program:
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x800718, &(0x7f00000003c0)={[{@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x60}}, {@nobh}, {@resgid}, {@resuid}, {@nombcache}, {@noblock_validity}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}]}, 0x22, 0x4a3, &(0x7f0000000980)="$eJzs281rHOUfAPDvTF77mvz66++ltWq0CEExadKqPXhRFEQqCnqox7jZltBtI00E+4KNIp4EKehZPIr+BeJFBFFPgifBkycpFM2lrafI7M4k2U02bZJNtnY/H9js88w8O/N8d+aZeeZ5NgF0rKHsTxKxOyJ+jYiBWra+wFDt7eb85dKt+culJBYWXv0jqZa7MX+5VBQtPrcrzwynEen7Sb6TejMXLp6ZqFTK5/P86OzZvjw5cbp8unxu/PjxY0fHnnpy/ImWxJnFdePgO9OHDrzw+tWXSievvvHDl1l9d+frl8exTr+MNlkxlAX+50JV47pHNrizu9WeZemku40VYV268ldPtf0PRFcsHbyBeP69tlYO2FLZvamv+eq5BeAelkS7awC0R3Gj3znfVcqegVc+Bw9sZfej7a4/E5E98mRx38xftTXdkeZlehqeb1tpKCJOzv31afaKzY1DAADckQ9Ln5zojYhLt754Met7LPX20u7/Vt9/q/7dm/cEByPiXxGxLyL+HRH7I+I/EZGV/V9E/H+T9VnZ/0mvbXKTa8r6f0/nc1v1/b+i9xeDXXluTzX+nuTUVKV8JP9OhqOnL8uPrbGPb577+aNm65b3/7JXtv+iL5jX41p3wwDd5MTsRLVT2gLX34042J0kK+NPFmcCkog4EBEH17fpvUVi6tHPDzUrdPv419CCeaaFz7Lw5rLjPxcN8ReS2vzkm6MzFy4+PnW2cX5ytD8q5SOjxVmx0o8/ffBKs/3X4u/Pc6vHv2PzYTZ1vVx7X3b8l61dbANL87Uzrd3/Bs//tDd5rTrP3Jsve3tidvb8WERvcqKar1s+vvTZIl+Uz87/4cOrt/99+Wey439fRGQn8f0R8UBEPJjX/aGIeDgiDq8R4/fP3j7+SDdw/rdAFv/kqte/xfN/MKk7/utPdJ357qtm+7+z43+smhrOl1Svfw2Shvxq1emO6Gus4Ga/PwAAAPgnSKu/gU/SkcV0mo6M1H7Dvz92ppXpmdnHTk2/dW6y9lv5wehJi5GugXw8tDJVKY8lc/kWa+Oj4/lYcTFeejQfN/64a0c1P1Karky2OXbodLuatP/M713trh2wxeqnl4oJ4PHetlQG2GaN8+hpffbKy+FiAPcq/68Nnes27T/drnoA28/9HzrXau3/SkPeXADcm9z/oXNp/9Ch0m9XXfz1tlcEaAf3f+hIm/m//i1M9N8d1WhPYrsPSqyrcBSJtO1fVKsS/XFXVGPjiUt5a27lltt8YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiRvwMAAP//6zPa6w==")
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000007c0), 0x2002, 0x0)
pwritev2(r0, &(0x7f0000000680)=[{&(0x7f0000000080)="36b4bac7", 0x4}, {0x0}], 0x2, 0x101, 0x9, 0x0)

[   67.584680][ T4649] Bluetooth: hci0: command tx timeout
[   67.658576][ T5316] loop0: detected capacity change from 0 to 512
[   67.670095][ T5316] EXT4-fs: Ignoring removed nobh option
[   67.711489][ T5316] ------------[ cut here ]------------
[   67.713996][ T5316] EA inode 11 i_nlink=1026
[   67.714010][ T5316] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4cc/0x590, CPU#0: syz.0.0/5316
[   67.722575][ T5316] Modules linked in:
[   67.724533][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   67.728524][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   67.732815][ T5316] RIP: 0010:ext4_xattr_inode_update_ref+0x50c/0x590
[   67.735860][ T5316] Code: 08 4c 89 e7 e8 05 7b 95 ff 4d 8b 24 24 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 07 84 c0 75 73 41 8b 55 00 48 89 df 4c 89 e6 <67> 48 0f b9 3a e9 5f fe ff ff e8 55 ba 10 09 44 89 e9 80 e1 07 80
[   67.744713][ T5316] RSP: 0018:ffffc90002f27260 EFLAGS: 00010246
[   67.747479][ T5316] RAX: 0000000000000000 RBX: ffffffff9038daf0 RCX: dffffc0000000000
[   67.750956][ T5316] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff9038daf0
[   67.754895][ T5316] RBP: ffffc90002f27350 R08: ffff88801f43330f R09: 1ffff11003e86661
[   67.758984][ T5316] R10: dffffc0000000000 R11: ffffed1003e86662 R12: 000000000000000b
[   67.762441][ T5316] R13: ffff88801f433168 R14: 0000000000000000 R15: 1ffff11003e8662d
[   67.766017][ T5316] FS:  00007f51e26726c0(0000) GS:ffff88808c846000(0000) knlGS:0000000000000000
