syzkaller login: [  488.626414][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  488.715435][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  529.397413][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:17418' (ECDSA) to the list of known hosts.
1970/01/01 00:09:12 fuzzer started
1970/01/01 00:09:27 dialing manager at localhost:40685
[  574.267922][ T2044] cgroup: Unknown subsys name 'net'
[  575.530721][ T2044] cgroup: Unknown subsys name 'rlimit'
1970/01/01 00:09:35 syscalls: 2870
1970/01/01 00:09:35 code coverage: enabled
1970/01/01 00:09:35 comparison tracing: enabled
1970/01/01 00:09:35 extra coverage: enabled
1970/01/01 00:09:35 delay kcov mmap: mmap returned an invalid pointer
1970/01/01 00:09:35 setuid sandbox: enabled
1970/01/01 00:09:35 namespace sandbox: enabled
1970/01/01 00:09:35 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:09:35 fault injection: enabled
1970/01/01 00:09:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:09:35 net packet injection: enabled
1970/01/01 00:09:35 net device setup: enabled
1970/01/01 00:09:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:09:35 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:09:35 USB emulation: enabled
1970/01/01 00:09:35 hci packet injection: /dev/vhci does not exist
1970/01/01 00:09:35 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:09:35 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:09:35 fetching corpus: 0, signal 0/2000 (executing program)
1970/01/01 00:09:42 fetching corpus: 50, signal 35468/38754 (executing program)
1970/01/01 00:09:45 fetching corpus: 99, signal 48089/52634 (executing program)
1970/01/01 00:09:50 fetching corpus: 148, signal 55986/61786 (executing program)
1970/01/01 00:09:54 fetching corpus: 197, signal 66020/72777 (executing program)
1970/01/01 00:09:56 fetching corpus: 247, signal 70754/78616 (executing program)
1970/01/01 00:09:59 fetching corpus: 297, signal 75768/84626 (executing program)
1970/01/01 00:10:02 fetching corpus: 346, signal 78537/88445 (executing program)
1970/01/01 00:10:04 fetching corpus: 396, signal 81956/92813 (executing program)
1970/01/01 00:10:07 fetching corpus: 445, signal 84984/96759 (executing program)
1970/01/01 00:10:09 fetching corpus: 494, signal 88319/100916 (executing program)
1970/01/01 00:10:12 fetching corpus: 544, signal 91288/104721 (executing program)
1970/01/01 00:10:17 fetching corpus: 593, signal 94006/108215 (executing program)
1970/01/01 00:10:22 fetching corpus: 641, signal 97196/112032 (executing program)
1970/01/01 00:10:25 fetching corpus: 689, signal 99117/114741 (executing program)
1970/01/01 00:10:28 fetching corpus: 738, signal 102258/118452 (executing program)
1970/01/01 00:10:31 fetching corpus: 788, signal 104194/121110 (executing program)
1970/01/01 00:10:35 fetching corpus: 838, signal 106956/124416 (executing program)
1970/01/01 00:10:39 fetching corpus: 888, signal 108495/126667 (executing program)
1970/01/01 00:10:41 fetching corpus: 938, signal 110263/129059 (executing program)
1970/01/01 00:10:43 fetching corpus: 985, signal 112008/131348 (executing program)
1970/01/01 00:10:46 fetching corpus: 1034, signal 113767/133728 (executing program)
1970/01/01 00:10:48 fetching corpus: 1084, signal 116077/136444 (executing program)
1970/01/01 00:10:50 fetching corpus: 1134, signal 118232/139000 (executing program)
1970/01/01 00:10:52 fetching corpus: 1183, signal 119564/140872 (executing program)
1970/01/01 00:10:55 fetching corpus: 1232, signal 122897/144181 (executing program)
1970/01/01 00:10:57 fetching corpus: 1282, signal 124287/146002 (executing program)
1970/01/01 00:11:01 fetching corpus: 1332, signal 126522/148418 (executing program)
1970/01/01 00:11:03 fetching corpus: 1381, signal 128087/150305 (executing program)
1970/01/01 00:11:05 fetching corpus: 1431, signal 129189/151847 (executing program)
1970/01/01 00:11:07 fetching corpus: 1480, signal 131586/154328 (executing program)
