program:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000c80)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@grpquota}, {@barrier_val}, {@grpjquota}, {}, {}, {@usrjquota}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x20010, r0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1e5)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2, 0x8005, 0x0, 0x0, 0x19, 0x1d, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f0000003a80)='\t', 0x1, 0x8000c61)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)

[   74.756228][ T4683] Bluetooth: hci0: command tx timeout
[   74.809527][ T5335] loop0: detected capacity change from 0 to 2048
[   74.836194][ T5335] EXT4-fs: Ignoring removed mblk_io_submit option
[   74.890001][ T5335] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.905993][   T25] audit: type=1800 audit(1753752798.949:2): pid=5335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=15 res=0 errno=0
[   74.979703][ T5335] loop0: detected capacity change from 2048 to 64
[   74.999581][ T5335] ==================================================================
[   75.003454][ T5335] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[   75.006929][ T5335] Read of size 18446744073709551600 at addr ffff88804d59aeb8 by task syz.0.0/5335
[   75.010947][ T5335] 
[   75.012020][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[   75.012034][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.012039][ T5335] Call Trace:
[   75.012046][ T5335]  <TASK>
[   75.012051][ T5335]  dump_stack_lvl+0x189/0x250
[   75.012063][ T5335]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.012073][ T5335]  ? rcu_is_watching+0x15/0xb0
[   75.012082][ T5335]  ? __kasan_check_byte+0x12/0x40
[   75.012091][ T5335]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.012099][ T5335]  ? rcu_is_watching+0x15/0xb0
[   75.012107][ T5335]  ? lock_release+0x4b/0x3e0
[   75.012115][ T5335]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.012122][ T5335]  ? __virt_addr_valid+0x4a5/0x5c0
[   75.012130][ T5335]  print_report+0xca/0x240
[   75.012137][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.012145][ T5335]  kasan_report+0x118/0x150
[   75.012153][ T5335]  ? bdev_getblk+0x80/0x660
[   75.012164][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.012176][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.012188][ T5335]  kasan_check_range+0x2b0/0x2c0
[   75.012201][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.012213][ T5335]  __asan_memmove+0x29/0x70
[   75.012222][ T5335]  ext4_xattr_set_entry+0x9c1/0x1e20
[   75.012239][ T5335]  ext4_xattr_ibody_set+0x254/0x6a0
[   75.012255][ T5335]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   75.012267][ T5335]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   75.012278][ T5335]  ? down_write+0x162/0x1f0
[   75.012355][ T5335]  ? ext4_journal_check_start+0x1cf/0x2b0
[   75.012372][ T5335]  ext4_destroy_inline_data+0x83/0xe0
[   75.012388][ T5335]  ext4_do_writepages+0x562/0x3f30
[   75.012399][ T5335]  ? unwind_get_return_address+0x4d/0x90
[   75.012412][ T5335]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   75.012435][ T5335]  ? stack_trace_save+0x9c/0xe0
[   75.012447][ T5335]  ? __pfx_stack_trace_save+0x10/0x10
[   75.012462][ T5335]  ? __pfx_hlock_conflict+0x10/0x10
[   75.012483][ T5335]  ? lockdep_unlock+0x89/0x120
[   75.012498][ T5335]  ? validate_chain+0x897/0x2140
[   75.012513][ T5335]  ? __pfx_ext4_do_writepages+0x10/0x10
[   75.012529][ T5335]  ? __lock_acquire+0xab9/0xd20
[   75.012542][ T5335]  ? rcu_read_lock_any_held+0xb3/0x120
[   75.012558][ T5335]  ext4_writepages+0x205/0x350
[   75.012573][ T5335]  ? __pfx_ext4_writepages+0x10/0x10
[   75.012588][ T5335]  ? __lock_acquire+0xab9/0xd20
[   75.012601][ T5335]  ? __pfx_ext4_writepages+0x10/0x10
[   75.012615][ T5335]  do_writepages+0x32e/0x550
[   75.012627][ T5335]  ? do_raw_spin_unlock+0x4d/0x240
[   75.012641][ T5335]  file_write_and_wait_range+0x22c/0x330
[   75.012655][ T5335]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   75.012679][ T5335]  generic_buffers_fsync_noflush+0x6c/0x180
[   75.012694][ T5335]  ext4_sync_file+0x332/0xb20
[   75.012708][ T5335]  ext4_buffered_write_iter+0x2ca/0x3a0
[   75.012721][ T5335]  ext4_file_write_iter+0x298/0x1bc0
[   75.012738][ T5335]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.012753][ T5335]  vfs_write+0x548/0xa90
[   75.012765][ T5335]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.012776][ T5335]  ? __pfx_vfs_write+0x10/0x10
[   75.012790][ T5335]  ? __fget_files+0x2a/0x420
