[  261.848436][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  261.881454][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:46220' (ECDSA) to the list of known hosts.
1970/01/01 00:05:19 fuzzer started
1970/01/01 00:05:33 dialing manager at localhost:35225
[  341.091972][ T2025] cgroup: Unknown subsys name 'net'
[  341.963500][ T2025] cgroup: Unknown subsys name 'rlimit'
1970/01/01 00:05:41 syscalls: 2918
1970/01/01 00:05:41 code coverage: enabled
1970/01/01 00:05:41 comparison tracing: enabled
1970/01/01 00:05:41 extra coverage: enabled
1970/01/01 00:05:41 delay kcov mmap: mmap returned an invalid pointer
1970/01/01 00:05:41 setuid sandbox: enabled
1970/01/01 00:05:41 namespace sandbox: enabled
1970/01/01 00:05:41 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:05:41 fault injection: enabled
1970/01/01 00:05:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:05:41 net packet injection: enabled
1970/01/01 00:05:41 net device setup: enabled
1970/01/01 00:05:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:05:41 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:05:41 NIC VF setup: PCI device 0000:00:11.0 is not available
1970/01/01 00:05:41 USB emulation: enabled
1970/01/01 00:05:41 hci packet injection: /dev/vhci does not exist
1970/01/01 00:05:41 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:05:41 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:05:41 fetching corpus: 0, signal 0/2000 (executing program)
1970/01/01 00:05:45 fetching corpus: 50, signal 25931/29554 (executing program)
1970/01/01 00:05:48 fetching corpus: 100, signal 42452/47458 (executing program)
1970/01/01 00:05:53 fetching corpus: 150, signal 54560/60882 (executing program)
1970/01/01 00:05:56 fetching corpus: 199, signal 61136/68775 (executing program)
1970/01/01 00:05:58 fetching corpus: 248, signal 67338/76218 (executing program)
1970/01/01 00:06:01 fetching corpus: 296, signal 70283/80450 (executing program)
1970/01/01 00:06:03 fetching corpus: 346, signal 72500/83997 (executing program)
1970/01/01 00:06:05 fetching corpus: 396, signal 76333/88936 (executing program)
1970/01/01 00:06:07 fetching corpus: 446, signal 80899/94534 (executing program)
1970/01/01 00:06:10 fetching corpus: 496, signal 85934/100477 (executing program)
1970/01/01 00:06:13 fetching corpus: 543, signal 88887/104473 (executing program)
1970/01/01 00:06:16 fetching corpus: 593, signal 92351/108842 (executing program)
1970/01/01 00:06:19 fetching corpus: 643, signal 95380/112755 (executing program)
1970/01/01 00:06:23 fetching corpus: 693, signal 97659/116007 (executing program)
1970/01/01 00:06:28 fetching corpus: 743, signal 100836/120012 (executing program)
1970/01/01 00:06:30 fetching corpus: 792, signal 103235/123291 (executing program)
1970/01/01 00:06:32 fetching corpus: 842, signal 105284/126260 (executing program)
1970/01/01 00:06:35 fetching corpus: 892, signal 108006/129741 (executing program)
1970/01/01 00:06:38 fetching corpus: 939, signal 110085/132590 (executing program)
1970/01/01 00:06:40 fetching corpus: 989, signal 111980/135300 (executing program)
1970/01/01 00:06:42 fetching corpus: 1039, signal 113414/137527 (executing program)
1970/01/01 00:06:44 fetching corpus: 1089, signal 115097/139993 (executing program)
1970/01/01 00:06:47 fetching corpus: 1139, signal 117838/143283 (executing program)
1970/01/01 00:06:49 fetching corpus: 1189, signal 118930/145235 (executing program)
1970/01/01 00:06:51 fetching corpus: 1239, signal 120440/147472 (executing program)
1970/01/01 00:06:53 fetching corpus: 1289, signal 122020/149744 (executing program)
1970/01/01 00:06:55 fetching corpus: 1339, signal 123474/151921 (executing program)
1970/01/01 00:06:58 fetching corpus: 1389, signal 125517/154496 (executing program)
1970/01/01 00:07:00 fetching corpus: 1438, signal 127459/156947 (executing program)
1970/01/01 00:07:02 fetching corpus: 1488, signal 128926/159029 (executing program)
1970/01/01 00:07:04 fetching corpus: 1538, signal 130150/160947 (executing program)
1970/01/01 00:07:06 fetching corpus: 1587, signal 131798/163143 (executing program)
1970/01/01 00:07:09 fetching corpus: 1637, signal 133222/165122 (executing program)
1970/01/01 00:07:11 fetching corpus: 1687, signal 134706/167147 (executing program)
1970/01/01 00:07:13 fetching corpus: 1737, signal 136066/169024 (executing program)
1970/01/01 00:07:16 fetching corpus: 1787, signal 138241/171470 (executing program)
1970/01/01 00:07:18 fetching corpus: 1837, signal 139557/173282 (executing program)
1970/01/01 00:07:20 fetching corpus: 1887, signal 140988/175155 (executing program)
1970/01/01 00:07:23 fetching corpus: 1936, signal 142003/176701 (executing program)
1970/01/01 00:07:24 fetching corpus: 1986, signal 142837/178147 (executing program)
1970/01/01 00:07:26 fetching corpus: 2036, signal 143900/179701 (executing program)
1970/01/01 00:07:29 fetching corpus: 2086, signal 145136/181412 (executing program)
1970/01/01 00:07:31 fetching corpus: 2136, signal 146187/182949 (executing program)
1970/01/01 00:07:33 fetching corpus: 2186, signal 147268/184473 (executing program)
1970/01/01 00:07:36 fetching corpus: 2236, signal 148170/185887 (executing program)
