, 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:33 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000280)="64dc7b18f0fa3035c00c94e1bf71b93f6a604162088070ebf518e1d15da1576ff8be2257c0a83b43e1df4681f784003795164520a5bd3fbbc1228993e505781e3f4d68635676c4665afde04a6a12087bb18e367d9803f8a28cf8835901e75162fb8a37c4a1d6b744aec7d62bec290be4f4da341e16a41a53ecca252b98332f300653931b706f080f445e6603f0045f0c644d1708ccea9cb2ca4b3285603a535da5f38e8251b013ab23db3f8f4d9228fe60991132cbb11b7a3ebb8d138eb0a60e73a3bb709ff0217c8de9bf9065232924b061ae0fc0b45fc6b4f4a1eeebfcec2410f4b27a741bb1bd6f20141ef19072300d7bb23a480335a13232ce2f600a4338") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0xe) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x101000, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x7f) ioperm(0x9, 0xff, 0x9) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000000)={'security\x00'}, &(0x7f0000000080)=0x54) ioctl$TCFLSH(r1, 0x5423, 0x709000) 22:20:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = socket$inet6(0xa, 0x1, 0x0) rmdir(&(0x7f0000000000)='./file0\x00') ioctl(r2, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070") mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000140)=@ioapic) 22:20:33 executing program 4: r0 = socket(0x10, 0x2, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) read(r0, &(0x7f0000000340)=""/117, 0x75) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='teql0\x00', 0x10) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000240)=0x20000005) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={"643071300000000000000020001600", 0x3}) sendmsg$nl_route(r0, &(0x7f0000000740)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)=@ipv6_getaddr={0x18, 0x16, 0x101, 0x0, 0x0, {0x18}}, 0x18}, 0x1}, 0x0) 22:20:33 executing program 5 (fault-call:1 fault-nth:0): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 427.591201] FAULT_INJECTION: forcing a failure. [ 427.591201] name failslab, interval 1, probability 0, space 0, times 0 [ 427.602959] CPU: 0 PID: 21244 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 427.610431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.619814] Call Trace: [ 427.622427] dump_stack+0x1c9/0x2b4 [ 427.626057] ? dump_stack_print_info.cold.2+0x52/0x52 [ 427.631254] ? __mutex_lock+0x7e8/0x1820 [ 427.635327] should_fail.cold.4+0xa/0x1a [ 427.639391] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 427.644510] ? find_held_lock+0x36/0x1c0 [ 427.648561] ? graph_lock+0x170/0x170 [ 427.652352] ? find_held_lock+0x36/0x1c0 [ 427.656407] ? __lock_is_held+0xb5/0x140 [ 427.660468] ? check_same_owner+0x340/0x340 [ 427.664780] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 427.669704] ? rcu_note_context_switch+0x730/0x730 [ 427.674665] __should_failslab+0x124/0x180 [ 427.678892] should_failslab+0x9/0x14 [ 427.682688] kmem_cache_alloc_trace+0x2cb/0x780 [ 427.687347] ? rfcomm_session_get+0x2f0/0x3d0 [ 427.691834] rfcomm_dlc_alloc+0xb8/0x490 [ 427.695883] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 427.700455] ? mutex_unlock+0xd/0x10 [ 427.704179] rfcomm_dev_ioctl+0x109a/0x2240 [ 427.708494] ? rfcomm_dev_state_change+0x150/0x150 [ 427.713419] ? __local_bh_enable_ip+0x161/0x230 [ 427.718076] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 427.723088] ? lock_sock_nested+0x9f/0x120 [ 427.727308] ? trace_hardirqs_on+0xd/0x10 [ 427.731445] ? __local_bh_enable_ip+0x161/0x230 [ 427.736105] rfcomm_sock_ioctl+0x89/0xb0 [ 427.740155] sock_do_ioctl+0xe4/0x3e0 [ 427.743942] ? compat_ifr_data_ioctl+0x170/0x170 [ 427.748702] ? lock_downgrade+0x8f0/0x8f0 [ 427.752943] ? kasan_check_read+0x11/0x20 [ 427.757079] ? rcu_is_watching+0x8c/0x150 [ 427.761213] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 427.765613] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 427.770810] sock_ioctl+0x30d/0x680 [ 427.774427] ? dlci_ioctl_set+0x40/0x40 [ 427.778391] ? match_held_lock+0x851/0x8d0 [ 427.782619] ? expand_files.part.8+0x9c0/0x9c0 [ 427.787192] ? kasan_check_write+0x14/0x20 [ 427.791426] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 427.796344] ? dlci_ioctl_set+0x40/0x40 [ 427.800322] do_vfs_ioctl+0x1de/0x1720 [ 427.804203] ? __lock_is_held+0xb5/0x140 [ 427.808256] ? ioctl_preallocate+0x300/0x300 [ 427.812652] ? __fget_light+0x2f7/0x440 [ 427.816617] ? fget_raw+0x20/0x20 [ 427.820062] ? __sb_end_write+0xac/0xe0 [ 427.824044] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 427.829568] ? fput+0x130/0x1a0 [ 427.832835] ? ksys_write+0x1ae/0x260 [ 427.836629] ? security_file_ioctl+0x94/0xc0 [ 427.841034] ksys_ioctl+0xa9/0xd0 [ 427.844479] __x64_sys_ioctl+0x73/0xb0 [ 427.848360] do_syscall_64+0x1b9/0x820 [ 427.852235] ? finish_task_switch+0x1d3/0x890 [ 427.856740] ? syscall_return_slowpath+0x5e0/0x5e0 [ 427.861660] ? syscall_return_slowpath+0x31d/0x5e0 [ 427.866584] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 427.871954] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.876792] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.881970] RIP: 0033:0x455a99 [ 427.885141] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 427.904380] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.912081] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 427.919337] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 427.926593] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 427.933862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 22:20:33 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:34 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}}}}}}, &(0x7f0000000000)) r0 = dup(0xffffffffffffff9c) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000080)={0x7}, 0x4) [ 427.941118] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000000 [ 428.100546] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 428.107834] FAT-fs (loop1): Filesystem has been set read-only 22:20:34 executing program 7: socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f0000000080)) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_getroute={0x1c, 0x1a, 0x201, 0x0, 0x0, {0xa}}, 0x1c}, 0x1}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {}, [@IFLA_GROUP={0x8, 0x1b}]}, 0x28}, 0x1}, 0x0) recvmsg(r0, &(0x7f0000000100)={&(0x7f00000002c0)=@nl=@proc, 0x80, &(0x7f0000000580), 0x0, &(0x7f00000005c0)=""/47, 0x2f}, 0x0) 22:20:34 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:34 executing program 5 (fault-call:1 fault-nth:1): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:34 executing program 0: r0 = socket$inet6(0xa, 0x5, 0x0) sendmmsg(r0, &(0x7f0000013a80)=[{{&(0x7f0000001b00)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000002f00)=[{&(0x7f0000002ec0)='O', 0x1}], 0x1, &(0x7f0000002f80)}}, {{&(0x7f0000005300)=@llc={0x1a}, 0x80, &(0x7f00000065c0), 0x0, &(0x7f0000007040)=ANY=[@ANYBLOB="1000000000000000845934cbbc7d4771"], 0x10}}], 0x2, 0x0) getsockname(r0, &(0x7f0000000000)=@nfc, &(0x7f0000000080)=0x80) 22:20:34 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:34 executing program 3: r0 = socket$inet6(0xa, 0x80803, 0x3) getsockopt$inet6_int(r0, 0x29, 0xc8, &(0x7f0000000040), &(0x7f0000000080)=0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x101, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x100}, @in6={0xa, 0x4e24, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x800}], 0x38) sendto$inet6(r0, &(0x7f0000000100)="809f4e01c981968b7cfb99be130a34678012318f42d374d65aef3f2670f89d6f1d7b5ef5892f88ceade34d5b2c0aeeb5b5375298e5fe56e69cd4ab304fe23dc7b402347b77c243701b9ff1da47441da7cda9281df45ababa34df55c6e02cb135e0ecb51169553663195f2d94c046326f43112847fe25dda27f4d870e93303feee22cee4323552a094b7efe9a75975da569f7c95d3601b091bacd71822e5dcbae865c8ff190754ebedf59fae11141de0fb97bdc150150c41b201ac7f700d6d155452af2901d10c3fdb5bf3c01a5aa77196ce60a4c7d3d39985282ca6158271244c2443fae96aeb65829f647e1a50970422a1792c804f0436e87fbcc3d7467a154758a345f3e22183cfd19b2eb8146ae7be2e54637780642c1b1398f5616e7ca1c1875d019f5383b96c6b52567afee2982268aca365b8b69b98d56f9dd9fe6cb973a4ee777a0ac8fe9ab4c9f4b4f254a71b9fc2757ebdec5d402d791bd632da3eb8f1ada73e68bc32769a938a77412b6c3ad89b12927ff100a1744017b5c80ad7ef7d044a1389d1ddfcf4c29762114470b5d42b2feb284f2ae279f998401fa51c09ad805d270d5f2508de1784a525e1c9c70687c3fdad7e06c8d96b42f1bcca6a5b9661856e0200b77f1bf2846d56502ab73c2919c4eb491b39ab0bb24b654ce5abebe9f011b8999899d5780df24263e7af3f9749df3738db76e4a1d55de2990bbd2151b21aa3c18f0d7fd39092c825bab5ec6d4d2c2899df1f8c90ca1d375cf9353e49603dd7f004f02cc0fb23d4a9a6dc3c8c7370ddbbbc9aec73dd1eb284d6c18ad0e566b2fe84c64a005608fcfc39a767b4e2d151d4cab497bf124f465d2cb1107fdf1d8826941d09c96a5c7989524fdc0a91c475b611e17a9cfa9a01282d43e0c7e3a58afcebded65a02d854a3663b64a69299f8f83bab37a7c79585edbfc0d92bd2ac0f5f50d4d1879e0c91fa11f69c2f5f92c2b8f2630e3a759760393fd892679e595113afaccbb2b74754e3ce9b6e2ae177bbdc28ac579cdbc761553e4d76205b4f279bedc32984a30bb13fa3851871cd602cb1b54560edaaf3cf0d4c5d783ea051241326d11682c2f97bc384a36ae2b1c726e58380a9ef43ae0fed7a0d55157f2e3858652b135cbb14c4b8f3c7a5e301340171753d1cc2d67d9508e5db102765de6c334e4bff6a9e3da5c6a7784ab761347af9e6f4730de79c831243925aadb8d4f2d5a4ac5fb66726aa3e0b4b0583e76f71b441b7b5ff2ac8c92b5ad99ced99f5482f228d33c107f97ca95a85e0942d9c6c2685b13e742401451e271b19dc109d62e782e0752c6cc9ea3d094f835e9a90886caf7e4dfd6dd0d6c0b30394336dc84f052f9d0698a1c6b2dc741863a4fa1e5a51b523ecd3687f523cd33bafb83e6b4999d91d6eeefeed0bd20b1268a60b839e427e57ccb1d4c2a0dd3941056598cabf41ca836cf592c0d598c442d53c2c5dcf3aec004c59848fb3d62f2b04f040b3c7de64af733e5c99fe2a94a6366eda5a7753921026c5981061aa64dfb195f4b9ddaa0b5aa52ac528d17cb825626a06ad1747ba22edd4b880c6b173c8d9fcc214f5f9f756c803a0afb23dc82fffa7d9e17ec1e5313d19c3ae83a363499465b1cf5f86a46e78b1130f726ff79766006e77b104ba0f0110dfca7e536ae556d5fad09ae0ecdfc1847d20fd8ec58ed00cad62723dac2a9f876ba31716ee29cf626c22c72c79a947a859d76a29109f1e3607d38e60e69a29f122a2fed01054d0575a850b46308b7defbbcd22b86837e242522753853500c5368484dacba2d44e4b420ae2ef175fef5ace76ccc2c3d56065086b83b1b4c8bde28d030a156166aa73958d717ed7b7b2f3a0d96372719d45f667fc9ff07abc3c4ef5bdff3c781ad681adf1e65526cba4d9d15940152f7d417ef6217b82ff6c38501e94361dca205412bb2ab04e18c0b5b0de24545b54eeab9bb3e90a898aa1461ba1b08d3c3b2d357ec61239e3ecf88de83e9867777b193c95a9c330d4b3c1314f3ea808583b17cedbeecabaff40b9699f4e858125dbb59cc80a75ca71d56feda920f0333111103c88e1a03816da0bd106ae15e12251f3ada6d1edd708d43f98727112f2b502ad7cb82b5ff2b0ee1a6b31faaf4c496600e8fde3b6ab90f77f0fa1e100db59d38213f2dfb51ee665aa3d21f06eb1e40b3632d8ebda67826d655d4d2ba5477fd65818de3d4760a34ebb516fb94fdf7e2dc50b9481ffdf2692c49b2b62f31636be21458451b186691de9ab3b3bf19ffa4ee0b0d2153c4464bce38d89ac8226896634e2ea49b56336166c51cb10e42cfa609f6c80707a65ac4e551a3a30820a737669defc4f8bb76f38fddf92b5afdb21e2718c1fd94d65dbf413ce2608a032cc572caf215f877d3c2f68ec06781024c07dad71c579061265123e8e2220054704eeb5a26edcf07fc1c8ad639e58e33e0b6110b8166a60722d481725a4a521c9547bf6695f7621648b774cf0ab71e382fa4c68bdeb2fdc54bccfef3b4b0c6902b72eccd6e3de8ea79870c9038cc2ee8f90d8a39ec16551e2cb010521a8d51775900dda98aefbb306e12ba51da72495de580ee49e10a1cba8474d78bc8402a81fefc2fe1c66199d361fb210a446e885bb7e7e906397abb536cb79d3102fb006bd32de8d2c02ed082b6bb49c3e4bf06954fa6ed6a9eb45cd67280ed44edece1af99e610b12f20de1e93d540158bb1394047c00cc5036f8ef7c322b654cd540a4dc433cb9033a11cfa29c9798fdaf8f58b56239a8aba542cb1a6ca867b8fa9aae2deee0d1b02cf029442b35c7ef5c567450abf39a416647d789fa630ec9154ee61f7928a68f8e28a4445f25d60f543d0ca9346da88c0312a706184cb89c2f538a4bbe120b349ca5eacba566398e89c09d8ede7ccb84d169a8f08cf85e62247cf62f90b1152c8071ad68ccc6e20bdfceb649d793ab816a8cd2cbdb20c4179eba274ad1058bacb970947c9661a8baa7335ef185f0bbfc002cc53e3d8eb1b29557c3df8f008293435cca9b9c65b6f5009e61eac869016617dd549a98c101d969e137d92b5277a4d732b670b5d36033f81ead9917637caf94f1ed088c01ff2cbbbe29cac2ad4640b1f87f588a1bc6a088c6d09f2b33fd8b187656245f7015129a31b5d22b972c82f55ab60120c8fa32c9eec7a89e8e4d6220a765d5928050022fee50e7d705c29690e20f36b2f842a17ec51a1801eaa4b658db9e703872e3fc08046fc8f0611cd9eb9a8fe3357138cf143f784ac95b83d0ada2c84fede3e45bae8f17a27d841f2a51d1d96ac92a6beccb07bb0180a1693b96e0e3cab0e3ec86b0f1880ab5cdfcfaf79be15e3328117f99723d119749b366cc95c5413c85ace3c71036162042c79fca9ec45daef6824e7573d764b8229f5408954f85aca1976fda280401e89301a061cad435b63deea90e0fbf9fe81fe09846a2eafdbe3e9ff446a03e9d6c158fd2c922280cca9ca636154169a8496300edfc672f4ac26d2bf6508f84137db86ff0781091c1e8fbbe61130386a040f23117d8b2c1ee1ff517d900e4d8560999914f700280a33993d91b15b3f2dce89366098f706e4152284517f213916d54baedeed8187e2b17d160837b50c9c202991cc22ca6a4fc8bad2a2369b26d672bab1bb0d0d6e6f385b5d340a212efb39617c58572295bd3ddd7f3812ba127242a2730f7543b2532f086e340b3bd9acc686e5a001daea209aafbc440c313cdfb23a28e500ca7617aa7661426b4549f1482ebc798f9638f41560d68b6bb7b937815dd4f1fc5b60e0c5c8ebd672e8061eb9594147c3d3486bf668a557d63254a909563ccaa08eb1f716f56e937379591b48e18019fff8e50658b7c5f4b9de920e8a8dbf6443ab702cba089623c84b27a5c8c7f2e77ddccab3a92fac528425aecb1f2b8a7184a8f3377b170290ff7be7dffc9863936315d1b1ca528c094c93f8eb57a3ee417f20ec8e85d28c8cdeed2b2cc91424606553e4cddab2cf40ab52132e5693f2c021cd2b7d5c585dff402216afbf5790d3c6836bc8973d5b7f32f030ac6c958ae567781600ecc2079624645b9290edeed89c2f2bb6db5d482fb5523869b3d8538359aad91d78ad3bad8703b5e8756b7832bf2d4f75f5e9bc1c2b5cc071c98a206296ad2de486bb1ea23ce667d24298f08e600a980cee039156e58b68b27b9928f1c082e92c9e787f9eeffa036e1da58ca993fde3c5c070c4ab0477dbbb20745b7cc2eb3ec0f5c1dcad4cf654dd91b48200ee97a4cbf6d37e93c6498c462ff8e2f8032b202617871a3c32801eac4d1d350fdcb258ce1a641746fb0364bea054958f2686959d5a94b6ee5d632d7c8187b2cd08f21499b55892f195d72e62084f142be26f6f025c9598e170e4bd173e79a46f4c4dec0d7dadd6ee0e8ea87749596c87d4ef8d9e62d5ce0cdb721dff36a2f622dd6d5c2c23701386b85e7b30de3ecbdb5a2412dc33f16680e4c1ef589244a4754ec4faa1d84b4f7149adda28a2262785402e9c88d0521dc63e5958f9d246e277852b6a6ac206f3315d4e59aa74b5a866d1125ec7155d389d92bf382f3860392acbaaa283db5abc8bd02bd9b6a8468a8d740a158e3c21b22ff14e6823e9dceeeb12fadf5320cb4d4764052ed63b65a67e5b4e786994e1a9f17bcc68469f7140a5cc4c97168fbcdef06e872a280289e7d69d8eaa6ec489f88ac0541ead9f206d95880b8cee5520896fccef71b80941ecf579791ecfa14b7c5a3dbd7df72afa379107ac22183109e71d061eafdc43c8eb28183f856725803ed569f66da40fadeccf9da5a057f0eede1ba0d35d74a324e47643c9fce2ffaffdf273e38a4545029e302f3ef1ec8e033112d3f8ef46eb8404c643794256fa364b90945f5d998033faee08acf633c52cd250b76e06c48f5c2c49ef9b2c572cc99c1796b8e1e997638e4495fdc839255d8cedf0ca29eb088be393d5a4c81b301708448f86134f2221794abac37f0a77f83ddd8cb1bf32ad0a3e84983fdf660f3f6d892eccd7706f2bf40689f35a676c25388f7de47fe3dfc8620027b678358f0e5bcdea72f548ce8f327bd480536adf8834fd019b103e21fb9c2f80c6cb82b031cdd56520cd026c8c41da8d1d4414a21fde42a4ca04acf00cf33bbc27d339a04b451a9d25cafcfa79d7c7db710d9fcc3cc639d8ceb40df9a43d12563242fbeca7dc3c7ece50dffc55f2ec685762b13a91a192caa2459395592d809f9f414d8227e4a2f690102dc090f450132f87bf04d024591f3dd6a6f3ecbacedd954a58099439adc2d46d3c66857f09b64cc84fc84050547512e9bf28633fe968a8d9fc2b8bde71aee023bb2fac013158cf46a166808952f169afb6764aa6b978564b505d95bf7b37e4aa92789082c4b003aaa16c0370cad888774c261792c518e8ba6fc4a5c3ca4fb514b74318f32eabca3a54904b9a2bf9c4299e8e591ca685e90e908b92b8254b6abffa1b0fe6af2a601aeb4dfe7931db94f70868120b9d280586d9f64c115a0f0c10a41d30b2c087543e63f67e3cb4a1c84ecd85e14f745585e0d228c5c7878ef77b542e663ac51ee321971b7516a82cf0865a20e84a6b66862603fcb7ebde504799708dcceb352dc2b772566944eac0a66d53f5abb90c8f9897ac3f43a58e4f8ce2e553dfbc57747dec3b47e8afd981204910604bfbc2d3b32ec7ffc533c33800572fc2c7946e27599468005c9eb2699e260f40337245ab9a2641d7b1111db14f032fe97038ae666f8a117c2fe576e93da839efa4d9", 0x1000, 0x44000, &(0x7f0000001100)={0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x8000, 0x0) [ 428.147682] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 428.155341] FAT-fs (loop1): Filesystem has been set read-only [ 428.182599] FAULT_INJECTION: forcing a failure. [ 428.182599] name failslab, interval 1, probability 0, space 0, times 0 [ 428.193950] CPU: 1 PID: 21272 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 428.201312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.210664] Call Trace: [ 428.213249] dump_stack+0x1c9/0x2b4 [ 428.216867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 428.222046] ? debug_object_free+0x690/0x690 [ 428.226439] ? save_stack+0xa9/0xd0 [ 428.230059] should_fail.cold.4+0xa/0x1a [ 428.234108] ? ksys_ioctl+0xa9/0xd0 [ 428.237723] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 428.242839] ? find_held_lock+0x36/0x1c0 [ 428.246907] ? graph_lock+0x170/0x170 [ 428.250703] ? find_held_lock+0x36/0x1c0 [ 428.254755] ? __lock_is_held+0xb5/0x140 [ 428.258813] ? check_same_owner+0x340/0x340 [ 428.263124] ? rcu_read_lock_sched_held+0x108/0x120 [ 428.268130] ? rcu_note_context_switch+0x730/0x730 [ 428.273063] __should_failslab+0x124/0x180 [ 428.277297] should_failslab+0x9/0x14 [ 428.281090] kmem_cache_alloc_trace+0x2cb/0x780 [ 428.285756] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 428.290327] ? mutex_unlock+0xd/0x10 [ 428.294035] rfcomm_dev_ioctl+0x612/0x2240 [ 428.298275] ? rfcomm_dev_state_change+0x150/0x150 [ 428.303198] ? __local_bh_enable_ip+0x161/0x230 [ 428.307858] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 428.312864] ? lock_sock_nested+0x9f/0x120 [ 428.317091] ? trace_hardirqs_on+0xd/0x10 [ 428.321231] ? __local_bh_enable_ip+0x161/0x230 [ 428.325895] rfcomm_sock_ioctl+0x89/0xb0 [ 428.329951] sock_do_ioctl+0xe4/0x3e0 [ 428.333740] ? compat_ifr_data_ioctl+0x170/0x170 [ 428.338490] ? lock_downgrade+0x8f0/0x8f0 [ 428.342632] ? kasan_check_read+0x11/0x20 [ 428.346766] ? rcu_is_watching+0x8c/0x150 [ 428.350901] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 428.355297] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 428.360473] sock_ioctl+0x30d/0x680 [ 428.364096] ? dlci_ioctl_set+0x40/0x40 [ 428.368073] ? match_held_lock+0x851/0x8d0 [ 428.372296] ? expand_files.part.8+0x9c0/0x9c0 [ 428.376883] ? kasan_check_write+0x14/0x20 [ 428.381106] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 428.386044] ? dlci_ioctl_set+0x40/0x40 [ 428.390017] do_vfs_ioctl+0x1de/0x1720 [ 428.393905] ? __lock_is_held+0xb5/0x140 [ 428.398044] ? ioctl_preallocate+0x300/0x300 [ 428.402439] ? __fget_light+0x2f7/0x440 [ 428.406411] ? fget_raw+0x20/0x20 [ 428.409852] ? __sb_end_write+0xac/0xe0 [ 428.414090] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 428.419622] ? fput+0x130/0x1a0 [ 428.422888] ? ksys_write+0x1ae/0x260 [ 428.426676] ? security_file_ioctl+0x94/0xc0 [ 428.431083] ksys_ioctl+0xa9/0xd0 [ 428.434525] __x64_sys_ioctl+0x73/0xb0 [ 428.438405] do_syscall_64+0x1b9/0x820 [ 428.442282] ? finish_task_switch+0x1d3/0x890 [ 428.446768] ? syscall_return_slowpath+0x5e0/0x5e0 [ 428.451706] ? syscall_return_slowpath+0x31d/0x5e0 [ 428.456629] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 428.462000] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.466840] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.472018] RIP: 0033:0x455a99 [ 428.475194] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 428.494430] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 428.502128] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 428.509395] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 428.516664] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 428.523921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 428.531173] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000001 22:20:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x40000, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r4, 0x6, 0x2, &(0x7f0000000040)={0x1, 0xe3, 0x3, 0x1}, 0x6) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000000000000d0000402500000005000000000100000000004000000000010000000000000025000aadffffffff00040000000000200a00000006b3"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000870100000000a02b2ef34a"]) 22:20:34 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65300f", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 428.576849] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:34 executing program 3: socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x15, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa81000000001100001d514c272796101c5cb85d23f5a9f0bf5a5cc2c9239e369d4fca96bb8cea65d2c8e84a7cc9f9f2f3e661c3d776ab9bc923dbfa90a854f3897c8108a85d01fb57be9c84e2108ba367cccd73947d9d3864e8067d7e5c049adb8a"], &(0x7f00000010c0)) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4) ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f0000000300)) 22:20:34 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:34 executing program 5 (fault-call:1 fault-nth:2): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 428.682076] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 22:20:34 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000014000)='/dev/snd/timer\x00', 0x0, 0x0) r1 = getpgid(0xffffffffffffffff) setpriority(0xfffffffffffffffd, r1, 0x7f) eventfd2(0x8, 0x800) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x3, 0x3}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0xc0f85403) [ 428.722799] kvm pmu: pin control bit is ignored [ 428.732983] kvm_pmu: event creation failed -2 [ 428.743798] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 428.827668] FAULT_INJECTION: forcing a failure. [ 428.827668] name failslab, interval 1, probability 0, space 0, times 0 [ 428.839119] CPU: 0 PID: 21312 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 428.846496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.855868] Call Trace: [ 428.858480] dump_stack+0x1c9/0x2b4 [ 428.862132] ? dump_stack_print_info.cold.2+0x52/0x52 [ 428.867351] ? lock_release+0xa30/0xa30 [ 428.871404] ? check_same_owner+0x340/0x340 [ 428.875749] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 428.880912] should_fail.cold.4+0xa/0x1a [ 428.884997] ? put_dec+0x3b/0xf0 [ 428.888482] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 428.893608] ? kasan_check_write+0x14/0x20 [ 428.897869] ? graph_lock+0x170/0x170 [ 428.901688] ? put_dec+0xf0/0xf0 [ 428.905072] ? format_decode+0x1b1/0xaf0 [ 428.909158] ? find_held_lock+0x36/0x1c0 [ 428.913243] ? __lock_is_held+0xb5/0x140 [ 428.917334] ? check_same_owner+0x340/0x340 [ 428.921678] ? rcu_note_context_switch+0x730/0x730 22:20:34 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x400000890f, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={r1}) connect$vsock_stream(r2, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @any=0xffffffff}, 0x10) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="240000001d0007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 22:20:35 executing program 7: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000080)={0x0, 0x9, 0x1, 0x16, 0x2, 0x0, 0xffff, 0x1, {0x0, @in6={{0xa, 0x4e23, 0x141, @dev={0xfe, 0x80, [], 0x1d}, 0x10000}}, 0x6, 0x7, 0x101, 0xfc, 0x5}}, &(0x7f0000000140)=0xb0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)={r1, 0x400, 0x1, [0x2]}, 0xa) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={"6c6f0000ecffffffffff647d971300", {0x2, 0x0, @loopback=0x7f000001}}) [ 428.926636] __should_failslab+0x124/0x180 [ 428.930900] should_failslab+0x9/0x14 [ 428.934721] kmem_cache_alloc_trace+0x2cb/0x780 [ 428.939425] tty_register_device_attr+0x1d4/0x730 [ 428.944286] ? __init_waitqueue_head+0x9e/0x150 [ 428.948978] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 428.953864] ? trace_event_raw_event_module_request+0x340/0x340 [ 428.959951] ? kasan_check_write+0x14/0x20 [ 428.964211] ? tty_port_init+0x1a3/0x260 [ 428.968341] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 428.973388] tty_port_register_device+0x3d/0x50 [ 428.978084] rfcomm_dev_ioctl+0x1bba/0x2240 [ 428.982437] ? rfcomm_dev_state_change+0x150/0x150 [ 428.987400] ? __local_bh_enable_ip+0x161/0x230 [ 428.992097] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 428.997164] ? lock_sock_nested+0x9f/0x120 [ 429.001421] ? trace_hardirqs_on+0xd/0x10 [ 429.005588] ? __local_bh_enable_ip+0x161/0x230 [ 429.010281] rfcomm_sock_ioctl+0x89/0xb0 [ 429.014365] sock_do_ioctl+0xe4/0x3e0 [ 429.018183] ? compat_ifr_data_ioctl+0x170/0x170 [ 429.022948] ? lock_downgrade+0x8f0/0x8f0 [ 429.027088] ? kasan_check_read+0x11/0x20 [ 429.031219] ? rcu_is_watching+0x8c/0x150 [ 429.035352] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 429.039748] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 429.044928] sock_ioctl+0x30d/0x680 [ 429.048556] ? dlci_ioctl_set+0x40/0x40 [ 429.052522] ? match_held_lock+0x851/0x8d0 [ 429.056764] ? expand_files.part.8+0x9c0/0x9c0 [ 429.061333] ? kasan_check_write+0x14/0x20 [ 429.065554] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 429.070474] ? dlci_ioctl_set+0x40/0x40 [ 429.074453] do_vfs_ioctl+0x1de/0x1720 [ 429.078336] ? __lock_is_held+0xb5/0x140 [ 429.082402] ? ioctl_preallocate+0x300/0x300 [ 429.086797] ? __fget_light+0x2f7/0x440 [ 429.090758] ? fget_raw+0x20/0x20 [ 429.094202] ? __sb_end_write+0xac/0xe0 [ 429.098181] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 429.103705] ? fput+0x130/0x1a0 [ 429.106980] ? ksys_write+0x1ae/0x260 [ 429.110773] ? security_file_ioctl+0x94/0xc0 [ 429.115171] ksys_ioctl+0xa9/0xd0 [ 429.118610] __x64_sys_ioctl+0x73/0xb0 [ 429.122489] do_syscall_64+0x1b9/0x820 [ 429.126365] ? finish_task_switch+0x1d3/0x890 [ 429.130847] ? syscall_return_slowpath+0x5e0/0x5e0 [ 429.135762] ? syscall_return_slowpath+0x31d/0x5e0 [ 429.140682] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 429.146037] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.150868] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.156042] RIP: 0033:0x455a99 [ 429.159211] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.178449] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 429.186150] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 429.193424] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 429.200693] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 429.207960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 429.215215] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000002 22:20:35 executing program 3: r0 = socket(0x1e, 0x4, 0x0) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f00000000c0)={0x11, @multicast1=0xe0000001, 0x4e24, 0x2, 'dh\x00', 0x10, 0x101, 0x73}, 0x2c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x80, 0x0, 0x3, 0x73d}, 0x7c) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0xe02d43063a205977}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000080)={0x1, 'bond_slave_0\x00', 0x1}, 0x18) sendto$inet6(r0, &(0x7f0000000200)="74f622317d4bf33199c1fa2c435245beaec6c13f1544b0c8dda84b57790fbf6fae94ae282c2217bb5e9019551a580c7d6d799a72ee9ec5d09cdd4c6bacc24293b934d0c84458048513dae8ecf5eb81", 0xffffffffffffff9c, 0x4001, 0x0, 0x0) [ 429.238851] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'. [ 429.278871] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:35 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 429.286113] FAT-fs (loop1): Filesystem has been set read-only 22:20:35 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000080)=0x59aa, 0x2) syz_emit_ethernet(0x437, &(0x7f0000000b40)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60c22df704011100fe800000000000000000000000000000fe8000000000000000000000000000aa00004e2004019078000087ae00ca83452b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d035d2a02a8645ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"], &(0x7f0000001780)) r1 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x10000) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000040)={0x3, 0x2, 0x7, 0x3, 0xfff}) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000640)=""/69, 0x45}, 0x40000040) 22:20:35 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 429.313114] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 429.320416] FAT-fs (loop1): Filesystem has been set read-only 22:20:35 executing program 4: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000006000)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000011000)={&(0x7f0000010ff0)={0x1d, r1}, 0x10, &(0x7f000000eff0)={&(0x7f0000012f80)=ANY=[@ANYBLOB="01000000000000000000000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000100000000000000000000006820377aaeb6a077074b74efc2039cd078759a67d8602d3e4b207446a705148d03f1f87e60b22a6ed7e5b35afc19cd0ed506fb9cdba948697c01f3ec6bc0f8f9"], 0x38}, 0x1}, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xffffffff, 0x40000) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000040)=""/215, &(0x7f0000000140)=0xd7) 22:20:35 executing program 5 (fault-call:1 fault-nth:3): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:35 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000280)=""/28, 0x58) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xfffffffffffffffa, 0x80000) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x1, 0x4) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000080)={0x80, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000140)) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) fcntl$getown(r0, 0x9) [ 429.436236] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 429.503656] FAULT_INJECTION: forcing a failure. [ 429.503656] name failslab, interval 1, probability 0, space 0, times 0 [ 429.515099] CPU: 0 PID: 21354 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 429.522489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.531861] Call Trace: [ 429.534480] dump_stack+0x1c9/0x2b4 [ 429.538141] ? dump_stack_print_info.cold.2+0x52/0x52 [ 429.543366] should_fail.cold.4+0xa/0x1a [ 429.547447] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 429.551894] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 429.557028] ? graph_lock+0x170/0x170 [ 429.560852] ? kernel_text_address+0x79/0xf0 [ 429.565286] ? __kernel_text_address+0xd/0x40 [ 429.569804] ? find_held_lock+0x36/0x1c0 [ 429.573891] ? __lock_is_held+0xb5/0x140 [ 429.577988] ? check_same_owner+0x340/0x340 [ 429.582330] ? sock_ioctl+0x30d/0x680 [ 429.586161] ? do_vfs_ioctl+0x1de/0x1720 [ 429.590247] ? ksys_ioctl+0xa9/0xd0 [ 429.593895] ? rcu_note_context_switch+0x730/0x730 [ 429.598853] __should_failslab+0x124/0x180 [ 429.603114] should_failslab+0x9/0x14 [ 429.606927] __kmalloc_track_caller+0x2c4/0x760 [ 429.611599] ? graph_lock+0x170/0x170 [ 429.615394] ? __lock_is_held+0xb5/0x140 [ 429.619504] ? kstrdup_const+0x66/0x80 [ 429.623385] kstrdup+0x39/0x70 [ 429.626569] kstrdup_const+0x66/0x80 [ 429.630276] kvasprintf_const+0x112/0x190 [ 429.634441] kobject_set_name_vargs+0x5b/0x150 [ 429.639031] dev_set_name+0xad/0xe0 [ 429.642647] ? device_initialize+0x5f0/0x5f0 [ 429.647067] tty_register_device_attr+0x2ca/0x730 [ 429.651897] ? __init_waitqueue_head+0x9e/0x150 [ 429.656578] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 429.661417] ? trace_event_raw_event_module_request+0x340/0x340 [ 429.667467] ? kasan_check_write+0x14/0x20 [ 429.671693] ? tty_port_init+0x1a3/0x260 [ 429.675745] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 429.680756] tty_port_register_device+0x3d/0x50 [ 429.685418] rfcomm_dev_ioctl+0x1bba/0x2240 [ 429.689752] ? rfcomm_dev_state_change+0x150/0x150 [ 429.694695] ? __local_bh_enable_ip+0x161/0x230 [ 429.699357] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 429.704359] ? lock_sock_nested+0x9f/0x120 [ 429.708581] ? trace_hardirqs_on+0xd/0x10 [ 429.712730] ? __local_bh_enable_ip+0x161/0x230 [ 429.717388] rfcomm_sock_ioctl+0x89/0xb0 [ 429.721438] sock_do_ioctl+0xe4/0x3e0 [ 429.725229] ? compat_ifr_data_ioctl+0x170/0x170 [ 429.729977] ? lock_downgrade+0x8f0/0x8f0 [ 429.734124] ? kasan_check_read+0x11/0x20 [ 429.738261] ? rcu_is_watching+0x8c/0x150 [ 429.742413] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 429.746825] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 429.752004] sock_ioctl+0x30d/0x680 [ 429.755623] ? dlci_ioctl_set+0x40/0x40 [ 429.759584] ? match_held_lock+0x851/0x8d0 [ 429.763807] ? expand_files.part.8+0x9c0/0x9c0 [ 429.768376] ? kasan_check_write+0x14/0x20 [ 429.772602] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 429.777519] ? dlci_ioctl_set+0x40/0x40 [ 429.781479] do_vfs_ioctl+0x1de/0x1720 [ 429.785368] ? __lock_is_held+0xb5/0x140 [ 429.789431] ? ioctl_preallocate+0x300/0x300 [ 429.793835] ? __fget_light+0x2f7/0x440 [ 429.797796] ? fget_raw+0x20/0x20 [ 429.801255] ? __sb_end_write+0xac/0xe0 [ 429.805221] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 429.810744] ? fput+0x130/0x1a0 [ 429.814014] ? ksys_write+0x1ae/0x260 [ 429.817808] ? security_file_ioctl+0x94/0xc0 [ 429.822206] ksys_ioctl+0xa9/0xd0 [ 429.825647] __x64_sys_ioctl+0x73/0xb0 [ 429.829525] do_syscall_64+0x1b9/0x820 [ 429.833401] ? finish_task_switch+0x1d3/0x890 [ 429.837888] ? syscall_return_slowpath+0x5e0/0x5e0 [ 429.842805] ? syscall_return_slowpath+0x31d/0x5e0 [ 429.847729] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 429.853097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.857942] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.863118] RIP: 0033:0x455a99 [ 429.866289] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.885805] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 429.893504] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 22:20:35 executing program 0: capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000280)) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x4, 0x80000) ioctl$IOC_PR_CLEAR(r1, 0x401070cd, &(0x7f00000000c0)={0x20}) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000140)=@in={0x2, 0xc67a}, 0xaeb8ead6e29a41ba, &(0x7f0000000040), 0x0, &(0x7f0000000280)}}, {{&(0x7f0000000000)=@in={0x2, 0x4e23, @broadcast=0xffffffff}, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000100)=[{0x28, 0x0, 0x9, "8612b75e7eff7f0000000000004a927364"}], 0x28}}], 0x2, 0x0) 22:20:35 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530ff", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:35 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000080)=0x59aa, 0x2) syz_emit_ethernet(0x437, &(0x7f0000000b40)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60c22df704011100fe800000000000000000000000000000fe8000000000000000000000000000aa00004e2004019078000087ae00ca83452b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d035d2a02a8645ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"], &(0x7f0000001780)) r1 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x10000) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000040)={0x3, 0x2, 0x7, 0x3, 0xfff}) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000640)=""/69, 