[   67.769839][ T5316] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   67.772737][ T5316] CR2: 00007ff813795000 CR3: 0000000012c68000 CR4: 0000000000352ef0
[   67.776675][ T5316] Call Trace:
[   67.778618][ T5316]  <TASK>
[   67.780207][ T5316]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   67.782906][ T5316]  ? __kmalloc_cache_noprof+0x318/0x660
[   67.785235][ T5316]  ? ext4_xattr_inode_dec_ref_all+0x3d9/0xec0
[   67.788038][ T5316]  ? __ext4_journal_ensure_credits+0x30/0x450
[   67.790899][ T5316]  ext4_xattr_inode_dec_ref_all+0x7c0/0xec0
[   67.794158][ T5316]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[   67.797194][ T5316]  ? __ext4_journal_get_write_access+0x27f/0x590
[   67.800154][ T5316]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   67.802921][ T5316]  ext4_xattr_delete_inode+0xb42/0xd10
[   67.805207][ T5316]  ? ext4_truncate+0xb95/0x1090
[   67.807337][ T5316]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[   67.810261][ T5316]  ? __ext4_mark_inode_dirty+0x4c1/0x700
[   67.813145][ T5316]  ext4_evict_inode+0xc31/0x10c0
[   67.815414][ T5316]  ? __pfx_ext4_evict_inode+0x10/0x10
[   67.817867][ T5316]  ? do_raw_spin_unlock+0x4d/0x210
[   67.820158][ T5316]  ? __pfx_ext4_evict_inode+0x10/0x10
[   67.822494][ T5316]  evict+0x624/0xb50
[   67.824155][ T5316]  ? rcu_is_watching+0x15/0xb0
[   67.826322][ T5316]  ? __pfx_evict+0x10/0x10
[   67.828306][ T5316]  ? do_raw_spin_unlock+0x4d/0x210
[   67.830623][ T5316]  ? _raw_spin_unlock+0x28/0x50
[   67.833005][ T5316]  ? iput+0xb84/0xf00
[   67.834892][ T5316]  ext4_orphan_cleanup+0xc7a/0x14c0
[   67.837416][ T5316]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   67.840006][ T5316]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   67.842513][ T5316]  ? ext4_register_li_request+0x640/0x720
[   67.844988][ T5316]  ? errseq_check_and_advance+0x66/0x120
[   67.847619][ T5316]  ext4_fill_super+0x5cb4/0x65c0
[   67.849731][ T5316]  ? __pfx_ext4_fill_super+0x10/0x10
[   67.852355][ T5316]  ? snprintf+0xe8/0x140
[   67.854812][ T5316]  ? __pfx_snprintf+0x10/0x10
[   67.857317][ T5316]  ? set_blocksize+0x1c9/0x440
[   67.859700][ T5316]  ? sb_set_blocksize+0x155/0x240
[   67.861837][ T5316]  ? setup_bdev_super+0x4c1/0x5b0
[   67.863945][ T5316]  get_tree_bdev_flags+0x430/0x4f0
[   67.866180][ T5316]  ? __pfx_ext4_fill_super+0x10/0x10
[   67.868456][ T5316]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   67.870876][ T5316]  vfs_get_tree+0x92/0x2a0
[   67.873102][ T5316]  do_new_mount+0x319/0xdc0
[   67.875318][ T5316]  ? __pfx_do_new_mount+0x10/0x10
[   67.877824][ T5316]  ? ns_capable+0x89/0xe0
[   67.879777][ T5316]  ? path_mount+0x647/0x1040
[   67.881786][ T5316]  ? user_path_at+0xd4/0x160
[   67.883794][ T5316]  __se_sys_mount+0x31d/0x420
[   67.886021][ T5316]  ? __pfx___se_sys_mount+0x10/0x10
[   67.888636][ T5316]  ? rcu_is_watching+0x15/0xb0
[   67.891005][ T5316]  ? __x64_sys_mount+0x20/0xc0
[   67.893127][ T5316]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.895879][ T5316]  do_syscall_64+0x174/0x580
[   67.897876][ T5316]  ? trace_irq_disable+0x3b/0x140
[   67.900528][ T5316]  ? clear_bhb_loop+0x40/0x90
[   67.902979][ T5316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.906018][ T5316] RIP: 0033:0x7f51e179e0ca