1970/01/01 00:07:38 fetching corpus: 2286, signal 149491/187499 (executing program)
1970/01/01 00:07:40 fetching corpus: 2336, signal 150276/188806 (executing program)
1970/01/01 00:07:42 fetching corpus: 2385, signal 151141/190158 (executing program)
1970/01/01 00:07:45 fetching corpus: 2434, signal 152293/191629 (executing program)
1970/01/01 00:07:48 fetching corpus: 2484, signal 154253/193598 (executing program)
1970/01/01 00:07:52 fetching corpus: 2534, signal 155854/195309 (executing program)
1970/01/01 00:07:55 fetching corpus: 2584, signal 156616/196495 (executing program)
1970/01/01 00:07:58 fetching corpus: 2634, signal 157347/197741 (executing program)
1970/01/01 00:08:00 fetching corpus: 2683, signal 158238/199019 (executing program)
1970/01/01 00:08:02 fetching corpus: 2733, signal 159668/200550 (executing program)
1970/01/01 00:08:04 fetching corpus: 2783, signal 160611/201809 (executing program)
1970/01/01 00:08:07 fetching corpus: 2832, signal 161336/202933 (executing program)
1970/01/01 00:08:09 fetching corpus: 2882, signal 162107/204018 (executing program)
1970/01/01 00:08:11 fetching corpus: 2931, signal 162814/205072 (executing program)
1970/01/01 00:08:14 fetching corpus: 2981, signal 163624/206229 (executing program)
1970/01/01 00:08:16 fetching corpus: 3030, signal 164194/207215 (executing program)
1970/01/01 00:08:19 fetching corpus: 3080, signal 165454/208485 (executing program)
1970/01/01 00:08:22 fetching corpus: 3130, signal 166350/209639 (executing program)
1970/01/01 00:08:24 fetching corpus: 3179, signal 166958/210637 (executing program)
1970/01/01 00:08:26 fetching corpus: 3229, signal 167868/211750 (executing program)
1970/01/01 00:08:29 fetching corpus: 3279, signal 168586/212740 (executing program)
1970/01/01 00:08:33 fetching corpus: 3328, signal 169479/213849 (executing program)
1970/01/01 00:08:36 fetching corpus: 3377, signal 170332/214876 (executing program)
1970/01/01 00:08:38 fetching corpus: 3427, signal 171332/215934 (executing program)
1970/01/01 00:08:41 fetching corpus: 3477, signal 172018/216837 (executing program)
1970/01/01 00:08:43 fetching corpus: 3527, signal 173008/217940 (executing program)
1970/01/01 00:08:46 fetching corpus: 3577, signal 173771/218885 (executing program)
1970/01/01 00:08:48 fetching corpus: 3626, signal 174375/219766 (executing program)
1970/01/01 00:08:51 fetching corpus: 3676, signal 175371/220766 (executing program)
1970/01/01 00:08:53 fetching corpus: 3725, signal 176122/221626 (executing program)
1970/01/01 00:08:56 fetching corpus: 3775, signal 176769/222436 (executing program)
1970/01/01 00:08:58 fetching corpus: 3825, signal 177228/223230 (executing program)
1970/01/01 00:09:01 fetching corpus: 3875, signal 177725/224022 (executing program)
1970/01/01 00:09:03 fetching corpus: 3924, signal 178758/224984 (executing program)
1970/01/01 00:09:05 fetching corpus: 3974, signal 179407/225750 (executing program)
1970/01/01 00:09:07 fetching corpus: 4024, signal 180004/226552 (executing program)
1970/01/01 00:09:09 fetching corpus: 4074, signal 180940/227532 (executing program)
1970/01/01 00:09:12 fetching corpus: 4123, signal 181619/228279 (executing program)
1970/01/01 00:09:15 fetching corpus: 4171, signal 182325/229085 (executing program)
1970/01/01 00:09:17 fetching corpus: 4221, signal 183045/229830 (executing program)
1970/01/01 00:09:19 fetching corpus: 4271, signal 184636/230855 (executing program)
1970/01/01 00:09:22 fetching corpus: 4320, signal 185388/231574 (executing program)
1970/01/01 00:09:24 fetching corpus: 4368, signal 186221/232349 (executing program)
1970/01/01 00:09:27 fetching corpus: 4418, signal 187178/233176 (executing program)
1970/01/01 00:09:29 fetching corpus: 4468, signal 187770/233860 (executing program)
1970/01/01 00:09:32 fetching corpus: 4518, signal 188305/234475 (executing program)
1970/01/01 00:09:35 fetching corpus: 4568, signal 188855/235131 (executing program)
1970/01/01 00:09:37 fetching corpus: 4617, signal 189465/235783 (executing program)
1970/01/01 00:09:40 fetching corpus: 4667, signal 190374/236497 (executing program)
1970/01/01 00:09:43 fetching corpus: 4717, signal 190771/237091 (executing program)
1970/01/01 00:09:45 fetching corpus: 4767, signal 191306/237726 (executing program)
1970/01/01 00:09:47 fetching corpus: 4816, signal 192045/238403 (executing program)
1970/01/01 00:09:49 fetching corpus: 4866, signal 192506/238961 (executing program)
1970/01/01 00:09:51 fetching corpus: 4916, signal 193146/239565 (executing program)
1970/01/01 00:09:53 fetching corpus: 4966, signal 194188/240207 (executing program)
1970/01/01 00:09:56 fetching corpus: 5016, signal 194598/240754 (executing program)
1970/01/01 00:09:59 fetching corpus: 5066, signal 195149/241297 (executing program)
1970/01/01 00:10:02 fetching corpus: 5115, signal 195704/241833 (executing program)
1970/01/01 00:10:04 fetching corpus: 5164, signal 196079/242353 (executing program)
1970/01/01 00:10:08 fetching corpus: 5214, signal 196615/242873 (executing program)
1970/01/01 00:10:11 fetching corpus: 5264, signal 196973/243345 (executing program)
1970/01/01 00:10:14 fetching corpus: 5313, signal 197540/243845 (executing program)
