program:
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nouid32}, {@mblk_io_submit}, {@i_version}]}, 0x1, 0x746, &(0x7f0000000f40)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulG5vWUkGkogcpVop689Bud7ehZLdbspvShIpWFMGTSPHsj5M3/wFRBL15FDx7kkKRUi+CsDLb2bjt7jabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJlupiYiTd/e7c/taMV2SaDZf/y1p7ZPmo+MzqT1Z5rGI+O79iEO57nLrK6uLhUqlvJTl5xrVy3P1ldXDF6uFhfJC+dL88WePzp+Yf+bE/JbF+sd7r54/9dVLX9x498dfXnvr1JNJnIy92bbOOLbKbMxm38lk+hXe48WtLmzEklEfAJuS3po77t7lsT+mY0crBQD8l70dEU0AYMwk2n8AGDPt/wO0x/aGMQ72T3brhYjY1Sv+iWzMbldrHHT3neSekZEkIma2oPzZiLj65gdfp0sMaRwSoJd3rkfEuZnZ7vov6ZqzsFFPD7DP7H159R9sn2/T/s+JXv2f3Fr/J3r0f6Z63Lubsf79n7u5BcX0lfb/nuvZ/12btDazI8v9v9Xnm0wuXKyU07rtkYg4GJNTaf7IA8o49vHzP/Tb1tn/S5e0/HZfMDuOmxNT936mVGgUHibmTreuRzw+0Sv+ZO38J336v2cGLKPx/ROf99u2fvzD1fws4qme5//vGW1Jx/zEqeianzjXuh7m2ldFt/yH0/v6lT/q+NPzv/vB8c8knfM16xsv46dP/ny537bNXv87kzda6Z3ZuquFRmPpSMTO5JXu9R1TSNv59v5p/AcPPLj+63X9p38Tnhsw/sVPvzy/+fiHK42/tKHzv/HEgZ+/6R1PM5ttvO75P9ZKHczWDFL/DXqAD/PdAQAAAAAAAAAAAAAAAAAAAAAAAMCgchGxN5Jcfi2dy+Xzd9/h/WjszlVq9cahC7XlS6VovSt7JiZz7SddTnc8D/VI9jz8dn7+vvzRiNgXETem/tfK54u1SmnUwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZk+f9/+nfp0a9dEBAEOza9QHAABsO+0/AIwf7T8AjB/tPwCMH+0/AIwf7T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDdub06XRp/n77WjHNl66sLC/WrhwuleuL+epyMV+sLV3OL9RqC5Vyvlirrvf7KrXa5fnjsXx1rlGuN+bqK6tnq7XlS42zF6uFhfLZ8uS2RAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1NfWV0sVCrlJQkJCYm1xKhrJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/h78CAAD//6LRHug=")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d6159ca171ce1a3090054cf32d71e14ef3dc177e9b48b0000000100", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
fallocate(r0, 0x10, 0x3, 0x7c27)

[   85.844850][ T5295] Bluetooth: hci0: command tx timeout
[   86.267403][ T5333] loop0: detected capacity change from 0 to 2048
[   86.318878][ T5333] EXT4-fs: Ignoring removed mblk_io_submit option
[   86.429099][ T5333] EXT4-fs: Ignoring removed i_version option
[   86.676684][ T5333] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.783688][ T5333] loop0: detected capacity change from 2048 to 64
[   86.844587][ T5334] ==================================================================
[   86.851889][ T5334] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[   86.865877][ T5334] Read of size 18446744073709551600 at addr ffff888045b78eb8 by task syz.0.0/5334
[   86.873926][ T5334] 
[   86.876430][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.876450][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.876459][ T5334] Call Trace:
[   86.876466][ T5334]  <TASK>
[   86.876474][ T5334]  dump_stack_lvl+0xe8/0x150
[   86.876495][ T5334]  print_address_description+0x55/0x1e0
[   86.876509][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   86.876529][ T5334]  print_report+0x58/0x70
[   86.876539][ T5334]  kasan_report+0x117/0x150
[   86.876556][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   86.876575][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   86.876591][ T5334]  kasan_check_range+0x264/0x2c0
[   86.876607][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   86.876625][ T5334]  __asan_memmove+0x29/0x70
[   86.876638][ T5334]  ext4_xattr_set_entry+0x9c1/0x1e20
[   86.876660][ T5334]  ext4_xattr_ibody_set+0x254/0x6a0
[   86.876680][ T5334]  ext4_destroy_inline_data_nolock+0x23a/0x5e0
[   86.876697][ T5334]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   86.876714][ T5334]  ? trace_kmalloc+0x2a/0xf0
[   86.876728][ T5334]  ? __asan_memcpy+0x40/0x70
[   86.876740][ T5334]  ? ext4_read_inline_data+0x103/0x2c0
[   86.876754][ T5334]  ext4_convert_inline_data_nolock+0x208/0x990
[   86.876772][ T5334]  ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10
[   86.876785][ T5334]  ? down_write+0x16d/0x200
[   86.876868][ T5334]  ext4_convert_inline_data+0x4ce/0x600
