syzkaller login: [  277.180367][ T1861] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  277.207184][ T1861] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  287.051413][ T1861] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:11094' (ECDSA) to the list of known hosts.
1970/01/01 00:05:52 fuzzer started
1970/01/01 00:06:05 dialing manager at localhost:34023
[  372.104315][ T2034] cgroup: Unknown subsys name 'net'
[  373.496056][ T2034] cgroup: Unknown subsys name 'rlimit'
1970/01/01 00:06:13 syscalls: 2918
1970/01/01 00:06:13 code coverage: enabled
1970/01/01 00:06:13 comparison tracing: enabled
1970/01/01 00:06:13 extra coverage: enabled
1970/01/01 00:06:13 delay kcov mmap: mmap returned an invalid pointer
1970/01/01 00:06:13 setuid sandbox: enabled
1970/01/01 00:06:13 namespace sandbox: enabled
1970/01/01 00:06:13 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:06:13 fault injection: enabled
1970/01/01 00:06:13 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:06:13 net packet injection: enabled
1970/01/01 00:06:13 net device setup: enabled
1970/01/01 00:06:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:06:13 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:06:13 NIC VF setup: PCI device 0000:00:11.0 is not available
1970/01/01 00:06:13 USB emulation: enabled
1970/01/01 00:06:13 hci packet injection: /dev/vhci does not exist
1970/01/01 00:06:13 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:06:13 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:06:13 fetching corpus: 0, signal 0/2000 (executing program)
1970/01/01 00:06:18 fetching corpus: 50, signal 31961/35330 (executing program)
1970/01/01 00:06:23 fetching corpus: 100, signal 50240/54810 (executing program)
1970/01/01 00:06:27 fetching corpus: 149, signal 56758/62649 (executing program)
1970/01/01 00:06:30 fetching corpus: 198, signal 62965/69996 (executing program)
1970/01/01 00:06:32 fetching corpus: 247, signal 67791/75914 (executing program)
1970/01/01 00:06:36 fetching corpus: 297, signal 74715/83744 (executing program)
1970/01/01 00:06:38 fetching corpus: 347, signal 79612/89594 (executing program)
1970/01/01 00:06:42 fetching corpus: 397, signal 82516/93476 (executing program)
1970/01/01 00:06:45 fetching corpus: 447, signal 87536/99283 (executing program)
1970/01/01 00:06:50 fetching corpus: 497, signal 91215/103686 (executing program)
1970/01/01 00:06:53 fetching corpus: 545, signal 93784/107090 (executing program)
1970/01/01 00:06:57 fetching corpus: 595, signal 96934/110993 (executing program)
1970/01/01 00:06:59 fetching corpus: 645, signal 99607/114422 (executing program)
1970/01/01 00:07:02 fetching corpus: 694, signal 103292/118632 (executing program)
1970/01/01 00:07:18 fetching corpus: 742, signal 105602/121579 (executing program)
1970/01/01 00:07:23 fetching corpus: 792, signal 107941/124518 (executing program)
1970/01/01 00:07:25 fetching corpus: 842, signal 111349/128283 (executing program)
1970/01/01 00:07:29 fetching corpus: 892, signal 113556/131011 (executing program)
1970/01/01 00:07:31 fetching corpus: 940, signal 115479/133443 (executing program)
1970/01/01 00:07:35 fetching corpus: 989, signal 118367/136640 (executing program)
1970/01/01 00:07:37 fetching corpus: 1039, signal 120547/139219 (executing program)
1970/01/01 00:07:40 fetching corpus: 1089, signal 121972/141182 (executing program)
1970/01/01 00:07:43 fetching corpus: 1138, signal 123965/143517 (executing program)
1970/01/01 00:07:45 fetching corpus: 1187, signal 125253/145313 (executing program)
1970/01/01 00:07:48 fetching corpus: 1237, signal 126794/147369 (executing program)
1970/01/01 00:07:52 fetching corpus: 1287, signal 128481/149486 (executing program)
1970/01/01 00:07:54 fetching corpus: 1336, signal 130136/151477 (executing program)
1970/01/01 00:07:58 fetching corpus: 1385, signal 131616/153334 (executing program)
1970/01/01 00:08:02 fetching corpus: 1434, signal 133178/155231 (executing program)
1970/01/01 00:08:04 fetching corpus: 1484, signal 134635/156953 (executing program)
1970/01/01 00:08:07 fetching corpus: 1534, signal 136655/159050 (executing program)
1970/01/01 00:08:10 fetching corpus: 1584, signal 137718/160534 (executing program)
1970/01/01 00:08:12 fetching corpus: 1634, signal 139116/162163 (executing program)
1970/01/01 00:08:14 fetching corpus: 1684, signal 140904/164072 (executing program)
1970/01/01 00:08:16 fetching corpus: 1732, signal 142234/165572 (executing program)
1970/01/01 00:08:19 fetching corpus: 1782, signal 143347/166943 (executing program)
1970/01/01 00:08:22 fetching corpus: 1832, signal 145925/169223 (executing program)
1970/01/01 00:08:25 fetching corpus: 1881, signal 147022/170559 (executing program)
1970/01/01 00:08:28 fetching corpus: 1931, signal 148809/172247 (executing program)
1970/01/01 00:08:31 fetching corpus: 1979, signal 150316/173778 (executing program)
1970/01/01 00:08:33 fetching corpus: 2029, signal 151340/174951 (executing program)
1970/01/01 00:08:35 fetching corpus: 2078, signal 152850/176382 (executing program)
1970/01/01 00:08:38 fetching corpus: 2128, signal 154055/177621 (executing program)
1970/01/01 00:08:41 fetching corpus: 2178, signal 155507/178990 (executing program)
1970/01/01 00:08:44 fetching corpus: 2225, signal 156369/180000 (executing program)
1970/01/01 00:08:46 fetching corpus: 2275, signal 157416/181108 (executing program)
1970/01/01 00:08:49 fetching corpus: 2325, signal 158495/182228 (executing program)
1970/01/01 00:08:52 fetching corpus: 2375, signal 160577/183823 (executing program)
1970/01/01 00:08:55 fetching corpus: 2424, signal 161561/184846 (executing program)
1970/01/01 00:08:59 fetching corpus: 2472, signal 162439/185790 (executing program)
1970/01/01 00:09:02 fetching corpus: 2522, signal 163465/186824 (executing program)
1970/01/01 00:09:05 fetching corpus: 2572, signal 164294/187697 (executing program)