1970/01/01 00:10:16 fetching corpus: 5363, signal 197949/244333 (executing program)
1970/01/01 00:10:18 fetching corpus: 5413, signal 198843/244898 (executing program)
1970/01/01 00:10:22 fetching corpus: 5463, signal 199379/245376 (executing program)
1970/01/01 00:10:25 fetching corpus: 5512, signal 199961/245852 (executing program)
1970/01/01 00:10:27 fetching corpus: 5560, signal 200802/246361 (executing program)
1970/01/01 00:10:29 fetching corpus: 5610, signal 201440/246811 (executing program)
1970/01/01 00:10:32 fetching corpus: 5659, signal 202216/247296 (executing program)
1970/01/01 00:10:36 fetching corpus: 5709, signal 202942/247743 (executing program)
1970/01/01 00:10:39 fetching corpus: 5759, signal 203488/248174 (executing program)
1970/01/01 00:10:41 fetching corpus: 5809, signal 203976/248597 (executing program)
1970/01/01 00:10:43 fetching corpus: 5859, signal 204397/248989 (executing program)
1970/01/01 00:10:45 fetching corpus: 5909, signal 204939/249384 (executing program)
1970/01/01 00:10:48 fetching corpus: 5959, signal 205542/249783 (executing program)
1970/01/01 00:10:50 fetching corpus: 6009, signal 206077/250148 (executing program)
1970/01/01 00:10:52 fetching corpus: 6058, signal 206602/250521 (executing program)
1970/01/01 00:10:54 fetching corpus: 6108, signal 207232/250899 (executing program)
1970/01/01 00:10:56 fetching corpus: 6158, signal 207812/251247 (executing program)
1970/01/01 00:10:59 fetching corpus: 6207, signal 208413/251498 (executing program)
1970/01/01 00:11:01 fetching corpus: 6257, signal 209203/251498 (executing program)
1970/01/01 00:11:03 fetching corpus: 6307, signal 209692/251498 (executing program)
1970/01/01 00:11:05 fetching corpus: 6357, signal 210148/251500 (executing program)
1970/01/01 00:11:07 fetching corpus: 6407, signal 210634/251501 (executing program)
1970/01/01 00:11:12 fetching corpus: 6457, signal 211083/251501 (executing program)
1970/01/01 00:11:14 fetching corpus: 6507, signal 211504/251510 (executing program)
1970/01/01 00:11:17 fetching corpus: 6557, signal 211950/251521 (executing program)
1970/01/01 00:11:19 fetching corpus: 6606, signal 212603/251522 (executing program)
1970/01/01 00:11:21 fetching corpus: 6656, signal 212955/251525 (executing program)
1970/01/01 00:11:25 fetching corpus: 6706, signal 213355/251525 (executing program)
1970/01/01 00:11:29 fetching corpus: 6756, signal 213855/251525 (executing program)
1970/01/01 00:11:32 fetching corpus: 6805, signal 214481/251530 (executing program)
1970/01/01 00:11:34 fetching corpus: 6855, signal 214913/251538 (executing program)
1970/01/01 00:11:36 fetching corpus: 6904, signal 215266/251538 (executing program)
1970/01/01 00:11:39 fetching corpus: 6954, signal 215650/251562 (executing program)
1970/01/01 00:11:43 fetching corpus: 7004, signal 216139/251562 (executing program)
1970/01/01 00:11:46 fetching corpus: 7053, signal 216774/251562 (executing program)
1970/01/01 00:11:48 fetching corpus: 7103, signal 217184/251564 (executing program)
1970/01/01 00:11:50 fetching corpus: 7152, signal 217543/251564 (executing program)
1970/01/01 00:11:52 fetching corpus: 7202, signal 218021/251570 (executing program)
1970/01/01 00:11:54 fetching corpus: 7252, signal 218405/251570 (executing program)
1970/01/01 00:11:55 fetching corpus: 7302, signal 218750/251587 (executing program)
1970/01/01 00:11:58 fetching corpus: 7351, signal 219244/251587 (executing program)
1970/01/01 00:12:01 fetching corpus: 7401, signal 219791/251589 (executing program)
1970/01/01 00:12:03 fetching corpus: 7451, signal 220156/251592 (executing program)
1970/01/01 00:12:04 fetching corpus: 7500, signal 220542/251592 (executing program)
1970/01/01 00:12:06 fetching corpus: 7550, signal 221081/251592 (executing program)
1970/01/01 00:12:08 fetching corpus: 7600, signal 221318/251592 (executing program)
1970/01/01 00:12:10 fetching corpus: 7650, signal 221784/251610 (executing program)
1970/01/01 00:12:13 fetching corpus: 7700, signal 222124/251610 (executing program)
1970/01/01 00:12:19 fetching corpus: 7750, signal 222528/251625 (executing program)
1970/01/01 00:12:22 fetching corpus: 7799, signal 223032/251625 (executing program)
1970/01/01 00:12:25 fetching corpus: 7848, signal 223505/251625 (executing program)
1970/01/01 00:12:26 fetching corpus: 7898, signal 223849/251625 (executing program)
1970/01/01 00:12:28 fetching corpus: 7948, signal 224225/251630 (executing program)
1970/01/01 00:12:30 fetching corpus: 7998, signal 224541/251630 (executing program)
1970/01/01 00:12:32 fetching corpus: 8048, signal 224921/251650 (executing program)
1970/01/01 00:12:34 fetching corpus: 8098, signal 225428/251650 (executing program)
1970/01/01 00:12:37 fetching corpus: 8148, signal 225845/251650 (executing program)
1970/01/01 00:12:40 fetching corpus: 8198, signal 226325/251650 (executing program)
1970/01/01 00:12:43 fetching corpus: 8248, signal 226756/251656 (executing program)
1970/01/01 00:12:45 fetching corpus: 8298, signal 227183/251656 (executing program)
1970/01/01 00:12:47 fetching corpus: 8347, signal 227551/251657 (executing program)
1970/01/01 00:12:49 fetching corpus: 8397, signal 227903/251657 (executing program)