1970/01/01 00:11:09 fetching corpus: 1529, signal 132766/155860 (executing program)
1970/01/01 00:11:11 fetching corpus: 1579, signal 133976/157418 (executing program)
1970/01/01 00:11:14 fetching corpus: 1629, signal 135607/159220 (executing program)
1970/01/01 00:11:18 fetching corpus: 1679, signal 137821/161405 (executing program)
1970/01/01 00:11:21 fetching corpus: 1729, signal 139033/162856 (executing program)
1970/01/01 00:11:25 fetching corpus: 1779, signal 140163/164206 (executing program)
1970/01/01 00:11:28 fetching corpus: 1826, signal 141602/165744 (executing program)
1970/01/01 00:11:31 fetching corpus: 1876, signal 143376/167525 (executing program)
1970/01/01 00:11:34 fetching corpus: 1924, signal 144366/168763 (executing program)
1970/01/01 00:11:36 fetching corpus: 1972, signal 145721/170248 (executing program)
1970/01/01 00:11:38 fetching corpus: 2020, signal 146679/171427 (executing program)
1970/01/01 00:11:42 fetching corpus: 2069, signal 147873/172716 (executing program)
1970/01/01 00:11:44 fetching corpus: 2118, signal 148872/173877 (executing program)
1970/01/01 00:11:46 fetching corpus: 2166, signal 149713/174967 (executing program)
1970/01/01 00:11:49 fetching corpus: 2216, signal 151057/176284 (executing program)
1970/01/01 00:11:52 fetching corpus: 2266, signal 151933/177321 (executing program)
1970/01/01 00:11:54 fetching corpus: 2316, signal 152861/178348 (executing program)
1970/01/01 00:11:56 fetching corpus: 2363, signal 153943/179463 (executing program)
1970/01/01 00:11:59 fetching corpus: 2413, signal 154873/180416 (executing program)
1970/01/01 00:12:02 fetching corpus: 2462, signal 155896/181464 (executing program)
1970/01/01 00:12:04 fetching corpus: 2511, signal 156689/182334 (executing program)
1970/01/01 00:12:07 fetching corpus: 2561, signal 157643/183300 (executing program)
1970/01/01 00:12:09 fetching corpus: 2611, signal 158681/184282 (executing program)
1970/01/01 00:12:12 fetching corpus: 2661, signal 159789/185277 (executing program)
1970/01/01 00:12:15 fetching corpus: 2711, signal 160658/186101 (executing program)
1970/01/01 00:12:17 fetching corpus: 2761, signal 161641/186992 (executing program)
1970/01/01 00:12:20 fetching corpus: 2809, signal 162735/187967 (executing program)
1970/01/01 00:12:22 fetching corpus: 2858, signal 163769/188837 (executing program)
1970/01/01 00:12:24 fetching corpus: 2908, signal 164762/189685 (executing program)
1970/01/01 00:12:27 fetching corpus: 2958, signal 165560/190414 (executing program)
1970/01/01 00:12:29 fetching corpus: 3007, signal 166208/191106 (executing program)
1970/01/01 00:12:32 fetching corpus: 3056, signal 167401/191957 (executing program)
1970/01/01 00:12:35 fetching corpus: 3104, signal 168053/192606 (executing program)
1970/01/01 00:12:37 fetching corpus: 3153, signal 168764/193235 (executing program)
1970/01/01 00:12:39 fetching corpus: 3202, signal 169617/193914 (executing program)
1970/01/01 00:12:43 fetching corpus: 3252, signal 170398/194525 (executing program)
1970/01/01 00:12:45 fetching corpus: 3301, signal 171146/195189 (executing program)
1970/01/01 00:12:47 fetching corpus: 3350, signal 171776/195776 (executing program)
1970/01/01 00:12:52 fetching corpus: 3400, signal 172604/196367 (executing program)
1970/01/01 00:12:55 fetching corpus: 3450, signal 173127/196876 (executing program)
1970/01/01 00:12:57 fetching corpus: 3499, signal 174113/197513 (executing program)
1970/01/01 00:13:00 fetching corpus: 3549, signal 174957/198107 (executing program)
1970/01/01 00:13:02 fetching corpus: 3599, signal 175755/198686 (executing program)
1970/01/01 00:13:04 fetching corpus: 3649, signal 176474/199238 (executing program)
1970/01/01 00:13:07 fetching corpus: 3699, signal 177324/199768 (executing program)
1970/01/01 00:13:09 fetching corpus: 3749, signal 178086/200272 (executing program)
1970/01/01 00:13:11 fetching corpus: 3798, signal 178802/200774 (executing program)