1970/01/01 00:09:07 fetching corpus: 2622, signal 165291/188655 (executing program)
1970/01/01 00:09:11 fetching corpus: 2672, signal 166028/189442 (executing program)
1970/01/01 00:09:13 fetching corpus: 2722, signal 167049/190378 (executing program)
1970/01/01 00:09:16 fetching corpus: 2771, signal 167735/191092 (executing program)
1970/01/01 00:09:21 fetching corpus: 2821, signal 168863/192011 (executing program)
1970/01/01 00:09:23 fetching corpus: 2870, signal 170034/192953 (executing program)
1970/01/01 00:09:26 fetching corpus: 2920, signal 171275/193885 (executing program)
1970/01/01 00:09:29 fetching corpus: 2970, signal 172111/194598 (executing program)
1970/01/01 00:09:31 fetching corpus: 3020, signal 172948/195341 (executing program)
1970/01/01 00:09:34 fetching corpus: 3069, signal 173750/195995 (executing program)
1970/01/01 00:09:37 fetching corpus: 3117, signal 174562/196673 (executing program)
1970/01/01 00:09:39 fetching corpus: 3167, signal 175260/197332 (executing program)
1970/01/01 00:09:43 fetching corpus: 3217, signal 176188/198016 (executing program)
1970/01/01 00:09:46 fetching corpus: 3267, signal 177308/198696 (executing program)
1970/01/01 00:09:49 fetching corpus: 3317, signal 178216/199343 (executing program)
1970/01/01 00:09:52 fetching corpus: 3367, signal 178957/199907 (executing program)
1970/01/01 00:09:55 fetching corpus: 3415, signal 179685/200475 (executing program)
1970/01/01 00:09:57 fetching corpus: 3465, signal 180219/200959 (executing program)
1970/01/01 00:09:59 fetching corpus: 3514, signal 180793/201460 (executing program)
1970/01/01 00:10:02 fetching corpus: 3563, signal 181604/202024 (executing program)
1970/01/01 00:10:07 fetching corpus: 3613, signal 182392/202543 (executing program)
1970/01/01 00:10:10 fetching corpus: 3662, signal 183022/203036 (executing program)
1970/01/01 00:10:14 fetching corpus: 3711, signal 183808/203567 (executing program)
1970/01/01 00:10:17 fetching corpus: 3760, signal 184441/203988 (executing program)
1970/01/01 00:10:20 fetching corpus: 3808, signal 184992/204383 (executing program)
1970/01/01 00:10:24 fetching corpus: 3857, signal 185668/204847 (executing program)
1970/01/01 00:10:27 fetching corpus: 3906, signal 186353/205234 (executing program)
1970/01/01 00:10:28 fetching corpus: 3956, signal 186994/205625 (executing program)
1970/01/01 00:10:30 fetching corpus: 4006, signal 187595/205983 (executing program)
1970/01/01 00:10:34 fetching corpus: 4056, signal 188144/206321 (executing program)
1970/01/01 00:10:38 fetching corpus: 4103, signal 188873/206673 (executing program)
1970/01/01 00:10:41 fetching corpus: 4152, signal 189589/207006 (executing program)
1970/01/01 00:10:42 fetching corpus: 4202, signal 190145/207371 (executing program)
1970/01/01 00:10:45 fetching corpus: 4251, signal 191086/207742 (executing program)
1970/01/01 00:10:48 fetching corpus: 4301, signal 191658/208063 (executing program)
1970/01/01 00:10:50 fetching corpus: 4350, signal 192147/208311 (executing program)
1970/01/01 00:10:52 fetching corpus: 4400, signal 192937/208598 (executing program)
1970/01/01 00:10:55 fetching corpus: 4449, signal 193713/208894 (executing program)
1970/01/01 00:10:57 fetching corpus: 4498, signal 194401/209150 (executing program)
1970/01/01 00:11:00 fetching corpus: 4546, signal 195208/209382 (executing program)
1970/01/01 00:11:03 fetching corpus: 4596, signal 195994/209624 (executing program)
1970/01/01 00:11:06 fetching corpus: 4646, signal 196627/209833 (executing program)
1970/01/01 00:11:09 fetching corpus: 4695, signal 197111/210055 (executing program)
1970/01/01 00:11:10 fetching corpus: 4745, signal 197529/210221 (executing program)
1970/01/01 00:11:13 fetching corpus: 4795, signal 198105/210394 (executing program)
1970/01/01 00:11:15 fetching corpus: 4844, signal 198739/210563 (executing program)
1970/01/01 00:11:18 fetching corpus: 4894, signal 199358/210698 (executing program)
1970/01/01 00:11:21 fetching corpus: 4944, signal 199979/210869 (executing program)
1970/01/01 00:11:23 fetching corpus: 4994, signal 200405/211005 (executing program)
1970/01/01 00:11:25 fetching corpus: 5044, signal 200997/211132 (executing program)
1970/01/01 00:11:28 fetching corpus: 5092, signal 201809/211236 (executing program)
1970/01/01 00:11:31 fetching corpus: 5141, signal 202408/211337 (executing program)
1970/01/01 00:11:35 fetching corpus: 5190, signal 203035/211424 (executing program)
1970/01/01 00:11:37 fetching corpus: 5239, signal 203657/211441 (executing program)
1970/01/01 00:11:40 fetching corpus: 5289, signal 204287/211445 (executing program)
1970/01/01 00:11:43 fetching corpus: 5339, signal 204609/211471 (executing program)
1970/01/01 00:11:46 fetching corpus: 5388, signal 204957/211471 (executing program)
1970/01/01 00:11:49 fetching corpus: 5438, signal 205539/211471 (executing program)
1970/01/01 00:11:51 fetching corpus: 5487, signal 206012/211481 (executing program)
1970/01/01 00:11:54 fetching corpus: 5537, signal 206542/211481 (executing program)
1970/01/01 00:11:57 fetching corpus: 5587, signal 207095/211482 (executing program)
1970/01/01 00:12:01 fetching corpus: 5636, signal 207689/211490 (executing program)
1970/01/01 00:12:04 fetching corpus: 5685, signal 208246/211490 (executing program)
1970/01/01 00:12:08 fetching corpus: 5735, signal 208754/211521 (executing program)
1970/01/01 00:12:11 fetching corpus: 5784, signal 209100/211523 (executing program)
1970/01/01 00:12:13 fetching corpus: 5834, signal 209561/211531 (executing program)
1970/01/01 00:12:13 fetching corpus: 5835, signal 209572/211542 (executing program)
1970/01/01 00:12:13 fetching corpus: 5835, signal 209572/211542 (executing program)
1970/01/01 00:14:26 starting 2 fuzzer processes
00:14:26 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000140)=0x90)