1970/01/01 00:12:51 fetching corpus: 8447, signal 228314/251657 (executing program)
1970/01/01 00:12:55 fetching corpus: 8496, signal 228665/251666 (executing program)
1970/01/01 00:12:57 fetching corpus: 8546, signal 228973/251673 (executing program)
1970/01/01 00:13:00 fetching corpus: 8596, signal 229488/251678 (executing program)
1970/01/01 00:13:02 fetching corpus: 8646, signal 229837/251678 (executing program)
1970/01/01 00:13:04 fetching corpus: 8695, signal 230235/251678 (executing program)
1970/01/01 00:13:06 fetching corpus: 8745, signal 230706/251678 (executing program)
1970/01/01 00:13:08 fetching corpus: 8794, signal 231110/251678 (executing program)
1970/01/01 00:13:10 fetching corpus: 8844, signal 231446/251678 (executing program)
1970/01/01 00:13:12 fetching corpus: 8894, signal 231904/251680 (executing program)
1970/01/01 00:13:16 fetching corpus: 8943, signal 232234/251697 (executing program)
1970/01/01 00:13:18 fetching corpus: 8993, signal 232647/251703 (executing program)
1970/01/01 00:13:20 fetching corpus: 9042, signal 233061/251708 (executing program)
1970/01/01 00:13:22 fetching corpus: 9092, signal 233378/251708 (executing program)
1970/01/01 00:13:24 fetching corpus: 9142, signal 233947/251717 (executing program)
1970/01/01 00:13:27 fetching corpus: 9191, signal 234297/251728 (executing program)
1970/01/01 00:13:29 fetching corpus: 9241, signal 234612/251728 (executing program)
1970/01/01 00:13:31 fetching corpus: 9291, signal 235052/251732 (executing program)
1970/01/01 00:13:34 fetching corpus: 9341, signal 236290/251732 (executing program)
1970/01/01 00:13:37 fetching corpus: 9391, signal 236608/251742 (executing program)
1970/01/01 00:13:39 fetching corpus: 9441, signal 236952/251742 (executing program)
1970/01/01 00:13:41 fetching corpus: 9491, signal 237563/251742 (executing program)
1970/01/01 00:13:43 fetching corpus: 9541, signal 238126/251742 (executing program)
1970/01/01 00:13:45 fetching corpus: 9591, signal 238624/251757 (executing program)
1970/01/01 00:13:47 fetching corpus: 9641, signal 238899/251757 (executing program)
1970/01/01 00:13:50 fetching corpus: 9691, signal 239239/251757 (executing program)
1970/01/01 00:13:52 fetching corpus: 9741, signal 239556/251781 (executing program)
1970/01/01 00:13:54 fetching corpus: 9791, signal 239832/251781 (executing program)
1970/01/01 00:13:57 fetching corpus: 9841, signal 240153/251781 (executing program)
1970/01/01 00:13:58 fetching corpus: 9891, signal 240473/251792 (executing program)
1970/01/01 00:14:01 fetching corpus: 9940, signal 240810/251792 (executing program)
1970/01/01 00:14:03 fetching corpus: 9990, signal 241062/251792 (executing program)
1970/01/01 00:14:05 fetching corpus: 10038, signal 241408/251792 (executing program)
1970/01/01 00:14:07 fetching corpus: 10088, signal 241722/251798 (executing program)
1970/01/01 00:14:10 fetching corpus: 10138, signal 242138/251798 (executing program)
1970/01/01 00:14:14 fetching corpus: 10188, signal 242594/251798 (executing program)
1970/01/01 00:14:17 fetching corpus: 10236, signal 242947/251798 (executing program)
1970/01/01 00:14:19 fetching corpus: 10286, signal 243295/251798 (executing program)
1970/01/01 00:14:21 fetching corpus: 10336, signal 243595/251799 (executing program)
1970/01/01 00:14:23 fetching corpus: 10385, signal 243799/251799 (executing program)
1970/01/01 00:14:26 fetching corpus: 10435, signal 244129/251801 (executing program)
1970/01/01 00:14:28 fetching corpus: 10485, signal 244431/251801 (executing program)
1970/01/01 00:14:32 fetching corpus: 10535, signal 244741/251801 (executing program)
1970/01/01 00:14:36 fetching corpus: 10584, signal 245095/251805 (executing program)
1970/01/01 00:14:39 fetching corpus: 10634, signal 245423/251809 (executing program)
1970/01/01 00:14:42 fetching corpus: 10682, signal 245762/251810 (executing program)
1970/01/01 00:14:44 fetching corpus: 10732, signal 246256/251819 (executing program)
1970/01/01 00:14:46 fetching corpus: 10782, signal 246748/251819 (executing program)
1970/01/01 00:14:49 fetching corpus: 10832, signal 247057/251837 (executing program)
1970/01/01 00:14:52 fetching corpus: 10882, signal 247389/251849 (executing program)
1970/01/01 00:14:54 fetching corpus: 10932, signal 247989/252163 (executing program)
1970/01/01 00:14:59 fetching corpus: 10982, signal 248297/252163 (executing program)
1970/01/01 00:15:01 fetching corpus: 11032, signal 248676/252176 (executing program)
1970/01/01 00:15:04 fetching corpus: 11080, signal 248991/252176 (executing program)
1970/01/01 00:15:06 fetching corpus: 11130, signal 249291/252177 (executing program)
1970/01/01 00:15:08 fetching corpus: 11180, signal 249536/252177 (executing program)
1970/01/01 00:15:10 fetching corpus: 11230, signal 249851/252177 (executing program)
1970/01/01 00:15:10 fetching corpus: 11237, signal 249886/252177 (executing program)
1970/01/01 00:15:10 fetching corpus: 11238, signal 249887/252177 (executing program)
1970/01/01 00:15:10 fetching corpus: 11238, signal 249887/252177 (executing program)
1970/01/01 00:17:13 starting 2 fuzzer processes
00:17:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:17:13 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, 0x0)

