last executing test programs:

1.799742575s ago: executing program 2 (id=35):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000c00)={[{@block_validity}, {@minixdf}, {@noblock_validity}, {@lazytime}, {@noauto_da_alloc}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
syz_mount_image$iso9660(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x200000, &(0x7f0000000440), 0x3, 0x3bc, &(0x7f0000000cc0)="$eJzs3E1v27YfwHEqD/jnnwHBgGJNmubArjtkh7qSsjgIetJk2mEriwIpF8lpKJakCGZ3w9oBa07LZQ/A9iJ63YvY69ml2EvYIMlukziO1zStu+L7AQLS0k/kj4JBwgooAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhBc3fD/wRKLTzrYcLW5Y0z7n/KC9j08U5/QrhFf8ibk5sVQdWrry8vRHVSOL1adFMVcUc+Lwg6sf3rkyMzW4/pyE3orHTw+/etDt7n076UQmpKVS7YxuRy0ltTNys173b281nWzqRLkdl6u2jK2KcmPlavypDDY316Sq7ZhO2mpEiRoc3LgV+n5d3q1lKrLOpLfv1ly8pZNEp60ypjhdxGwUX8R7Ope5itpS7h9099bGJVkEBf8mKBwXFPphGARhGNTXN9c3fH9m6IB/ihiKmPyXFpN1yTM4cHF/99d/AAAAAADw/vLKZ+zF7//Z8jm8J5o6Uf6k0wIAAAAAAJeo/M//YlHMFrUl4fH7HwAAAACA983PY/fYuex/3h9/CWtnvaNs+xOvFxVxUW+6um76dIt5c9lb6DdSFvWZ/qdYrXjXqqBrg+jn/WJ/XB7eKyTw/xEJiF/FchWzvFuVu4MzVS/zTZ2oWmySO4GIooWpXG3n3z06+F6Uw/8lbS94Yv+gu1f78uvubpnLUdHKUa+/gWJoH8XomyGevNj3ePaIZ8sHMf1+56t+/ePjn6oun3qFPn8U16uY6/NVOX9y/HNFn0Ft1Oj7WQQXH7knxA8vY1ZWbxbFzdUzsgjHZREez+JC92JlfBZr47JYe80sAGBS9sesQt7wwn+BWe5SV/dzZvQbVcyN5XJinVk+Y0b3x83o/muu678PvQNh1Bpb9PvbqVX1WXHBs5H9uiT0ils4/aT3jbj6+OnhrYPeg4d7D/ceheFa3f/M99dDMVsOo1+w9gAAzqDsc28+/8mzVmdfBJuDBcfE96TVjZaSOs2VjbeitKVkZk1uYpMUlfu6oZx0nSwzNpdNY2VmnN4u3/wi+69+caodpX/q2GWJipySsUnzKM5lQ7tYZp3PE+22lC0vdpmKdVPHUa5NKp3p2FjVpHRKHQvUDZXmuqmLaiozq9uR3ZH3TdJpK9lQLrY6y03V4KAvnTaNbZfN1iZ8rwEAeFe8eIPdG6xMeowAAOAkVmkAAAAAAAAAAAAAAAAAAAAAAN59b2P/HxUqVP5rlUnPTADetH8CAAD//3QkocI=")
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x1c3)
getdents64(r0, &(0x7f0000002fc0)=""/4108, 0x100c)

1.243950747s ago: executing program 3 (id=52):
syz_usb_connect(0x6, 0x1fc, &(0x7f0000000780)=ANY=[@ANYBLOB="12015002b8005108101407a0683e010203010902ea01030e00300309040309027f54cc00090502040004040403800109661bede31b6d40ffd5a6457d3483a7c64a2cf09c6b30e3afe9caf13ed9a2924ed053d2b4b24aedb4035d4212c8a5f7df3b67916187c245f81035efe9b53a8d79988d4b00a8aa5926f8b9103fd0e543cebd14ca5d0825146c7ff12ef0b8fe612538542d6f5c9fdc7894374795b8ccb6bdb303b42aa86746d3370ad7a31c090504104000050209072501830200040725018101070009045b060c317135060905051008000600d30725018002000009050610200080ff0407250101060200090500100004090401090504104000ab0005090505022000060d0d48007672bf7524ef90e0a086de3562bf356642bc0201de8fa807c3b757b1c182c0f4c59af7c59293e1bc41956912be0eafd96bdf03aa6117bc3e50fbee59a6e5dfc7206516e091fce94c0c778a134b5368d1af31d240535b0725018002010009050b08000401a9050725010332f60b0725010206ac15090502140000c7070e0905010400020805800905051000020802ae07250103fbff0009050010400008000309050c040002030d07410f8c1ea652c620acd24cbf2bfeb921dfc3f2c147f7c05a53e4f7db6742a64c76fe8d2f319387c80165b1ad6b9054e93ae7385d785e1c040f2c4e5c2388ef87910905090020000108"], 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a5108000200"], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)