00:14:26 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

[  901.855768][ T2047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  902.037679][ T2047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  905.856647][ T2049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  906.036145][ T2049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  920.625750][ T2047] device hsr_slave_0 entered promiscuous mode
[  920.717848][ T2047] device hsr_slave_1 entered promiscuous mode
[  923.855542][ T2049] device hsr_slave_0 entered promiscuous mode
[  923.912042][ T2049] device hsr_slave_1 entered promiscuous mode
[  923.943169][ T2049] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  923.947434][ T2049] Cannot create hsr debugfs directory
[  931.016097][ T2047] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  931.206810][ T2047] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  931.455021][ T2047] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  931.857639][ T2047] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  932.985931][ T2049] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  933.128919][ T2049] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  933.436171][ T2049] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  933.652545][ T2049] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  944.204920][ T2047] 8021q: adding VLAN 0 to HW filter on device bond0
[  945.066308][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  945.178573][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  945.427711][ T2049] 8021q: adding VLAN 0 to HW filter on device bond0
[  946.446965][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  946.501579][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  952.420469][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  952.467989][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  952.672847][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  952.708828][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  952.940573][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  953.185848][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  953.647022][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  953.717675][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  954.037320][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  954.097651][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  954.798775][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  954.847618][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  954.881110][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  954.944653][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  954.980477][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  955.003260][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  955.468692][ T2047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  956.244821][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  956.306907][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  956.572649][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  956.617499][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  956.976976][ T2049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  962.492197][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  962.497266][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  963.488725][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  963.504799][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  977.921421][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  977.995836][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  978.506545][ T2035] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  978.557914][ T2035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  989.634284][ T2049] device veth0_vlan entered promiscuous mode
[  990.416403][ T2035] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  990.495098][ T2035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  990.642904][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  990.702494][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  990.817570][ T2049] device veth1_vlan entered promiscuous mode
[  991.094652][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  991.192563][ T2287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  991.424423][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  991.537443][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  991.758867][ T2047] device veth0_vlan entered promiscuous mode
[  993.040639][ T2047] device veth1_vlan entered promiscuous mode
[  994.286222][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  994.455303][  T829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  994.853730][ T2049] device veth0_macvtap entered promiscuous mode
[  995.355561][ T2049] device veth1_macvtap entered promiscuous mode
[  995.484094][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  996.101879][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  996.174688][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  996.894162][ T2047] device veth0_macvtap entered promiscuous mode
[  997.437772][ T2739] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  997.583802][ T2739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  997.682221][ T2047] device veth1_macvtap entered promiscuous mode
[  998.870800][ T2049] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  998.874004][ T2049] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  998.875576][ T2049] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  998.876947][ T2049] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  999.711026][ T2098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  999.797878][ T2098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  999.842644][ T2098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  999.897397][ T2098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1001.396115][ T2047] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.398124][ T2047] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.422542][ T2047] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.424649][ T2047] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.821391][ T2098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1001.896900][ T2098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
00:16:51 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:16:51 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000140)=0x90)

00:16:55 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000140)=0x90)

00:16:55 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:16:58 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000140)=0x90)

00:16:58 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:17:04 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:04 executing program 0:
syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @link_local, @void, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @local, "", @broadcast}}}}, 0x0)

00:17:06 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:07 executing program 0:
syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @link_local, @void, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @local, "", @broadcast}}}}, 0x0)

00:17:10 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:11 executing program 0:
syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @link_local, @void, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @local, "", @broadcast}}}}, 0x0)

00:17:13 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:15 executing program 0:
syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @link_local, @void, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @local, "", @broadcast}}}}, 0x0)

00:17:17 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:20 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:21 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:24 executing program 1:
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000000), 0xd, 0x0, 0x0, 0x0, 0x0)

