syzkaller login: [  287.097798][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  287.175276][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  287.199958][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  287.217682][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  287.233686][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:15681' (ECDSA) to the list of known hosts.
1970/01/01 00:06:15 fuzzer started
1970/01/01 00:06:27 dialing manager at localhost:39321
[  393.751598][ T2025] cgroup: Unknown subsys name 'net'
[  394.845878][ T2025] cgroup: Unknown subsys name 'rlimit'
1970/01/01 00:06:34 syscalls: 2918
1970/01/01 00:06:34 code coverage: enabled
1970/01/01 00:06:34 comparison tracing: enabled
1970/01/01 00:06:34 extra coverage: enabled
1970/01/01 00:06:34 delay kcov mmap: mmap returned an invalid pointer
1970/01/01 00:06:34 setuid sandbox: enabled
1970/01/01 00:06:34 namespace sandbox: enabled
1970/01/01 00:06:34 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:06:34 fault injection: enabled
1970/01/01 00:06:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:06:34 net packet injection: enabled
1970/01/01 00:06:34 net device setup: enabled
1970/01/01 00:06:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:06:34 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:06:34 NIC VF setup: PCI device 0000:00:11.0 is not available
1970/01/01 00:06:34 USB emulation: enabled
1970/01/01 00:06:34 hci packet injection: /dev/vhci does not exist
1970/01/01 00:06:34 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:06:34 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:06:35 fetching corpus: 0, signal 0/2000 (executing program)
1970/01/01 00:06:41 fetching corpus: 50, signal 38703/42167 (executing program)
1970/01/01 00:06:43 fetching corpus: 100, signal 47045/52084 (executing program)
1970/01/01 00:06:47 fetching corpus: 150, signal 57457/63944 (executing program)
1970/01/01 00:06:50 fetching corpus: 200, signal 65267/73112 (executing program)
1970/01/01 00:06:53 fetching corpus: 250, signal 72996/82119 (executing program)
1970/01/01 00:06:55 fetching corpus: 300, signal 78854/89184 (executing program)
1970/01/01 00:06:57 fetching corpus: 350, signal 84063/95549 (executing program)
1970/01/01 00:06:59 fetching corpus: 400, signal 87461/100205 (executing program)
1970/01/01 00:07:02 fetching corpus: 450, signal 90808/104734 (executing program)
1970/01/01 00:07:05 fetching corpus: 500, signal 93764/108859 (executing program)
1970/01/01 00:07:08 fetching corpus: 550, signal 97540/113702 (executing program)
1970/01/01 00:07:11 fetching corpus: 600, signal 100248/117522 (executing program)
1970/01/01 00:07:13 fetching corpus: 650, signal 102486/120803 (executing program)
1970/01/01 00:07:16 fetching corpus: 700, signal 104446/123874 (executing program)
1970/01/01 00:07:19 fetching corpus: 750, signal 106748/127175 (executing program)
1970/01/01 00:07:22 fetching corpus: 800, signal 108648/130146 (executing program)
1970/01/01 00:07:24 fetching corpus: 850, signal 111191/133646 (executing program)
1970/01/01 00:07:27 fetching corpus: 900, signal 113854/137223 (executing program)
1970/01/01 00:07:30 fetching corpus: 950, signal 117120/141262 (executing program)
1970/01/01 00:07:33 fetching corpus: 1000, signal 119104/144170 (executing program)
1970/01/01 00:07:35 fetching corpus: 1050, signal 120752/146799 (executing program)
1970/01/01 00:07:37 fetching corpus: 1100, signal 122260/149285 (executing program)
1970/01/01 00:07:39 fetching corpus: 1150, signal 124000/151870 (executing program)
1970/01/01 00:07:41 fetching corpus: 1200, signal 125172/154007 (executing program)
1970/01/01 00:07:44 fetching corpus: 1250, signal 126832/156516 (executing program)
1970/01/01 00:07:46 fetching corpus: 1300, signal 128840/159305 (executing program)
1970/01/01 00:07:49 fetching corpus: 1350, signal 130637/161871 (executing program)
1970/01/01 00:07:52 fetching corpus: 1400, signal 132983/164883 (executing program)
1970/01/01 00:07:55 fetching corpus: 1450, signal 134396/167098 (executing program)
1970/01/01 00:07:58 fetching corpus: 1500, signal 136370/169779 (executing program)
1970/01/01 00:08:02 fetching corpus: 1549, signal 137344/171549 (executing program)
1970/01/01 00:08:04 fetching corpus: 1599, signal 138837/173812 (executing program)
1970/01/01 00:08:07 fetching corpus: 1649, signal 140815/176434 (executing program)
1970/01/01 00:08:09 fetching corpus: 1699, signal 142611/178797 (executing program)
1970/01/01 00:08:12 fetching corpus: 1749, signal 144150/180989 (executing program)
1970/01/01 00:08:16 fetching corpus: 1799, signal 145812/183266 (executing program)
1970/01/01 00:08:19 fetching corpus: 1849, signal 146778/185012 (executing program)
1970/01/01 00:08:23 fetching corpus: 1899, signal 147850/186787 (executing program)
1970/01/01 00:08:26 fetching corpus: 1949, signal 149066/188604 (executing program)
1970/01/01 00:08:28 fetching corpus: 1999, signal 150127/190457 (executing program)
1970/01/01 00:08:30 fetching corpus: 2049, signal 151205/192174 (executing program)
1970/01/01 00:08:32 fetching corpus: 2099, signal 152676/194229 (executing program)
1970/01/01 00:08:36 fetching corpus: 2149, signal 153918/196086 (executing program)
1970/01/01 00:08:38 fetching corpus: 2199, signal 155417/198056 (executing program)
1970/01/01 00:08:40 fetching corpus: 2249, signal 156191/199528 (executing program)
1970/01/01 00:08:43 fetching corpus: 2299, signal 157432/201403 (executing program)
1970/01/01 00:08:45 fetching corpus: 2349, signal 158601/203128 (executing program)
1970/01/01 00:08:48 fetching corpus: 2398, signal 159749/204793 (executing program)
1970/01/01 00:08:50 fetching corpus: 2447, signal 160635/206315 (executing program)
1970/01/01 00:08:52 fetching corpus: 2497, signal 161737/207937 (executing program)
1970/01/01 00:08:55 fetching corpus: 2547, signal 162653/209436 (executing program)
1970/01/01 00:08:57 fetching corpus: 2597, signal 163667/210963 (executing program)
1970/01/01 00:08:59 fetching corpus: 2647, signal 164503/212370 (executing program)
1970/01/01 00:09:04 fetching corpus: 2697, signal 165417/213836 (executing program)
1970/01/01 00:09:07 fetching corpus: 2747, signal 166413/215378 (executing program)
1970/01/01 00:09:10 fetching corpus: 2796, signal 167592/216976 (executing program)
1970/01/01 00:09:13 fetching corpus: 2846, signal 168827/218578 (executing program)
1970/01/01 00:09:15 fetching corpus: 2896, signal 169733/219966 (executing program)
1970/01/01 00:09:18 fetching corpus: 2945, signal 170463/221251 (executing program)
1970/01/01 00:09:20 fetching corpus: 2995, signal 171352/222634 (executing program)
1970/01/01 00:09:22 fetching corpus: 3045, signal 172192/223989 (executing program)
1970/01/01 00:09:26 fetching corpus: 3095, signal 173803/225710 (executing program)
1970/01/01 00:09:28 fetching corpus: 3145, signal 174866/227142 (executing program)
1970/01/01 00:09:30 fetching corpus: 3195, signal 175627/228361 (executing program)
1970/01/01 00:09:34 fetching corpus: 3245, signal 176879/229877 (executing program)