1.174000021s ago: executing program 1 (id=55):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
chdir(&(0x7f0000000140)='./bus\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@gettfilter={0x24, 0x2e, 0x800, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0xa, 0xa}, {0xd, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.088177636s ago: executing program 1 (id=58):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x17}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
io_uring_enter(r0, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)

1.040971979s ago: executing program 1 (id=59):
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0xb000000d})
recvfrom$unix(r1, 0x0, 0x0, 0x40002000, 0x0, 0x0)

948.580734ms ago: executing program 2 (id=60):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001500)='\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x9}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)="08e0ac8fb1d99df61d7b518d0a62", 0xe}, {&(0x7f0000000180)="8a", 0x1}, {&(0x7f00000005c0)="f5fbfd4f1595317700ff55f1f960ff70fba64053ef1c952b8561071ccfbed96b7227eaaf92a1358afc148a8aafa58b2444561acf9a5114b207019da8518fea9fd189e3616ec0ad37f86f431d6f4f1fbe1b0e3e640ac2b1f7ff33cf28d27c40513b6cee87fbd144c842c5c7b6752ea19efcfca738ac5207318c1bc30db2a727ce9a82303920eb2a3b0aa99902f8423e754843e7d6ceb06048a8d918680c042a42370dc807a398af793f4b1a3107c3771474ba13d826ce5634d33c485f3f97cffc9ea1e026f4327e96d5a40268c75358061e75633ebe43e946f2bad55973c81fff7d4843dd1db36180dd3b5692f98ace6805c67a9e20216aac908b9a6111c6", 0xfe}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce90bfdb", 0x4}, {&(0x7f00000007c0)="f2e659", 0x3}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001680)="d8", 0x1}, {&(0x7f0000001600)="f2964dd1", 0x4}, {&(0x7f0000000580)="b8a2f6", 0x3}, {&(0x7f00000002c0)="7940e900e0377757a9edc0d9376c21328ad2f7584fe4c8b712b3e5e08ecff5258151bd9eea7b4ce21f67ab51922ce035987127fda5812df903188e321419610f4beb6cdf6fa073876157c4f1d2054439d8db3f4d937872de928b62741fd60e6b56979ad883f89a02e24a577275bfb498b7a127abd0eb099e704d18d63dad611b45acfc3b8dc5457c8383d7d8621942e8e2ce6e4017dd6e5ed9732e739be6593c3b033524669ce17c3b822a6953eb11a20921220000000000000000", 0xbb}, {&(0x7f0000000280)="87", 0x1}], 0x7}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000880)="87", 0x1}, {&(0x7f0000000900)="11e09017", 0xfffffec4}], 0x2}}], 0x4, 0x4000000)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

916.989377ms ago: executing program 4 (id=61):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300020000000000fbdbdf25fc000000000000000000000000000000ffffffff00000000000000000000000000000004000000000a006080", @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="b80000001300e9990500000000000000fc000000000000000000000000000000fc00000000000000000000000000000000000000000000000a0030"], 0xb8}}, 0x4000)

848.02844ms ago: executing program 4 (id=62):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setuid(0xee01)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)

816.760212ms ago: executing program 4 (id=63):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001800)=@newtfilter={0x38, 0x2c, 0x605, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {}, {0xffff, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}}, 0x48c0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

787.296254ms ago: executing program 4 (id=64):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd2b, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0xd, 0x5}, {}, {0x7, 0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0x8, 0x0, 0xa, 0x3}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x7c}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400c010}, 0x0)

762.981755ms ago: executing program 2 (id=65):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x5)
io_setup(0x3ff, &(0x7f0000000500))

718.545068ms ago: executing program 4 (id=66):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

685.12826ms ago: executing program 3 (id=67):
r0 = socket$inet(0x2, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
r1 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x800, 0x8000, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x30)
shutdown(r0, 0x0)

680.02505ms ago: executing program 0 (id=68):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000100)={0x20000000})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000000)={0x5})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0x20000001})

608.644854ms ago: executing program 0 (id=69):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket(0xa, 0x2, 0x0)
r1 = dup(r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, 0x0, &(0x7f0000000080)=r1}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010102000000000000000002000000240002800c000280040001003a00000014000180080001cd4bde2a0192000000000000000c001980080002"], 0x44}, 0x1, 0x0, 0x0, 0x40080}, 0x0)

451.270713ms ago: executing program 3 (id=70):
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c0008"], 0xd8}, 0x1, 0x0, 0x0, 0x40044}, 0x20008004)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bond0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'gretap0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r1], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)

450.821163ms ago: executing program 0 (id=71):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x51, &(0x7f0000000780)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "910100", 0x17, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x17, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "51f84227a41c82"}}}}}}}, 0x0)

367.187568ms ago: executing program 2 (id=72):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xffe0, 0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x14, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x8}, @TCA_BPF_FD={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x810}, 0x20040054)

324.27614ms ago: executing program 0 (id=73):
unshare(0x20040400)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6a}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @multicast1, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)

