program:
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setlease(r2, 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
fcntl$getflags(r2, 0x401)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000940)=""/32, 0x20, 0x4, 0xffffffff, 0x0, 0x0, 0x3}}, 0x120)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0)
r4 = syz_open_dev$hidraw(&(0x7f0000000080), 0x1, 0x200)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)='u\x80\x05fs\x00')
mount(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='ubifs\x00', 0x8000, 0x0)
ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f0000001a40)={0x8c, "895cd46771f00301c1ca639506f24c672ecfd2bd1050f9c5774eb3e02ce08f61bb32758aa48d8b91deae8e868458c5a16302ef180c82320b8e92c2821ee0eb19"})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x0)
setresuid(0xee01, r5, 0x0)
quotactl_fd$Q_QUOTAON(r4, 0x0, r5, &(0x7f00000000c0)='./file1\x00')
close(r3)
ioctl$HIDIOCSFEATURE(r4, 0xc0404806, &(0x7f0000000000))
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4048aecb, &(0x7f0000000240)=ANY=[@ANYBLOB="070000000000000007000000ffffffff4932ffae000000000600000006000000020000000000000000000000000000000700008004000000000000000180000027000000070000007f00000000000000000000000000000001000040080000000000000003000000ffffff7f05000000ffff00000000000000000000000000000b0000005f0e00000100000007000000f40d000006000000ffffff7f000000000000000100000000000000800000000005000000060000000000008000000000ffffffff0000000000000000000000000d000000bb020000010000000d00000003000000ff070000ffffffff00000000000000000000000008000080bf03000000000000f90000005ca1ffff24a500000700"/288])
syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000380), 0x1, 0x2c4, &(0x7f00000003c0)="$eJzs3T1rW1ccBvBT1bWLi1+mQrv00C7tcnHdL1ARbDARJDhWSDIErvF1IqRIRlcQyWTwniVzxowmY7ZAyBfwB8iezUvw5CkKlhy/xSFDkC/Gvx+I88CD4BzEFf/lcnbvPHtUX8+T9bQTSv/HUAohlPZDmB2koR8O19Igj4eTtsI/7148f3rr7r3r5UplYTnGxfLKf/Mxxuk/3jx+8vLPt51fbr+afj0Rdmbv736Yf7/z685vux9XHtbyWMtjs9WJaVxttTrpaiOLa7W8nsR4s5GleRZrzTxrn+rXG62NjV5Mm2tTkxvtLM9j2uzFetaLnVbstHsxfZDWmjFJkjg1GfiW6vbycloueheMVrtdTg+e4Ykvmup2IRsCAApl/r/KzP9XwcH8P374/J5m/gcAAAAAAAAAAAAAgMtgv9+f6ff7M5/Xs5+i98do+f2vthMv7v0cwt5Wt9qtDtdhv7hUWZiLA7PH39rrdqs/HvX/Dvt4uv8pTB728+f24+Hvv4b9QXftRuVMPxHWRn98AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABhI4pFz7/dPkq/1w7S4VFmYO/d+/7Hw+9iFHQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvkve26ynjUbWFgRBOApF/zMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxTu+9LvonQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCkvLdZTxuNrD3CUPQZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpNPAQAA///JXtD+")

[   75.713382][ T4690] Bluetooth: hci0: command tx timeout
[   75.852716][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.856525][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.868340][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.872678][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.876759][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.880551][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.887727][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.891090][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.895443][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.898802][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.902047][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.906094][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.909261][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.913373][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.916674][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.920088][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.924838][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.928026][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.931222][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.935037][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.938199][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.941425][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.946540][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.949787][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.953910][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.957294][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.960425][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.965048][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.968438][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.971726][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.977081][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.980532][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: unknown main item tag 0x0
[   75.993911][ T5339] hid-generic 0004:FFFFFFFF:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   76.122429][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   76.276137][   T10] usb 5-1: config 0 has no interfaces?
[   76.278586][   T10] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   76.284399][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.293528][   T10] usb 5-1: config 0 descriptor??
