program:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000009f00)='cubic', 0x5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
getgid()
r9 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r10=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey72WYTYzadmP18YHafZ+bZnee7z7w8+zy7AXStoewhidgREb9GxEAju7jAUOPp+tXzkzeunp9MYmHhtT+SvNy1q+cny6Ll67YXmeE0Iv0wKXay2OzZcycn6vXamSI/OnfqrdHZs+eeeOfUxInaidrp8SNHDh8ae/qp8Sc7EmcW17V978/s3/viG5denjx26c0fv87qu6PY3hxHpwxlgf+5kGvd9mind1axnU3ppLfCirAqPRGRNVdffv4PRE/caryBeOGDSisHrKvs3rSl/eb5BWATS6LqGgDVKG/02fffcrlDXY8N4cqzjS9AWdzXi6WxpTfSokxfy/fbThqKiGPzf32eLbFO4xAAAM0+nvzsaH9EvHfjq5eyvsdARJTjQffkj7/lj7uKOZTBiPh/ROyOiLsiYk9E3F2UvTci7ltjfW7v/6SX1/iWy8r6f88Uc1uL+39l7y8Ge4rczjz+vuT4dL12sPhMhqNvS5YfW2Yf3z7/yyfttjX3/7Il23/ZFyzqcbm3ZYBuamJuIu+UdsCVixH7epeKP7k5E5BExN6I2Le6t95VJqYf+3J/u0Irx7+MDswzLXyRhTefxT8fLfGXkub5yenb5idHt0a9dnC0PCpu99PPH73abv9rir8DrtQaz03t31pkMGmer53t7P7/5fGf9iev5/PM/cW6dyfm5s6MRfQnR/P8ovXjt15b5svy2fE/fGDp83938Zos/vsjIjuIH4iIByPioaLuD0fEIxFxYJkYf3hu5fgjraj9L0ZMLXn9u3n8t7T/6hM9J7//pt3+/1n7H85Tw8Wa/Pq3gqWqk10uWiu4ls8OAAAA/ivS/DfwSTpyM52mIyON3/Dvif+l9ZnZucePz7x9eqrxW/nB6EvLka6BYjy0Pl2vjSXzxTs2xkfHi7Hicrz0UDFu/GnPtjw/MjlTn6o4duh229uc/5nfe6quHbDOti25drz/jlcEqEDrPHq6OHvhlXAxgM3K/7Whe61w/jf/DwbYZNz/oXstdf5faMmbC4DNyf0fupfzH7pU+l3VNQAq5P4PXWkt/+tfx8TWjVGNahIbtVHyRESZSDdEfSTWKVH1lQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//K2Lmiw==")
sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x60}]}, 0x30}}, 0x0)

[   84.080846][ T5301] Bluetooth: hci0: command tx timeout
[   84.290825][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.0.0'.
[   84.296791][ T5325] netlink: 16 bytes leftover after parsing attributes in process `syz.0.0'.
[   84.301099][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.0.0'.
[   84.328176][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.0.0'.