00:17:24 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:27 executing program 1:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:29 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:32 executing program 1:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:34 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:37 executing program 1:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:40 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:43 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:44 executing program 1:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:48 executing program 1:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:48 executing program 0:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:51 executing program 1:
r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r5, 0x0)

00:17:53 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:17:57 executing program 1:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

00:17:58 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

[ 1081.136687][ T2740] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1081.543400][ T2740] usb 2-1: Using ep0 maxpacket: 16
[ 1081.914912][ T2740] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1081.936401][ T2740] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1081.946411][ T2740] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1081.948400][ T2740] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1081.952069][ T2740] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1081.954077][ T2740] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1082.232745][ T2740] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1082.234661][ T2740] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.236699][ T2740] usb 2-1: Product: syz
[ 1082.237721][ T2740] usb 2-1: Manufacturer: syz
[ 1082.238837][ T2740] usb 2-1: SerialNumber: syz
[ 1083.227156][ T2740] cdc_ncm 2-1:1.0: bind() failure
[ 1083.768243][ T2740] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1083.776972][ T2740] cdc_ncm 2-1:1.1: bind() failure
[ 1084.037955][ T2740] usb 2-1: USB disconnect, device number 2
00:18:05 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:18:05 executing program 1:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

[ 1088.353981][ T2681] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1088.653448][ T2681] usb 2-1: Using ep0 maxpacket: 16
[ 1089.124346][ T2681] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1089.125813][ T2681] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1089.127166][ T2681] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1089.128292][ T2681] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1089.136584][ T2681] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1089.140970][ T2681] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1089.504351][ T2681] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1089.506502][ T2681] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1089.508821][ T2681] usb 2-1: Product: syz
[ 1089.522824][ T2681] usb 2-1: Manufacturer: syz
[ 1089.523879][ T2681] usb 2-1: SerialNumber: syz
[ 1090.495316][ T2681] cdc_ncm 2-1:1.0: bind() failure
[ 1090.766005][ T2681] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1090.767787][ T2681] cdc_ncm 2-1:1.1: bind() failure
[ 1091.107842][ T2681] usb 2-1: USB disconnect, device number 3
00:18:10 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:18:12 executing program 1:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

[ 1095.201616][ T2741] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1095.552418][ T2741] usb 2-1: Using ep0 maxpacket: 16
[ 1095.786229][ T2741] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1095.788119][ T2741] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1095.803332][ T2741] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1095.804985][ T2741] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1095.806462][ T2741] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1095.808645][ T2741] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1096.006499][ T2741] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1096.015877][ T2741] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1096.017573][ T2741] usb 2-1: Product: syz
[ 1096.053386][ T2741] usb 2-1: Manufacturer: syz
[ 1096.054757][ T2741] usb 2-1: SerialNumber: syz
[ 1096.764034][ T2741] cdc_ncm 2-1:1.0: bind() failure
[ 1096.952950][ T2741] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1096.954686][ T2741] cdc_ncm 2-1:1.1: bind() failure
[ 1097.177337][ T2741] usb 2-1: USB disconnect, device number 4
00:18:17 executing program 0:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

00:18:18 executing program 1:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

[ 1100.971999][ T2035] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1101.281390][ T2035] usb 1-1: Using ep0 maxpacket: 16
[ 1101.574877][ T2035] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1101.576865][ T2035] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1101.601860][ T2035] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1101.603735][ T2035] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1101.605356][ T2035] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1101.606832][ T2035] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1101.926213][ T2035] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1101.928046][ T2035] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1101.951546][ T2035] usb 1-1: Product: syz
[ 1101.952897][ T2035] usb 1-1: Manufacturer: syz
[ 1101.954066][ T2035] usb 1-1: SerialNumber: syz
[ 1103.474137][ T2035] cdc_ncm 1-1:1.0: bind() failure
[ 1103.997698][ T2035] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1104.030639][ T2035] cdc_ncm 1-1:1.1: bind() failure
[ 1104.286252][ T2035] usb 1-1: USB disconnect, device number 2
[ 1105.412823][ T2682] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1105.732015][ T2682] usb 2-1: Using ep0 maxpacket: 16
[ 1106.184231][ T2682] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1106.187581][ T2682] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1106.221669][ T2682] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1106.223454][ T2682] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1106.225027][ T2682] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1106.226687][ T2682] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1106.798025][ T2682] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1106.802881][ T2682] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1106.804543][ T2682] usb 2-1: Product: syz
[ 1106.805799][ T2682] usb 2-1: Manufacturer: syz
[ 1106.806864][ T2682] usb 2-1: SerialNumber: syz
[ 1108.254294][ T2682] cdc_ncm 2-1:1.0: bind() failure
[ 1108.677895][ T2682] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1108.714637][ T2682] cdc_ncm 2-1:1.1: bind() failure
[ 1109.205991][ T2682] usb 2-1: USB disconnect, device number 5
00:18:28 executing program 0:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

[ 1114.422981][   T20] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1114.741911][   T20] usb 1-1: Using ep0 maxpacket: 16
[ 1114.944839][   T20] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1114.946759][   T20] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1114.948736][   T20] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1114.964024][   T20] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1114.965629][   T20] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1115.004954][   T20] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1115.225169][   T20] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1115.226864][   T20] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1115.228196][   T20] usb 1-1: Product: syz
[ 1115.243595][   T20] usb 1-1: Manufacturer: syz
[ 1115.244986][   T20] usb 1-1: SerialNumber: syz
[ 1116.756101][   T20] cdc_ncm 1-1:1.0: bind() failure
[ 1117.124687][   T20] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1117.126942][   T20] cdc_ncm 1-1:1.1: bind() failure
[ 1117.672464][   T20] usb 1-1: USB disconnect, device number 3
00:18:38 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:18:41 executing program 0:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000980)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000001100)={0x0, 0x0, 0x8, &(0x7f0000000b00)={0x5, 0xf, 0x8, 0x1, [@generic={0x3}]}})