[   67.907867][ T5316] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.915959][ T5316] RSP: 002b:00007f51e2671e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   67.919446][ T5316] RAX: ffffffffffffffda RBX: 00007f51e2671ea0 RCX: 00007f51e179e0ca
[   67.922701][ T5316] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f51e2671e60
[   67.926289][ T5316] RBP: 0000200000000180 R08: 00007f51e2671ea0 R09: 0000000000800718
[   67.930183][ T5316] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[   67.934644][ T5316] R13: 00007f51e2671e60 R14: 00000000000004a3 R15: 00002000000003c0
[   67.938029][ T5316]  </TASK>
[   67.939424][ T5316] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   67.942581][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   67.946599][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   67.951350][ T5316] Call Trace:
[   67.952906][ T5316]  <TASK>
[   67.954550][ T5316]  vpanic+0x56c/0xa60
[   67.956568][ T5316]  ? __pfx__printk+0x10/0x10
[   67.958809][ T5316]  ? __pfx_vpanic+0x10/0x10
[   67.961466][ T5316]  ? is_bpf_text_address+0x292/0x2b0
[   67.963725][ T5316]  ? is_bpf_text_address+0x26/0x2b0
[   67.965950][ T5316]  panic+0xc5/0xd0
[   67.967677][ T5316]  ? __pfx_panic+0x10/0x10
[   67.969590][ T5316]  __warn+0x315/0x4c0
[   67.971300][ T5316]  ? ext4_xattr_inode_update_ref+0x4cc/0x590
[   67.974599][ T5316]  ? ext4_xattr_inode_update_ref+0x4cc/0x590
[   67.977623][ T5316]  __report_bug+0x331/0x530
[   67.979775][ T5316]  ? ext4_xattr_inode_update_ref+0x4cc/0x590
[   67.982411][ T5316]  ? __pfx___report_bug+0x10/0x10
[   67.984548][ T5316]  ? __ext4_get_inode_loc+0x6b4/0xf40
[   67.986748][ T5316]  ? ext4_fill_super+0x5cb4/0x65c0
[   67.989028][ T5316]  ? set_normalized_timespec64+0xf0/0x1a0
[   67.991661][ T5316]  ? __ext4_journal_get_write_access+0x84/0x590
[   67.995079][ T5316]  report_bug_entry+0x19a/0x290
[   67.997973][ T5316]  ? ext4_xattr_inode_update_ref+0x50c/0x590
[   68.000622][ T5316]  ? ext4_xattr_inode_update_ref+0x511/0x590
[   68.003215][ T5316]  handle_bug+0xce/0x200
[   68.005103][ T5316]  exc_invalid_op+0x1a/0x50
[   68.007076][ T5316]  asm_exc_invalid_op+0x1a/0x20
[   68.009207][ T5316] RIP: 0010:ext4_xattr_inode_update_ref+0x50c/0x590
[   68.012427][ T5316] Code: 08 4c 89 e7 e8 05 7b 95 ff 4d 8b 24 24 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 07 84 c0 75 73 41 8b 55 00 48 89 df 4c 89 e6 <67> 48 0f b9 3a e9 5f fe ff ff e8 55 ba 10 09 44 89 e9 80 e1 07 80
[   68.020640][ T5316] RSP: 0018:ffffc90002f27260 EFLAGS: 00010246
[   68.023351][ T5316] RAX: 0000000000000000 RBX: ffffffff9038daf0 RCX: dffffc0000000000
[   68.026966][ T5316] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff9038daf0
[   68.030846][ T5316] RBP: ffffc90002f27350 R08: ffff88801f43330f R09: 1ffff11003e86661
[   68.034277][ T5316] R10: dffffc0000000000 R11: ffffed1003e86662 R12: 000000000000000b
[   68.037581][ T5316] R13: ffff88801f433168 R14: 0000000000000000 R15: 1ffff11003e8662d
[   68.040944][ T5316]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   68.043841][ T5316]  ? __kmalloc_cache_noprof+0x318/0x660
[   68.046411][ T5316]  ? ext4_xattr_inode_dec_ref_all+0x3d9/0xec0
[   68.049175][ T5316]  ? __ext4_journal_ensure_credits+0x30/0x450
[   68.051822][ T5316]  ext4_xattr_inode_dec_ref_all+0x7c0/0xec0
[   68.054445][ T5316]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[   68.057381][ T5316]  ? __ext4_journal_get_write_access+0x27f/0x590
