last executing test programs:

3.29670536s ago: executing program 4 (id=5):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
syz_open_dev$sg(&(0x7f0000000280), 0x80000000002, 0x1)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x2005c840)
socket$inet6(0xa, 0x2, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x200200, 0x0)
ioctl$IOMMU_HWPT_INVALIDATE$TEST(r1, 0x3b8d, &(0x7f0000000140)={0x20, 0x0, &(0x7f00000000c0)=[{0x0, 0x2}, {}, {0x0, 0x3}, {0x1}, {0x0, 0x3}, {0x0, 0x1}, {0x1}], 0xdeadbeef, 0x8, 0x7})
r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup.net/devices.allow/file0\x00', 0x650802, 0x1a7)
write$cgroup_devices(r2, 0x0, 0x21)

3.167932197s ago: executing program 1 (id=7):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x0)
mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x11, &(0x7f00000001c0))

3.040342626s ago: executing program 1 (id=8):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f0000000380)={[{@nolazytime}, {@auto_da_alloc}, {@sysvgroups}, {@norecovery}, {@jqfmt_vfsv0}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
munmap(&(0x7f0000001000/0x2000)=nil, 0x2000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x800)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
preadv2(r0, &(0x7f0000000280)=[{&(0x7f0000001200)=""/4096, 0x1000}, {0x0}], 0x2, 0x0, 0x0, 0x0)

2.8721293s ago: executing program 3 (id=10):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000900)={[{@noblock_validity}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@resuid}, {@dioread_lock}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004900)='./file0\x00', 0x434002, 0xf8)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

2.519990502s ago: executing program 0 (id=1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000063000040"])

2.249994615s ago: executing program 2 (id=12):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r1)
eventfd2(0xfffffffe, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x40, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

2.239011081s ago: executing program 0 (id=13):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x40)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000600), 0x404, &(0x7f00000001c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
lremovexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)=@random={'security.', 'x\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

2.208038237s ago: executing program 3 (id=14):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
move_mount(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x200)

2.061306779s ago: executing program 1 (id=15):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x3, &(0x7f0000000bc0)=@framed, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='contention_begin\x00', r0}, 0x18)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r2, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x4e22, @remote}}}, 0x118)

2.036498147s ago: executing program 3 (id=16):
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000000)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000100)=0x4)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f00000001c0)=0x1fff)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000740)={"808653769f50df58624295cc7aeae1914d55ba337e30f9a12499193c721e5882fd645f9bb2e2cf88f1c084f6a82522cec7592c4114e068ac3f651dc519c1dc1e763bb8e987153e52c192c5e8652809b057e483fa3281dc50559a0867e1a66e314026cfe30b84c3a1d0bf3db7a748162421014d3fcac3c4cb7e6a22e3938e05c03693bd4a88b47311dd93bede2a46065704f63fd88dacc60ec3004705fe45c8dd154025e7ba8e0e8ebd0e9036ccf370829c44b18e0b759644657724838f714cdffc3937dbf27e0b34eb6d21a0a453b8f9b469e8a61de2c33888e5413a5f884be17c8d210994dedefd3ed29099fb61c4e943a7f2d2af4a47e64d63af12b3b054007d645d4b3e55b34cb894bd58b1d21a45bf9418a78b60c7b5341b9107bf4b0d37fe622a36cd305f2fa2f566786d636838eaf8658e432510170ce247ecc5102e890fb9a6faf4671421b1173995c262bfe6d45c5a0eda06109f0f049a6a1114764b85e7339ffbb22e84b623a686dd5287f23bc09007ba19f515e0b7e649ab8a6474859328a09a561f5ebcd6f9e8f38b7d12d0df01bf147852ed5b090e7baa56720d9ba22f71704704c322650e05a5a9f3351793adbb4f746992f879d990598344ead42b812e9599a20d51bad7ff93bf6104330897a7a34c10f95f60b934b2a864f6936cac5b5a73b628adadebea5ae5906e18c8927eab35e53fa6f016984e376e223363376dbc510810807b69e13e2946f6f8835a97efc8e6d8f78446203eae0bcd3e7f63c88499dc0829c3df2b9900225c7f3074c1fcab2170d8d45e18679d10cdc394ae214960c1655b5f61fcb55dcabe240eab6d7f55d879ed12288be37c89406c28d2f95eb95e72e2a4d11554f2a5c3a03f1bb1d0f554531ecf5f19a435d484569a5c42ea89a1e7d664ad8f6ece582bcdb2d53c8002035fc4d99c12aacfaaf34e88c989d553ca138020f273a4b407c9f11f9c61f34d985a5e2acdf0ab14db335be776b84013153951363180d96fa765eb226b4bf25a652077749e6a8e987f9898f152205b175eee8c1e3fe47ab8ff68edd3453a0721817a29f4b3ea3022c3a5af3daf4d0cb9c4a34e3627e38bbeba0a67e5f142e252956d87a4fff8528b09432f2f5f4c15fbfdd2451925ea73f7a8bf37262580ab47d265ed6bfe3fb3e4e19feaa13a089fdba86043686d59792b865375b5665d6b91470ec80b7115ac095e4822815aeac232a1900daa6bd95efec249d485cf5e5a266e938d74ab9060622aa426cb76e9e22f24f6498448cc7c0c6ebf7dbc289f68faa0aeca1d51739f9d5868e573adc9a49523b476fe6f5e746ab57e50a996a38fe5f3d9181a8a03881aff8cb124bf981421d24e7d04b0aa43330616f4ebee30d23629f6f1387fdc0b3de32df913c205a211b921f7715c91f60bab4f7799b16798ae04baf89b9ae93becc59b"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.014485145s ago: executing program 0 (id=17):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8102)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffc, 0x6, 0x11, @scatter={0x0, 0x0, 0x0}, &(0x7f00000005c0)='\x00\x00\x00\x00\x00\x00', 0x0, 0x2, 0x0, 0x2, 0x0})
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
read$FUSE(r1, &(0x7f00000007c0)={0x2020}, 0x2020)