[ 1124.834294][  T829] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1125.112517][  T829] usb 1-1: Using ep0 maxpacket: 16
[ 1125.515123][  T829] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1125.517122][  T829] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1125.534697][  T829] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1125.536582][  T829] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1125.557670][  T829] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
00:18:44 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

[ 1125.581472][  T829] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1125.835492][  T829] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1125.848216][  T829] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1125.853377][  T829] usb 1-1: Product: syz
[ 1125.854936][  T829] usb 1-1: Manufacturer: syz
[ 1125.857255][  T829] usb 1-1: SerialNumber: syz
[ 1126.965028][  T829] cdc_ncm 1-1:1.0: bind() failure
[ 1127.194065][  T829] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1127.195883][  T829] cdc_ncm 1-1:1.1: bind() failure
[ 1127.477683][  T829] usb 1-1: USB disconnect, device number 4
00:18:49 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:18:53 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:18:59 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:19:01 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:07 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
setreuid(0x0, r4)
fchown(r2, 0xffffffffffffffff, 0x0)

00:19:07 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:11 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:13 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:15 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:17 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:20 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv6_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x275c9b3d6e29c015, 0x0, 0xfd, 0x0, 0x0, 0x8}}, 0x1c}}, 0x0)

[ 1163.176973][ T2962] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1163.185968][ T2962] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1163.194702][ T2962] IPv6: NLM_F_CREATE should be set when creating new route
[ 1163.196305][ T2962] IPv6: NLM_F_CREATE should be set when creating new route
00:19:22 executing program 0:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000200)='\x00', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2, 0x0, 0x0, 0x35}, 0x9c)

00:19:23 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5, 0x0, 0xc, 0x0, 0x0, 0xfffffffffffffffe, 0x4}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:19:27 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5, 0x0, 0xc, 0x0, 0x0, 0xfffffffffffffffe, 0x4}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:19:29 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:30 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5, 0x0, 0xc, 0x0, 0x0, 0xfffffffffffffffe, 0x4}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:19:31 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:33 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=@framed={{}, [@alu={0x5, 0x0, 0xc, 0x0, 0x0, 0xfffffffffffffffe, 0x4}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)

00:19:34 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:37 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:38 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:40 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:42 executing program 0:
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'bond_slave_1\x00', &(0x7f0000000040)=@ethtool_dump={0x40}})

00:19:43 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

00:19:44 executing program 0:
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'bond_slave_1\x00', &(0x7f0000000040)=@ethtool_dump={0x40}})

00:19:47 executing program 1:
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="4d0000000010000000050f0708040103f661"]})

00:19:47 executing program 0:
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'bond_slave_1\x00', &(0x7f0000000040)=@ethtool_dump={0x40}})

00:19:49 executing program 1:
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="4d0000000010000000050f0708040103f661"]})

00:19:50 executing program 0:
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'bond_slave_1\x00', &(0x7f0000000040)=@ethtool_dump={0x40}})

00:19:53 executing program 1:
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="4d0000000010000000050f0708040103f661"]})

00:19:54 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$sock(r0, &(0x7f0000000f00)=[{{&(0x7f0000000000)=@in={0x2, 0x4e21, @remote}, 0x80, 0x0}}, {{&(0x7f0000000600)=@un=@abs, 0x80, 0x0}}], 0x2, 0x0)

00:19:57 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$sock(r0, &(0x7f0000000f00)=[{{&(0x7f0000000000)=@in={0x2, 0x4e21, @remote}, 0x80, 0x0}}, {{&(0x7f0000000600)=@un=@abs, 0x80, 0x0}}], 0x2, 0x0)

00:19:58 executing program 1:
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="4d0000000010000000050f0708040103f661"]})

00:20:01 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

00:20:01 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$sock(r0, &(0x7f0000000f00)=[{{&(0x7f0000000000)=@in={0x2, 0x4e21, @remote}, 0x80, 0x0}}, {{&(0x7f0000000600)=@un=@abs, 0x80, 0x0}}], 0x2, 0x0)

[ 1204.271346][ T3008] input: syz1 as /devices/virtual/input/input0
00:20:05 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

00:20:05 executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$sock(r0, &(0x7f0000000f00)=[{{&(0x7f0000000000)=@in={0x2, 0x4e21, @remote}, 0x80, 0x0}}, {{&(0x7f0000000600)=@un=@abs, 0x80, 0x0}}], 0x2, 0x0)

[ 1207.867271][ T3016] input: syz1 as /devices/virtual/input/input1
00:20:08 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

00:20:11 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

[ 1213.288842][ T3024] input: syz1 as /devices/virtual/input/input2
[ 1214.388502][ T3029] input: syz1 as /devices/virtual/input/input3
00:20:14 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

00:20:15 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

[ 1217.705070][ T3037] input: syz1 as /devices/virtual/input/input4
[ 1218.596443][ T3042] input: syz1 as /devices/virtual/input/input5
00:20:19 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:19 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556b, 0x0)

[ 1223.592330][    C1] hrtimer: interrupt took 2608900 ns
[ 1223.816821][ T3053] input: syz1 as /devices/virtual/input/input6
00:20:22 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:27 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:29 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:33 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:36 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:40 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)

00:20:44 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x50, 0x1, 0x1, 0x403, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x50}}, 0x0)

00:20:46 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0)

00:20:48 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x50, 0x1, 0x1, 0x403, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x50}}, 0x0)