[ 1061.287726][ T2046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1062.189440][ T2046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1062.311217][ T2045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1062.934200][ T2045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1075.353768][ T2046] device hsr_slave_0 entered promiscuous mode
[ 1075.421882][ T2046] device hsr_slave_1 entered promiscuous mode
[ 1077.054261][ T2045] device hsr_slave_0 entered promiscuous mode
[ 1077.151237][ T2045] device hsr_slave_1 entered promiscuous mode
[ 1077.201461][ T2045] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1077.211099][ T2045] Cannot create hsr debugfs directory
[ 1084.212467][ T2046] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1084.397735][ T2046] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1084.739997][ T2046] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1085.371276][ T2046] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1087.214252][ T2045] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1087.560949][ T2045] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1087.913938][ T2045] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1088.111374][ T2045] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1105.487866][ T2046] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1105.704156][ T2045] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1107.640881][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1107.801294][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1107.853203][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1108.051209][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1118.197682][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1118.260053][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1118.531995][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1118.582331][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1119.532805][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1119.583705][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1119.618744][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1119.662985][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1119.722048][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1119.767703][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1119.837884][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1120.642810][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1120.953688][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1121.008013][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1121.407844][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1121.471664][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1122.208561][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1122.232485][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1122.703679][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1122.743036][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1132.464184][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1132.470567][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1132.727524][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1132.742904][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1151.476805][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1151.561149][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1151.709882][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1151.793521][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1158.679628][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1158.788950][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1158.942503][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1158.998727][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1159.040400][ T2045] device veth0_vlan entered promiscuous mode
[ 1159.342662][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1159.371020][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1159.467819][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1159.510891][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1159.722185][ T2046] device veth0_vlan entered promiscuous mode
[ 1160.044322][ T2045] device veth1_vlan entered promiscuous mode
[ 1160.446509][ T2046] device veth1_vlan entered promiscuous mode
[ 1161.931544][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1161.971060][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1162.119166][ T2045] device veth0_macvtap entered promiscuous mode
[ 1162.416022][ T2045] device veth1_macvtap entered promiscuous mode
[ 1162.589886][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1162.620749][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1162.671807][ T2026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1162.988031][ T2046] device veth0_macvtap entered promiscuous mode
[ 1163.033631][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1163.323647][ T2046] device veth1_macvtap entered promiscuous mode
[ 1163.929641][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1163.980642][ T2501] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1164.618988][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1164.700602][ T2027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1164.932469][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1164.972345][ T2316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1165.089937][ T2045] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.093997][ T2045] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.108569][ T2045] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.110671][ T2045] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.551011][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1165.588450][  T947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1165.940860][ T2046] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.942613][ T2046] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.943877][ T2046] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.980693][ T2046] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
00:19:33 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, 0x0)

