program:
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x6, &(0x7f0000000000)=0xa636, 0x9, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xff}]})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = syz_clone(0x1000000, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0)
migrate_pages(r2, 0x7, 0x0, &(0x7f0000000240)=0x8000000000000001)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000300)={0x2, @raw_data="2a343975d014526a524747429b8ba1020ddc691043a88ea839cd98783924da4a14fba7b7ed4ec69b103742f74a8ca05162770905367f7a89f04eaf93cf298d99f3b017ded7d8411d3c3fdbd7cd62b679d47166123fdacbe4fe91d0d026bdc171e78b766fc610a444bc160a9e1c21d8632416a2fad297bf8688b6055c9e5562fe8ef99e63591e76df3a3b1d7637068149088a16b580a18c83fc9f715f7bd17aa9ab3a084bf96132406d89444ef79e57b0179b38f3aee88bf828de272f71d3923f56e055d19b73971d"})
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000000206010100000000000000000000800005000100070000000900020073797a31000000000500050002000000050004000000000011000300686173683a69702c706f7274"], 0x4c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000000906010200000096000000100000000000000940004b23390900020073000014000880100007800900120073797a32000d00000000000000000000000000000060adf24563d3483ef3de9e4bf8ebcffbde9176e6ed5d3ced6ef64e8ff6843c39f9b1cd18dcaeb0b814248c3894e30a4eff0383436c5b018deb105bbb31e579b7f4708cefcc2883156a1528dd21f1"], 0x44}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7f}}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x9b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x0, 0x9a}, 0x102480, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x3, 0xffffffffffffffff, 0x9)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
socket$netlink(0x10, 0x3, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x130)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000001c0)='./file2\x00', 0x20)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
mknodat(r5, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r5, &(0x7f0000000100)='./file1\x00', r5, &(0x7f0000000240)='./file0\x00', 0x0)
link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./bus\x00')
[ 68.202493][ T5303] Bluetooth: hci0: command tx timeout
[ 68.239841][ T25] audit: type=1326 audit(1742828139.582:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5319 comm="syz.0.0" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe46bf8d169 code=0x0
[ 68.730832][ T5324] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[ 68.734662][ T5324] netlink: 48 bytes leftover after parsing attributes in process `syz.0.0'.
[ 68.743391][ T5324] loop0: detected capacity change from 0 to 512
[ 68.747281][ T5324] =======================================================
[ 68.747281][ T5324] WARNING: The mand mount option has been deprecated and
[ 68.747281][ T5324] and is ignored by this kernel. Remove the mand
[ 68.747281][ T5324] option from the mount to silence this warning.
[ 68.747281][ T5324] =======================================================
[ 68.809121][ T5324] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.0: iget: bad extended attribute block 1
[ 68.815325][ T5324] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.0: couldn't read orphan inode 15 (err -117)
[ 68.820467][ T5324] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 68.833571][ T5322] EXT4-fs error (device loop0): ext4_lookup:1813: inode #15: comm syz.0.0: iget: bad extended attribute block 1
[ 68.840755][ T5322] overlay: ./bus is not a directory
[ 68.843800][ T5322] ------------[ cut here ]------------
[ 68.845791][ T5322] bad length passed for symlink [/tmp/syz-imagegen2884317625/�] (got 39, expected 29)
[ 68.845931][ T5322] WARNING: CPU: 0 PID: 5322 at ./include/linux/fs.h:803 inode_set_cached_link+0xd0/0x110
