program:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newsa={0x1a0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {}, {0x0, 0x0, 0x8000000, 0x200}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0xfffffffd, 0x0, 0x0, 0x70bd28}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x18}}]}, 0x1a0}}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x5453, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

[   85.353824][ T5305] Bluetooth: hci0: command tx timeout
[   85.494470][ T5331] loop0: detected capacity change from 0 to 512
[   85.539368][ T5331] ------------[ cut here ]------------
[   85.541890][ T5331] EA inode 11 i_nlink=2
[   85.542053][ T5331] WARNING: CPU: 0 PID: 5331 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.548368][ T5331] Modules linked in:
[   85.550208][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.554002][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.558367][ T5331] RIP: 0010:ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.560752][ T5331] Code: 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 0f 85 80 00 00 00 41 8b 17 48 c7 c7 80 1f 80 8b 4c 89 e6 e8 a7 1b f8 fe 90 <0f> 0b 90 90 4c 8b 6c 24 28 e9 59 fe ff ff e8 f3 0b bd 08 44 89 f9
[   85.568528][ T5331] RSP: 0018:ffffc9000d45f100 EFLAGS: 00010246
[   85.570976][ T5331] RAX: 891139c50b7df300 RBX: 0000000000000001 RCX: 0000000000100000
[   85.573940][ T5331] RDX: ffffc9000e56b000 RSI: 0000000000007d3b RDI: 0000000000007d3c
[   85.577060][ T5331] RBP: ffffc9000d45f1f8 R08: ffff88801fe24293 R09: 1ffff11003fc4852
[   85.580183][ T5331] R10: dffffc0000000000 R11: ffffed1003fc4853 R12: 000000000000000b
[   85.583570][ T5331] R13: ffff888041582020 R14: 1ffff110082b03f2 R15: ffff888041581f90
[   85.586926][ T5331] FS:  00007f1694a826c0(0000) GS:ffff88808d733000(0000) knlGS:0000000000000000
[   85.590884][ T5331] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.593923][ T5331] CR2: 00007f1ec25909c0 CR3: 0000000041de6000 CR4: 0000000000352ef0
[   85.597290][ T5331] Call Trace:
[   85.598681][ T5331]  <TASK>
[   85.599897][ T5331]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[   85.602380][ T5331]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   85.605165][ T5331]  ? ext4_xattr_inode_iget+0x3d2/0x5f0
[   85.607458][ T5331]  ext4_xattr_set_entry+0xabb/0x1e20
[   85.610395][ T5331]  ext4_xattr_ibody_set+0x254/0x6a0
[   85.612706][ T5331]  ext4_expand_extra_isize_ea+0x13ad/0x1ea0
[   85.615708][ T5331]  __ext4_expand_extra_isize+0x30d/0x400
[   85.618395][ T5331]  __ext4_mark_inode_dirty+0x46c/0x700
[   85.621185][ T5331]  ext4_evict_inode+0x80d/0xee0
[   85.623882][ T5331]  ? __pfx_ext4_evict_inode+0x10/0x10
[   85.626335][ T5331]  ? do_raw_spin_unlock+0x4d/0x240
[   85.628601][ T5331]  ? __pfx_ext4_evict_inode+0x10/0x10
[   85.630921][ T5331]  evict+0x504/0x9c0
[   85.632563][ T5331]  ? __pfx_evict+0x10/0x10
[   85.634417][ T5331]  ? do_raw_spin_unlock+0x4d/0x240
[   85.636675][ T5331]  ? _raw_spin_unlock+0x28/0x50
[   85.638999][ T5331]  ? iput+0x946/0xc50
[   85.640851][ T5331]  ext4_orphan_cleanup+0xc20/0x1460
[   85.642991][ T5331]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   85.645553][ T5331]  ? ext4_register_li_request+0x640/0x720
[   85.647903][ T5331]  ? errseq_check_and_advance+0x66/0x120
[   85.650254][ T5331]  ext4_fill_super+0x5920/0x61e0
[   85.652324][ T5331]  ? __pfx_ext4_fill_super+0x10/0x10
[   85.654520][ T5331]  ? snprintf+0xda/0x120
[   85.656201][ T5331]  ? __pfx_snprintf+0x10/0x10
[   85.658224][ T5331]  ? set_blocksize+0x21e/0x500
[   85.660057][ T5331]  ? sb_set_blocksize+0x104/0x180