0x45}, 0x40000040) 22:20:35 executing program 0: perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) r1 = socket$inet(0x2, 0x100000000000006, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x84, 0xa, &(0x7f00000000c0), &(0x7f0000000040)=0xffffffffffffff10) [ 429.900759] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 429.908016] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 429.915274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 429.922550] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000003 22:20:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653016", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:36 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65300f", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:36 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)) ppoll(&(0x7f0000000040)=[{}, {}], 0x2, &(0x7f0000000080)={0x0, 0x989680}, &(0x7f00000000c0), 0x8) 22:20:36 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000080)=@ll, &(0x7f0000000100)=0x80) 22:20:36 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00', 0x101}) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000240)={@multicast2=0xe0000002, @remote={0xac, 0x14, 0x14, 0xbb}, @multicast2=0xe0000002}, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x10) sendmmsg(r0, &(0x7f0000000800)=[{{&(0x7f0000000100)=@ipx={0x4, 0x2, 0x6, "6987c1357a4c", 0x7ff}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000040)="693aa700bd04a22ac94d45dec0255e630dd95e5a209dfa47969b617df314715ba8f9ea58bc9b62b72f71be04357f460227880c3a5a2b39", 0x37}], 0x1, &(0x7f0000000280)=[{0xb0, 0x11f, 0x5, "154191e10e5a27cdbb11e157996685931d18428f075e3e43c3840d9a161a709c26f25047dcb4df634bfe19c5cc37ba180475bfb4bf1c36805c10a489e444c502cd20a7def438f303363c43694e9b8be1a6246761750986e4efafdc846f55256089adbfbd5e80f78229d8af6841b058263b4827ff4756510ef1a40c85d8f849ffa623b2c5f798dead1f0c4a57c9b5a064406a0e08faf048d7c993771d3157"}, {0xa8, 0x118, 0x8, "fb09258b74bce1ef6e925c94ecd5d586508b8ff64246b141606f5626e368dbfcde99bbbcb4c797c529e08f39d9eeb181848192156c33a11898a8a626c1cde9016ffc0649d10fcdb3aadf686e05fe411ca85e45cbb3d5355ec8388c7bad7fec37c53564b90533dfdd85151e02a990cddf206f8b3346f63a29b2a1bcbff938ece8172ef3488afcadd5bff2520bdba26db899db98"}, {0x88, 0x114, 0x0, "50f4cafaa3cce946841b6faa97f9db17ea7fed12acecbe1751c193427961e1bae66dcff8505ae0193ddb26ea5f0f8d7b657af43db2bed3f575df5f443089adeded92e56e4649809f4fd09e9250e655b45614730bc57a081c9cbdc0ba914562b539e4f173a6d8879e518fa793b4b96931c62b82be0cc15ced"}, {0x68, 0x10a, 0x4, "e7ba1e4a1f987ae54efa383cf692b2a784d3e0c2d5bb3893d0559955815fa5f344a3b5d1c3a5e933783f92393a2a510de26fcb04ebbc6a97485f51b6dc7e0273a79912e506002e212402618f01396dd424a000dd647609d5"}, {0x48, 0x100, 0x4, "ecfacee553e4f081bf4e023ab30da9479011184b04265f640430b157415ae96fe022e7d27c0fe572f56b00785814bf0266"}, {0x48, 0x11b, 0x6, "3eb83bfef30385249de4deab84096940f82a305305eb70fa89d901193aa6ec425ac9c5f256788b0aaf8ee3d404e449ca236eeef613cf"}], 0x2d8}, 0x8}, {{&(0x7f00000001c0)=@sco={0x1f, {0x1, 0xfff, 0x7, 0x5, 0x1}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000580)="2949555b6e75030c45eec841d7fe897d2166d95e2bd0f891c3e4f41eeb01ed2a9154a3e02b199e71d8f810bfa85e7b50eeca0e362deef4fd161875588363b5e2e408eb955778a79d5a05dbbbe5a3b15489c4322808284db26f82935988726a1469b2bd5cbc912b0ecfffea360d34eb745173b37f0f3b18f5fc892a6674c3089c0f1944975bea5bd2da0a446d9eb656837792cd25ed9ba7b26eaeaa82e6aef8444c8537cbe4d99edab554374fb4e609d5155e27c6313afabf4d50859b6b7d4255281058249b90e71ed048cb5324154959fbf4a55d143b241dfacd312d46dd5d99bfed6992c3fd16b1e0", 0xe9}, {&(0x7f0000000680)="36b81446c60d956df69c0d4619653bbfdd4603ada2d80a1724fb304484b8ea9c7964e0ec7d631d86071a416a79eca533f9ca85ec771006d420a7ab7047616276450440b6443e0560685a34363b2e98b3a2050b13b534df3db40eb48d468dbdab2a11ed947c0e67c7f857b465702b53b5dafe0d730a3c43e37c48a1a2320169bad04f1a2512993c93803178c9bfdf249940b76dd9deb9f4288443b5244c6d3c1b63a19e15157e7ee449821855f21a3a5bfa491db8c92a11a4b32ceec9c9d670103983201bcd68ed85142f5be273e45c27924c77b5f8070259f6ab851eeb410d9e87d51e8bec9db8227170a0b64783d5797caa667032c8dc178c30914b", 0xfc}, {&(0x7f0000000780)}], 0x3, 0x0, 0x0, 0x4040}, 0x3ff}], 0x2, 0x4) 22:20:36 executing program 5 (fault-call:1 fault-nth:4): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:36 executing program 7: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x7, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000080)) r1 = socket$inet6(0xa, 0x80000000000002, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@local={0xfe, 0x80, [], 0xaa}, @in, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x20, 0xff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x1}, {{@in6=@loopback={0x0, 0x1}, 0x0, 0xff}}}, 0xe8) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000200)="0247e22f05d02c99240970") sendto$inet6(r1, &(0x7f0000000100)="42ba456ff5db32dffa7b039936374c3d53358aa00f56f2cc398d8423188c194ba4ae6586bc7a733d85acde5a815ae6549fdf429e49754ed754425aa80e2db42ee24afceb6bcd5b8022c9a9055fa830853eb9528bb33cb219ec177b0a97b9463340f1121eb0093974d062d0f732b76ad2ca8b788e245865f60fa60b2adea479b1711132c6783d14300fc35c3a8dbc820b67396dbf1e623997e4282d19c682d4f4e81b7b04f815f046160a8d6502dc60fdd67b4c5039778faebd123af620e5fd442a21ce3723d76d2390dd57c3d2d43146ec6648", 0xfe86, 0xfffffffffffffffc, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c) [ 430.156314] device lo entered promiscuous mode [ 430.178781] device lo left promiscuous mode [ 430.204494] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 430.204525] FAULT_INJECTION: forcing a failure. [ 430.204525] name failslab, interval 1, probability 0, space 0, times 0 [ 430.211828] FAT-fs (loop1): Filesystem has been set read-only [ 430.223081] CPU: 1 PID: 21396 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 430.223091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.223102] Call Trace: [ 430.248694] dump_stack+0x1c9/0x2b4 [ 430.252348] ? dump_stack_print_info.cold.2+0x52/0x52 [ 430.257562] ? graph_lock+0x170/0x170 [ 430.261394] should_fail.cold.4+0xa/0x1a [ 430.265488] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 430.270623] ? __lock_is_held+0xb5/0x140 [ 430.274710] ? graph_lock+0x170/0x170 [ 430.278527] ? __lockdep_init_map+0x105/0x590 [ 430.283050] ? find_held_lock+0x36/0x1c0 [ 430.287131] ? __lock_is_held+0xb5/0x140 [ 430.289269] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 430.291246] ? check_same_owner+0x340/0x340 [ 430.291266] ? update_pm_runtime_accounting+0x1b0/0x1b0 [ 430.291284] ? rcu_note_context_switch+0x730/0x730 [ 430.291304] __should_failslab+0x124/0x180 [ 430.291322] should_failslab+0x9/0x14 [ 430.291336] kmem_cache_alloc_trace+0x2cb/0x780 [ 430.291357] ? refcount_add_not_zero+0x330/0x330 [ 430.298486] FAT-fs (loop1): Filesystem has been set read-only [ 430.302766] device_private_init+0x9f/0x240 [ 430.302779] ? virtual_device_parent+0x60/0x60 [ 430.302800] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 430.350820] device_add+0xef7/0x16f0 [ 430.354550] ? kobject_set_name_vargs+0x100/0x150 [ 430.359407] ? dev_set_name+0xad/0xe0 [ 430.363221] ? device_private_init+0x240/0x240 [ 430.367822] device_register+0x1d/0x20 [ 430.371721] tty_register_device_attr+0x35b/0x730 [ 430.376576] ? __init_waitqueue_head+0x9e/0x150 [ 430.381266] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 430.386134] ? trace_event_raw_event_module_request+0x340/0x340 [ 430.392213] ? kasan_check_write+0x14/0x20 [ 430.396467] ? tty_port_init+0x1a3/0x260 [ 430.400538] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 430.405552] tty_port_register_device+0x3d/0x50 [ 430.410213] rfcomm_dev_ioctl+0x1bba/0x2240 [ 430.414526] ? rfcomm_dev_state_change+0x150/0x150 [ 430.419449] ? __local_bh_enable_ip+0x161/0x230 [ 430.424110] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 430.429115] ? lock_sock_nested+0x9f/0x120 [ 430.433340] ? trace_hardirqs_on+0xd/0x10 [ 430.437474] ? __local_bh_enable_ip+0x161/0x230 [ 430.442148] rfcomm_sock_ioctl+0x89/0xb0 [ 430.446200] sock_do_ioctl+0xe4/0x3e0 [ 430.449989] ? compat_ifr_data_ioctl+0x170/0x170 [ 430.454755] ? lock_downgrade+0x8f0/0x8f0 [ 430.458914] ? kasan_check_read+0x11/0x20 [ 430.463045] ? rcu_is_watching+0x8c/0x150 [ 430.467178] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 430.471575] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 430.476753] sock_ioctl+0x30d/0x680 [ 430.480373] ? dlci_ioctl_set+0x40/0x40 [ 430.484340] ? match_held_lock+0x851/0x8d0 [ 430.488564] ? expand_files.part.8+0x9c0/0x9c0 [ 430.493139] ? kasan_check_write+0x14/0x20 [ 430.497375] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 430.502309] ? dlci_ioctl_set+0x40/0x40 [ 430.506271] do_vfs_ioctl+0x1de/0x1720 [ 430.510148] ? __lock_is_held+0xb5/0x140 [ 430.514199] ? ioctl_preallocate+0x300/0x300 [ 430.518606] ? __fget_light+0x2f7/0x440 [ 430.522571] ? fget_raw+0x20/0x20 [ 430.526023] ? __sb_end_write+0xac/0xe0 [ 430.529988] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 430.535515] ? fput+0x130/0x1a0 [ 430.538783] ? ksys_write+0x1ae/0x260 [ 430.542570] ? security_file_ioctl+0x94/0xc0 [ 430.546968] ksys_ioctl+0xa9/0xd0 [ 430.550408] __x64_sys_ioctl+0x73/0xb0 [ 430.554281] do_syscall_64+0x1b9/0x820 [ 430.558156] ? finish_task_switch+0x1d3/0x890 [ 430.562639] ? syscall_return_slowpath+0x5e0/0x5e0 [ 430.567569] ? syscall_return_slowpath+0x31d/0x5e0 [ 430.572500] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 430.577883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.582718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.587893] RIP: 0033:0x455a99 22:20:36 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\t', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 430.591077] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.610397] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 430.618103] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 430.625356] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 430.633643] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 430.640900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 430.648165] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000004 22:20:36 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x0, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x185a01, 0x0) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x18) r1 = syz_open_dev$amidi(&(0x7f0000000240)='/dev/amidi#\x00', 0x7, 0xb05) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000080)=@req) syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x6, 0x50200) ioctl$BLKROSET(r0, 0x125d, &(0x7f00000001c0)=0x101) 22:20:36 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time={0x77359400}}], 0x30) lsetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='user.syz\x00', &(0x7f00000001c0)="bf70726f6373656c696e757800", 0xd, 0x0) unlink(&(0x7f00003b3000)='./file0\x00') read(r1, &(0x7f0000000200)=""/236, 0xec) dup2(r1, r0) 22:20:36 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:36 executing program 5 (fault-call:1 fault-nth:5): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:36 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 430.900139] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 430.907442] FAT-fs (loop1): Filesystem has been set read-only 22:20:37 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:37 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 430.997243] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 431.004633] FAT-fs (loop1): Filesystem has been set read-only [ 431.048607] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:37 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) r1 = semget$private(0x0, 0x3, 0x40) stat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000000380)=0xc) getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)=0x0) semctl$IPC_SET(r1, 0x0, 0x1, &(0x7f0000000480)={{0x0, r2, r3, r4, r5, 0x2, 0x3}, 0x589, 0xfff, 0x80000001}) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000000)={'ipddp0\x00', {0x2, 0x4e22, @multicast2=0xe0000002}}) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020e0000050000000000000000000000030013000000000002000000e00000010000000000004000d4e11f5c87b490f470e168c5892cd76891f92e9d39a03300bfa90fec8f77741f8f2c344467fc931343e58e42d4fbeb468f901f95e149f55ad14f4f4fbb208f4531f1005e3ae5f1bdc2f5d7405cc8a4d34cd2ceaf3d4c5408d9fb1f6935441c64de73d8a98f24bc34fa60e06eb536885908821cef3b494f7d13244708d5d453c675be3670a1f47c1892836f15d7112a0024b424b7d47b124e75e994643f4eefcc2a1d33ad868c6ea8f1b22e09dcf1bff48ee02340836284ab4d8dc4a55c3368fc4d2e15eb1904fb0266d87c5260fb136b2edceaffdb3feb46f4227072e6b45c8361c7b272d0b32e5c8d3c023cc9ecc86ffd0907c9eab005503c387f3b7f2b17911f0c8030eea8e8ba2d8d8215a0244b80f9c36737a311"], 0x28}, 0x1}, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000080)={'syz_tun\x00', {0x2, 0x4e21, @rand_addr=0x8}}) 22:20:37 executing program 7: socketpair$unix(0x1, 0x4000000000000003, 0x0, &(0x7f0000044ff8)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000040)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r0, &(0x7f00003de000)=@file={0x1, './file0\x00'}, 0x6e) dup2(r1, r0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) [ 431.151393] FAULT_INJECTION: forcing a failure. [ 431.151393] name failslab, interval 1, probability 0, space 0, times 0 [ 431.162902] CPU: 0 PID: 21442 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 431.170272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.179642] Call Trace: [ 431.182249] dump_stack+0x1c9/0x2b4 [ 431.185889] ? dump_stack_print_info.cold.2+0x52/0x52 [ 431.191091] ? print_usage_bug+0xc0/0xc0 [ 431.195163] ? retint_kernel+0x10/0x10 [ 431.199066] should_fail.cold.4+0xa/0x1a [ 431.203137] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 431.208254] ? graph_lock+0x170/0x170 [ 431.212077] ? find_held_lock+0x36/0x1c0 [ 431.216158] ? __lock_is_held+0xb5/0x140 [ 431.220250] ? check_same_owner+0x340/0x340 [ 431.224591] ? __lock_acquire+0x7fc/0x5020 [ 431.228837] ? rcu_note_context_switch+0x730/0x730 [ 431.233760] __should_failslab+0x124/0x180 [ 431.237984] should_failslab+0x9/0x14 [ 431.241846] __kmalloc_track_caller+0x2c4/0x760 [ 431.246509] ? trace_hardirqs_on+0x10/0x10 [ 431.250737] ? kasan_check_write+0x14/0x20 [ 431.254986] ? __mutex_lock+0x7e8/0x1820 [ 431.259048] ? kstrdup_const+0x66/0x80 [ 431.262927] kstrdup+0x39/0x70 [ 431.266114] kstrdup_const+0x66/0x80 [ 431.269832] __kernfs_new_node+0xb0/0x5a0 [ 431.273990] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 431.278747] ? lock_downgrade+0x8f0/0x8f0 [ 431.282893] kernfs_new_node+0x80/0xf0 [ 431.286771] kernfs_create_dir_ns+0x3d/0x140 [ 431.291170] sysfs_create_dir_ns+0xbe/0x1d0 [ 431.295497] kobject_add_internal+0x35c/0xad0 [ 431.299996] ? kobj_ns_type_registered+0x60/0x60 [ 431.304749] ? lock_downgrade+0x8f0/0x8f0 [ 431.308890] ? refcount_add_not_zero+0x330/0x330 [ 431.313665] ? kasan_check_read+0x11/0x20 [ 431.317815] kobject_add+0x13f/0x1b0 [ 431.321522] ? kset_create_and_add+0x190/0x190 [ 431.326101] ? mutex_unlock+0xd/0x10 [ 431.329821] device_add+0x3c4/0x16f0 [ 431.333524] ? kobject_set_name_vargs+0x100/0x150 [ 431.338363] ? device_private_init+0x240/0x240 [ 431.342955] device_register+0x1d/0x20 [ 431.346832] tty_register_device_attr+0x35b/0x730 [ 431.351663] ? __init_waitqueue_head+0x9e/0x150 [ 431.356324] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 431.361160] ? trace_event_raw_event_module_request+0x340/0x340 [ 431.367211] ? kasan_check_write+0x14/0x20 [ 431.371447] ? tty_port_init+0x1a3/0x260 [ 431.375496] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 431.380507] tty_port_register_device+0x3d/0x50 [ 431.385169] rfcomm_dev_ioctl+0x1bba/0x2240 [ 431.389497] ? rfcomm_dev_state_change+0x150/0x150 [ 431.394422] ? __local_bh_enable_ip+0x161/0x230 [ 431.399094] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 431.404097] ? lock_sock_nested+0x9f/0x120 [ 431.408319] ? trace_hardirqs_on+0xd/0x10 [ 431.412461] ? __local_bh_enable_ip+0x161/0x230 [ 431.417122] rfcomm_sock_ioctl+0x89/0xb0 [ 431.421171] sock_do_ioctl+0xe4/0x3e0 [ 431.424969] ? compat_ifr_data_ioctl+0x170/0x170 [ 431.429724] ? lock_downgrade+0x8f0/0x8f0 [ 431.433878] ? kasan_check_read+0x11/0x20 [ 431.438034] ? rcu_is_watching+0x8c/0x150 [ 431.442173] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 431.446573] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 431.451752] sock_ioctl+0x30d/0x680 [ 431.455376] ? dlci_ioctl_set+0x40/0x40 [ 431.459341] ? match_held_lock+0x851/0x8d0 [ 431.463564] ? expand_files.part.8+0x9c0/0x9c0 [ 431.468134] ? kasan_check_write+0x14/0x20 [ 431.472357] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 431.477275] ? dlci_ioctl_set+0x40/0x40 [ 431.481238] do_vfs_ioctl+0x1de/0x1720 [ 431.485112] ? __lock_is_held+0xb5/0x140 [ 431.489161] ? ioctl_preallocate+0x300/0x300 [ 431.493552] ? __fget_light+0x2f7/0x440 [ 431.497512] ? fget_raw+0x20/0x20 [ 431.500966] ? __sb_end_write+0xac/0xe0 [ 431.504930] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.510466] ? fput+0x130/0x1a0 [ 431.513734] ? ksys_write+0x1ae/0x260 [ 431.517526] ? security_file_ioctl+0x94/0xc0 [ 431.521938] ksys_ioctl+0xa9/0xd0 [ 431.525380] __x64_sys_ioctl+0x73/0xb0 [ 431.529273] do_syscall_64+0x1b9/0x820 [ 431.533161] ? syscall_return_slowpath+0x5e0/0x5e0 [ 431.538081] ? syscall_return_slowpath+0x31d/0x5e0 [ 431.543036] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 431.548395] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.553230] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 431.558405] RIP: 0033:0x455a99 [ 431.561591] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 431.580830] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 431.588528] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 431.595783] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 22:20:37 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x3, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) listen(r0, 0x3ff) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b20000)={0x1, &(0x7f0000d39000)=[{0x6, 0x0, 0x0, 0x3}]}, 0x10) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1b}, 0xb) sendmmsg(r2, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f00007ed000)=[{&(0x7f0000000000)='u', 0x1}], 0x1, &(0x7f0000275000)}}], 0x1, 0x0) shutdown(r1, 0x1) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e23, @broadcast=0xffffffff}}, 0xf8, 0x9, 0x4, 0x7, 0x80}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000240)={r3, @in={{0x2, 0x4e22, @broadcast=0xffffffff}}, 0x9, 0x401}, &(0x7f00000000c0)=0x90) close(r2) 22:20:37 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:37 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65308c", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 431.603038] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 431.610296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 431.617551] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000005 [ 431.625291] kobject_add_internal failed for rfcomm10 (error: -12 parent: tty) 22:20:37 executing program 5 (fault-call:1 fault-nth:6): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:37 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:37 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x101002, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000380)=""/246) write$vnet(r0, &(0x7f0000000740)={0x2100, {&(0x7f0000000880)=""/173, 0xad, &(0x7f0000000940)=""/235}}, 0x68) 22:20:37 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 431.789076] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 431.796322] FAT-fs (loop1): Filesystem has been set read-only [ 431.823555] FAULT_INJECTION: forcing a failure. [ 431.823555] name failslab, interval 1, probability 0, space 0, times 0 [ 431.835310] CPU: 0 PID: 21469 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 431.836798] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 431.842695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.842703] Call Trace: [ 431.842727] dump_stack+0x1c9/0x2b4 [ 431.842745] ? dump_stack_print_info.cold.2+0x52/0x52 [ 431.842774] should_fail.cold.4+0xa/0x1a [ 431.842793] ? __kmalloc_track_caller+0x14a/0x760 [ 431.842812] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 431.850087] FAT-fs (loop1): Filesystem has been set read-only [ 431.859310] ? device_add+0x3c4/0x16f0 [ 431.859328] ? device_register+0x1d/0x20 [ 431.859342] ? tty_register_device_attr+0x35b/0x730 [ 431.859357] ? tty_port_register_device+0x3d/0x50 [ 431.859370] ? rfcomm_dev_ioctl+0x1bba/0x2240 [ 431.859389] ? rfcomm_sock_ioctl+0x89/0xb0 [ 431.917149] ? sock_do_ioctl+0xe4/0x3e0 [ 431.921126] ? graph_lock+0x170/0x170 [ 431.924920] ? do_syscall_64+0x1b9/0x820 [ 431.928974] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 431.934343] ? print_usage_bug+0xc0/0xc0 [ 431.938402] ? find_held_lock+0x36/0x1c0 [ 431.942466] ? __lock_is_held+0xb5/0x140 [ 431.946534] ? check_same_owner+0x340/0x340 [ 431.950856] ? rcu_note_context_switch+0x730/0x730 [ 431.955783] ? rcu_read_lock_sched_held+0x108/0x120 [ 431.960798] __should_failslab+0x124/0x180 [ 431.965034] should_failslab+0x9/0x14 [ 431.968829] kmem_cache_alloc+0x2af/0x760 [ 431.972968] ? memcpy+0x45/0x50 [ 431.976243] ? kstrdup+0x59/0x70 [ 431.979605] __kernfs_new_node+0xef/0x5a0 [ 431.983744] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 431.988498] ? lock_downgrade+0x8f0/0x8f0 [ 431.992643] kernfs_new_node+0x80/0xf0 [ 431.996526] kernfs_create_dir_ns+0x3d/0x140 [ 432.000929] sysfs_create_dir_ns+0xbe/0x1d0 [ 432.005253] kobject_add_internal+0x35c/0xad0 [ 432.009746] ? kobj_ns_type_registered+0x60/0x60 [ 432.014513] ? lock_downgrade+0x8f0/0x8f0 [ 432.018653] ? refcount_add_not_zero+0x330/0x330 [ 432.023416] ? kasan_check_read+0x11/0x20 [ 432.027567] kobject_add+0x13f/0x1b0 [ 432.031272] ? kset_create_and_add+0x190/0x190 [ 432.035858] ? mutex_unlock+0xd/0x10 [ 432.039565] device_add+0x3c4/0x16f0 [ 432.043269] ? kobject_set_name_vargs+0x100/0x150 [ 432.048107] ? device_private_init+0x240/0x240 [ 432.052688] device_register+0x1d/0x20 [ 432.056578] tty_register_device_attr+0x35b/0x730 [ 432.061423] ? __init_waitqueue_head+0x9e/0x150 [ 432.066088] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 432.070925] ? trace_event_raw_event_module_request+0x340/0x340 [ 432.076975] ? kasan_check_write+0x14/0x20 [ 432.081199] ? tty_port_init+0x1a3/0x260 [ 432.085257] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 432.090353] tty_port_register_device+0x3d/0x50 [ 432.095019] rfcomm_dev_ioctl+0x1bba/0x2240 [ 432.099356] ? rfcomm_dev_state_change+0x150/0x150 [ 432.104287] ? __local_bh_enable_ip+0x161/0x230 [ 432.108950] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 432.113953] ? lock_sock_nested+0x9f/0x120 [ 432.118178] ? trace_hardirqs_on+0xd/0x10 [ 432.122314] ? __local_bh_enable_ip+0x161/0x230 [ 432.126976] rfcomm_sock_ioctl+0x89/0xb0 [ 432.131036] sock_do_ioctl+0xe4/0x3e0 [ 432.134831] ? compat_ifr_data_ioctl+0x170/0x170 [ 432.139594] ? lock_downgrade+0x8f0/0x8f0 [ 432.143737] ? kasan_check_read+0x11/0x20 [ 432.147873] ? rcu_is_watching+0x8c/0x150 [ 432.152042] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 432.156708] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 432.161890] sock_ioctl+0x30d/0x680 [ 432.165510] ? dlci_ioctl_set+0x40/0x40 [ 432.169475] ? match_held_lock+0x851/0x8d0 [ 432.173717] ? expand_files.part.8+0x9c0/0x9c0 [ 432.178289] ? kasan_check_write+0x14/0x20 [ 432.182525] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 432.187447] ? dlci_ioctl_set+0x40/0x40 [ 432.191412] do_vfs_ioctl+0x1de/0x1720 [ 432.195291] ? __lock_is_held+0xb5/0x140 [ 432.199341] ? ioctl_preallocate+0x300/0x300 [ 432.203737] ? __fget_light+0x2f7/0x440 [ 432.207701] ? fget_raw+0x20/0x20 [ 432.211147] ? __sb_end_write+0xac/0xe0 [ 432.215113] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 432.220640] ? fput+0x130/0x1a0 [ 432.223924] ? ksys_write+0x1ae/0x260 [ 432.227719] ? security_file_ioctl+0x94/0xc0 [ 432.232123] ksys_ioctl+0xa9/0xd0 [ 432.235570] __x64_sys_ioctl+0x73/0xb0 [ 432.239449] do_syscall_64+0x1b9/0x820 [ 432.243328] ? syscall_slow_exit_work+0x500/0x500 [ 432.248177] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.253100] ? syscall_return_slowpath+0x31d/0x5e0 [ 432.258033] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 432.263392] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.268234] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 432.273424] RIP: 0033:0x455a99 [ 432.276596] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 432.295937] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 432.303638] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 432.310895] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 432.318152] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 432.325421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 432.332676] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000006 22:20:38 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0x40, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="eb2c906d6b66732e666174000404010a02000274f1f8ec0d3cc884c53758290be610c21f2dfd", 0x26}], 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="9dd09790adfbcd14278bb6c7d28101bf2ee5d2bb8db9d7f87e21dd70173d47a30919a285afe0dbeee5129e2bc0822d7590a5e46f895bb52981518a1cc1b3a8352e52ff9bf4a5184fc8e8008bc244c1585919cf4f9dac41b469cae3d0016e58ea18d8152836b81e878f6f490282c1f3c273988da86591ea08b9908568d643232178bcbb7bb6e1a63f37720a1dcabdeb79b0aaac75a793d880e2fb5c7e177b9975964a11221381f2884749850a5d3b1ad527fd38886ba2c21c8277f11d999904b6df4bdf179a8e05eebfb15770c79feb35e75e5819f9d9c8eb856b0a"]) [ 432.340129] kobject_add_internal failed for rfcomm10 (error: -12 parent: tty) [ 432.351704] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:38 executing program 5 (fault-call:1 fault-nth:7): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:38 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:38 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:38 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4032, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}, {[@timestamp={0x4, 0x40, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2=0xe0000002]}, {[@multicast1=0xe0000001]}, {}, {[@loopback=0x7f000001]}, {[@broadcast=0xffffffff]}, {[@multicast1=0xe0000001]}, {[@dev={0xac, 0x14, 0x14}]}]}]}}}}}}}, &(0x7f0000000000)) r1 = fcntl$getown(r0, 0x9) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x6f0, 0x9, 0x9, 0x5, 0x0, 0xb7, 0xa0900, 0x3, 0xfffffffffffffffd, 0x0, 0x7fff, 0x3, 0x100000001, 0xffffffffffffff80, 0x6, 0x10001, 0xe9, 0xfff, 0x100000001, 0x7fffffff, 0xeadf, 0x2, 0x8, 0x9, 0x6a6, 0x80000000, 0x0, 0x0, 0xb17, 0x3, 0x6, 0xb7, 0x1f, 0x3, 0x81, 0x100000001, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000040), 0x3}, 0x1000, 0x0, 0x83, 0x7, 0xf313, 0x8000, 0xff}, r1, 0x10, r0, 0x1) 22:20:38 executing program 4: mkdir(&(0x7f0000000200)='./file0\x00', 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_fuse_mount(&(0x7f00000000c0)='./file0\x00', 0x4000, r1, r2, 0x3, 0x1002) r4 = syz_fuse_mount(&(0x7f0000000040)='./file0/file0\x00', 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000180)={{0xa, 0x4e21, 0x6, @remote={0xfe, 0x80, [], 0xbb}, 0x7fff}, {0xa, 0x4e20, 0x38be14a4, @dev={0xfe, 0x80, [], 0x10}, 0x7}, 0x100, [0x2, 0x4, 0x9, 0x0, 0x188, 0xff, 0x0, 0xb6f00000000000]}, 0xfffffe8a) ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f0000000000)=r3) dup2(r0, r3) [ 432.500774] FAT-fs (loop3): Unrecognized mount option "З­ûÍ'‹¶ÇÒ¿.åÒ»¹×ø~!Ýp=G£ ¢…¯àÛîåž+À‚-u¥äo‰[µ)QŠÁ³¨5.Rÿ›ô¥OÈè" or missing value 22:20:38 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 432.551372] FAT-fs (loop3): Unrecognized mount option "З­ûÍ'‹¶ÇÒ¿.åÒ»¹×ø~!Ýp=G£ ¢…¯àÛîåž+À‚-u¥äo‰[µ)QŠÁ³¨5.Rÿ›ô¥OÈè" or missing value [ 432.584293] FAULT_INJECTION: forcing a failure. [ 432.584293] name failslab, interval 1, probability 0, space 0, times 0 [ 432.595803] CPU: 1 PID: 21495 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 432.603177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.612543] Call Trace: [ 432.615157] dump_stack+0x1c9/0x2b4 [ 432.618810] ? dump_stack_print_info.cold.2+0x52/0x52 [ 432.624047] ? __lock_acquire+0x7fc/0x5020 [ 432.628308] should_fail.cold.4+0xa/0x1a [ 432.633162] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 432.638290] ? trace_hardirqs_on+0x10/0x10 [ 432.642560] ? graph_lock+0x170/0x170 [ 432.646380] ? kasan_check_write+0x14/0x20 22:20:38 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 432.650636] ? find_held_lock+0x36/0x1c0 [ 432.654729] ? __lock_is_held+0xb5/0x140 [ 432.658840] ? check_same_owner+0x340/0x340 [ 432.663172] ? rcu_note_context_switch+0x730/0x730 [ 432.668129] __should_failslab+0x124/0x180 [ 432.672392] should_failslab+0x9/0x14 [ 432.676218] kmem_cache_alloc+0x2af/0x760 [ 432.680391] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 432.685923] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 432.685939] FAT-fs (loop1): Filesystem has been set read-only [ 432.693038] ? graph_lock+0x170/0x170 [ 432.693061] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 432.693082] __kernfs_new_node+0xef/0x5a0 [ 432.693103] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 432.693121] ? find_held_lock+0x36/0x1c0 [ 432.693146] ? lock_downgrade+0x8f0/0x8f0 [ 432.693171] kernfs_new_node+0x80/0xf0 [ 432.702229] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 432.702870] __kernfs_create_file+0x4d/0x330 [ 432.702891] sysfs_add_file_mode_ns+0x21a/0x560 [ 432.702908] sysfs_create_file_ns+0x8b/0xb0 [ 432.702929] device_create_file+0xf4/0x1e0 [ 432.707953] FAT-fs (loop1): Filesystem has been set read-only [ 432.712065] ? acpi_bind_one+0x8f0/0x8f0 [ 432.712081] device_add+0x40b/0x16f0 [ 432.712098] ? kobject_set_name_vargs+0x100/0x150 [ 432.712116] ? device_private_init+0x240/0x240 [ 432.727827] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 432.728926] device_register+0x1d/0x20 [ 432.728946] tty_register_device_attr+0x35b/0x730 [ 432.728960] ? __init_waitqueue_head+0x9e/0x150 [ 432.728980] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 432.728997] ? trace_event_raw_event_module_request+0x340/0x340 [ 432.729019] ? kasan_check_write+0x14/0x20 [ 432.812200] ? tty_port_init+0x1a3/0x260 [ 432.816254] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 432.821264] tty_port_register_device+0x3d/0x50 [ 432.825923] rfcomm_dev_ioctl+0x1bba/0x2240 [ 432.830239] ? rfcomm_dev_state_change+0x150/0x150 [ 432.835169] ? __local_bh_enable_ip+0x161/0x230 [ 432.839830] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 432.844833] ? lock_sock_nested+0x9f/0x120 [ 432.849057] ? trace_hardirqs_on+0xd/0x10 [ 432.853193] ? __local_bh_enable_ip+0x161/0x230 [ 432.857855] rfcomm_sock_ioctl+0x89/0xb0 [ 432.861908] sock_do_ioctl+0xe4/0x3e0 [ 432.865715] ? compat_ifr_data_ioctl+0x170/0x170 [ 432.870463] ? lock_downgrade+0x8f0/0x8f0 [ 432.874607] ? kasan_check_read+0x11/0x20 [ 432.878746] ? rcu_is_watching+0x8c/0x150 [ 432.882882] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 432.887283] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 432.892465] sock_ioctl+0x30d/0x680 [ 432.896093] ? dlci_ioctl_set+0x40/0x40 [ 432.900060] ? match_held_lock+0x851/0x8d0 [ 432.904287] ? expand_files.part.8+0x9c0/0x9c0 [ 432.908861] ? kasan_check_write+0x14/0x20 [ 432.913086] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 432.918012] ? dlci_ioctl_set+0x40/0x40 [ 432.921979] do_vfs_ioctl+0x1de/0x1720 [ 432.925863] ? __lock_is_held+0xb5/0x140 [ 432.929917] ? ioctl_preallocate+0x300/0x300 [ 432.934311] ? __fget_light+0x2f7/0x440 [ 432.938274] ? fget_raw+0x20/0x20 [ 432.941738] ? __sb_end_write+0xac/0xe0 [ 432.945706] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 432.951229] ? fput+0x130/0x1a0 [ 432.954497] ? ksys_write+0x1ae/0x260 [ 432.958288] ? security_file_ioctl+0x94/0xc0 [ 432.962689] ksys_ioctl+0xa9/0xd0 [ 432.966132] __x64_sys_ioctl+0x73/0xb0 [ 432.970018] do_syscall_64+0x1b9/0x820 [ 432.973895] ? finish_task_switch+0x1d3/0x890 [ 432.978383] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.983302] ? syscall_return_slowpath+0x31d/0x5e0 [ 432.988226] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 432.993691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.998529] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 433.003719] RIP: 0033:0x455a99 [ 433.006891] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 433.026236] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 433.033935] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 433.041205] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 433.048476] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 433.055734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 433.062990] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000007 22:20:39 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x6, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000280)={0x747, 0xff, 0x2, 0x100, 0x5, 0x5, 0x80000000, 0xedee, 0xfd, 0x4}) flock(r0, 0x8) r2 = getpgrp(0xffffffffffffffff) get_robust_list(r2, &(0x7f00000000c0)=&(0x7f0000000080)={&(0x7f0000000040)}, &(0x7f0000000100)=0x18) r3 = syz_open_procfs(0x0, &(0x7f0000000380)='attr/sockcreate\x00') preadv(r3, &(0x7f0000000240)=[{&(0x7f00000003c0)=""/4096, 0x8df}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000140)={0x81, 0x5, 0x4, 0x8}, 0x8) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x1, 0x2000) 22:20:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530fe", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:39 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000100)="c30ca49d0e3c011ce4dff2c99a37c07fa6df3994683d4157e2dc8f508038cb703ab753a88069d193a21a4e65256d4d7a528723f06a1747ecb39afe11f5a1112b4d3c7dc08d77dd31987201dcae93186983cbc8dd76bedd381fd4e566858fbd2f7db35374192bb67e6b2eced93d99413d482fe652a3afeb2b1a8829820cdf81033118e8b30772e3bbba64273d", 0x8c, 0xfffffffffffffff8) fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000080)='.