[ 68.853900][ T5322] Modules linked in:
[ 68.855549][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.14.0-syzkaller #0
[ 68.858936][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.862967][ T5322] RIP: 0010:inode_set_cached_link+0xd0/0x110
[ 68.865236][ T5322] Code: 41 5f 5d c3 cc cc cc cc e8 8d b4 42 ff c6 05 d6 e2 a7 0d 01 90 48 c7 c7 20 eb 3d 8c 4c 89 f6 44 89 fa 89 e9 e8 61 70 02 ff 90 <0f> 0b 90 90 e9 6a ff ff ff 89 f9 80 e1 07 80 c1 03 38 c1 7c a1 e8
[ 68.872528][ T5322] RSP: 0018:ffffc9000d487938 EFLAGS: 00010246
[ 68.874842][ T5322] RAX: 1304e4843a84df00 RBX: ffff888053078c98 RCX: 0000000000100000
[ 68.877803][ T5322] RDX: ffffc9000f41c000 RSI: 000000000000087e RDI: 000000000000087f
[ 68.880732][ T5322] RBP: 000000000000001d R08: ffffffff81819e52 R09: 1ffff11003f8519a
[ 68.884013][ T5322] R10: dffffc0000000000 R11: ffffed1003f8519b R12: ffff888053078c98
[ 68.887127][ T5322] R13: 00000000637cf1f7 R14: ffff8880530789e8 R15: 0000000000000027
[ 68.890169][ T5322] FS: 00007fe4683b36c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[ 68.893826][ T5322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 68.896378][ T5322] CR2: 0000200000001000 CR3: 000000004341a000 CR4: 0000000000352ef0
[ 68.899410][ T5322] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 68.902522][ T5322] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 68.905619][ T5322] Call Trace:
[ 68.906922][ T5322] <TASK>
[ 68.908175][ T5322] ? __warn+0x165/0x4d0
[ 68.909825][ T5322] ? inode_set_cached_link+0xd0/0x110
[ 68.911859][ T5322] ? report_bug+0x2b3/0x500
[ 68.913787][ T5322] ? inode_set_cached_link+0xd0/0x110
[ 68.915876][ T5322] ? handle_bug+0x60/0x90
[ 68.917613][ T5322] ? exc_invalid_op+0x1a/0x50
[ 68.919423][ T5322] ? asm_exc_invalid_op+0x1a/0x20
[ 68.921477][ T5322] ? __warn_printk+0x292/0x360
[ 68.923474][ T5322] ? inode_set_cached_link+0xd0/0x110
[ 68.925634][ T5322] ? inode_set_cached_link+0xcf/0x110
[ 68.927752][ T5322] __ext4_iget+0x2ea4/0x3f30
[ 68.929630][ T5322] ? __pfx_lock_release+0x10/0x10
[ 68.931574][ T5322] ? __pfx___ext4_iget+0x10/0x10
[ 68.933694][ T5322] ? ext4_fname_free_filename+0x89/0xb0
[ 68.935870][ T5322] ? rcu_is_watching+0x15/0xb0
[ 68.937909][ T5322] ? ext4_fname_free_filename+0x89/0xb0
[ 68.940117][ T5322] ? kfree+0x4e/0x430
[ 68.941861][ T5322] ext4_lookup+0x3e3/0x750
[ 68.943836][ T5322] ? d_alloc+0x142/0x190
[ 68.945599][ T5322] ? do_raw_spin_lock+0x14f/0x370
[ 68.947630][ T5322] ? __pfx_ext4_lookup+0x10/0x10
[ 68.949562][ T5322] ? _raw_spin_unlock+0x28/0x50
[ 68.951481][ T5322] ? d_alloc+0x142/0x190
[ 68.953389][ T5322] lookup_one_qstr_excl+0x126/0x2b0
[ 68.955543][ T5322] filename_create+0x297/0x540
[ 68.957533][ T5322] ? __pfx_filename_create+0x10/0x10
[ 68.959649][ T5322] ? __pfx_lock_release+0x10/0x10
[ 68.961702][ T5322] do_mknodat+0x18b/0x5b0
[ 68.963557][ T5322] ? __pfx_do_mknodat+0x10/0x10
[ 68.965561][ T5322] ? getname_flags+0x1e3/0x540
[ 68.967476][ T5322] __x64_sys_mknodat+0xa7/0xc0
[ 68.969451][ T5322] do_syscall_64+0xf3/0x230
[ 68.971285][ T5322] ? clear_bhb_loop+0x35/0x90
[ 68.973280][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.975483][ T5322] RIP: 0033:0x7fe46bf8d169
[ 68.977132][ T5322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 68.984048][ T5322] RSP: 002b:00007fe4683b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[ 68.987561][ T5322] RAX: ffffffffffffffda RBX: 00007fe46c1a6160 RCX: 00007fe46bf8d169
[ 68.990572][ T5322] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000d
[ 68.993891][ T5322] RBP: 00007fe46c00e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 68.996999][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 69.000295][ T5322] R13: 0000000000000000 R14: 00007fe46c1a6160 R15: 00007ffca75ee7c8
[ 69.003805][ T5322] </TASK>