300.092173ms ago: executing program 0 (id=74):
r0 = syz_io_uring_setup(0x6368, &(0x7f00000008c0)={0x0, 0xfffffffe, 0x80, 0x0, 0x6}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000001c0))
r2 = eventfd2(0xbfb, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000240)=r2, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x20000001})
io_uring_enter(r0, 0x1, 0x10a5, 0x4, 0x0, 0x0)

254.317605ms ago: executing program 3 (id=75):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000580)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
unshare(0x22020600)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='cgroup\x00')
lseek(r2, 0x339, 0x0)

237.485386ms ago: executing program 2 (id=76):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r1 = memfd_create(&(0x7f0000000000)='/dev/loop#\x00\xee\b\xce\xde\xe9\x8d\xd3\xd4\xe2\xfd\x7f\xf5R%\xe0]l\xa1s\b\xa5\xd2\xd59\xc8\xda\b\xd6\xb2\x15\xf6F\xb8\xb4{r.\xd2\xea\x16\x82\xe8=\xa3\x88sN\x83N`\xf9\xec\xe1\xbb\x05<r\xf8\xd56\xaf~Nh%\x14\xf4\x16\xa3\x88i*rR\x17\xf6:\x964\x82jOu\xa3c\x9ez7\x88\x15\xdbz\xd1&\xd1\xca\xcb\xc5C\xa6,\xc7~\x86\xee=\xae}\xeb\xe8N\x11\xed\xee\xd7x6}-y #\x17\x8d[~\xe2\xab\xe6\xe3\x17\xd2/&\xfb\x13\xf3\xd9\xf4O\xf2\xdb\x9b\x03)\xae\xde\xef\x06\x03W\xb5;\xa6\xb4\'\'\xc2C\x85\xe4\xaa\xe8\x81\xc0\x85\xd2\xfe\xcf\x9bn\xee*\x15\x97#\'\a\x00h\x1f@\xb7\xef&\x87\x93\x15\xa4\xe5D\xee\x03\xd1\xd4\xc2yT\x8a0\x06=\xe7R\x85\x02\xf3\x15\x99z0]\xc4\x04\xb0\xeaZ\xd9\x1e\xbf\xb6\xe9\x8a\xfe\xd9G\x82\x93\xbf,J}\xed\xfa\x1b\x01\xc0\x8c\x0f!\x93A-|Ss\xe8\xe3\xfa\xa2{\xef\xff1\xf9|Cj~\xf4\xd1\xf1q\x13\xb6\x94\xe1\x98#|(O7\xa8)\x86\xaf\x10\x1e\xa5\x18\x8a4\xcc\xd5f\xc0V\v:RK\xed\xc8HD\x9b;\xe0R\x92\x94\xf7\xeb\xe8\x97\x8f\x05\x9a\xe7\xdc\xf09\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0x200401)
fallocate(r1, 0x0, 0x0, 0x200401)

236.882026ms ago: executing program 0 (id=77):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x28142, 0x8)
fcntl$setlease(r0, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x82040, 0x170)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x120)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000001e80)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x0)

181.619729ms ago: executing program 1 (id=78):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstat(r1, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(r2, r2, r2)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x150d, 0x103)

161.348531ms ago: executing program 1 (id=79):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001500)='\x00\x00', 0x2}], 0x1}}], 0x1, 0x4000000)
sendmmsg(r0, &(0x7f0000009540)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000c40)='Z', 0x1}], 0x1, &(0x7f0000002840)=[{0x10, 0x11, 0x6}], 0x10}}], 0x1, 0x400400c)

143.660672ms ago: executing program 1 (id=80):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1714, &(0x7f0000002040)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x1, r1, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0}})
io_uring_enter(r2, 0x27e2, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
dup3(r1, r0, 0x80000)

139.516602ms ago: executing program 3 (id=81):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000600)=""/4074, 0xfea}], 0x1}}], 0x1, 0x80, 0x0)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000fd580011feffffff00", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffffc, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

106.541073ms ago: executing program 4 (id=82):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f1f0000060001000000000008000500", @ANYRES32=r1], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

34.488738ms ago: executing program 3 (id=83):
syz_clone3(0x0, 0x0)
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
ppoll(&(0x7f00000001c0)=[{r1, 0x1000}], 0x1, 0x0, 0x0, 0x0)
clock_adjtime(0x200000000000000, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x9, 0x2, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0xe3, 0x18, 0x1000, 0x8, 0x2, 0x3, 0x0, 0x3})

0s ago: executing program 2 (id=84):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x200, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f00000001c0)="f1", 0x1)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