[   68.060345][ T5316]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   68.063149][ T5316]  ext4_xattr_delete_inode+0xb42/0xd10
[   68.065396][ T5316]  ? ext4_truncate+0xb95/0x1090
[   68.067437][ T5316]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[   68.069909][ T5316]  ? __ext4_mark_inode_dirty+0x4c1/0x700
[   68.072295][ T5316]  ext4_evict_inode+0xc31/0x10c0
[   68.074958][ T5316]  ? __pfx_ext4_evict_inode+0x10/0x10
[   68.077679][ T5316]  ? do_raw_spin_unlock+0x4d/0x210
[   68.079955][ T5316]  ? __pfx_ext4_evict_inode+0x10/0x10
[   68.082171][ T5316]  evict+0x624/0xb50
[   68.083725][ T5316]  ? rcu_is_watching+0x15/0xb0
[   68.085675][ T5316]  ? __pfx_evict+0x10/0x10
[   68.087496][ T5316]  ? do_raw_spin_unlock+0x4d/0x210
[   68.089717][ T5316]  ? _raw_spin_unlock+0x28/0x50
[   68.091895][ T5316]  ? iput+0xb84/0xf00
[   68.093625][ T5316]  ext4_orphan_cleanup+0xc7a/0x14c0
[   68.096333][ T5316]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   68.099545][ T5316]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   68.101833][ T5316]  ? ext4_register_li_request+0x640/0x720
[   68.104130][ T5316]  ? errseq_check_and_advance+0x66/0x120
[   68.106419][ T5316]  ext4_fill_super+0x5cb4/0x65c0
[   68.108433][ T5316]  ? __pfx_ext4_fill_super+0x10/0x10
[   68.110496][ T5316]  ? snprintf+0xe8/0x140
[   68.112385][ T5316]  ? __pfx_snprintf+0x10/0x10
[   68.114314][ T5316]  ? set_blocksize+0x1c9/0x440
[   68.116556][ T5316]  ? sb_set_blocksize+0x155/0x240
[   68.119511][ T5316]  ? setup_bdev_super+0x4c1/0x5b0
[   68.122082][ T5316]  get_tree_bdev_flags+0x430/0x4f0
[   68.124325][ T5316]  ? __pfx_ext4_fill_super+0x10/0x10
[   68.126459][ T5316]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   68.128684][ T5316]  vfs_get_tree+0x92/0x2a0
[   68.130480][ T5316]  do_new_mount+0x319/0xdc0
[   68.132347][ T5316]  ? __pfx_do_new_mount+0x10/0x10
[   68.134558][ T5316]  ? ns_capable+0x89/0xe0
[   68.136538][ T5316]  ? path_mount+0x647/0x1040
[   68.138620][ T5316]  ? user_path_at+0xd4/0x160
[   68.140558][ T5316]  __se_sys_mount+0x31d/0x420
[   68.142975][ T5316]  ? __pfx___se_sys_mount+0x10/0x10
[   68.145962][ T5316]  ? rcu_is_watching+0x15/0xb0
[   68.148585][ T5316]  ? __x64_sys_mount+0x20/0xc0
[   68.150883][ T5316]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.153671][ T5316]  do_syscall_64+0x174/0x580
[   68.155358][ T5316]  ? trace_irq_disable+0x3b/0x140
[   68.157317][ T5316]  ? clear_bhb_loop+0x40/0x90
[   68.159127][ T5316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.161478][ T5316] RIP: 0033:0x7f51e179e0ca
[   68.163484][ T5316] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.172563][ T5316] RSP: 002b:00007f51e2671e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   68.176118][ T5316] RAX: ffffffffffffffda RBX: 00007f51e2671ea0 RCX: 00007f51e179e0ca
[   68.179931][ T5316] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f51e2671e60
[   68.183798][ T5316] RBP: 0000200000000180 R08: 00007f51e2671ea0 R09: 0000000000800718
[   68.187551][ T5316] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[   68.191048][ T5316] R13: 00007f51e2671e60 R14: 00000000000004a3 R15: 00002000000003c0
[   68.194534][ T5316]  </TASK>
[   68.196200][ T5316] Kernel Offset: disabled
[   68.198002][ T5316] Rebooting in 86400 seconds..