[   84.343450][ T5325] loop0: detected capacity change from 0 to 512
[   84.394613][ T5325] ------------[ cut here ]------------
[   84.397318][ T5325] EA inode 11 i_nlink=0
[   84.397336][ T5325] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#0: syz.0.0/5325
[   84.405042][ T5325] Modules linked in:
[   84.407144][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   84.411620][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   84.417892][ T5325] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[   84.421673][ T5325] Code: 74 08 4c 89 ef e8 9f 06 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 5b dd 14 09 44 89
[   84.430678][ T5325] RSP: 0000:ffffc9000f607240 EFLAGS: 00010246
[   84.433786][ T5325] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[   84.437687][ T5325] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff90187010
[   84.441616][ T5325] RBP: ffffc9000f607330 R08: ffff888047e8048f R09: 1ffff11008fd0091
[   84.445640][ T5325] R10: dffffc0000000000 R11: ffffed1008fd0092 R12: ffffffff90187010
[   84.450479][ T5325] R13: 000000000000000b R14: 1ffff11008fd005c R15: ffff888047e802e0
[   84.454470][ T5325] FS:  00007f9ae84176c0(0000) GS:ffff88808ca55000(0000) knlGS:0000000000000000
[   84.458485][ T5325] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.461565][ T5325] CR2: 00005585c3846350 CR3: 0000000033707000 CR4: 0000000000352ef0
[   84.466192][ T5325] Call Trace:
[   84.467690][ T5325]  <TASK>
[   84.469152][ T5325]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   84.472191][ T5325]  ? __kmalloc_cache_noprof+0x31c/0x660
[   84.474599][ T5325]  ? ext4_xattr_inode_dec_ref_all+0x4d2/0xe40
[   84.477484][ T5325]  ? __ext4_journal_ensure_credits+0x30/0x450
[   84.481115][ T5325]  ext4_xattr_inode_dec_ref_all+0x8cb/0xe40
[   84.484365][ T5325]  ? __mark_inode_dirty+0xb66/0x1470
[   84.486800][ T5325]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[   84.489787][ T5325]  ? __ext4_journal_get_write_access+0x27f/0x590
[   84.492983][ T5325]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   84.496428][ T5325]  ext4_xattr_delete_inode+0xb45/0xd10
[   84.499963][ T5325]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[   84.503077][ T5325]  ext4_evict_inode+0xa63/0xeb0
[   84.505244][ T5325]  ? __pfx_ext4_evict_inode+0x10/0x10
[   84.507597][ T5325]  ? do_raw_spin_unlock+0x4d/0x210
[   84.509976][ T5325]  ? __pfx_ext4_evict_inode+0x10/0x10
[   84.512602][ T5325]  evict+0x61e/0xb10
[   84.514588][ T5325]  ? __pfx_evict+0x10/0x10
[   84.517049][ T5325]  ? _raw_spin_unlock+0x28/0x50
[   84.519657][ T5325]  ? iput+0xb25/0xe80
[   84.521494][ T5325]  ext4_orphan_cleanup+0xc38/0x1470
[   84.523818][ T5325]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   84.526369][ T5325]  ? ext4_register_li_request+0x640/0x720
[   84.529320][ T5325]  ? errseq_check_and_advance+0x66/0x120
[   84.532172][ T5325]  ext4_fill_super+0x59ff/0x6320
[   84.534526][ T5325]  ? __pfx_ext4_fill_super+0x10/0x10
[   84.537072][ T5325]  ? snprintf+0xe8/0x140
[   84.539172][ T5325]  ? __pfx_snprintf+0x10/0x10
[   84.542704][ T5325]  ? set_blocksize+0x1c9/0x440
[   84.545084][ T5325]  ? sb_set_blocksize+0x155/0x240
[   84.547260][ T5325]  ? setup_bdev_super+0x4c1/0x5b0
[   84.549701][ T5325]  get_tree_bdev_flags+0x431/0x4f0
[   84.553013][ T5325]  ? __pfx_ext4_fill_super+0x10/0x10
[   84.556005][ T5325]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   84.558815][ T5325]  vfs_get_tree+0x92/0x2a0
[   84.560904][ T5325]  do_new_mount+0x341/0xd30