00:20:49 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0)

00:20:52 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x50, 0x1, 0x1, 0x403, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x50}}, 0x0)

00:20:53 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0)

00:20:55 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x50, 0x1, 0x1, 0x403, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x50}}, 0x0)

00:20:57 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0)

00:21:00 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM(0x18, 0x0, 0x0)

00:21:01 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:04 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM(0x18, 0x0, 0x0)

00:21:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:06 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM(0x18, 0x0, 0x0)

00:21:09 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM(0x18, 0x0, 0x0)

00:21:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:13 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:15 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:17 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:20 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:22 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x9)
fallocate(r0, 0x0, 0x0, 0x8800000)
accept4(r0, &(0x7f0000000580)=@alg, &(0x7f0000000140)=0xfe36, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xe66e1, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000))
ftruncate(r1, 0x4d0)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r1)
statx(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x800, 0x10, &(0x7f0000000180))
open_tree(r1, &(0x7f00000000c0)='./file0\x00', 0x81000)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x4d0)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a70209008ae910cc949e255fa78a19b321af3fff33f00124e9c47967b59d55383e48c12e6fc66e27a955118cb9f74214bb26b689d957bee74c215c73979af06e5e37da8cb9d849f62d02330996b952d246cfba686a8eda9d262809da81c86104c203771323b1f04ec365a0781ab10ad7a30852b8d9de10fa46891e96156457dcf1ac3edef0d82ef5d13fd079ed7dd7f2c5d2a2c8e594dd06a4e289cc6358b3c895e20000", @ANYRES16=r2, @ANYBLOB="00082bbd7000fddbdf250100000014000900fe8000000000000000000000ca2fa0a66d0c83bc4c000000bb04000500060001004e2000000400050008000600ac1414bb"], 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8100, &(0x7f0000000340)={0x6, 0x6, 0x100000}, 0x20)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCADDRT(r3, 0x890c, &(0x7f0000000200)={0x0, {0x2, 0x4e25, @empty}, {0x2, 0x0, @dev}, {0x2, 0x3, @rand_addr=0xff000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2ae, 0x200000000800, 0x7})

00:21:23 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:28 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:30 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:31 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:34 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FITRIM(r0, 0x40305839, &(0x7f0000000000)={0x0, 0x9c, 0xd1fe})

00:21:36 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:39 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:41 executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:43 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:43 executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:45 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:46 executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readahead(r0, 0x0, 0x0)

00:21:49 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003f80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000180a010400000000000000008b0000080900020073797a31000000000c00054000000000000000050c00054000000000000000040900020073797a31100000005c000000090a010200000000000000000300000408000a400000000008000840000000000900020073797a310000000008000740000000280800054000000030090001"], 0x3dec}}, 0x0)

[ 1312.586755][ T3148] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
00:21:51 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:21:53 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003f80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000180a010400000000000000008b0000080900020073797a31000000000c00054000000000000000050c00054000000000000000040900020073797a31100000005c000000090a010200000000000000000300000408000a400000000008000840000000000900020073797a310000000008000740000000280800054000000030090001"], 0x3dec}}, 0x0)

[ 1316.012144][ T3158] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
00:21:56 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003f80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000180a010400000000000000008b0000080900020073797a31000000000c00054000000000000000050c00054000000000000000040900020073797a31100000005c000000090a010200000000000000000300000408000a400000000008000840000000000900020073797a310000000008000740000000280800054000000030090001"], 0x3dec}}, 0x0)

00:22:00 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1321.884710][ T3164] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
00:22:01 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003f80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000180a010400000000000000008b0000080900020073797a31000000000c00054000000000000000050c00054000000000000000040900020073797a31100000005c000000090a010200000000000000000300000408000a400000000008000840000000000900020073797a310000000008000740000000280800054000000030090001"], 0x3dec}}, 0x0)