\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) keyctl$chown(0x4, r1, r2, r3) 22:20:39 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x20008800, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000000000)='\t', 0x1, 0x8040, &(0x7f0000000040)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) recvmsg(r0, &(0x7f0000001ac0)={&(0x7f0000000280)=@nfc_llcp, 0x80, &(0x7f0000001940), 0x0, &(0x7f00000019c0)=""/244, 0xf4}, 0x0) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000100)=0x0) ptrace$getenv(0x4201, r1, 0x81, &(0x7f0000000180)) sendto$inet(r0, &(0x7f0000000180), 0xff9c, 0x0, &(0x7f0000000140)={0x2, 0x0, @multicast1=0xe0000001}, 0x10) 22:20:39 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:39 executing program 5 (fault-call:1 fault-nth:8): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:39 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530ff", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 433.313869] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 433.321146] FAT-fs (loop1): Filesystem has been set read-only [ 433.368253] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 433.375576] FAT-fs (loop1): Filesystem has been set read-only [ 433.398380] FAULT_INJECTION: forcing a failure. [ 433.398380] name failslab, interval 1, probability 0, space 0, times 0 [ 433.409795] CPU: 1 PID: 21553 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 433.417175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.426543] Call Trace: [ 433.429147] dump_stack+0x1c9/0x2b4 [ 433.432797] ? dump_stack_print_info.cold.2+0x52/0x52 [ 433.438019] should_fail.cold.4+0xa/0x1a [ 433.442103] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 433.447214] ? graph_lock+0x170/0x170 [ 433.451006] ? trace_hardirqs_on+0x10/0x10 [ 433.455275] ? find_held_lock+0x36/0x1c0 [ 433.459346] ? find_held_lock+0x36/0x1c0 [ 433.463406] ? __lock_is_held+0xb5/0x140 [ 433.467484] ? check_same_owner+0x340/0x340 [ 433.471798] ? graph_lock+0x170/0x170 [ 433.475593] ? rcu_note_context_switch+0x730/0x730 [ 433.480517] ? kasan_check_write+0x14/0x20 [ 433.484747] __should_failslab+0x124/0x180 [ 433.488979] should_failslab+0x9/0x14 [ 433.492771] kmem_cache_alloc+0x2af/0x760 [ 433.496917] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 433.501927] __kernfs_new_node+0xef/0x5a0 [ 433.506069] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 433.510821] ? lock_downgrade+0x8f0/0x8f0 [ 433.514963] ? kasan_check_read+0x11/0x20 [ 433.519103] ? do_raw_spin_unlock+0xa7/0x2f0 [ 433.523505] kernfs_new_node+0x80/0xf0 [ 433.527385] kernfs_create_link+0x33/0x180 [ 433.531630] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 433.536901] sysfs_create_link+0x65/0xc0 [ 433.541130] device_add+0x4a1/0x16f0 [ 433.544835] ? kobject_set_name_vargs+0x100/0x150 [ 433.549670] ? device_private_init+0x240/0x240 [ 433.554249] device_register+0x1d/0x20 [ 433.558129] tty_register_device_attr+0x35b/0x730 [ 433.562975] ? __init_waitqueue_head+0x9e/0x150 [ 433.567647] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 433.572495] ? trace_event_raw_event_module_request+0x340/0x340 [ 433.578552] ? kasan_check_write+0x14/0x20 [ 433.582780] ? tty_port_init+0x1a3/0x260 [ 433.586831] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 433.591854] tty_port_register_device+0x3d/0x50 [ 433.596517] rfcomm_dev_ioctl+0x1bba/0x2240 [ 433.600836] ? rfcomm_dev_state_change+0x150/0x150 [ 433.605768] ? __local_bh_enable_ip+0x161/0x230 [ 433.610429] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 433.615451] ? lock_sock_nested+0x9f/0x120 [ 433.619692] ? trace_hardirqs_on+0xd/0x10 [ 433.623844] ? __local_bh_enable_ip+0x161/0x230 [ 433.628511] rfcomm_sock_ioctl+0x89/0xb0 [ 433.632567] sock_do_ioctl+0xe4/0x3e0 [ 433.636362] ? compat_ifr_data_ioctl+0x170/0x170 [ 433.641133] ? lock_downgrade+0x8f0/0x8f0 [ 433.645280] ? rcu_is_watching+0x8c/0x150 [ 433.649417] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 433.653835] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 433.659036] sock_ioctl+0x30d/0x680 [ 433.662659] ? dlci_ioctl_set+0x40/0x40 [ 433.666626] ? match_held_lock+0x851/0x8d0 [ 433.670875] ? expand_files.part.8+0x9c0/0x9c0 [ 433.675450] ? kasan_check_write+0x14/0x20 [ 433.679676] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 433.684605] ? dlci_ioctl_set+0x40/0x40 [ 433.688585] do_vfs_ioctl+0x1de/0x1720 [ 433.692483] ? ioctl_preallocate+0x300/0x300 [ 433.696881] ? __fget_light+0x2f7/0x440 [ 433.700846] ? fget_raw+0x20/0x20 [ 433.704292] ? __sb_end_write+0xac/0xe0 [ 433.708258] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 433.713784] ? fput+0x130/0x1a0 [ 433.717054] ? ksys_write+0x1ae/0x260 [ 433.720853] ? security_file_ioctl+0x94/0xc0 [ 433.725255] ksys_ioctl+0xa9/0xd0 [ 433.728703] __x64_sys_ioctl+0x73/0xb0 [ 433.732588] do_syscall_64+0x1b9/0x820 [ 433.736470] ? syscall_return_slowpath+0x5e0/0x5e0 [ 433.741395] ? syscall_return_slowpath+0x31d/0x5e0 [ 433.746327] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 433.751691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.756541] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 433.761730] RIP: 0033:0x455a99 [ 433.764906] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 433.784262] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 433.791966] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 433.799222] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 433.806479] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 22:20:39 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000180), 0x4) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x9, 0x0) openat$cgroup_int(r1, &(0x7f0000000040)='cpuset.mem_exclusive\x00', 0x2, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x3, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) listen(r1, 0x6) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r2, &(0x7f0000000140)="d9", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x3, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) r3 = accept4(r0, &(0x7f00000000c0)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000f5effc)=0x80, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}}, &(0x7f0000000300)=0xb0) 22:20:39 executing program 7: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000380)=0x200000000) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000300)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) close(r1) syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x4000, 0x0) ioctl$SCSI_IOCTL_SYNC(r2, 0x4) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)={0x0, r1}) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000080)={0x0, r1}) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000100)={0x0, 0x70, "d6c6c8d0cc294f322eb2173f4ccea567679076cf446dd9cbe74403d5a2734ccd34f62ee54ca25152e8e5ebc9a98c58c5bc2937bc69161b5971bd865cdd4b37ecd50b47de8a83937c254c68943784d974000546542826404f81034c9bbe22d0eefe0673291e1348436ff586a2d673a6fe"}, &(0x7f0000000040)=0x78) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f00000001c0)={r3, 0xc090}, 0x8) close(r0) 22:20:39 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0xff, 0x20001, 0x2}, 0x2c) ioctl(r0, 0x0, &(0x7f00000001c0)="e0f54a4299e552181edce3f494eb29613ea50860b6d0cf081d20b899772df6abc0b6215bbe30d9e232b99e59c700f0a2665ce7097eeb30088df108768c4bea8de503461899501f30310ac3fb679168db50736e33c2eb9ce00b159257237363ebac950f64844cef748ac463c5c316bd719eee3a3b342feaaba3967ae8d25333692d14cd9efefc45bf2386ce95a0cb7050c2124fb87258b85880f653d405cb3cfa601fc385fe6f8ec0334611d3a7c9b74f5396459d241d49a814738e544440fed1bc14872181ecc162a30623fcc9ba4cc5ea35671c66efc1173786a8532a19efbb0d65e6ff097f08724dc76ecb303599137be3e0aa659277637e59d27da743ae979b7f8325478d104dae5950d91455e4bc00895bdb2ca29ee39d87b32717b663e51cb95be907f50841133aea7585f1dea057365eb4333e12d53eb1d119f23d963ab3886f68fb0633798d984f44916172e7c66d6fe9dab5d397224ea45dff1e71b4ba680dfd39b0aa4e387cdd3143595bc243c58ee92d70d25a7f94939665474eed3979bc67ce537ba152f9de472a1a38488e8b39f847396774859e1a903d3f6b16fd637cf9413457ef5169623cdc343a62c1eecc15c0e0c866137eb4993351d33eae351042068bd4eff714fa61f11cfc7563f80c25a121ab44528e9d904138c296a09e6d35d120b15d7e0d8e5ff254e27ed2989641663efb87b19f6e78549ab774cb5f300475ecc97ada96556f715f5e3d6fdc2681019791ebb029f59495335bab9ac13b211bf34f08c93d0896e780c42cd776aa8a29904245ed99a9c8b57e9d71e355593bc3ccda9ba64d002bafb1c2ee8720b175e9da6b8947a5b8e1b5b6d453dd10b009ce2ccdf174064338482980b059c2c8c3ce08b9c76ff016555f39041b7965214d19075204141ded5a9656e9b44a20823b53ff5b09935b706b9214a81d4cd4a3d349676a987f49998222a61abc896c963ee4de156305e4c186af4020e6f7d1525161af55532a764378b0f0c2722ce9714571f036778572fdccb424852a8930960b22e7e1ceca21233d5bb18985a9ef57df8d89793153d1e1942b2f4e439e951d94b0f4fe2fcdc27316420ce90a0a10fd5421be95deee68eb99b06f301a51f7fea76dc3fa34f1d426be4ee2f945e001dea111dc0b878e719133b0d63cd292bd75b30932038f0d5b64dafd4f921954c300bfcd3b3059f479caa86f5d495d6d0a46f802f9271ae3977ecc369a73d4dd38ecdcab6c0f6b78272e5aefac0f9c69b4acd0b9d649cc015a669b463dda5c51d719558b2cdc91b5e637e0972d919d3cb9897e418679e8a1e2a002cd05fc6e8bbbbe7d891cfe8de724a699a1945bd5249769d0ef8e2c4ddfe21504df0b0264ac86ba80c13409d5e8bd0da9bffedefcebe8503f98ed91897164b927e7ed6c14b5c329de44895c666ce5b1617dc7c887e925e99813e578cb9bb60dbec9659110326aaadd75795a11ad825ca667154a983f1b5303dff5ad8cf2e8cadcb6ace494135d1d9fc918074cc38e6467f7117899e44d37afc2c23989941dd1838792550e6a28fedbf105b9b52e7bd4b975b4c35d7984c775ab97b50aef4ae93c08cd9ab939938b479093e4d844d92c140091450d96185a07cffb74d9a981be15dbb3d9e613133fd561fb1c3766ab221c1ae4aebdb2ab13dd2166c883deb611e6915a1b18bdee2e7358ad10c08e59c455b9a158d97f3bc48caa570e72942a5defc22144b497ed5b37d8a8569b3ef637743ee3277bc9cdd3d48714391df2d518a400a9b2281c6d24a43ef3f625e5e2cf4b3c8f0bb9e958967245af21dbaf0667d408988452f38064cd7628497daf5d3cbdfee94b89e184bc0c8ccbcd8588f1fa0c962a887681b160c5f3166d33fef0b57e003bd66ec4aa683f86abe7d26de7ccc019819721893b2dc4393bf38d5b76b2fcb2d6d6f4a387bcafd0ef348777a29116c55ebfce6e77d8e9344075a473dae499ab38e8ecb0373bf90b8ac8d6ac6a987bf6fad7250f75ba6be4da83034b3ab46eec17856ba488c64907648a2992ca86206bacfd0381b26ae01852bfbcfda95e8144dab8882303e6306c80c8f4570c26faef2c7636126b1870f9bac2869ac2854c9bd1beae6943be140e227557f5a4927eb219407853e3225f0063a5ee0429b6b0d19146efe1a6ec652ab7dc970785e59c5038fe9674a7d61f8e443c09ff569f0969636da8e95c50535ca2762960c5621cc9014df7109b047e4096a0b542959bba0a7526735fd2f0f9b285a0df97b8189d6b6c4f8c31ee88adc8e21154b71f484987e208814673d341aab2078f4368357b6144e6085f4e6532292b01e209d448f82c0ff7ffe9c17bb8dee1cd688d3db69a4690cdfb49ced7051212d78c6411d28f8c6e94bb7346257c2d1e6418211cbd3b014225f093a264b84ec019b9a46683fbd42f09778849281678ce5daf07e6e5664ede93f21caf4b77c451580ccd8421278c35390c4e6c73e86c6e936b0859d7600074b8d1c1a8191f102a59db0318c1ac6260d6f22466c044c6c8e784a51510470beca904dd101944133b786af1cbdb9e3ea9127dd2393481769db7d0335c45622aad170596449428fcb23eb41f9839a0fff07c16c5e4708c9279b4938b5b399b64bc9d43e183762feca9ab86c16703542d772638e5c860ce5ceabec15a1ff451e10b34fc01ab404a69f430b6ec80263465adcec78d1b5bf1fef6b089d304e0df22b48678b04a876ecf4c15cb5842bbb7d61dff92a6b10d5eb0f9e5457330d1ec1124901ef6a00b5eb821abbf8ed3197011d736c977505234a78348915b357c495a94fe77ee61325c56ed72d08aeb80919f37ca442a58a856028d27057765ff1722635a488108d757c3ef71dfa5bcc8c47785df5c5a88f120849a53eba68a382c59606458a58f47d8978585e42d04965422c375cd07c44186c4db2fd07718c6cbcab4df24e9eaaa2d3b39235292b8a9e033e95b81485559a24a710a3459b116ebb93f69cff9e84471ef3868b8bd410b0a2cabab7fe9cde9a1e7c940b30ba603548c2b0d9ae0bce7ef1398f3be18fa285db44fb41e5952fe9dede01d907b4e9cef35b2a5df6392999b889eabf31f6ebeea544927e64aa1433af4702bad8470e0272426a930802f5ed640c24e9c65bc7a58ce19a6d791cae1b510bfb0ef28c34f7bb5f8df9517dd837c60a8665165a42ea8595193e839691a113e2355ff0e4086c7226c331412015dbb69da198c164af58b86b61fcd8fa6850575270793fb63f8c9079d7673ffbe4040e19e54f85229850d5c63d7eca1cda5bfa6f4358dcb126be533b6b6927c533b06d71de7fc549840530004c12e915cd3169bcfa52cab6a18a955ecba1d29627469cca44d0e4c1a5e784c90328d35ba2c0a3ad7bc0ecdcd8917f7d6af89900311fcdc5f34327fe74542fe9ea9e0d4143d5e8ccb69271b5e5c530bcc544b63ed7bfb4f2b943c28b5ef9cdfb1c96ac3d31e2c153c32364e580923a7f28c096ac1d030e39ff6ed1487c50d9e4a5f8ff8e0fdbbc1ff84a8bc590d5c640316a782d1144ba941769d6f4ff7b42883bf6db172ce8172103239564683515ddfca4432c0d8e95e54efae42caf85ce521ffd9c61f5f0eb54f1f8cbde83706b016d5156e9a053d2621e7966615d40aa13d66edc351f3e8c42930af2ecf72e0a15adbc64ed42afcac19c5bf784ca40b1dfdfae0ea25aa3e93ff225f6253b062b75b4d423668b396050dae4ae8732f902f344814a61b82f8042090f3988447b7d9b1e9d71d7d92c390c0bbea126422abda6da3b74dd189d6d70c30ab4a45b20ff6dec392cb7e417998b01dfbdfc43e903c664d9da0bc90c66c5a5feeee3ea1a9dc4981c35208450e657ef4f0785a6336ce537176d65362b8f92452029317dc5139ace53f4be0d01153b5bd9da2e4b7c2ab18216ffa816f012bc7d1f2ec0c3f2d67ce6223ff4b0e57201e0351a81530d89b84c615e576facd598901731f22f21c828f527f0825f6a0d103ec85493740051f56ee66df4f5016fdd7100f59b690890281d37eca46ce53912b7b96535c78cb313542152f68e6681f0218d300ff13c67850120de248e01418ac8b39a957df3719d628dce9bb6e29bd0da0aaaee13d362da5a847d3e75c64965818e21d1e91a41bb09e8aa5c23c39b8c54d86fc7d4a556290ff200a88d761f3bf0884448b98b314b70c54ef9e95dd483ddcc866f86d947cf68477ff15265c6aba68ab094cb7ee3a0ed6b77d7f127fe5228cc2bd01715b0c7ddc017ae8503e182d56d1e9d85adbf0e28db954883f5cdcbddcd9fbfe37c28f0064855c757cbe2dc004faa7dca81fdf303826f71d772493525551aab238d8ca288e30d6b6a6de6d4f7615fbe4309066e21e4a5f06e0b79f56aba8de5793a50936fe7038f49afa577475805e516bb90dc2ee85f199c74163c464d2dcd7aed5abfc7975d5085144bd0fb05b9df85bf9e77729d82c4257956337394821e05d8f4eeeec9677eff9954aa4a307c082ecde7394936b99c6d0218ec70746b290fe33fff677ec5fcfbee8537d85c5d3a18867525d71ea45b5c66b60161e6bd7f5ed500e61fa43bda2349aeaf788c53c95899dc9c40b2a92820d2a7dfaad00305104909f23e6f3341043a33fa00c9f27dfad4cc8b03529d303bf284a48d9a1179ce850b9b37458389502d70cf9b8bc9d3a8e7429dc9e0442ec3be9188caff2384985856860f38b2e3c2bdda28843ceac0de8072c3c9e6584386ea002c0510a2dd836693d4b21692b2f17336c5df34e8d96193fbd2ba5f8f1a7f5c6c12866628c9d7fd2876fe6edd0fff1e86067150de70daf495a71115eebd0d5abcebe82cf7d8f14de883af632fd23e229984fbc837f61e67de63c55cbe6c706f76d5ab4fdbd510bee5f47125eb2671a614c0a5d5ba32a5c3068420ca6544638deeb6b5185c5e76700b7656a543326c9df17ec4fc8c2b62c0726373de4ff2bccf2a88aa236a679ccb742710cdf11efe7a48396ddca1ec2f520413dae8bb67049fc698c27091d71350fddc8d040b2ab65b3e853cc1e2cb04ffc08c60863f7cd734b15e9c21fb50bce0b6aad539e196849a5a38138b83ff037bf933e18700b41bc11ff2f4b00cf1d68f584093e194dd57687ce59923be387b3274bca0475f26b8cf3f04936ee4dc458a84022b0026e6e662286c5220e3e35bc5e03c096dd0a4824853ab5b8bfbf20e57a71e8a2e71592af43fa45d37eb4ae207ac0a7855638ddda827f44f89bda1307efb3e5ac8dc080c15d6be2db124f290a19b14ecc03f87aa97d25b1dc39325100072ce1b7e1afa68bf5ed9bc6ef7d20e04f77e13d97968abb2d16513470a820467bf612ceb5d4f8c016974b9262b99358404bd5dca6a5e210766b8bdc8f5a1cf5f417b8290d5a74599c7aee52faaaa5d9876d4eb215f57916c5c906bea3141a005d5e0309c5062c685d429daefeb53ea897d076d8e6212793c7a0518169094481d6e279324d814fe4fbb10cce73e07d6931a5ba32121d0dfdc1cfa7fba9d7ccd76cdbc0233d0bf44298eda906d429db388185de26f2efa9577eaf35b85b57c3ba24bef74cc51a3625c70d7e8365cda82712b6104d261f8332b2034c500056ea175ec5e210b086501147e073938532f352c51b58dd9e34b6478386d14567b0cefc9289983b9c03e96209e53bbec446e29b5a793d40a3b2855159b3706b447f91ff68896e133aba79b3547cd3d4b4d28f9e2cb74bdeb47cdaf02d714b484fb3c582b8875d338f0ebf435d80c9e67fbab64d5e36235f7e") 22:20:39 executing program 5 (fault-call:1 fault-nth:9): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 433.813741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 433.821021] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000008 22:20:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530f8", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:39 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 433.964479] FAULT_INJECTION: forcing a failure. [ 433.964479] name failslab, interval 1, probability 0, space 0, times 0 [ 433.975847] CPU: 1 PID: 21572 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 433.983221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.992592] Call Trace: [ 433.995202] dump_stack+0x1c9/0x2b4 [ 433.998858] ? dump_stack_print_info.cold.2+0x52/0x52 [ 434.004077] ? mutex_trylock+0x2b0/0x2b0 [ 434.008158] should_fail.cold.4+0xa/0x1a [ 434.012224] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 434.017333] ? graph_lock+0x170/0x170 [ 434.021132] ? trace_hardirqs_on+0x10/0x10 [ 434.025362] ? find_held_lock+0x36/0x1c0 [ 434.029413] ? find_held_lock+0x36/0x1c0 [ 434.033464] ? __lock_is_held+0xb5/0x140 [ 434.037519] ? check_same_owner+0x340/0x340 [ 434.041826] ? graph_lock+0x170/0x170 [ 434.045615] ? rcu_note_context_switch+0x730/0x730 [ 434.050544] ? kasan_check_write+0x14/0x20 [ 434.054802] __should_failslab+0x124/0x180 [ 434.059033] should_failslab+0x9/0x14 [ 434.062827] kmem_cache_alloc+0x2af/0x760 [ 434.066975] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 434.072072] __kernfs_new_node+0xef/0x5a0 [ 434.076235] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 434.080985] ? lock_downgrade+0x8f0/0x8f0 [ 434.085133] ? kasan_check_read+0x11/0x20 [ 434.089359] ? do_raw_spin_unlock+0xa7/0x2f0 [ 434.093760] kernfs_new_node+0x80/0xf0 [ 434.097641] kernfs_create_link+0x33/0x180 [ 434.101869] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 434.107138] sysfs_create_link+0x65/0xc0 [ 434.111194] device_add+0x4a1/0x16f0 [ 434.114901] ? kobject_set_name_vargs+0x100/0x150 [ 434.119741] ? device_private_init+0x240/0x240 [ 434.124316] device_register+0x1d/0x20 [ 434.128213] tty_register_device_attr+0x35b/0x730 [ 434.133046] ? __init_waitqueue_head+0x9e/0x150 [ 434.137706] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 434.142544] ? trace_event_raw_event_module_request+0x340/0x340 [ 434.148596] ? kasan_check_write+0x14/0x20 [ 434.152820] ? tty_port_init+0x1a3/0x260 [ 434.156869] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 434.161876] tty_port_register_device+0x3d/0x50 [ 434.166534] rfcomm_dev_ioctl+0x1bba/0x2240 [ 434.170856] ? rfcomm_dev_state_change+0x150/0x150 [ 434.175781] ? __local_bh_enable_ip+0x161/0x230 [ 434.180441] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 434.185460] ? lock_sock_nested+0x9f/0x120 [ 434.189694] ? trace_hardirqs_on+0xd/0x10 [ 434.193828] ? __local_bh_enable_ip+0x161/0x230 [ 434.198491] rfcomm_sock_ioctl+0x89/0xb0 [ 434.202545] sock_do_ioctl+0xe4/0x3e0 [ 434.206332] ? compat_ifr_data_ioctl+0x170/0x170 [ 434.211078] ? lock_downgrade+0x8f0/0x8f0 [ 434.215221] ? kasan_check_read+0x11/0x20 [ 434.219355] ? rcu_is_watching+0x8c/0x150 [ 434.223490] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 434.227890] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 434.233086] sock_ioctl+0x30d/0x680 [ 434.236703] ? dlci_ioctl_set+0x40/0x40 [ 434.240673] ? match_held_lock+0x851/0x8d0 [ 434.244899] ? expand_files.part.8+0x9c0/0x9c0 [ 434.249470] ? kasan_check_write+0x14/0x20 [ 434.253709] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 434.258658] ? dlci_ioctl_set+0x40/0x40 [ 434.262621] do_vfs_ioctl+0x1de/0x1720 [ 434.266494] ? __lock_is_held+0xb5/0x140 [ 434.270549] ? ioctl_preallocate+0x300/0x300 [ 434.274941] ? __fget_light+0x2f7/0x440 [ 434.278903] ? fget_raw+0x20/0x20 [ 434.282345] ? __sb_end_write+0xac/0xe0 [ 434.286312] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 434.291840] ? fput+0x130/0x1a0 [ 434.295106] ? ksys_write+0x1ae/0x260 [ 434.298900] ? security_file_ioctl+0x94/0xc0 [ 434.303299] ksys_ioctl+0xa9/0xd0 [ 434.306746] __x64_sys_ioctl+0x73/0xb0 [ 434.310642] do_syscall_64+0x1b9/0x820 [ 434.314519] ? finish_task_switch+0x1d3/0x890 [ 434.319004] ? syscall_return_slowpath+0x5e0/0x5e0 [ 434.323927] ? syscall_return_slowpath+0x31d/0x5e0 [ 434.328850] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 434.334206] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 434.339043] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 434.344221] RIP: 0033:0x455a99 22:20:40 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = memfd_create(&(0x7f00000000c0)="e3000000fb7945e6e3162ab7a309db8fc11273fd9d3a0d5ffaea55bc35ae0bf54e334119572aa8ea29df2591f26290316a41e9186016bf54b8259202a49e94330d5cad9a632164abb02c4714a1b106731aa627b7304799ac2c0d44447b28e6e166e4ef7ff84c07154d101e41212334a126ad247a7b75ae6b2971b7bca3af716ce547ba4bf49d04407820553c24dc8c5f7e38016922fd0e505a8311d60f6e39aeb737fa746e5d8849ac21df114ce914579e9d75c114d2566a3def8a42fd32f510863043828d41c46c249595fc9b", 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) fallocate(r2, 0x0, 0x0, 0x8) setsockopt$RDS_GET_MR(r2, 0x114, 0x2, &(0x7f0000000040)={{&(0x7f00000001c0)=""/4096, 0x1000}, &(0x7f0000000000), 0x50}, 0x20) lseek(r1, 0x0, 0x4) 22:20:40 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 434.347394] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 434.366648] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 434.374360] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 434.381618] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 434.388876] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 434.396131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 434.403400] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000009 22:20:40 executing program 4: mkdir(&(0x7f0000000440)='./file0\x00', 0x42) perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000a7dfff)}, 0xa00000400, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x8, 0x460000) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f00008deff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f0000000180)='./file0\x00', 0x1, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000280)="7c390a017e40f80f0da68c5bd38f62e5626bf0279ae102add0f44e1105af8670d9814e7eaca1a2063a1ab2d201cec113a67bba6f1b49d60c104aa1a015a5fa943fc51e5510e85790cf15b261f23a1aea2bd295b1be8dcbacc28c35ebca13f869492ef3f2a11a2ac873f63ffc6b4b2c28e82058f80f7de6609eacb2d3b19c633c9dba4bbae0238dd20bb4704d15a325d8979d99633e0ed090a6b88e5c9c72fa5278b6b664ae5236206ba25e07584a34168b8f7fb9eb5b6231cde69910402624896e7a75eec03b8001bd57741ce83159b6083be8eaf23903406b40c701ceee62eb2aea84c3f1db", 0xe6}, {&(0x7f0000000380)="d5e59a982c26202a932094ea3eb06db6e8220c73763c9acbafc4aab84027acc402bdfa27745c909b5377e70a0ea9cf631899f2261acfc5b1d3f9d5973aa97bdaa576c5297f27c180e4c49729ac0c57f68a680bded2404ba411d439bb4eb07e5e67bd", 0x62, 0x10001}], 0x20000, &(0x7f0000000400)=ANY=[@ANYBLOB='cache,\x00']) 22:20:40 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, &(0x7f0000000080)=0x9, 0x6, 0x1) ioctl(r0, 0x8912, &(0x7f0000000100)) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='veth0\x00', 0x59) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f0000000100)) fgetxattr(r1, &(0x7f0000000100)=@random={'trusted.', 'md5sumvboxnet1%\\eth1%\x00'}, &(0x7f0000000240)=""/4096, 0x1000) umount2(&(0x7f0000000200)='./file0\x00', 0x4) unshare(0x60000000) umount2(&(0x7f0000000040)='./file0\x00', 0x4) 22:20:40 executing program 5 (fault-call:1 fault-nth:10): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:40 executing program 7: r0 = socket(0x40000000015, 0x805, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8401810}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, r1, 0x500, 0x70bd2a, 0x25dfdbfd, {0x3}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2904}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7ff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x401}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x60}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0xffffffffffffffff}, 0x0) getsockopt(r0, 0x114, 0x2711, &(0x7f0000000400)=""/13, &(0x7f0000000200)=0x52) 22:20:40 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:40 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 434.568934] rpcbind: RPC call returned error 22 [ 434.571430] IPVS: ftp: loaded support on port[0] = 21 [ 434.607931] rpcbind: RPC call returned error 22 22:20:40 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000140)=""/93) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bond_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ea9b002901000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000008001a0004000200"], 0x28}, 0x1}, 0x0) [ 434.702789] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 434.710092] FAT-fs (loop1): Filesystem has been set read-only [ 434.722609] FAULT_INJECTION: forcing a failure. [ 434.722609] name failslab, interval 1, probability 0, space 0, times 0 [ 434.734138] CPU: 0 PID: 21612 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 434.741518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.750889] Call Trace: [ 434.753499] dump_stack+0x1c9/0x2b4 [ 434.757150] ? dump_stack_print_info.cold.2+0x52/0x52 [ 434.762365] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 434.767339] should_fail.cold.4+0xa/0x1a [ 434.771432] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 434.776560] ? device_register+0x1d/0x20 [ 434.780653] ? tty_register_device_attr+0x35b/0x730 [ 434.785698] ? tty_port_register_device+0x3d/0x50 [ 434.790563] ? rfcomm_dev_ioctl+0x1bba/0x2240 [ 434.795075] ? rfcomm_sock_ioctl+0x89/0xb0 22:20:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000011c0)="0047fc2f07d82c99240970") perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000040)={0x80c, 0xfffffffffffff2da, 0x1, 0x0, 0x3, [{0x500000000, 0x100000001, 0x3, 0x0, 0x0, 0x402}, {0x800, 0x3, 0xdb4, 0x0, 0x0, 0x800}, {0x1, 0x68, 0x6, 0x0, 0x0, 0x1}]}) prctl$intptr(0xa, 0x2) [ 434.800302] ? sock_do_ioctl+0xe4/0x3e0 [ 434.802691] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 434.804725] ? sock_ioctl+0x30d/0x680 [ 434.804750] ? graph_lock+0x170/0x170 [ 434.804770] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 434.804793] ? find_held_lock+0x36/0x1c0 [ 434.811976] FAT-fs (loop1): Filesystem has been set read-only [ 434.815711] ? __lock_is_held+0xb5/0x140 [ 434.815745] ? check_same_owner+0x340/0x340 [ 434.815765] ? rcu_note_context_switch+0x730/0x730 [ 434.848184] ? rcu_read_lock_sched_held+0x108/0x120 [ 434.853223] __should_failslab+0x124/0x180 [ 434.857480] should_failslab+0x9/0x14 [ 434.861300] kmem_cache_alloc+0x2af/0x760 [ 434.865468] ? memcpy+0x45/0x50 [ 434.868770] ? kstrdup+0x59/0x70 [ 434.872158] __kernfs_new_node+0xef/0x5a0 [ 434.876307] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 434.881065] ? lock_downgrade+0x8f0/0x8f0 [ 434.885211] ? kasan_check_read+0x11/0x20 [ 434.889352] ? do_raw_spin_unlock+0xa7/0x2f0 [ 434.893757] kernfs_new_node+0x80/0xf0 [ 434.897641] kernfs_create_link+0x33/0x180 [ 434.901892] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 434.907163] sysfs_create_link+0x65/0xc0 [ 434.911218] device_add+0x5c9/0x16f0 [ 434.914928] ? kobject_set_name_vargs+0x100/0x150 [ 434.919774] ? device_private_init+0x240/0x240 [ 434.924363] device_register+0x1d/0x20 [ 434.928252] tty_register_device_attr+0x35b/0x730 [ 434.933091] ? __init_waitqueue_head+0x9e/0x150 [ 434.937759] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 434.942608] ? trace_event_raw_event_module_request+0x340/0x340 [ 434.948663] ? kasan_check_write+0x14/0x20 [ 434.952890] ? tty_port_init+0x1a3/0x260 [ 434.956944] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 434.961959] tty_port_register_device+0x3d/0x50 [ 434.966631] rfcomm_dev_ioctl+0x1bba/0x2240 [ 434.970953] ? rfcomm_dev_state_change+0x150/0x150 [ 434.975888] ? __local_bh_enable_ip+0x161/0x230 [ 434.980564] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 434.985588] ? lock_sock_nested+0x9f/0x120 [ 434.989812] ? trace_hardirqs_on+0xd/0x10 [ 434.993964] ? __local_bh_enable_ip+0x161/0x230 [ 434.998638] rfcomm_sock_ioctl+0x89/0xb0 [ 435.002691] sock_do_ioctl+0xe4/0x3e0 [ 435.006487] ? compat_ifr_data_ioctl+0x170/0x170 [ 435.011235] ? lock_downgrade+0x8f0/0x8f0 [ 435.015381] ? kasan_check_read+0x11/0x20 [ 435.019517] ? rcu_is_watching+0x8c/0x150 [ 435.023654] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 435.028061] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 435.033245] sock_ioctl+0x30d/0x680 [ 435.036866] ? dlci_ioctl_set+0x40/0x40 [ 435.040833] ? match_held_lock+0x851/0x8d0 [ 435.045060] ? expand_files.part.8+0x9c0/0x9c0 [ 435.049636] ? kasan_check_write+0x14/0x20 [ 435.053879] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 435.058809] ? dlci_ioctl_set+0x40/0x40 [ 435.062775] do_vfs_ioctl+0x1de/0x1720 [ 435.066656] ? __lock_is_held+0xb5/0x140 [ 435.070711] ? ioctl_preallocate+0x300/0x300 [ 435.075115] ? __fget_light+0x2f7/0x440 [ 435.079095] ? fget_raw+0x20/0x20 [ 435.082545] ? __sb_end_write+0xac/0xe0 [ 435.086532] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 435.092061] ? fput+0x130/0x1a0 [ 435.095332] ? ksys_write+0x1ae/0x260 [ 435.099136] ? security_file_ioctl+0x94/0xc0 [ 435.103537] ksys_ioctl+0xa9/0xd0 [ 435.106988] __x64_sys_ioctl+0x73/0xb0 [ 435.110875] do_syscall_64+0x1b9/0x820 [ 435.114753] ? finish_task_switch+0x1d3/0x890 [ 435.119239] ? syscall_return_slowpath+0x5e0/0x5e0 [ 435.124177] ? syscall_return_slowpath+0x31d/0x5e0 [ 435.129107] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 435.134468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.139322] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.144500] RIP: 0033:0x455a99 [ 435.147676] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.167037] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 435.174741] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 435.181999] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 435.189262] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 435.196523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 22:20:41 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000240)="2981e1311f16f4776710701d2513a22a18432467c26beb9f2e7123cd324f096f586ff4bf5f527f817a889f5786afb53373e60962106858a9701f0adae810438f470ad914798bde072171d3342c5a112ca77b3db5cbc3046b1492dd2e8cc73319d709c93d1a7d186a10145ba826a333806be58f0c0781ec30769df4e65d0491a7995f248ac3f64c6f7b7541bbfc7339e44915") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x1, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047", 0x3b}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000000000ffffff7f000000000000000000000000000000000000000000"]) ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)=ANY=[]) r4 = memfd_create(&(0x7f0000000340)='/dev/input/mice\x00', 0x2) ioctl$VHOST_GET_FEATURES(r4, 0x8008af00, &(0x7f0000000380)) ioctl$KVM_ENABLE_CAP_CPU(r3, 0xc008ae88, &(0x7f00000001c0)={0x7b, 0x0, [0x6, 0x0, 0x0, 0x100000000]}) ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000040)={0x1, 0x0, [{}]}) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000080)={0x100, 0xff, 0x40, 0x1, 0x800}) ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f00000003c0)={0x80003, 0x0, [0x2, 0x100000001, 0xffffffff, 0x4, 0x4, 0x9, 0x10001, 0xce]}) r5 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x501000) setsockopt$nfc_llcp_NFC_LLCP_RW(r5, 0x118, 0x0, &(0x7f0000000300)=0x1, 0x4) [ 435.203782] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 000000000000000a [ 435.244956] IPVS: ftp: loaded support on port[0] = 21 22:20:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 435.286668] Unknown ioctl -2143271671 22:20:41 executing program 5 (fault-call:1 fault-nth:11): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 435.310207] Unknown ioctl -2143271671 22:20:41 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000005c0)=0x14) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000004c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}}) mmap$binder(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2, 0x100000002132, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000640), &(0x7f00000000c0)=0x4) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2080, 0x0) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f00000001c0)={0x7f, {{0x2, 0x4e21, @multicast1=0xe0000001}}, 0x1, 0x1, [{{0x2, 0x4e24, @broadcast=0xffffffff}}]}, 0x110) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xd}, 'irlan0\x00'}}) 22:20:41 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000400)='/dev/qat_adf_ctl\x00', 0x80080, 0x0) sendmsg$inet_sctp(r1, &(0x7f00000003c0)={&(0x7f0000000080)=@in6={0xa, 0x4e20, 0x9, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000240)="2b44793df04d282e3a9b2d102398cb4519d1ca4491accf5a28dde082b980f66c417b8cb82975c3980dded0fb085ef269c2652c1bd9a93fc7742e3215a7c92cdeb580a6128ef2b18132e6350e91aa1a11182b1bac257f789f07985606e076dc99650bb77fe5905ecfdf56994733f6b54373c22b9557ef3900526937689cfeb44e86037c8784204f760f45d3e65685b2aff05f5a5f863878a57ebd173ac104f33fa9948e1d70edd593d10c2fdbd60e21d748e114ce45c85faa36195e41f000e6f04c73edb7d98166dae16d74284f76667556c921002729eddb85cde543c6b8a7c8c26b60933f764162d9256b844071b52027f7c64c8b5bc5b09df7a4", 0xfb}], 0x1, &(0x7f0000000380)=[@init={0x18, 0x84, 0x0, {0xb588, 0x7ff, 0x1, 0x9433}}], 0x18, 0x40}, 0x40) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x2, 0x0, @multicast1=0xe0000001}, {0x2, 0x0, @broadcast=0xffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='veth1_to_bridge\x00'}) flistxattr(r0, &(0x7f0000000140)=""/206, 0xce) 22:20:41 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:41 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 435.449635] FAULT_INJECTION: forcing a failure. [ 435.449635] name failslab, interval 1, probability 0, space 0, times 0 [ 435.461118] CPU: 1 PID: 21639 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 435.468498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.477864] Call Trace: [ 435.480470] dump_stack+0x1c9/0x2b4 [ 435.484121] ? dump_stack_print_info.cold.2+0x52/0x52 [ 435.489348] should_fail.cold.4+0xa/0x1a [ 435.493448] ? __kmalloc_track_caller+0x14a/0x760 [ 435.498323] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 435.503457] ? device_register+0x1d/0x20 [ 435.507543] ? tty_register_device_attr+0x35b/0x730 [ 435.512592] ? tty_port_register_device+0x3d/0x50 [ 435.517470] ? rfcomm_dev_ioctl+0x1bba/0x2240 [ 435.521988] ? rfcomm_sock_ioctl+0x89/0xb0 [ 435.526250] ? sock_do_ioctl+0xe4/0x3e0 [ 435.530249] ? sock_ioctl+0x30d/0x680 [ 435.534074] ? graph_lock+0x170/0x170 [ 435.537904] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.543291] ? print_usage_bug+0xc0/0xc0 [ 435.547358] ? find_held_lock+0x36/0x1c0 [ 435.551425] ? __lock_is_held+0xb5/0x140 [ 435.555485] ? check_same_owner+0x340/0x340 [ 435.559801] ? rcu_note_context_switch+0x730/0x730 [ 435.564724] ? rcu_read_lock_sched_held+0x108/0x120 [ 435.569731] __should_failslab+0x124/0x180 [ 435.573957] should_failslab+0x9/0x14 [ 435.577747] kmem_cache_alloc+0x2af/0x760 [ 435.581886] ? memcpy+0x45/0x50 [ 435.585242] ? kstrdup+0x59/0x70 [ 435.588601] __kernfs_new_node+0xef/0x5a0 [ 435.592752] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 435.597516] ? lock_downgrade+0x8f0/0x8f0 [ 435.601654] ? kasan_check_read+0x11/0x20 [ 435.605791] ? do_raw_spin_unlock+0xa7/0x2f0 [ 435.610201] kernfs_new_node+0x80/0xf0 [ 435.614081] kernfs_create_link+0x33/0x180 [ 435.618305] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 435.623577] sysfs_create_link+0x65/0xc0 [ 435.627629] device_add+0x5c9/0x16f0 [ 435.631334] ? kobject_set_name_vargs+0x100/0x150 [ 435.636172] ? device_private_init+0x240/0x240 [ 435.640749] device_register+0x1d/0x20 [ 435.644626] tty_register_device_attr+0x35b/0x730 [ 435.649471] ? __init_waitqueue_head+0x9e/0x150 [ 435.654132] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 435.658963] ? trace_event_raw_event_module_request+0x340/0x340 [ 435.665015] ? kasan_check_write+0x14/0x20 [ 435.669242] ? tty_port_init+0x1a3/0x260 [ 435.673290] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 435.678297] tty_port_register_device+0x3d/0x50 [ 435.682955] rfcomm_dev_ioctl+0x1bba/0x2240 [ 435.687270] ? rfcomm_dev_state_change+0x150/0x150 [ 435.692194] ? __local_bh_enable_ip+0x161/0x230 [ 435.696853] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 435.701856] ? lock_sock_nested+0x9f/0x120 [ 435.706080] ? trace_hardirqs_on+0xd/0x10 [ 435.710235] ? __local_bh_enable_ip+0x161/0x230 [ 435.714895] rfcomm_sock_ioctl+0x89/0xb0 [ 435.718943] sock_do_ioctl+0xe4/0x3e0 [ 435.722736] ? compat_ifr_data_ioctl+0x170/0x170 [ 435.727485] ? lock_downgrade+0x8f0/0x8f0 [ 435.731628] ? kasan_check_read+0x11/0x20 [ 435.735762] ? rcu_is_watching+0x8c/0x150 [ 435.739897] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 435.744296] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 435.749492] sock_ioctl+0x30d/0x680 [ 435.753111] ? dlci_ioctl_set+0x40/0x40 [ 435.757089] ? match_held_lock+0x851/0x8d0 [ 435.761314] ? expand_files.part.8+0x9c0/0x9c0 [ 435.765887] ? kasan_check_write+0x14/0x20 [ 435.770116] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 435.775044] ? dlci_ioctl_set+0x40/0x40 [ 435.779009] do_vfs_ioctl+0x1de/0x1720 [ 435.782906] ? __lock_is_held+0xb5/0x140 [ 435.786957] ? ioctl_preallocate+0x300/0x300 [ 435.791354] ? __fget_light+0x2f7/0x440 [ 435.795313] ? fget_raw+0x20/0x20 [ 435.798756] ? __sb_end_write+0xac/0xe0 [ 435.802737] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 435.808262] ? fput+0x130/0x1a0 [ 435.811528] ? ksys_write+0x1ae/0x260 [ 435.815318] ? security_file_ioctl+0x94/0xc0 [ 435.819716] ksys_ioctl+0xa9/0xd0 [ 435.823159] __x64_sys_ioctl+0x73/0xb0 [ 435.827052] do_syscall_64+0x1b9/0x820 [ 435.830929] ? finish_task_switch+0x1d3/0x890 [ 435.835435] ? syscall_return_slowpath+0x5e0/0x5e0 [ 435.840357] ? syscall_return_slowpath+0x31d/0x5e0 [ 435.845277] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 435.850632] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.855477] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.860655] RIP: 0033:0x455a99 [ 435.863825] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.883078] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 435.890791] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 22:20:41 executing program 0: r0 = syz_fuse_mount(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000240)=r0) uselib(&(0x7f0000000000)='./file0\x00') ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000080)=0x4) [ 435.898049] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 435.905318] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 435.912577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 435.919834] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 000000000000000b [ 435.948107] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 435.955351] FAT-fs (loop1): Filesystem has been set read-only 22:20:42 executing program 4: r0 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000240)={0x0, 0x0, 0x0, @mcast1}, &(0x7f0000000280)=0x1c) write$binfmt_script(r0, &(0x7f00000002c0)={'#! ', './file0', [{0x20, 'mangle\x00'}, {0x20, ',#.'