00:19:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:19:37 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, 0x0)

00:19:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:19:40 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, 0x0)

00:19:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:19:44 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:19:47 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:19:49 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x2, 0x0, 0x3}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x78)

00:19:52 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x2, 0x0, 0x3}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x78)

00:19:53 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1636e1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540f, 0xea007)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0x0)

00:19:55 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x2, 0x0, 0x3}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x78)

00:19:59 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x2, 0x0, 0x3}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x78)

00:19:59 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x2, &(0x7f0000000140)=[{0x64, 0x0, 0x0, 0x5}, {0x6}]})

[ 1201.228559][   T26] audit: type=1326 audit(1200.170:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=2766 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0x3bc1e code=0x0
00:20:02 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x2, &(0x7f0000000140)=[{0x64, 0x0, 0x0, 0x5}, {0x6}]})

00:20:04 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000000))

[ 1205.509532][   T26] audit: type=1326 audit(1204.450:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=2770 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0x3bc1e code=0x0
[ 1206.672532][ T2773] binder: 2772:2773 ioctl c018620c 20000000 returned -1
00:20:06 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x2, &(0x7f0000000140)=[{0x64, 0x0, 0x0, 0x5}, {0x6}]})

00:20:07 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000000))

[ 1210.293289][   T26] audit: type=1326 audit(1209.240:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=2774 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0x3bc1e code=0x0
00:20:11 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x2, &(0x7f0000000140)=[{0x64, 0x0, 0x0, 0x5}, {0x6}]})

00:20:14 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000000))

[ 1216.442582][   T26] audit: type=1326 audit(1215.140:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=2779 comm="syz-executor.1" exe="/syz-executor.1" sig=31 arch=c00000f3 syscall=98 compat=0 ip=0x3bc1e code=0x0
[ 1218.560800][ T2782] binder: 2781:2782 ioctl c018620c 20000000 returned -1
00:20:19 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)

00:20:20 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000000))

[ 1222.560748][   T26] audit: type=1800 audit(1221.500:6): pid=2784 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=640 res=0 errno=0
[ 1225.124058][ T2788] binder: 2785:2788 ioctl c018620c 20000000 returned -1
00:20:27 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:20:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)

[ 1232.768721][   T26] audit: type=1800 audit(1231.720:7): pid=2799 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=640 res=0 errno=0
00:20:36 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:20:38 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)