[ 1324.516821][ T3176] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
00:22:06 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:09 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1331.124856][ T3167] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[ 1331.173943][ T3167] 
[ 1331.174705][ T3167] ======================================================
[ 1331.175441][ T3167] WARNING: possible circular locking dependency detected
[ 1331.176300][ T3167] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted
[ 1331.177262][ T3167] ------------------------------------------------------
[ 1331.177916][ T3167] syz-executor.1/3167 is trying to acquire lock:
[ 1331.178687][ T3167] ffffffff84fc0408 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58
[ 1331.181657][ T3167] 
[ 1331.181657][ T3167] but task is already holding lock:
[ 1331.182540][ T3167] ffffaf80109ce350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x52/0x1de
[ 1331.184500][ T3167] 
[ 1331.184500][ T3167] which lock already depends on the new lock.
[ 1331.184500][ T3167] 
[ 1331.185389][ T3167] 
[ 1331.185389][ T3167] the existing dependency chain (in reverse order) is:
[ 1331.186277][ T3167] 
[ 1331.186277][ T3167] -> #3 (&ndev->req_lock){+.+.}-{3:3}:
[ 1331.187801][ T3167]        lock_acquire.part.0+0x1d0/0x424
[ 1331.188891][ T3167]        lock_acquire+0x54/0x6a
[ 1331.190118][ T3167]        __mutex_lock+0x114/0xade
[ 1331.191037][ T3167]        mutex_lock_nested+0x14/0x1c
[ 1331.191997][ T3167]        nci_start_poll+0x4de/0x6b8
[ 1331.192898][ T3167]        nfc_start_poll+0x10c/0x1e8
[ 1331.193862][ T3167]        nfc_genl_start_poll+0xfe/0x252
[ 1331.194816][ T3167]        genl_family_rcv_msg_doit+0x19a/0x23c
[ 1331.195710][ T3167]        genl_rcv_msg+0x236/0x3ba
[ 1331.196508][ T3167]        netlink_rcv_skb+0xf8/0x2be
[ 1331.197332][ T3167]        genl_rcv+0x36/0x4c
[ 1331.198105][ T3167]        netlink_unicast+0x40e/0x5fe
[ 1331.199013][ T3167]        netlink_sendmsg+0x4e0/0x994
[ 1331.200294][ T3167]        sock_sendmsg+0xa0/0xc4
[ 1331.201169][ T3167]        ____sys_sendmsg+0x46e/0x484
[ 1331.202076][ T3167]        ___sys_sendmsg+0x16c/0x1f6
[ 1331.202980][ T3167]        __sys_sendmsg+0xba/0x150
[ 1331.203808][ T3167]        sys_sendmsg+0x2c/0x3a
[ 1331.204717][ T3167]        ret_from_syscall+0x0/0x2
[ 1331.205666][ T3167] 
[ 1331.205666][ T3167] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[ 1331.207093][ T3167]        lock_acquire.part.0+0x1d0/0x424
[ 1331.208024][ T3167]        lock_acquire+0x54/0x6a
[ 1331.208855][ T3167]        __mutex_lock+0x114/0xade
[ 1331.210133][ T3167]        mutex_lock_nested+0x14/0x1c
[ 1331.211048][ T3167]        nfc_urelease_event_work+0x126/0x218
[ 1331.212037][ T3167]        process_one_work+0x654/0xffe
[ 1331.212898][ T3167]        worker_thread+0x360/0x8fa
[ 1331.213688][ T3167]        kthread+0x19e/0x1fa
[ 1331.214549][ T3167]        ret_from_exception+0x0/0x10
[ 1331.215497][ T3167] 
[ 1331.215497][ T3167] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}:
[ 1331.216917][ T3167]        lock_acquire.part.0+0x1d0/0x424
[ 1331.217855][ T3167]        lock_acquire+0x54/0x6a
[ 1331.218763][ T3167]        __mutex_lock+0x114/0xade
[ 1331.220035][ T3167]        mutex_lock_nested+0x14/0x1c
[ 1331.220969][ T3167]        nfc_register_device+0x44/0x29e
[ 1331.221898][ T3167]        nci_register_device+0x538/0x612
[ 1331.222845][ T3167]        virtual_ncidev_open+0x82/0x12c
[ 1331.223784][ T3167]        misc_open+0x272/0x2c8
[ 1331.224680][ T3167]        chrdev_open+0x1d4/0x478
[ 1331.225530][ T3167]        do_dentry_open+0x2a4/0x7d4
[ 1331.226387][ T3167]        vfs_open+0x52/0x5e
[ 1331.227247][ T3167]        path_openat+0x12b6/0x189e
[ 1331.228067][ T3167]        do_filp_open+0x10e/0x22a
[ 1331.228885][ T3167]        do_sys_openat2+0x174/0x31e
[ 1331.230138][ T3167]        sys_openat+0xdc/0x164
[ 1331.231037][ T3167]        ret_from_syscall+0x0/0x2
[ 1331.231906][ T3167] 
[ 1331.231906][ T3167] -> #0 (nci_mutex){+.+.}-{3:3}:
[ 1331.233228][ T3167]        check_noncircular+0x1de/0x1fe
[ 1331.234152][ T3167]        __lock_acquire+0x19a4/0x333e
[ 1331.235060][ T3167]        lock_acquire.part.0+0x1d0/0x424
[ 1331.235965][ T3167]        lock_acquire+0x54/0x6a
[ 1331.236820][ T3167]        __mutex_lock+0x114/0xade
[ 1331.237733][ T3167]        mutex_lock_nested+0x14/0x1c
[ 1331.238668][ T3167]        virtual_nci_close+0x28/0x58
[ 1331.239880][ T3167]        nci_close_device+0x12e/0x1de
[ 1331.240790][ T3167]        nci_unregister_device+0x34/0x182
[ 1331.241708][ T3167]        virtual_ncidev_close+0x9c/0xbc
[ 1331.242676][ T3167]        __fput+0x164/0x502
[ 1331.243482][ T3167]        ____fput+0x1a/0x24
[ 1331.244246][ T3167]        task_work_run+0xdc/0x154
[ 1331.245110][ T3167]        do_notify_resume+0x894/0xa56
[ 1331.245969][ T3167]        ret_from_exception+0x0/0x10
[ 1331.246884][ T3167] 
[ 1331.246884][ T3167] other info that might help us debug this:
[ 1331.246884][ T3167] 
[ 1331.247804][ T3167] Chain exists of:
[ 1331.247804][ T3167]   nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock
[ 1331.247804][ T3167] 
[ 1331.250915][ T3167]  Possible unsafe locking scenario:
[ 1331.250915][ T3167] 
[ 1331.252366][ T3167]        CPU0                    CPU1
[ 1331.253016][ T3167]        ----                    ----
[ 1331.253611][ T3167]   lock(&ndev->req_lock);
[ 1331.254484][ T3167]                                lock(&genl_data->genl_data_mutex);
[ 1331.255514][ T3167]                                lock(&ndev->req_lock);
[ 1331.256455][ T3167]   lock(nci_mutex);
[ 1331.257217][ T3167] 
[ 1331.257217][ T3167]  *** DEADLOCK ***
[ 1331.257217][ T3167] 
[ 1331.258000][ T3167] 1 lock held by syz-executor.1/3167:
[ 1331.258742][ T3167]  #0: ffffaf80109ce350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x52/0x1de
[ 1331.260739][ T3167] 
[ 1331.260739][ T3167] stack backtrace:
[ 1331.261701][ T3167] CPU: 1 PID: 3167 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1331.263019][ T3167] Hardware name: riscv-virtio,qemu (DT)
[ 1331.263943][ T3167] Call Trace:
[ 1331.264550][ T3167] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[ 1331.265559][ T3167] [<ffffffff831668cc>] show_stack+0x34/0x40
[ 1331.266460][ T3167] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[ 1331.267484][ T3167] [<ffffffff83175742>] dump_stack+0x1c/0x24
[ 1331.268450][ T3167] [<ffffffff8010f7b8>] print_circular_bug+0x34e/0x3d8
[ 1331.270020][ T3167] [<ffffffff8010fa20>] check_noncircular+0x1de/0x1fe
[ 1331.271702][ T3167] [<ffffffff80113c26>] __lock_acquire+0x19a4/0x333e
[ 1331.272737][ T3167] [<ffffffff80116582>] lock_acquire.part.0+0x1d0/0x424
[ 1331.274076][ T3167] [<ffffffff8011682a>] lock_acquire+0x54/0x6a
[ 1331.275113][ T3167] [<ffffffff831a8ea4>] __mutex_lock+0x114/0xade
[ 1331.276394][ T3167] [<ffffffff831a9882>] mutex_lock_nested+0x14/0x1c
[ 1331.277968][ T3167] [<ffffffff8148d766>] virtual_nci_close+0x28/0x58
[ 1331.279403][ T3167] [<ffffffff830cf612>] nci_close_device+0x12e/0x1de
[ 1331.280343][ T3167] [<ffffffff830d0372>] nci_unregister_device+0x34/0x182
[ 1331.281315][ T3167] [<ffffffff8148d508>] virtual_ncidev_close+0x9c/0xbc
[ 1331.282378][ T3167] [<ffffffff804cb3c0>] __fput+0x164/0x502
[ 1331.283312][ T3167] [<ffffffff804cb7d2>] ____fput+0x1a/0x24
[ 1331.284195][ T3167] [<ffffffff800a0530>] task_work_run+0xdc/0x154
[ 1331.285184][ T3167] [<ffffffff80008c12>] do_notify_resume+0x894/0xa56
[ 1331.286191][ T3167] [<ffffffff80005724>] ret_from_exception+0x0/0x10
00:22:10 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:13 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:14 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1338.961977][ T3179] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:22:18 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:18 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:21 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:22 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:23 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1346.800938][ T3198] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:22:26 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:22:26 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:27 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:29 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

