_ea+0x12d5/0x1ea0 [ 88.644197][ T5340] __ext4_expand_extra_isize+0x30d/0x400 [ 88.644216][ T5340] __ext4_mark_inode_dirty+0x46c/0x700 [ 88.644232][ T5340] ext4_dirty_inode+0xd0/0x110 [ 88.644247][ T5340] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 88.644262][ T5340] __mark_inode_dirty+0x2ce/0xdf0 [ 88.644279][ T5340] ? i_gid_needs_update+0x51/0x160 [ 88.644295][ T5340] ext4_setattr+0xabc/0x1bc0 [ 88.644310][ T5340] ? __pfx_current_time+0x10/0x10 [ 88.644328][ T5340] ? try_break_deleg+0x79/0x130 [ 88.644370][ T5340] ? __pfx_ext4_setattr+0x10/0x10 [ 88.644386][ T5340] notify_change+0xb33/0xe40 [ 88.644402][ T5340] vfs_utimes+0x3fb/0x570 [ 88.644421][ T5340] ? __pfx_vfs_utimes+0x10/0x10 [ 88.644441][ T5340] ? user_path_at+0x44/0x60 [ 88.644461][ T5340] ? kmem_cache_free+0x18f/0x400 [ 88.644479][ T5340] do_utimes+0x1bd/0x2a0 [ 88.644498][ T5340] ? __pfx_do_utimes+0x10/0x10 [ 88.644514][ T5340] ? rcu_is_watching+0x15/0xb0 [ 88.644527][ T5340] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 88.644547][ T5340] __x64_sys_utime+0x13e/0x200 [ 88.644564][ T5340] ? __pfx___x64_sys_utime+0x10/0x10 [ 88.644583][ T5340] ? do_syscall_64+0xbe/0x3b0 [ 88.644642][ T5340] do_syscall_64+0xfa/0x3b0 [ 88.644658][ T5340] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.644671][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.644683][ T5340] ? clear_bhb_loop+0x60/0xb0 [ 88.644696][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.644708][ T5340] RIP: 0033:0x7f288858e9a9 [ 88.644721][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.644732][ T5340] RSP: 002b:00007f28894e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 88.644747][ T5340] RAX: ffffffffffffffda RBX: 00007f28887b5fa0 RCX: 00007f288858e9a9 [ 88.644759][ T5340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000006a80 [ 88.644766][ T5340] RBP: 00007f2888610d69 R08: 0000000000000000 R09: 0000000000000000 [ 88.644773][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.644780][ T5340] R13: 0000000000000000 R14: 00007f28887b5fa0 R15: 00007ffd33af3bb8 [ 88.644793][ T5340] [ 88.644797][ T5340] [ 88.801723][ T5340] Allocated by task 5340: [ 88.804012][ T5340] kasan_save_track+0x3e/0x80 [ 88.806195][ T5340] __kasan_kmalloc+0x93/0xb0 [ 88.808231][ T5340] __kmalloc_node_track_caller_noprof+0x271/0x4e0 [ 88.811040][ T5340] kmemdup_noprof+0x2b/0x70 [ 88.813038][ T5340] ext4_xattr_block_set+0x781/0x2ac0 [ 88.815406][ T5340] ext4_expand_extra_isize_ea+0x12d5/0x1ea0 [ 88.818010][ T5340] __ext4_expand_extra_isize+0x30d/0x400 [ 88.820565][ T5340] __ext4_mark_inode_dirty+0x46c/0x700 [ 88.822944][ T5340] ext4_dirty_inode+0xd0/0x110 [ 88.825391][ T5340] __mark_inode_dirty+0x2ce/0xdf0 [ 88.827828][ T5340] ext4_setattr+0xabc/0x1bc0 [ 88.830159][ T5340] notify_change+0xb33/0xe40 [ 88.832284][ T5340] vfs_utimes+0x3fb/0x570 [ 88.834317][ T5340] do_utimes+0x1bd/0x2a0 [ 88.836242][ T5340] __x64_sys_utime+0x13e/0x200 [ 88.838441][ T5340] do_syscall_64+0xfa/0x3b0 [ 88.840524][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.843130][ T5340] [ 88.844297][ T5340] The buggy address belongs to the object at ffff8880526a8800 [ 88.844297][ T5340] which belongs to the cache kmalloc-1k of size 1024 [ 88.851139][ T5340] The buggy address is located 80 bytes inside of [ 88.851139][ T5340] 1024-byte region [ffff8880526a8800, ffff8880526a8c00) [ 88.857500][ T5340] [ 88.858611][ T5340] The buggy