1970/01/01 00:13:14 fetching corpus: 3848, signal 179487/201207 (executing program)
1970/01/01 00:13:17 fetching corpus: 3897, signal 180050/201589 (executing program)
1970/01/01 00:13:20 fetching corpus: 3946, signal 180518/201966 (executing program)
1970/01/01 00:13:22 fetching corpus: 3996, signal 181605/202528 (executing program)
1970/01/01 00:13:25 fetching corpus: 4045, signal 182301/202915 (executing program)
1970/01/01 00:13:27 fetching corpus: 4095, signal 183106/203347 (executing program)
1970/01/01 00:13:30 fetching corpus: 4144, signal 183636/203686 (executing program)
1970/01/01 00:13:33 fetching corpus: 4194, signal 184387/204085 (executing program)
1970/01/01 00:13:38 fetching corpus: 4244, signal 185206/204481 (executing program)
1970/01/01 00:13:41 fetching corpus: 4294, signal 185814/204842 (executing program)
1970/01/01 00:13:44 fetching corpus: 4344, signal 186343/205153 (executing program)
1970/01/01 00:13:47 fetching corpus: 4394, signal 186992/205468 (executing program)
1970/01/01 00:13:51 fetching corpus: 4443, signal 187887/205802 (executing program)
1970/01/01 00:13:54 fetching corpus: 4493, signal 188867/206140 (executing program)
1970/01/01 00:13:57 fetching corpus: 4543, signal 189803/206430 (executing program)
1970/01/01 00:14:00 fetching corpus: 4593, signal 190342/206649 (executing program)
1970/01/01 00:14:02 fetching corpus: 4642, signal 190866/206892 (executing program)
1970/01/01 00:14:04 fetching corpus: 4692, signal 191484/207093 (executing program)
1970/01/01 00:14:06 fetching corpus: 4741, signal 192136/207321 (executing program)
1970/01/01 00:14:08 fetching corpus: 4791, signal 192762/207531 (executing program)
1970/01/01 00:14:11 fetching corpus: 4840, signal 193346/207753 (executing program)
1970/01/01 00:14:14 fetching corpus: 4889, signal 193757/207928 (executing program)
1970/01/01 00:14:16 fetching corpus: 4938, signal 194451/208069 (executing program)
1970/01/01 00:14:18 fetching corpus: 4987, signal 195095/208232 (executing program)
1970/01/01 00:14:21 fetching corpus: 5036, signal 195664/208383 (executing program)
1970/01/01 00:14:24 fetching corpus: 5086, signal 196262/208544 (executing program)
1970/01/01 00:14:26 fetching corpus: 5136, signal 196784/208646 (executing program)
1970/01/01 00:14:28 fetching corpus: 5186, signal 197369/208662 (executing program)
1970/01/01 00:14:30 fetching corpus: 5236, signal 197891/208726 (executing program)
1970/01/01 00:14:33 fetching corpus: 5286, signal 199128/208726 (executing program)
1970/01/01 00:14:35 fetching corpus: 5336, signal 199804/208745 (executing program)
1970/01/01 00:14:37 fetching corpus: 5386, signal 200353/208745 (executing program)
1970/01/01 00:14:38 fetching corpus: 5435, signal 200705/208745 (executing program)
1970/01/01 00:14:41 fetching corpus: 5485, signal 201265/208745 (executing program)
1970/01/01 00:14:44 fetching corpus: 5535, signal 201750/208747 (executing program)
1970/01/01 00:14:46 fetching corpus: 5585, signal 202467/208798 (executing program)
1970/01/01 00:14:48 fetching corpus: 5634, signal 202965/208798 (executing program)
1970/01/01 00:14:51 fetching corpus: 5684, signal 203387/208798 (executing program)
1970/01/01 00:14:54 fetching corpus: 5733, signal 204045/208798 (executing program)
1970/01/01 00:14:57 fetching corpus: 5783, signal 204432/208798 (executing program)
1970/01/01 00:14:59 fetching corpus: 5833, signal 204974/208835 (executing program)
1970/01/01 00:15:01 fetching corpus: 5883, signal 205395/208842 (executing program)
1970/01/01 00:15:03 fetching corpus: 5932, signal 205932/208847 (executing program)
1970/01/01 00:15:05 fetching corpus: 5972, signal 206288/208847 (executing program)
1970/01/01 00:15:05 fetching corpus: 5972, signal 206288/208847 (executing program)
1970/01/01 00:17:06 starting 2 fuzzer processes
00:17:06 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:17:06 executing program 1:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