[   23.422233][   T29] audit: type=1400 audit(1770317817.925:62): avc:  denied  { search } for  pid=3194 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   23.444207][   T29] audit: type=1400 audit(1770317817.925:63): avc:  denied  { search } for  pid=3194 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=478 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   23.466754][   T29] audit: type=1400 audit(1770317817.925:64): avc:  denied  { search } for  pid=3194 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   23.489634][   T29] audit: type=1400 audit(1770317817.925:65): avc:  denied  { search } for  pid=3194 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   23.512609][   T29] audit: type=1400 audit(1770317817.935:66): avc:  denied  { read open } for  pid=3195 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
Warning: Permanently added '10.128.0.130' (ED25519) to the list of known hosts.
[   27.369804][   T29] kauditd_printk_skb: 3 callbacks suppressed
[   27.369822][   T29] audit: type=1400 audit(1770317821.875:70): avc:  denied  { mounton } for  pid=3283 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   27.398979][   T29] audit: type=1400 audit(1770317821.905:71): avc:  denied  { mount } for  pid=3283 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.401349][ T3283] cgroup: Unknown subsys name 'net'
[   27.426713][   T29] audit: type=1400 audit(1770317821.935:72): avc:  denied  { unmount } for  pid=3283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.564007][ T3283] cgroup: Unknown subsys name 'cpuset'
[   27.570213][ T3283] cgroup: Unknown subsys name 'rlimit'
[   27.746704][   T29] audit: type=1400 audit(1770317822.255:73): avc:  denied  { setattr } for  pid=3283 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   27.774703][   T29] audit: type=1400 audit(1770317822.255:74): avc:  denied  { create } for  pid=3283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.795195][   T29] audit: type=1400 audit(1770317822.255:75): avc:  denied  { write } for  pid=3283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.815663][   T29] audit: type=1400 audit(1770317822.255:76): avc:  denied  { read } for  pid=3283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.836050][   T29] audit: type=1400 audit(1770317822.265:77): avc:  denied  { mounton } for  pid=3283 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   27.860883][   T29] audit: type=1400 audit(1770317822.265:78): avc:  denied  { mount } for  pid=3283 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   27.884135][   T29] audit: type=1400 audit(1770317822.275:79): avc:  denied  { read } for  pid=3041 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   27.910500][ T3302] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   27.967213][ T3283] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   29.902520][ T3320] chnl_net:caif_netlink_parms(): no params data found
[   29.946987][ T3312] chnl_net:caif_netlink_parms(): no params data found
[   30.007674][ T3315] chnl_net:caif_netlink_parms(): no params data found
[   30.031024][ T3311] chnl_net:caif_netlink_parms(): no params data found
[   30.039762][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   30.098245][ T3320] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.105385][ T3320] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.112501][ T3320] bridge_slave_0: entered allmulticast mode
[   30.118955][ T3320] bridge_slave_0: entered promiscuous mode
[   30.129913][ T3320] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.137055][ T3320] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.144277][ T3320] bridge_slave_1: entered allmulticast mode
[   30.150784][ T3320] bridge_slave_1: entered promiscuous mode
[   30.178283][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.185455][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.192520][ T3312] bridge_slave_0: entered allmulticast mode
[   30.198923][ T3312] bridge_slave_0: entered promiscuous mode
[   30.209836][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.216994][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.224113][ T3312] bridge_slave_1: entered allmulticast mode
[   30.230660][ T3312] bridge_slave_1: entered promiscuous mode
[   30.246603][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.261382][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.305339][ T3315] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.312473][ T3315] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.319767][ T3315] bridge_slave_0: entered allmulticast mode
[   30.326138][ T3315] bridge_slave_0: entered promiscuous mode
[   30.343152][ T3320] team0: Port device team_slave_0 added
[   30.349063][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.356203][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.363400][ T3313] bridge_slave_0: entered allmulticast mode
[   30.369699][ T3313] bridge_slave_0: entered promiscuous mode
[   30.377512][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.386631][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.393762][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.400908][ T3313] bridge_slave_1: entered allmulticast mode
[   30.407429][ T3313] bridge_slave_1: entered promiscuous mode
[   30.413952][ T3315] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.421026][ T3315] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.428148][ T3315] bridge_slave_1: entered allmulticast mode
[   30.434538][ T3315] bridge_slave_1: entered promiscuous mode
[   30.441506][ T3320] team0: Port device team_slave_1 added
[   30.451541][ T3311] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.458714][ T3311] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.466014][ T3311] bridge_slave_0: entered allmulticast mode
[   30.472463][ T3311] bridge_slave_0: entered promiscuous mode
[   30.479732][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.488835][ T3311] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.495916][ T3311] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.503048][ T3311] bridge_slave_1: entered allmulticast mode
[   30.509532][ T3311] bridge_slave_1: entered promiscuous mode