[   84.562877][ T5325]  ? apparmor_capable+0x126/0x170
[   84.565200][ T5325]  ? __pfx_do_new_mount+0x10/0x10
[   84.567742][ T5325]  ? ns_capable+0x89/0xe0
[   84.570246][ T5325]  ? user_path_at+0xd4/0x160
[   84.574790][ T5325]  __se_sys_mount+0x31d/0x420
[   84.577641][ T5325]  ? __pfx___se_sys_mount+0x10/0x10
[   84.580577][ T5325]  ? __x64_sys_mount+0x20/0xc0
[   84.582989][ T5325]  do_syscall_64+0x14d/0xf80
[   84.585334][ T5325]  ? trace_irq_disable+0x3b/0x150
[   84.588296][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.591594][ T5325]  ? clear_bhb_loop+0x40/0x90
[   84.593681][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.596246][ T5325] RIP: 0033:0x7f9ae759da0a
[   84.598285][ T5325] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.607978][ T5325] RSP: 002b:00007f9ae8416e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   84.612152][ T5325] RAX: ffffffffffffffda RBX: 00007f9ae8416ea0 RCX: 00007f9ae759da0a
[   84.615756][ T5325] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f9ae8416e60
[   84.619914][ T5325] RBP: 0000200000000180 R08: 00007f9ae8416ea0 R09: 0000000000000000
[   84.623770][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000001c0
[   84.627158][ T5325] R13: 00007f9ae8416e60 R14: 000000000000046f R15: 0000200000000100
[   84.630580][ T5325]  </TASK>
[   84.632695][ T5325] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   84.636617][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   84.640739][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   84.645048][ T5325] Call Trace:
[   84.647033][ T5325]  <TASK>
[   84.648773][ T5325]  vpanic+0x56c/0xa60
[   84.650912][ T5325]  ? __pfx__printk+0x10/0x10
[   84.653311][ T5325]  ? __pfx_vpanic+0x10/0x10
[   84.655272][ T5325]  ? is_bpf_text_address+0x292/0x2b0
[   84.657489][ T5325]  ? is_bpf_text_address+0x26/0x2b0
[   84.659834][ T5325]  panic+0xc5/0xd0
[   84.661576][ T5325]  ? __pfx_panic+0x10/0x10
[   84.663592][ T5325]  __warn+0x315/0x4f0
[   84.665914][ T5325]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[   84.670141][ T5325]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[   84.673376][ T5325]  __report_bug+0x29a/0x540
[   84.675429][ T5325]  ? ext4_get_group_desc+0x434/0x4e0
[   84.677809][ T5325]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[   84.680454][ T5325]  ? __pfx___report_bug+0x10/0x10
[   84.682621][ T5325]  ? set_normalized_timespec64+0xf0/0x1a0
[   84.685476][ T5325]  ? __ext4_journal_get_write_access+0x84/0x590
[   84.688994][ T5325]  report_bug_entry+0x19a/0x290
[   84.691950][ T5325]  ? ext4_xattr_inode_update_ref+0x511/0x5a0
[   84.694874][ T5325]  ? ext4_xattr_inode_update_ref+0x516/0x5a0
[   84.697650][ T5325]  handle_bug+0xce/0x200
[   84.699541][ T5325]  exc_invalid_op+0x1a/0x50
[   84.701511][ T5325]  asm_exc_invalid_op+0x1a/0x20
[   84.704004][ T5325] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[   84.707802][ T5325] Code: 74 08 4c 89 ef e8 9f 06 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 5b dd 14 09 44 89
[   84.716763][ T5325] RSP: 0000:ffffc9000f607240 EFLAGS: 00010246
[   84.719612][ T5325] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[   84.723473][ T5325] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffff90187010
[   84.727670][ T5325] RBP: ffffc9000f607330 R08: ffff888047e8048f R09: 1ffff11008fd0091
[   84.731377][ T5325] R10: dffffc0000000000 R11: ffffed1008fd0092 R12: ffffffff90187010
[   84.735326][ T5325] R13: 000000000000000b R14: 1ffff11008fd005c R15: ffff888047e802e0