}, {0x20, 'mangle\x00'}, {0x20, 'mangle\x00'}, {0x20, 'wlan0'}, {0x20}, {0x20, 'mangle\x00'}], 0xa, "8b598181995e6374c0cd72da4cc65a759600ff157fb4d9befec011e9a27ef9280d1bc5f2ea6cad8c59be19518156bffb356ca1ae33604084c37e0077986a93875aac11e17971aae67c5a995991fc26a53d8956add4e7c58cd28b11cb44b5db656c407037686bb6dea8a54822471829168c0f584aa31369390d9718d9b2905b3bc64c40694f704b006f1fb866ca5ffa11c8896a1743db2a54b9b757"}, 0xd1) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000400)=0x38, 0xfffffffffffffe21) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'mangle\x00', 0xe8, "cf784749eeff64ffdf114888559974dcef548e6aaf45610fdae7229464776aa998918323497dfc86baa7edf092c11c670480f3526065244b361845ef9007f4f793938363210adab4e410d75fc9e89002fb9dfd311718031ddd487175e68719cef79fcb66097c4e4f21d2593cca0e6c453cdd0e43956db6b0fa9c48a994b5047c1a16f584ca14950a312c9f443807dd1d822bf92886f3dbfd6fe175d4e0bf1c993b902083f5ca97ffe88d93c32f45bce2a4196b52bc9a6d22ba063a6b619aa40bffab22a5efb6b2a522cfe28d550e0157ca41e18270f8a7ea17b5f42dc2c4a526ea3acb5d2b2d5a89"}, &(0x7f0000000200)=0x10c) bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x2, 0xdb) setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f0000000000)=0xdf8, 0x4) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) bind$inet6(r2, &(0x7f0000f67fe4)={0xa, 0x4e20}, 0x1c) 22:20:42 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000040)=ANY=[@ANYBLOB="178eb3"], &(0x7f0000000340)=0x1) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000580)={"becf97d0f1a845fb7801b1dfaf1478659f1b88a059a595910ecd0e9c4fece7e6bbaea6fc6f468f8e8215ee5d8aee7524bfe494533ed838e3efe9baef2de11de02f62fdfb69931470fd34eca34cb3dd950beca8a4c7825863c5a9d41aa350b98a884e7ba5a94e6c1a95369015563105c196a706d45d536afb0ecff486a7b6573f2334f302b164385c878e0161a6630cb5d70e4178921bb01aef1011cfabc856bdf63e4ac95c9784b8f8399fc2676c5d9c21e8bd89ea9290b77c29f7a9ad3686fc588082fafa676d6e205bceeed7c1a942cbd6afe327d99e1c77402a1dafeb5b04fb95e1c746070a0fcb469248ac87f568757bc16381a7e4ac7b556b7c87ca4ed8c889f528b69ec14397933af52821155bb0e2faf3f39abc756ccb01b9898f81c9b71eee91ad7beaecb58635ef6828fe7d1d77443c893353332b9151ef796fcd67ee5a1b55d2e5b872785826fc4610beac31b09bc96ca44a67187d9dbe37efce2cfb3159f61f190a7c5330c01b0656ebb79b7ef08dd0f68beada22ae6e47efa4079d453b1f3de11f32d8858ed1bec68a3da6a9c4b0322e178bd1a1bab8df1192db8e14a883b5da4b966d92bffdfac651803f021ecbcd8db06d6bffac827e21d084d901abda904879919bf4cf0ec90b6199db1d6662e9bfc790ae9077266c36bea3ec54ae60534b58673e67007f3503d9b5ce2799dcb6acf3e53501d1847ee608064fed2ade643a60c512666b2862751118d862fbffb0ae3ac92905160670ab141bab601fd4046c4c55db91347eeab106fb6bbe8d8cd63637f20bc2bca30c8e3747f0fe516511ee619a2d2df47f2e42eb29cae74acc662e409045032a4b95bce97c7cc8818c71b19fc368c95d4cd3b0556d4783d1b29bb5aa184a62cc1007ee3da765427a60d360850effc980385cbc1464eb329879f876c40f1b9274bbb2dca7ba9fa3a52d44469f14bfbd44066bbda79dc737b96f050e3d104041ad624eb450d9cfbba7c71a3aa846a3fb1402b484e3672ce0d6082efb438860907a76c5204b85cdce1f17c6221b4f1fb0f21e8979ec95b22ecd407b036547775037ac488bc0cff318f1f5743b65ec1fd4c439f1db8329ef0c771471f4f1ddef0910185fe9716a995a5df5661d1c5a25f7f4edc819ede0f15a4447ada389c39505afe36946b502914d85d494e14603389d0a682a01f7adc2b161d20df69bdcf098a97b4a7d1ab3b3bf10006a2872d82480f9536cab18995e77bc74262e270c8f6a83e6dc547a0c8c36157e2e85a1609f7f523539066c5a1ea97e03932693b19f51b9f9a72a2302be07876b5fb0e83c68428fbacc7088d96a3a6d12d28faeb7925d7c7cf639e9a2ce202dd888108a9140015cb3b9396cec58bf4878bea5248268516a5cf2598b80ac670013e94d2d1b0dee61393d4f5df12f917f5246ddaeedf0da68d2301c547a"}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x0, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:20:42 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 436.058255] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 436.065543] FAT-fs (loop1): Filesystem has been set read-only [ 436.101602] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:42 executing program 7: r0 = eventfd(0x2) clock_gettime(0x0, &(0x7f0000000180)={0x0}) ppoll(&(0x7f0000000140)=[{r0}], 0x1, &(0x7f0000000200)={r1}, &(0x7f0000000240), 0x8) write$eventfd(r0, &(0x7f0000000040)=0x800000000000005, 0xffffffc8) fremovexattr(r0, &(0x7f00000000c0)=@known='system.posix_acl_access\x00') eventfd(0x8) 22:20:42 executing program 5 (fault-call:1 fault-nth:12): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:42 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:42 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000005c0)=0x14) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000004c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}}) mmap$binder(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2, 0x100000002132, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xc812, r0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000640), &(0x7f00000000c0)=0x4) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2080, 0x0) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f00000001c0)={0x7f, {{0x2, 0x4e21, @multicast1=0xe0000001}}, 0x1, 0x1, [{{0x2, 0x4e24, @broadcast=0xffffffff}}]}, 0x110) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xd}, 'irlan0\x00'}}) [ 436.249916] FAULT_INJECTION: forcing a failure. [ 436.249916] name failslab, interval 1, probability 0, space 0, times 0 [ 436.261354] CPU: 0 PID: 21678 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 436.268736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 436.278106] Call Trace: [ 436.280723] dump_stack+0x1c9/0x2b4 [ 436.284383] ? dump_stack_print_info.cold.2+0x52/0x52 [ 436.289607] should_fail.cold.4+0xa/0x1a [ 436.293703] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 436.298838] ? __lock_acquire+0x7fc/0x5020 [ 436.303108] ? mutex_trylock+0x2b0/0x2b0 [ 436.307194] ? graph_lock+0x170/0x170 [ 436.311020] ? save_stack+0x43/0xd0 [ 436.314673] ? find_held_lock+0x36/0x1c0 [ 436.318768] ? __lock_is_held+0xb5/0x140 [ 436.322876] ? check_same_owner+0x340/0x340 [ 436.327228] ? rcu_note_context_switch+0x730/0x730 [ 436.332185] __should_failslab+0x124/0x180 [ 436.336446] should_failslab+0x9/0x14 [ 436.340294] __kmalloc_track_caller+0x2c4/0x760 [ 436.344976] ? graph_lock+0x170/0x170 [ 436.348804] ? graph_lock+0x170/0x170 [ 436.352621] ? kstrdup_const+0x66/0x80 [ 436.356525] kstrdup+0x39/0x70 [ 436.359716] kstrdup_const+0x66/0x80 [ 436.363426] __kernfs_new_node+0xb0/0x5a0 [ 436.367565] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 436.372338] ? lock_downgrade+0x8f0/0x8f0 [ 436.376486] ? kasan_check_read+0x11/0x20 [ 436.380633] ? do_raw_spin_unlock+0xa7/0x2f0 [ 436.385043] kernfs_new_node+0x80/0xf0 [ 436.388947] kernfs_create_link+0x33/0x180 [ 436.393178] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 436.398469] sysfs_create_link+0x65/0xc0 [ 436.402536] device_add+0x5c9/0x16f0 [ 436.406250] ? kobject_set_name_vargs+0x100/0x150 [ 436.411091] ? device_private_init+0x240/0x240 [ 436.415673] device_register+0x1d/0x20 [ 436.419555] tty_register_device_attr+0x35b/0x730 [ 436.424405] ? __init_waitqueue_head+0x9e/0x150 [ 436.429068] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 436.433922] ? trace_event_raw_event_module_request+0x340/0x340 [ 436.439973] ? kasan_check_write+0x14/0x20 [ 436.444202] ? tty_port_init+0x1a3/0x260 [ 436.448253] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 436.453263] tty_port_register_device+0x3d/0x50 [ 436.457943] rfcomm_dev_ioctl+0x1bba/0x2240 [ 436.462258] ? rfcomm_dev_state_change+0x150/0x150 [ 436.467187] ? __local_bh_enable_ip+0x161/0x230 [ 436.471855] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 436.476870] ? lock_sock_nested+0x9f/0x120 [ 436.481100] ? trace_hardirqs_on+0xd/0x10 [ 436.485238] ? __local_bh_enable_ip+0x161/0x230 [ 436.489906] rfcomm_sock_ioctl+0x89/0xb0 [ 436.493980] sock_do_ioctl+0xe4/0x3e0 [ 436.497771] ? compat_ifr_data_ioctl+0x170/0x170 [ 436.502517] ? lock_downgrade+0x8f0/0x8f0 [ 436.506661] ? kasan_check_read+0x11/0x20 [ 436.510797] ? rcu_is_watching+0x8c/0x150 [ 436.514943] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 436.519341] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 436.524522] sock_ioctl+0x30d/0x680 [ 436.528154] ? dlci_ioctl_set+0x40/0x40 [ 436.532119] ? match_held_lock+0x851/0x8d0 [ 436.536345] ? expand_files.part.8+0x9c0/0x9c0 [ 436.540914] ? kasan_check_write+0x14/0x20 [ 436.545137] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 436.550056] ? dlci_ioctl_set+0x40/0x40 [ 436.554024] do_vfs_ioctl+0x1de/0x1720 [ 436.557900] ? __lock_is_held+0xb5/0x140 [ 436.561964] ? ioctl_preallocate+0x300/0x300 [ 436.566362] ? __fget_light+0x2f7/0x440 [ 436.570324] ? fget_raw+0x20/0x20 [ 436.573769] ? __sb_end_write+0xac/0xe0 [ 436.577737] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 436.583261] ? fput+0x130/0x1a0 [ 436.586528] ? ksys_write+0x1ae/0x260 [ 436.590321] ? security_file_ioctl+0x94/0xc0 [ 436.594717] ksys_ioctl+0xa9/0xd0 [ 436.598160] __x64_sys_ioctl+0x73/0xb0 [ 436.602042] do_syscall_64+0x1b9/0x820 [ 436.605918] ? finish_task_switch+0x1d3/0x890 [ 436.610402] ? syscall_return_slowpath+0x5e0/0x5e0 [ 436.615319] ? syscall_return_slowpath+0x31d/0x5e0 [ 436.620238] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 436.625592] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 436.630444] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.635633] RIP: 0033:0x455a99 [ 436.638803] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 436.658052] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 436.665749] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 436.673009] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 436.680270] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 436.687528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 436.694788] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 000000000000000c 22:20:42 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x102d}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x9, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x3, 0x1, 0x8}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0x3bc, &(0x7f00001a7f05)=""/251}, 0x2e) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x80000, 0x0) ioctl$SG_SET_DEBUG(r1, 0x227e, &(0x7f0000000040)=0x1) 22:20:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:42 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:42 executing program 5 (fault-call:1 fault-nth:13): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:42 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:42 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000140)) r1 = socket$inet(0x10, 0x7, 0xc) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000280)={@broadcast, @local, 0x0}, &(0x7f00000002c0)=0xfffffffffffffebc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', r3}) accept4$inet6(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000080)=0x1c, 0x80000) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000017fdc)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x17f, &(0x7f0000004000), 0x1000000000000102, 0x0, 0xffffffffffffffd3, 0x800000000000000}, 0x20008004) [ 436.838938] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 436.846188] FAT-fs (loop1): Filesystem has been set read-only 22:20:42 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGABS2F(r1, 0x40044581, &(0x7f0000000080)=""/124) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000380)={0x0, 0x6a17, 0x30}, &(0x7f00000003c0)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000400)={r2, @in={{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x100000, 0xfb}, &(0x7f00000004c0)=0x90) r3 = accept(r0, &(0x7f00000001c0)=@sco, &(0x7f0000000040)=0x80) r4 = syz_open_dev$amidi(&(0x7f0000000500)='/dev/amidi#\x00', 0x2, 0x42000) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000100)={r2, 0x1}, &(0x7f0000000640)=0xfffffffffffffdb7) ioctl$FS_IOC_SETFSLABEL(r4, 0x41009432, &(0x7f0000000540)="ebe4f7aef490910c5169e893a69ae2faa454b116e14679704765470dafdfa1b9880a23d69842dc6addd9dc62b4c90e791536ae42b405681c8d41bfa3d0fd3b308e3a6aa65e8d09d98658f245a07ee0873f1c86b57ac1bb918da8d4cf90474f8293ffb7dc00d2a2aa5efe1276442f697d7c786f8f548eb1ab0f74cde5df8ca43ed792e36a666fb607579f4838187cbe7da6ce263141588bf75a76a3eaeab9caa3d8679f8c21c6844a19299314095938671e0100f62fc6b70970dfc562974f989ca38dbea6a4979a1b9de69c8deab3f05f539f3f672436aa872d5ac8db160cdd7915d76f105828d5b08732e384f031533689a702dca904f97493e4a3c057ca5a5c") setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000002c0)={r5, @in={{0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x9, 0xefd, 0x10000, 0xfff, 0x2}, 0x98) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) 22:20:43 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653004", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 436.951691] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 436.958949] FAT-fs (loop1): Filesystem has been set read-only 22:20:43 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530ff", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") mkdir(&(0x7f00001a3000)='./file0\x00', 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x2000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180)={0xffffffff}, 0x2, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000480)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x7}, {0xa, 0x4e22, 0x690, @loopback={0x0, 0x1}, 0x1}, r2, 0x7f}}, 0x48) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000500)='./file0\x00', &(0x7f0000000280)='proc\x00', 0x0, &(0x7f00000001c0)) r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r3, &(0x7f00000002c0)=""/186, 0x2fc) getdents(r3, &(0x7f0000000140)=""/2, 0x5af) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000080)=0xe8) setsockopt$inet6_mreq(r0, 0x29, 0x1d, &(0x7f00000000c0)={@dev={0xfe, 0x80, [], 0x21}, r4}, 0x14) fcntl$notify(r3, 0x402, 0x1) exit(0x0) getdents64(r3, &(0x7f00000001c0)=""/57, 0xffffffffffffff04) [ 437.017357] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 437.204612] FAULT_INJECTION: forcing a failure. [ 437.204612] name failslab, interval 1, probability 0, space 0, times 0 [ 437.216132] CPU: 0 PID: 21734 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 437.223501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.232856] Call Trace: [ 437.235462] dump_stack+0x1c9/0x2b4 [ 437.239099] ? dump_stack_print_info.cold.2+0x52/0x52 [ 437.244303] should_fail.cold.4+0xa/0x1a [ 437.248374] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 437.253489] ? graph_lock+0x170/0x170 [ 437.257296] ? ___ratelimit.cold.2+0x6b/0x6b [ 437.261710] ? save_stack+0x43/0xd0 [ 437.265349] ? find_held_lock+0x36/0x1c0 [ 437.269423] ? __lock_is_held+0xb5/0x140 [ 437.273506] ? check_same_owner+0x340/0x340 [ 437.277842] ? rcu_note_context_switch+0x730/0x730 [ 437.282807] __should_failslab+0x124/0x180 [ 437.287070] should_failslab+0x9/0x14 [ 437.290894] kmem_cache_alloc+0x2af/0x760 [ 437.295071] ? wait_for_completion+0x8d0/0x8d0 [ 437.299676] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 437.304722] __kernfs_new_node+0xef/0x5a0 [ 437.308898] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 437.313664] ? __lock_is_held+0xb5/0x140 [ 437.317733] ? wait_for_completion+0x8d0/0x8d0 [ 437.322353] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 437.327902] kernfs_new_node+0x80/0xf0 [ 437.331811] kernfs_create_dir_ns+0x3d/0x140 [ 437.336227] internal_create_group+0x110/0x970 [ 437.340830] sysfs_create_group+0x1f/0x30 [ 437.344997] dpm_sysfs_add+0x26/0x210 [ 437.348807] device_add+0x857/0x16f0 [ 437.352531] ? kobject_set_name_vargs+0x100/0x150 [ 437.357424] ? device_private_init+0x240/0x240 [ 437.362020] device_register+0x1d/0x20 [ 437.365913] tty_register_device_attr+0x35b/0x730 [ 437.370779] ? __init_waitqueue_head+0x9e/0x150 [ 437.375460] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 437.380319] ? trace_event_raw_event_module_request+0x340/0x340 [ 437.386389] ? kasan_check_write+0x14/0x20 [ 437.390630] ? tty_port_init+0x1a3/0x260 [ 437.394701] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 437.399728] tty_port_register_device+0x3d/0x50 [ 437.404413] rfcomm_dev_ioctl+0x1bba/0x2240 [ 437.408750] ? rfcomm_dev_state_change+0x150/0x150 [ 437.413700] ? __local_bh_enable_ip+0x161/0x230 [ 437.418375] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 437.423393] ? lock_sock_nested+0x9f/0x120 [ 437.427629] ? trace_hardirqs_on+0xd/0x10 [ 437.431798] ? __local_bh_enable_ip+0x161/0x230 [ 437.436481] rfcomm_sock_ioctl+0x89/0xb0 [ 437.440552] sock_do_ioctl+0xe4/0x3e0 [ 437.444358] ? compat_ifr_data_ioctl+0x170/0x170 [ 437.449121] ? lock_downgrade+0x8f0/0x8f0 [ 437.453283] ? kasan_check_read+0x11/0x20 [ 437.457434] ? rcu_is_watching+0x8c/0x150 [ 437.461584] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 437.466000] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 437.471196] sock_ioctl+0x30d/0x680 [ 437.474828] ? dlci_ioctl_set+0x40/0x40 [ 437.478810] ? match_held_lock+0x851/0x8d0 [ 437.483047] ? expand_files.part.8+0x9c0/0x9c0 [ 437.487635] ? kasan_check_write+0x14/0x20 [ 437.491883] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 437.496832] ? dlci_ioctl_set+0x40/0x40 [ 437.500813] do_vfs_ioctl+0x1de/0x1720 [ 437.504710] ? __lock_is_held+0xb5/0x140 [ 437.508781] ? ioctl_preallocate+0x300/0x300 [ 437.513195] ? __fget_light+0x2f7/0x440 [ 437.517176] ? fget_raw+0x20/0x20 [ 437.520639] ? __sb_end_write+0xac/0xe0 [ 437.524711] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 437.530255] ? fput+0x130/0x1a0 [ 437.533541] ? ksys_write+0x1ae/0x260 [ 437.537352] ? security_file_ioctl+0x94/0xc0 [ 437.541777] ksys_ioctl+0xa9/0xd0 [ 437.545239] __x64_sys_ioctl+0x73/0xb0 [ 437.550086] do_syscall_64+0x1b9/0x820 [ 437.553979] ? finish_task_switch+0x1d3/0x890 [ 437.558482] ? syscall_return_slowpath+0x5e0/0x5e0 [ 437.563449] ? syscall_return_slowpath+0x31d/0x5e0 [ 437.568393] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 437.573771] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 437.578638] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 437.583835] RIP: 0033:0x455a99 [ 437.587021] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 437.606413] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 437.614132] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 437.621409] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 437.628682] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 437.635955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 437.643226] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 000000000000000d 22:20:43 executing program 0: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fstat(r0, &(0x7f0000000140)) ioprio_set$uid(0x1, 0x0, 0x5) clone(0x0, &(0x7f0000000140), &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000380)) 22:20:43 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e) sendto(r0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0) fsetxattr(r1, &(0x7f0000000040)=@random={'osx.', '+wlan1\x00'}, &(0x7f0000000100)='wlan1keyring\x00', 0xd, 0x2) 22:20:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530ff", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:43 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653087", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:43 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:43 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(cast6)\x00'}, 0x58) r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x80, 0x28000) delete_module(&(0x7f0000000240)='self@{user#\x00', 0xa00) setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@int=0x8, 0x4) accept4(r0, 0x0, &(0x7f0000000140)=0xfffffffffffffe71, 0x804) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/rt_cache\x00') ioctl$BLKRESETZONE(r2, 0x40101283, &(0x7f0000000200)={0x6}) sendfile(r1, r2, &(0x7f00000002c0), 0xffffffff) ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0400050000000000", @ANYPTR=&(0x7f0000000280)=ANY=[@ANYBLOB="0c45d59bfffc9f572b22c2a1614ad9b0dbbad069b0c18d9c63a8d2491c951548476b381ed871338cc4179b2c724da56f536a26bb"], @ANYBLOB="040700000200000081000000008000008b13457c02b0cd95518f4d87117489c6857695d798f3a704d00944ad750ddccd8ebff0a662c57dc6275dbc0b9bf9e02280ec5d7fb259f294e829a019678897b066c21f38527d4d4bcb401b208bafdcc2db7cb518c9ffa932e2b30e49579fec0040f3d939ae9656d5810b6d674318954853255c1f34be61d01acc8d919d6f5fbce9883780b2034cf4dffb75e3eaed53ab904211fdce1eefaaf18f619d3dbeafb76ae1c5925de82ca962780ba5fb03ee6870130eb5b9ca81f070d547f46ad67d4f3b14c86c4c608194a5c266fd93c6482bb3f1d35f9805259802004478d7a84d6db15481793bd5450be32379"]) lseek(r1, 0x0, 0x2) 22:20:43 executing program 5 (fault-call:1 fault-nth:14): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 437.789152] FAULT_INJECTION: forcing a failure. [ 437.789152] name failslab, interval 1, probability 0, space 0, times 0 [ 437.800577] CPU: 1 PID: 21748 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 437.807949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.817308] Call Trace: [ 437.819919] dump_stack+0x1c9/0x2b4 [ 437.823572] ? dump_stack_print_info.cold.2+0x52/0x52 [ 437.828800] should_fail.cold.4+0xa/0x1a [ 437.832889] ? lock_acquire+0x1e4/0x540 [ 437.836906] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 437.842044] ? lock_release+0xa30/0xa30 [ 437.846031] ? check_same_owner+0x340/0x340 [ 437.850447] ? graph_lock+0x170/0x170 [ 437.854254] ? rcu_note_context_switch+0x730/0x730 [ 437.859192] ? find_held_lock+0x36/0x1c0 [ 437.863263] ? __lock_is_held+0xb5/0x140 [ 437.867356] ? check_same_owner+0x340/0x340 [ 437.871677] ? rcu_note_context_switch+0x730/0x730 [ 437.876610] __should_failslab+0x124/0x180 [ 437.880841] should_failslab+0x9/0x14 [ 437.884651] kmem_cache_alloc+0x2af/0x760 [ 437.888796] ? kasan_check_write+0x14/0x20 [ 437.893036] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 437.898054] __kernfs_new_node+0xef/0x5a0 [ 437.902199] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 437.906955] ? kasan_check_write+0x14/0x20 [ 437.911183] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 437.916128] ? graph_lock+0x170/0x170 [ 437.919927] ? wait_for_completion+0x8d0/0x8d0 [ 437.924527] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 437.930168] kernfs_new_node+0x80/0xf0 [ 437.934058] __kernfs_create_file+0x4d/0x330 [ 437.938467] sysfs_add_file_mode_ns+0x21a/0x560 [ 437.943153] sysfs_add_file+0x4e/0x60 [ 437.946948] sysfs_merge_group+0xfa/0x230 [ 437.951100] dpm_sysfs_add+0x161/0x210 [ 437.955004] device_add+0x857/0x16f0 [ 437.958721] ? kobject_set_name_vargs+0x100/0x150 [ 437.963561] ? device_private_init+0x240/0x240 [ 437.968148] device_register+0x1d/0x20 [ 437.972038] tty_register_device_attr+0x35b/0x730 [ 437.976875] ? __init_waitqueue_head+0x9e/0x150 [ 437.981541] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 437.986385] ? trace_event_raw_event_module_request+0x340/0x340 [ 437.992441] ? kasan_check_write+0x14/0x20 [ 437.996670] ? tty_port_init+0x1a3/0x260 [ 438.000728] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 438.005746] tty_port_register_device+0x3d/0x50 [ 438.010413] rfcomm_dev_ioctl+0x1bba/0x2240 [ 438.014739] ? rfcomm_dev_state_change+0x150/0x150 [ 438.019676] ? __local_bh_enable_ip+0x161/0x230 [ 438.024348] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 438.029358] ? lock_sock_nested+0x9f/0x120 [ 438.033586] ? trace_hardirqs_on+0xd/0x10 [ 438.037747] ? __local_bh_enable_ip+0x161/0x230 [ 438.042423] rfcomm_sock_ioctl+0x89/0xb0 [ 438.046487] sock_do_ioctl+0xe4/0x3e0 [ 438.050290] ? compat_ifr_data_ioctl+0x170/0x170 [ 438.055052] ? lock_downgrade+0x8f0/0x8f0 [ 438.059243] ? rcu_is_watching+0x8c/0x150 [ 438.063390] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 438.067813] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 438.073023] sock_ioctl+0x30d/0x680 [ 438.076647] ? dlci_ioctl_set+0x40/0x40 [ 438.080633] ? match_held_lock+0x851/0x8d0 [ 438.084894] ? expand_files.part.8+0x9c0/0x9c0 [ 438.089468] ? kasan_check_write+0x14/0x20 [ 438.093696] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 438.098626] ? dlci_ioctl_set+0x40/0x40 [ 438.102595] do_vfs_ioctl+0x1de/0x1720 [ 438.106482] ? ioctl_preallocate+0x300/0x300 [ 438.110882] ? __fget_light+0x2f7/0x440 [ 438.114862] ? fget_raw+0x20/0x20 [ 438.118329] ? __sb_end_write+0xac/0xe0 [ 438.122304] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 438.127849] ? fput+0x130/0x1a0 [ 438.131123] ? ksys_write+0x1ae/0x260 [ 438.134923] ? security_file_ioctl+0x94/0xc0 [ 438.139330] ksys_ioctl+0xa9/0xd0 [ 438.142781] __x64_sys_ioctl+0x73/0xb0 [ 438.146667] do_syscall_64+0x1b9/0x820 [ 438.150547] ? finish_task_switch+0x1d3/0x890 [ 438.155040] ? syscall_return_slowpath+0x5e0/0x5e0 [ 438.159968] ? syscall_return_slowpath+0x31d/0x5e0 [ 438.164902] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 438.170276] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.175123] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 438.180305] RIP: 0033:0x455a99 [ 438.183483] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 438.202870] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 438.210574] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 438.217851] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 438.225112] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 438.232373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 438.239638] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 000000000000000e [ 438.252623] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 438.259890] FAT-fs (loop1): Filesystem has been set read-only 22:20:44 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f26f477671070") r1 = syz_open_procfs(0x0, &(0x7f0000000000)='attr\x00') ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000040)={0x40, 0x5, 0x8, 0x1, 0x6, 0x1, 0x4, 0x2, 0x5, 0x1ff, 0xff, 0x800000000000}) getdents(r1, &(0x7f0000000380)=""/181, 0xffffffff00000018) 22:20:44 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:44 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 438.351842] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 438.359084] FAT-fs (loop1): Filesystem has been set read-only 22:20:44 executing program 4: getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)=ANY=[@ANYBLOB="4e000000db81c95eb03f8ae6aef9b9acb806203424e1ef11292e86b7d0fdb2ed83c37ca0bac6cf164297168c2457e04731e2f369578e80a237bc1b78666e635e852d9b04b2a1d9b93c20fd0a"], &(0x7f0000001200)=0x1) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x20201) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000200)={0x0, 0x9}) write(r1, &(0x7f0000000140), 0x28d) 22:20:44 executing program 7: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x204000, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000180)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', r1}) r2 = socket$kcm(0x29, 0x5, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r3 = socket(0xa, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x64, 0x0, 0x0, 0x1}, {0x6}]}, 0x10) r4 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, "7175657565300000000000000000000000000080004000000000000000000000080000000000030000e7d4e77cff5b680f430000000600000000000000001000"}) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000200)=0x3451, 0x4) accept4$packet(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000002c0)=0x14, 0x800) 22:20:44 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530f6", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:44 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x101000, 0x0) accept4$bt_l2cap(r0, &(0x7f00000001c0), &(0x7f0000000540)=0xe, 0x80000) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x1) r2 = socket$packet(0x11, 0x0, 0x300) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000580)=0x4) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x110, 0x4) sendto$inet6(r2, &(0x7f00000000c0), 0x246, 0x0, &(0x7f0000005fe4)={0xa, 0x0, 0x100000002, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) recvmmsg(r2, &(0x7f0000000940)=[{{0x0, 0x7a2df8c4bfedd3d6, &(0x7f0000000100)=[{&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000280)=""/253, 0xfd}, {&(0x7f0000000400)=""/131, 0x83}, {&(0x7f00000004c0)=""/103, 0x67}], 0x4}}, {{&(0x7f0000000380)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000000800), 0x0, &(0x7f0000000840)=""/217, 0xd9, 0x7f}, 0x2000000000000000}], 0x2, 0x12000, &(0x7f00000009c0)={0x77359400}) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f00000000c0)) r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x401, 0x2000) setsockopt$bt_hci_HCI_FILTER(r3, 0x0, 0x2, &(0x7f0000000040)={0xffffffff, 0x0, 0x3, 0xc282}, 0x10) 22:20:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530f6", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:44 executing program 5 (fault-call:1 fault-nth:15): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 438.717594] FAULT_INJECTION: forcing a failure. [ 438.717594] name failslab, interval 1, probability 0, space 0, times 0 [ 438.729131] CPU: 1 PID: 21798 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 438.736519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.745888] Call Trace: [ 438.748490] dump_stack+0x1c9/0x2b4 [ 438.752125] ? dump_stack_print_info.cold.2+0x52/0x52 [ 438.757343] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 438.762228] should_fail.cold.4+0xa/0x1a [ 438.766322] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 438.771461] ? graph_lock+0x170/0x170 [ 438.775295] ? find_held_lock+0x36/0x1c0 [ 438.779383] ? __lock_is_held+0xb5/0x140 [ 438.783473] ? check_same_owner+0x340/0x340 [ 438.787818] ? kasan_check_write+0x14/0x20 [ 438.792077] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 438.797036] ? rcu_note_context_switch+0x730/0x730 [ 438.802003] __should_failslab+0x124/0x180 [ 438.806256] should_failslab+0x9/0x14 [ 438.810064] kmem_cache_alloc+0x2af/0x760 [ 438.814222] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 438.819254] __kernfs_new_node+0xef/0x5a0 [ 438.823413] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 438.828177] ? mutex_unlock+0xd/0x10 [ 438.831898] ? kernfs_activate+0x21a/0x2c0 [ 438.836167] ? kernfs_walk_and_get_ns+0x340/0x340 [ 438.841028] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 438.846575] ? kernfs_link_sibling+0x1d2/0x3b0 [ 438.851177] kernfs_new_node+0x80/0xf0 [ 438.855099] __kernfs_create_file+0x4d/0x330 [ 438.859553] sysfs_add_file_mode_ns+0x21a/0x560 [ 438.864234] sysfs_add_file+0x4e/0x60 [ 438.868040] sysfs_merge_group+0xfa/0x230 [ 438.872210] dpm_sysfs_add+0x161/0x210 [ 438.876108] device_add+0x857/0x16f0 [ 438.879831] ? kobject_set_name_vargs+0x100/0x150 [ 438.884685] ? device_private_init+0x240/0x240 [ 438.889280] device_register+0x1d/0x20 [ 438.893176] tty_register_device_attr+0x35b/0x730 [ 438.898023] ? __init_waitqueue_head+0x9e/0x150 [ 438.902703] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 