[   30.531655][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.560490][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.570633][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.590027][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.599485][ T3320] batman_adv: batadv0: Adding interface: batadv_slave_0
[   30.606536][ T3320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   30.632464][ T3320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   30.649152][ T3312] team0: Port device team_slave_0 added
[   30.660739][ T3311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.675246][ T3311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.684655][ T3320] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.691599][ T3320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   30.717629][ T3320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.729326][ T3315] team0: Port device team_slave_0 added
[   30.735791][ T3312] team0: Port device team_slave_1 added
[   30.742275][ T3315] team0: Port device team_slave_1 added
[   30.769864][ T3311] team0: Port device team_slave_0 added
[   30.780675][ T3313] team0: Port device team_slave_0 added
[   30.787833][ T3311] team0: Port device team_slave_1 added
[   30.802175][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_0
[   30.809178][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   30.835180][ T3315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   30.846868][ T3313] team0: Port device team_slave_1 added
[   30.858036][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0
[   30.865021][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   30.890945][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   30.901893][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.908898][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   30.934831][ T3315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.975366][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.982335][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   31.008312][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.027768][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.034842][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   31.060826][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.071996][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.078997][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   31.104897][ T3311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.117931][ T3320] hsr_slave_0: entered promiscuous mode
[   31.124046][ T3320] hsr_slave_1: entered promiscuous mode
[   31.137023][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.144001][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   31.169990][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.181007][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.187996][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   31.213982][ T3311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.247972][ T3315] hsr_slave_0: entered promiscuous mode
[   31.254077][ T3315] hsr_slave_1: entered promiscuous mode
[   31.259859][ T3315] debugfs: 'hsr0' already exists in 'hsr'
[   31.265690][ T3315] Cannot create hsr debugfs directory
[   31.279559][ T3312] hsr_slave_0: entered promiscuous mode
[   31.285807][ T3312] hsr_slave_1: entered promiscuous mode
[   31.291674][ T3312] debugfs: 'hsr0' already exists in 'hsr'
[   31.297442][ T3312] Cannot create hsr debugfs directory
[   31.344164][ T3311] hsr_slave_0: entered promiscuous mode
[   31.350239][ T3311] hsr_slave_1: entered promiscuous mode
[   31.356280][ T3311] debugfs: 'hsr0' already exists in 'hsr'
[   31.362004][ T3311] Cannot create hsr debugfs directory
[   31.380634][ T3313] hsr_slave_0: entered promiscuous mode
[   31.387096][ T3313] hsr_slave_1: entered promiscuous mode
[   31.393007][ T3313] debugfs: 'hsr0' already exists in 'hsr'
[   31.398816][ T3313] Cannot create hsr debugfs directory
[   31.589504][ T3315] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   31.598213][ T3315] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   31.606958][ T3315] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   31.617714][ T3315] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   31.641284][ T3311] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   31.651673][ T3311] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   31.660849][ T3311] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   31.669886][ T3311] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   31.715580][ T3320] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   31.726066][ T3320] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   31.735827][ T3320] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   31.745284][ T3320] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   31.793812][ T3312] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   31.802481][ T3312] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   31.812216][ T3312] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   31.830810][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.838716][ T3312] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   31.855436][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.882182][ T3313] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   31.891060][ T3313] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   31.907027][ T3311] 8021q: adding VLAN 0 to HW filter on device team0
[   31.915508][ T3315] 8021q: adding VLAN 0 to HW filter on device team0
[   31.923278][ T3313] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   31.932905][ T3313] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   31.950286][ T2883] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.957454][ T2883] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.975099][ T2883] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.982143][ T2883] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.991442][ T2883] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.998530][ T2883] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.029215][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.036369][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.050449][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.062514][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.086737][ T3315] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   32.114440][ T3320] 8021q: adding VLAN 0 to HW filter on device team0