[ 69.005139][ T5322] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 69.008077][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.14.0-syzkaller #0
[ 69.011393][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.015627][ T5322] Call Trace:
[ 69.016668][ T5322] <TASK>
[ 69.017839][ T5322] dump_stack_lvl+0x241/0x360
[ 69.019428][ T5322] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.021676][ T5322] ? __pfx__printk+0x10/0x10
[ 69.023535][ T5322] ? vscnprintf+0x5d/0x90
[ 69.025317][ T5322] panic+0x349/0x880
[ 69.026875][ T5322] ? __warn+0x174/0x4d0
[ 69.028509][ T5322] ? __pfx_panic+0x10/0x10
[ 69.030357][ T5322] __warn+0x344/0x4d0
[ 69.032004][ T5322] ? inode_set_cached_link+0xd0/0x110
[ 69.034115][ T5322] report_bug+0x2b3/0x500
[ 69.035696][ T5322] ? inode_set_cached_link+0xd0/0x110
[ 69.037934][ T5322] handle_bug+0x60/0x90
[ 69.039616][ T5322] exc_invalid_op+0x1a/0x50
[ 69.041443][ T5322] asm_exc_invalid_op+0x1a/0x20
[ 69.043245][ T5322] RIP: 0010:inode_set_cached_link+0xd0/0x110
[ 69.045494][ T5322] Code: 41 5f 5d c3 cc cc cc cc e8 8d b4 42 ff c6 05 d6 e2 a7 0d 01 90 48 c7 c7 20 eb 3d 8c 4c 89 f6 44 89 fa 89 e9 e8 61 70 02 ff 90 <0f> 0b 90 90 e9 6a ff ff ff 89 f9 80 e1 07 80 c1 03 38 c1 7c a1 e8
[ 69.052581][ T5322] RSP: 0018:ffffc9000d487938 EFLAGS: 00010246
[ 69.055059][ T5322] RAX: 1304e4843a84df00 RBX: ffff888053078c98 RCX: 0000000000100000
[ 69.058305][ T5322] RDX: ffffc9000f41c000 RSI: 000000000000087e RDI: 000000000000087f
[ 69.061503][ T5322] RBP: 000000000000001d R08: ffffffff81819e52 R09: 1ffff11003f8519a
[ 69.064572][ T5322] R10: dffffc0000000000 R11: ffffed1003f8519b R12: ffff888053078c98
[ 69.067736][ T5322] R13: 00000000637cf1f7 R14: ffff8880530789e8 R15: 0000000000000027
[ 69.070875][ T5322] ? __warn_printk+0x292/0x360
[ 69.072894][ T5322] ? inode_set_cached_link+0xcf/0x110
[ 69.074870][ T5322] __ext4_iget+0x2ea4/0x3f30
[ 69.076556][ T5322] ? __pfx_lock_release+0x10/0x10
[ 69.078475][ T5322] ? __pfx___ext4_iget+0x10/0x10
[ 69.080285][ T5322] ? ext4_fname_free_filename+0x89/0xb0
[ 69.082393][ T5322] ? rcu_is_watching+0x15/0xb0
[ 69.084333][ T5322] ? ext4_fname_free_filename+0x89/0xb0
[ 69.086636][ T5322] ? kfree+0x4e/0x430
[ 69.088321][ T5322] ext4_lookup+0x3e3/0x750
[ 69.090218][ T5322] ? d_alloc+0x142/0x190
[ 69.092005][ T5322] ? do_raw_spin_lock+0x14f/0x370
[ 69.093875][ T5322] ? __pfx_ext4_lookup+0x10/0x10
[ 69.095815][ T5322] ? _raw_spin_unlock+0x28/0x50
[ 69.097732][ T5322] ? d_alloc+0x142/0x190
[ 69.099308][ T5322] lookup_one_qstr_excl+0x126/0x2b0
[ 69.101238][ T5322] filename_create+0x297/0x540
[ 69.103018][ T5322] ? __pfx_filename_create+0x10/0x10
[ 69.104943][ T5322] ? __pfx_lock_release+0x10/0x10
[ 69.106842][ T5322] do_mknodat+0x18b/0x5b0
[ 69.108452][ T5322] ? __pfx_do_mknodat+0x10/0x10
[ 69.110230][ T5322] ? getname_flags+0x1e3/0x540
[ 69.112002][ T5322] __x64_sys_mknodat+0xa7/0xc0
[ 69.113754][ T5322] do_syscall_64+0xf3/0x230
[ 69.115428][ T5322] ? clear_bhb_loop+0x35/0x90
[ 69.117143][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.119341][ T5322] RIP: 0033:0x7fe46bf8d169
[ 69.121084][ T5322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 69.130030][ T5322] RSP: 002b:00007fe4683b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[ 69.133615][ T5322] RAX: ffffffffffffffda RBX: 00007fe46c1a6160 RCX: 00007fe46bf8d169
[ 69.136826][ T5322] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000d
[ 69.140204][ T5322] RBP: 00007fe46c00e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 69.143268][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 69.146291][ T5322] R13: 0000000000000000 R14: 00007fe46c1a6160 R15: 00007ffca75ee7c8
[ 69.149274][ T5322] </TASK>
[ 69.150605][ T5322] Kernel Offset: disabled
[ 69.152114][ T5322] Rebooting in 86400 seconds..