438.907557] ? trace_event_raw_event_module_request+0x340/0x340 [ 438.913623] ? kasan_check_write+0x14/0x20 [ 438.917863] ? tty_port_init+0x1a3/0x260 [ 438.921934] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 438.926961] tty_port_register_device+0x3d/0x50 [ 438.931660] rfcomm_dev_ioctl+0x1bba/0x2240 [ 438.935996] ? rfcomm_dev_state_change+0x150/0x150 [ 438.940939] ? __local_bh_enable_ip+0x161/0x230 [ 438.945616] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 438.950636] ? lock_sock_nested+0x9f/0x120 [ 438.954873] ? trace_hardirqs_on+0xd/0x10 [ 438.959024] ? __local_bh_enable_ip+0x161/0x230 [ 438.963706] rfcomm_sock_ioctl+0x89/0xb0 [ 438.967774] sock_do_ioctl+0xe4/0x3e0 [ 438.971582] ? compat_ifr_data_ioctl+0x170/0x170 [ 438.976348] ? lock_downgrade+0x8f0/0x8f0 [ 438.980508] ? kasan_check_read+0x11/0x20 [ 438.984678] ? rcu_is_watching+0x8c/0x150 [ 438.988830] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 438.993248] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 438.998446] sock_ioctl+0x30d/0x680 [ 439.002077] ? dlci_ioctl_set+0x40/0x40 [ 439.006056] ? match_held_lock+0x851/0x8d0 [ 439.010296] ? expand_files.part.8+0x9c0/0x9c0 [ 439.014882] ? kasan_check_write+0x14/0x20 [ 439.019125] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 439.024063] ? dlci_ioctl_set+0x40/0x40 [ 439.028040] do_vfs_ioctl+0x1de/0x1720 [ 439.031930] ? __lock_is_held+0xb5/0x140 [ 439.035995] ? ioctl_preallocate+0x300/0x300 [ 439.040405] ? __fget_light+0x2f7/0x440 [ 439.044385] ? fget_raw+0x20/0x20 [ 439.047855] ? __sb_end_write+0xac/0xe0 [ 439.051842] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 439.057388] ? fput+0x130/0x1a0 [ 439.060674] ? ksys_write+0x1ae/0x260 [ 439.064487] ? security_file_ioctl+0x94/0xc0 [ 439.068907] ksys_ioctl+0xa9/0xd0 [ 439.072371] __x64_sys_ioctl+0x73/0xb0 [ 439.076268] do_syscall_64+0x1b9/0x820 [ 439.080197] ? finish_task_switch+0x1d3/0x890 [ 439.084702] ? syscall_return_slowpath+0x5e0/0x5e0 [ 439.089640] ? syscall_return_slowpath+0x31d/0x5e0 [ 439.094580] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 439.099954] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.104810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 439.110008] RIP: 0033:0x455a99 [ 439.113194] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 439.132634] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.140355] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 439.147644] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 439.154930] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 439.162206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 22:20:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000000)={0x8, 0x6}) dup(r1) r2 = socket$inet6(0xa, 0x2, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4010ae42, &(0x7f0000000040)={0x0, 0x0, 0x700000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 22:20:45 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0c', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:45 executing program 4: socket$inet_tcp(0x2, 0x1, 0x0) syz_open_dev$tun(&(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) unshare(0x200000000040100) openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x14) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x110000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="a729a222", @ANYRES16=r1, @ANYBLOB="000825bd7000fbdbdf250f00000008000400f8ffffff0800040008000000"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8}) 22:20:45 executing program 3: socket$inet6_dccp(0xa, 0x6, 0x0) r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') r1 = getpgrp(0x0) syz_open_procfs(r1, &(0x7f0000000140)='net/unix\x00') r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x2, 0x1fe) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f00000000c0)={0x2, 0x4, [{0x1, 0x0, 0x2}, {0x9, 0x0, 0x6}]}) memfd_create(&(0x7f0000000040)='pRoc.wlan0ppp0keyring\x00', 0x5) fallocate(r0, 0x3, 0x7fffffffffffdffe, 0x2) [ 439.169498] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 000000000000000f 22:20:45 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:45 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f760070") sendto$inet6(r1, &(0x7f0000000140), 0x100000, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000000)={0x7, 0x5}) 22:20:45 executing program 5 (fault-call:1 fault-nth:16): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:45 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 439.378586] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 439.385830] FAT-fs (loop1): Filesystem has been set read-only [ 439.390977] FAULT_INJECTION: forcing a failure. [ 439.390977] name failslab, interval 1, probability 0, space 0, times 0 [ 439.403132] CPU: 0 PID: 21828 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 439.410513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.419883] Call Trace: [ 439.422499] dump_stack+0x1c9/0x2b4 [ 439.426159] ? dump_stack_print_info.cold.2+0x52/0x52 [ 439.431372] ? __mutex_lock+0x7e8/0x1820 [ 439.435462] ? perf_trace_lock+0xde/0x920 [ 439.439646] should_fail.cold.4+0xa/0x1a [ 439.443742] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 439.448884] ? graph_lock+0x170/0x170 [ 439.452726] ? find_held_lock+0x36/0x1c0 [ 439.456827] ? __lock_is_held+0xb5/0x140 [ 439.460929] ? check_same_owner+0x340/0x340 [ 439.465278] ? kasan_check_write+0x14/0x20 [ 439.469537] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 439.474501] ? rcu_note_context_switch+0x730/0x730 [ 439.479462] __should_failslab+0x124/0x180 [ 439.482960] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 439.483720] should_failslab+0x9/0x14 [ 439.483741] kmem_cache_alloc+0x2af/0x760 [ 439.483767] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 439.483788] __kernfs_new_node+0xef/0x5a0 [ 439.483804] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 439.483823] ? mutex_unlock+0xd/0x10 [ 439.519748] ? kernfs_activate+0x21a/0x2c0 [ 439.523979] ? kernfs_walk_and_get_ns+0x340/0x340 [ 439.528819] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 439.534348] ? kernfs_link_sibling+0x1d2/0x3b0 [ 439.538930] kernfs_new_node+0x80/0xf0 [ 439.542826] __kernfs_create_file+0x4d/0x330 [ 439.547227] sysfs_add_file_mode_ns+0x21a/0x560 [ 439.551896] sysfs_add_file+0x4e/0x60 [ 439.555704] sysfs_merge_group+0xfa/0x230 [ 439.559883] dpm_sysfs_add+0x161/0x210 [ 439.563769] device_add+0x857/0x16f0 [ 439.567492] ? kobject_set_name_vargs+0x100/0x150 [ 439.572347] ? device_private_init+0x240/0x240 [ 439.576929] device_register+0x1d/0x20 [ 439.580810] tty_register_device_attr+0x35b/0x730 [ 439.585647] ? __init_waitqueue_head+0x9e/0x150 [ 439.590314] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 439.595170] ? trace_event_raw_event_module_request+0x340/0x340 [ 439.601225] ? kasan_check_write+0x14/0x20 [ 439.605456] ? tty_port_init+0x1a3/0x260 [ 439.609511] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 439.614525] tty_port_register_device+0x3d/0x50 [ 439.619194] rfcomm_dev_ioctl+0x1bba/0x2240 [ 439.623518] ? rfcomm_dev_state_change+0x150/0x150 [ 439.628469] ? __local_bh_enable_ip+0x161/0x230 [ 439.633150] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 439.638178] ? lock_sock_nested+0x9f/0x120 [ 439.642405] ? trace_hardirqs_on+0xd/0x10 [ 439.646547] ? __local_bh_enable_ip+0x161/0x230 [ 439.651224] rfcomm_sock_ioctl+0x89/0xb0 [ 439.655281] sock_do_ioctl+0xe4/0x3e0 [ 439.659079] ? compat_ifr_data_ioctl+0x170/0x170 [ 439.663836] ? lock_downgrade+0x8f0/0x8f0 [ 439.668011] ? rcu_is_watching+0x8c/0x150 [ 439.672158] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 439.676586] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 439.681778] sock_ioctl+0x30d/0x680 [ 439.685399] ? dlci_ioctl_set+0x40/0x40 [ 439.689369] ? match_held_lock+0x851/0x8d0 [ 439.693600] ? expand_files.part.8+0x9c0/0x9c0 [ 439.698180] ? kasan_check_write+0x14/0x20 [ 439.702425] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 439.707357] ? dlci_ioctl_set+0x40/0x40 [ 439.711323] do_vfs_ioctl+0x1de/0x1720 [ 439.715205] ? ioctl_preallocate+0x300/0x300 [ 439.719603] ? __fget_light+0x2f7/0x440 [ 439.723577] ? fget_raw+0x20/0x20 [ 439.727031] ? __sb_end_write+0xac/0xe0 [ 439.731042] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 439.736576] ? fput+0x130/0x1a0 [ 439.739846] ? ksys_write+0x1ae/0x260 [ 439.743645] ? security_file_ioctl+0x94/0xc0 [ 439.748136] ksys_ioctl+0xa9/0xd0 [ 439.751583] __x64_sys_ioctl+0x73/0xb0 [ 439.755464] do_syscall_64+0x1b9/0x820 [ 439.759340] ? finish_task_switch+0x1d3/0x890 [ 439.763830] ? syscall_return_slowpath+0x5e0/0x5e0 [ 439.768767] ? syscall_return_slowpath+0x31d/0x5e0 [ 439.773695] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 439.779065] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.783909] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 439.789095] RIP: 0033:0x455a99 [ 439.792286] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 439.811641] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.819346] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 22:20:45 executing program 4: clock_gettime(0xfffffffffffffff2, &(0x7f0000000480)) r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x6, 0x0) ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000040)=0x1424) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) [ 439.826607] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 439.833870] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 439.841133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 439.848394] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000010 22:20:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") r1 = memfd_create(&(0x7f0000000140)="2d42d54e49c56aba707070f00884a26d003a2900bb8dacac76617d6b6e6823cb290fc8c03a9c631064eea98b4363ad899c6bdec5e936dd55a93dcd4a78aa8f7eb93061a9b2044b98933f8851f7d61da1ce8b19eaefe3abb6a52434d6fe370fe7d924ce20ab4eaec9bdd36740e127730e90f2cd72b828", 0x0) pwrite64(r1, &(0x7f0000000240)='U', 0x1, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1000005, 0x110010, r1, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x1000000000003, 0x0) add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000001380)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="5dcae8b89ec837afeb9023fc71719d263beda0dfd2976968e5cb7534c9f0e140c69435f25f2a08a839721608741723f5e515956b9e5fc24645286071360f7c261a075ae72a6194a3e7f61aa652d9fd0e403786b0f7730f1d063b56ebf5a84498406fff8d7f891888e2cbbb7577e9a306cd368a3ce7d6d5ec0bad2172cb55851ecd02d261e917610189bf6a95758b464d9c7da9d58c7f1fe4f5126c892e4f9b92ee37b3f2a50affe957d07c649d8a65c4d8b02379e0a2eb83950a6d1954237f0b0d4340a81589eae2a4b10268075d158ff46e8d450a54274b986db192ddfed88a4362e86673fc19bafd8d4e04c01b0e948f16175362bbe9e2ada60f2ab1f5f8301c194fa66ed881c74443cf1712e1406777edceb47cc1aff1be4eb57955b7c23cf1faeb3ea2b1919ce570ce171774c13c08178685756719643d4c5ba3a20db00a775185ee22ebf24aa2b23fb87edc1e4fbd99710280ce0471b676183a7b0f58f21ac19802e402835005b67a3ec5ad6938ddcd3cc0887d1a2ee1052d17adb0e9f0323cdbcd38089f1980f5461217610fe80553b44c2cb5b8659001e8c666c115706eb09b7f04f81ab14233b580de999265e7fcb1e1f7d6756e3af5e07fae00945af92fcd703faf19f7406b286e559b4b5365aa9a5d759701fb3a964e76f83ce5be471b456003f4be5460688dc8f8f559b72d5a04166c71a13a630152f585486249bb26c288c5c63dc1a4ff23fc0e38717ebaebf43aeadfdc2f43094cac7d46c387a17373af8453736bccb747152d8a21ca1316d5432057cee7f646e8d74ea50bf521fe75f3f7e87b25593d2c06392c957a8e4605853e0ce0b22b7b8945a004a97b1aa65110cbb87eef02da7389ac193594e0baa16a9a4d6b691c7bea442fa6ed2fcc12bf9bea912554a1f80ea12fd1a5ce05c8a7792cfb4fe441e0667d2293872aef603bdeadc059a05baba73aa063cf56a8f46192f2131621ed981eab292232d3d5e68a316b105f573af66b586951066291836cb446149b25a462def3c4dab91855370c8474d6998bbba52cc4013f89823cf1f1d2df23d9b466cdf2bc17938847eee04ca9206c5bf80be066f07fea0d3bfadfa0a32bb04ad3cc121977208d447fc2fa9309c3d4c280e04671540993d6b8f62eb87d03ac9e0cd97e4a24130614642dfb7c483f3911cc75454ba9f25d399b0c3951d8afe1ca29cc6967ddfc325cb193deed745dc0d324f6fa939b27e06c2169e85aced17ba93c3eb753c9416f55268ecbf9441b2cea51d9ea9301b8f1e3f5475398350303f563a0fd9bb1afdfdb1c208ab6c9651e45f1968199e45941e244c36163bcacb232101774e52349f956ea1740f7459476641cd768d7e458935a0fa111a612ae853e405d670d19085242399e6c50a4bde62d1c1aeb75f554d3c3bf6c0984393a2d3b298ca36c928617aff732d770f5cbf9d51be71c4ed156aaf96f44a0c2448096da95eeeb6014f01345066ac74fdf5245a78a3ef4806e126be1a92a5d5808a1c5cffd172fbd6990ee521ed43b8fbc72c200ff746747421a6dbd42bf3112e9bae17475cdc73bd0f154a6f5c1cfc2169eeca36e28ef6575166db1179c8718d75439ef172e43a610e2eb680e95dc98de2145e776f485cc8153633a683d630f199bea14e197c1c2e1a6c4e605f4bc47901d7e294fa0cd03d5de445969632610f5d545d1706d20c739e903bcfdea15712f752ba134ea8afe923c7f8d37a4b9ab919300df8097c1ad068a46c3272261ad91a3d4dae0386c093deaae21470145e67c9f0dcb6ffc81699788dcfdb320a8e731f993ce97d434de0cf6556d57ec936a6309e11bc2b306c777f4887ece56ced12d54dfed158c5a44c966f775d689d77c96f4ee6a4ced1ce84449cc8337e136e1cddf3a508aa243f4bea81a718e0fc60e6edf4b7667cc67235fd6a3b5ac220cdb335515da7f5534b7babbfe90a1d46272edc7e8bf6f81426785035aec73123090dcab17bacf5e9f97b0a3b9a45e3d4d599c8abf51c0f43eaae08768c76764b9ac4f53adb68926e26ab43ee05ff33e4595f671e8a7f5b808abff073bf5ec47509a6db5a96ac86b00bcee1a552526e545e343aa1f68e0ec3e543f0292a61b029efdc7bd7d51b86b2bc366f86d3c0a7bba96b19499377addd41db81cc6cb41d2b80e4b9be5fe62f19665c3d86b20c115836494e32ca3e50bba5727054c3f8598e3d8feda6dfef22b8bea200a4f981fdffde180b3931f4b7c99744d1ca8301343d97b3a7c220a853862113d170d8cf040656f1bfb1a63dc2e0ed57ad65812a36680bcd968b4675d831a397909cf12f94ce5505bc92fabc96bb648a8ce0104fa682441c5326f73fe6401b17af1e50417d06b3932a17a14d1ff1b09279ff5d7799acc0acc5e8bbfc6273c81c44e45ab879876a26631c722845061b35c09e5d521c2005c33e21557d0e51e7ec16db85292746027efa7a4c1980b11119ed98264ba027e24058892955c66b8bfa8a23cfae37f12b799b1d25ee97a2d0c6a2adf7230c7c24bb32fbde8d848e1a9fcfd75302f67e2ade4916d566c82b8d04fc795680bd786b2dac085608e70094d94a79384e43e43756bffb9ed95b4d8927566ce77ba808d8e85548e7458b785d65ffc3df032592a561b4748910707a2fa991915c1ac98289769afc9b238100c1bcccf43b0fe36d0e4c5bb83771b644b922d01889d69c81e13a53ab7443723af7faf9f44d88ed1e5bb36b49dbb611a4c45fa47751ce54db239186cf205b615f3dab2421084e73fa83ae917d4f28c2e4b9b576703f2cd9373aaf87c0b4778b9081c6e5a9986aa8434ee231ca284d8134da4821c5a2c65c2053dd30661741f38a2c1b5577ee1a1085c1aaec5d9538a9b109947106aa35f9d2b620b46685b85cce4e24b4a8ad2b1755cb8bc9bd7b3a1e1f3e0b137f362787f0250628efc35c16c3ea6eaa4ecbc4e50baca5df928664cccc4494f264daf87823b0a33e9507158c1773e8ae3a2d8f275163e221e8c08512dd43ef325c77ec3ea6876f20146aa829d6c65d30539d6d630fdbd7a9553afbdf2683421190fc949e20fcfbe32b976a3a64f6b9d7c9aa77d66aa9ec7385a02c1d197fd9c57d0581b684d203858bf23f4c42c895d08d4655d4abdcd3432d0cf34c5eb6db00b54b3ea68fb82a39e7f3276a667c4a4277afd3fb3e4ce742727d5b22e02b0eb705f94efcec6fa219290a0e9d9c4c795672071fcd0fb37df4d1a33743b42ca61aa2ff77b6d1228783a84a07bc61cd5e78dbcf13cd6409293d368edabe77f40eb301fac94b2d2909bd1f2a898bf5fb54e6a8a85d6d8a7f1f707509540d27ddd806d09a6becc74c052f08f85cc058c6ceb8b21312e993ad5bc054739ec86cde1696955d2a0b4c0ca6ee007645132d7d03b6955f6e5a5974c086057b22c3a6dbc2c696d45ad5de3d77d00f6e11fc73ffcdcb49df4078c577bce77204f2a7c38c5d26bf454280af52ff355acb2b946a8f6f9d94802b146be696880e9c62a96bec5a272c980fe86e1277cfee508df40e0b73df4bb52eabb4cc03d27169a97c13994c62cc4e4c65dc689092b6c5ff862aeb1502f48ee66d58afcaebe4ef2bb361fbf0f0a8405bfae0a13a4d153d1496715f50c712f163724a8fc404d2d10cec661733dea7f8a85af80380e9f1be0a6b403ee9b85b7ca30c9a0f5ad3e56cabbe663e2d1a896ef48dc157bf7597b70cee3943235fe4eaaaf1be723852c431a20dd9fd47d562f81ce5afc461b2560cd05d068182cf43b0748fd6d7d654594a845441388082fcbcd76e8f6f9db0495191f6be158601825bb96682740d0a66643aee3118e232963247743978b641ee97910a1bbc2a87444e6ca3e49184e7f5efee08e849b1cc0570bec19bcb16aae2a6c6497fb92cbdc499fb1fb435cbdcfada3fb487501d04dbe0435f98a0af3f79dba40e62dd61160d4424b70fc8ec2632e2d31905f4a0920886356b4f5c2546de242b6e7bf7cc7e370e1507d7c3e4674a0879634d4c60060241a7e32a64c9bc07fa3b7358b069ab8e8be3d697ef4603674cd0fa865ef5efb1aa698f6c3c1883edf3fa47fadf94af21a93c04413f5c8128df0ab10aef5dd64f6ca18c144605e09ccbee03cb3866239476b570fec8f1a83120cb4851154494ba0cfb91a8e084f58ee2d68a5fa62f392b4a2a61ed9ee002b9ad6eb9d4861c669bfe4880b2879315f2b33493b4ffc1a455a91beb1185490ac57d5ffde83242bfe47e49b8a09b8f855e4af31b75fc00571b73db18366c411c26157a7d25328fb3822f6fc94d2c15db4b1cc6a3a4551b56e41c6918d7558821346c73679acff4105b5fc4c40a0f0e36e15e774d9875823512239a9151e5d423d340dd974ad62ef91636e6732a4f93d2c7d80c876ec12bbbbb30fd5cbf3e473b15a1765f0c952335f9dae1c04f2", 0xc42, 0xffffffffffffffff) 22:20:45 executing program 5 (fault-call:1 fault-nth:17): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 439.925707] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 439.933178] FAT-fs (loop1): Filesystem has been set read-only 22:20:46 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept(r0, 0x0, &(0x7f0000000000)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x10) bind$alg(r1, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x12) 22:20:46 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 440.035028] FAULT_INJECTION: forcing a failure. [ 440.035028] name failslab, interval 1, probability 0, space 0, times 0 [ 440.046514] CPU: 1 PID: 21852 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 440.053892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.063256] Call Trace: [ 440.065870] dump_stack+0x1c9/0x2b4 [ 440.069525] ? dump_stack_print_info.cold.2+0x52/0x52 [ 440.074754] should_fail.cold.4+0xa/0x1a [ 440.078845] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 440.083972] ? find_held_lock+0x36/0x1c0 [ 440.088061] ? rcu_note_context_switch+0x730/0x730 [ 440.093036] ? graph_lock+0x170/0x170 [ 440.096853] ? find_held_lock+0x36/0x1c0 [ 440.100925] ? __lock_is_held+0xb5/0x140 [ 440.105000] ? check_same_owner+0x340/0x340 [ 440.109335] ? rcu_note_context_switch+0x730/0x730 [ 440.114279] __should_failslab+0x124/0x180 [ 440.118520] should_failslab+0x9/0x14 [ 440.122338] kmem_cache_alloc+0x2af/0x760 [ 440.126508] ? __lock_is_held+0xb5/0x140 [ 440.130593] ? wait_for_completion+0x8d0/0x8d0 [ 440.135208] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 440.140256] __kernfs_new_node+0xef/0x5a0 [ 440.144431] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 440.149212] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 440.154171] ? wait_for_completion+0x8d0/0x8d0 [ 440.158780] ? lock_downgrade+0x8f0/0x8f0 [ 440.162971] kernfs_new_node+0x80/0xf0 [ 440.166903] __kernfs_create_file+0x4d/0x330 [ 440.171339] sysfs_add_file_mode_ns+0x21a/0x560 [ 440.176047] sysfs_create_file_ns+0x8b/0xb0 [ 440.180392] device_create_file+0xf4/0x1e0 [ 440.184649] device_add+0x105c/0x16f0 [ 440.188478] ? kobject_set_name_vargs+0x100/0x150 [ 440.193356] ? device_private_init+0x240/0x240 [ 440.197980] device_register+0x1d/0x20 [ 440.201899] tty_register_device_attr+0x35b/0x730 [ 440.206767] ? __init_waitqueue_head+0x9e/0x150 [ 440.211467] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 440.216339] ? trace_event_raw_event_module_request+0x340/0x340 [ 440.222409] ? kasan_check_write+0x14/0x20 [ 440.226640] ? tty_port_init+0x1a3/0x260 [ 440.230689] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 440.235715] tty_port_register_device+0x3d/0x50 [ 440.240579] rfcomm_dev_ioctl+0x1bba/0x2240 [ 440.244896] ? rfcomm_dev_state_change+0x150/0x150 [ 440.249998] ? __local_bh_enable_ip+0x161/0x230 [ 440.254669] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 440.259688] ? lock_sock_nested+0x9f/0x120 [ 440.263929] ? trace_hardirqs_on+0xd/0x10 [ 440.268064] ? __local_bh_enable_ip+0x161/0x230 [ 440.272727] rfcomm_sock_ioctl+0x89/0xb0 [ 440.276781] sock_do_ioctl+0xe4/0x3e0 [ 440.280568] ? compat_ifr_data_ioctl+0x170/0x170 [ 440.285313] ? lock_downgrade+0x8f0/0x8f0 [ 440.289468] ? kasan_check_read+0x11/0x20 [ 440.293600] ? rcu_is_watching+0x8c/0x150 [ 440.297734] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 440.302130] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 440.307307] sock_ioctl+0x30d/0x680 [ 440.310936] ? dlci_ioctl_set+0x40/0x40 [ 440.314897] ? match_held_lock+0x851/0x8d0 [ 440.319121] ? expand_files.part.8+0x9c0/0x9c0 [ 440.323690] ? kasan_check_write+0x14/0x20 [ 440.327912] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 440.332833] ? dlci_ioctl_set+0x40/0x40 [ 440.336796] do_vfs_ioctl+0x1de/0x1720 [ 440.340690] ? __lock_is_held+0xb5/0x140 [ 440.344738] ? ioctl_preallocate+0x300/0x300 [ 440.349130] ? __fget_light+0x2f7/0x440 [ 440.353090] ? fget_raw+0x20/0x20 [ 440.356531] ? __sb_end_write+0xac/0xe0 [ 440.360495] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 440.366022] ? fput+0x130/0x1a0 [ 440.369290] ? ksys_write+0x1ae/0x260 [ 440.373081] ? security_file_ioctl+0x94/0xc0 [ 440.377493] ksys_ioctl+0xa9/0xd0 [ 440.381071] __x64_sys_ioctl+0x73/0xb0 [ 440.384947] do_syscall_64+0x1b9/0x820 [ 440.388819] ? syscall_slow_exit_work+0x500/0x500 [ 440.393663] ? syscall_return_slowpath+0x5e0/0x5e0 [ 440.398579] ? syscall_return_slowpath+0x31d/0x5e0 [ 440.403499] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 440.408852] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.413684] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.418860] RIP: 0033:0x455a99 22:20:46 executing program 7: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r0, 0x0) mount(&(0x7f0000000200)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f0000000100)="d95cc9dbbd1e9b1f128ab6dcc8e05a3e58de2836b6d130f3eabb9bdd6a315b3240ca3f82f98e2c9179a6930c52f6ce0954ca1670b592c8596344f57e95c157a132555cdfad34ffa3b3715025a40eeca5b9714d2d58134482dc9219738711ddafdb040b8eaf5f5902e20a6e7f362d3993e84772ff0025fb59380b3cce68c695b7045ff37a9db1038c7db520052e6214d910a389fc8294c7baaa21826814ba3967dcc98f0f5f992437e288425f865bef5ae368abf51bd99096ffc8e8aea540d18b76") [ 440.422029] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 440.441266] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.448975] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 440.456237] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 440.463493] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 440.470761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 440.478021] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000011 22:20:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530fa", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:46 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00') ioctl$TCSETA(r1, 0x5406, &(0x7f0000000080)={0x40, 0x200, 0x0, 0xffffffffffffffff, 0x2, 0x7734, 0xb8a, 0x7fff, 0x5, 0xffffffffffffffff}) lseek(r0, 0x15, 0x5) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{0x3, 0x81}, {0x8f40, 0x6}, 0x200, 0x3, 0xfffffffffffff4d6}) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000000), 0x2) 22:20:46 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653080", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:46 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0xffffffffffffff44) sendto$inet(r0, &(0x7f0000000280), 0x314, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) recvmmsg(r0, &(0x7f0000003600)=[{{&(0x7f0000002200)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000003580), 0x0, &(0x7f00000035c0)=""/18, 0x12}}], 0x1, 0x62, 0x0) 22:20:46 executing program 5 (fault-call:1 fault-nth:18): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:46 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x200000010, &(0x7f0000000040)=0x1, 0x4) write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x1) fstat(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r2) write$binfmt_misc(r0, &(0x7f0000000240)={'syz0'}, 0x4) recvfrom(r1, &(0x7f0000000180)=""/184, 0xb8, 0x0, 0x0, 0x0) 22:20:46 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:46 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000180)=0x9, 0x4) sendto$inet6(r1, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="9d79696dd68892670ec09c6ea7811a1290990052bc16c80ad24cca7fac51a80817b512166e6cd8e697e4a178fd3a23efba1f47f5cef81f59b26692d4419fe2700671c07c31be753d99fb27cbe97b979673bab82b6a6e9f295e1057a823b52cd6a41f6ea37674b2fcfde85e6af207d51f6dfdaa1ef6a2ddab3e23cfadd85160cd15a513b1682a1ba7957fc1edaddb23aba74e594a49de7af51cb7a015d997d2d7da124ad642a274a4cf303ad8601e1b4c6dd650dab247111374a9b930f6cbe0530e3588f6652f76c354ea86b154ebd86d9fdc33df20545f3a", 0xd8, 0x4, &(0x7f0000000040)={0xa, 0x4e22, 0x95, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x2}, 0x1c) 22:20:46 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) unshare(0x2400) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) syz_open_procfs(r2, &(0x7f0000000040)='net/anycast6\x00') ioctl(r1, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(pcrypt(rfc4106-gcm-aesni))\x00'}, 0x58) write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="73797a3063633865fbafcd30c39f9b8dd0b1069b6d4008404b8c1d29602f1827c4f7b0c0066cf47fefbe79c7085eb57c95a0e40cb9f23f34648b1b7032e73e66fac4a41f213d4d6feaf05443c364c4666faa8ef6ba4bd8860caf663630c56673c43841082ea12d4bd8f559ff2a32447fbed8378306cda276b6ad2e9dffd9f628158aa5ff5a9bfbb5b3d5d293e9b0d600029c3064457e604352481cd0add144ff0700007aa9d2fd08d73fb79d180da37d4bc99e22804024f2494cc38ca19ea4ab0dffa4ff6760a4f753b093f59f"], 0xc3) setsockopt$ALG_SET_KEY(r0, 0x117, 0x5, &(0x7f00000000c0), 0x10) 22:20:46 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x3a) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x5c) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f0000000200)={0x0, 0x100000001, 0x4, 0x34}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000280)={r2, 0x8, 0x5, [0x0, 0x80000000, 0x100, 0x156, 0x4]}, 0x12) r3 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x1f, 0x80) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r3, 0xc0305302, &(0x7f00000001c0)={0x10000000000009, 0xffffffff, 0x7f, 0x3, 0x7, 0x3}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r1) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f00000002c0)={r2, 0x2}, &(0x7f0000000300)=0x8) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000080)={{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0x0, [0x0, 0x88ab0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xff]}, 0x5c) 22:20:46 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\v', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:46 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 440.804494] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 440.811767] FAT-fs (loop1): Filesystem has been set read-only 22:20:46 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000180)=0x9, 0x4) sendto$inet6(r1, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="9d79696dd68892670ec09c6ea7811a1290990052bc16c80ad24cca7fac51a80817b512166e6cd8e697e4a178fd3a23efba1f47f5cef81f59b26692d4419fe2700671c07c31be753d99fb27cbe97b979673bab82b6a6e9f295e1057a823b52cd6a41f6ea37674b2fcfde85e6af207d51f6dfdaa1ef6a2ddab3e23cfadd85160cd15a513b1682a1ba7957fc1edaddb23aba74e594a49de7af51cb7a015d997d2d7da124ad642a274a4cf303ad8601e1b4c6dd650dab247111374a9b930f6cbe0530e3588f6652f76c354ea86b154ebd86d9fdc33df20545f3a", 0xd8, 0x4, &(0x7f0000000040)={0xa, 0x4e22, 0x95, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x2}, 0x1c) 22:20:46 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000816000)) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0xc0, 0x0) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000140)=ANY=[@ANYBLOB="050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000007670efc90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000026d0000000000000000000000000000000000000000000461c000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000156c000000"]) timer_gettime(0x0, &(0x7f00000015c0)) [ 440.939600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 440.946973] FAT-fs (loop1): Filesystem has been set read-only 22:20:47 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:47 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x6205, r1) ptrace$setregset(0x4209, r1, 0x20000000, &(0x7f0000000080)) openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400000, 0x0) [ 441.122865] FAULT_INJECTION: forcing a failure. [ 441.122865] name failslab, interval 1, probability 0, space 0, times 0 [ 441.134243] CPU: 1 PID: 21894 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 441.141618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.150987] Call Trace: [ 441.153595] dump_stack+0x1c9/0x2b4 [ 441.157229] ? dump_stack_print_info.cold.2+0x52/0x52 [ 441.162419] should_fail.cold.4+0xa/0x1a [ 441.166472] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 441.171564] ? find_held_lock+0x36/0x1c0 [ 441.175618] ? rcu_note_context_switch+0x730/0x730 [ 441.180538] ? graph_lock+0x170/0x170 [ 441.184332] ? find_held_lock+0x36/0x1c0 [ 441.188384] ? __lock_is_held+0xb5/0x140 [ 441.192446] ? check_same_owner+0x340/0x340 [ 441.196758] ? rcu_note_context_switch+0x730/0x730 [ 441.201754] __should_failslab+0x124/0x180 [ 441.205985] should_failslab+0x9/0x14 [ 441.209775] kmem_cache_alloc+0x2af/0x760 [ 441.213911] ? __lock_is_held+0xb5/0x140 [ 441.217987] ? wait_for_completion+0x8d0/0x8d0 [ 441.222564] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 441.227572] __kernfs_new_node+0xef/0x5a0 [ 441.231711] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 441.236458] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 441.241380] ? wait_for_completion+0x8d0/0x8d0 [ 441.245956] ? lock_downgrade+0x8f0/0x8f0 [ 441.250104] kernfs_new_node+0x80/0xf0 [ 441.253982] __kernfs_create_file+0x4d/0x330 [ 441.258391] sysfs_add_file_mode_ns+0x21a/0x560 [ 441.263057] sysfs_create_file_ns+0x8b/0xb0 [ 441.267374] device_create_file+0xf4/0x1e0 [ 441.271614] device_add+0x105c/0x16f0 [ 441.275410] ? kobject_set_name_vargs+0x100/0x150 [ 441.280251] ? device_private_init+0x240/0x240 [ 441.284827] device_register+0x1d/0x20 [ 441.288704] tty_register_device_attr+0x35b/0x730 [ 441.293538] ? __init_waitqueue_head+0x9e/0x150 [ 441.298212] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 441.303047] ? trace_event_raw_event_module_request+0x340/0x340 [ 441.309094] ? kasan_check_write+0x14/0x20 [ 441.313332] ? tty_port_init+0x1a3/0x260 [ 441.317398] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 441.322406] tty_port_register_device+0x3d/0x50 [ 441.327070] rfcomm_dev_ioctl+0x1bba/0x2240 [ 441.331400] ? rfcomm_dev_state_change+0x150/0x150 [ 441.336327] ? __local_bh_enable_ip+0x161/0x230 [ 441.340987] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 441.345998] ? lock_sock_nested+0x9f/0x120 [ 441.350229] ? trace_hardirqs_on+0xd/0x10 [ 441.354365] ? __local_bh_enable_ip+0x161/0x230 [ 441.359033] rfcomm_sock_ioctl+0x89/0xb0 [ 441.363082] sock_do_ioctl+0xe4/0x3e0 [ 441.366868] ? compat_ifr_data_ioctl+0x170/0x170 [ 441.371615] ? lock_downgrade+0x8f0/0x8f0 [ 441.375753] ? kasan_check_read+0x11/0x20 [ 441.379916] ? rcu_is_watching+0x8c/0x150 [ 441.384068] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 441.388466] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 441.393643] sock_ioctl+0x30d/0x680 [ 441.397261] ? dlci_ioctl_set+0x40/0x40 [ 441.401224] ? match_held_lock+0x851/0x8d0 [ 441.405449] ? expand_files.part.8+0x9c0/0x9c0 [ 441.410026] ? kasan_check_write+0x14/0x20 [ 441.414250] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 441.419175] ? dlci_ioctl_set+0x40/0x40 [ 441.423138] do_vfs_ioctl+0x1de/0x1720 [ 441.427023] ? __lock_is_held+0xb5/0x140 [ 441.431076] ? ioctl_preallocate+0x300/0x300 [ 441.435471] ? __fget_light+0x2f7/0x440 [ 441.439437] ? fget_raw+0x20/0x20 [ 441.442879] ? __sb_end_write+0xac/0xe0 [ 441.446863] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 441.452389] ? fput+0x130/0x1a0 [ 441.455660] ? ksys_write+0x1ae/0x260 [ 441.459450] ? security_file_ioctl+0x94/0xc0 [ 441.463850] ksys_ioctl+0xa9/0xd0 [ 441.467296] __x64_sys_ioctl+0x73/0xb0 [ 441.471176] do_syscall_64+0x1b9/0x820 [ 441.475400] ? finish_task_switch+0x1d3/0x890 [ 441.479886] ? syscall_return_slowpath+0x5e0/0x5e0 [ 441.484813] ? syscall_return_slowpath+0x31d/0x5e0 [ 441.489734] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 441.495090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 441.499925] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 441.505101] RIP: 0033:0x455a99 [ 441.508271] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 441.527508] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.535210] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 441.542467] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 441.549825] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 441.557081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 441.564336] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000012 22:20:47 executing program 7: syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffff415b, 0x6, &(0x7f0000000580)=[{&(0x7f00000000c0)="855da7b9796501d120fc9fc91e5043ecdd4ff48b7d6b331282cb48726f79ce6ca9c8c37b20d417131edd5e8c174cda779c1ca14e0a066d0575117bb4d9b4ea679c40eef5c1b4728991f4a7f97fc331a5fd2b77b30f7e6835b79d6845f2fb02d3d79f15e492f4db9b3815e62648ac514ff86b555c9160036c8cf1694ef56a73d88504efd1d4ae14c73994cf31dcd36a16dc0f8cd6791453b1e8fa468bd485b0faa4f8fe8244ebb221b8c5f894db71172d9ca77ffd88f796429d97b3961becf7f45c15901fdb598924785ef206842c90a810709afa1d1c37421416b76cabb3821429ffd4fe2d9e29d04f0f114b16828c9cd12bbb0cd74426c30e8eb5d3", 0xfc, 0x3f}, {&(0x7f00000001c0)="58ef84b8139615dd685d2c76729ba39dfa2e3eea8115594e954dc5da9c62eae2631ae49d7f5853dbd97e3a6ada514add8eb16d1865daf32796ea99a4f6496d4a5622bb7f1be47d549a70988be09a7b11e47bd3b97f60edc6523229c37a3ecb592415ef29b2e95bde828bf72a9ec01bad7b05af94c6a3838650a7bda8f71b2081323580720f02661b4af253d143", 0x8d, 0x36}, {&(0x7f0000000280)="3037addc1af639c4b460eca48fba6662512461326a0471e851d4212deb390c6b02a47389f729b843763f51d4620ae018df3a283aea1c31ccbd33ab6b4930d9ff2ba50419f9d54ad8073c7a4d2b52c0387a462d30009d09c67eebac6ccc7b5daf7063718594442e104004524916feb40825737491158718aa2733591b232fd76f4bb27bd959693e1df11b0ed1b0c59f81e893a9bcd06621249e0df44479bfd22c625a1c2d0e739d95d8c8f5e01add738bd908ac82c90e891e8e86843d783689ac4ba79aaf856c1ee98853f477e64cf4b61f290c16951f07126ec948c4582872f5fa5bcb5751", 0xe5, 0x400}, {&(0x7f0000000380)="18cd7125309bd22b1e5ac5996a2b87a03af5838bb63fcf3559f012316dcd7863cc3db38d29b7700dbff3653b686f6a0cc47103cb96175d353edb11fd366616098672215229ed20da46212398d2d0b2d8cf96d1822e2f92adc3a136bb8e085980106a6ecf5c82d7840fb25965ddb58fa0dd3bba7f051bb2e0fb4202c4002f981fed3323a8043ee29dc1e0d6903e8d49df589b", 0x92, 