1.916530666s ago: executing program 2 (id=18):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000072000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0}, 0x68)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
read$FUSE(r0, &(0x7f0000001780)={0x2020}, 0x2020)

1.833985971s ago: executing program 1 (id=19):
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x43, 0x1)

1.636138766s ago: executing program 1 (id=20):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000280)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000200, r1, &(0x7f0000000040)='./file1\x00')
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f00000000c0)={'HL\x00'}, &(0x7f0000000100)=0x1e)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x5a1942, 0x5b)
r2 = fsmount(r0, 0x0, 0x84)
mmap$IORING_OFF_CQ_RING(&(0x7f000084f000/0x3000)=nil, 0x3000, 0x3000007, 0x4000010, r2, 0x8000000)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x27ffff7, 0x100010, r0, 0x0)

1.556154191s ago: executing program 3 (id=21):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143041, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[], 0x0, 0x28, 0x0, 0x1}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0xa, 0x2000000000f, 0x120000, 0x5, 0x0, 0xb, 0x8000000000000001, 0x2, 0x0, 0x101, 0x3, 0x1], 0x8000000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0xffffffffffffffff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.337341004s ago: executing program 4 (id=22):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)
symlink(0x0, &(0x7f00000017c0)='./file0\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='vegas\x00', 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x4, 0x4)

1.269894124s ago: executing program 0 (id=23):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x4480, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00'], 0x83, 0x22e, &(0x7f0000000940)="$eJzs2r+LHGUYB/BnzguJFy674i8SEF+0UJsht7VFDk1AXFA0K0RBMvFmddlx99hZDlbEXKWtf4K1WNoJktLmQPwLLOyuuTKFOJLb87IJJyJiNujn08wD73zheXmHl6eY/Ze//HjYr/N+MY2VLIuVS7Ebt7Nox0r8YTdeeuHaD8+8fe3d1ze73ctvpXRl8+pGJ6V07tnv3/v0m+duTc++8+25707HXvv9/YPOL3tP7Z3f/+3qR4M6Deo0Gk9TkW6Mx9PiRlWmrUE9zFN6syqLukyDUV1O7lnvV+Pt7VkqRlvra9uTsq5TMZqlYTlL03GaTmap+LAYjFKe52l9Lfgnel/fbpo4aE5dj6ZpHv0qzt6K9Z+jFdljKXv8Uvbk9ezp3ez8QdO0lt0q/wrn//+2cKmfiai+2Ont9ObP+fqrP8YgqijjYrTi17jzmRyZ11de616+mA614/Pq5lH+5qneI4f5zf5RfiNa0T45vzHPp8X8Tu90rC3mO9GKJ07Od07Mn4kXn1/I59GKnz6IcVSxFXeyd/OfbaT0yhvd+/IXDt8DAPivydOx9r3zz3x+y/M/W5/nj+erv54P75uvVuPC6nL3TkQ9+2RYVFU5URwXq/FQtKFQLLFY9s3Eg3D30JfdCQAAAAAAAAAAAH/Hg/idcNl7BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHm6/BwAA//+HytTx")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000001280)=""/4078, 0xfee)

1.147855851s ago: executing program 2 (id=24):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
pwritev2(r0, &(0x7f0000000080)=[{&(0x7f0000000240)="a0", 0x1}], 0x1, 0x7ffd, 0xffffffff, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r3, 0x6628)
sendfile(r0, r3, 0x0, 0x100001)

1.143916156s ago: executing program 4 (id=25):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)

1.089667545s ago: executing program 0 (id=26):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000280)={0x8, 0x6, 0x0, 0x800, 0x2, 0x0, [{0x0, 0x2, 0xffffffffffffffff, '\x00', 0x4949}, {0x800, 0x0, 0x400, '\x00', 0xc89}]})

758.530785ms ago: executing program 4 (id=27):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x2000000000000008, 0x4, 0x180, 0x4, 0x10, 0xf1, 0xff, 0x7fffffffffffe, 0x5, 0x0, 0x20000000c, 0x0, 0x6, 0x0, 0xbdb], 0x2000, 0x120182})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x6, 0xc003, 0x3, 0x5, 0x0, 0x0, 0x7, 0xd, 0xb9, 0x0, 0xe, 0xfc, 0x204}, {0x804, 0x1, 0x4, 0x45, 0x7, 0xff, 0x2, 0xff, 0x0, 0x5, 0x4, 0x7b, 0x20c}, {0x1, 0x6, 0x18, 0x5, 0x8, 0xfd, 0x3, 0x2, 0x0, 0x70, 0x4, 0x7}], 0xfbffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x5ffffffffff, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x4, 0x3], 0x1, 0x202})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000480)={[{0x9570000, 0x3, 0x0, 0x0, 0x85, 0x1, 0xff, 0x2, 0x6, 0x4, 0x43, 0xf, 0x1}, {0x9f83, 0x7, 0xe, 0x5a, 0x1, 0x3, 0x9, 0x81, 0x7, 0x7, 0x6, 0x3, 0xfffffffffffffffe}, {0x4, 0x1005, 0x81, 0x6, 0x6, 0x1, 0xf8, 0x4f, 0xc, 0x98, 0x1a, 0x1, 0x8}], 0x4000003})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

715.671209ms ago: executing program 2 (id=28):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
move_mount(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x200)

617.885096ms ago: executing program 0 (id=29):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
mkdir(&(0x7f0000000300)='./bus\x00', 0x36)
mkdir(0x0, 0x41)
mkdirat(0xffffffffffffff9c, 0x0, 0x110)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