1970/01/01 00:09:36 fetching corpus: 3295, signal 177784/231187 (executing program)
1970/01/01 00:09:39 fetching corpus: 3345, signal 178703/232497 (executing program)
1970/01/01 00:09:42 fetching corpus: 3395, signal 179597/233761 (executing program)
1970/01/01 00:09:45 fetching corpus: 3445, signal 180726/235144 (executing program)
1970/01/01 00:09:46 fetching corpus: 3495, signal 181499/236305 (executing program)
1970/01/01 00:09:49 fetching corpus: 3544, signal 182338/237519 (executing program)
1970/01/01 00:09:51 fetching corpus: 3594, signal 183005/238600 (executing program)
1970/01/01 00:09:54 fetching corpus: 3644, signal 183655/239673 (executing program)
1970/01/01 00:09:56 fetching corpus: 3694, signal 184374/240726 (executing program)
1970/01/01 00:09:58 fetching corpus: 3744, signal 185026/241795 (executing program)
1970/01/01 00:10:01 fetching corpus: 3794, signal 185771/242920 (executing program)
1970/01/01 00:10:04 fetching corpus: 3844, signal 186392/243914 (executing program)
1970/01/01 00:10:06 fetching corpus: 3894, signal 187133/245001 (executing program)
1970/01/01 00:10:09 fetching corpus: 3944, signal 187841/246067 (executing program)
1970/01/01 00:10:12 fetching corpus: 3994, signal 188688/247202 (executing program)
1970/01/01 00:10:17 fetching corpus: 4044, signal 189622/248367 (executing program)
1970/01/01 00:10:19 fetching corpus: 4094, signal 190441/249450 (executing program)
1970/01/01 00:10:21 fetching corpus: 4144, signal 191798/250723 (executing program)
1970/01/01 00:10:23 fetching corpus: 4194, signal 192393/251693 (executing program)
1970/01/01 00:10:26 fetching corpus: 4243, signal 192994/252670 (executing program)
1970/01/01 00:10:29 fetching corpus: 4293, signal 193858/253744 (executing program)
1970/01/01 00:10:31 fetching corpus: 4343, signal 194942/254899 (executing program)
1970/01/01 00:10:34 fetching corpus: 4393, signal 195731/255938 (executing program)
1970/01/01 00:10:36 fetching corpus: 4443, signal 196444/256918 (executing program)
1970/01/01 00:10:39 fetching corpus: 4492, signal 197301/257951 (executing program)
1970/01/01 00:10:42 fetching corpus: 4542, signal 197912/258877 (executing program)
1970/01/01 00:10:45 fetching corpus: 4592, signal 198504/259780 (executing program)
1970/01/01 00:10:49 fetching corpus: 4642, signal 199454/260760 (executing program)
1970/01/01 00:10:52 fetching corpus: 4692, signal 200143/261651 (executing program)
1970/01/01 00:10:54 fetching corpus: 4742, signal 200679/262500 (executing program)
1970/01/01 00:10:56 fetching corpus: 4791, signal 201318/263371 (executing program)
1970/01/01 00:10:59 fetching corpus: 4841, signal 202070/264219 (executing program)
1970/01/01 00:11:03 fetching corpus: 4890, signal 202925/265136 (executing program)
1970/01/01 00:11:05 fetching corpus: 4940, signal 204692/266302 (executing program)
1970/01/01 00:11:07 fetching corpus: 4990, signal 205407/267155 (executing program)
1970/01/01 00:11:09 fetching corpus: 5040, signal 206050/267991 (executing program)
1970/01/01 00:11:12 fetching corpus: 5090, signal 206667/268768 (executing program)
1970/01/01 00:11:15 fetching corpus: 5140, signal 207540/269596 (executing program)
1970/01/01 00:11:17 fetching corpus: 5190, signal 208036/270320 (executing program)
1970/01/01 00:11:19 fetching corpus: 5240, signal 208877/271143 (executing program)
1970/01/01 00:11:22 fetching corpus: 5290, signal 209547/271898 (executing program)
1970/01/01 00:11:25 fetching corpus: 5340, signal 210211/272667 (executing program)
1970/01/01 00:11:28 fetching corpus: 5390, signal 211279/273509 (executing program)
1970/01/01 00:11:30 fetching corpus: 5440, signal 212118/274313 (executing program)
1970/01/01 00:11:33 fetching corpus: 5490, signal 212749/275019 (executing program)
1970/01/01 00:11:37 fetching corpus: 5540, signal 213329/275731 (executing program)
1970/01/01 00:11:41 fetching corpus: 5590, signal 214004/276409 (executing program)
1970/01/01 00:11:43 fetching corpus: 5640, signal 214900/277145 (executing program)
1970/01/01 00:11:46 fetching corpus: 5690, signal 215576/277893 (executing program)
1970/01/01 00:11:49 fetching corpus: 5740, signal 216089/278536 (executing program)
1970/01/01 00:11:52 fetching corpus: 5790, signal 216469/279135 (executing program)
1970/01/01 00:11:54 fetching corpus: 5840, signal 216987/279787 (executing program)
1970/01/01 00:11:56 fetching corpus: 5890, signal 217544/280412 (executing program)
1970/01/01 00:11:59 fetching corpus: 5940, signal 217914/281031 (executing program)
1970/01/01 00:12:03 fetching corpus: 5990, signal 218411/281628 (executing program)
1970/01/01 00:12:06 fetching corpus: 6040, signal 219043/282263 (executing program)
1970/01/01 00:12:09 fetching corpus: 6090, signal 219546/282864 (executing program)
1970/01/01 00:12:11 fetching corpus: 6139, signal 220001/283426 (executing program)
1970/01/01 00:12:13 fetching corpus: 6189, signal 220612/284113 (executing program)
1970/01/01 00:12:15 fetching corpus: 6239, signal 220972/284706 (executing program)
1970/01/01 00:12:18 fetching corpus: 6289, signal 221333/285311 (executing program)
1970/01/01 00:12:22 fetching corpus: 6339, signal 221774/285878 (executing program)
1970/01/01 00:12:25 fetching corpus: 6389, signal 222346/286426 (executing program)
1970/01/01 00:12:28 fetching corpus: 6439, signal 222826/286974 (executing program)
1970/01/01 00:12:31 fetching corpus: 6489, signal 223337/287528 (executing program)
1970/01/01 00:12:33 fetching corpus: 6539, signal 223866/288069 (executing program)
1970/01/01 00:12:36 fetching corpus: 6589, signal 224360/288605 (executing program)
1970/01/01 00:12:39 fetching corpus: 6639, signal 224795/289106 (executing program)
1970/01/01 00:12:42 fetching corpus: 6689, signal 225348/289629 (executing program)
1970/01/01 00:12:44 fetching corpus: 6738, signal 225827/290140 (executing program)
1970/01/01 00:12:45 fetching corpus: 6788, signal 226241/290667 (executing program)
1970/01/01 00:12:47 fetching corpus: 6838, signal 226757/291184 (executing program)
1970/01/01 00:12:49 fetching corpus: 6888, signal 227208/291654 (executing program)
1970/01/01 00:12:52 fetching corpus: 6938, signal 227727/292132 (executing program)
1970/01/01 00:12:55 fetching corpus: 6988, signal 228276/292656 (executing program)
1970/01/01 00:12:57 fetching corpus: 7038, signal 228799/293132 (executing program)
1970/01/01 00:12:59 fetching corpus: 7087, signal 229197/293589 (executing program)
1970/01/01 00:13:01 fetching corpus: 7137, signal 229717/294026 (executing program)
1970/01/01 00:13:04 fetching corpus: 7187, signal 230235/294473 (executing program)
1970/01/01 00:13:06 fetching corpus: 7237, signal 230716/294919 (executing program)
1970/01/01 00:13:09 fetching corpus: 7287, signal 231298/295326 (executing program)
1970/01/01 00:13:12 fetching corpus: 7337, signal 231667/295688 (executing program)
1970/01/01 00:13:15 fetching corpus: 7387, signal 232208/295688 (executing program)
1970/01/01 00:13:16 fetching corpus: 7437, signal 232605/295688 (executing program)