0x9}, {&(0x7f0000000440)="09e32d3a470fb3a448a835625137a76a027aafb7ec392b09f2dab538553f5c3fe48f21f89d3a926e490fe13eae709fb9aa44c851e59f3907deeb0140acbdc0cd5615e1431cde74c1314a20c22810f8dcfcdeb98c254e22b5d1ce0a0f6dbe59dc70bb6afc502d62a9f6a7cb48d5354a92bbd2f23d3fcaedefab7ea8654cc7856bcf15a332e3c14d43", 0x88, 0x8}, {&(0x7f0000000500)="b068c03a8a8d4352484c1d4b9da0537ce99ad03a3230948d855a36765b5fa919a3555fdd9c2dabb16cc69d4d16a4d87a94dd833e3d44190406324adf98379e7921e67f061943807e4b043ff69aa57d389c", 0x51, 0x8001}], 0x200420, &(0x7f0000000680)=ANY=[@ANYBLOB="71756965742c6469725f756d61736b3d36333133d3db676b307db4da81eb3239657dc60d756965742c00"]) r0 = socket$inet6(0xa, 0x3, 0x400000000000009) ioctl(r0, 0x4000008911, &(0x7f0000000040)="295ee1311f10f4776e3a185c4a02aa0a6115a5ed8fe2671070") r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) close(r1) prctl$intptr(0x3b, 0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=ANY=[@ANYBLOB="73656375626974790000000000000000000000000000000000000000000000000e00000004000000c0030000ffffffff0002000000020000f0000000fffffffffffffffff0020000f0020000f0020000ffffffff04000000", @ANYPTR=&(0x7f0000000640)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f00000000000000000000000000000000000000000000000000028004e4651554555450000000000000000000000000000000000000000000003040004000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8001001000000000000000000000000000000000000000000000000480049444c4554494d45520000000000000000000000000000000000000000003f00000073797a30000000000000000000000000000000000000000000000000ffff00000000000000000000000000000000000000000001fe8000000000000000000000000000bb000000ffff000000ffffffffffffffffff0000ff00000000ff000000ffffffff6772653000000000000000000000000069705f76746930000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002c00020200000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800434c4153534946590000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x420) 22:20:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653003", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:47 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:47 executing program 5 (fault-call:1 fault-nth:19): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:47 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:47 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2a769b04, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysfs$3(0x3) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7, 0x80) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000040)="09755272d494dbda73a53117099569f5e37267a10ac4c04e3b35742a06e36fc42ad6ded0223f2bd5810da85dd3814e76e7b544cb6dd255184acc3caa2d0b55972472712ec6e63b7ba931cf0e985f43f18fa02d0ad06b75a0282ba7dea4fb753e25bdd8daa5584c74005ff88414c489f4c41785f0b85dd3ac37355c83ef2a341f204a") [ 441.767939] FAULT_INJECTION: forcing a failure. [ 441.767939] name failslab, interval 1, probability 0, space 0, times 0 [ 441.779674] CPU: 0 PID: 21954 Comm: syz-executor5 Not tainted 4.18.0-rc2+ #124 [ 441.787065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.796434] Call Trace: [ 441.799043] dump_stack+0x1c9/0x2b4 [ 441.802671] ? dump_stack_print_info.cold.2+0x52/0x52 [ 441.807854] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 441.812697] should_fail.cold.4+0xa/0x1a [ 441.816754] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 441.821852] ? find_held_lock+0x36/0x1c0 [ 441.825909] ? rcu_note_context_switch+0x730/0x730 [ 441.830837] ? graph_lock+0x170/0x170 [ 441.834655] ? find_held_lock+0x36/0x1c0 [ 441.838716] ? __lock_is_held+0xb5/0x140 [ 441.842779] ? check_same_owner+0x340/0x340 [ 441.847096] ? rcu_note_context_switch+0x730/0x730 [ 441.852035] __should_failslab+0x124/0x180 [ 441.856264] should_failslab+0x9/0x14 [ 441.860056] kmem_cache_alloc+0x2af/0x760 [ 441.864216] ? __lock_is_held+0xb5/0x140 [ 441.868270] ? wait_for_completion+0x8d0/0x8d0 [ 441.872866] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 441.877881] __kernfs_new_node+0xef/0x5a0 [ 441.882032] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 441.886781] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 441.891702] ? wait_for_completion+0x8d0/0x8d0 [ 441.896274] ? lock_downgrade+0x8f0/0x8f0 [ 441.900442] kernfs_new_node+0x80/0xf0 [ 441.904327] __kernfs_create_file+0x4d/0x330 [ 441.908727] sysfs_add_file_mode_ns+0x21a/0x560 [ 441.913392] sysfs_create_file_ns+0x8b/0xb0 [ 441.917709] device_create_file+0xf4/0x1e0 [ 441.921940] device_add+0x105c/0x16f0 [ 441.925734] ? kobject_set_name_vargs+0x100/0x150 [ 441.930572] ? device_private_init+0x240/0x240 [ 441.935170] device_register+0x1d/0x20 [ 441.939057] tty_register_device_attr+0x35b/0x730 [ 441.943887] ? __init_waitqueue_head+0x9e/0x150 [ 441.948734] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 441.953571] ? trace_event_raw_event_module_request+0x340/0x340 [ 441.959622] ? kasan_check_write+0x14/0x20 [ 441.963844] ? tty_port_init+0x1a3/0x260 [ 441.967897] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 441.972907] tty_port_register_device+0x3d/0x50 [ 441.977580] rfcomm_dev_ioctl+0x1bba/0x2240 [ 441.981899] ? rfcomm_dev_state_change+0x150/0x150 [ 441.986826] ? __local_bh_enable_ip+0x161/0x230 [ 441.991489] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 441.996493] ? lock_sock_nested+0x9f/0x120 [ 442.000717] ? trace_hardirqs_on+0xd/0x10 [ 442.004855] ? __local_bh_enable_ip+0x161/0x230 [ 442.009519] rfcomm_sock_ioctl+0x89/0xb0 [ 442.013573] sock_do_ioctl+0xe4/0x3e0 [ 442.017366] ? compat_ifr_data_ioctl+0x170/0x170 [ 442.022118] ? lock_downgrade+0x8f0/0x8f0 [ 442.026260] ? kasan_check_read+0x11/0x20 [ 442.030395] ? rcu_is_watching+0x8c/0x150 [ 442.034546] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 442.038949] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 442.044131] sock_ioctl+0x30d/0x680 [ 442.047748] ? dlci_ioctl_set+0x40/0x40 [ 442.051717] ? match_held_lock+0x851/0x8d0 [ 442.055942] ? expand_files.part.8+0x9c0/0x9c0 [ 442.060514] ? kasan_check_write+0x14/0x20 [ 442.064740] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 442.069663] ? dlci_ioctl_set+0x40/0x40 [ 442.073628] do_vfs_ioctl+0x1de/0x1720 [ 442.077522] ? __lock_is_held+0xb5/0x140 [ 442.081574] ? ioctl_preallocate+0x300/0x300 [ 442.085972] ? __fget_light+0x2f7/0x440 [ 442.089937] ? fget_raw+0x20/0x20 [ 442.093383] ? __sb_end_write+0xac/0xe0 [ 442.097355] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 442.102880] ? fput+0x130/0x1a0 [ 442.106151] ? ksys_write+0x1ae/0x260 [ 442.109944] ? security_file_ioctl+0x94/0xc0 [ 442.114349] ksys_ioctl+0xa9/0xd0 [ 442.117795] __x64_sys_ioctl+0x73/0xb0 [ 442.121674] do_syscall_64+0x1b9/0x820 [ 442.125550] ? finish_task_switch+0x1d3/0x890 [ 442.130042] ? syscall_return_slowpath+0x5e0/0x5e0 [ 442.134978] ? syscall_return_slowpath+0x31d/0x5e0 [ 442.139901] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 442.145260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.150098] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 442.155285] RIP: 0033:0x455a99 [ 442.158459] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 442.177799] RSP: 002b:00007fc5e110cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 442.185499] RAX: ffffffffffffffda RBX: 00007fc5e110d6d4 RCX: 0000000000455a99 [ 442.192753] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 442.200012] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 442.207273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 22:20:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="920fa0"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x2, 0x0) ioctl$KDMKTONE(r3, 0x4b30, 0xfff) connect$pptp(r3, &(0x7f0000000040)={0x18, 0x2, {0x3, @dev={0xac, 0x14, 0x14, 0x16}}}, 0x1e) [ 442.214530] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000013 22:20:48 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000ed1000)={0x8, 0x4, 0x80000000004, 0x8000000007}, 0x2c) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0xfffffffffffffec0, &(0x7f00000000c0)}, 0x10) fcntl$getown(r0, 0x9) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rfkill\x00', 0x400, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000300)={0x0, 0x2}, &(0x7f0000000340)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000380)={r2, @in={{0x2, 0x4e23, @rand_addr=0x9}}, 0x7ff, 0xfffffffeffffffff, 0xffffffffffffffc1, 0x800, 0x28}, 0x98) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000440)={0x5}) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r3, 0x8935, &(0x7f0000000040)={'bcsh0\x00', 0x7}) r4 = open(&(0x7f0000000100)='./file0\x00', 0x200000, 0x2) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000140)={0xb000200a}) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x7) sendto(r3, &(0x7f0000000180)="994f897ded5c35937dfffb928092fa4fd20b8106201d81e42c5885410beaf23813d5f48a1faceb322faf1fab5a65f0baf189ddc06b83c3f573f07816157276db1ae47a44f45a5faf5ade1736199828d37ef2e41ed9dfb9bfcae8231e8ae2ecec8919e77cbd4f63db7712a7cf4a6ef11f4a148273d1ddc4f86ddc2f60d2565b987f92cc95c356d50ed380546a72a2cb9c721ceabf", 0x94, 0x8000, &(0x7f0000000240)=@ipx={0x4, 0x1, 0x3, "cd52b1b46ffe", 0x8}, 0x80) 22:20:48 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 442.277297] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 442.284572] FAT-fs (loop1): Filesystem has been set read-only 22:20:48 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:48 executing program 7: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl(r0, 0x4000008919, &(0x7f0000000100)="2957e1311f16f437671070") r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) dup2(r0, r1) [ 442.376437] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 442.383764] FAT-fs (loop1): Filesystem has been set read-only 22:20:48 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x394) syz_open_dev$audion(&(0x7f0000000300)='/dev/audio#\x00', 0xa0, 0x500) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000000c0)="76859dbe743802e69253469d85cb27b1d60d7979883cdf3c52c71bea17dc6f3a53d552b0cb9b03f297a41daed49e365dc06552bed5f43d158d6330bd", 0x3c, 0x0) r2 = request_key(&(0x7f0000000240)='ceph\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)=':\x00', 0xfffffffffffffffe) keyctl$negate(0xd, r1, 0x1000, r2) clock_adjtime(0x0, &(0x7f0000000140)={0xcc73}) 22:20:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:48 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:48 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:48 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000400)="295ee1311f16f477671070") r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhost-vsock\x00', 0x2, 0x0) modify_ldt$read(0x0, &(0x7f0000000540)=""/57, 0x39) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000500)={0x0, 0x8000000000001, &(0x7f0000000400)=""/193, &(0x7f0000000280)=""/97, &(0x7f00000001c0)=""/127}) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.net/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$dspn(&(0x7f00000003c0)='/dev/dsp#\x00', 0xbbc, 0x101000) perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x70, 0x6, 0x7, 0x101, 0x20, 0x0, 0x400000, 0x20008, 0x2, 0x77, 0x3ff, 0x2, 0x40, 0x0, 0x70, 0x7, 0x7f, 0x2, 0x2, 0x8, 0x8, 0x1, 0x417c7d30, 0x1, 0x8ab0, 0xa34d, 0x9, 0x400, 0x3ab5, 0x2, 0x23604620, 0xf0, 0x0, 0x6, 0x100, 0x9, 0x28ec35a8, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000040), 0x9}, 0x208, 0x3, 0xfffffffffffffff7, 0x3, 0x3, 0x0, 0x40}, r2, 0x1, r3, 0xb) socket$xdp(0x2c, 0x3, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000700)=ANY=[]) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000180)=&(0x7f0000000100)) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000006c0)=0x1) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x34102, 0x0) getsockname$inet(r4, &(0x7f0000000300)={0x0, 0x0, @multicast2}, &(0x7f0000000340)=0x10) 22:20:48 executing program 3: r0 = socket$l2tp(0x18, 0x1, 0x1) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x200, 0x0) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @multicast1=0xe0000001}, 0x4, 0x4, 0x1, 0x3}}, 0x2e) connect$l2tp(r3, &(0x7f0000000500)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}, 0x4, 0x1}}, 0x2c) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x400000, 0x0) r5 = getpgid(0x0) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f00000000c0)=0x0) kcmp(r5, r6, 0x7, r2, r2) setsockopt$inet6_tcp_TLS_RX(r4, 0x6, 0x2, &(0x7f0000000080)={0x303, 0x33}, 0x4) ioctl$KVM_GET_MP_STATE(r4, 0x8004ae98, &(0x7f0000000100)) ioctl$FS_IOC_FSSETXATTR(r0, 0x8004745a, &(0x7f0000000000)) 22:20:48 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400000, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x72fcf9987ef20d68, 'bond_slave_0\x00', 0x3}, 0x18) ioctl(r0, 0x84000008912, &(0x7f0000000100)="295ee1311f16f48f491070") r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000100)="24000000070a07031dfffd946fa2830020200a0009000200021d85680c1baba20400ff7e28000000110affffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 442.672877] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 442.680213] FAT-fs (loop1): Filesystem has been set read-only 22:20:48 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:48 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:48 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x4000) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffd000/0x2000)=nil, 0x2000}, &(0x7f00000000c0)=0x10) clock_getres(0x8, &(0x7f0000000780)) open_by_handle_at(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="2d000000104000005f273c14a65cff64ff6459674b82b2bbddd7ea86870e076559a8e7d2fbd94e000000000000"], 0x8100) 22:20:48 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000400)="295ee1311f16f477671070") r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhost-vsock\x00', 0x2, 0x0) modify_ldt$read(0x0, &(0x7f0000000540)=""/57, 0x39) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000500)={0x0, 0x8000000000001, &(0x7f0000000400)=""/193, &(0x7f0000000280)=""/97, &(0x7f00000001c0)=""/127}) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.net/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$dspn(&(0x7f00000003c0)='/dev/dsp#\x00', 0xbbc, 0x101000) perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x70, 0x6, 0x7, 0x101, 0x20, 0x0, 0x400000, 0x20008, 0x2, 0x77, 0x3ff, 0x2, 0x40, 0x0, 0x70, 0x7, 0x7f, 0x2, 0x2, 0x8, 0x8, 0x1, 0x417c7d30, 0x1, 0x8ab0, 0xa34d, 0x9, 0x400, 0x3ab5, 0x2, 0x23604620, 0xf0, 0x0, 0x6, 0x100, 0x9, 0x28ec35a8, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000040), 0x9}, 0x208, 0x3, 0xfffffffffffffff7, 0x3, 0x3, 0x0, 0x40}, r2, 0x1, r3, 0xb) socket$xdp(0x2c, 0x3, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000700)=ANY=[]) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000180)=&(0x7f0000000100)) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000006c0)=0x1) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x34102, 0x0) getsockname$inet(r4, &(0x7f0000000300)={0x0, 0x0, @multicast2}, &(0x7f0000000340)=0x10) [ 442.809291] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 442.816589] FAT-fs (loop1): Filesystem has been set read-only [ 442.836206] netlink: 20 bytes leftover after parsing attributes in process `syz-executor0'. [ 442.871933] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:48 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0xffffffff) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000020207031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) 22:20:49 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:49 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8906, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:49 executing program 0: ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f00000000c0)='net/dev_snmp6\x00') fcntl$setstatus(r1, 0x4, 0x6800) finit_module(r1, &(0x7f0000000080)='cpuset\x00', 0x0) 22:20:49 executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f0000000080)=0x54) bind$bt_hci(r0, &(0x7f0000000040)={0x1f}, 0xc) r2 = dup2(r1, r0) ioctl$KDSETKEYCODE(r2, 0x4b4d, &(0x7f00000000c0)={0x0, 0x2}) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000100)={0x6c, {{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x13}}}}, 0x88) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) 22:20:49 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530ff", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:49 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:49 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000400)="295ee1311f16f477671070") r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhost-vsock\x00', 0x2, 0x0) modify_ldt$read(0x0, &(0x7f0000000540)=""/57, 0x39) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000500)={0x0, 0x8000000000001, &(0x7f0000000400)=""/193, &(0x7f0000000280)=""/97, &(0x7f00000001c0)=""/127}) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.net/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$dspn(&(0x7f00000003c0)='/dev/dsp#\x00', 0xbbc, 0x101000) perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x70, 0x6, 0x7, 0x101, 0x20, 0x0, 0x400000, 0x20008, 0x2, 0x77, 0x3ff, 0x2, 0x40, 0x0, 0x70, 0x7, 0x7f, 0x2, 0x2, 0x8, 0x8, 0x1, 0x417c7d30, 0x1, 0x8ab0, 0xa34d, 0x9, 0x400, 0x3ab5, 0x2, 0x23604620, 0xf0, 0x0, 0x6, 0x100, 0x9, 0x28ec35a8, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000040), 0x9}, 0x208, 0x3, 0xfffffffffffffff7, 0x3, 0x3, 0x0, 0x40}, r2, 0x1, r3, 0xb) socket$xdp(0x2c, 0x3, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000700)=ANY=[]) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000180)=&(0x7f0000000100)) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000006c0)=0x1) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x34102, 0x0) getsockname$inet(r4, &(0x7f0000000300)={0x0, 0x0, @multicast2}, &(0x7f0000000340)=0x10) 22:20:49 executing program 0: r0 = semget$private(0x0, 0x20000000102, 0x0) semop(r0, &(0x7f0000000080)=[{}, {0x0, 0xffffffff}], 0x2) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x1, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) semctl$GETNCNT(r0, 0x0, 0xe, &(0x7f00000000c0)=""/88) 22:20:49 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:49 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8981, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:49 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\b', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 443.314509] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 443.322077] FAT-fs (loop1): Filesystem has been set read-only 22:20:49 executing program 3: io_setup(0x80, &(0x7f0000000100)) io_setup(0x3ff, &(0x7f0000000140)) io_setup(0x20, &(0x7f0000000180)) io_setup(0x40, &(0x7f00000000c0)) io_setup(0x2, &(0x7f0000000240)) 22:20:49 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x541b, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:49 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 443.424378] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 443.431699] FAT-fs (loop1): Filesystem has been set read-only 22:20:49 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') r2 = syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0xfffffffffffffffd, 0x80002) ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000180)=0x4) sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000200)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000040)={0x14, r1, 0x301, 0x0, 0x0, {0xb}}, 0x14}, 0x1}, 0x0) 22:20:49 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:49 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5421, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:49 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 443.578919] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:49 executing program 4: ioctl(0xffffffffffffffff, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070") prctl$setfpexc(0xc, 0x10000) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffb) 22:20:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:49 executing program 3: open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000005ffde7380a85bb61ccd712d0e08325daf4648be46448c2e85acec08f6e8f7deed691381d948d3f9b243b49841929a0848464494d95bf314c322dc94cc9670e7a95135743ede107fd6947ca85facc45feb49080ab55921c9582399d7fc8261fdf53a247660e71869f6311a1013db5a825f6f4d7110e7829a31ef5ab72286b4c6a98ed0277b2df16db6c2b235e862604d06df7dadc573cf9c011cf28"], 0x0) 22:20:49 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:49 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8901, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 443.877780] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 443.885089] FAT-fs (loop1): Filesystem has been set read-only [ 443.942429] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 443.949677] FAT-fs (loop1): Filesystem has been set read-only [ 443.993887] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 444.090563] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 444.090563] The task syz-executor0 (22147) triggered the difference, watch for misbehavior. 22:20:50 executing program 0: r0 = socket$inet(0x2b, 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x800) connect$inet(r0, &(0x7f0000000080)={0x2}, 0x10) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000c00)={&(0x7f0000000040)=@in={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10, &(0x7f0000000780), 0x0, &(0x7f0000000ac0)}, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x50800) getsockopt$inet6_dccp_buf(r1, 0x21, 0xc0, &(0x7f0000000180)=""/76, &(0x7f0000000200)=0x4c) 22:20:50 executing program 7: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)=0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000001c0)=r2) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={"6966623000faffffffffffffff00", 0x1011}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) io_setup(0x469, &(0x7f0000000180)=0x0) io_submit(r3, 0x1, &(0x7f00000016c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000240)="d7", 0x1}]) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@remote, @in=@multicast1}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe8) 22:20:50 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:50 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045878, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:50 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg(r0, &(0x7f0000014fc8)={&(0x7f0000006ff0)=@in={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="200000000000000029000000320000004410050200ef0000970000000000000026de09b06e82d105d5ff4e39036285b32ab8c2d14fc90590ada4cb6afe3600c52e5c09ae7bf7999317dc53c1c92fdd8e2e0459ced9d91d03e9b4f2652eba61ae06fec71a0010466592167c0c1126b0c7d60a8d66a65f4e453b5858dcf461afe66cb8f2acee5a9af5aca975592ed039bde1431d0ebfafa9d7cf0edaff46febb216fd05ebd44d140d511200a9ee18ff65fd1bbc8d0a85c537e19fbc55428a5f6f7eed83140fa8e9179e5b2a4079213c06947c1c9c4cf436e4ba38b939638a9bd27c84efc3ffcc1b385294dc7832c9c42f2dd9a9e7bd601fe247782139cf3ebcac9d70b6d19c593435005e3c4a5cae68775e0b30e0716c4cb1acb68f52de20500d3aa45a91b91198057f521a895f269c7e4532012cfec38de0e07b9cca2227424bd273b3a506d18452ee97cd0b2386c46156df9e0abd3e4db18bfe983f2b23e3b26d02791ec8b602f068d7a4f2cc8e13cd6b6ed06f449abcdb01e061a2f3b133b1cf8ab6cc411dafefda44ceb098fb44d53ce6492de48309cf63eb4779ed2c151f239e7ead2303d4103c0c7375a883477a6e49177819a3e188b29522acdbf3595b0f176cdeaae8c4d758c415991aa47f41d62b02e6ff8dffb9118f589dd6ace7aaf8916616b5c116b38662d271fb8a5a1573780d40ebee5193a0892abee84df277d9402e209c9cf5be8a08374319555e4e228e3b7395faa98690fa3639609a4c160a6e4a324f4764bd7c9bb6d35ee07f0774375d5134eeb0e15479f18f5ea73e4f000a89a298e9432152cc5553feefb4cf9fb3e4d1103574faba48fe2c34ae6c88ca321c00d2ca526df268ec2b4b9b83211fd18aa42676392d25e47e2cd754c6224ddb70bd4b01087bf86db0adb8bd25145d868ed6167a88296c8fc230225f91625a5d0896cf34a2e506446b94d14e777ff3192c1dd4d43dfbdbdf296f47f8a0111397827419f4b11c3975702a7a35c7b1673ed6403dc1259053e06b9fbd8"], 0x20}, 0x0) 22:20:50 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:50 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x2c) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000080)=0x1) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r0, &(0x7f0000000080), &(0x7f00000000c0)=""/60}, 0x18) r1 = socket(0x19, 0x6, 0x6fe7) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x80202, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r2, 0x0, 0x1, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}, 0x20) r3 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x440) epoll_create(0xfffffffffffffffe) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000001c0)={"69666230000800ffffffffffff00", 0x41e}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x308) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'ifb0\x00\x00\x00\x00\x00\x00\x00!\x00', 0xa201}) 22:20:50 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:50 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:50 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8904, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 444.416709] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 444.423974] FAT-fs (loop1): Filesystem has been set read-only 22:20:50 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:50 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 444.516847] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 444.524103] FAT-fs (loop1): Filesystem has been set read-only 22:20:50 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5460, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:50 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:50 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653082", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 444.652684] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:50 executing program 0: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x6, 0x7, [0x10000, 0xff, 0x4, 0xf92, 0x3ff, 0x2, 0x1]}, &(0x7f0000000040)=0x16) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)={r1, 0x3d, "2b94711654d311ddae54027b79db586260d880d5ce306b83627fb5d2dcfd526d8a364f1cff5f28aa689fac260828c8cbf4458d232ad05a12c96f590c5c"}, &(0x7f0000000140)=0x45) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r2, 0x1, 0x200000010, &(0x7f0000000080)=0x5, 0x4) sendmmsg(r3, &(0x7f0000000000), 0x40000000000052e, 0x40000) 22:20:51 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2967107000000000000000") r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x16a, 0x98003) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$xdp(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x2c, 0x6, r2, 0x2}, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)="33c27719a3c39e87227e255aed858e9d590b626e0533dba442b29139836bd978445d19773e9f3511ef86d3cea54041", 0x2f}, {&(0x7f0000000140)="2bfb3ff1cbfd425be4f0f1cd96b6a8348a20e007fab9bf2d57e362a1312f7efd513592122c58d22df00409d341ffd15133b47ac0440b90cc8666e1abee83af56d0d12465ef4f70f0c7ed8d6958cc01", 0x4f}], 0x2, 0x0, 0x0, 0x4004080}, 0x4) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) sendfile(r3, r3, &(0x7f0000000280), 0x2000000004) 22:20:51 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8941, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:51 executing program 3: sysfs$2(0x2, 0x9a, &(0x7f0000000100)=""/225) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x40045109, &(0x7f0000000000)) 22:20:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653003", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:51 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653003", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:51 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65308c", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:51 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x100, 0x0) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000040)="72edf6834f78c9f121780fba31b4ab1975194977636a22d5a8629a5f72d351fdaa9be13673c945df752290a4f8e2252bc75b3292a904303d4f2d12abc5aead88d0bcfdb115ecb964df7c7b50aba0b26a299f94cfb5dc2d7e987ef65bc3ce5fa1402bdd01bc12787a2758a3b49f5a696f8da541") r2 = socket$key(0xf, 0x3, 0x2) r3 = memfd_create(&(0x7f00000000c0)='#\x00', 0x3) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000fff000/0x1000)=nil, 0x1000}) sendmsg$key(r2, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000182000)={&(0x7f00000002c0)={0x2, 0x4000000000000d, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@multicast1=0xe0000001}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}, @sadb_x_sec_ctx={0x1, 0x18}]}, 0x88}, 0x1}, 0x0) 22:20:51 executing program 0: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000080)='TU', 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000140)={&(0x7f0000000480)={0x10, 0xbbf4}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0xc, @ipv4=@rand_addr=0x1000000}]}, 0x1c}, 0x1}, 0x0) 22:20:51 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8902, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:51 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 445.152632] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 445.159919] FAT-fs (loop1): Filesystem has been set read-only 22:20:51 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65309c", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:51 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r1 = open(&(0x7f000000fffa)='./bus\x00', 0x1410c2, 0x0) open_by_handle_at(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="09000000020000009f20cd1b52143646a8eb4dd7712ead5462f22149419cfae35223dfe9963c62ad721c95ace65674a4433c36a7e2c7a3778ae8cbb586360cf9750a3dd6b9251831b0b4df2e278dd5"], 0x7ffd) 22:20:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000240)="295ee1311f16f477671070") r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) dup2(r2, r0) bind$nfc_llcp(r2, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "74b1ed68a0a140740f69e063d4ddb488b6ebd3eeacce2d0f354c4e3f4497ab2fc8336ed4a49bc70769d5e0995dba5fb83adab53b7eb54f19b88bd660b83e70"}, 0x60) recvfrom(r0, &(0x7f0000000080)=""/121, 0x79, 0x40, 0x0, 0x0) 22:20:51 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045877, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 445.326572] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 445.334149] FAT-fs (loop1): Filesystem has been set read-only 22:20:51 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x1000, 0x7) setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000340)=0x1000000, 0x1) fcntl$notify(r1, 0x402, 0x20) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rtc0\x00', 0x400040, 0x0) getsockopt$packet_buf(r2, 0x107, 0x1f, &(0x7f0000000240)=""/90, &(0x7f00000002c0)=0x5a) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x4002, 0x0) getsockopt$bt_BT_RCVMTU(r3, 0x112, 0xd, &(0x7f0000000100)=0x3313, &(0x7f00000001c0)=0x2) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)=0x0) tgkill(r4, r5, 0xb) 22:20:51 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653005", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:51 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:51 executing program 7: socket$kcm(0x29, 0x2, 0x0) r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") keyctl$set_reqkey_keyring(0x17, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80000, 0xe9) getpeername$inet6(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, @local}, &(0x7f0000000080)=0x1c) 22:20:51 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) fanotify_init(0x9, 0x1002) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x80) ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f00000000c0)={0x101, 0x8, 0x8, 0x8001}) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") r2 = socket$packet(0x11, 0x20000000000003, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={"6c6f000000000200", 0x0}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000100)={0x7b, 0x0, [0x1, 0x2, 0x80, 