584.618366ms ago: executing program 2 (id=30):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfd, 0x31c, &(0x7f0000000500)="$eJzs3U9oI1UcwPFfmnSbVNsEUcEF9ad7UZGwyVlYw7IVMbCiG1ldEGbtREPGpGRCNEWaLCzsxYMX/51VECkUxIMglHrwJC2ld2+99WA9KVp8ksyMM22T/lma9tDv55C8vvf7vff6XjqUN2W69cIn7/9jjClbTRmXmIy9KN3YTkwyMiaBrjz7wdL646+/+dYrhWLx2muqM4UbubyqTj+5fOujxadXmg+88cP0TxOymnl7azu/ufro6mNb/954r+JqxdVavamWJv3OdPYzt5pVfdWxLdfWSs21G7322/V607rt2Fp26nNzbbVqsw9OzjVs11Wr1taq3dZmXZuNtlrvWpWaZrNZnZoUDHSn/5oUWWx9WRgeVvruL2Nku/mrMRNdMcb4WTgv1H8P9//j4cFXp05rWjglkYt6UsS51yq1St67114oS0UcseWypGVHep8R89WS6X9Ueq8f5peKG8/98rOqZmTB6fj5nVYpHuabCVtykpbMuD9qmD/zcvFaTj2788dlMjp+XtLysJfjCfPze/Lj/fwL8sylSH5W0rLxjtTFkbXlp/7cvH7v8yB/Iad69Xqxnz8mwfgpmQ0WKSnf/jF4+TKj3yEAAAAAAAAAAI4vq/8beH6f7QXcnVfVqYwsBPeEe+1eyT9fj0XvD+w9n7888Hw/IRcTZ/d9AwAAAABwnrjtuyJx/wvLceyGm5qveoX2fNXa3dSONjlOKqxJDIuJFB6Z3h1jjOkMDT7NQlJGOMTXdw6LSUlQ88TMwR1euhJf8zekGzYFf1V5wpO/aIw5mQ7/vhmtSd/XVCV51KyEHK1D//TpoJikhD8ch3aYkmMuy+8nsk0xf37DY1669dv3h/ZzYd/67Ocd662M6loEAAAAYLTCX/qvSKf8Y6tz8/lPj5hq0iOeGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA58VBDxiLDX462toXg4K1V3jom6BmPdI0cODYdvBvAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM7UfwEAAP//mRS02g==")

550.501573ms ago: executing program 3 (id=31):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, 0x0, 0x28441, 0x14a)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000780)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x7fffffff, @local, 0xfffffffb}, {0xa, 0x4e21, 0xb2, @mcast2, 0x5}, 0xffffffffffffffff, 0x3}}, 0x48)

522.620124ms ago: executing program 1 (id=32):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
write$FUSE_INIT(r0, &(0x7f00000001c0)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x2b, 0x101, 0x12400000, 0x0, 0xff, 0xfff, 0x400, 0x0, 0x0, 0x2, 0x6}}, 0x50)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

324.000505ms ago: executing program 2 (id=33):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, 0x0)

265.07908ms ago: executing program 4 (id=34):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c000000100081"], 0x2c}], 0x1}, 0x0)

182.812µs ago: executing program 3 (id=35):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)
symlink(0x0, &(0x7f00000017c0)='./file0\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='vegas\x00', 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x4, 0x4)