[ 1356.320916][ T3219] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:22:35 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:35 executing program 1:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:36 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:37 executing program 1:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:37 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:38 executing program 1:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))

00:22:38 executing program 0:
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xf69, &(0x7f00000001c0), &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))


VM DIAGNOSIS:
05:56:25  Registers:
info registers vcpu 0
 pc       ffffffff80c382d6
 mhartid  0000000000000000
 mstatus  00000000000000a0
 mip      0000000000000000
 mie      00000000000002aa
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff8000f97e
 sepc     ffffffff830cedea
 mcause   0000000000000009
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff80c382f8 x2/sp ffffaf80225bef30 x3/gp ffffffff85863ac0
 x4/tp ffffaf8009f98000 x5/t0 ffffffff86bcb657 x6/t1 fffff5ef044b7df8 x7/t2 0000000000000000
 x8/s0 ffffaf80225bf060 x9/s1 1ffff5f0044b7dec x10/a0 0000000000000000 x11/a1 00000000000f0000
 x12/a2 0000000000000002 x13/a3 ffffffff80c38312 x14/a4 ffffaf8009f99000 x15/a5 0000000000000000
 x16/a6 0000000000f00000 x17/a7 ffffaf80225befc7 x18/s2 ffffaf80225bf000 x19/s3 0000000000000010
 x20/s4 ffffffff85889780 x21/s5 ffffaf80225bf282 x22/s6 ffffaf80225bf288 x23/s7 ffffffff84fc0408
 x24/s8 0000000000000030 x25/s9 0000000000000078 x26/s10 0000000000ffffff x27/s11 ffffaf80225bf0c0
 x28/t3 1ffff5f0044b7e80 x29/t4 fffff5ef044b7df8 x30/t5 fffff5ef044b7df9 x31/t6 ffffaf80225bf282
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffff800d3cee
 mhartid  0000000000000001
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff8011593e
 sepc     ffffffff8011593e
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff800de1b0 x2/sp ffffaf800c03efa0 x3/gp ffffffff85863ac0
 x4/tp ffffaf800d6c48c0 x5/t0 0000000000046000 x6/t1 fffff5ef0174b828 x7/t2 00000000000004f8
 x8/s0 ffffaf800c03f020 x9/s1 ffffaf80216e4c00 x10/a0 0000000000000003 x11/a1 ffffaf800d6c48c0
 x12/a2 0000000000010001 x13/a3 ffffffff800dfb7a x14/a4 0000000000000002 x15/a5 ffffaf805a9d8eb0
 x16/a6 0000000000f00000 x17/a7 ffffaf800ba5c147 x18/s2 0000000000b71b00 x19/s3 ffffaf805a9d8d40
 x20/s4 ffffaf805a9d8d40 x21/s5 0000000000000000 x22/s6 ffffffff85889780 x23/s7 1ffff5f001807dec
 x24/s8 ffffaf800c03efc0 x25/s9 ffffaf805a9d8d40 x26/s10 ffffaf800c03ef80 x27/s11 ffffffff8465b2d0
 x28/t3 000001a0000000d0 x29/t4 fffff5ef0174b828 x30/t5 fffff5ef0174b829 x31/t6 0000000000040000
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000