0x3]}) sendto$packet(r2, &(0x7f0000000380)="ee575940a80535493a327f8548f013d403999e18ca33e325f99efe4d97cc174cd3926fb3667246c67b9ace242052001082766b1fee5efb8d6612f114de7273d0b9eabd6c00ddb3a28e99721ebd204becaaaf8ca7f8894b2538ba97055b82fd7dc80791212f2bf3e3186922c7e47eef4bd5f3f1e9955ca481b4f49aae3add702ac51c9754e8bbd8353137ce77e22c29b2c10d7beebb3da30d514b61a996afa1f3097d3faaf4b855a9f893c78be12ba5120dab716d03a6788d492e156f9d7e8742dc94e78d4801a78d2a2f4828e30d2993492c3507310013e2f5163a836ea5947b50512bc03a9228d043270704e94393a5f7a029cb54e31036a5560bb22b3af91fc840b729cbc87e0546e66be17c7a91a8c3f725dac2509e439aa250bd104391f03f67d0e03c0b3a5283ea8b5489fa1211753b949773452976e6e812578ace2da88a2b44059615a12c1de55120707050c333dbd3141ea76fa28fc6e0c212fec6a72321fcd74fec47733e03172c5704520497b131e9af9981954db46c30dbea18c9f1645f5ff24ebdf90373538829ac511006a19f39176e121b40991a278da5614f4df8b21c81d3dd6b1535db7c494f4f43d8f4e6c897d932f27ff3d77b9780270139a30875b8780bb1dd4563733431847871077e4d934924f0ad96dc45ea11a5cfcc303cc240397b90d5237825a5a36b2fa03fa74862e0c65f0973141cd9e266fda6af402b61e4a0dedecfed48b1c6b535d60b7e13c18d131787ea4e05426eaae8b52e67e889c0222a9eb5dabe27ac420dc27edfd9b8c5d25813160fad3afb4e55ce0ddd344cf3c5beee803f13cd9f2032252b46bedcb9c019281a61aeafa6883e1b8c1b7b1953f1aad50e4c29b225d2c941c239c70b331140113d50aff86f5125960764985bf560fc2f1cd88d83dcfb9b3f5c834ebdeedb230bf48731fa9c7d0bfbc40e9f16ca10a0b5b2b7d747d9920bffda9faba6cdf81525ad3b36fe46cd174a691515f48bbc4a5ba2bbbbf987cbfcf52a8d9ed15cfabfa578f39e51a55b4a95085c66086b7e55287c0ebe7214c367dd481ef700e447cddc37cc0fd5479674ace0ea9b01b78abff2d0fef6487ff574a8181c44d1d971e90cf43e8bc6380891cabd98c714691b3e47cf1331126b01f415ea3598e89da31840d8394963bb28925fed3f196be09616801b1af8f1cea045f6f7d931175c2a6b14f9326a4ec7bee873dd5512865abe070094fcde29404e4b354067decbb8978c4d26cc5c6d4316113011a376d24685942a9d91d9aa0b81c6612b9ed8dd856c46e44273635bb08586c684611a645e1af9095c15f8a24b60b0e6ced82d47866d9f679674cad50d81b52cfbb1ef97ed4137183dd9933b504b65c87c53c4af752009fec8d296a61251bd61548980ec8e55fd32f9001d4aa3b661ec344173d51b87bfef42a49b64d363105f8f65a0cbdd4f5c03b8b3155e248a6f6893a9817533a909b3c94c967670802e18b18dd4bcdc8a4e2e706773bc4bb17999480b2b10395ac8d52315fd43b83bce2451ad76d2642d793bb9fddeecceebc9d20735a1fa323f9f899438f4db57cb47f537233a15b73b083a0242e43103fc94f3f2f1179f997245f24f993e4dd32903799d29f19feee2354227e4f309af51d89010ea5b3ca59e99aa3a4bccd5f86150d43e5feacba3435bc6235640027be3abb10d423ed3257843146a0bc49e2a897b3d0149f280383043aeb3bf27efa7d6c27866c2bd22a92d527469ecd2038c76e16c2d14afba0f715026d7555673a1ad9019e5a3476ec8b261f2ba2afbb9c7aeb126fbd3583de5bc3c71a619eb74f6df62eaff3b0b6ec3f3750a3eefb25c2c3bd5d87ea89d0c327d05ab6e85451e426d7559a54f5f30b79c30c6220eb91817954682f5af14978e8f8245e3e28812071f18174349ae5b1a3209b008c8d225834298a9bca3375984f23270888b8173d0cb745f117bf41487a047fc798e081c3995c7528cb90580bad8b9150580abaa4fc73eeeaf36128e4206220d7b7047ae3242b1c6cf29563bd2bb1eb5c5323c9a753e5748ad707647f60f5855f98ea407c16357880720c999922c79d710493505ec75bfbca5e015ab17c47d697a102c6b06b807d31bdc9503a73d58f0064396dd8453d70c0b05f23427555693993bb106f82774157b0008a689c1bbbd07b3cc461a789580ff281adeab8523d3e671eef9f6ac0c5e9ceed3f8b0fb0bb2e3d22a03a79104512c4258122d3c7ccd7e052b576fffcfcae3263ced86b4cf29c73f595cce79827bc469842f1f4d7ec4e97f465b75177fa87ce4148cab7635c2641e27f7b0f2ab2b523d186a038da5fbbc1e01f1f4ffe425ede638d19ed6cfb764ec4a54ceb32f0f5eb7c93fdb83addd2a03c463e51dec909c250977bcbb42dc0b5a5d169afb14b8fc7123887b7245b3edb90e9466bd338f6be8862e82ff495a97ddbfa8045657497a1ebf630bd81fc8704f96092ef0ef5de6967f038d4c06a54d6e1adcbddf4818bd76193aa241e8923bd2188f3ed527166cf5d19678821c7ae9da3d2ceaa3d98257bad32d1eccd626c9cb51f7d096b697c9f2a8530eee33d7920e6096d0b82473205a107c260270759fb6d5b77989fe3165dbfd67847d625423d478cc050019b46e2a94049fe7a68a54c2f9210b80a07d4e1ca76aec5cbf25ded5f43d3bd8027ee48753d87f208074b1177b533385cb29d3f04a4ae808391480023d445f6a5889744c17ef6ecf9df1c61d0562ea143525bf724f58ce5dc990bfb215cb83fe342fda4a8023a9c56c4ba4de80e05832a5d05b33caa87bade2cd3e6e2cde60da1c450a5ffc0dcfcafcc3e99ffaf93ecba9e3027f9f7a3bc5ed24491bf9e5d06ddf9e93f825c10ab05a8116951d4d1e6ea5184114b1ebf5c0f6adc5786d8ecd961dd587e33dc7a5d0d715088ee1ff90412ce1a22053665a98a3e66ffed13e6c8f525b77df9dc0178c57aee8be79674ed88b404fb55eb8ba7ff376b835935a0b51960936571024bdda11fb8fd4db70f47a1595b576d11dc65ba5ae3d2109139aa0009fa669fb52ef0f2fa596cdcfeae948369f6db78003d48bd36446dc1a23e537d7f76c2c03778665d6b819ac5aac442e343bb0b03a9da43df86431207ad3dc6c90fa8e44a26fa64c22b310060e8be202a6b114eed72b9adf88d06acbd530d2045df80e739ece3520a89fec3f6021de44ff0a2b43319be49e8161af33f4c8ac6ddb079bccbe7afee8a217280d7fdf02bdfd7cc49d70e17c4d8c65db73abb7493326a289659c2c5d3b73e366d30cd34b002588bd0d11bfc7ef2b6ef2c836e555e78ba6ff62835f3e796013360507002f5cec38f2f6e32b0d1d31a51c029a364697f049b669ef00f9a3122f49d0c4d22f326802ff08ed88a7d954fbd5cd00c614cefc6d4f88a4f0e99c816e7a8f18d9a95037ca914fbc094023e7c1b4f7639fa20ebb56f97d34a7064400721a1b9393ade4683cd36a9487f5e9b9f98c92795fac5de3a36644b5da844ac84d272a4185537ce9de1635ae8ecb6571018804434a63e5818a3867c7564c1b5339e7e61f08b69d2e31e959be87d66f3429a12984bf8b37ce74564232a06a8190487eb496dedde2929b7aeb248dd7c77961ca3ed802dd37edd7c745c11aa7e99930445b5304e9ee0481d6540d17da4009b15293b26cad684530e8b91be089c3b2140eecc174b1ffcb8e269edcbf242b9ea92f30ead86d0ffb803117b7eddb689f473a394fb9a5ecaf315d6854e5c1ef51d7a7b75f92694c07efe53cd093587eef5d89b7cc910740af9e8ea2efff888d83f16d4bce8569fcacafa92f0fd49698d1cf802d5eb2772d4e0b0c5835ef26f9bbb9a8ae769ee543ee9f94e38e516206e448cd68036ddac2f2981a37627b3529f8056e303edb26541c904811879d9efb0b08ce57ee2d929984ee42b96a9be11f809a150209053f8d959b5decd045ecac274ed6fbd6c8eec0727e2591e0d6dd62e6c168f988724a6ddc21df1d5acad9fa7b8967d9c9bb0484e901c69e715bf92fb903fc198c260846e712f57422433883dff6f1b3b590b0ad7270731954007f0b24614702b46ee28d07665ae518dba7c643c7b6ae0fed956a8bc01da1f8343b68cd7bbbe5f098eccb8e3997fa95b22134d3b8aab48baa928fd4c5fdf7fc978283ede126c09d227993e6af0012012d79e8a0baf6754bfde155349ea58c5a1df2c83deed21b64a54967760574fc592f923928058a6d81a5d14d45eda7826c352bb601ba15ce2e173cd62f4121be274c18b79872948609e72c5e1eaedf051bc8c085bcbfff32f7913c4df07e6b766070e0e2929ab6a996b7e9a8ca6805f173c62ea5a6b4e04f5b8326d163d9c3da6b6421a6b00deba97edcef344cf3568dab25304bfb048dab232da0860f21688df4bd774d68a1ea1b2242c43777d06cb4fcf9b36dac8120767240c77f22c9b3a6babf810f53a316dee09251752881517e72f0a220280e058fb0ed2582425205debb9f1dd49911d60ee9da87f04d658ea5126ff32ae6264b5d203912d7c0bc7e19d7855b3498fccee7354f2144210d4eddd126581792cfeae14db90cddd665b65d7a3585910f772821d40991f999d46dc8e21a1ee310d0bce9ffebf1d93d2b2a7715c4b41a148b72e25f3657ec75bde410beb0d99ca805be620c72e3d80dc7ddeedab26092543ded5ee46ebf8b58fdd6a165876a9b9b3a492c487bfad7475e4b9342d5cc13ee731ce4bd354519697d102556a08e1aab1e3d2985a5300bc49405de2b49203b53ca5c7cd9b5c6257451dbd329d6ddf7e77da3f32061cf59d2d4bd3dfae8a6dabc827cf63e61013afd475a937c982167d1bc9c9f502bff2e96079eac494ceb1da990e7cf4ab5720e8308f1773ab5ced7d8952b6335f2206f0343d9b1e84af2d220d8d901eed1e6854833d6d31957918096dfff835617dc28ab7bf267b878ec9cde487dfacfe323989df407ae92b69e530cca5d19bac0d4203230ce037b034ff29bbb844893917ac69e3b22260e9748a2fb3a4b0f04d9ca3e9c76cfe63e37987a569f7b0a60eec81877b354370ccc7a9e81265851032ed53690ccf930d0f7c093a125a7cbd119c940c5eee1b7c96e8ccece04424bfbf90c755a8b3c38726e58278d40a54711b1044ebaa39a21a7eccfddfb52fc530d1502b6a4e0c83b4309b96f929e273aaa0a0999c1d7c53003288e4c8e9dd2d87965326513c021c5f89d3ed275bd661b7b3f5f4b21ed944ad17997e622373b0afceb3b8230ec96e535b1023779c2b14da5f92997406ff8d5aa9bb89f54404e4c42b550084efcd990929b66e424adbde015a88d04aafdfa64575b9915aae4d82ee8f56666eba3d3c34eb08a3765e3d946f342b12285c1d6e0726e2e3619e718a581a6693a821d55faac6acce09eca22805e261deb4bea54a10c964e2b4a4081c8c36dcb9f7e2d10ce6d915e8915a9482d5a94276f0afe95dc4aefdbd1635e0fa6b6c3f2076bf066f67c7e88a15940e6a18253e681333f9bfae94b0a012c4ba2b1baf5891116979274d3087e241ae8b0e0c1cda05ab47b822dc3aea555aadbca6fb5a5e251f80c6b0806d03c7dbfab818f0dbf7e9ce324e6786687b8e9f0b3e7ebc1ab4b24e027ccbf94f2b4eab17eb314bfc311afd30bbfc0bc12a9eab41db6d2af7552fc6cfdacf2be50767422d0378dad43f04e50a8905628b40337a0c04c0e0b14d6230b49a943b0427943a591b423e35a03ea6fdc1b0e781c8863cd90460e3914b1b466", 0xff0, 0x0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6}, 0x14) [ 445.447282] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -11 0 22:20:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:51 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8980, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:51 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x406800, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000040), 0x4) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000140)={0x0, 0x3, 0x9, 0x3}) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x8000, 0x0) r3 = socket(0x40000000002, 0x2000000000000003, 0x1) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)="626f6e6430000000ecd000", 0x2cf) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000380)={r4, 0x1}, 0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x4, 0x30}, &(0x7f00000001c0)=0xc) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000200)=0x4) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000002c0)=ANY=[@ANYRES32=r5, @ANYBLOB="00000a00f4ffffffc40001000500a0000100e60001800200af0b0f1a6316dfc40fb990f6089f17c7a58a44cc02be25db92d7ffca790e7eac378cc6b2eb09216b2061f9547c0263b295c65985c51c7dd183379bfd88be334532bc8c55c8d9a11e7e667b981a3b1c2770907814ba7c9047c5cd0d9f16be04271992bb80fae3c2ab0bec75e507f54d"], 0x1c) sendto$unix(r3, &(0x7f0000000080), 0xffeb, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x63) 22:20:51 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653010", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:51 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x4}, 0x1c) recvmmsg(r0, &(0x7f0000001600)=[{{&(0x7f0000000040)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000280)=""/4096, 0x1000}}], 0x1, 0x0, 0x0) sendmmsg(r0, &(0x7f0000007e00), 0x40001cf, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/49, 0x1105000, 0x1800, 0x47420907}, 0x18) sendmmsg(r0, &(0x7f000000ac80), 0x400021b, 0xb605) 22:20:51 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x7fff, 0x101000) openat$cgroup_int(r1, &(0x7f0000000100)='cgroup.max.descendants\x00', 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") getsockopt$inet6_dccp_int(r0, 0x21, 0x0, &(0x7f0000000040), &(0x7f0000000080)=0x4) prctl$setname(0xf, &(0x7f0000000b00)="73656c696e75782f6d643573041381cc8e9f8ff1da8f44ccabc6bdba756d296b65790e81c99d") seccomp(0x1, 0x2, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) syz_fuse_mount(&(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0x102) 22:20:51 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x101000, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e24, @loopback=0x7f000001}}, 0x10001, 0xff, 0x40, 0x8, 0x28}, &(0x7f0000000100)=0x98) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={r1, @in6={{0xa, 0x4e21, 0x3ff, @empty, 0xfffffffffffffffe}}, 0x3, 0x3, 0x8, 0x400, 0x8}, &(0x7f0000000200)=0x98) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x64, &(0x7f0000000040), 0x5942a11d005b8d89) 22:20:51 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d3, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 445.454961] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -11 0 [ 445.870629] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 445.884911] FAT-fs (loop1): Filesystem has been set read-only 22:20:51 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:51 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x9) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4) 22:20:52 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:52 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8903, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 445.983930] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 445.991227] FAT-fs (loop1): Filesystem has been set read-only [ 446.048762] audit: type=1326 audit(1530397252.081:3): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 22:20:52 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc8106d345f8f760070") r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x195, 0x0, &(0x7f0000000000), 0x100000e3) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x80082, 0x0) ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000080)={0x10003, 0x0, &(0x7f0000ffb000/0x2000)=nil}) ioctl$TIOCGETD(r4, 0x5424, &(0x7f0000000040)) [ 446.095882] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 446.142812] audit: type=1326 audit(1530397252.106:4): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=2 compat=0 ip=0x40fcf1 code=0x50000 [ 446.163947] audit: type=1326 audit(1530397252.106:5): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=165 compat=0 ip=0x455a99 code=0x50000 22:20:52 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0xe85, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000001e00c3fbe1ad2dffffffffe2474d2c0033"]) ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead) 22:20:52 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 446.185088] audit: type=1326 audit(1530397252.107:6): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 [ 446.206094] audit: type=1326 audit(1530397252.107:7): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 [ 446.227110] audit: type=1326 audit(1530397252.107:8): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 [ 446.248085] audit: type=1326 audit(1530397252.107:9): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 [ 446.269088] audit: type=1326 audit(1530397252.111:10): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 [ 446.290145] audit: type=1326 audit(1530397252.111:11): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 [ 446.311225] audit: type=1326 audit(1530397252.111:12): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=22317 comm=73656C696E75782F6D643573041381 exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x50000 22:20:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:52 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8940, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:52 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\f', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:52 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5451, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 446.539985] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 446.547422] FAT-fs (loop1): Filesystem has been set read-only [ 446.599497] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 446.606798] FAT-fs (loop1): Filesystem has been set read-only [ 446.648484] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:52 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:52 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:52 executing program 4: r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x80000000, 0xc042) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0)) r1 = socket$inet6(0xa, 0x1, 0x0) syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0x5f19, 0x2, &(0x7f0000000300)=[{&(0x7f00000001c0)="9e692920d2731d98ad50d5c5baabf14113f9daab1906aa5c0e3dab4c38b8e59fab51c20fc040ce768cd6e969ea19d174591f3883062853bb223d318cd59d37b08dc8f44d96072968710e3d2ad23af1ca299b67c2fdd188a8ae2843900c090356e8030751e4781c9bf68e039e", 0x6c, 0xd1}, {&(0x7f0000000240)="42689da8a21dba707d158420a0eb3b7bf37f21c6bd96d74755340ec4011eff0c3fdee5a80711bc64c17a02b767fd51372db04737f2cf41fbc8f348e6b325cd51392f62d69c4afb4a335c168d8ed2e6a8bef5090984d413e16a315ed226fec8b5a6b8b943e1b1c88865155b941930805a9bfec31188c0e112c52018e5324dbf12f0db28b0feef939e97f9", 0x8a, 0x6}], 0x100004, &(0x7f0000000340)={[{@dmask={'dmask', 0x3d}, 0x2c}]}) ioctl(r1, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070") syz_emit_ethernet(0x36, &(0x7f0000000000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0xf411, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}, {[@timestamp={0x44, 0x4}]}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "e57044", 0x0, "cd98e8"}}}}}}, &(0x7f0000000100)) 22:20:52 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0x0, 0x0}) sendmmsg(r1, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000003140)}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) accept$unix(r0, &(0x7f0000000000), &(0x7f0000000080)=0x6e) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$ARPT_SO_GET_ENTRIES(r2, 0x0, 0x61, &(0x7f0000000100)={'filter\x00', 0x1c, "3ae7ba7a871e350da91874acb05aa9c420db909df107d0c1210bb62b"}, &(0x7f0000000140)=0x40) 22:20:52 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:52 executing program 7: syz_emit_ethernet(0x66, &(0x7f0000000140)={@empty=[0x2b], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @local={0xac, 0x14, 0x14, 0xaa}}, @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0xfeffffff, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}}, &(0x7f0000000000)={0x0, 0x0, [0x0, 0x0, 0x400000]}) 22:20:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:52 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200200, 0x40) setsockopt$sock_void(r0, 0x1, 0x24, 0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x4008700c, &(0x7f0000002498)) 22:20:53 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x0, 0x0) mmap$binder(&(0x7f0000e00000/0x200000)=nil, 0x200000, 0xff, 0x8012, r0, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000002600)) getpgid(0xffffffffffffffff) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000040)={'ah\x00'}, &(0x7f0000000080)=0x1e) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000180)="76ff28ee41ea06159f3367c8d35ea89822388123b40cc2a854188fe3b058d51d0409bbd6f2010597699ff79a15520a5e7a40fbe921603f8df8e73821d5c9eb5ab7788d8d9a69a0174f8255a48d6a08b0b9351e47cd3a646c8bb2de6c5a801f92c0ac058ef012208c6194518a4b1e12e8d487943a9b84638e19a3dc9abb6327561ec6d441a4d3e112bb5f07547a05885e03f1ceb5cc87058089870249eba9cea5e4ddfa5cdf64b85a0953010d7a7ba48783d3ddb976324944f92c05500d5d005ee83d38e4331d3e9a804ea155e279751025a6c52053e226e0df4e78f9944318f711e19048633a3ce291c9aba4bcfac349de218bc8c79352af75014020539f6bf8650f20ee4f08823515f45e608483f96d1185a38b34861923904088c532e8f004f9fc0d9d8f5275ebc9278cac7b5ea8abe2bfb5ad1805fbe04282a6a2f72490b5aab2f8e189ccb1019db827079862a0d4c4a1925e01f488d99b56aaa860b0a8393d8fd355f75b0358ba21b908d4cb8e5cbc92e6f7581aae884f5e66da33fa475578e191989183876be0fd1cf935b1f12af5569334faf833199c45a270f223a7a618736ee33aec27f0bb047a826bb167647c2c322e6aa366d7591692dff22382b644e89457bc2e9a47953159b698444fd09fe3052c2d1ad16468d188d0b8b915c00b6fd92237e170f9c7880d6e029dc8ed0bf34cc2a636613aab4670635effdc74116786a0245cad822fd09c3ee464272bda77d54107343ad0f527e53a893582e800af1d9dfcc48138c7b3527e9d8ba5e612f09b3c3fc00e5ce56d309bc79cca2bc7da36ecf422b339216a3dcbcbbbae667b3207d8366af0167e280aaf9bdcfc16d4ec90d349070a280c031f7e070849cb72bfb28762ba03577049056960aae893667868d8f85db1172746f97c2c3e58c19674cbb2f8d0118052191ef2c2200ca8a282e32e9d9a10839bf2ea2fdbfbd361dc37ba3c1d9e59b3a39a70d5038a44271182ba23418b30c76caba1defe050b573dd92330db1fbdb3eb71cb1419bf9b6d967325aa000e2d8cc4702602d5411718b1d925a6a93d61fa80c9d2f817d142accb06502b265f906b8eac53ebdf02875f48ee21fcd26da0a7ae3520aa9be5c30f69135c095e46cfbb1e967dc8b3ff45a78fc6d0707f22a5618740ace6c2b583b7c7a238ff777ba39f259112ed958ae5a94c53a2fd8046d1283a618b906a36b413759c2057e0b9a0060add898f33944a0d9b7778c45a632b9a6994c85167f80c43c77f5d41dad7a6cd7efcf681c70956cb521b2581def43df49acee9f0a0bcf402748f56557fa9d2ae387921b65463f4d04a34e1e5222673acd9469b4ae0833510f0af8db29721f614d55ca245a092e601b9f779133def137f25d385d4d8455b8439cf71b4b4638b9eb0076b01c60ae990c32aa81fa23327cad266e019257de8308c20bd6093d12e1dfefb4c3da97e36bfd9fd34bacf8c36ea81208b460e61b9cb47dd46dd2a6db435d807ebb8eeebb563f36f408a2430ab388da6663681c8bf511769e90851f01c6cea94aeaf838aa38fab1364df35d9b64ee696f470ed71fff611d3f4c75a2dc901f8d7a06ff592628f8b4bdd288b1a89952ef01713c4b57d4bbdb8157489db9bf34ebb1365dd0dde1e3363bc9c01e8338c3aaf98be1d92341ea588081aa3922d5f5ed899b4ac4e226f347c688dc06fbf50d64329bc935079c8bddb082bed2d4e80aff9c4a2532a4fa7d0a237ef6c9a78675edac603ef89254d7922d07270ef073bc61e4fb2123007f2f904826985c5e3ddb8cffa2d21d2b38b12a75846bab3b7c2bcbd96bc15f9dec567475cdbfeed84d1b76fd150c7eea6474193217646ff54a39522ff8a4c1ab9f7a46a0d22fde820a0a7a41c047789594bd61819409851bd6fa8b3a93c7899e1712b3c0f9245b3ea9d36bc8dc680c6376e95fb3f8b3ec54444fa3a81d47374d147e532cfc734fad4773618813c54b8a1cba2e8543c6e5bd5a82bacb8ca120a5d0c118d2995972e3d2333faa1d51b61c4a6c16b623418a488591d4d9d2d48023c81714886886075ba68c1e96804ea6062980c55d348466076ca2d60d25c50de5e154035a0628e18c7b714774b2b9b606d16262de411c71267f764545b8e0c455578689fa3af66aee4a209af0ff06e07337b824f59011357731c57d9864e9016a3fec0f48c7b6c2e5f9009570877404a0ace74f5f9f4fcf501592e59b571e2aeef5f3ebba65f65597f79761bf6d7cfa79ff2c6161fc1858886d0a812a5e20f601a1d757f38bb74c01b8fd689cdcfb961c96d92e89da36374d0e99982f93744b685106ccab60e1775b0c565868190352c4019242c0ffa34e930ac7f22d170270a1b953ae372796c1993634e92e23992d15b7475fa957b85b39b27b8e1aa2560bff170ba254b980dcef36ef011be8a9f48f94d54660fe0b52a76b33f61595e964cefede4e97d5f63cff5a4ba45739612ce291bce55a92a3e290c157228dd2938797ea07ae3c9e5fafb9ea2a7fc1279204164fb0071b94741940e437aa364bb3e917767f8eadc1971d2a84a5f8095199e0adf60d9c91f79a8bbae0e8acdfa5ba18ff1da71abe4658f755c5f34f55ca4fb08fb69810f2d174f6d944698c6cd0908d69a98f64880a48669663ea0a240c7b4c3ec2dc4cec6f26f2b83d84d6d45e3c8972631b4efc39b90e84688596ad3c025eafec7a48d40fc0e6c1845e76510cdaaee23e584324e0de25489d8519c2648fa8055f2ad53230aca29893c17f8ce5bd2734386b1858ddb2f7051d1e345a72aeb982d866cf9b0895d5113eda971e531ff708fdf7f242d44da8aa1acccc09eae16381892d53925ebbb39772150720f86a16fda3aa8f7eb41597b4d3f1014fef88afd1f3f0cdc18e28a8254bbf0452a5b7c5dc2d54387f91abcfcfccf2de3a74e1ca02a83bdcb322279e79dd6aa31dde6f8fc1f1f95792bad927072c386d5f895bb0ea5180755bdab78f76cc0b4908368ea5080640825be94c6330f9ef6a8b63b103b521ce8504a93fcf986bd1726f0d1dd57c1ad2151493220cebc8c2f55e4852dd3669a26ade3bf91924274e10edcb56f154a3c824beda6568de68f61dd3ce07549e1eafba3f3d495692531ebf67e36a9149ecb72e60f97cbe6b95fc5e4c788bc9ce1d56f4e28f150ff59ea54dd7cece171a999512208c8ff0e1679732a011b5e3f89b40b8f1f612e0a3721ce9d30c6b832cd527547b292054f9cc6b433aca258fde350353e7271f5f4a20521ba395eb77b6dd965577425b17ef144cdaecfc9a376aa173b5368af4432af3b3186413d9a0b8e0e6c3a2b95f26f8c581b1ec8efb42118ee753fa36ad79e85e5eb63fe300e3aaf1ffbd13bb7a6179914bdc709a4aa4e4b81d5c26cff28d47689415a64f5cd87a34a06c56abb65a543e53dac408fdcbdb89a7640cbf2eecfdd46592ab085141eadd8460a137234edf276693eb3d7be6a7ecc4bb0633c13ebd47f552ee744b70fe2d8327b487a3dfba7c5d32bbd33f99641629938d87ec34ebe06cc0bc79020e2cd96c532eab9d99688b355279ea1d7df384e27911f16341854fede84f7ac0a82250de65a9c02b6b7e388bef5e62a470e257ba698527cbc8e8bb3be828e7f169b8395d5c21aa1e146c5864ac9e525f7e502d9d316e1d277c46b9bb6b3e0cf3933552a3c69984339e6df7cfccf355875b29d63479226e6cf6a91dcca2aa4695e8f5bc1e56180fce624de96fae95c892e2e7abbfc14b3c63afbd28a59e72385016c248f08cedc28fb24a4a46ce9a88095f70a601639e8e4a2037bee171b93388bfbdd4e14a2ee5d626092641b52bf6c94ba36b52d03b68c69a1aea706eda79d273ecf87f10a44296f2289ca270b6af880092bca287c0e4473c3b8beebc4fd9b8bba4463b4e36bf84d7fdaee5bb190f563867df344a8f17b4c1c0b6ac131dd0db6221cba99143875a31ba7b5dc1b646cf5eb6c20b1da2e326bdbe9ce7e3c2c903fe5d99761b6301d6376ee5197860b4b1bf771f2e4fdb36aa13b311963c6b6c796a17f53fcdbdee1e08e3edfc5b8cf3f0ec3e761ba5bcbc64e7007ae1a2d95ed8a430513abfa252c356b30451077ccfc6642df91ff58d275f089290050334814049b08df13713964442c40a03829b0c6fbab8460e3717e205aab60d52bad26438c2406779b41cfda532e5b970ce00a4759a4ea538db70dc5fce7467dc71983cea643da328769ba5da303b66b6f109151ec73c0a4495d096dfee6accb248c00387f23543190923874eab7a9f66b2c53d9594355baa47fd559c72bc534180c36a513115ec3fe581b26693e9275a874089b7835ee686bfc514b60779afde4c3601c7bd8c49f9cf9546c2d12a1bdf93c702527814773d03935f36c227cba5c5f162b2de98d3625ceb78d002aee864001678da7ceefa7e51bf113f9358c1d64bd64d9c133d0cebb575d817e31f8c5a40158dcfbb0beababfe76e1bac01eefc89ff6e298ead7b4531afab3bcb60f74c9365940f90774dbf5f443b129b0c7f75319f8eafa51d6c0c97bb4b7063a285da560059cf62a884e0ac2279e44e50b26c2b14a68d6b565cfb40eb4f3eadb7d406724a3b1fd20ffd6463a2ff559768d0f53929592be1003c97325860592a28a19b4cd0d962f8a846a6a7876db7866a5c112fe64dfd53691695d92dc37ba5a8fe186d878cb5f4ac78cc6b4e485c817e69962501230da47bce073af26c06eea42c1084ebbe026a7a3ec1caa3ec730e6d18d81f7d8fbdf6be4fb563c3282734610d86bed547ab2aadcd1df174a03aa0b94b0b71d0e1eb0c48988bc1d91952ea1ea6938c9295ac52e5482a8ea89c85d68ff7702d09298c1d5472062dc1cda57a912b675d3ea12da0addbcb207849cefedcf723a7ffeefe1785a71b6d4d6244067908caf235807ade1b2911b954202280ee8428b3a4d90dffb3d33482fee5c09752b1c9d8faeb0aab54665278684a57c14dbce74b038a74c05ff1248809e74219916c6390359913e4271e63af145e0b1f378b6c6da1099ba360220ac3952ca0ad3fdb2a11c46be83bf891f216a58d91f00d857fb09a61e0f3a7d4ef5811288887e8355a9f3a1fea39aeb063e7c1d24a71ab6664e09863b047ad8337f541f287ed9dd3db9d5d0313f3526887b2c95faae397b29e5a293688c106edb29fa3db3423c803c24c0b886539e2cf4850d68f20dc89ece2c98e5a5328acdf07bfc56b7dbfe25f8b472f5b9190948185a97d088fcd4646f168cff18fb6840028b699585c6de731074a20da5bed11f3f8ca8e8cf59cd84f44a13fd1a3b7eb06ee87916c03321d38c44e31749409da7e932bf11a91d2764f3bb9472469b826a9a7f223a405c8b88a405cdf032afc1e1f5078c32c824e8906ae031ee53e315033b62eea94b1ad9501d16cc7706c343840de3d3d797b015f9bf63eb851d73e88e3d2dd65e42b59d413f7b9ebba43f0e11c48824766bfe168ed6e73f86600fa6635f2bc482afc732336a345ba0b6c689e543abf62f978e249bf03c1eb4a568d19e841a586450553d1a01015d6ef3b3549d34900e8005cb28d5e38d37f092ce107f9fa4abced7dc4f8aa71de8790b4cd676ea9bbac4869eac8ba7ef8d6ed525fd059f548d1a44cf0dadcf5c6a07b1c3d7392019d56d3f915a8e2b2d83c1bd694759db5d1d3d16714436bdbd736dc2498f005858724173293298d65dd67bd81e88be09c54e99695330ddd9c7a6a64c50793f1ca204be292d2bfec32403bdd2aa0a3298c9ddb0722fb475408e39399b3596a61e", 0x1000) getegid() close(0xffffffffffffffff) 22:20:53 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x40049409, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000008, 0x12) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x8}, 0x1c) sendto$inet6(r0, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}}, 0x1c) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14}}}, 0x1c) sendto$inet6(r0, &(0x7f0000000100), 0x1b5, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x20000000, @loopback={0x0, 0x1}}, 0xfffffe0a) [ 447.024158] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 447.031418] FAT-fs (loop1): Filesystem has been set read-only 22:20:53 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:53 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:53 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5) r4 = fcntl$dupfd(r3, 0x406, r0) ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000080)) openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)) rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:20:53 executing program 7: mmap(&(0x7f0000963000/0x3000)=nil, 0x3000, 0x0, 0x8031, 0xffffffffffffffff, 0xffffffffffffffff) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x8000, 0x0) r0 = socket(0x1e, 0x0, 0x0) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000001200), 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syslog(0x2, &(0x7f0000000140)=""/4096, 0x1000) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) semget$private(0x0, 0x3, 0x484) fcntl$lock(r0, 0x7, &(0x7f0000001140)={0x0, 0x3, 0x9, 0xfffffffffffffff7, r1}) r2 = semget$private(0x0, 0x0, 0x0) semctl$SEM_STAT(r2, 0x2, 0x12, &(0x7f0000001180)=""/124) [ 447.141179] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 447.148418] FAT-fs (loop1): Filesystem has been set read-only 22:20:53 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:53 executing program 4: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000200)="2f6465762f39ac2e8a857aa97872a75369be62630736734c642f978a73657100", 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x2) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)) shmget(0xffffffffffffffff, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) dup2(r1, r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"}) write$sndseq(r1, &(0x7f0000042f70)=[{0x26, 0x0, 0x0, 0x0, @tick, {}, {0xf401}, @addr}], 0x30) [ 447.252633] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop7. [ 447.274966] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:53 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65300e", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:53 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a0, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:53 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:53 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r1 = memfd_create(&(0x7f00000000c0)="7dbf2a78892d764fd34a556b884fc44e1d3903c25662e82a6cdc43eba6e41224d1a37a7a85f41eccfcf6b65f5fcaef1b9d0e50771b4e5b81921550c50e061708af0a75d844397a9e52086a68cea96adaf842848d122eeb959a0ab24dc7d1874ec54f7322fc0cfafe", 0x0) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r2 = socket(0x11, 0x80002, 0x0) setsockopt(r2, 0x107, 0xd, &(0x7f0000001000), 0xc5) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x40000, 0x0, 0x12, r2, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x3}, &(0x7f0000000080)=0xc) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140)={r3, 0x9}, &(0x7f00000001c0)=0x8) r4 = syz_open_procfs(0x0, &(0x7f0000000180)='numa_maps\x00') sendfile(r1, r4, &(0x7f0000000000), 0x7ffffffe) 22:20:53 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0t', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:53 executing program 4: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x2) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl(r0, 0x4000008912, &(0x7f00000000c0)="295ee1311f16f477671070") r2 = getpgrp(0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000080)={0x0, r2}) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000)=0x1f0000000, 0x4) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000013e95), 0x4) 22:20:53 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:53 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530ff", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:53 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5450, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:53 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x7, 0x80400) write$cgroup_subtree(r0, &(0x7f0000000280)={[{0x2b, 'rdma', 0x20}, {0x2d, 'pids', 0x20}, {0x2b, 'cpu', 0x20}, {0x2b, 'cpu', 0x20}, {0x2d, 'io', 0x20}, {0x2b, 'io', 0x20}]}, 0x1e) r1 = syz_open_dev$vcsn(&(0x7f0000001740)='/dev/vcs#\x00', 0x1000, 0x480) r2 = accept4(r1, 0x0, &(0x7f0000001780), 0x80800) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x5) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020300090c000000ffffffffffffffff02001300020000000000000000000000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) rt_sigaction(0xa, &(0x7f00000001c0)={0xffff, {0x5}, 0x88000000, 0xbbd}, &(0x7f0000000180), 0xffffffffffffffc7, &(0x7f0000000340)) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000100)={{0x2, 0x9}, {0x3, 0x1}, 0x100, 0x6, 0x3ff}) sendmsg$key(r3, &(0x7f000033efc8)={0x0, 0x0, &(0x7f0000aa8000)={&(0x7f0000000300)=ANY=[@ANYBLOB="0209001b0202407607000000000000008b54741ae5048e97e66524f32d9061bf6f"], 0x10}, 0x1}, 0x0) ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f00000000c0)=ANY=[@ANYBLOB="5700136878fb01000200000009000000000000000000000200000000"]) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000400)=0xfffffffffffffff1) ustat(0x6, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000380), &(0x7f00000003c0)=0x4) ioctl$TUNSETLINK(r0, 0x400454cd, 0x33f) [ 447.627890] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 447.635117] FAT-fs (loop1): Filesystem has been set read-only [ 447.657422] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop7. 22:20:53 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 447.810765] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 447.818258] FAT-fs (loop1): Filesystem has been set read-only 22:20:53 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x4020940d, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:54 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) r0 = accept4(0xffffffffffffff9c, &(0x7f0000000000)=@sco, &(0x7f0000000080)=0x80, 0x80000) accept$inet(r0, &(0x7f00000000c0)={0x0, 0x0, @broadcast}, &(0x7f00000002c0)=0x10) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000300)=0xffffffffffffff7d, 0x4) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$search(0xa, r2, &(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, r3) 22:20:54 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:54 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x3c8, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"]) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0x40000000]}) 22:20:54 executing program 0: r0 = accept4$vsock_stream(0xffffffffffffff9c, &(0x7f0000000100)={0x28, 0x0, 0x0, @reserved=0x1}, 0x10, 0x80000) accept(r0, &(0x7f0000000200)=@nl=@proc, &(0x7f0000000280)=0x80) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xb, 0x0) readv(r1, &(0x7f0000000140)=[{&(0x7f0000006f07)=""/249, 0xff50}], 0x333) fcntl$setstatus(r1, 0x4, 0x20000000800) readv(r1, &(0x7f0000a6fff0)=[{&(0x7f0000000180)=""/110, 0xfffffec7}], 0x1000000000000258) socket$nl_generic(0x10, 0x3, 0x10) ioctl$int_in(r1, 0x80000000005001, &(0x7f0000003ff8)) close(r1) socket$inet6(0xa, 0x0, 0x1) 22:20:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:54 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:54 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(authenc(sha1-avx2,cbc(twofish)))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="0022f8ff020000000000000000000000", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg(r1, &(0x7f0000001400)={&(0x7f0000000180)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000200)='f', 0x1}], 0x1, &(0x7f0000000280)}, 0xc000) sendmsg(r1, &(0x7f00000000c0)={&(0x7f0000000000)=@pptp={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14}}}, 0x80, &(0x7f0000002680)=[{&(0x7f0000001680)="ee", 0x1}], 0x1, &(0x7f00000004c0)}, 0x0) 22:20:54 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5411, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:54 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d2, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 448.242572] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 448.249908] FAT-fs (loop1): Filesystem has been set read-only 22:20:54 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653002", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:54 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:54 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$set_reqkey_keyring(0xe, 0x0) r0 = accept4(0xffffffffffffff9c, &(0x7f0000000000)=@sco, &(0x7f0000000080)=0x80, 0x80000) accept$inet(r0, &(0x7f00000000c0)={0x0, 0x0, @broadcast}, &(0x7f00000002c0)=0x10) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000300)=0xffffffffffffff7d, 0x4) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$search(0xa, r2, &(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, r3) [ 448.332615] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 448.341604] FAT-fs (loop1): Filesystem has been set read-only 22:20:54 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x894c, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:54 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:54 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 448.461858] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:54 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x4, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="4ae30000000000000200000000000000000000004000000003000000000000000002000000000000b1ee000000000000000000000000000000000000000000000000000000000000010000000000000000000000001831000000000000000000000000000008ac000000000000000000000000000000056b00000000008000000000000000000000000000000001010000000000000000000000000000090000000000000000000000"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000280)="295ee1311f16f477671070") r4 = socket$inet(0x10, 0x3, 0xf) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x10000, 0x0) ioctl$VT_ACTIVATE(r5, 0x5606, 0x7f) ioctl$ASHMEM_SET_NAME(r5, 0x41007701, &(0x7f00000000c0)='/dev/hwrng\x00') sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000000307031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 22:20:54 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653010", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:54 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8983, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:54 executing program 3: sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000005c0)={0x10}, 0xfffffffffffffe76, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[]}, 0x1}, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x63, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x0, 0x0, 0x6, 0xd1d0, @buffer={0x7, 0xee, &(0x7f00000002c0)=""/238}, &(0x7f0000000200)="da88aa5af197", &(0x7f0000000440)=""/95, 0x0, 0x0, 0x0, &(0x7f00000004c0)}) 22:20:55 executing