0s ago: executing program 4 (id=36):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x4c10, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
lseek(r0, 0x3, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.114' (ED25519) to the list of known hosts.
[   63.166159][ T5846] cgroup: Unknown subsys name 'net'
[   63.272195][ T5846] cgroup: Unknown subsys name 'cpuset'
[   63.279646][ T5846] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   64.702497][ T5846] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.991076][ T5867] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.998385][ T5874] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   67.010298][ T5874] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   67.024105][ T5867] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.031273][ T5867] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   67.031441][ T5874] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.038715][ T5867] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   67.048076][ T5873] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   67.053431][ T5867] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   67.060894][ T5874] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.070974][ T5867] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   67.074713][ T5874] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.087823][ T5873] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   67.090536][ T5867] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   67.115879][ T5876] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   67.122972][ T5867] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   67.130577][ T5867] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   67.138233][ T5876] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   67.148779][ T5867] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   67.156767][ T5876] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   67.164127][ T5876] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   67.171701][ T5876] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   67.179666][ T5867] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   67.182292][ T5874] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   67.187169][ T5867] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   67.468911][ T5863] chnl_net:caif_netlink_parms(): no params data found
[   67.525707][ T5856] chnl_net:caif_netlink_parms(): no params data found
[   67.569925][ T5870] chnl_net:caif_netlink_parms(): no params data found
[   67.606375][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.613664][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.621294][ T5863] bridge_slave_0: entered allmulticast mode
[   67.627868][ T5863] bridge_slave_0: entered promiscuous mode
[   67.652937][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.660314][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.667764][ T5863] bridge_slave_1: entered allmulticast mode
[   67.674608][ T5863] bridge_slave_1: entered promiscuous mode
[   67.701073][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   67.766645][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.784928][ T5865] chnl_net:caif_netlink_parms(): no params data found
[   67.801812][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.827284][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.834639][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.841942][ T5856] bridge_slave_0: entered allmulticast mode
[   67.848484][ T5856] bridge_slave_0: entered promiscuous mode
[   67.877646][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.884972][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.892212][ T5856] bridge_slave_1: entered allmulticast mode
[   67.899098][ T5856] bridge_slave_1: entered promiscuous mode
[   67.907154][ T5863] team0: Port device team_slave_0 added
[   67.915540][ T5863] team0: Port device team_slave_1 added
[   67.958292][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.966317][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.973914][ T5870] bridge_slave_0: entered allmulticast mode
[   67.981223][ T5870] bridge_slave_0: entered promiscuous mode
[   67.998359][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.015180][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.022563][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.029688][ T5870] bridge_slave_1: entered allmulticast mode
[   68.036718][ T5870] bridge_slave_1: entered promiscuous mode
[   68.045688][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.053265][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.060716][ T5858] bridge_slave_0: entered allmulticast mode
[   68.067229][ T5858] bridge_slave_0: entered promiscuous mode
[   68.075601][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.085231][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.092866][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.118843][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.139835][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.147232][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.154470][ T5858] bridge_slave_1: entered allmulticast mode
[   68.161526][ T5858] bridge_slave_1: entered promiscuous mode
[   68.174958][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.182280][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.208805][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.248695][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.272393][ T5856] team0: Port device team_slave_0 added
[   68.280775][ T5856] team0: Port device team_slave_1 added
[   68.288088][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.305481][ T5865] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.312719][ T5865] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.319936][ T5865] bridge_slave_0: entered allmulticast mode
[   68.326746][ T5865] bridge_slave_0: entered promiscuous mode
[   68.335113][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.363840][ T5865] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.371205][ T5865] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.378352][ T5865] bridge_slave_1: entered allmulticast mode
[   68.385306][ T5865] bridge_slave_1: entered promiscuous mode
[   68.402073][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.425880][ T5870] team0: Port device team_slave_0 added
[   68.449961][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.458136][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.484793][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.499118][ T5863] hsr_slave_0: entered promiscuous mode
[   68.506041][ T5863] hsr_slave_1: entered promiscuous mode
[   68.513512][ T5870] team0: Port device team_slave_1 added
[   68.521743][ T5865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.539799][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.547142][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.577731][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.609606][ T5865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.626726][ T5858] team0: Port device team_slave_0 added
[   68.634839][ T5858] team0: Port device team_slave_1 added