[ 1054.340986][ T2058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1054.435935][ T2059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1054.568234][ T2058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1054.698478][ T2059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1066.299616][ T2059] device hsr_slave_0 entered promiscuous mode
[ 1066.359684][ T2059] device hsr_slave_1 entered promiscuous mode
[ 1067.929080][ T2058] device hsr_slave_0 entered promiscuous mode
[ 1067.975942][ T2058] device hsr_slave_1 entered promiscuous mode
[ 1068.258529][ T2058] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1068.267588][ T2058] Cannot create hsr debugfs directory
[ 1077.245385][ T2059] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1077.566775][ T2059] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1077.866376][ T2059] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1078.240881][ T2059] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1079.115581][ T2058] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1079.366755][ T2058] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1079.583768][ T2058] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1079.950453][ T2058] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1094.509626][ T2059] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1096.131683][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1096.239631][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1096.683914][ T2058] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1097.415784][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1097.528992][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1107.827414][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1107.897273][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1108.375800][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1108.429753][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1108.960372][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1109.364186][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1110.624939][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1110.721712][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1111.218856][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1111.296383][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1111.355009][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1111.460744][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1112.538930][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1112.599165][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1112.645876][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1112.924423][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1114.848168][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1114.894512][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1114.898809][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1115.009601][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1115.068886][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1115.147589][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1115.307271][ T2058] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1116.538733][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1116.596156][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1138.988138][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1139.056437][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1140.948093][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1141.014830][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1146.320991][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1146.391766][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1146.535939][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1146.569910][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1146.626319][ T2059] device veth0_vlan entered promiscuous mode
[ 1147.089874][ T2059] device veth1_vlan entered promiscuous mode
[ 1148.541199][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1148.616139][ T2120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1148.800098][ T2059] device veth0_macvtap entered promiscuous mode
[ 1148.921267][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1148.978560][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1149.011113][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1149.111137][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1149.138979][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1149.219244][ T2059] device veth1_macvtap entered promiscuous mode
[ 1149.321330][ T2058] device veth0_vlan entered promiscuous mode
[ 1150.078698][ T2058] device veth1_vlan entered promiscuous mode
[ 1150.266929][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1150.327049][ T2046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1150.791560][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1150.885915][ T2570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1151.070145][ T2059] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.081237][ T2059] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.086883][ T2059] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1151.088589][ T2059] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.879459][ T2270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1152.935534][ T2270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1153.358048][ T2058] device veth0_macvtap entered promiscuous mode
[ 1154.361349][ T2058] device veth1_macvtap entered promiscuous mode
[ 1154.686730][ T2270] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1156.036315][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1156.111006][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1156.161276][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1156.201751][ T2660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1156.495784][ T2058] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.497787][ T2058] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.499445][ T2058] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.501012][ T2058] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
00:19:21 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:23 executing program 1:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