[ 1242.475802][   T26] audit: type=1800 audit(1241.420:8): pid=2818 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=640 res=0 errno=0
[ 1247.058428][ T2809] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[ 1247.063320][ T2809] 
[ 1247.063916][ T2809] ======================================================
[ 1247.065348][ T2809] WARNING: possible circular locking dependency detected
[ 1247.066841][ T2809] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted
[ 1247.067844][ T2809] ------------------------------------------------------
[ 1247.069205][ T2809] syz-executor.0/2809 is trying to acquire lock:
[ 1247.070336][ T2809] ffffffff84fc0408 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58
[ 1247.072884][ T2809] 
[ 1247.072884][ T2809] but task is already holding lock:
[ 1247.073731][ T2809] ffffaf80085c0350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x52/0x1de
[ 1247.075774][ T2809] 
[ 1247.075774][ T2809] which lock already depends on the new lock.
[ 1247.075774][ T2809] 
[ 1247.076681][ T2809] 
[ 1247.076681][ T2809] the existing dependency chain (in reverse order) is:
[ 1247.077599][ T2809] 
[ 1247.077599][ T2809] -> #3 (&ndev->req_lock){+.+.}-{3:3}:
[ 1247.079357][ T2809]        lock_acquire.part.0+0x1d0/0x424
[ 1247.080479][ T2809]        lock_acquire+0x54/0x6a
[ 1247.081367][ T2809]        __mutex_lock+0x114/0xade
[ 1247.082320][ T2809]        mutex_lock_nested+0x14/0x1c
[ 1247.083286][ T2809]        nci_start_poll+0x4de/0x6b8
[ 1247.084175][ T2809]        nfc_start_poll+0x10c/0x1e8
[ 1247.084804][ T2809]        nfc_genl_start_poll+0xfe/0x252
[ 1247.085248][ T2809]        genl_family_rcv_msg_doit+0x19a/0x23c
[ 1247.086388][ T2809]        genl_rcv_msg+0x236/0x3ba
[ 1247.088312][ T2809]        netlink_rcv_skb+0xf8/0x2be
[ 1247.089873][ T2809]        genl_rcv+0x36/0x4c
[ 1247.090739][ T2809]        netlink_unicast+0x40e/0x5fe
[ 1247.091588][ T2809]        netlink_sendmsg+0x4e0/0x994
[ 1247.092407][ T2809]        sock_sendmsg+0xa0/0xc4
[ 1247.093326][ T2809]        ____sys_sendmsg+0x46e/0x484
[ 1247.094248][ T2809]        ___sys_sendmsg+0x16c/0x1f6
[ 1247.095282][ T2809]        __sys_sendmsg+0xba/0x150
[ 1247.096112][ T2809]        sys_sendmsg+0x2c/0x3a
[ 1247.097195][ T2809]        ret_from_syscall+0x0/0x2
[ 1247.098167][ T2809] 
[ 1247.098167][ T2809] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[ 1247.099697][ T2809]        lock_acquire.part.0+0x1d0/0x424
[ 1247.100710][ T2809]        lock_acquire+0x54/0x6a
[ 1247.101638][ T2809]        __mutex_lock+0x114/0xade
[ 1247.102579][ T2809]        mutex_lock_nested+0x14/0x1c
[ 1247.103519][ T2809]        nfc_urelease_event_work+0x126/0x218
[ 1247.104482][ T2809]        process_one_work+0x654/0xffe
[ 1247.105342][ T2809]        worker_thread+0x360/0x8fa
[ 1247.106211][ T2809]        kthread+0x19e/0x1fa
[ 1247.107114][ T2809]        ret_from_exception+0x0/0x10
[ 1247.108044][ T2809] 
[ 1247.108044][ T2809] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}:
[ 1247.109471][ T2809]        lock_acquire.part.0+0x1d0/0x424
[ 1247.110412][ T2809]        lock_acquire+0x54/0x6a
[ 1247.111285][ T2809]        __mutex_lock+0x114/0xade
[ 1247.112179][ T2809]        mutex_lock_nested+0x14/0x1c
[ 1247.113187][ T2809]        nfc_register_device+0x44/0x29e
[ 1247.114153][ T2809]        nci_register_device+0x538/0x612
[ 1247.115160][ T2809]        virtual_ncidev_open+0x82/0x12c
[ 1247.116171][ T2809]        misc_open+0x272/0x2c8
[ 1247.117163][ T2809]        chrdev_open+0x1d4/0x478
[ 1247.117997][ T2809]        do_dentry_open+0x2a4/0x7d4
[ 1247.118848][ T2809]        vfs_open+0x52/0x5e
[ 1247.119685][ T2809]        path_openat+0x12b6/0x189e
[ 1247.120606][ T2809]        do_filp_open+0x10e/0x22a
[ 1247.121561][ T2809]        do_sys_openat2+0x174/0x31e
[ 1247.122446][ T2809]        sys_openat+0xdc/0x164
[ 1247.123293][ T2809]        ret_from_syscall+0x0/0x2
[ 1247.124119][ T2809] 
[ 1247.124119][ T2809] -> #0 (nci_mutex){+.+.}-{3:3}:
[ 1247.125578][ T2809]        check_noncircular+0x1de/0x1fe
[ 1247.126562][ T2809]        __lock_acquire+0x19a4/0x333e
[ 1247.127439][ T2809]        lock_acquire.part.0+0x1d0/0x424
[ 1247.128303][ T2809]        lock_acquire+0x54/0x6a
[ 1247.129142][ T2809]        __mutex_lock+0x114/0xade
[ 1247.130038][ T2809]        mutex_lock_nested+0x14/0x1c
[ 1247.130959][ T2809]        virtual_nci_close+0x28/0x58
[ 1247.131791][ T2809]        nci_close_device+0x12e/0x1de
[ 1247.132620][ T2809]        nci_unregister_device+0x34/0x182
[ 1247.133494][ T2809]        virtual_ncidev_close+0x9c/0xbc
[ 1247.134329][ T2809]        __fput+0x164/0x502
[ 1247.135271][ T2809]        ____fput+0x1a/0x24
[ 1247.136404][ T2809]        task_work_run+0xdc/0x154
[ 1247.138278][ T2809]        do_notify_resume+0x894/0xa56
[ 1247.139197][ T2809]        ret_from_exception+0x0/0x10
[ 1247.140073][ T2809] 
[ 1247.140073][ T2809] other info that might help us debug this:
[ 1247.140073][ T2809] 
[ 1247.140982][ T2809] Chain exists of:
[ 1247.140982][ T2809]   nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock
[ 1247.140982][ T2809] 
[ 1247.143289][ T2809]  Possible unsafe locking scenario:
[ 1247.143289][ T2809] 
[ 1247.144241][ T2809]        CPU0                    CPU1
[ 1247.145799][ T2809]        ----                    ----
[ 1247.146565][ T2809]   lock(&ndev->req_lock);
[ 1247.147439][ T2809]                                lock(&genl_data->genl_data_mutex);
[ 1247.148435][ T2809]                                lock(&ndev->req_lock);
[ 1247.149479][ T2809]   lock(nci_mutex);
[ 1247.151576][ T2809] 
[ 1247.151576][ T2809]  *** DEADLOCK ***
[ 1247.151576][ T2809] 
[ 1247.155010][ T2809] 1 lock held by syz-executor.0/2809:
[ 1247.156500][ T2809]  #0: ffffaf80085c0350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x52/0x1de
[ 1247.158651][ T2809] 
[ 1247.158651][ T2809] stack backtrace:
[ 1247.159772][ T2809] CPU: 1 PID: 2809 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1247.161711][ T2809] Hardware name: riscv-virtio,qemu (DT)
[ 1247.163500][ T2809] Call Trace:
[ 1247.164368][ T2809] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[ 1247.165561][ T2809] [<ffffffff831668cc>] show_stack+0x34/0x40
[ 1247.166524][ T2809] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[ 1247.167613][ T2809] [<ffffffff83175742>] dump_stack+0x1c/0x24
[ 1247.168695][ T2809] [<ffffffff8010f7b8>] print_circular_bug+0x34e/0x3d8
[ 1247.169717][ T2809] [<ffffffff8010fa20>] check_noncircular+0x1de/0x1fe
[ 1247.170723][ T2809] [<ffffffff80113c26>] __lock_acquire+0x19a4/0x333e
[ 1247.171703][ T2809] [<ffffffff80116582>] lock_acquire.part.0+0x1d0/0x424
[ 1247.172700][ T2809] [<ffffffff8011682a>] lock_acquire+0x54/0x6a
[ 1247.173718][ T2809] [<ffffffff831a8ea4>] __mutex_lock+0x114/0xade
[ 1247.174784][ T2809] [<ffffffff831a9882>] mutex_lock_nested+0x14/0x1c
[ 1247.175831][ T2809] [<ffffffff8148d766>] virtual_nci_close+0x28/0x58
[ 1247.177179][ T2809] [<ffffffff830cf612>] nci_close_device+0x12e/0x1de
[ 1247.178227][ T2809] [<ffffffff830d0372>] nci_unregister_device+0x34/0x182
[ 1247.179283][ T2809] [<ffffffff8148d508>] virtual_ncidev_close+0x9c/0xbc
[ 1247.180881][ T2809] [<ffffffff804cb3c0>] __fput+0x164/0x502
[ 1247.181789][ T2809] [<ffffffff804cb7d2>] ____fput+0x1a/0x24
[ 1247.182702][ T2809] [<ffffffff800a0530>] task_work_run+0xdc/0x154
[ 1247.183793][ T2809] [<ffffffff80008c12>] do_notify_resume+0x894/0xa56
[ 1247.185464][ T2809] [<ffffffff80005724>] ret_from_exception+0x0/0x10
00:20:46 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:20:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)

