program:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) (async)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0) (async)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r1, 0x0, 0x0, 0x800, 0x0, 0x0)
recvfrom(r1, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x1, 0x0, 0xffffffffffffffb5)
sendmsg$802154_raw(r1, 0x0, 0x30008080) (async)
sendmsg$802154_raw(r1, 0x0, 0x30008080)
sendmmsg$alg(r1, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161942, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = open_tree(0xffffffffffffffff, &(0x7f00000006c0)='./file0\x00', 0x100)
io_uring_enter(r4, 0x1cee, 0xc8be, 0x10, &(0x7f0000000700)={[0xffff]}, 0x8)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = eventfd(0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r5, 0x0, 0x2})
syz_emit_ethernet(0xfe5c, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty}, {0x0, 0x17c1, 0x9c, 0x0, @wg=@initiation={0x1, 0x1, "717c72635f3b384bdfc23b7cdbd1617d39980ae0343d91a3756391fe0a9a66d4", "0838dbc96ba13dd069ce9c1099890915a06c22e110516ac8db72cf46be8a2cd2288112c641ae96fd6321aabb617c7209", "7b8d57a7c7bce1276d915e2d6d05e53c86a47b318a3ac04c5dd38853", {"7719eecd7b1f5591c287cd8bdc5cb100", "705e0032bb769f2581b5b6ae81bd7bad"}}}}}}}, 0x0) (async)
syz_emit_ethernet(0xfe5c, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty}, {0x0, 0x17c1, 0x9c, 0x0, @wg=@initiation={0x1, 0x1, "717c72635f3b384bdfc23b7cdbd1617d39980ae0343d91a3756391fe0a9a66d4", "0838dbc96ba13dd069ce9c1099890915a06c22e110516ac8db72cf46be8a2cd2288112c641ae96fd6321aabb617c7209", "7b8d57a7c7bce1276d915e2d6d05e53c86a47b318a3ac04c5dd38853", {"7719eecd7b1f5591c287cd8bdc5cb100", "705e0032bb769f2581b5b6ae81bd7bad"}}}}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000000)={[{@barrier_val}, {@errors_remount}, {@nodiscard}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x487, &(0x7f0000000200)="$eJzs289vFFUcAPDvTH8A8qMV8QeIWiUmjcaWFlQOXjSaGILRRA94rO1CGhZqaDWCRIoxnkwMiZ6NR6N/gTdjYtSTiVdPngwJUS6Ap5qZnYHt0h/Cbhnofj7J7r6383be++7bmXn73m4AXWsou0sitkTEHxEx0MguLjDUeLhy6czk1UtnJpNYWHjz7yQvd/nSmcmyaPm6zUVmOI1IP0mKShabPXX62ES9XjtZ5Efnjr87Onvq9DPvH584WjtaOzF+4MD+fWPPPzf+bEfizOK6vOujmd07X337/GuTh8+/88t3WXu3FNub4+iUoSzwfxZyrdue7HRlFdvalE56K2wIN6UnIrLu6suP/4HoieudNxCvfFxp44A1lV2bNiy/eX4BWMeSqLoFQDXKC332/be83aahxx3h4ouNL0BZ3FeKW2NLb6RFmb6W77edNBQRh+f//Sq7xRrNQwAANPts8stD/RHx4dVvD2Zjj4GIKOeDHsjv/8zvtxVrKIMRcW9EbI+I+yJiR0TcX5R9MCIearM9N45/0gtt7nJF2fjvhWJta/H4rxz9xWBPkduax9+XHJmu1/YW78lw9G3I8mMr1PHDy79/vty25vFfdsvqL8eCRTsu9LZM0E1NzE3kg9IOuHguYlfvUvEn11YCkojYGRG7bm7X28r1wOmnvtm9XKHV419BB9aZFr7OwpvP4p+PlvhLSfP65PQN65OjG6Ne2ztafipu9Otvn76xXP1txd8BF2uNx6b+by0ymDSv1852tv5b/Pyn/clb+Tpzf/HcBxNzcyfHIvqTQ3l+0fPj119b5svy2ed/eM/Sx//24jVZ/A9HRPYhfiQiHo2Ix4q2Px4RT0TEnhVi/Pml1eOPtKL+Pxcxlfd/b7Qe/4WW/r/5RM+xn75frv7/1//789Rw8Ux+/lvFUs3JThetDWznvQMAAIC7RZr/Bj5JR66l03RkpPEb/h1xT1qfmZ17+sjMeyemGr+VH4y+tJzpGijmQ+vT9dpYMl/ssTE/Ol7MFZfzpfuKeeMvejbl+ZHJmfpUxbFDt9u8zPGf+aun6tYBa2zTks+O99/2hgAVaF1HTxdnz74eTgawXvm/NnSvVY7/5v/BAOuM6z90r6WO/7MteWsBsD6tdP038wfrm/E/dKn0x6pbAFTI9R+6Ujv/629KlLOD7e6nTGzs0H7uykSnOmVNEhFlIq2g9oNxR7wJqyTKg+tOac8tJao7JwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTSfwEAAP//1bTeRw==")

[   87.427839][ T5305] Bluetooth: hci0: command tx timeout
[   87.640858][ T5328] loop0: detected capacity change from 0 to 512
[   87.697370][ T5328] ------------[ cut here ]------------
[   87.700940][ T5328] EA inode 11 i_nlink=0