[   86.876885][ T5334]  ? __pfx_ext4_convert_inline_data+0x10/0x10
[   86.876899][ T5334]  ? down_write+0x16d/0x200
[   86.876911][ T5334]  ? vfs_fallocate+0x5f0/0x7e0
[   86.876929][ T5334]  ext4_fallocate+0x1e2/0x3d0
[   86.876943][ T5334]  vfs_fallocate+0x669/0x7e0
[   86.876958][ T5334]  ? __fget_files+0x2a/0x420
[   86.876972][ T5334]  ? __pfx_vfs_fallocate+0x10/0x10
[   86.876986][ T5334]  ? __fget_files+0x2a/0x420
[   86.876999][ T5334]  __x64_sys_fallocate+0xc0/0x110
[   86.877015][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.877028][ T5334]  do_syscall_64+0x174/0x580
[   86.877040][ T5334]  ? trace_irq_disable+0x3b/0x140
[   86.877056][ T5334]  ? clear_bhb_loop+0x40/0x90
[   86.877069][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.877083][ T5334] RIP: 0033:0x7f3a7ef9ce59
[   86.877097][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   86.877107][ T5334] RSP: 002b:00007f3a7fe35fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   86.877121][ T5334] RAX: ffffffffffffffda RBX: 00007f3a7f216090 RCX: 00007f3a7ef9ce59
[   86.877129][ T5334] RDX: 0000000000000003 RSI: 0000000000000010 RDI: 0000000000000005
[   86.877137][ T5334] RBP: 00007f3a7f032d6f R08: 0000000000000000 R09: 0000000000000000
[   86.877146][ T5334] R10: 0000000000007c27 R11: 0000000000000246 R12: 0000000000000000
[   86.877153][ T5334] R13: 00007f3a7f216128 R14: 00007f3a7f216090 R15: 00007ffe04c95278
[   86.877165][ T5334]  </TASK>
[   86.877169][ T5334] 
[   87.208782][ T5334] The buggy address belongs to the physical page:
[   87.215623][ T5334] page: refcount:2 mapcount:0 mapping:ffff88801cc25940 index:0x2 pfn:0x45b78
[   87.221420][ T5334] memcg:ffff8880439d9a00
[   87.226580][ T5334] aops:def_blk_aops ino:700000 dentry name(?):""
[   87.240730][ T5334] flags: 0x4fff38000004224(referenced|lru|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[   87.268425][ T5334] raw: 04fff38000004224 ffffea00013ec9c8 ffffea00010fd988 ffff88801cc25940
[   87.274517][ T5334] raw: 0000000000000002 ffff8880463219f8 00000002ffffffff ffff8880439d9a00
[   87.278011][ T5334] page dumped because: kasan: bad access detected
[   87.280572][ T5334] page_owner tracks the page as allocated
[   87.283671][ T5334] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5334, tgid 5332 (syz.0.0), ts 86825637327, free_ts 86768109906
[   87.321659][ T5334]  post_alloc_hook+0x22d/0x280
[   87.338650][ T5334]  get_page_from_freelist+0x2593/0x2610
[   87.345177][ T5334]  __alloc_frozen_pages_noprof+0x18d/0x380
[   87.348829][ T5334]  alloc_pages_mpol+0x235/0x490
[   87.351900][ T5334]  alloc_pages_noprof+0xac/0x2a0
[   87.355085][ T5334]  folio_alloc_noprof+0x1e/0x30
[   87.357612][ T5334]  filemap_alloc_folio_noprof+0x111/0x470
[   87.359895][ T5334]  __filemap_get_folio_mpol+0x3fc/0xb00
[   87.362898][ T5334]  bdev_getblk+0x1f6/0x6e0
[   87.365280][ T5334]  __ext4_get_inode_loc+0x528/0xfa0
[   87.370991][ T5334]  ext4_get_inode_loc+0x81/0xf0
[   87.374954][ T5334]  ext4_convert_inline_data+0x26e/0x600
[   87.379774][ T5334]  ext4_fallocate+0x1e2/0x3d0
[   87.383760][ T5334]  vfs_fallocate+0x669/0x7e0
[   87.386952][ T5334]  __x64_sys_fallocate+0xc0/0x110
[   87.390843][ T5334]  do_syscall_64+0x174/0x580
[   87.394148][ T5334] page last free pid 5333 tgid 5332 stack trace:
[   87.397372][ T5334]  free_unref_folios+0xd9f/0x14c0
[   87.399410][ T5334]  folios_put_refs+0x9ff/0xb40
[   87.401311][ T5334]  mapping_try_invalidate+0x3c2/0x4c0
[   87.403813][ T5334]  loop_set_status+0x29b/0xe40
[   87.406384][ T5334]  lo_ioctl+0xc21/0x1fb0
[   87.408676][ T5334]  blkdev_ioctl+0x5e3/0x740
[   87.411271][ T5334]  __se_sys_ioctl+0xfc/0x170
[   87.414178][ T5334]  do_syscall_64+0x174/0x580
[   87.416936][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.428299][ T5334] 
[   87.429731][ T5334] Memory state around the buggy address:
[   87.432210][ T5334]  ffff888045b78d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.437610][ T5334]  ffff888045b78e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.442908][ T5334] >ffff888045b78e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.448411][ T5334]                                         ^
[   87.453288][ T5334]  ffff888045b78f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.457794][ T5334]  ffff888045b78f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   87.479040][ T5334] ==================================================================
[   87.571724][ T5334] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   87.586052][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.600408][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.614595][ T5334] Call Trace:
[   87.617682][ T5334]  <TASK>
[   87.624576][ T5334]  vpanic+0x56c/0xa60
[   87.642052][ T5334]  ? __pfx_vpanic+0x10/0x10
[   87.644900][ T5334]  ? __pfx___schedule+0x10/0x10
[   87.647826][ T5334]  panic+0xc5/0xd0
[   87.651475][ T5334]  ? __pfx_panic+0x10/0x10
[   87.667306][ T5334]  ? preempt_schedule_thunk+0x16/0x30
[   87.669860][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   87.673173][ T5334]  check_panic_on_warn+0x89/0xb0
[   87.676262][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   87.679617][ T5334]  end_report+0x73/0x170
[   87.695724][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   87.710036][ T5334]  kasan_report+0x128/0x150
[   87.712068][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   87.728865][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   87.736642][ T5334]  kasan_check_range+0x264/0x2c0
[   87.738993][ T5334]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   87.741549][ T5334]  __asan_memmove+0x29/0x70
[   87.761094][ T5334]  ext4_xattr_set_entry+0x9c1/0x1e20
[   87.767539][ T5334]  ext4_xattr_ibody_set+0x254/0x6a0
[   87.769659][ T5334]  ext4_destroy_inline_data_nolock+0x23a/0x5e0
[   87.772147][ T5334]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   87.774990][ T5334]  ? trace_kmalloc+0x2a/0xf0
[   87.776911][ T5334]  ? __asan_memcpy+0x40/0x70
[   87.824238][ T5334]  ? ext4_read_inline_data+0x103/0x2c0
[   87.867719][ T5334]  ext4_convert_inline_data_nolock+0x208/0x990
[   87.870498][ T5334]  ? __pfx_ext4_convert_inline_data_nolock+0x10/0x10
[   87.886135][ T5334]  ? down_write+0x16d/0x200
[   87.888800][ T5334]  ext4_convert_inline_data+0x4ce/0x600
[   87.896790][ T5334]  ? __pfx_ext4_convert_inline_data+0x10/0x10
[   87.904549][ T5334]  ? down_write+0x16d/0x200
[   87.906465][ T5334]  ? vfs_fallocate+0x5f0/0x7e0
[   87.908430][ T5334]  ext4_fallocate+0x1e2/0x3d0
[   87.910352][ T5334]  vfs_fallocate+0x669/0x7e0
[   87.912179][ T5334]  ? __fget_files+0x2a/0x420
[   87.927296][ T5334]  ? __pfx_vfs_fallocate+0x10/0x10
[   87.929339][ T5334]  ? __fget_files+0x2a/0x420
[   87.937736][ T5334]  __x64_sys_fallocate+0xc0/0x110
[   87.944111][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.950271][ T5334]  do_syscall_64+0x174/0x580
[   87.958242][ T5334]  ? trace_irq_disable+0x3b/0x140
[   87.964298][ T5334]  ? clear_bhb_loop+0x40/0x90
[   87.966277][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.968660][ T5334] RIP: 0033:0x7f3a7ef9ce59
[   87.978600][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.998097][ T5334] RSP: 002b:00007f3a7fe35fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   88.011356][ T5334] RAX: ffffffffffffffda RBX: 00007f3a7f216090 RCX: 00007f3a7ef9ce59
[   88.023362][ T5334] RDX: 0000000000000003 RSI: 0000000000000010 RDI: 0000000000000005
[   88.027773][ T5334] RBP: 00007f3a7f032d6f R08: 0000000000000000 R09: 0000000000000000
[   88.041234][ T5334] R10: 0000000000007c27 R11: 0000000000000246 R12: 0000000000000000
[   88.067360][ T5334] R13: 00007f3a7f216128 R14: 00007f3a7f216090 R15: 00007ffe04c95278
[   88.081043][ T5334]  </TASK>
[   88.087227][ T5334] Kernel Offset: disabled
[   88.096433][ T5334] Rebooting in 86400 seconds..