1970/01/01 00:13:18 fetching corpus: 7487, signal 233057/295695 (executing program)
1970/01/01 00:13:21 fetching corpus: 7537, signal 233651/295695 (executing program)
1970/01/01 00:13:24 fetching corpus: 7587, signal 234044/295695 (executing program)
1970/01/01 00:13:27 fetching corpus: 7637, signal 234694/295695 (executing program)
1970/01/01 00:13:30 fetching corpus: 7686, signal 235105/295695 (executing program)
1970/01/01 00:13:32 fetching corpus: 7736, signal 235547/295695 (executing program)
1970/01/01 00:13:34 fetching corpus: 7786, signal 235883/295695 (executing program)
1970/01/01 00:13:36 fetching corpus: 7836, signal 236322/295698 (executing program)
1970/01/01 00:13:39 fetching corpus: 7886, signal 236930/295698 (executing program)
1970/01/01 00:13:42 fetching corpus: 7936, signal 237355/295698 (executing program)
1970/01/01 00:13:44 fetching corpus: 7986, signal 237673/295700 (executing program)
1970/01/01 00:13:46 fetching corpus: 8036, signal 238070/295700 (executing program)
1970/01/01 00:13:48 fetching corpus: 8086, signal 238418/295700 (executing program)
1970/01/01 00:13:49 fetching corpus: 8136, signal 238881/295700 (executing program)
1970/01/01 00:13:52 fetching corpus: 8186, signal 239359/295700 (executing program)
1970/01/01 00:13:54 fetching corpus: 8236, signal 239751/295706 (executing program)
1970/01/01 00:13:57 fetching corpus: 8286, signal 240258/295707 (executing program)
1970/01/01 00:13:59 fetching corpus: 8335, signal 240695/295707 (executing program)
1970/01/01 00:14:01 fetching corpus: 8385, signal 241176/295707 (executing program)
1970/01/01 00:14:03 fetching corpus: 8435, signal 241593/295707 (executing program)
1970/01/01 00:14:06 fetching corpus: 8484, signal 241977/295707 (executing program)
1970/01/01 00:14:09 fetching corpus: 8534, signal 242340/295707 (executing program)
1970/01/01 00:14:11 fetching corpus: 8584, signal 242877/295707 (executing program)
1970/01/01 00:14:14 fetching corpus: 8634, signal 243362/295707 (executing program)
1970/01/01 00:14:17 fetching corpus: 8684, signal 243816/295707 (executing program)
1970/01/01 00:14:19 fetching corpus: 8734, signal 244322/295707 (executing program)
1970/01/01 00:14:21 fetching corpus: 8784, signal 244613/295708 (executing program)
1970/01/01 00:14:24 fetching corpus: 8833, signal 245057/295710 (executing program)
1970/01/01 00:14:26 fetching corpus: 8883, signal 245550/295710 (executing program)
1970/01/01 00:14:31 fetching corpus: 8933, signal 245918/295710 (executing program)
1970/01/01 00:14:33 fetching corpus: 8983, signal 246275/295712 (executing program)
1970/01/01 00:14:37 fetching corpus: 9033, signal 247254/295712 (executing program)
1970/01/01 00:14:39 fetching corpus: 9083, signal 247704/295712 (executing program)
1970/01/01 00:14:41 fetching corpus: 9133, signal 248215/295712 (executing program)
1970/01/01 00:14:44 fetching corpus: 9183, signal 248724/295712 (executing program)
1970/01/01 00:14:46 fetching corpus: 9233, signal 249197/295712 (executing program)
1970/01/01 00:14:48 fetching corpus: 9283, signal 249610/295714 (executing program)
1970/01/01 00:14:52 fetching corpus: 9333, signal 249970/295714 (executing program)
1970/01/01 00:14:54 fetching corpus: 9382, signal 250316/295714 (executing program)
1970/01/01 00:14:57 fetching corpus: 9432, signal 250855/295714 (executing program)
1970/01/01 00:14:59 fetching corpus: 9481, signal 251106/295716 (executing program)
1970/01/01 00:15:01 fetching corpus: 9531, signal 251550/295716 (executing program)
1970/01/01 00:15:04 fetching corpus: 9580, signal 252078/295725 (executing program)
1970/01/01 00:15:06 fetching corpus: 9630, signal 252617/295733 (executing program)
1970/01/01 00:15:08 fetching corpus: 9680, signal 253041/295733 (executing program)
1970/01/01 00:15:11 fetching corpus: 9729, signal 253470/295733 (executing program)
1970/01/01 00:15:14 fetching corpus: 9779, signal 253810/295733 (executing program)
1970/01/01 00:15:17 fetching corpus: 9829, signal 254184/295733 (executing program)
1970/01/01 00:15:19 fetching corpus: 9878, signal 254442/295733 (executing program)
1970/01/01 00:15:22 fetching corpus: 9928, signal 254871/295733 (executing program)
1970/01/01 00:15:24 fetching corpus: 9978, signal 255240/295733 (executing program)
1970/01/01 00:15:26 fetching corpus: 10028, signal 255638/295733 (executing program)
1970/01/01 00:15:27 fetching corpus: 10077, signal 255946/295736 (executing program)
1970/01/01 00:15:30 fetching corpus: 10127, signal 256275/295736 (executing program)
1970/01/01 00:15:34 fetching corpus: 10176, signal 256587/295739 (executing program)
1970/01/01 00:15:36 fetching corpus: 10226, signal 256914/295739 (executing program)
1970/01/01 00:15:38 fetching corpus: 10276, signal 257407/295739 (executing program)
1970/01/01 00:15:40 fetching corpus: 10326, signal 258107/295739 (executing program)
1970/01/01 00:15:43 fetching corpus: 10374, signal 258580/295742 (executing program)
1970/01/01 00:15:45 fetching corpus: 10424, signal 258916/295742 (executing program)
1970/01/01 00:15:48 fetching corpus: 10473, signal 259411/295742 (executing program)
1970/01/01 00:15:52 fetching corpus: 10523, signal 259741/295742 (executing program)
1970/01/01 00:15:54 fetching corpus: 10572, signal 260068/295742 (executing program)
1970/01/01 00:15:57 fetching corpus: 10622, signal 260530/295743 (executing program)
1970/01/01 00:15:59 fetching corpus: 10672, signal 260896/295750 (executing program)
1970/01/01 00:16:01 fetching corpus: 10722, signal 261251/295750 (executing program)
1970/01/01 00:16:03 fetching corpus: 10772, signal 261687/295750 (executing program)
1970/01/01 00:16:05 fetching corpus: 10822, signal 261967/295752 (executing program)
1970/01/01 00:16:09 fetching corpus: 10872, signal 262347/295752 (executing program)
1970/01/01 00:16:13 fetching corpus: 10922, signal 262672/295752 (executing program)
1970/01/01 00:16:17 fetching corpus: 10972, signal 263082/295752 (executing program)
1970/01/01 00:16:20 fetching corpus: 11022, signal 263338/295757 (executing program)
1970/01/01 00:16:22 fetching corpus: 11072, signal 263624/295757 (executing program)
1970/01/01 00:16:24 fetching corpus: 11122, signal 264011/295757 (executing program)
1970/01/01 00:16:26 fetching corpus: 11171, signal 264312/295764 (executing program)
1970/01/01 00:16:29 fetching corpus: 11221, signal 264718/295764 (executing program)
1970/01/01 00:16:31 fetching corpus: 11271, signal 265013/295764 (executing program)
1970/01/01 00:16:34 fetching corpus: 11321, signal 265528/295764 (executing program)
1970/01/01 00:16:37 fetching corpus: 11371, signal 266163/295764 (executing program)
1970/01/01 00:16:39 fetching corpus: 11421, signal 266429/295764 (executing program)
1970/01/01 00:16:42 fetching corpus: 11471, signal 266813/295764 (executing program)
1970/01/01 00:16:44 fetching corpus: 11521, signal 267359/295764 (executing program)
1970/01/01 00:17:04 fetching corpus: 11571, signal 267630/295764 (executing program)
1970/01/01 00:17:06 fetching corpus: 11619, signal 268017/295771 (executing program)