[   87.700957][ T5328] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#0: syz.0.0/5328
[   87.709331][ T5328] Modules linked in:
[   87.711202][ T5328] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   87.718087][ T5328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.726616][ T5328] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[   87.731293][ T5328] Code: 74 08 4c 89 ef e8 7f 97 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 bb 3a 13 09 44 89
[   87.740449][ T5328] RSP: 0000:ffffc9000df47240 EFLAGS: 00010246
[   87.743194][ T5328] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[   87.746392][ T5328] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff90181ff0
[   87.749651][ T5328] RBP: ffffc9000df47330 R08: ffff8880476977af R09: 1ffff11008ed2ef5
[   87.753268][ T5328] R10: dffffc0000000000 R11: ffffed1008ed2ef6 R12: ffffffff90181ff0
[   87.756981][ T5328] R13: 000000000000000b R14: 1ffff11008ed2ec0 R15: ffff888047697600
[   87.763852][ T5328] FS:  00007f134b02b6c0(0000) GS:ffff88808ca62000(0000) knlGS:0000000000000000
[   87.768859][ T5328] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.773489][ T5328] CR2: 00007f59655f3720 CR3: 0000000036985000 CR4: 0000000000352ef0
[   87.797941][ T5328] Call Trace:
[   87.799479][ T5328]  <TASK>
[   87.800926][ T5328]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   87.804096][ T5328]  ? __kmalloc_cache_noprof+0x31c/0x660
[   87.806712][ T5328]  ? ext4_xattr_inode_dec_ref_all+0x4d2/0xe40
[   87.809530][ T5328]  ? __ext4_journal_ensure_credits+0x30/0x450
[   87.812575][ T5328]  ext4_xattr_inode_dec_ref_all+0x8cb/0xe40
[   87.816232][ T5328]  ? __mark_inode_dirty+0xb66/0x1470
[   87.819301][ T5328]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[   87.822062][ T5328]  ? __ext4_journal_get_write_access+0x27f/0x590
[   87.825134][ T5328]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   87.829187][ T5328]  ext4_xattr_delete_inode+0xb45/0xd10
[   87.832056][ T5328]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[   87.835283][ T5328]  ext4_evict_inode+0xa63/0xeb0
[   87.838106][ T5328]  ? __pfx_ext4_evict_inode+0x10/0x10
[   87.840441][ T5328]  ? do_raw_spin_unlock+0x4d/0x210
[   87.843088][ T5328]  ? __pfx_ext4_evict_inode+0x10/0x10
[   87.845603][ T5328]  evict+0x61e/0xb10
[   87.848722][ T5328]  ? __pfx_evict+0x10/0x10
[   87.851295][ T5328]  ? _raw_spin_unlock+0x28/0x50
[   87.877787][ T5328]  ? iput+0xb25/0xe80
[   87.879442][ T5328]  ext4_orphan_cleanup+0xc38/0x1470
[   87.881714][ T5328]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   87.884120][ T5328]  ? ext4_register_li_request+0x640/0x720
[   87.886448][ T5328]  ? errseq_check_and_advance+0x66/0x120
[   87.889091][ T5328]  ext4_fill_super+0x59ff/0x6320
[   87.891153][ T5328]  ? __pfx_ext4_fill_super+0x10/0x10
[   87.893766][ T5328]  ? snprintf+0xe8/0x140
[   87.895770][ T5328]  ? __pfx_snprintf+0x10/0x10
[   87.898347][ T5328]  ? set_blocksize+0x1c9/0x440
[   87.900512][ T5328]  ? sb_set_blocksize+0x155/0x240
[   87.905913][ T5328]  ? setup_bdev_super+0x4c1/0x5b0
[   87.923487][ T5328]  get_tree_bdev_flags+0x431/0x4f0
[   87.926421][ T5328]  ? __pfx_ext4_fill_super+0x10/0x10
[   87.930992][ T5328]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   87.935544][ T5328]  vfs_get_tree+0x92/0x2a0
[   87.938709][ T5328]  do_new_mount+0x341/0xd30
[   87.942589][ T5328]  ? apparmor_capable+0x137/0x1a0
[   87.949489][ T5328]  ? __pfx_do_new_mount+0x10/0x10
[   87.953556][ T5328]  ? ns_capable+0x89/0xe0