address belongs to the physical page: [ 88.861501][ T5340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x526a8 [ 88.865414][ T5340] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 88.869164][ T5340] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 88.872595][ T5340] page_type: f5(slab) [ 88.874441][ T5340] raw: 04fff00000000040 ffff88801a441dc0 dead000000000122 0000000000000000 [ 88.878327][ T5340] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 88.882294][ T5340] head: 04fff00000000040 ffff88801a441dc0 dead000000000122 0000000000000000 [ 88.886038][ T5340] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 88.889889][ T5340] head: 04fff00000000002 ffffea000149aa01 00000000ffffffff 00000000ffffffff [ 88.893740][ T5340] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 88.897791][ T5340] page dumped because: kasan: bad access detected [ 88.900546][ T5340] page_owner tracks the page as allocated [ 88.903001][ T5340] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5340, tgid 5339 (syz.0.0), ts 88619331663, free_ts 88617652254 [ 88.912028][ T5340] post_alloc_hook+0x240/0x2a0 [ 88.914306][ T5340] get_page_from_freelist+0x21e4/0x22c0 [ 88.916856][ T5340] __alloc_frozen_pages_noprof+0x181/0x370 [ 88.919522][ T5340] alloc_pages_mpol+0x232/0x4a0 [ 88.921731][ T5340] allocate_slab+0x8a/0x3b0 [ 88.923877][ T5340] ___slab_alloc+0xbfc/0x1480 [ 88.926071][ T5340] __kmalloc_cache_noprof+0x296/0x3d0 [ 88.928620][ T5340] autofs_init_fs_context+0x142/0x4b0 [ 88.930967][ T5340] alloc_fs_context+0x651/0x7d0 [ 88.933100][ T5340] __se_sys_fsopen+0xa5/0x2b0 [ 88.935170][ T5340] do_syscall_64+0xfa/0x3b0 [ 88.937099][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.939857][ T5340] page last free pid 5340 tgid 5339 stack trace: [ 88.942946][ T5340] __free_frozen_pages+0xc71/0xe70 [ 88.945553][ T5340] stack_depot_save_flags+0x445/0x900 [ 88.947906][ T5340] kasan_save_track+0x4f/0x80 [ 88.949893][ T5340] __kasan_slab_alloc+0x6c/0x80 [ 88.951972][ T5340] kmem_cache_alloc_noprof+0x1c1/0x3c0 [ 88.954469][ T5340] create_new_namespaces+0x31/0x720 [ 88.956841][ T5340] __se_sys_setns+0x2dc/0x17a0 [ 88.959029][ T5340] do_syscall_64+0xfa/0x3b0 [ 88.962273][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.965363][ T5340] [ 88.966592][ T5340] Memory state around the buggy address: [ 88.969124][ T5340] ffff8880526a8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 88.972642][ T5340] ffff8880526a8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 88.976154][ T5340] >ffff8880526a8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 88.979617][ T5340] ^ [ 88.982473][ T5340] ffff8880526a8880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 88.986306][ T5340] ffff8880526a8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 88.990386][ T5340] ================================================================== [ 89.014718][ T5341] cover enable write trace failed, mode=0 [ 89.014758][ T5341] (errno 9) [ 89.022880][ T5340] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 89.026259][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) [ 89.030950][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.036647][ T5340] Call Trace: [ 89.038387][ T5340] [ 89.039747][ T5340] dump_stack_lvl+0x99/0x250 [ 89.041784][ T5340] ? __asan_memcpy+0x40/0x70 [ 89.043863][ T5340] ? __pfx_dump_stack_lvl+0x10/0x10 [ 89.046111][ T5340] ? __pfx__printk+0x10/0x10 [ 89.048118][ T5340] panic+0x2db/0x790 [ 89.049878][ T5340] ? __pfx_panic+0x10/0x10 [ 89.051785][ T5340] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 89.054384][ T5340] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 89.057270][ T5340] ? print_memory_metadata+0x314/0x400 [ 89.059918][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 89.062609][ T5340] check_panic_on_warn+0x89/0xb0 [ 89.065006][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 89.067483][ T5340] end_report+0x78/0x160 [ 89.069440][ T5340] kasan_report+0x129/0x150 [ 89.071460][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 89.073916][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 89.076436][ T5340] kasan_check_range+0x2b0/0x2c0 [ 89.078717][ T5340] ? ext4_xattr_set_entry+0x8e9/0x1e20 [ 89.081230][ T5340] __asan_memmove+0x29/0x70 [ 89.083322][ T5340] ext4_xattr_set_entry+0x8e9/0x1e20 [ 89.085700][ T5340] ext4_xattr_block_set+0x872/0x2ac0 [ 89.088097][ T5340] ? fs_reclaim_acquire+0x7d/0x100 [ 89.090350][ T5340] ? __pfx_check_xattrs+0x10/0x10 [ 89.092700][ T5340] ? __pfx_ext4_xattr_block_set+0x10/0x10 [ 89.095281][ T5340] ? ext4_xattr_block_find+0x2d4/0x350 [ 89.098030][ T5340] ext4_expand_extra_isize_ea+0x12d5/0x1ea0 [ 89.100888][ T5340] __ext4_expand_extra_isize+0x30d/0x400 [ 89.103346][ T5340] __ext4_mark_inode_dirty+0x46c/0x700 [ 89.105655][ T5340] ext4_dirty_inode+0xd0/0x110 [ 89.107694][ T5340] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 89.110050][ T5340] __mark_inode_dirty+0x2ce/0xdf0 [ 89.112214][ T5340] ? i_gid_needs_update+0x51/0x160 [ 89.114499][ T5340] ext4_setattr+0xabc/0x1bc0 [ 89.117048][ T5340] ? __pfx_current_time+0x10/0x10 [ 89.119517][ T5340] ? try_break_deleg+0x79/0x130 [ 89.121841][ T5340] ? __pfx_ext4_setattr+0x10/0x10 [ 89.124028][ T5340] notify_change+0xb33/0xe40 [ 89.126096][ T5340] vfs_utimes+0x3fb/0x570 [ 89.127996][ T5340] ? __pfx_vfs_utimes+0x10/0x10 [ 89.130283][ T5340] ? user_path_at+0x44/0x60 [ 89.132579][ T5340] ? kmem_cache_free+0x18f/0x400 [ 89.135316][ T5340] do_utimes+0x1bd/0x2a0 [ 89.137467][ T5340] ? __pfx_do_utimes+0x10/0x10 [ 89.139601][ T5340] ? rcu_is_watching+0x15/0xb0 [ 89.141741][ T5340] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 89.144326][ T5340] __x64_sys_utime+0x13e/0x200 [ 89.146409][ T5340] ? __pfx___x64_sys_utime+0x10/0x10 [ 89.148749][ T5340] ? do_syscall_64+0xbe/0x3b0 [ 89.150956][ T5340] do_syscall_64+0xfa/0x3b0 [ 89.153268][ T5340] ? lockdep_hardirqs_on+0x9c/0x150 [ 89.155934][ T5340] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.158710][ T5340] ? clear_bhb_loop+0x60/0xb0 [ 89.160755][ T5340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.163264][ T5340] RIP: 0033:0x7f288858e9a9 [ 89.165222][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.173330][ T5340] RSP: 002b:00007f28894e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 89.177062][ T5340] RAX: ffffffffffffffda RBX: 00007f28887b5fa0 RCX: 00007f288858e9a9 [ 89.180722][ T5340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000006a80 [ 89.184376][ T5340] RBP: 00007f2888610d69 R08: 0000000000000000 R09: 0000000000000000 [ 89.187842][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.191264][ T5340] R13: 0000000000000000 R14: 00007f28887b5fa0 R15: 00007ffd33af3bb8 [ 89.194686][ T5340] [ 89.196409][ T5340] Kernel Offset: disabled [ 89.198391][ T5340] Rebooting in 86400 seconds..