1970/01/01 00:17:08 fetching corpus: 11669, signal 268288/295771 (executing program)
1970/01/01 00:17:11 fetching corpus: 11718, signal 268586/295773 (executing program)
1970/01/01 00:17:13 fetching corpus: 11768, signal 268816/295773 (executing program)
1970/01/01 00:17:17 fetching corpus: 11818, signal 269312/295773 (executing program)
1970/01/01 00:17:19 fetching corpus: 11868, signal 269580/295773 (executing program)
1970/01/01 00:17:21 fetching corpus: 11918, signal 269844/295773 (executing program)
1970/01/01 00:17:23 fetching corpus: 11968, signal 270210/295773 (executing program)
1970/01/01 00:17:26 fetching corpus: 12018, signal 270940/295773 (executing program)
1970/01/01 00:17:28 fetching corpus: 12068, signal 271359/295773 (executing program)
1970/01/01 00:17:30 fetching corpus: 12118, signal 271686/295786 (executing program)
1970/01/01 00:17:32 fetching corpus: 12168, signal 272203/295786 (executing program)
1970/01/01 00:17:35 fetching corpus: 12218, signal 272518/295786 (executing program)
1970/01/01 00:17:38 fetching corpus: 12268, signal 272849/295786 (executing program)
1970/01/01 00:17:42 fetching corpus: 12317, signal 273191/295786 (executing program)
1970/01/01 00:17:45 fetching corpus: 12367, signal 273736/295786 (executing program)
1970/01/01 00:17:47 fetching corpus: 12417, signal 274028/295786 (executing program)
1970/01/01 00:17:49 fetching corpus: 12466, signal 274360/295787 (executing program)
1970/01/01 00:17:51 fetching corpus: 12516, signal 274849/295787 (executing program)
1970/01/01 00:17:54 fetching corpus: 12566, signal 275300/295787 (executing program)
1970/01/01 00:17:55 fetching corpus: 12616, signal 275576/295787 (executing program)
1970/01/01 00:17:59 fetching corpus: 12666, signal 275836/295787 (executing program)
1970/01/01 00:18:02 fetching corpus: 12716, signal 276173/295789 (executing program)
1970/01/01 00:18:05 fetching corpus: 12765, signal 276466/295796 (executing program)
1970/01/01 00:18:08 fetching corpus: 12815, signal 276717/295805 (executing program)
1970/01/01 00:18:10 fetching corpus: 12865, signal 276982/295805 (executing program)
1970/01/01 00:18:12 fetching corpus: 12915, signal 277276/295805 (executing program)
1970/01/01 00:18:14 fetching corpus: 12965, signal 277523/295807 (executing program)
1970/01/01 00:18:16 fetching corpus: 13015, signal 277779/295807 (executing program)
1970/01/01 00:18:17 fetching corpus: 13065, signal 278104/295807 (executing program)
1970/01/01 00:18:20 fetching corpus: 13115, signal 278418/295807 (executing program)
1970/01/01 00:18:23 fetching corpus: 13165, signal 278685/295807 (executing program)
1970/01/01 00:18:26 fetching corpus: 13214, signal 278927/295810 (executing program)
1970/01/01 00:18:29 fetching corpus: 13264, signal 279193/295810 (executing program)
1970/01/01 00:18:33 fetching corpus: 13314, signal 279543/295810 (executing program)
1970/01/01 00:18:35 fetching corpus: 13364, signal 279838/295812 (executing program)
1970/01/01 00:18:38 fetching corpus: 13414, signal 280223/295812 (executing program)
1970/01/01 00:18:40 fetching corpus: 13464, signal 280667/295812 (executing program)
1970/01/01 00:18:42 fetching corpus: 13514, signal 280912/295814 (executing program)
1970/01/01 00:18:45 fetching corpus: 13564, signal 281113/295814 (executing program)
1970/01/01 00:18:48 fetching corpus: 13613, signal 281378/295818 (executing program)
1970/01/01 00:18:51 fetching corpus: 13663, signal 281713/295818 (executing program)
1970/01/01 00:18:53 fetching corpus: 13713, signal 282087/295820 (executing program)
1970/01/01 00:18:56 fetching corpus: 13763, signal 282336/295820 (executing program)
1970/01/01 00:18:58 fetching corpus: 13811, signal 282601/295820 (executing program)
1970/01/01 00:19:01 fetching corpus: 13861, signal 282843/295820 (executing program)
1970/01/01 00:19:04 fetching corpus: 13910, signal 283534/295820 (executing program)
1970/01/01 00:19:06 fetching corpus: 13960, signal 283814/295820 (executing program)
1970/01/01 00:19:08 fetching corpus: 14010, signal 284038/295820 (executing program)
1970/01/01 00:19:12 fetching corpus: 14060, signal 284350/295820 (executing program)
1970/01/01 00:19:15 fetching corpus: 14110, signal 284564/295820 (executing program)
1970/01/01 00:19:18 fetching corpus: 14159, signal 284882/295825 (executing program)
1970/01/01 00:19:21 fetching corpus: 14209, signal 285213/295825 (executing program)
1970/01/01 00:19:23 fetching corpus: 14259, signal 285458/295825 (executing program)
1970/01/01 00:19:25 fetching corpus: 14309, signal 285745/295825 (executing program)
1970/01/01 00:19:28 fetching corpus: 14359, signal 286012/295830 (executing program)
1970/01/01 00:19:30 fetching corpus: 14409, signal 286291/295830 (executing program)
1970/01/01 00:19:32 fetching corpus: 14459, signal 286522/295830 (executing program)
1970/01/01 00:19:35 fetching corpus: 14509, signal 286853/295830 (executing program)
1970/01/01 00:19:38 fetching corpus: 14558, signal 287105/295830 (executing program)
1970/01/01 00:19:41 fetching corpus: 14607, signal 287383/295830 (executing program)
1970/01/01 00:19:44 fetching corpus: 14656, signal 287709/295830 (executing program)
1970/01/01 00:19:47 fetching corpus: 14705, signal 288269/295830 (executing program)
1970/01/01 00:19:49 fetching corpus: 14755, signal 288455/295830 (executing program)
1970/01/01 00:19:51 fetching corpus: 14805, signal 288741/295830 (executing program)
1970/01/01 00:19:53 fetching corpus: 14855, signal 289038/295830 (executing program)
1970/01/01 00:19:55 fetching corpus: 14905, signal 289335/295830 (executing program)
1970/01/01 00:19:58 fetching corpus: 14954, signal 289573/295832 (executing program)
1970/01/01 00:20:00 fetching corpus: 15004, signal 289848/295835 (executing program)
1970/01/01 00:20:02 fetching corpus: 15054, signal 290127/295835 (executing program)
1970/01/01 00:20:05 fetching corpus: 15104, signal 290347/295840 (executing program)
1970/01/01 00:20:08 fetching corpus: 15154, signal 290641/295840 (executing program)
1970/01/01 00:20:11 fetching corpus: 15203, signal 290995/295840 (executing program)
1970/01/01 00:20:14 fetching corpus: 15252, signal 291371/295840 (executing program)
1970/01/01 00:20:16 fetching corpus: 15302, signal 291696/295840 (executing program)
1970/01/01 00:20:18 fetching corpus: 15350, signal 291958/295840 (executing program)
1970/01/01 00:20:19 fetching corpus: 15400, signal 292203/295840 (executing program)
1970/01/01 00:20:22 fetching corpus: 15450, signal 292486/295840 (executing program)
1970/01/01 00:20:23 fetching corpus: 15500, signal 292717/295840 (executing program)
1970/01/01 00:20:25 fetching corpus: 15549, signal 292995/295840 (executing program)
1970/01/01 00:20:27 fetching corpus: 15599, signal 293269/295840 (executing program)
1970/01/01 00:20:29 fetching corpus: 15640, signal 293503/295840 (executing program)
1970/01/01 00:20:29 fetching corpus: 15640, signal 293503/295840 (executing program)
1970/01/01 00:22:39 starting 2 fuzzer processes
00:22:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