00:19:27 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:28 executing program 1:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

00:19:32 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:33 executing program 1:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

00:19:38 executing program 0:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

00:19:42 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:44 executing program 0:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

00:19:45 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:50 executing program 0:
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

00:19:51 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:56 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:19:57 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10000})

00:20:00 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:20:01 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10000})

00:20:08 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

00:20:08 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10000})

00:20:15 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x10000})

00:20:22 executing program 0:
syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[], [], 0x2c})

00:20:23 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0)

00:20:26 executing program 0:
syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[], [], 0x2c})

00:20:28 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0)

00:20:30 executing program 0:
syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[], [], 0x2c})

00:20:33 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0)

00:20:37 executing program 0:
syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[], [], 0x2c})

00:20:37 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_MIDI_INFO(r0, 0xc074510c, 0x0)

00:20:44 executing program 0:
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

00:20:45 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

[ 1247.315602][ T2851] =======================================================
[ 1247.315602][ T2851] WARNING: The mand mount option has been deprecated and
[ 1247.315602][ T2851]          and is ignored by this kernel. Remove the mand
[ 1247.315602][ T2851]          option from the mount to silence this warning.
[ 1247.315602][ T2851] =======================================================
00:20:46 executing program 0:
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

00:20:47 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

00:20:49 executing program 0:
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

00:20:50 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

00:20:52 executing program 0:
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

00:20:53 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

00:20:55 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

00:20:58 executing program 1:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

00:20:59 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

[ 1262.326452][ T2047] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1262.636047][ T2047] usb 2-1: Using ep0 maxpacket: 8
[ 1262.787656][ T2047] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.807869][ T2047] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.810946][ T2047] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1263.025271][ T2047] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1263.027888][ T2047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1263.029472][ T2047] usb 2-1: Product: syz
[ 1263.030623][ T2047] usb 2-1: Manufacturer: syz
[ 1263.069188][ T2047] usb 2-1: SerialNumber: syz
[ 1263.590368][ T2047] hub 2-1:1.0: USB hub found
[ 1263.740451][ T2047] hub 2-1:1.0: config failed, can't read hub descriptor (err -90)
[ 1264.035955][ T2047] usbhid 2-1:1.0: can't add hid device: -22
[ 1264.039338][ T2047] usbhid: probe of 2-1:1.0 failed with error -22
[ 1264.276470][ T2047] usb 2-1: USB disconnect, device number 2
00:21:04 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f00000011c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x48, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

00:21:05 executing program 1:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

[ 1269.344174][ T2120] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1269.674348][ T2120] usb 2-1: Using ep0 maxpacket: 8
[ 1269.958907][ T2120] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1269.960734][ T2120] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1269.977255][ T2120] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1270.177173][ T2120] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1270.179059][ T2120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1270.181099][ T2120] usb 2-1: Product: syz
[ 1270.185634][ T2120] usb 2-1: Manufacturer: syz
[ 1270.186729][ T2120] usb 2-1: SerialNumber: syz
[ 1270.625426][ T2120] hub 2-1:1.0: USB hub found
[ 1271.197272][ T2120] hub 2-1:1.0: config failed, can't read hub descriptor (err -90)
[ 1271.478845][ T2120] usbhid 2-1:1.0: can't add hid device: -22
[ 1271.545458][ T2120] usbhid: probe of 2-1:1.0 failed with error -22
[ 1271.831187][ T2120] usb 2-1: USB disconnect, device number 3
00:21:11 executing program 0:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