[   68.641414][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.648476][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.675942][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.712653][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.719647][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.746093][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.783223][ T5865] team0: Port device team_slave_0 added
[   68.804736][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.812000][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.838340][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.852452][ T5865] team0: Port device team_slave_1 added
[   68.859082][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.866733][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.892767][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.906482][ T5856] hsr_slave_0: entered promiscuous mode
[   68.912648][ T5856] hsr_slave_1: entered promiscuous mode
[   68.918914][ T5856] debugfs: 'hsr0' already exists in 'hsr'
[   68.924781][ T5856] Cannot create hsr debugfs directory
[   68.978882][ T5870] hsr_slave_0: entered promiscuous mode
[   68.985053][ T5870] hsr_slave_1: entered promiscuous mode
[   68.991894][ T5870] debugfs: 'hsr0' already exists in 'hsr'
[   68.997743][ T5870] Cannot create hsr debugfs directory
[   69.004408][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.011458][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.037569][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.056696][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.063741][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.089774][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.134272][ T5858] hsr_slave_0: entered promiscuous mode
[   69.140797][ T5858] hsr_slave_1: entered promiscuous mode
[   69.141727][ T5184] Bluetooth: hci0: command tx timeout
[   69.146866][ T5858] debugfs: 'hsr0' already exists in 'hsr'
[   69.151837][ T5869] Bluetooth: hci2: command tx timeout
[   69.158020][ T5858] Cannot create hsr debugfs directory
[   69.210322][ T5184] Bluetooth: hci4: command tx timeout
[   69.216641][ T5869] Bluetooth: hci1: command tx timeout
[   69.271054][ T5865] hsr_slave_0: entered promiscuous mode
[   69.277232][ T5865] hsr_slave_1: entered promiscuous mode
[   69.284939][ T5865] debugfs: 'hsr0' already exists in 'hsr'
[   69.290816][ T5869] Bluetooth: hci3: command tx timeout
[   69.290976][ T5865] Cannot create hsr debugfs directory
[   69.414218][ T5863] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   69.437041][ T5863] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   69.446949][ T5863] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   69.474730][ T5863] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   69.535379][ T5856] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   69.553582][ T5856] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   69.566109][ T5856] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   69.578037][ T5856] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   69.614786][ T5870] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   69.625593][ T5870] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   69.649569][ T5870] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   69.667276][ T5870] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   69.714148][ T5865] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   69.724073][ T5865] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   69.735158][ T5865] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.757927][ T5865] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.773884][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.815595][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   69.824858][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   69.835525][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   69.846045][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   69.857049][ T5863] 8021q: adding VLAN 0 to HW filter on device team0
[   69.882975][   T78] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.890122][   T78] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.906862][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.914208][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.969605][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.998249][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.018749][ T5856] 8021q: adding VLAN 0 to HW filter on device team0
[   70.043212][ T5870] 8021q: adding VLAN 0 to HW filter on device team0
[   70.053444][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.060586][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.083244][   T78] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.090445][   T78] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.113856][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.121035][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.147371][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.163762][ T3019] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.171173][ T3019] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.199264][ T5865] 8021q: adding VLAN 0 to HW filter on device team0
[   70.258445][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.265620][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.289869][ T3019] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.297086][ T3019] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.314235][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.361603][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.399012][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   70.437578][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.444923][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.481147][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.488383][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.682080][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.765274][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.789305][ T5856] veth0_vlan: entered promiscuous mode
[   70.840811][ T5856] veth1_vlan: entered promiscuous mode
[   70.903898][ T5863] veth0_vlan: entered promiscuous mode
[   70.926893][ T5870] veth0_vlan: entered promiscuous mode
[   70.937465][ T5856] veth0_macvtap: entered promiscuous mode
[   70.948894][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.963004][ T5863] veth1_vlan: entered promiscuous mode
[   70.974709][ T5856] veth1_macvtap: entered promiscuous mode
[   70.985240][ T5870] veth1_vlan: entered promiscuous mode
[   71.016204][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.025906][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.056096][ T5870] veth0_macvtap: entered promiscuous mode
[   71.066157][ T5870] veth1_macvtap: entered promiscuous mode
[   71.078226][ T5863] veth0_macvtap: entered promiscuous mode
[   71.088716][ T5863] veth1_macvtap: entered promiscuous mode
[   71.105099][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.128239][   T78] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.137912][   T78] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.148428][   T78] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.166793][ T5865] veth0_vlan: entered promiscuous mode
[   71.174507][   T78] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.193158][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.205887][ T5858] veth0_vlan: entered promiscuous mode