[   87.956423][ T5328]  ? user_path_at+0xd4/0x160
[   87.959057][ T5328]  __se_sys_mount+0x31d/0x420
[   87.961846][ T5328]  ? __pfx___se_sys_mount+0x10/0x10
[   87.994033][ T5328]  ? __x64_sys_mount+0x20/0xc0
[   87.995906][ T5328]  do_syscall_64+0x14d/0xf80
[   87.997917][ T5328]  ? trace_irq_disable+0x3b/0x150
[   88.012384][ T5328]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.015915][ T5328]  ? clear_bhb_loop+0x40/0x90
[   88.032955][ T5328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.035629][ T5328] RIP: 0033:0x7f134a19d20a
[   88.037398][ T5328] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   88.076952][ T5328] RSP: 002b:00007f134b02ae58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   88.081771][ T5328] RAX: ffffffffffffffda RBX: 00007f134b02aee0 RCX: 00007f134a19d20a
[   88.100363][ T5328] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f134b02aea0
[   88.113814][ T5328] RBP: 0000200000000180 R08: 00007f134b02aee0 R09: 0000000000800700
[   88.117534][ T5328] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   88.122156][ T5328] R13: 00007f134b02aea0 R14: 0000000000000487 R15: 000000000000002c
[   88.126264][ T5328]  </TASK>
[   88.128071][ T5328] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   88.131101][ T5328] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   88.134863][ T5328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.139615][ T5328] Call Trace:
[   88.141193][ T5328]  <TASK>
[   88.142597][ T5328]  vpanic+0x56c/0xa60
[   88.144461][ T5328]  ? __pfx__printk+0x10/0x10
[   88.146627][ T5328]  ? __pfx_vpanic+0x10/0x10
[   88.148771][ T5328]  ? is_bpf_text_address+0x292/0x2b0
[   88.151072][ T5328]  ? is_bpf_text_address+0x26/0x2b0
[   88.153442][ T5328]  panic+0xc5/0xd0
[   88.156784][ T5328]  ? __pfx_panic+0x10/0x10
[   88.158652][ T5328]  __warn+0x315/0x4f0
[   88.161368][ T5328]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[   88.167692][ T5328]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[   88.173811][ T5328]  __report_bug+0x29a/0x540
[   88.178177][ T5328]  ? ext4_get_group_desc+0x434/0x4e0
[   88.205318][ T5328]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[   88.211773][ T5328]  ? __pfx___report_bug+0x10/0x10
[   88.214801][ T5328]  ? set_normalized_timespec64+0xf0/0x1a0
[   88.217476][ T5328]  ? __ext4_journal_get_write_access+0x84/0x590
[   88.220245][ T5328]  report_bug_entry+0x19a/0x290
[   88.232446][ T5328]  ? ext4_xattr_inode_update_ref+0x511/0x5a0
[   88.236622][ T5328]  ? ext4_xattr_inode_update_ref+0x516/0x5a0
[   88.239435][ T5328]  handle_bug+0xca/0x200
[   88.241357][ T5328]  exc_invalid_op+0x1a/0x50
[   88.243294][ T5328]  asm_exc_invalid_op+0x1a/0x20
[   88.245326][ T5328] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[   88.248027][ T5328] Code: 74 08 4c 89 ef e8 7f 97 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 bb 3a 13 09 44 89
[   88.297367][ T5328] RSP: 0000:ffffc9000df47240 EFLAGS: 00010246
[   88.299916][ T5328] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[   88.303344][ T5328] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff90181ff0
[   88.306300][ T5328] RBP: ffffc9000df47330 R08: ffff8880476977af R09: 1ffff11008ed2ef5
[   88.309368][ T5328] R10: dffffc0000000000 R11: ffffed1008ed2ef6 R12: ffffffff90181ff0
[   88.312399][ T5328] R13: 000000000000000b R14: 1ffff11008ed2ec0 R15: ffff888047697600