[ 1273.857986][ T2120] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1274.124970][ T2120] usb 1-1: Using ep0 maxpacket: 8
[ 1274.466515][ T2120] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1274.468387][ T2120] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1274.470163][ T2120] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1274.717459][ T2120] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1274.719107][ T2120] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.721108][ T2120] usb 1-1: Product: syz
[ 1274.722065][ T2120] usb 1-1: Manufacturer: syz
[ 1274.736398][ T2120] usb 1-1: SerialNumber: syz
[ 1275.029565][ T2120] hub 1-1:1.0: USB hub found
[ 1275.818383][ T2120] hub 1-1:1.0: config failed, can't read hub descriptor (err -90)
00:21:14 executing program 1:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

[ 1276.171678][ T2120] usbhid 1-1:1.0: can't add hid device: -22
[ 1276.200608][ T2120] usbhid: probe of 1-1:1.0 failed with error -22
[ 1276.435572][ T2120] usb 1-1: USB disconnect, device number 2
[ 1278.258338][ T2120] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1278.564603][ T2120] usb 2-1: Using ep0 maxpacket: 8
[ 1278.706326][ T2120] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1278.707904][ T2120] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1278.709250][ T2120] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1278.906673][ T2120] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1278.909056][ T2120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1278.910611][ T2120] usb 2-1: Product: syz
[ 1278.923637][ T2120] usb 2-1: Manufacturer: syz
[ 1278.924971][ T2120] usb 2-1: SerialNumber: syz
[ 1279.210898][ T2120] hub 2-1:1.0: USB hub found
[ 1279.437029][ T2120] hub 2-1:1.0: config failed, can't read hub descriptor (err -90)
00:21:18 executing program 0:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

[ 1280.039079][ T2120] usbhid 2-1:1.0: can't add hid device: -22
[ 1280.064575][ T2120] usbhid: probe of 2-1:1.0 failed with error -22
[ 1280.247493][ T2120] usb 2-1: USB disconnect, device number 4
[ 1282.344790][ T2047] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1282.597655][ T2047] usb 1-1: Using ep0 maxpacket: 8
[ 1282.736710][ T2047] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1282.738667][ T2047] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1282.740245][ T2047] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1283.036489][ T2047] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1283.037925][ T2047] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1283.039700][ T2047] usb 1-1: Product: syz
[ 1283.040570][ T2047] usb 1-1: Manufacturer: syz
[ 1283.041460][ T2047] usb 1-1: SerialNumber: syz
[ 1283.391784][ T2047] hub 1-1:1.0: USB hub found
00:21:22 executing program 1:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

[ 1283.918803][ T2047] hub 1-1:1.0: config failed, hub doesn't have any ports! (err -19)
[ 1284.207835][ T2047] usbhid 1-1:1.0: can't add hid device: -22
[ 1284.210122][ T2047] usbhid: probe of 1-1:1.0 failed with error -22
[ 1284.498410][ T2047] usb 1-1: USB disconnect, device number 3
[ 1286.444838][ T2047] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1286.804733][ T2047] usb 2-1: Using ep0 maxpacket: 8
[ 1286.967532][ T2047] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1286.969407][ T2047] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1286.970829][ T2047] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1287.448110][ T2047] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1287.450277][ T2047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1287.477334][ T2047] usb 2-1: Product: syz
[ 1287.479988][ T2047] usb 2-1: Manufacturer: syz
[ 1287.481178][ T2047] usb 2-1: SerialNumber: syz
00:21:26 executing program 0:
clock_adjtime(0x0, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0x0, 0x0, 0x8, 0x926, 0x3333, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0}, 0x0)