[   71.213890][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.221432][ T5869] Bluetooth: hci2: command tx timeout
[   71.221468][ T5869] Bluetooth: hci0: command tx timeout
[   71.246080][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.262449][ T5865] veth1_vlan: entered promiscuous mode
[   71.272895][   T78] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.284955][   T78] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.296949][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.305404][ T5184] Bluetooth: hci1: command tx timeout
[   71.309744][ T5858] veth1_vlan: entered promiscuous mode
[   71.311149][ T5869] Bluetooth: hci4: command tx timeout
[   71.331281][   T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.342120][   T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.371246][ T5869] Bluetooth: hci3: command tx timeout
[   71.384838][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.395604][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.420428][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.446199][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.457865][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.458827][ T5858] veth0_macvtap: entered promiscuous mode
[   71.466862][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.490605][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.497225][ T5858] veth1_macvtap: entered promiscuous mode
[   71.507266][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.522559][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.530570][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.551657][ T5865] veth0_macvtap: entered promiscuous mode
[   71.566450][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.574736][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.598097][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.599156][ T5865] veth1_macvtap: entered promiscuous mode
[   71.626143][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.635394][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.676262][ T5856] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   71.699004][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.710848][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[   71.717917][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[   71.738096][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.739703][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.754557][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.764450][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.795023][   T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.817307][ T5971] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   71.839440][   T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.858008][   T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.874414][   T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.895491][ T5974] loop3: detected capacity change from 0 to 128
[   71.906009][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.923022][ T5974] FAT-fs (loop3): bogus logical sector size 1280
[   71.929411][ T5974] FAT-fs (loop3): Can't find a valid FAT filesystem
[   71.939627][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.975490][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.986970][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.116623][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.131504][ T5979] 9pnet_fd: p9_fd_create_unix (5979): problem connecting socket: ./file0: -111
[   72.145471][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.189508][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.232952][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.255328][ T5983] loop1: detected capacity change from 0 to 1024
[   72.302998][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.326911][ T5983] EXT4-fs: Ignoring removed orlov option
[   72.340256][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.408005][ T5983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.454843][ T5991] loop3: detected capacity change from 0 to 1024
[   72.474673][ T5991] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   72.493721][   T30] audit: type=1800 audit(1755653413.331:2): pid=5983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8" name="file1" dev="loop1" ino=15 res=0 errno=0
[   72.528849][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.574272][ T5991] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.600236][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.858539][ T5998] kvm: kvm [5997]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000063)
[   73.034598][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.034882][ T6004] =======================================================
[   73.034882][ T6004] WARNING: The mand mount option has been deprecated and
[   73.034882][ T6004]          and is ignored by this kernel. Remove the mand
[   73.034882][ T6004]          option from the mount to silence this warning.
[   73.034882][ T6004] =======================================================
[   73.092558][ T5922] kernel write not supported for file bpf-prog (pid: 5922 comm: kworker/0:5)
[   73.185771][ T5870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.290654][ T5184] Bluetooth: hci2: command tx timeout
[   73.290684][ T5869] Bluetooth: hci0: command tx timeout
[   73.370094][ T5869] Bluetooth: hci4: command tx timeout
[   73.370840][ T5184] Bluetooth: hci1: command tx timeout
[   73.451462][ T5184] Bluetooth: hci3: command tx timeout
[   73.759552][ T6031] loop3: detected capacity change from 0 to 512
[   73.805277][ T6031] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.848147][ T6031] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.040493][ T6040] loop0: detected capacity change from 0 to 128
[   74.182849][ T6044] loop2: detected capacity change from 0 to 1024
[   74.205789][ T6047] loop0: detected capacity change from 0 to 1024
[   74.235904][ T6044] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.295422][ T6047] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.341773][   T30] audit: type=1804 audit(1755653415.171:3): pid=6044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.24" name="/newroot/4/file1/file1" dev="loop2" ino=15 res=1 errno=0
[   74.518278][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.628971][ T5865] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.691681][ T6062] loop2: detected capacity change from 0 to 128
[   74.703792][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.709170][ T6062] FAT-fs (loop2): bogus logical sector size 1280
[   74.721967][ T6062] FAT-fs (loop2): Can't find a valid FAT filesystem
[   74.772210][ T6064] loop1: detected capacity change from 0 to 512
[   74.779519][ T6066] loop0: detected capacity change from 0 to 1024
[   74.804281][ T6064] EXT4-fs: Ignoring removed i_version option
[   74.821276][ T6064] EXT4-fs: Ignoring removed nobh option
[   74.839338][ T6064] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   74.872716][ T6064] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   74.873563][ T6066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.896461][ T6069] loop3: detected capacity change from 0 to 512
[   74.929017][ T6069] EXT4-fs: Ignoring removed i_version option
[   74.943202][ T6069] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   74.963460][ T6074] loop2: detected capacity change from 0 to 2048