00:22:39 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01"], 0x1c}}, 0x0)

[ 1386.051657][ T2047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1386.568862][ T2047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1387.562630][ T2044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1388.265380][ T2044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1400.874173][ T2047] device hsr_slave_0 entered promiscuous mode
[ 1400.908256][ T2047] device hsr_slave_1 entered promiscuous mode
[ 1401.117213][ T2044] device hsr_slave_0 entered promiscuous mode
[ 1401.141162][ T2044] device hsr_slave_1 entered promiscuous mode
[ 1401.177016][ T2044] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1401.181676][ T2044] Cannot create hsr debugfs directory
[ 1411.181651][ T2044] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1411.545017][ T2044] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1412.238142][ T2044] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1413.246290][ T2044] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1414.647786][ T2047] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1415.261298][ T2047] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1415.573812][ T2047] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1415.788020][ T2047] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1433.121212][ T2047] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1435.341308][ T2044] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1435.388970][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1435.546199][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1436.398868][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1436.491410][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1447.435860][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1447.541057][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1447.936469][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1448.036123][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1448.544730][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1448.626358][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1448.709526][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1449.408334][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1449.481762][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1449.510988][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1449.741320][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1450.311710][ T2204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1451.196709][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1451.268048][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1451.330118][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1451.381938][ T2673] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1451.970864][ T2047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1452.016226][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1452.069467][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1452.509976][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1452.559910][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1453.051344][ T2044] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1461.671616][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1461.677935][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1463.315139][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1463.319103][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1478.418473][ T2106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1478.474644][ T2106] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1480.073479][ T2204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1480.128461][ T2204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1485.536922][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1485.607223][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1485.856510][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1485.898105][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1485.940573][ T2047] device veth0_vlan entered promiscuous mode
[ 1486.400080][ T2047] device veth1_vlan entered promiscuous mode
[ 1487.879585][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1487.934456][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1488.270641][ T2047] device veth0_macvtap entered promiscuous mode
[ 1488.597637][ T2047] device veth1_macvtap entered promiscuous mode
[ 1488.979930][ T2204] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1489.650453][ T2204] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1489.691855][ T2204] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1489.881273][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1489.917487][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1490.135196][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1490.166106][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1490.239108][ T2044] device veth0_vlan entered promiscuous mode
[ 1490.767937][ T2047] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.771123][ T2047] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.779893][ T2047] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.781533][ T2047] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.955923][ T2044] device veth1_vlan entered promiscuous mode
[ 1491.293488][ T2106] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1491.330441][ T2106] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1493.523841][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1493.570848][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1493.834440][ T2044] device veth0_macvtap entered promiscuous mode
[ 1494.307484][ T2044] device veth1_macvtap entered promiscuous mode
[ 1494.660622][ T2731] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1495.567680][ T2659] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1495.647076][ T2659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1496.265994][ T2044] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.267819][ T2044] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.269378][ T2044] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.270930][ T2044] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.895426][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1496.956920][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1498.745011][ T2736] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
00:24:59 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[ 1501.341457][   T27] audit: type=1800 audit(1500.070:2): pid=2738 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=640 res=0 errno=0
[ 1502.778011][ T2740] input: syz1 as /devices/virtual/input/input0
00:25:03 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:25:04 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