[   32.138296][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   32.149495][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.156692][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.165679][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.172779][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.183493][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.200652][ T3320] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   32.211216][ T3320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   32.244498][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.251585][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.267369][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.274479][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.287180][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   32.325337][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.332498][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.341412][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.348609][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.364838][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.397452][ T3320] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.420586][ T3312] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   32.431092][ T3312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   32.453910][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.516775][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.581746][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.638061][ T3320] veth0_vlan: entered promiscuous mode
[   32.655583][ T3315] veth0_vlan: entered promiscuous mode
[   32.663295][ T3315] veth1_vlan: entered promiscuous mode
[   32.678681][ T3320] veth1_vlan: entered promiscuous mode
[   32.720889][ T3313] veth0_vlan: entered promiscuous mode
[   32.735891][ T3315] veth0_macvtap: entered promiscuous mode
[   32.744766][ T3320] veth0_macvtap: entered promiscuous mode
[   32.764531][ T3320] veth1_macvtap: entered promiscuous mode
[   32.775532][ T3311] veth0_vlan: entered promiscuous mode
[   32.782621][ T3315] veth1_macvtap: entered promiscuous mode
[   32.796004][ T3312] veth0_vlan: entered promiscuous mode
[   32.803063][ T3313] veth1_vlan: entered promiscuous mode
[   32.814716][ T3311] veth1_vlan: entered promiscuous mode
[   32.822863][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.830847][ T3312] veth1_vlan: entered promiscuous mode
[   32.847845][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.856350][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.870048][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.879899][ T3313] veth0_macvtap: entered promiscuous mode
[   32.888976][   T31] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.903572][   T31] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.914968][ T3313] veth1_macvtap: entered promiscuous mode
[   32.923691][   T31] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.942541][   T31] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.951708][ T3311] veth0_macvtap: entered promiscuous mode
[   32.960440][ T3312] veth0_macvtap: entered promiscuous mode
[   32.968999][   T31] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.978887][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.987879][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.996340][ T3311] veth1_macvtap: entered promiscuous mode
[   33.003306][ T3312] veth1_macvtap: entered promiscuous mode
[   33.009792][   T31] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.019061][   T31] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.041442][   T29] kauditd_printk_skb: 10 callbacks suppressed
[   33.041468][   T29] audit: type=1400 audit(1770317827.545:90): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.ZeEoKU/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   33.072271][   T31] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.087430][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.094740][   T29] audit: type=1400 audit(1770317827.545:91): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   33.116840][   T29] audit: type=1400 audit(1770317827.545:92): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.ZeEoKU/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   33.142030][   T29] audit: type=1400 audit(1770317827.555:93): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   33.163932][   T29] audit: type=1400 audit(1770317827.555:94): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.ZeEoKU/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   33.190610][   T29] audit: type=1400 audit(1770317827.555:95): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.ZeEoKU/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=4679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   33.217985][   T29] audit: type=1400 audit(1770317827.555:96): avc:  denied  { unmount } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   33.237567][   T29] audit: type=1400 audit(1770317827.575:97): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   33.260393][   T29] audit: type=1400 audit(1770317827.585:98): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="gadgetfs" ino=4680 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   33.294346][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.301707][   T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.312853][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.322064][ T3320] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   33.349282][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.357184][   T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.371400][   T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.393632][   T29] audit: type=1400 audit(1770317827.895:99): avc:  denied  { read write } for  pid=3315 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   33.430495][   T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.447374][ T3482] Illegal XDP return value 4294967294 on prog  (id 1) dev syz_tun, expect packet loss!