[   85.661889][ T5331]  ? setup_bdev_super+0x4c1/0x5b0
[   85.663677][ T5331]  get_tree_bdev_flags+0x40e/0x4d0
[   85.665733][ T5331]  ? __pfx_ext4_fill_super+0x10/0x10
[   85.668099][ T5331]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   85.670505][ T5331]  vfs_get_tree+0x92/0x2b0
[   85.672388][ T5331]  do_new_mount+0x302/0xa10
[   85.674367][ T5331]  ? apparmor_capable+0x137/0x1b0
[   85.676538][ T5331]  ? __pfx_do_new_mount+0x10/0x10
[   85.678688][ T5331]  ? ns_capable+0x8a/0xf0
[   85.680471][ T5331]  ? kmem_cache_free+0x19b/0x690
[   85.682636][ T5331]  __se_sys_mount+0x313/0x410
[   85.684688][ T5331]  ? __pfx___se_sys_mount+0x10/0x10
[   85.686981][ T5331]  ? do_syscall_64+0xbe/0xfa0
[   85.688984][ T5331]  ? __x64_sys_mount+0x20/0xc0
[   85.690973][ T5331]  do_syscall_64+0xfa/0xfa0
[   85.692795][ T5331]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.695054][ T5331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.697450][ T5331]  ? clear_bhb_loop+0x60/0xb0
[   85.699240][ T5331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.701578][ T5331] RIP: 0033:0x7f1693b9076a
[   85.703784][ T5331] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.712442][ T5331] RSP: 002b:00007f1694a81e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   85.716452][ T5331] RAX: ffffffffffffffda RBX: 00007f1694a81ef0 RCX: 00007f1693b9076a
[   85.719485][ T5331] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f1694a81eb0
[   85.722646][ T5331] RBP: 0000200000000180 R08: 00007f1694a81ef0 R09: 0000000000800700
[   85.725905][ T5331] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   85.728986][ T5331] R13: 00007f1694a81eb0 R14: 000000000000046f R15: 000000000000002c
[   85.732428][ T5331]  </TASK>
[   85.734019][ T5331] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   85.737206][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.740997][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.745343][ T5331] Call Trace:
[   85.746823][ T5331]  <TASK>
[   85.748076][ T5331]  dump_stack_lvl+0x99/0x250
[   85.750032][ T5331]  ? __asan_memcpy+0x40/0x70
[   85.751972][ T5331]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.754203][ T5331]  ? __pfx__printk+0x10/0x10
[   85.756312][ T5331]  vpanic+0x237/0x6d0
[   85.758005][ T5331]  ? __pfx_vpanic+0x10/0x10
[   85.759851][ T5331]  panic+0xb9/0xc0
[   85.761531][ T5331]  ? __pfx_panic+0x10/0x10
[   85.763447][ T5331]  __warn+0x31b/0x4b0
[   85.765190][ T5331]  ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.767768][ T5331]  ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.770360][ T5331]  report_bug+0x2be/0x4f0
[   85.772433][ T5331]  ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.775026][ T5331]  ? ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.777541][ T5331]  ? ext4_xattr_inode_update_ref+0x51c/0x5b0
[   85.779990][ T5331]  handle_bug+0x84/0x160
[   85.781805][ T5331]  exc_invalid_op+0x1a/0x50
[   85.783660][ T5331]  asm_exc_invalid_op+0x1a/0x20
[   85.785659][ T5331] RIP: 0010:ext4_xattr_inode_update_ref+0x51a/0x5b0
[   85.788852][ T5331] Code: 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 0f 85 80 00 00 00 41 8b 17 48 c7 c7 80 1f 80 8b 4c 89 e6 e8 a7 1b f8 fe 90 <0f> 0b 90 90 4c 8b 6c 24 28 e9 59 fe ff ff e8 f3 0b bd 08 44 89 f9
[   85.796724][ T5331] RSP: 0018:ffffc9000d45f100 EFLAGS: 00010246
[   85.799275][ T5331] RAX: 891139c50b7df300 RBX: 0000000000000001 RCX: 0000000000100000
[   85.802666][ T5331] RDX: ffffc9000e56b000 RSI: 0000000000007d3b RDI: 0000000000007d3c
[   85.805930][ T5331] RBP: ffffc9000d45f1f8 R08: ffff88801fe24293 R09: 1ffff11003fc4852