[   88.320998][ T5328]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   88.338553][ T5328]  ? __kmalloc_cache_noprof+0x31c/0x660
[   88.341424][ T5328]  ? ext4_xattr_inode_dec_ref_all+0x4d2/0xe40
[   88.343943][ T5328]  ? __ext4_journal_ensure_credits+0x30/0x450
[   88.346232][ T5328]  ext4_xattr_inode_dec_ref_all+0x8cb/0xe40
[   88.348554][ T5328]  ? __mark_inode_dirty+0xb66/0x1470
[   88.350604][ T5328]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[   88.353613][ T5328]  ? __ext4_journal_get_write_access+0x27f/0x590
[   88.373076][ T5328]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   88.376831][ T5328]  ext4_xattr_delete_inode+0xb45/0xd10
[   88.379939][ T5328]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[   88.397519][ T5328]  ext4_evict_inode+0xa63/0xeb0
[   88.399664][ T5328]  ? __pfx_ext4_evict_inode+0x10/0x10
[   88.410844][ T5328]  ? do_raw_spin_unlock+0x4d/0x210
[   88.412907][ T5328]  ? __pfx_ext4_evict_inode+0x10/0x10
[   88.415019][ T5328]  evict+0x61e/0xb10
[   88.416598][ T5328]  ? __pfx_evict+0x10/0x10
[   88.418668][ T5328]  ? _raw_spin_unlock+0x28/0x50
[   88.420937][ T5328]  ? iput+0xb25/0xe80
[   88.442168][ T5328]  ext4_orphan_cleanup+0xc38/0x1470
[   88.444586][ T5328]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   88.457389][ T5328]  ? ext4_register_li_request+0x640/0x720
[   88.459975][ T5328]  ? errseq_check_and_advance+0x66/0x120
[   88.469210][ T5328]  ext4_fill_super+0x59ff/0x6320
[   88.479009][ T5328]  ? __pfx_ext4_fill_super+0x10/0x10
[   88.481286][ T5328]  ? snprintf+0xe8/0x140
[   88.483185][ T5328]  ? __pfx_snprintf+0x10/0x10
[   88.485284][ T5328]  ? set_blocksize+0x1c9/0x440
[   88.487401][ T5328]  ? sb_set_blocksize+0x155/0x240
[   88.489616][ T5328]  ? setup_bdev_super+0x4c1/0x5b0
[   88.491818][ T5328]  get_tree_bdev_flags+0x431/0x4f0
[   88.514195][ T5328]  ? __pfx_ext4_fill_super+0x10/0x10
[   88.516507][ T5328]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   88.523440][ T5328]  vfs_get_tree+0x92/0x2a0
[   88.525781][ T5328]  do_new_mount+0x341/0xd30
[   88.528110][ T5328]  ? apparmor_capable+0x137/0x1a0
[   88.530891][ T5328]  ? __pfx_do_new_mount+0x10/0x10
[   88.535096][ T5328]  ? ns_capable+0x89/0xe0
[   88.537496][ T5328]  ? user_path_at+0xd4/0x160
[   88.539819][ T5328]  __se_sys_mount+0x31d/0x420
[   88.542346][ T5328]  ? __pfx___se_sys_mount+0x10/0x10
[   88.545095][ T5328]  ? __x64_sys_mount+0x20/0xc0
[   88.547530][ T5328]  do_syscall_64+0x14d/0xf80
[   88.549709][ T5328]  ? trace_irq_disable+0x3b/0x150
[   88.551725][ T5328]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.554189][ T5328]  ? clear_bhb_loop+0x40/0x90
[   88.556068][ T5328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.559713][ T5328] RIP: 0033:0x7f134a19d20a
[   88.577118][ T5328] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   88.592934][ T5328] RSP: 002b:00007f134b02ae58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   88.597197][ T5328] RAX: ffffffffffffffda RBX: 00007f134b02aee0 RCX: 00007f134a19d20a
[   88.601160][ T5328] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f134b02aea0
[   88.605219][ T5328] RBP: 0000200000000180 R08: 00007f134b02aee0 R09: 0000000000800700
[   88.609302][ T5328] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   88.615713][ T5328] R13: 00007f134b02aea0 R14: 0000000000000487 R15: 000000000000002c
[   88.623391][ T5328]  </TASK>
[   88.625401][ T5328] Kernel Offset: disabled
[   88.628215][ T5328] Rebooting in 86400 seconds..