[   33.465945][   T37] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.484586][   T37] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.507766][   T37] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.539838][  T348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.569275][  T348] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.613090][  T348] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.634465][ T3493] netlink: 7 bytes leftover after parsing attributes in process `syz.1.7'.
[   33.644105][  T348] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.661748][  T348] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.681766][ T3493] netlink: 7 bytes leftover after parsing attributes in process `syz.1.7'.
[   33.698454][    C0] hrtimer: interrupt took 36749 ns
[   33.737403][ T3502] loop4: detected capacity change from 0 to 4096
[   33.764300][ T3502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.769800][ T3504] netlink: 'syz.1.11': attribute type 1 has an invalid length.
[   33.784585][ T3504] netlink: 'syz.1.11': attribute type 4 has an invalid length.
[   33.792229][ T3504] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.11'.
[   33.814763][ T3502] EXT4-fs (loop4): shut down requested (1)
[   33.836024][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.048792][ T3534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18'.
[   34.088201][ T3534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18'.
[   34.130934][   T58] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   34.140471][ T3534] Zero length message leads to an empty skb
[   34.240235][   T58] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   34.288803][   T58] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   34.333364][   T58] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   34.434466][ T3417] IPVS: starting estimator thread 0...
[   34.523333][ T3564] IPVS: using max 2208 ests per chain, 110400 per kthread
[   34.653793][ T3577] loop2: detected capacity change from 0 to 512
[   34.661900][ T3577] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[   34.671066][ T3577] System zones: 1-12
[   34.676662][ T3577] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.35: corrupted in-inode xattr: e_value size too large
[   34.701150][ T3577] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.35: couldn't read orphan inode 15 (err -117)
[   34.713992][ T3577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.744100][ T3581] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   35.037183][ T3602] netlink: 'syz.1.47': attribute type 4 has an invalid length.
[   35.061873][ T3602] netlink: 'syz.1.47': attribute type 4 has an invalid length.
[   35.164318][ T3606] all: renamed from bridge_slave_0 (while UP)
[   35.202628][ T3612] sch_fq: defrate 7 ignored.
[   35.282065][ T3622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.55'.
[   35.290874][ T3622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.55'.
[   35.313570][   T58] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   35.332466][   T58] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   35.344670][   T58] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   35.363430][   T58] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   35.495113][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.694808][ T3646] loop2: detected capacity change from 0 to 128
[   35.729987][ T3646] syz.2.65: attempt to access beyond end of device
[   35.729987][ T3646] loop2: rw=2049, sector=154, nr_sectors = 8 limit=128
[   35.767466][ T3646] syz.2.65: attempt to access beyond end of device
[   35.767466][ T3646] loop2: rw=8390657, sector=160, nr_sectors = 2 limit=128
[   35.781166][ T3646] Buffer I/O error on dev loop2, logical block 80, lost async page write
[   35.799058][ T3649] syz.2.65: attempt to access beyond end of device
[   35.799058][ T3649] loop2: rw=2049, sector=154, nr_sectors = 2 limit=128
[   35.843340][ T3656] loop0: detected capacity change from 0 to 512
[   35.855708][ T3656] =======================================================
[   35.855708][ T3656] WARNING: The mand mount option has been deprecated and
[   35.855708][ T3656]          and is ignored by this kernel. Remove the mand
[   35.855708][ T3656]          option from the mount to silence this warning.
[   35.855708][ T3656] =======================================================
[   35.905290][ T3656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.920261][ T3656] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.942717][ T3649] syz.2.65: attempt to access beyond end of device
[   35.942717][ T3649] loop2: rw=8390657, sector=154, nr_sectors = 2 limit=128
[   35.956333][ T3649] Buffer I/O error on dev loop2, logical block 77, lost async page write
[   35.966295][ T3656] netlink: 8 bytes leftover after parsing attributes in process `syz.0.69'.
[   35.999100][ T3661] netlink: 'syz.3.70': attribute type 8 has an invalid length.
[   36.006785][ T3661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.70'.
[   36.015895][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.029872][ T3661] bond0: entered promiscuous mode
[   36.035083][ T3661] bond_slave_0: entered promiscuous mode
[   36.040955][ T3661] bond_slave_1: entered promiscuous mode
[   36.050098][ T3661] gretap0: entered promiscuous mode
[   36.062682][ T3661] team_slave_1: entered promiscuous mode
[   36.068586][ T3661] team_slave_1: left promiscuous mode
[   36.084795][ T3661] bond0: left promiscuous mode
[   36.089624][ T3661] bond_slave_0: left promiscuous mode
[   36.095176][ T3661] bond_slave_1: left promiscuous mode
[   36.105900][ T3661] gretap0: left promiscuous mode
[   36.125749][   T23] IPVS: starting estimator thread 0...
[   36.213937][ T3668] IPVS: using max 2160 ests per chain, 108000 per kthread
[   36.350347][ T3688] netlink: 20 bytes leftover after parsing attributes in process `syz.4.82'.
[   36.359412][ T3688] 8021q: VLANs not supported on ip_vti0
[   36.450014][ T3696] loop2: detected capacity change from 0 to 1024
[   36.456773][ T3696] EXT4-fs: Ignoring removed oldalloc option
[   36.462807][ T3696] EXT4-fs: Ignoring removed bh option
[   36.475122][ T3696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.889317][ T3700] ==================================================================