[   84.739471][ T5325]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[   84.742587][ T5325]  ? __kmalloc_cache_noprof+0x31c/0x660
[   84.745354][ T5325]  ? ext4_xattr_inode_dec_ref_all+0x4d2/0xe40
[   84.748247][ T5325]  ? __ext4_journal_ensure_credits+0x30/0x450
[   84.751844][ T5325]  ext4_xattr_inode_dec_ref_all+0x8cb/0xe40
[   84.755319][ T5325]  ? __mark_inode_dirty+0xb66/0x1470
[   84.757719][ T5325]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[   84.760716][ T5325]  ? __ext4_journal_get_write_access+0x27f/0x590
[   84.763630][ T5325]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   84.766789][ T5325]  ext4_xattr_delete_inode+0xb45/0xd10
[   84.769692][ T5325]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[   84.773107][ T5325]  ext4_evict_inode+0xa63/0xeb0
[   84.775505][ T5325]  ? __pfx_ext4_evict_inode+0x10/0x10
[   84.777954][ T5325]  ? do_raw_spin_unlock+0x4d/0x210
[   84.780361][ T5325]  ? __pfx_ext4_evict_inode+0x10/0x10
[   84.782717][ T5325]  evict+0x61e/0xb10
[   84.784918][ T5325]  ? __pfx_evict+0x10/0x10
[   84.787688][ T5325]  ? _raw_spin_unlock+0x28/0x50
[   84.790259][ T5325]  ? iput+0xb25/0xe80
[   84.791977][ T5325]  ext4_orphan_cleanup+0xc38/0x1470
[   84.794190][ T5325]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[   84.796946][ T5325]  ? ext4_register_li_request+0x640/0x720
[   84.799940][ T5325]  ? errseq_check_and_advance+0x66/0x120
[   84.802804][ T5325]  ext4_fill_super+0x59ff/0x6320
[   84.805077][ T5325]  ? __pfx_ext4_fill_super+0x10/0x10
[   84.807517][ T5325]  ? snprintf+0xe8/0x140
[   84.809588][ T5325]  ? __pfx_snprintf+0x10/0x10
[   84.812133][ T5325]  ? set_blocksize+0x1c9/0x440
[   84.814348][ T5325]  ? sb_set_blocksize+0x155/0x240
[   84.816598][ T5325]  ? setup_bdev_super+0x4c1/0x5b0
[   84.818747][ T5325]  get_tree_bdev_flags+0x431/0x4f0
[   84.821110][ T5325]  ? __pfx_ext4_fill_super+0x10/0x10
[   84.823877][ T5325]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[   84.826740][ T5325]  vfs_get_tree+0x92/0x2a0
[   84.828946][ T5325]  do_new_mount+0x341/0xd30
[   84.831038][ T5325]  ? apparmor_capable+0x126/0x170
[   84.833330][ T5325]  ? __pfx_do_new_mount+0x10/0x10
[   84.835624][ T5325]  ? ns_capable+0x89/0xe0
[   84.838027][ T5325]  ? user_path_at+0xd4/0x160
[   84.840880][ T5325]  __se_sys_mount+0x31d/0x420
[   84.843751][ T5325]  ? __pfx___se_sys_mount+0x10/0x10
[   84.846312][ T5325]  ? __x64_sys_mount+0x20/0xc0
[   84.848479][ T5325]  do_syscall_64+0x14d/0xf80
[   84.850502][ T5325]  ? trace_irq_disable+0x3b/0x150
[   84.852990][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.855934][ T5325]  ? clear_bhb_loop+0x40/0x90
[   84.858415][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.861767][ T5325] RIP: 0033:0x7f9ae759da0a
[   84.863952][ T5325] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.872820][ T5325] RSP: 002b:00007f9ae8416e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   84.877514][ T5325] RAX: ffffffffffffffda RBX: 00007f9ae8416ea0 RCX: 00007f9ae759da0a
[   84.881153][ T5325] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f9ae8416e60
[   84.884683][ T5325] RBP: 0000200000000180 R08: 00007f9ae8416ea0 R09: 0000000000000000
[   84.888717][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000001c0
[   84.892889][ T5325] R13: 00007f9ae8416e60 R14: 000000000000046f R15: 0000200000000100
[   84.896523][ T5325]  </TASK>
[   84.898267][ T5325] Kernel Offset: disabled
[   84.900540][ T5325] Rebooting in 86400 seconds..