[ 1287.894848][ T2047] hub 2-1:1.0: USB hub found
[ 1288.277207][ T2047] hub 2-1:1.0: 4 ports detected
[ 1288.570226][ T2047] hub 2-1:1.0: hub_hub_status failed (err = -71)
[ 1288.598806][ T2047] Kernel panic - not syncing: corrupted stack end detected inside scheduler
[ 1288.600548][ T2047] CPU: 0 PID: 2047 Comm: kworker/0:4 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1288.601913][ T2047] Hardware name: riscv-virtio,qemu (DT)
[ 1288.606981][ T2047] Workqueue: usb_hub_wq hub_event
[ 1288.608824][ T2047] Call Trace:
[ 1288.610113][ T2047] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[ 1288.611515][ T2047] [<ffffffff831668cc>] show_stack+0x34/0x40
[ 1288.613301][ T2047] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[ 1288.614932][ T2047] [<ffffffff83175742>] dump_stack+0x1c/0x24
[ 1288.616063][ T2047] [<ffffffff83166fa8>] panic+0x24a/0x634
[ 1288.617371][ T2047] [<ffffffff831a688a>] schedule+0x0/0x14c
[ 1288.618689][ T2047] [<ffffffff831a6b00>] preempt_schedule_common+0x4e/0xde
[ 1288.619785][ T2047] [<ffffffff831a6bc4>] preempt_schedule+0x34/0x36
[ 1288.621214][ T2047] [<ffffffff80121892>] vprintk_emit+0x126/0x416
[ 1288.622772][ T2047] [<ffffffff8317e47e>] dev_vprintk_emit+0x250/0x290
[ 1288.624319][ T2047] [<ffffffff8317e562>] dev_printk_emit+0xa4/0xd0
[ 1288.625670][ T2047] [<ffffffff8317e61e>] __dev_printk+0x90/0xc4
[ 1288.626847][ T2047] [<ffffffff8317eaa4>] _dev_err+0xb8/0xe6
[ 1288.628065][ T2047] [<ffffffff81a2d94a>] hub_hub_status+0x1fc/0x1fe
[ 1288.629237][ T2047] [<ffffffff81a3f694>] hub_probe+0x14ea/0x1c9a
[ 1288.630133][ T2047] [<ffffffff81a537d6>] usb_probe_interface+0x21c/0x57a
[ 1288.631042][ T2047] [<ffffffff813eebec>] really_probe+0x1a6/0x89e
[ 1288.631878][ T2047] [<ffffffff813ef52e>] __driver_probe_device+0x24a/0x2d4
[ 1288.633707][ T2047] [<ffffffff813ef618>] driver_probe_device+0x60/0x1a4
[ 1288.635313][ T2047] [<ffffffff813f02f4>] __device_attach_driver+0x17c/0x224
[ 1288.636852][ T2047] [<ffffffff813e9f2c>] bus_for_each_drv+0x132/0x1a6
[ 1288.639206][ T2047] [<ffffffff813efc2a>] __device_attach+0x1e0/0x372
[ 1288.640420][ T2047] [<ffffffff813f06f6>] device_initial_probe+0x1c/0x26
[ 1288.642504][ T2047] [<ffffffff813eca88>] bus_probe_device+0x144/0x154
[ 1288.644376][ T2047] [<ffffffff813e7012>] device_add+0x91e/0x129e
[ 1288.645729][ T2047] [<ffffffff81a4f87a>] usb_set_configuration+0xafe/0xf6a
[ 1288.647078][ T2047] [<ffffffff81a6818a>] usb_generic_driver_probe+0xb2/0x122
[ 1288.648797][ T2047] [<ffffffff81a52b94>] usb_probe_device+0xa8/0x204
[ 1288.650284][ T2047] [<ffffffff813eebec>] really_probe+0x1a6/0x89e
[ 1288.651712][ T2047] [<ffffffff813ef52e>] __driver_probe_device+0x24a/0x2d4
[ 1288.654020][ T2047] [<ffffffff813ef618>] driver_probe_device+0x60/0x1a4
[ 1288.655875][ T2047] [<ffffffff813f02f4>] __device_attach_driver+0x17c/0x224
[ 1288.657355][ T2047] [<ffffffff813e9f2c>] bus_for_each_drv+0x132/0x1a6