[ 1506.769982][ T2746] input: syz1 as /devices/virtual/input/input1
[ 1507.165109][   T27] audit: type=1800 audit(1505.890:3): pid=2751 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=644 res=0 errno=0
00:25:07 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:25:08 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

[ 1510.645005][ T2754] input: syz1 as /devices/virtual/input/input2
00:25:11 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[ 1512.699048][   T27] audit: type=1800 audit(1511.390:4): pid=2760 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=644 res=0 errno=0
00:25:14 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

[ 1515.585728][ T2762] input: syz1 as /devices/virtual/input/input3
[ 1518.225479][   T27] audit: type=1800 audit(1516.940:5): pid=2768 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=637 res=0 errno=0
00:25:17 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

[ 1519.799923][   T27] audit: type=1800 audit(1518.530:6): pid=2770 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=645 res=0 errno=0
00:25:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

00:25:26 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[ 1529.031351][   T27] audit: type=1800 audit(1527.720:7): pid=2775 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=643 res=0 errno=0
[ 1529.801754][ T2777] input: syz1 as /devices/virtual/input/input4
00:25:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000580)='}', 0x1}], 0x1, 0xbfa8, 0x0)
sendfile(r0, r0, 0x0, 0x1ffffffff000)

00:25:32 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[ 1535.739333][   T27] audit: type=1800 audit(1534.470:8): pid=2785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=640 res=0 errno=0
[ 1538.471776][ T2787] input: syz1 as /devices/virtual/input/input5
00:25:42 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00', 0x48})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:25:42 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0)

00:25:47 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x84, 0x0, 0x0)

[ 1548.701547][ T2797] input: syz1 as /devices/virtual/input/input6
00:25:52 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:25:54 executing program 1:
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4002, &(0x7f0000000080)=0x8001, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x2)

00:25:58 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:25:59 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:26:04 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:26:06 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:26:10 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:26:11 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
shutdown(r0, 0x0)

00:26:16 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000001c0)=@shmem={0xc, 0x1, {0xc90}}, 0x0)

00:26:18 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private1, @local}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000080)={'syztnl2\x00', 0x0})

00:26:22 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000001c0)=@shmem={0xc, 0x1, {0xc90}}, 0x0)

00:26:25 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private1, @local}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000080)={'syztnl2\x00', 0x0})

00:26:26 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000001c0)=@shmem={0xc, 0x1, {0xc90}}, 0x0)

00:26:29 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private1, @local}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000080)={'syztnl2\x00', 0x0})

00:26:30 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000001c0)=@shmem={0xc, 0x1, {0xc90}}, 0x0)

00:26:35 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:26:35 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private1, @local}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000080)={'syztnl2\x00', 0x0})

00:26:43 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="8400000030000100000000000000000000000000700001006c0001000b0001"], 0x84}}, 0x0)

00:26:44 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1605.967861][ T2875] netlink: 92 bytes leftover after parsing attributes in process `syz-executor.1'.
00:26:47 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="8400000030000100000000000000000000000000700001006c0001000b0001"], 0x84}}, 0x0)

[ 1611.215378][ T2886] netlink: 92 bytes leftover after parsing attributes in process `syz-executor.1'.
00:26:53 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="8400000030000100000000000000000000000000700001006c0001000b0001"], 0x84}}, 0x0)