[   74.982696][ T6064] EXT4-fs (loop1): 1 truncate cleaned up
[   75.006667][ T6069] EXT4-fs (loop3): 1 truncate cleaned up
[   75.024478][ T6064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.038279][ T6069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.044149][ T6074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.092223][ T6074] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.117801][ T6066] overlayfs: upper fs does not support file handles, falling back to index=off.
[   75.128309][ T6078] netlink: 12 bytes leftover after parsing attributes in process `syz.4.34'.
[   75.190104][ T6064] loop1: detected capacity change from 512 to 64
[   75.205703][ T6082] ==================================================================
[   75.213821][ T6082] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x9c1/0x1e20
[   75.221565][ T6082] Read of size 18446744073709551600 at addr ffff88807388d6d0 by task syz.1.32/6082
[   75.230938][ T6082] 
[   75.233271][ T6082] CPU: 0 UID: 0 PID: 6082 Comm: syz.1.32 Not tainted syzkaller #0 PREEMPT(full) 
[   75.233290][ T6082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.233301][ T6082] Call Trace:
[   75.233307][ T6082]  <TASK>
[   75.233314][ T6082]  dump_stack_lvl+0x189/0x250
[   75.233336][ T6082]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.233357][ T6082]  ? rcu_is_watching+0x15/0xb0
[   75.233373][ T6082]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.233390][ T6082]  ? rcu_is_watching+0x15/0xb0
[   75.233405][ T6082]  ? lock_release+0x4b/0x3e0
[   75.233429][ T6082]  ? __virt_addr_valid+0x1c8/0x5c0
[   75.233448][ T6082]  ? __virt_addr_valid+0x4a5/0x5c0
[   75.233468][ T6082]  print_report+0xca/0x240
[   75.233484][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.233505][ T6082]  kasan_report+0x118/0x150
[   75.233527][ T6082]  ? bdev_getblk+0x80/0x660
[   75.233542][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.233564][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.233586][ T6082]  kasan_check_range+0x2b0/0x2c0
[   75.233607][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   75.233628][ T6082]  __asan_memmove+0x29/0x70
[   75.233646][ T6082]  ext4_xattr_set_entry+0x9c1/0x1e20
[   75.233674][ T6082]  ext4_xattr_ibody_set+0x254/0x6a0
[   75.233697][ T6082]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   75.233719][ T6082]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   75.233740][ T6082]  ? down_write+0x162/0x1f0
[   75.233761][ T6082]  ? __filemap_get_folio+0x79f/0xaf0
[   75.233779][ T6082]  ext4_convert_inline_data_to_extent+0x540/0xdd0
[   75.233801][ T6082]  ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[   75.233819][ T6082]  ? ext4_inode_journal_mode+0x18c/0x480
[   75.233841][ T6082]  ? rcu_is_watching+0x15/0xb0
[   75.233856][ T6082]  ? ext4_try_to_write_inline_data+0x49/0xa0
[   75.233874][ T6082]  ext4_write_begin+0x382/0x19a0
[   75.233891][ T6082]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   75.233916][ T6082]  ? __pfx___might_resched+0x10/0x10
[   75.233934][ T6082]  ? do_raw_spin_lock+0x121/0x290
[   75.233952][ T6082]  ? lock_acquire+0x5f/0x360
[   75.233973][ T6082]  ? __pfx_ext4_write_begin+0x10/0x10
[   75.233992][ T6082]  generic_perform_write+0x2c5/0x900
[   75.234013][ T6082]  ? __pfx_generic_perform_write+0x10/0x10
[   75.234030][ T6082]  ? file_modified_flags+0x4bb/0x560
[   75.234049][ T6082]  ? ext4_write_checks+0x24b/0x2c0
[   75.234070][ T6082]  ext4_buffered_write_iter+0xce/0x3a0
[   75.234089][ T6082]  ? css_rstat_updated+0x23a/0x4f0
[   75.234105][ T6082]  ext4_file_write_iter+0x298/0x1bc0
[   75.234125][ T6082]  ? aa_file_perm+0x13a/0x1550
[   75.234142][ T6082]  ? __pfx_css_rstat_updated+0x10/0x10
[   75.234160][ T6082]  ? __folio_batch_add_and_move+0x20a/0xd20
[   75.234183][ T6082]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   75.234202][ T6082]  ? pfn_valid+0xba/0x490
[   75.234221][ T6082]  ? rcu_is_watching+0x15/0xb0
[   75.234236][ T6082]  ? page_table_check_set+0x18d/0x730
[   75.234257][ T6082]  ? rcu_is_watching+0x15/0xb0
[   75.234273][ T6082]  do_iter_readv_writev+0x61c/0x8b0
[   75.234297][ T6082]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   75.234320][ T6082]  ? security_file_permission+0x75/0x290
[   75.234340][ T6082]  ? preempt_count_add+0x91/0x1a0
[   75.234364][ T6082]  vfs_writev+0x31a/0x960
[   75.234382][ T6082]  ? __pfx_vfs_writev+0x10/0x10
[   75.234400][ T6082]  ? lock_release+0x4b/0x3e0
[   75.234421][ T6082]  ? count_memcg_event_mm+0x21/0x260
[   75.234440][ T6082]  ? lock_release+0x4b/0x3e0
[   75.234462][ T6082]  ? __fget_files+0x3a0/0x420
[   75.234483][ T6082]  ? __fget_files+0x2a/0x420
[   75.234507][ T6082]  __se_sys_pwritev2+0x179/0x290
[   75.234530][ T6082]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   75.234553][ T6082]  ? rcu_is_watching+0x15/0xb0
[   75.234567][ T6082]  ? __x64_sys_pwritev2+0x20/0xc0
[   75.234588][ T6082]  do_syscall_64+0xfa/0x3b0
[   75.234608][ T6082]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.234623][ T6082]  ? clear_bhb_loop+0x60/0xb0
[   75.234639][ T6082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.234654][ T6082] RIP: 0033:0x7fbf65f8ebe9
[   75.234669][ T6082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.234682][ T6082] RSP: 002b:00007fbf66ddf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   75.234700][ T6082] RAX: ffffffffffffffda RBX: 00007fbf661b6090 RCX: 00007fbf65f8ebe9
[   75.234712][ T6082] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[   75.234722][ T6082] RBP: 00007fbf66011e19 R08: 0000000000000000 R09: 0000000000000000
[   75.234732][ T6082] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000000
[   75.234742][ T6082] R13: 00007fbf661b6128 R14: 00007fbf661b6090 R15: 00007ffed7953e48
[   75.234758][ T6082]  </TASK>
[   75.234764][ T6082] 
[   75.694687][ T6082] The buggy address belongs to the physical page:
[   75.701119][ T6082] page: refcount:3 mapcount:0 mapping:ffff888023100880 index:0x2 pfn:0x7388d
[   75.710002][ T6082] memcg:ffff8881404a8d00
[   75.714363][ T6082] aops:def_blk_aops ino:700001 dentry name(?):""
[   75.720695][ T6082] flags: 0xfff18000004214(referenced|dirty|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[   75.730963][ T6082] raw: 00fff18000004214 0000000000000000 dead000000000122 ffff888023100880
[   75.740118][ T6082] raw: 0000000000000002 ffff888075e921d0 00000003ffffffff ffff8881404a8d00
[   75.748748][ T6082] page dumped because: kasan: bad access detected
[   75.755421][ T6082] page_owner tracks the page as allocated
[   75.761135][ T6082] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_MOVABLE|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL), pid 6082, tgid 6063 (syz.1.32), ts 75204800891, free_ts 75183641620
[   75.781718][ T6082]  post_alloc_hook+0x240/0x2a0
[   75.786497][ T6082]  get_page_from_freelist+0x21e4/0x22c0
[   75.792049][ T6082]  __alloc_frozen_pages_noprof+0x181/0x370
[   75.797861][ T6082]  alloc_pages_mpol+0x232/0x4a0
[   75.802739][ T6082]  alloc_pages_noprof+0xa9/0x190
[   75.807873][ T6082]  folio_alloc_noprof+0x1e/0x30
[   75.812869][ T6082]  filemap_alloc_folio_noprof+0xdf/0x470
[   75.818987][ T6082]  __filemap_get_folio+0x3f2/0xaf0
[   75.824385][ T6082]  bdev_getblk+0x1ad/0x660
[   75.828923][ T6082]  __ext4_get_inode_loc+0x561/0x1040