[ 1288.658820][ T2047] [<ffffffff813efc2a>] __device_attach+0x1e0/0x372
[ 1288.660194][ T2047] [<ffffffff813f06f6>] device_initial_probe+0x1c/0x26
[ 1288.661492][ T2047] [<ffffffff813eca88>] bus_probe_device+0x144/0x154
[ 1288.663244][ T2047] [<ffffffff813e7012>] device_add+0x91e/0x129e
[ 1288.664863][ T2047] [<ffffffff81a3808a>] usb_new_device+0x5c8/0xd78
[ 1288.666059][ T2047] [<ffffffff81a3c4d6>] hub_event+0x1b3e/0x3364
[ 1288.667405][ T2047] [<ffffffff80093b44>] process_one_work+0x654/0xffe
[ 1288.668937][ T2047] [<ffffffff8009484e>] worker_thread+0x360/0x8fa
[ 1288.670085][ T2047] [<ffffffff800a7f58>] kthread+0x19e/0x1fa
[ 1288.671650][ T2047] [<ffffffff80005724>] ret_from_exception+0x0/0x10
[ 1288.674395][ T2047] SMP: stopping secondary CPUs
[ 1288.677817][ T2047] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:26:17  Registers:
info registers vcpu 0
 pc       ffffffff8010b22c
 mhartid  0000000000000000
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff831a2636
 sepc     ffffffff8046e97c
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff831a18d8 x2/sp ffffaf800e873490 x3/gp ffffffff85863ac0
 x4/tp ffffaf800ba39840 x5/t0 0000000000046000 x6/t1 fe66d1d1e49b1000 x7/t2 ffffffffc83529fb
 x8/s0 ffffaf800e8734a0 x9/s1 0000000000001000 x10/a0 0000000000000120 x11/a1 ffffffffffffffff
 x12/a2 1ffff5f001747309 x13/a3 ffffffff80146d84 x14/a4 0000000000010003 x15/a5 0000000000000000
 x16/a6 0000000000f00000 x17/a7 ffffffff80b08bfe x18/s2 ffffaf805a9e7480 x19/s3 ffffffff84b73ec0
 x20/s4 ffffaf805a9e7400 x21/s5 ffffffff8343c840 x22/s6 ffffffffffffffff x23/s7 0000000000000000
 x24/s8 ffffffff86c1a620 x25/s9 ffffaf805a9e7d50 x26/s10 ffffaf805a9e7400 x27/s11 ffffffff8018e412
 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001d0e628 x31/t6 ffffaf8022ece026
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffff80dc337e
 mhartid  0000000000000001
 mstatus  00000000000000a0
 mip      00000000000000a0
 mie      000000000000022a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff80201000
 sepc     ffffffff80c38f0e
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff80dc337e x2/sp ffffaf800e999fb0 x3/gp ffffffff85863ac0
 x4/tp ffffaf800ba38000 x5/t0 ffffffff86bcb657 x6/t1 fe66d1d1e49b1000 x7/t2 0000000000000000
 x8/s0 ffffaf800e999fe0 x9/s1 ffffffff86e58900 x10/a0 ffffffff86e58948 x11/a1 ffff8f800066c000
 x12/a2 1ffffffff0dcb129 x13/a3 ffffffff80dc337e x14/a4 0000000000000000 x15/a5 ffffffff86e58948
 x16/a6 ffffffff86e589f1 x17/a7 ffffffff80dcc2ca x18/s2 ffff8f800066c000 x19/s3 0000000000000065
 x20/s4 ffffffff86e58900 x21/s5 ffffffff80dc333e x22/s6 0000000000000000 x23/s7 ffffffff86bcb67d
 x24/s8 0000000000000010 x25/s9 ffffffff86e58958 x26/s10 0000000000000010 x27/s11 0000000000000000
 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001d333a4 x31/t6 ffffffff86bcb657
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000