[ 1616.306539][ T2877] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[ 1616.312631][ T2877] 
[ 1616.313509][ T2877] ======================================================
[ 1616.314358][ T2877] WARNING: possible circular locking dependency detected
[ 1616.315468][ T2877] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted
[ 1616.318447][ T2877] ------------------------------------------------------
[ 1616.319739][ T2877] syz-executor.0/2877 is trying to acquire lock:
[ 1616.320649][ T2877] ffffffff84fc0408 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58
[ 1616.324102][ T2877] 
[ 1616.324102][ T2877] but task is already holding lock:
[ 1616.324940][ T2877] ffffaf800c70d350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x52/0x1de
[ 1616.327092][ T2877] 
[ 1616.327092][ T2877] which lock already depends on the new lock.
[ 1616.327092][ T2877] 
[ 1616.328239][ T2877] 
[ 1616.328239][ T2877] the existing dependency chain (in reverse order) is:
[ 1616.330269][ T2877] 
[ 1616.330269][ T2877] -> #3 (&ndev->req_lock){+.+.}-{3:3}:
[ 1616.331952][ T2877]        lock_acquire.part.0+0x1d0/0x424
[ 1616.333321][ T2877]        lock_acquire+0x54/0x6a
[ 1616.334568][ T2877]        __mutex_lock+0x114/0xade
[ 1616.335664][ T2877]        mutex_lock_nested+0x14/0x1c
[ 1616.336911][ T2877]        nci_start_poll+0x4de/0x6b8
[ 1616.338186][ T2877]        nfc_start_poll+0x10c/0x1e8
[ 1616.339637][ T2877]        nfc_genl_start_poll+0xfe/0x252
[ 1616.340792][ T2877]        genl_family_rcv_msg_doit+0x19a/0x23c
[ 1616.342469][ T2877]        genl_rcv_msg+0x236/0x3ba
[ 1616.343503][ T2877]        netlink_rcv_skb+0xf8/0x2be
[ 1616.344304][ T2877]        genl_rcv+0x36/0x4c
[ 1616.345577][ T2877]        netlink_unicast+0x40e/0x5fe
[ 1616.346594][ T2877]        netlink_sendmsg+0x4e0/0x994
[ 1616.347996][ T2877]        sock_sendmsg+0xa0/0xc4
[ 1616.349094][ T2877]        ____sys_sendmsg+0x46e/0x484
[ 1616.350740][ T2877]        ___sys_sendmsg+0x16c/0x1f6
[ 1616.351779][ T2877]        __sys_sendmsg+0xba/0x150
[ 1616.353194][ T2877]        sys_sendmsg+0x2c/0x3a
[ 1616.354298][ T2877]        ret_from_syscall+0x0/0x2
[ 1616.355322][ T2877] 
[ 1616.355322][ T2877] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[ 1616.357024][ T2877]        lock_acquire.part.0+0x1d0/0x424
[ 1616.358279][ T2877]        lock_acquire+0x54/0x6a
[ 1616.359265][ T2877]        __mutex_lock+0x114/0xade
[ 1616.360597][ T2877]        mutex_lock_nested+0x14/0x1c
[ 1616.362205][ T2877]        nfc_urelease_event_work+0x126/0x218
[ 1616.363292][ T2877]        process_one_work+0x654/0xffe
[ 1616.364163][ T2877]        worker_thread+0x360/0x8fa
[ 1616.365047][ T2877]        kthread+0x19e/0x1fa
[ 1616.365962][ T2877]        ret_from_exception+0x0/0x10
[ 1616.367428][ T2877] 
[ 1616.367428][ T2877] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}:
[ 1616.368884][ T2877]        lock_acquire.part.0+0x1d0/0x424
[ 1616.370029][ T2877]        lock_acquire+0x54/0x6a
[ 1616.370877][ T2877]        __mutex_lock+0x114/0xade
[ 1616.371927][ T2877]        mutex_lock_nested+0x14/0x1c
[ 1616.373025][ T2877]        nfc_register_device+0x44/0x29e
[ 1616.375481][ T2877]        nci_register_device+0x538/0x612
[ 1616.376968][ T2877]        virtual_ncidev_open+0x82/0x12c
[ 1616.378068][ T2877]        misc_open+0x272/0x2c8
[ 1616.378926][ T2877]        chrdev_open+0x1d4/0x478
[ 1616.380290][ T2877]        do_dentry_open+0x2a4/0x7d4
[ 1616.381260][ T2877]        vfs_open+0x52/0x5e
[ 1616.382500][ T2877]        path_openat+0x12b6/0x189e
[ 1616.383448][ T2877]        do_filp_open+0x10e/0x22a
[ 1616.384335][ T2877]        do_sys_openat2+0x174/0x31e
[ 1616.385852][ T2877]        sys_openat+0xdc/0x164
[ 1616.387110][ T2877]        ret_from_syscall+0x0/0x2
[ 1616.388507][ T2877] 
[ 1616.388507][ T2877] -> #0 (nci_mutex){+.+.}-{3:3}:
[ 1616.390069][ T2877]        check_noncircular+0x1de/0x1fe
[ 1616.391321][ T2877]        __lock_acquire+0x19a4/0x333e
[ 1616.392910][ T2877]        lock_acquire.part.0+0x1d0/0x424
[ 1616.394206][ T2877]        lock_acquire+0x54/0x6a
[ 1616.395566][ T2877]        __mutex_lock+0x114/0xade
[ 1616.397065][ T2877]        mutex_lock_nested+0x14/0x1c
[ 1616.398186][ T2877]        virtual_nci_close+0x28/0x58
[ 1616.399149][ T2877]        nci_close_device+0x12e/0x1de
[ 1616.400154][ T2877]        nci_unregister_device+0x34/0x182
[ 1616.401065][ T2877]        virtual_ncidev_close+0x9c/0xbc
[ 1616.402623][ T2877]        __fput+0x164/0x502
[ 1616.403605][ T2877]        ____fput+0x1a/0x24
[ 1616.404916][ T2877]        task_work_run+0xdc/0x154
[ 1616.406133][ T2877]        do_notify_resume+0x894/0xa56
[ 1616.407766][ T2877]        ret_from_exception+0x0/0x10
[ 1616.408872][ T2877] 
[ 1616.408872][ T2877] other info that might help us debug this:
[ 1616.408872][ T2877] 
[ 1616.410171][ T2877] Chain exists of:
[ 1616.410171][ T2877]   nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock
[ 1616.410171][ T2877] 
[ 1616.413127][ T2877]  Possible unsafe locking scenario:
[ 1616.413127][ T2877] 
[ 1616.414532][ T2877]        CPU0                    CPU1
[ 1616.415329][ T2877]        ----                    ----
[ 1616.416094][ T2877]   lock(&ndev->req_lock);
[ 1616.417693][ T2877]                                lock(&genl_data->genl_data_mutex);
[ 1616.419052][ T2877]                                lock(&ndev->req_lock);
[ 1616.420633][ T2877]   lock(nci_mutex);
[ 1616.421674][ T2877] 
[ 1616.421674][ T2877]  *** DEADLOCK ***
[ 1616.421674][ T2877] 
[ 1616.423455][ T2877] 1 lock held by syz-executor.0/2877:
[ 1616.424321][ T2877]  #0: ffffaf800c70d350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x52/0x1de
[ 1616.427270][ T2877] 
[ 1616.427270][ T2877] stack backtrace:
[ 1616.428513][ T2877] CPU: 1 PID: 2877 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1616.430010][ T2877] Hardware name: riscv-virtio,qemu (DT)
[ 1616.431130][ T2877] Call Trace:
[ 1616.431821][ T2877] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[ 1616.433486][ T2877] [<ffffffff831668cc>] show_stack+0x34/0x40
[ 1616.434561][ T2877] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[ 1616.435614][ T2877] [<ffffffff83175742>] dump_stack+0x1c/0x24
[ 1616.437125][ T2877] [<ffffffff8010f7b8>] print_circular_bug+0x34e/0x3d8
[ 1616.438534][ T2877] [<ffffffff8010fa20>] check_noncircular+0x1de/0x1fe
[ 1616.440272][ T2877] [<ffffffff80113c26>] __lock_acquire+0x19a4/0x333e
[ 1616.441426][ T2877] [<ffffffff80116582>] lock_acquire.part.0+0x1d0/0x424
[ 1616.443110][ T2877] [<ffffffff8011682a>] lock_acquire+0x54/0x6a
[ 1616.444174][ T2877] [<ffffffff831a8ea4>] __mutex_lock+0x114/0xade
[ 1616.445163][ T2877] [<ffffffff831a9882>] mutex_lock_nested+0x14/0x1c
[ 1616.446443][ T2877] [<ffffffff8148d766>] virtual_nci_close+0x28/0x58
[ 1616.447539][ T2877] [<ffffffff830cf612>] nci_close_device+0x12e/0x1de
[ 1616.448702][ T2877] [<ffffffff830d0372>] nci_unregister_device+0x34/0x182
[ 1616.449860][ T2877] [<ffffffff8148d508>] virtual_ncidev_close+0x9c/0xbc
[ 1616.451068][ T2877] [<ffffffff804cb3c0>] __fput+0x164/0x502
[ 1616.452197][ T2877] [<ffffffff804cb7d2>] ____fput+0x1a/0x24
[ 1616.453389][ T2877] [<ffffffff800a0530>] task_work_run+0xdc/0x154
[ 1616.454450][ T2877] [<ffffffff80008c12>] do_notify_resume+0x894/0xa56
[ 1616.455636][ T2877] [<ffffffff80005724>] ret_from_exception+0x0/0x10
[ 1616.521815][ T2889] netlink: 92 bytes leftover after parsing attributes in process `syz-executor.1'.
00:26:56 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:26:56 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="8400000030000100000000000000000000000000700001006c0001000b0001"], 0x84}}, 0x0)