[   85.809122][ T5331] R10: dffffc0000000000 R11: ffffed1003fc4853 R12: 000000000000000b
[   85.812450][ T5331] R13: ffff888041582020 R14: 1ffff110082b03f2 R15: ffff888041581f90
[   85.815835][ T5331]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[   85.818378][ T5331]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   85.821111][ T5331]  ? ext4_xattr_inode_iget+0x3d2/0x5f0
[   85.823389][ T5331]  ext4_xattr_set_entry+0xabb/0x1e20
[   85.825758][ T5331]  ext4_xattr_ibody_set+0x254/0x6a0
[   85.827984][ T5331]  ext4_expand_extra_isize_ea+0x13ad/0x1ea0
[   85.831414][ T5331]  __ext4_expand_extra_isize+0x30d/0x400
[   85.834182][ T5331]  __ext4_mark_inode_dirty+0x46c/0x700
[   85.836720][ T5331]  ext4_evict_inode+0x80d/0xee0
[   85.838907][ T5331]  ? __pfx_ext4_evict_inode+0x10/0x10
[   85.841264][ T5331]  ? do_raw_spin_unlock+0x4d/0x240
[   85.843601][ T5331]  ? __pfx_ext4_evict_inode+0x10/0x10
[   85.846006][ T5331]  evict+0x504/0x9c0
[   85.847648][ T5331]  ? __pfx_evict+0x10/0x10
[   85.849653][ T5331]  ? do_raw_spin_unlock+0x4d/0x240
[   85.851744][ T5331]  ? _raw_spin_unlock+0x28/0x50
[   85.853988][ T5331]  ? iput+0x946/0xc50
[   85.855706][ T5331]  ext4_orphan_cleanup+0xc20/0x1460
[   85.857935][ T5331]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   85.860317][ T5331]  ? ext4_register_li_request+0x640/0x720
[   85.862871][ T5331]  ? errseq_check_and_advance+0x66/0x120
[   85.865332][ T5331]  ext4_fill_super+0x5920/0x61e0
[   85.867576][ T5331]  ? __pfx_ext4_fill_super+0x10/0x10
[   85.869781][ T5331]  ? snprintf+0xda/0x120
[   85.871635][ T5331]  ? __pfx_snprintf+0x10/0x10
[   85.873735][ T5331]  ? set_blocksize+0x21e/0x500
[   85.875494][ T5331]  ? sb_set_blocksize+0x104/0x180
[   85.877737][ T5331]  ? setup_bdev_super+0x4c1/0x5b0
[   85.879901][ T5331]  get_tree_bdev_flags+0x40e/0x4d0
[   85.882168][ T5331]  ? __pfx_ext4_fill_super+0x10/0x10
[   85.884327][ T5331]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   85.886770][ T5331]  vfs_get_tree+0x92/0x2b0
[   85.888705][ T5331]  do_new_mount+0x302/0xa10
[   85.890594][ T5331]  ? apparmor_capable+0x137/0x1b0
[   85.892709][ T5331]  ? __pfx_do_new_mount+0x10/0x10
[   85.894853][ T5331]  ? ns_capable+0x8a/0xf0
[   85.896500][ T5331]  ? kmem_cache_free+0x19b/0x690
[   85.898417][ T5331]  __se_sys_mount+0x313/0x410
[   85.900388][ T5331]  ? __pfx___se_sys_mount+0x10/0x10
[   85.902706][ T5331]  ? do_syscall_64+0xbe/0xfa0
[   85.904721][ T5331]  ? __x64_sys_mount+0x20/0xc0
[   85.906842][ T5331]  do_syscall_64+0xfa/0xfa0
[   85.908849][ T5331]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.911193][ T5331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.913831][ T5331]  ? clear_bhb_loop+0x60/0xb0
[   85.915887][ T5331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.918491][ T5331] RIP: 0033:0x7f1693b9076a
[   85.920365][ T5331] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.928355][ T5331] RSP: 002b:00007f1694a81e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   85.931805][ T5331] RAX: ffffffffffffffda RBX: 00007f1694a81ef0 RCX: 00007f1693b9076a
[   85.935185][ T5331] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f1694a81eb0
[   85.938596][ T5331] RBP: 0000200000000180 R08: 00007f1694a81ef0 R09: 0000000000800700
[   85.942084][ T5331] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   85.945508][ T5331] R13: 00007f1694a81eb0 R14: 000000000000046f R15: 000000000000002c
[   85.948946][ T5331]  </TASK>
[   85.950611][ T5331] Kernel Offset: disabled
[   85.952330][ T5331] Rebooting in 86400 seconds..