[   36.897452][ T3700] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   36.904599][ T3700] 
[   36.906953][ T3700] write to 0xffff888106172164 of 4 bytes by task 3696 on cpu 0:
[   36.914617][ T3700]  xas_set_mark+0x12b/0x140
[   36.919168][ T3700]  __folio_start_writeback+0x17b/0x370
[   36.924651][ T3700]  ext4_bio_write_folio+0x5ad/0x9f0
[   36.929896][ T3700]  mpage_process_page_bufs+0x4a1/0x620
[   36.935388][ T3700]  mpage_prepare_extent_to_map+0x7d4/0xc50
[   36.941224][ T3700]  ext4_do_writepages+0x9f6/0x2800
[   36.946392][ T3700]  ext4_writepages+0x18f/0x320
[   36.951181][ T3700]  do_writepages+0x1c6/0x310
[   36.955807][ T3700]  file_write_and_wait_range+0x178/0x2f0
[   36.961468][ T3700]  generic_buffers_fsync_noflush+0x45/0x130
[   36.967383][ T3700]  ext4_sync_file+0x1aa/0x680
[   36.972093][ T3700]  vfs_fsync_range+0x10d/0x130
[   36.976894][ T3700]  ext4_buffered_write_iter+0x34f/0x3c0
[   36.982498][ T3700]  ext4_file_write_iter+0x380/0xf70
[   36.987758][ T3700]  iter_file_splice_write+0x6bc/0xa80
[   36.993173][ T3700]  direct_splice_actor+0x156/0x2a0
[   36.998318][ T3700]  splice_direct_to_actor+0x311/0x670
[   37.003725][ T3700]  do_splice_direct+0x119/0x1a0
[   37.008611][ T3700]  do_sendfile+0x382/0x650
[   37.013076][ T3700]  __x64_sys_sendfile64+0x105/0x150
[   37.018331][ T3700]  x64_sys_call+0x2db1/0x3000
[   37.023053][ T3700]  do_syscall_64+0xc0/0x2a0
[   37.027625][ T3700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.033563][ T3700] 
[   37.035911][ T3700] read to 0xffff888106172164 of 4 bytes by task 3700 on cpu 1:
[   37.043486][ T3700]  xas_find_marked+0x5d7/0x620
[   37.048313][ T3700]  filemap_get_folios_tag+0xfa/0x510
[   37.053649][ T3700]  mpage_prepare_extent_to_map+0x328/0xc50
[   37.059490][ T3700]  ext4_do_writepages+0x9f6/0x2800
[   37.064640][ T3700]  ext4_writepages+0x18f/0x320
[   37.069434][ T3700]  do_writepages+0x1c6/0x310
[   37.074076][ T3700]  file_write_and_wait_range+0x178/0x2f0
[   37.079730][ T3700]  generic_buffers_fsync_noflush+0x45/0x130
[   37.085650][ T3700]  ext4_sync_file+0x1aa/0x680
[   37.090358][ T3700]  vfs_fsync_range+0x10d/0x130
[   37.095151][ T3700]  ext4_buffered_write_iter+0x34f/0x3c0
[   37.100729][ T3700]  ext4_file_write_iter+0x380/0xf70
[   37.105976][ T3700]  iter_file_splice_write+0x6bc/0xa80
[   37.111370][ T3700]  direct_splice_actor+0x156/0x2a0
[   37.116500][ T3700]  splice_direct_to_actor+0x311/0x670
[   37.121897][ T3700]  do_splice_direct+0x119/0x1a0
[   37.126763][ T3700]  do_sendfile+0x382/0x650
[   37.131215][ T3700]  __x64_sys_sendfile64+0x105/0x150
[   37.136452][ T3700]  x64_sys_call+0x2db1/0x3000
[   37.141185][ T3700]  do_syscall_64+0xc0/0x2a0
[   37.145722][ T3700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.151635][ T3700] 
[   37.153988][ T3700] value changed: 0x0a000021 -> 0x04000021
[   37.159729][ T3700] 
[   37.162068][ T3700] Reported by Kernel Concurrency Sanitizer on:
[   37.168239][ T3700] CPU: 1 UID: 0 PID: 3700 Comm: syz.2.84 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.177793][ T3700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.187867][ T3700] ==================================================================
[   37.385264][ T3696] ==================================================================
[   37.393391][ T3696] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[   37.398434][ T3700] syz.2.84 (3700) used greatest stack depth: 9176 bytes left
[   37.401414][ T3696] 
[   37.401424][ T3696] write to 0xffff888106172164 of 4 bytes by task 3700 on cpu 0:
[   37.401442][ T3696]  xas_set_mark+0x12b/0x140
[   37.401470][ T3696]  __folio_start_writeback+0x17b/0x370
[   37.401490][ T3696]  ext4_bio_write_folio+0x5ad/0x9f0
[   37.433934][ T3696]  mpage_process_page_bufs+0x4a1/0x620
[   37.439416][ T3696]  mpage_prepare_extent_to_map+0x7d4/0xc50
[   37.445230][ T3696]  ext4_do_writepages+0x9f6/0x2800
[   37.450358][ T3696]  ext4_writepages+0x18f/0x320
[   37.455155][ T3696]  do_writepages+0x1c6/0x310
[   37.459781][ T3696]  file_write_and_wait_range+0x178/0x2f0
[   37.465412][ T3696]  generic_buffers_fsync_noflush+0x45/0x130
[   37.471302][ T3696]  ext4_sync_file+0x1aa/0x680
[   37.475976][ T3696]  vfs_fsync_range+0x10d/0x130
[   37.480737][ T3696]  ext4_buffered_write_iter+0x34f/0x3c0
[   37.486287][ T3696]  ext4_file_write_iter+0x380/0xf70
[   37.491493][ T3696]  iter_file_splice_write+0x6bc/0xa80
[   37.496866][ T3696]  direct_splice_actor+0x156/0x2a0
[   37.501970][ T3696]  splice_direct_to_actor+0x311/0x670
[   37.507340][ T3696]  do_splice_direct+0x119/0x1a0
[   37.512188][ T3696]  do_sendfile+0x382/0x650
[   37.516618][ T3696]  __x64_sys_sendfile64+0x105/0x150
[   37.521818][ T3696]  x64_sys_call+0x2db1/0x3000
[   37.526499][ T3696]  do_syscall_64+0xc0/0x2a0
[   37.531007][ T3696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.536896][ T3696] 
[   37.539227][ T3696] read to 0xffff888106172164 of 4 bytes by task 3696 on cpu 1:
[   37.546761][ T3696]  file_write_and_wait_range+0x130/0x2f0
[   37.552397][ T3696]  generic_buffers_fsync_noflush+0x45/0x130
[   37.558301][ T3696]  ext4_sync_file+0x1aa/0x680
[   37.562996][ T3696]  vfs_fsync_range+0x10d/0x130
[   37.568200][ T3696]  ext4_buffered_write_iter+0x34f/0x3c0
[   37.573760][ T3696]  ext4_file_write_iter+0x380/0xf70
[   37.578987][ T3696]  iter_file_splice_write+0x6bc/0xa80
[   37.584364][ T3696]  direct_splice_actor+0x156/0x2a0
[   37.589506][ T3696]  splice_direct_to_actor+0x311/0x670
[   37.594891][ T3696]  do_splice_direct+0x119/0x1a0
[   37.599739][ T3696]  do_sendfile+0x382/0x650
[   37.604164][ T3696]  __x64_sys_sendfile64+0x105/0x150
[   37.609489][ T3696]  x64_sys_call+0x2db1/0x3000
[   37.614180][ T3696]  do_syscall_64+0xc0/0x2a0
[   37.618698][ T3696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.624586][ T3696] 
[   37.626910][ T3696] value changed: 0x0a000021 -> 0x04000021
[   37.632660][ T3696] 
[   37.635001][ T3696] Reported by Kernel Concurrency Sanitizer on:
[   37.641181][ T3696] CPU: 1 UID: 0 PID: 3696 Comm: syz.2.84 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.652234][ T3696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.662384][ T3696] ==================================================================
[   37.684306][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.