[ 1249.021991][   T26] audit: type=1800 audit(1247.970:9): pid=2831 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0
[ 1250.096581][   T48] nci: nci_add_new_protocol: the target found does not have the desired protocol
[ 1251.635601][ T2825] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
00:20:51 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:20:54 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:20:54 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:20:55 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1260.581940][ T2842] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:20:59 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:21:00 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:21:02 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:21:03 executing program 0:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1268.326188][ T2859] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:21:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)

00:21:07 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

[ 1269.149360][   T26] audit: type=1800 audit(1268.090:10): pid=2878 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=644 res=0 errno=0
00:21:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)

[ 1273.243985][   T26] audit: type=1800 audit(1272.190:11): pid=2889 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=644 res=0 errno=0
[ 1276.016537][ T2877] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
00:21:15 executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7)

00:21:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x7, 0x100000001)
sendfile(r0, r0, 0x0, 0x100bfab)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7}}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
syz_open_dev$rtc(0x0, 0x1, 0x100)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)


VM DIAGNOSIS:
21:42:58  Registers:
info registers vcpu 0
 pc       ffffffff8047655a
 mhartid  0000000000000000
 mstatus  00000000000000a0
 mip      00000000000000a0
 mie      000000000000022a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff80475786
 sepc     ffffffff831afd22
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff80122f0e x2/sp ffffaf8025186ee0 x3/gp ffffffff85863ac0
 x4/tp ffffaf8009e33080 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000
 x8/s0 ffffaf80251870c0 x9/s1 ffffffff84a88a00 x10/a0 ffffffff84b3d6c0 x11/a1 0000000000000008
 x12/a2 1ffffffff0951141 x13/a3 ffffffff80122ef0 x14/a4 0000000000000000 x15/a5 0000000000004c20
 x16/a6 ffffffff80122dac x17/a7 ffffffff86bcb656 x18/s2 ffffffff84a88a20 x19/s3 000000000000032c
 x20/s4 ffffffff84b3d6c0 x21/s5 ffffffff85889780 x22/s6 ffffffff84a88a80 x23/s7 000000000000032c
 x24/s8 ffffaf8025187100 x25/s9 ffffaf8025187200 x26/s10 ffffaf8025186fe0 x27/s11 ffffaf8025186fc0
 x28/t3 000000000000002d x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffff80475ab2
 mhartid  0000000000000001
 mstatus  00000000000000a2
 mip      0000000000000000
 mie      00000000000002aa
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff8000f97e
 sepc     ffffffff80119ada
 mcause   0000000000000009
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff80119d7c x2/sp ffffaf8024173ba0 x3/gp ffffffff85863ac0
 x4/tp ffffaf800ebf48c0 x5/t0 0000000000046000 x6/t1 c632bedda39efa00 x7/t2 00007ffff8be31b7
 x8/s0 ffffaf8024173be0 x9/s1 ffffffff850d46c0 x10/a0 ffffffff8588c5a0 x11/a1 ffffffffffffffff
 x12/a2 0000000000000002 x13/a3 ffffffff8010efc8 x14/a4 0000000000000000 x15/a5 ffffffff858a2420
 x16/a6 ffffffff8176b8f4 x17/a7 ffffffff8176b8f4 x18/s2 ffffaf800e944500 x19/s3 0000000000000000
 x20/s4 ffffffff850d4720 x21/s5 00000122038ba800 x22/s6 ffffffff8176b824 x23/s7 0000000000000122
 x24/s8 ffffffff85889780 x25/s9 ffffaf802403e498 x26/s10 ffffffff850d46c0 x27/s11 ffffffff8588a420
 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f00482e72c x31/t6 0029b92700000000
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000