[   75.834488][ T6082]  ext4_reserve_inode_write+0x18b/0x360
[   75.840242][ T6082]  __ext4_mark_inode_dirty+0x15b/0x700
[   75.845837][ T6082]  ext4_dirty_inode+0xd0/0x110
[   75.850618][ T6082]  __mark_inode_dirty+0x2e9/0xe10
[   75.855730][ T6082]  file_modified_flags+0x4b0/0x560
[   75.860844][ T6082]  ext4_write_checks+0x240/0x2c0
[   75.865885][ T6082] page last free pid 6066 tgid 6065 stack trace:
[   75.872298][ T6082]  free_unref_folios+0xdbd/0x1520
[   75.877343][ T6082]  folios_put_refs+0x559/0x640
[   75.882226][ T6082]  free_pages_and_swap_cache+0x4be/0x520
[   75.888138][ T6082]  tlb_flush_mmu+0x3a0/0x680
[   75.893036][ T6082]  unmap_page_range+0x3b37/0x4370
[   75.898105][ T6082]  unmap_vmas+0x399/0x580
[   75.902439][ T6082]  exit_mmap+0x248/0xb50
[   75.906704][ T6082]  __mmput+0x118/0x420
[   75.910773][ T6082]  exit_mm+0x1da/0x2c0
[   75.914853][ T6082]  do_exit+0x648/0x2300
[   75.919013][ T6082]  do_group_exit+0x21c/0x2d0
[   75.923618][ T6082]  get_signal+0x1286/0x1340
[   75.928414][ T6082]  arch_do_signal_or_restart+0x9a/0x750
[   75.933985][ T6082]  exit_to_user_mode_loop+0x75/0x130
[   75.939642][ T6082]  do_syscall_64+0x2bd/0x3b0
[   75.944539][ T6082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.950439][ T6082] 
[   75.952828][ T6082] Memory state around the buggy address:
[   75.958633][ T6082]  ffff88807388d580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.966965][ T6082]  ffff88807388d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.975028][ T6082] >ffff88807388d680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.983174][ T6082]                                                  ^
[   75.989958][ T6082]  ffff88807388d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.998036][ T6082]  ffff88807388d780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   76.006186][ T6082] ==================================================================
[   76.034767][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.046620][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.047043][ T5865] EXT4-fs error (device loop0): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size
[   76.060408][ T6082] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   76.060429][ T6082] CPU: 1 UID: 0 PID: 6082 Comm: syz.1.32 Not tainted syzkaller #0 PREEMPT(full) 
[   76.060452][ T6082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.060465][ T6082] Call Trace:
[   76.060472][ T6082]  <TASK>
[   76.060480][ T6082]  dump_stack_lvl+0x99/0x250
[   76.060508][ T6082]  ? __asan_memcpy+0x40/0x70
[   76.060530][ T6082]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.060552][ T6082]  ? __pfx__printk+0x10/0x10
[   76.060581][ T6082]  vpanic+0x281/0x750
[   76.060601][ T6082]  ? __pfx_print_hex_dump+0x10/0x10
[   76.060629][ T6082]  ? __pfx_vpanic+0x10/0x10
[   76.060649][ T6082]  ? preempt_schedule_common+0x83/0xd0
[   76.060670][ T6082]  ? preempt_schedule+0xae/0xc0
[   76.060691][ T6082]  panic+0xb9/0xc0
[   76.060710][ T6082]  ? __pfx_panic+0x10/0x10
[   76.060733][ T6082]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.060754][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.060780][ T6082]  check_panic_on_warn+0x89/0xb0
[   76.060804][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.060829][ T6082]  end_report+0x78/0x160
[   76.060861][ T6082]  kasan_report+0x129/0x150
[   76.060885][ T6082]  ? bdev_getblk+0x80/0x660
[   76.060903][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.060930][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.060955][ T6082]  kasan_check_range+0x2b0/0x2c0
[   76.060980][ T6082]  ? ext4_xattr_set_entry+0x9c1/0x1e20
[   76.061006][ T6082]  __asan_memmove+0x29/0x70
[   76.061027][ T6082]  ext4_xattr_set_entry+0x9c1/0x1e20
[   76.061060][ T6082]  ext4_xattr_ibody_set+0x254/0x6a0
[   76.061089][ T6082]  ext4_destroy_inline_data_nolock+0x214/0x5b0
[   76.061114][ T6082]  ? __pfx_ext4_destroy_inline_data_nolock+0x10/0x10
[   76.061139][ T6082]  ? down_write+0x162/0x1f0
[   76.061163][ T6082]  ? __filemap_get_folio+0x79f/0xaf0
[   76.061190][ T6082]  ext4_convert_inline_data_to_extent+0x540/0xdd0
[   76.061217][ T6082]  ? __pfx_ext4_convert_inline_data_to_extent+0x10/0x10
[   76.061239][ T6082]  ? ext4_inode_journal_mode+0x18c/0x480
[   76.061265][ T6082]  ? rcu_is_watching+0x15/0xb0
[   76.061285][ T6082]  ? ext4_try_to_write_inline_data+0x49/0xa0
[   76.061306][ T6082]  ext4_write_begin+0x382/0x19a0
[   76.061328][ T6082]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[   76.061356][ T6082]  ? __pfx___might_resched+0x10/0x10
[   76.061377][ T6082]  ? do_raw_spin_lock+0x121/0x290
[   76.061398][ T6082]  ? lock_acquire+0x5f/0x360
[   76.061424][ T6082]  ? __pfx_ext4_write_begin+0x10/0x10
[   76.061447][ T6082]  generic_perform_write+0x2c5/0x900
[   76.061473][ T6082]  ? __pfx_generic_perform_write+0x10/0x10
[   76.061493][ T6082]  ? file_modified_flags+0x4bb/0x560
[   76.061515][ T6082]  ? ext4_write_checks+0x24b/0x2c0
[   76.061540][ T6082]  ext4_buffered_write_iter+0xce/0x3a0
[   76.061564][ T6082]  ? css_rstat_updated+0x23a/0x4f0
[   76.061584][ T6082]  ext4_file_write_iter+0x298/0x1bc0
[   76.061607][ T6082]  ? aa_file_perm+0x13a/0x1550
[   76.061629][ T6082]  ? __pfx_css_rstat_updated+0x10/0x10
[   76.061650][ T6082]  ? __folio_batch_add_and_move+0x20a/0xd20
[   76.061670][ T6082]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   76.061693][ T6082]  ? pfn_valid+0xba/0x490
[   76.061715][ T6082]  ? rcu_is_watching+0x15/0xb0
[   76.061733][ T6082]  ? page_table_check_set+0x18d/0x730
[   76.061756][ T6082]  ? rcu_is_watching+0x15/0xb0
[   76.061776][ T6082]  do_iter_readv_writev+0x61c/0x8b0
[   76.061803][ T6082]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   76.061831][ T6082]  ? security_file_permission+0x75/0x290
[   76.061862][ T6082]  ? preempt_count_add+0x91/0x1a0
[   76.061890][ T6082]  vfs_writev+0x31a/0x960
[   76.061910][ T6082]  ? __pfx_vfs_writev+0x10/0x10
[   76.061931][ T6082]  ? lock_release+0x4b/0x3e0
[   76.061955][ T6082]  ? count_memcg_event_mm+0x21/0x260
[   76.061977][ T6082]  ? lock_release+0x4b/0x3e0
[   76.062003][ T6082]  ? __fget_files+0x3a0/0x420
[   76.062029][ T6082]  ? __fget_files+0x2a/0x420
[   76.062057][ T6082]  __se_sys_pwritev2+0x179/0x290
[   76.062084][ T6082]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   76.062111][ T6082]  ? rcu_is_watching+0x15/0xb0
[   76.062126][ T6082]  ? __x64_sys_pwritev2+0x20/0xc0
[   76.062153][ T6082]  do_syscall_64+0xfa/0x3b0
[   76.062176][ T6082]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.062194][ T6082]  ? clear_bhb_loop+0x60/0xb0
[   76.062215][ T6082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.062232][ T6082] RIP: 0033:0x7fbf65f8ebe9
[   76.062249][ T6082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.062265][ T6082] RSP: 002b:00007fbf66ddf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   76.062286][ T6082] RAX: ffffffffffffffda RBX: 00007fbf661b6090 RCX: 00007fbf65f8ebe9
[   76.062301][ T6082] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[   76.062313][ T6082] RBP: 00007fbf66011e19 R08: 0000000000000000 R09: 0000000000000000
[   76.062324][ T6082] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000000
[   76.062336][ T6082] R13: 00007fbf661b6128 R14: 00007fbf661b6090 R15: 00007ffed7953e48
[   76.062355][ T6082]  </TASK>
[   76.066895][ T6082] Kernel Offset: disabled