[   75.012805][ T5335]  __x64_sys_pwrite64+0x193/0x220
[   75.012817][ T5335]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[   75.012829][ T5335]  ? rcu_is_watching+0x15/0xb0
[   75.012841][ T5335]  ? do_syscall_64+0xbe/0x3b0
[   75.012856][ T5335]  do_syscall_64+0xfa/0x3b0
[   75.012870][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.012881][ T5335]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.012891][ T5335]  ? clear_bhb_loop+0x60/0xb0
[   75.012903][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.012912][ T5335] RIP: 0033:0x7f245fb8e9a9
[   75.012922][ T5335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.012932][ T5335] RSP: 002b:00007f2460add038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   75.012944][ T5335] RAX: ffffffffffffffda RBX: 00007f245fdb5fa0 RCX: 00007f245fb8e9a9
[   75.012952][ T5335] RDX: 0000000000000001 RSI: 0000200000003a80 RDI: 0000000000000008
[   75.012959][ T5335] RBP: 00007f245fc10d69 R08: 0000000000000000 R09: 0000000000000000
[   75.012965][ T5335] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000000
[   75.012972][ T5335] R13: 0000000000000000 R14: 00007f245fdb5fa0 R15: 00007ffe029ecff8
[   75.012983][ T5335]  </TASK>
[   75.012987][ T5335] 
[   75.201223][ T5335] The buggy address belongs to the physical page:
[   75.203978][ T5335] page: refcount:3 mapcount:0 mapping:ffff888031c4cd78 index:0x2 pfn:0x4d59a
[   75.207781][ T5335] memcg:ffff888030470d00
[   75.209795][ T5335] aops:def_blk_aops ino:700000 dentry name(?):""
[   75.212536][ T5335] flags: 0x4fff18000004214(referenced|dirty|workingset|private|node=1|zone=1|lastcpupid=0x7ff)
[   75.216941][ T5335] raw: 04fff18000004214 0000000000000000 dead000000000122 ffff888031c4cd78
[   75.220422][ T5335] raw: 0000000000000002 ffff888031c73658 00000003ffffffff ffff888030470d00
[   75.223908][ T5335] page dumped because: kasan: bad access detected
[   75.226487][ T5335] page_owner tracks the page as allocated
[   75.228811][ T5335] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 5335, tgid 5334 (syz.0.0), ts 74997642805, free_ts 74996065663
[   75.236843][ T5335]  post_alloc_hook+0x240/0x2a0
[   75.238985][ T5335]  get_page_from_freelist+0x21e4/0x22c0
[   75.241363][ T5335]  __alloc_frozen_pages_noprof+0x181/0x370
[   75.243898][ T5335]  alloc_pages_mpol+0x232/0x4a0
[   75.246012][ T5335]  alloc_pages_noprof+0xa9/0x190
[   75.248300][ T5335]  folio_alloc_noprof+0x1e/0x30
[   75.250658][ T5335]  filemap_alloc_folio_noprof+0xdf/0x470
[   75.253309][ T5335]  __filemap_get_folio+0x3f2/0xaf0
[   75.255676][ T5335]  bdev_getblk+0x1ad/0x660
[   75.257566][ T5335]  __ext4_get_inode_loc+0x561/0x1040
[   75.259991][ T5335]  ext4_get_inode_loc+0x81/0xf0
[   75.262212][ T5335]  ext4_xattr_ibody_get+0x111/0x510
[   75.264695][ T5335]  ext4_xattr_get+0x123/0x6a0
[   75.266845][ T5335]  __vfs_getxattr+0x3f1/0x430
[   75.269085][ T5335]  cap_inode_need_killpriv+0x45/0x60
[   75.272268][ T5335]  security_inode_need_killpriv+0x89/0x270
[   75.275242][ T5335] page last free pid 5309 tgid 5309 stack trace:
[   75.278114][ T5335]  free_unref_folios+0xc66/0x14d0
[   75.280553][ T5335]  folios_put_refs+0x559/0x640
[   75.282838][ T5335]  free_pages_and_swap_cache+0x4be/0x520
[   75.285350][ T5335]  tlb_flush_mmu+0x3a0/0x680
[   75.287348][ T5335]  tlb_finish_mmu+0xc3/0x1d0
[   75.289429][ T5335]  vms_clear_ptes+0x42c/0x540
[   75.291460][ T5335]  vms_complete_munmap_vmas+0x206/0x8a0
[   75.294126][ T5335]  do_vmi_align_munmap+0x358/0x420
[   75.296748][ T5335]  do_vmi_munmap+0x253/0x2e0
[   75.298757][ T5335]  __vm_munmap+0x23b/0x3d0
[   75.300709][ T5335]  __x64_sys_munmap+0x60/0x70
[   75.302721][ T5335]  do_syscall_64+0xfa/0x3b0
[   75.304640][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.307076][ T5335] 
[   75.307999][ T5335] Memory state around the buggy address:
[   75.310644][ T5335]  ffff88804d59ad80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.316472][ T5335]  ffff88804d59ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.320497][ T5335] >ffff88804d59ae80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.324029][ T5335]                                         ^
[   75.326745][ T5335]  ffff88804d59af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.330567][ T5335]  ffff88804d59af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.333988][ T5335] ==================================================================
[   75.361122][ T5335] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   75.364330][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[   75.369318][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.374124][ T5335] Call Trace:
[   75.375694][ T5335]  <TASK>
[   75.377027][ T5335]  dump_stack_lvl+0x99/0x250
[   75.379077][ T5335]  ? __asan_memcpy+0x40/0x70
[   75.381058][ T5335]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.383347][ T5335]  ? __pfx__printk+0x10/0x10
[   75.385337][ T5335]  panic+0x2db/0x790
[   75.386995][ T5335]  ? __pfx_preempt_schedule+0x10/0x10
[   75.389535][ T5335]  ? __pfx_panic+0x10/0x10
[   75.391507][ T5335]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   75.394125][ T5335]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.397035][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.399528][ T5335]  check_panic_on_warn+0x89/0xb0
[   75.401678][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.404197][ T5335]  end_report+0x78/0x160
[   75.406085][ T5335]  kasan_report+0x129/0x150
[   75.408087][ T5335]  ? bdev_getblk+0x80/0x660
[   75.410204][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.412403][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.414601][ T5335]  kasan_check_range+0x2b0/0x2c0
[   75.416701][ T5335]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.418982][ T5335]  __asan_memmove+0x29/0x70
[   75.420879][ T5335]  ext4_xattr_set_entry+0x9c1/0x1e20
[   75.423187][ T5335]  ext4_xattr_ibody_set+0x254/0x6a0
[   75.425471][ T5335]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   75.428082][ T5335]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   75.430846][ T5335]  ? down_write+0x162/0x1f0
[   75.432751][ T5335]  ? ext4_journal_check_start+0x1cf/0x2b0
[   75.435167][ T5335]  ext4_destroy_inline_data+0x83/0xe0
[   75.437437][ T5335]  ext4_do_writepages+0x562/0x3f30
[   75.439807][ T5335]  ? unwind_get_return_address+0x4d/0x90
[   75.442271][ T5335]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   75.444872][ T5335]  ? stack_trace_save+0x9c/0xe0
[   75.447020][ T5335]  ? __pfx_stack_trace_save+0x10/0x10
[   75.449425][ T5335]  ? __pfx_hlock_conflict+0x10/0x10
[   75.451919][ T5335]  ? lockdep_unlock+0x89/0x120
[   75.454168][ T5335]  ? validate_chain+0x897/0x2140
[   75.456463][ T5335]  ? __pfx_ext4_do_writepages+0x10/0x10
[   75.459008][ T5335]  ? __lock_acquire+0xab9/0xd20
[   75.461119][ T5335]  ? rcu_read_lock_any_held+0xb3/0x120
[   75.463439][ T5335]  ext4_writepages+0x205/0x350
[   75.465472][ T5335]  ? __pfx_ext4_writepages+0x10/0x10
[   75.467713][ T5335]  ? __lock_acquire+0xab9/0xd20
[   75.469829][ T5335]  ? __pfx_ext4_writepages+0x10/0x10
[   75.472202][ T5335]  do_writepages+0x32e/0x550
[   75.474342][ T5335]  ? do_raw_spin_unlock+0x4d/0x240
[   75.476754][ T5335]  file_write_and_wait_range+0x22c/0x330
[   75.478970][ T5335]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   75.481605][ T5335]  generic_buffers_fsync_noflush+0x6c/0x180
[   75.484039][ T5335]  ext4_sync_file+0x332/0xb20
[   75.485840][ T5335]  ext4_buffered_write_iter+0x2ca/0x3a0
[   75.488096][ T5335]  ext4_file_write_iter+0x298/0x1bc0
[   75.490307][ T5335]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.492684][ T5335]  vfs_write+0x548/0xa90
[   75.494683][ T5335]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.497368][ T5335]  ? __pfx_vfs_write+0x10/0x10
[   75.499638][ T5335]  ? __fget_files+0x2a/0x420
[   75.501934][ T5335]  __x64_sys_pwrite64+0x193/0x220
[   75.504408][ T5335]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[   75.507070][ T5335]  ? rcu_is_watching+0x15/0xb0
[   75.509279][ T5335]  ? do_syscall_64+0xbe/0x3b0
[   75.511414][ T5335]  do_syscall_64+0xfa/0x3b0
[   75.513430][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.516108][ T5335]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   75.518760][ T5335]  ? clear_bhb_loop+0x60/0xb0
[   75.520795][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.523325][ T5335] RIP: 0033:0x7f245fb8e9a9
[   75.525499][ T5335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.533860][ T5335] RSP: 002b:00007f2460add038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   75.537410][ T5335] RAX: ffffffffffffffda RBX: 00007f245fdb5fa0 RCX: 00007f245fb8e9a9
[   75.540848][ T5335] RDX: 0000000000000001 RSI: 0000200000003a80 RDI: 0000000000000008
[   75.544196][ T5335] RBP: 00007f245fc10d69 R08: 0000000000000000 R09: 0000000000000000
[   75.547690][ T5335] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000000
[   75.551409][ T5335] R13: 0000000000000000 R14: 00007f245fdb5fa0 R15: 00007ffe029ecff8
[   75.554668][ T5335]  </TASK>
[   75.556283][ T5335] Kernel Offset: disabled
[   75.558081][ T5335] Rebooting in 86400 seconds..