[   76.406852][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[   76.409711][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[   76.499657][ T5342] Invalid source name
[   76.649890][ T5347] loop0: detected capacity change from 0 to 512
[   77.763692][ T4690] Bluetooth: hci0: command tx timeout
[   78.686199][    C0] 
[   78.687278][    C0] =============================
[   78.689491][    C0] [ BUG: Invalid wait context ]
[   78.691599][    C0] 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 Not tainted
[   78.694674][    C0] -----------------------------
[   78.696957][    C0] swapper/0/0 is trying to lock:
[   78.699171][    C0] ffffc900019e7410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[   78.703461][    C0] other info that might help us debug this:
[   78.706137][    C0] context-{2:2}
[   78.707681][    C0] 1 lock held by swapper/0/0:
[   78.709813][    C0]  #0: ffffc900019e7960 (&kvm->srcu){.?.+}-{0:0}, at: kvm_xen_set_evtchn_fast+0x1c3/0x9b0
[   78.714430][    C0] stack backtrace:
[   78.716102][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full) 
[   78.716114][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.716120][    C0] Call Trace:
[   78.716128][    C0]  <IRQ>
[   78.716133][    C0]  dump_stack_lvl+0x189/0x250
[   78.716149][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.716159][    C0]  ? __pfx__printk+0x10/0x10
[   78.716172][    C0]  ? print_lock_name+0xde/0x100
[   78.716184][    C0]  __lock_acquire+0xbcb/0xd20
[   78.716196][    C0]  ? kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[   78.716205][    C0]  lock_acquire+0x120/0x360
[   78.716214][    C0]  ? kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[   78.716232][    C0]  _raw_read_lock_irqsave+0xaf/0x100
[   78.716291][    C0]  ? kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[   78.716299][    C0]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[   78.716311][    C0]  ? xa_load+0x1ea/0x210
[   78.716322][    C0]  kvm_xen_set_evtchn_fast+0x1fb/0x9b0
[   78.716331][    C0]  ? do_raw_spin_unlock+0x4d/0x240
[   78.716344][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   78.716357][    C0]  ? kvm_xen_set_evtchn_fast+0x1c3/0x9b0
[   78.716367][    C0]  xen_timer_callback+0x109/0x220
[   78.716377][    C0]  ? __pfx_xen_timer_callback+0x10/0x10
[   78.716385][    C0]  __hrtimer_run_queues+0x4e0/0xc60
[   78.716432][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[   78.716446][    C0]  hrtimer_interrupt+0x45b/0xaa0
[   78.716463][    C0]  __sysvec_apic_timer_interrupt+0x108/0x410
[   78.716477][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[   78.716493][    C0]  </IRQ>
[   78.716496][    C0]  <TASK>
[   78.716500][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   78.716511][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[   78.716521][    C0] Code: d3 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 cd 18 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[   78.716529][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[   78.716539][    C0] RAX: eaf6299b381cf900 RBX: ffffffff81976a48 RCX: eaf6299b381cf900
[   78.716548][    C0] RDX: 0000000000000001 RSI: ffffffff8d999368 RDI: ffffffff8be29ec0
[   78.716554][    C0] RBP: ffffffff8de07ea8 R08: ffff88801fc32f5b R09: 1ffff11003f865eb
[   78.716561][    C0] R10: dffffc0000000000 R11: ffffed1003f865ec R12: ffffffff8fa1faf0
[   78.716568][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[   78.716575][    C0]  ? do_idle+0x1e8/0x510
[   78.716589][    C0]  default_idle+0x13/0x20
[   78.716599][    C0]  default_idle_call+0x74/0xb0
[   78.716609][    C0]  do_idle+0x1e8/0x510
[   78.716621][    C0]  ? __pfx_do_idle+0x10/0x10
[   78.716631][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[   78.716640][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   78.716653][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   78.716667][    C0]  cpu_startup_entry+0x44/0x60
[   78.716678][    C0]  rest_init+0x2de/0x300
[   78.716688][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[   78.716733][    C0]  start_kernel+0x47d/0x500
[   78.716749][    C0]  x86_64_start_reservations+0x24/0x30
[   78.716760][    C0]  x86_64_start_kernel+0x143/0x1c0
[   78.716770][    C0]  common_startup_64+0x13e/0x147
[   78.716788][    C0]  </TASK>
[   78.873043][ T5339] usb 5-1: USB disconnect, device number 2