[ 1618.861038][ T2901] netlink: 92 bytes leftover after parsing attributes in process `syz-executor.1'.
00:26:59 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:27:00 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1625.344241][ T2893] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:27:04 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:27:04 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:27:07 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:27:08 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:27:08 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1632.783945][ T2910] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:27:11 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:12 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:12 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:12 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:13 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:13 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:14 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:14 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:15 executing program 1:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:16 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:16 executing program 1:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:17 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:17 executing program 1:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:18 executing program 0:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:18 executing program 1:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:19 executing program 1:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:20 executing program 1:
r0 = syz_io_uring_setup(0x27f, &(0x7f0000000000), &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x2c, 0x0, @fd_index=0x5}, 0x0)
io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0)

00:27:20 executing program 0:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:21 executing program 0:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:22 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:22 executing program 0:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:23 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:24 executing program 0:
syz_emit_ethernet(0x76, &(0x7f0000000140)={@local, @random='oU8pj\r', @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f08a01", 0x40, 0x6, 0x0, @dev, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4}, @sack={0x5, 0x12, [0x0, 0x0, 0x0, 0x0]}, @timestamp={0x8, 0xa}, @fastopen={0x22, 0x6, "66390dbe"}, @fastopen={0x22, 0x3, "9b"}]}}}}}}}}, 0x0)

00:27:24 executing program 1:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @empty, 'geneve0\x00'}}, 0x80)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x300}, 0x0)

00:27:24 executing program 0:
syz_emit_ethernet(0x76, &(0x7f0000000140)={@local, @random='oU8pj\r', @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f08a01", 0x40, 0x6, 0x0, @dev, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4}, @sack={0x5, 0x12, [0x0, 0x0, 0x0, 0x0]}, @timestamp={0x8, 0xa}, @fastopen={0x22, 0x6, "66390dbe"}, @fastopen={0x22, 0x3, "9b"}]}}}}}}}}, 0x0)


VM DIAGNOSIS:
23:51:47  Registers:
info registers vcpu 0
 pc       ffffffff80188e88
 mhartid  0000000000000000
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff800058f0
 sepc     ffffffff800058f4
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff80188dfc x2/sp ffffffff84a03b80 x3/gp ffffffff85863ac0
 x4/tp ffffffff84a3f180 x5/t0 0000000000046000 x6/t1 fffff5ef04a59028 x7/t2 00007fffe316c1b7
 x8/s0 ffffffff84a03bd0 x9/s1 ffffaf805a9d7500 x10/a0 ffffaf805a9d7520 x11/a1 0000000000000007
 x12/a2 1ffff5f00b53aea4 x13/a3 ffffffff80188dfc x14/a4 0000000000000000 x15/a5 ffffaf805a9d7520
 x16/a6 0000000000f00000 x17/a7 ffffaf80252c8147 x18/s2 0000000001769048 x19/s3 00000031fffffed5
 x20/s4 0000000000000000 x21/s5 0000000000000001 x22/s6 ffffaf805a9cb668 x23/s7 ffffaf805a9cb5e8
 x24/s8 ffffaf805a9cb568 x25/s9 ffffaf805a9cb460 x26/s10 ffffaf805a9cb768 x27/s11 ffffaf805a9cb448
 x28/t3 000000007fffffff x29/t4 fffff5ef04a59028 x30/t5 fffff5ef04a59029 x31/t6 0000000000040000
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffff8011edb6
 mhartid  0000000000000001
 mstatus  00000000000000a0
 mip      00000000000000a2
 mie      000000000000022a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff80200f48
 sepc     ffffffff831afd22
 mcause   8000000000000003
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff8011eda6 x2/sp ffffaf800f8eb180 x3/gp ffffffff85863ac0
 x4/tp ffffaf800ba56100 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000
 x8/s0 ffffaf800f8eb360 x9/s1 0000000000000000 x10/a0 000000000000004e x11/a1 00000000000f0000
 x12/a2 0000000000000002 x13/a3 ffffffff8011c8a6 x14/a4 0e7ded474e93a700 x15/a5 0000000000000020
 x16/a6 ffffffff86bcb68e x17/a7 ffffffff86bcb656 x18/s2 000000000000004e x19/s3 000000000000000f
 x20/s4 ffffaf800f8eb2e0 x21/s5 ffffaf800f8eb200 x22/s6 ffffffff8588c1a0 x23/s7 ffffffff8588c3e0
 x24/s8 ffffffff8588c220 x25/s9 ffffffff84a88520 x26/s10 ffffffff858655c0 x27/s11 ffffaf800f8eb2e0
 x28/t3 000000000000002d x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000