program 0: syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x500) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000100)={{{@in6, @in6=@loopback}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000200)=0xe8) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="38010000100013070000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffffffffffff00000000320000000000000000ecffffff00ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0004000000ca31a3b9000048000200656362286369706865725f6e756c6c2900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000debac76bf6f65545242bca3f166465a395ffebbe2034dac3239bd418f6c8b251de220bf2238cdb760c8ddbdb375936ff4e"], 0x138}, 0x1, 0x0, 0x0, 0xffffffffffffffff}, 0x0) 22:20:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c65307f", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:55 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5452, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:55 executing program 4: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xe) ioctl$KVM_GET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000000040)) r0 = open(&(0x7f0000000000)='./file0\x00', 0x414400, 0xc) accept4$nfc_llcp(r0, &(0x7f0000000140), &(0x7f00000001c0)=0x60, 0x80800) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8) 22:20:55 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:55 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r0) sendmmsg$unix(r0, &(0x7f0000005240)=[{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000540), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="e35699696259309269a46109090000005c0000000100000001000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00'], 0x18}], 0x4924924924926c2, 0x0) recvmmsg(r1, &(0x7f0000004e40)=[{{&(0x7f0000000000)=@llc, 0x80, &(0x7f00000006c0), 0x0, &(0x7f0000000080)=""/9, 0x9}}], 0x37a, 0x0, &(0x7f00000050c0)={0x77359400}) 22:20:55 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\b', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:55 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc8106d345f8f760070") r1 = socket$inet_dccp(0x2, 0x6, 0x0) recvfrom$inet(r1, &(0x7f0000000140)=""/12, 0xc, 0x102, &(0x7f0000000180)={0x2, 0x4e24, @multicast2=0xe0000002}, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x4) setsockopt$netlink_NETLINK_RX_RING(r3, 0x10e, 0x6, &(0x7f0000000080)={0x401, 0x0, 0x7ff, 0x7fffffff}, 0x10) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000028c0)="b7f2288a933d66593ae164c990a0028e", 0x10) r4 = accept$alg(r2, 0x0, 0x0) write$binfmt_script(r4, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r4, &(0x7f0000000040)={0x0, 0xffffff82, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/81, 0x51}, {&(0x7f00000005c0)=""/175, 0xff98}], 0x2, &(0x7f0000000780)=""/4096, 0x1000}, 0x0) 22:20:55 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8907, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:55 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0`', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:55 executing program 4: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xe) ioctl$KVM_GET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000000040)) r0 = open(&(0x7f0000000000)='./file0\x00', 0x414400, 0xc) accept4$nfc_llcp(r0, &(0x7f0000000140), &(0x7f00000001c0)=0x60, 0x80800) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8) 22:20:55 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 449.179273] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 449.186670] FAT-fs (loop1): Filesystem has been set read-only 22:20:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) gettid() r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x2) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000040)={0x303, 0x33}, 0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) flock(r0, 0x2) openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x0, 0x0) ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f00000000c0)) 22:20:55 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8982, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:55 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x1, 0x0) sendmsg$nfc_llcp(r0, &(0x7f00000024c0)={&(0x7f0000000040)={0x27, 0x0, 0x1, 0x7, 0x2, 0xfffffffffffffff8, "b79ced9a69b7304bceae6676c3011c361936c8c9fdf61bdab828b593e706f5a5badaa6a3eb87fb5e6d788179eeb2969ff3781bdf96cd69f626ef12c3fca6a7", 0x20}, 0x60, &(0x7f0000002380)=[{&(0x7f00000000c0)="041b3d5d00d95a8e578b04ed373b48cc26b2b3aff825b8cf7de64a9793d20da9b1f25af7d19728200365a259753fb290fffd23fe0696ea2071f6d60ef73264c94a7fc58d947ecc16c32bceb66225124db8143d145f9536a14c82fc9b4cc3c1720a6daaf4d111270c778e485cc4facff6fbad983a5350c413aafcda00a68f2133c6c82e69b326d313d89020422f28ab47b4b0fee6b3ada9befe3e3879a84068ca197269bf140ab48c0a9bad57e06c5e10b78af11be507a4e1a255d1cc542070a6923c9953a25a2c8e80504268d46f4c358b7fba40d71a5c9645b34373dc996733011968d2df2c8357f0da7df9eb320139b22c51cded27a3f42e7749b850013b4ca8ffdb8f6cedc8a72e62d8c7094d619bb48497930c2af6ccdd83d94d40c8d02a33c6ca5445cfbcf6861ddab05d5273c23b2dbce0305c1c30c13fd8088b1ebb555b49bc63b0b4a02ad41ab6299a4ba77eae4e0e5d74faa2bf44538c8e2510c207f8a2bec963dbe33f121b70285ca5fb74b05f3b83f3c3ea8debac01ca3daaf0998230d77db2430e45a92bbad3c93a43fbd983b8bb6470e6e106358fe8ff7ae049b88a3e633b481ef9234a795f0a489088be4891ff0cc9f1d61e77ac611f2c28eb4eacb6a948f39cc3f4c8bb8f2ae466ab37ab7e1af213f2d4b47d3b76b92e5a52a1f434a6b02a8cc492b1d9a6a441c0e7dcd1ba40021a0989ef3c126edbceb8ea99186fc3694b7b7b46249c3494c9d96127dee0664709da6211e5922495b8b3d75fb5a0ceac42f2bfc9d49eb306687d631239bb6f0f20755fe10d19391ed6d3ecb0edc35bd4a878fcc68fa9cf2f7b307e5202f099e178d2efa04681eaeae8e8ab99ecac0f37ce88fa4b4841c4c96ddce8b9ab51b6ef1baa61265db203fb694ead660a560d1b1be3edf28e06760aef3bf096a52edd149d63803c7f3ab1062d038d7b9f104c393087a90cd5ecf20d12c8995ef69e9df871ea6b7b20e5c523cbbb9af6683d621133d5686566d4715cee232499e7e709f90d0647c0cfc9611e4c172c7466153241c527ca65d5c06a9f64760e039fdae75459e98a03ca2a81e70c0cd9594690cf4bb6a614259c94f2da39de70748a3454cb0d2d1dd118f1f054046f6b9dc13183c173985ab3544d6693e1ed3e5719f678e809d937720d487a4c6d9c7e7d7a0b9b9c9278663a5f07046b200f861901bbb183779da6731047f9d06bc7d97e2e925d87a9200151790d8a374b839c30317fb8392d9a667d2496818c99980faf83009785ab11317e010d10566e2b8adb22ea8669374ca52dca979295c644973a5208df92b5c8389af3a9d4fdadacb1dc8afc8447dcefcbfd98631102d019c03b1cc00179dcb1fd87eb49416a1f406bf931ec3026fbc1c1156631111c4d87a55470659a4d0752b0727aa3929b6147f0b02c2179a227a72d00f4bec0e580ae2e994103153073520dd47c2a35ca7795ca22eb459c983c8dc48bd1feb31f03252d1c2a347c4868d022e68ca71bd4bab0a7171cdb2496b3484cd8eecb0695ee348f328bc0a6a374cd6be94bb4ecbc0d54795038bb0eb5a61b67a24ccee2d3240aa99e88c524fcfef3e3cb0f44dcc2a9ccefb85e94d967620c32e6e49ea342ea23e252d1002cfb2cec643b1cd89cea0afdab496bf30fb7fb0bf33e973b2ce6295bdc779e7ebf2fe1331234d699c60dc544969a2becea5765a5697e1bdd93bce559469e88993353cfd73b143f5d2c7fdfb9d36c8cd3af1d243dd75a3aef44aab9cca676503e074b0ae9b34f1cdd3c00583d1e4a834e7938b0878f2fac2ca9c09eefc390c1795ba92ad1b303ece6cbd2ae190d2538dffc871adece2dba414d0186118b335f4d56cf6ea5f32b5f435ba24228be1404342e894faf91f1afedc667ebe7240d2c4e1ceabe7dad2298596b6b0bfc382f0c7314008cffd03614cd9bf9c9e7aebfe00707c55bba4104373ea91cb1947f33d2dd90312a1cc4fcbc0098e132156ab0e9e2554dffbcbf87344b318530287bfc4949e835d4645e718397250986887a2554068fa12f614553459ca74df6af75de33500137cc88a7227cd06a31d49ec2c42c8874937866f7e38ca615df408289771e41d361ed36545fabc0e9c618ef68566c24595b2f55bcd8674a45b3d643a7c961d7a83e97b0167ee6ae720245ef77705362e02e01e82282d88129576c50cb4d8c46c03899f6cf4c66fee89cec6e552ae53958d8381765ba77fbac6d41f20abd1f907452902fba5a5d705fa829e87c2e799e8136dcff220b94418827afdc98502fa5f14491ec7ea1e0583eeb1a3a957a3222a4875299d34d604997128f940999047c9f435220461302eb5dac41dfb1aa684f25f8024c0251a3d7d45391d92c868b0e7908964b95ae523be01fbabf5b07bcf0ed5d03404eaa257054325effd9b2e163bb36bd97049121276fcb579f4efda3574d002ab053b666599313fec356215906efd69fab4ddb8130e9ff0322d55a774a3cff4d5272713847aaf3c3c338d44a7bdc54662393531394316f0fb2bb464720068a72aae5ed18adbc3847db8aa25d3dba45d36a673e606c3d0fb0b3ee54e7c099900fd40a0eaa937ec855bfdbe1fd95577c1610729faabca66639e8685bfc27db7e3b447ed7379971b8e54732ff7cf2d632be6c2ecf383d012717736c59ca8a4f1b1545ef6b88ab2bec052760cd592eaabe6621c78d8fae4b1e231bc869e75b4c0de9464ca5565e8da0d4fff3b5de96d874a7943db13e693fc03ab6e759d5a8f83786436d2d07bda6ec1cf2ee687ad0f0795dd3766277c06a1d190dbfb9b9e82817f1fe9b3cd0ca432160d7d321db3389771cefac0fb6ff3ac52969734003ae54ef935f328126b3b619287e1e1ea4607f1163acc3f6095d51317c3ee98ddada1d0bb5ab76d9f0bbe1281f8490ef974957d21219cd61be82df90d70aa0b62bd2d132abcb4ef4e5754b7d913a2a0d96ba2187c76434b6ce935996b7be16470656f086d2d2e9daeaf0707daae1b1c932a465732e52c36586aa9cb6a85db886615d21d81be0ef075061956e78e3c1f99f8ac3e811e59255697147175b5a514507b206e3d6ccdb3f893b1b8c102ed9e8f95baedd3ca4a0a916b606b788512e6d5460ccb573caa0d1f3c791ef9cd20616fec6ed892305e54d8646a9c027b26c218b1e5843133021d7ac0fd3f9b223a6c436592c7a3737119e272d77850011813c70002c8cc41f4050e78b52cc9f56efff4f7cb7ea3a280e85bd07d370d88485da0e91be8251b256e9665d8fb03155f1caf09610daa3ba3d98015f8639c86d823446e44a828265d034bb5196dd542e2cf9bd1ba871ddf8a6d025ce754fa06695a257d3b96fd939d56cfe79871d5aef9260c3e2aa56a96626fd6e1c5f802f6628f9e9382ed81e1340db1242e3e39232ff16c41ba2f543821f4f738d7146216638a8b9381bd2bd1cf33ce9e8399dd6373c4edb5f2f1cf3486b85fb2fa255757889d50fd5d9e921bb7bd842886eebffbb50ab602b928a21a299d80ff5efa962082bd1a14de103cf12706df9b233aee78780c64f35ddbe64dabeb085f72df6157a8c8d20826715c183dd68fcb5ce4c84f3c760d24975d42001d07fb9274b8d8286afc4a847b43e2ea855154363f4ef63c7ec00abfe0b1b56c814ceaad17ba9bdf00fabb318ad01d83ef60d634480e7119c8e5d67d05c66722e758734f516bf46c76e30a8110a3bd1107acd83dbe79dcdbf853a03d7e41d1b9d2fdec94fab045c437c6c3ae0ee6002203f16b850457f05c055bf43410b41f2ec75fe5ef1d3baee32e92be8964e4dc0917704c5bf0b02804c74ce62dbbfe236f1d2c2d0437ef05bec7f42a5cbe501efdc2256756bac4c372641bb7a7449073ce4200183df3e1648b841b2088103ad6b10a9ea3aa463678c2302cb5c6436f3e86168dade41c98f0839cd87785618b48a401948eca1843e25ee6286e9ce60a4b9612cf31e026d569eb3611bc09ffee99ec0d3c4474b16e860899dae8b95d1d74314f6dc5cec241ca1d0e8781f03421f4c779fc1de7dcb2dcd63b44504e093e539eadd1e3bdbc980f892d8ff5e935c2086b37e5d1286c2b61536c7bead5ffc4563df9538d5564cc022529a94ccc25a36cf7287963c59ffdc5a4d0e6d024bba911a40b940753f8a0ded87f49ba48dc48da7c220304ff5cf27e81a2ca64690072c4667619cd33a0eac6916efcba11c4b991b0c5ed03c5860d9e0ed4d42244f228f6715da9172d5ecdcb25f202bf4a94d671b7cc0334466c2d04948ce06cdab7646308b601d77abeb85cec4cbbc047736f30fdb9e51c218de9fc64487a9e7a7730cfdf6c615788ef6f9b6afc3715bc2b8815f353a6f7c8dee6c11ee5fc14653291f8b3898e2b937f578f08c5a3efb6d98a0eab481f08e909a0ca4219638adfcc2a6f90b2825b90c74e0a859f1d5c86bf654691652d9d309284e74c0f3ab48d3677d21563338855e14453dc5fb6f05619e2aeeb9f5d89cc946af870e534693d8deb1ffe4413167b703bdcd69f8c285b04d93cf114d1d85f6269baa7be55c6c00f436bc1d49542666b416ee574ad4b851ccd93cc134e578bad8db6cee50f3a2863a66364bea2820e75dbd1c5d59882212b025afa62c92e1b754f19d071f646cffea3f54907b1f241720b1033274b79c1cf837d7a88f26dc83ae6cd242932e97c3596de5e19d6e944108398c45862c74cca862e9204c3c8125da2d20f76a3ee6a4caf4668036bd4ebaa4372453a16742490195303522d3871d9e819cf357b6a232608002528f6031581fa34571a90e8ec6b14ce6135414c63d4a9ace0bdfdaa3280fafb6960a71dc4160c602d5dbb44a46bd063df51a7b849b4674ceda738705d639e23ee49651c5c0e6e87f70867249d5f72a299ea61faf33e5d02082affda21995867ead2f89f94f771f2e837b43f0c8207ae93b7b5cdbe81cca4cb615f834b49730b8d2f9093cc47afa2e06821db5fdbd0ad9bde126821fc4b70b2aca5cd3dda3cb6569e7a2d16cc5427991a3c4f1308d920174c0cb14f43e08cb2fd8bb47a4483f9e39456261ea301782c20d354be25c757944b1d9c6f51ae926d988ab7c975c1078c3b1bf116d018d8d41225fe7330ce57127b37b24118bed80f35a6e12b990312091529a7e73a26d4668af5b2ed9266f5ba0a4527810f8e6e7cd1a90b602d2ae42ad29cca2bc370049927d3b9d5baa6fe5f10586ffcaad72b5619622077466493ed6d8d4b27914370029186ff49d772396c0d525e25fcd8a0915a8346e0c7bf13651c45f2b24138e2a12577769996dfe9cd1860393219eebdf212ec317584542d11d7400bbef2e5a9048251a59d2df85e9adab95d382740209814d16f594aebcef1aef49de85dd922103ec500c217173dcb3866c98f70770bd5eee0fc4e66749af4bc9e731c90a2d601603910c147d8501d21fbd1d3ac69c06d3b5b0bb854993c0646cd1c124b237468061abbd2dbd0cb7a4559377665e9f94ada58f5ed2736076ec47d89244c28e20f4aaf78b0bf168daafb72f1d2cdf75afd996461f87460b51f90e39938149842c6efa8f5d5f65bbce8fe9aaf17dea57f8b4d163e0675011ef1caf5440a401d2c556c9d96b0809977e60a960f151fbb02a57e0bba1541e79762621067d020313fcb32437fa205862048a658a9c75bfe2990aecfba078492494a7436244f4e8a0c1bad57909d45e8337ec98f99b0164fc3403cf2af192b41e6a80ff7056b96af37290f497ebecbfd75a95399f7cc455fd14d0018f69a2a8f0200c3c7fbc0f1635f339a2", 0x1000}, {&(0x7f00000010c0)="e56051852aa8a4d04e9457e3750e3845a3443658fbdc5b829734f5a389f06bad78902250a18aeef186dbbe6210dd358861f822759f4627ff3da8d730387197c0eb6574d536b75bcdd04d8ebdf8aff29cd34b8fa11f1218194e446137bd0fe2297cfcbf4f03d3d52fae6a705eb41a7727b96fdd7f804ffb18f30a78981b13b997ed4dc138a397d365cc9281c520c5dc93fb3a2928d1fa28d393be4219d9b30e94c7c47a191a789a1775e8ebe11744da39cdce9b102e560747d4760875164589574ae82e159a2d432df2669d0257dcdded701d9c5910c04a73", 0xd8}, {&(0x7f00000011c0)="64264d72c3c868b64bdf3fa5e1d0244474091ac462a367ddf5281ff465c3905280106c486a28d6a145c1a710d0a15afbf65622fcb9361e2732", 0x39}, {&(0x7f0000001200)="2a6394fea824a00990680a25292ee30391b0def69a3e77f09fe6005c347f3d40ea6974ce18fcc14e60e957fad5d5d6fc0bde1f07ad66361f47357d273514c09e1ee925d7feada5c189bc061a594d62c1dd3052e0ea4a34ed6eca67730fbc23bcd595f9e2e6b1f0c05fd8a4e4c52781d514c66177929f253eaa728c0a4dc3ae807c2918285ab2766f1750e8846314d9df001855b2096e1bb020d396dbd3157328540c1c60fa155adba6a2399e889d2bf9d84885322b6ebd477a25f1a75bd84ac4ee6de72fc42cf4cc3148e6f6079cfd0370b19b6f6164bc06081418e6e12c71004622e3d33740282d52bf83fbcae2808eaa91db8372eb8afc67e8e371fb36ec040a55c48afbbcb02c9b068e94a15f1e06f3c665f8fadd276f3381fbbf4393aee374e86a49e90cce6b878ad2bf338f1477df662dcacc2dcdc3deca8cffeaf6e2137cc7ee363ca19fd8fd1f1add78bb3f6943ee38b92fe123b4f9cf604a50b1483f1c5fc887d58ed425591c43f896605eaeaac71bd5a048c1cdf6e8399c073bc6c8fc13030a4ec3d797d56b5ef17f23fa66db49fa65b618ab2562b32434140534ebf81a669913412b2b924a4f929b231947fd83ba87d159ca7452ce5ba87c081e7af4f13b8faac489d10011123e69947be198543a79b18a4cbaa8c544201f306ef82c43455ab17a3d70159ddcdd61fb47ea9b5d98ccbf19576d078c8c5197da10d796f265518be802d086be33cb9f10d0194837472a28fd148d098976ac31fb6fde5066779f5c212a9a33fceab10b22d253c4440caebef32793ce2af2b0b45caf09dca3f6804adc9a162d07a02d44ab9df2e31e22e92c93c39c91333d420fe6b569ccd7ece0ddcfeab31c04f4897934b5d9effb5662c54c7e740b59787877d3a048181f9533d2629622b74de20f72dd37d2a61c1bb17185e21fcc529294053fc1184f0121f8135cda35e268cd7e8176c7111b4bfa51e4482e9af5fabd5f4fbfe0eedcf765a038c2192a4cf6b221d0fddd32405668cd2ed00234448c1c60021814f80bb07d942c27fa630a914aa835f8106f1081f54fc8cd2a5e43ab79b0f3d5239cf6b7be93e119f4fe0f402b15efc2d3e91f1b2491bf492f7cf678668ea3ead5bf872f660c561cc945d6ef7f7d492efedf90ecd5d803192733af4ce3ccde7d231876a81844efe62079525126bc9335ea599bb726696bd4d901fe10799c6330b0a747a8a81da5ddc05fa220c8dfa22eeda93032d0e7bd053e1e3518c4381c271729c25944406e94b706fede18ab088c4a7faf46e962619f2575ec444dcd0554f0b49a95525852115ddf3fe7300b5044a8040787ba50da3710d40542b31e2fc9b5e470e4d2d0dfb96e88b639f254bfad6e8bb5f7cc05e8fa9010128693ba5c96c5da464460b7900667d89fa27d9b83fc7ef042051634add74d5c172fc55eae6ae40889771b0990f4f8bda9923d14d40c1c211fb03e8fecac8d47cc6ae9a71d0d3dc8da5baacf56491a308e09b7cf231fcb6d14c1a91896a3d6720b1b109fadb7272a23d647875341893cd18b2944c72667be760e74d75d46542706dfa3be96a40c804b0108b2526ea460c031dc19ad344af8df8ed2d01bba6ac9e818ccf9da110d3d0fa7d12c08e8a0721a20cacf5aef7adb6ece08033395288531f18fcd08b7962722a6c6333ffbb5537c8d729178a246d4d2bc7f7eeb16adef137d2a40f205ae75dcf368981fc5eb2dd8f9cb2c52e5a3a5dfc646981c5d2d7ae12fb2692760f686aa4b2b9e677f1c485df596069794686cf661f6d13c7225342a323783db4515cef163fe2990870d2fc5e5ad46d5757b005384c80051be8eeeb767f28dd4b4faf9188551765106d6da3e7f8cb9a5fb3f7e1e4328d9a0597e5ebcaa69b9e73717d61e9155d53f9107e10355c34697bd2637ac18250f547da0cce74a3c1c19ebc25d7634a156f05145636831f492816a8d2c9b7092c8fb82ea9ad826c07f0382f4d128469b29ece40041b968961628d9f19d2ae57fd546301b4fbefdeca84d7e07f0848612f7e9530f7ad758ad2202f21031de4910320819fdb464f629d6c2294a8e7c7ad9255bab764f0fdb5ccc6edfaedfa8acdb269d5ee421459d32e853690e65ff2406b42dd4642c58fadbbaf672e0a6cd93ad8d3e8df5098caac29b5a8848020248b948e39952641c5a3d87c884491c56abb4d961a05b12717903dd108b59ece42654a7b9c0464527a9bbb23b423faff0e58b3a71e216e961d139e9506bd585c27ffab9df07311d013a45edb6662859dc34c602ad8cee1f11c8b472b07cc6b0aec721b5044c3b495f255f1028350ce10eb4c48e027e9911ce52d912a0be326887463fe91215b278a390f6e39ecef00992d15e32cdc3570b5cca0744cd4f041474716cd216d06decdbe742b4ceb43d7efef95e703e3d7b165a7a1644c70f725c32e7fb62a0ac79bde6400fd70a0c22291d4f4af5dfc6755e67dcd536de7b1dbe867ad9e40e3dd0ff410f6d8dd7ce457c340827394a555a951de8c7e3718c99024c93c6ed88f4e07297fe3c3b3ea15d1abe81c7a55f908965e1469b308d77f92610be44d39f4ccd340c3da656c2b43039b22abf7105e73a2874d913e31231c9e9fb1c84f2ba8e2a74def7d8d17db8d7cbe7b851362b053c5c5039be2132cc3419bddb5e568ababbb304bf0f89e82b7c1a3476c87374923af2b052b333c4232e2567602b1694d958d7905a0c7e0ddf3c50acb020df4290746f230d49de1bb6a50e9ae8a79dc3d4a55a6120109f02f487b02d9981c150b79c553717045ba09012b3b3a04f4fc283a1e3474e0d97af543b0eccc5b0f6e48b4752e4a6bf125affde4a6fb87937d9df082ec6fdf2fe10cf1948a4064f1f142a8d8ffd2eb7ba0bdfbec90347ff118d5ad031edcb0bc9d582bd784b5cc5ce0686a94468c1d4fe658830d99598a62351d5df98413d13090f3b56a2d2ebe4e132836d12d13e25f9bfd11a305db9dfec456913932250930955f2d7967da9aac380b097b61ea1923359c5bbda13a00134d07e6958b78ec087a57ce88bc571b5bff7e5cd2d2c079d201541186141891e8133bbd8629c6c04ee7604d31f0af29b9cf8aac2b9a9ca435ce9e265ffcfa669ffe773ad76aa69fb0045430f824360eb552ab1f3b6231593c11bc8a436784f4f850d8c00fc7b96282d90ac722067772e52cd5b956f362061ad56e1bdc2540baec20c9704ebe2db895ee14a08701ccdea46fb31eb64f9ce41c04d14e48db911d966ef811668763fe3866e485dbdc362b73e4e08702aac030fd2d948def06047bf657b80438f857798df0b87b24d29df8d85e9c73446751674f1842cfadc1cabcff31f0282af223ecbfcc8054e4f3884f32a42a0fe317be9330596eff52429439632b760222fb55bdcd1d5b6e07a5bdb4661c459e34b9f52be4dff9fa3f9490945540bc419d96ad25d5fd5467aca8c00fa23696ee34d3bb04f161f40eece3c8fe5562a221ea1b1819bc115c1ad4cb820dd950523d0feaf698a2dcc795dcd5da1b7750fe665f876339f7bed98e3d9ad40c2c318477eb14e2ecaec50bfd1d981938dc32c263226ca429f6f8d9232697375ebf152810627f92cb9a5148659a359c46bae1ba08c4c850a6d43b4d5c411273bd2291d8cd74d807b9a831781fb105e12b179c2f0ecb879b99bbe271456aab5103da4f0c2d228354589f2dee9d22205a2176765f2f6fa44681485c19e749ee36ccbe41dac927fdddaf8d7db87cf52963895818512d1ebfc86b3088753684181ef129cb960a58bf08a5a425a0590751301fe9836a3f22489b35bcd89554175e42eeb77d779d7eb178fcc1d31ef76d8846ced408c7c01059dcfb9a508f7d66b77e6526506c2d93d4244b4f487d09bc1edb954ad136e7c878c70f02faab504233e1360ae5bdd1391001354b4bc05fa2462cbc2f67ef0a91b1d521c40f123dfdccc1c30866eeee0dbf00d9f8851f2910210dc74d36400f7b090f42dfee824099c044419955f0f57af6118cb890c590b3d6077c0dfb51e8952e4a8a82b3089a163888d657fd5575f22d9da66f1a0e4d7abb664d3493bf4aeb503bfa36b3de75aeff0f0e912985056efc986286299a62c2eafbcd2bb66341509bfc160671f384492b44e76e489f63c7def0c598c516644c98840548d1cfcf02a03896965ca0c52ba55a087e85f6aea673bfda5e0fa83325d21b4220b7a5a29fa29e38b94237f3eaf5c78962fe08bad7cefd0d55095fe1b00ae0e190ac629f28e981f1589ab674bf69d341b1907f7b91bd94abeefce4dae4e2d83676c7374b67d645e7229fa37d086245dee2b64613ee5cb6c693b80dff21b6bb1725ba98c8f915d8bceb54aff3f4923ed7179f635fea71a1a22f97846f1673dbbba297cc407cde30193b821ef33b87d233ad82734cfd880ae95f8eb016322f7165091a5077d29647849f384d34e4a20a25525ca421ba7e2bc64b8f2968ab3b35b9e05b3249cdbf936cadd385eb7536981e5f0483d829684594477e81b49a3a565c838d475aeb6368bcb80a1a810fad9c5e54450ef25256f8d7b484f9c2f585d6d08ecda55652fcf4f83667e6f2215caec993fb80cda06d422ba671bf2d1d5e7f2f91c41b176aa03a2d95da3fd3f9defc0aad26b6bb4e218f2616f8f3cdd5ef89bcc51bcf91c42ce341748450fc3937d18fb3fe64b5fce0d317ba418711055f2119d7ba86667dbb585127233574a6a02be16781e82cad2d511805685e5c12d03789b85e873bc8a170a4accaf7d69307a9e6a15068f5607e037b550be1b1396843f1ab9c9d150ed2b9cee861ccade2f3f289cbe8085e36e3704019be616d55f279575ba26c2f3ac9b0fbb4dddfb338ef8cdf1fe140ad4fef4c4bfd636439b18cb2a619b0ed190663f2c8574018a7fd1300ae49d90349888909d7c6c657853c75ead0f2139fea428e513f8b830a98c1f49477fa13c31442eb5f8b21c0daa9dd2d19da8ff74cd1599c8348adaa0608586235ed782127e2f66b65c2f2bc3e8c7c8de444ec7cf5b96b86c82582b7ce1f632ff7f842bbca7615740741412cb786de4489f23759a0f4589b299c69f2457206ccd89417e0655e256ac8ad5a7704f57f9781bc9dca1101163f1eb9b2cbdd1dc5e621e91a27ca28f95d4d5fa181a5dcc96b3e20ade8abd0dbb655360b0888ea238f3736b7f1b07b61b5a94d86f660fe64ae1b183454b0f1740f906b94b9b2660f84c980f6cef25690dc7be083493ce62704ab2f66dc21bd8b8ff877de1c66afc183c050388d0dea91014d525707665ad76e7819c8aa50d5dfd00da91003fb3c37469b4d3da6355a686e54accea4fba5d407be74c33c6d80d3d657fd5ea7ac5fe0753b78df03df66499f30cac73f5e9042aebeb96abf8c13466f182dcd0d3d4e2a08ec3899fb6f4810545e7cba8c8ac3a54a0076c5e8022d630a7c3da9381ee8e37d1e1dfdb8274161aac6c00e291f52d075fc6a682307d00e6f986e779a5b0ec47ba22ee344856f32a56525b2a689b2fd5fa2e704e9b98e55dc9ec1d3f28ddf149afae21f02aea8c1aece1f7792198e3954a91ee13e583e36ca06c060bc6b079e808f72aa1c815e1ec527a5c3f315c546370e71ef8dfabaf8018118ab7b1fdffdd0eb5c8fdfd1923b8efb4d73cfcda00815856bfcc5920cbd4ac035c423a5495ec9e843f1c0f887b9501027677171412ea0adf6ff99c57014296a097a9e58249560d6de5603e9bd7010224560c2e16ddc931b5539cc1cd5da4c67881aefe75ba3435d08926e09049c5036eee4249279b41", 0x1000}, {&(0x7f0000002200)="e4c29e5b1c66193da0fb5254cb839b1fa9a88fc5518b2959e0e83e1ec05fd579e053a9970ede4f3646a043177c51663649b8015fe3b74228b1ab616c79ca8b08eabd90de0f5fadaf7dd70c5fce2e547e5a2df5fcf026d1defee9b896c239e8d324bbff70733eb3b3801bd14205b11f8b0ff569c8d98ff77513775a1eaaf104d1d4cbb2d979d3d8eea61a100dbbb682028a9b9a6e4084561229a5157d93b2", 0x9e}, {&(0x7f00000022c0)="9352ba0ad4880c506560ca9f12f4f4c4d5dbd4103c25698573", 0x19}, {&(0x7f0000002300)="209f769e22c98b2c27c9759bba4d119e770d5f831a4b5e1e0564c8009fd42b7848f3930904dba87c1653d68880051d762b2f19cf343d247b6bdd7279ece8f813abeca2b5d25a2e343d8d49a0956f2df50d", 0x51}], 0x7, &(0x7f0000002400)={0xc0, 0x10f, 0x400, "94466be7536f819d02b60bfe445bad3c26141762691d4a0e3102ebfba93c894742683cfce2427936c6d5391ff9847f440d078d14a7a1b211e454477857468347b36e36c1dddb4fcb2d97eaac7180d746cd941ac8afa630158a1fabb3951211fe4a6477c50e3f7269aed315deefb92746666413f3061c22a504cf2533190fb53fe3b5e5f350253480cc0a717452528306c74361e009bd3c4724c16903c987f8ae345d86e3d8ba5eb77cdc926f903a73"}, 0xc0, 0x4000080}, 0x8004) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f0000002500)) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f00000025c0)={'syzkaller0\x00', 0xffffffffffff5ceb}) bind$inet(r0, &(0x7f0000002600)={0x2, 0x4e21}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000002640)='hybla\x00', 0x6) setsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000002680)="408a75d52e234da8988a26f5ee6ab6b0d38f4c160c864208f7a6e4651a149e198678a2488f0d73ff06a2b45148910b589e05db620a72718a0658c96bff2beaa7b2f87a6da9a7b1", 0x47) shutdown(r0, 0x1) write$vnet(r0, &(0x7f00000027c0)={0x1, {&(0x7f0000002700)=""/40, 0x28, &(0x7f0000002740)=""/67, 0x3}}, 0x68) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0x0) ppoll(&(0x7f0000002840)=[{r0, 0x1000}, {r0, 0x100}, {r0, 0x8d}, {r0, 0x4400}, {r0, 0x1}, {r0, 0x80}], 0x6, &(0x7f0000002880), &(0x7f00000028c0)={0x7b5}, 0x8) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000002900)={{0xa, 0x4e22, 0x100000001, @empty, 0x182c}, {0xa, 0x4e23, 0x5, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x6}, 0x7, [0x8, 0xbf7, 0x4, 0x0, 0x3ff, 0x3, 0xfffffffffffffff7, 0x1]}, 0x5c) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000002980)={0x5, 0xb14, 0x0, 0x80, 0x9, 0x3, 0x40, 0x1, 0x69, 0xffffffff, 0x890}, 0xb) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f00000029c0)) sendto$inet(r0, &(0x7f0000002a00)="bd539de7314993f45800610d9c5fb2555750471f7b7c1dbaef8adfd129e3bad82a592f963736e14feb0aa3576255352542ecc5acbd05771866676f41dfd5ff2edd1f6bf58cad7d03f746662b5a11f54b099433a89e07159f63a8df864c2ad5e98f6d23f1a4", 0x65, 0x20000000, &(0x7f0000002a80)={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000002ac0)={'ip6gretap0\x00', {0x2, 0x4e20, @loopback=0x7f000001}}) bind$inet(r0, &(0x7f0000002b00)={0x2, 0x4e20, @rand_addr=0x3f}, 0x10) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002b40)={0xaa}) open$dir(&(0x7f0000002b80)='./file0\x00', 0x200, 0x4) write$vnet(r0, &(0x7f0000003cc0)={0x1, {&(0x7f0000002bc0)=""/4096, 0x1000, &(0x7f0000003bc0)=""/225, 0x3, 0x7}}, 0x68) setsockopt$inet6_dccp_int(r0, 0x21, 0x5, &(0x7f0000003d40)=0x5, 0x4) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000003d80)=""/68) connect$vsock_dgram(r1, &(0x7f0000003e00)={0x28, 0x0, 0xffffffff, @any=0xffffffff}, 0x10) pselect6(0x40, &(0x7f0000003e40)={0xfffffffffffffee6, 0x7, 0x8, 0x28, 0x4, 0x8, 0x0, 0x5}, &(0x7f0000003e80)={0x9, 0x9, 0x100, 0xffffffffffff5a5d, 0x100000001, 0x459e, 0x7fffffff, 0x3}, &(0x7f0000003ec0)={0x1, 0x1, 0x10000000000000, 0x7f, 0x100000001, 0x9, 0x0, 0xe9}, &(0x7f0000003f00), &(0x7f0000003f80)={&(0x7f0000003f40)={0x400}, 0x8}) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000003fc0)={0x303, 0x33}, 0x4) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000004000)='/dev/qat_adf_ctl\x00', 0x10000, 0x0) r2 = msgget$private(0x0, 0x20) msgctl$IPC_INFO(r2, 0x3, &(0x7f0000004040)=""/37) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000004080)={0x20, 0x36, 0x6, 0x20, 0x8, 0x4, 0x6, 0x9, 0x7, 0xffff, 0x3, 0xfff}) 22:20:55 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 449.350510] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 449.357848] FAT-fs (loop1): Filesystem has been set read-only 22:20:55 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:55 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0189436, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) 22:20:55 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:55 executing program 4: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x1, 0x4) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x9, &(0x7f0000000240)=0x0) io_submit(r4, 0x1, &(0x7f0000001700)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000380)="88", 0x1}]) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETNOCSUM(r1, 0x400454c8, 0x0) io_destroy(r4) tee(r5, r3, 0x8, 0x0) vmsplice(r6, &(0x7f0000000140)=[{&(0x7f00000000c0)="06", 0x1}], 0x1, 0x0) [ 449.637345] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 449.644689] FAT-fs (loop1): Filesystem has been set read-only [ 449.669400] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 449.676724] FAT-fs (loop1): Filesystem has been set read-only [ 449.698692] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:55 executing program 3: unshare(0x2000400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x480403, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = eventfd(0x100000001) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000100)={0x1, r3}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x10001, {0x2, 0x4e22, @broadcast=0xffffffff}, {0x2, 0x4e20, @rand_addr=0x81}, {0x2, 0x4e23, @rand_addr}, 0x80, 0x6, 0x8, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0x3, 0x9c79, 0x9}) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'teql0\x00'}) r4 = eventfd(0x2a7e) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0xd462ded85726f390, 0x0) syz_mount_image$msdos(&(0x7f00000006c0)='msdos\x00', &(0x7f0000000700)='./file0\x00', 0x80000001, 0x4, &(0x7f0000001880)=[{&(0x7f0000000740)="e264ad8030053f2c8eab6fb79ef0bca46c09ba9a8801a63609c9dc3cf22f65c71d9041259225375488c546c2fe7ef25c8e223f682b4128e5c329b7996a43bbf281d123afadc3404a8b10d403af35ccba069fcbf2b203c3953d79154abdde4f4e372a8122da13175809404d87231404390a1ae871f7e69ca4d3a5940c3b9035d334aac34ff0806e0231c03dc630e12ce12f3c8739ae330f3f3bfb46d15509f2beebe29b8770dfb0bf62470e05049ce1c0d0c332ba9122300fad0d5e7fcd99cc888874d7050850bb0ea4fbd9e9b1c6a2d8923737d13e30e5854e2163c1d05e74ff2ca3e8e0380565c1f75a27491db83cf33fa69ded75860fa194137e2e6c0173010e066daa7179cee9a7cef63831c5dbe19f5bc5c693665bfdd75fb2ab08119deec05ff49819dfa583d157f2737fb752b5ba6055852b608391f585ea73429b75e263df5b428b28476d8f81e36124fe8be4a064a0ca06b6b2d425e74cd4e7c6ea3314c8d21b7cfb46b3d295ba45be8cdba432ada40da36811c6f5164e16605369cdd3d311269afe88b7d7692cfa48b19e8c1bb229e690b68f5f600780a011180be9b7aa21ae0846bfd20eb20dc3118ecbf919062494ba95f78d2745312598e7f322b8964e663b90439e8c80a55743ea391dca537aa3ebb3ff09eebc78e3fb3258ba0396f30032822a1bd504c0cf96859c0f68720db6ab86cae53c4aebdec36149d735540e60f166b9a8ecf5b64fe077d473030ead1fe9257c19a83d1c2f196171d045fb2793ff1b6c1fa362ec5b5f29f32c10dbdb7d0c4194f9b90e5bb644520564fba56f1790002a78cee5af3eca6ad1b463e2a24fc623b2c56559d05451e6946d484ee4d1cf45e24180959eeac5a46b563dce635b1c23324f7cafd1ac752454f83573d23632dabc998c3cd84c9452b0f8f0123b3d68c2e44ce18e03963d04a3205d3f61d7aad0011a70350a30d5ddd31189829dd3b1cbdcfd4b23fccaa161dd02249a29fea7d2ed01ce74cd54399c21fe3da007464cd7351643208ce1e779be6ec88da36b2359b631ca2b82a9c5271487f78bd0a13341c166161cd616d9894387f103f97e955b452c2c4a4ff07ba5221a9a670f9f82217567b64b7584e9ad005ce7da13b66fa53320148127cdf6bb3a04077ccc65c3e4a0ba410724bcbad4281fcff9bb148372038c53e158796f8046440b9893e49da0a1be8b4c131c3f3e6ce0bad18c13c8940c5a945b92021a2cc833c80e1477372b43b9a13240a6fc62922cb631677d3ac2a704a76f225163c7d90f598bf9fe97b66bb11f76af1be80a3513d74b55c765af3074cdc5f02895c9e84484fe09678d5ca52701bd09f2f7c011e7da5b9d19cff87fae920569bb577d050fafc9a7cc66b899e3171d8a2da8a26af5d14fc7a145d58e0c80701bd5928505d920f1743321b2b916384bcc93c1d011cb321839d8e8f314cf1823dfe8a4a4825c8e1697b4138de96d725d6fe7d76ec7dab0e9ce4a30c6bf02e85ca2b86e23cacab0627dff6a6eaf21dc8d6522004e763d9bfa7cfee7eeff76bf01d7ba4157e39192ddaf679a4d573fd63ec01bdbb9587b9919f8844a57498eb3419cf49414b16fef68f0763945aeb598b18bab638bfc0d2ef0a11393a44be61c8d8ea0cfef8ea30791af73becfbb6013032566a3692bd5b4c8a289fec12e3997cfb57a86b9be98f67a9a1bea187595ce9e1a420e2936319268cfd9ad709e25bca0a7cf9762164eb63db7ba3d0247fc5d64b1dedfac753a8382ffdaa72352261ff0691f7f589a5b080d8c2f642a22709b830759da36a6631882c81e0422cd2a4c427ba27194e29a4dcfebeba4c5f05ff315ee814981a7a6f7b8143f86018eb8e13fb2a984f96d057bb8301b2166dc0323743d8a312d92935853cea15920a0794d5f372a4914d56dc96b9cb040a95515929617b04385ded5948b5b44c3e07a838a252e3bc1fdd3f2e3a9b97ba6c0bfffd928c686a294719949021f5f1b6c65c336bf7f81679e90048afb5565f8345f8cee404a4974f80f5d9cc2a532e5c25b0f426b7d95e6e9ae376d48ad4029a07fb986abebf4b8f29a7969828e63b0f7720af160a1346fd75dff40a7e00705f0293f58fc46a3312a8ecc801dbaf17de406ef6b7fb515a6b9bbcfc67d80969012d5719dce0b522ab46c72a75dd4f2df949ef0358cab9d22c27a2a6122e9567baa49cfe756357262827cbdf6ebe9bbe3247483655dd146fe4f91576f9e847bf820e5a6d56c6c5a4cefee3e55435a75f1b0735d733e4acf103707b285cc87ef541336d8c419f3f8fb5adf0886024485a354786e39727ebb55c6e26deb2c3f6fd2ad4dece0fa0d06aa88d883dcb2f3e94166c2a75c7ce135a96d5f21fcc70289ceca8e42509ce17fcfdedb2bff06fa3d54f7ab1e8dc5fb8ca05789a13b4c2a40803d02314e0287584e3f65475066cdf897722e32fb239f7f096a6189e25af9c7a85eac0abc7c0c05c06ce48cefe1ba73ab50d746cde69c1693bfcd965e2f9179c0394419f291e6597ed28f709868067f57be4b6c415249910ce84d62ed4278bf0a552a6c8f4fcebac759f40d9230fc96c619cf056f8f25ccd578d032fbada626bd2b20d2e7163bb0f2748a15da6f782c9e4a4604963f8cecb2e74bf64ce172be9f14200fe17b972405b69a20344eea8b12213d821b40bb648ddef52dd772eee94b94b46c8327f3c73dfc6dd925006bc67161652e2b92a392ff178e543c0cce144f1e6ae51c990612623b00b874ca685ca96e44dba187c62b93a54ca5979bb73ae6a90d3db5a4763f117e2c1e2d9790ed20fac08c577c3e4856213249f109e173b85772085bc1a942147a04ab8c01b914340e21e3c93cfd74a350706f874547b2a70addc587172f110ea31c6a590461773c1b4887856f26cd422c09fdb845a8301fd778d2172d470183a662b7e57ca529b67c601bcd30833d91245834b472370186f0592802b53356f664455150b69e230ac31b8c519d2ce26aae4350925b06093e73bce3d3a191b6a11f5af25321d452523e04559b8d18bae780e0fb431ea465365cf024d850b31de7099beb18c02dd20dbf1719c9546df217cf53dd77aa7b63e656073b9b98edef82ed56e3979682c0c5c37bdd24666916496aee8584fbbabc6fe04609f59580c28573add2a8db215b8f5f1746b03360cb06f3ec184a6c07639a6de7a1876483e8d12ea50efbe4f323da7bfece853cf652af749b00728e8a88dfc350727fabbbcd527f7b6f7581829baa52296a8b83a3d068984558b68344e2b43f4d96890dc8740ca8745963863d40a24e0973f5b7ac506ce52f4411de444e8763871d98d93543a976b048166fe6e3525d37260f9fcbc615c4faa380e1305f5c4fdd0d1d38f6aab4f91fdbb898da5ec88adffe361c339d9fee814734cce0dea87daa94a56947df13db8e732c3fb56b7f056260b4fe1d8996b83b9698bee7eafe2e91fe3005056066a1e42d4cf0d61aae2d5b9e7b2784a0d7cde4a2c5095422d4e5d25c59bc8a6fcde48a23d36e87ccdeac636249b0f90da07aa0854496c56cef44cc9b6ea4fb9dc873cc1218b53278c4009c13342af782006083e11bcaf9434144601a688c4f598eb02c10cbdbeb33f6239ef2fa46d64f729e24130b2dbc6945b790de0f01c2b44f95b672ef477165dd74cca413c7551e963ef1656345f9f697155665359ef9c1cb7090bb46cbf3785ca9465159964dd9941ae6388e5e228eed2f23be3e3eb0da69322f53a7e2586c7ba4d6627d440539d7bdf6d82161c9f935405cf72b7e1eb64401a667c4daf5975b089977c429a7d9036b1043e663403c5bd82d6515e75414eddb098b4c37e2f1ae19bae39c5de7700faaf1778953fa158d6b112e3f0cdd26bf31c037c3995ca760d93b6de9717671f0addfcd4178d4bd29cfd13cb3fdcee1173c66b8467269d32c065d95f0db96126c1b5044bc931919cfcc3c37ab211a7a7056431a779d8abe06bc228581d2a299c37d36b00c85985a133d2c94877b095cc22071ccef2c884bc95dfe41126fcdc8a83bae00def6aa0bd2c415530996b0274d3b4ced4a5668d47196e3dba12bf1a9366670034ad053d23bac1cc6fd1463a0580f895bb910facce11799af41e10f1972ae8ae5d7ecc40cacc83b606f45b911e14b175a5e5fa16c473fb352aed8cf8a9b7346b74608297dfae2253151fa6c5150b4b427b2cc47929992ff3c05e1ad69d8e87f896d7d973e418b26d81b92079c6a2e85aa1063b1c29f6d69474b72aa7d154179f504a47804240a6de0d73151894d7e200b0cf7e353c38b2f853ad086649953d2ff772d5c6702bd058e9bf53bfdb351499d3593aec8462b6ab75f30c1f14854f80924ccc05ea3d8197b410b416f7d4da0091f94527607769f76448189a9d763a5b663b499778f95f86ce50d0c953c754dc6b6116f6f0c6fd7497e0119b087d01d68b84399a918d2b14c67f185805963773bde350449f6da9f170dd364d63f7c239489757a3f8472f6a8b004965eaf2821792d4851a280786c4e27c5644f4fd3b17a9f585538819ea4e9f0a8999afa2c2f8d823980852741347ec79fd3016b36ec4285d45b35c1bd513e7bb5bb179b073c276bc5ea12e317eea41c20cbdf596107a60bd95de702fc6494c66929ee7fbba83dd0f93bd30dbd82310a7f0b55f55ec1066f4d333f2cf1f0456d8ee57440a2df1f37591e0a81bca1a1eb82664ba7a5c8d2f02fa83b335759aac33c568123088cbca380732038df4603edb77d321d5c1be281f4517b46d9b253741362a0e53d1ceb28cc88c57eed2be9487c2079b18cb90a5ad02a3e3b48a6836a997b8907cbeb940542029f663a57321e0a8a48fd8f1383c177901787236e2692162f27f6b04912c111c1449d83b308177ecd3f995d29ff6fd854246696cb76e5d8ecb18b9cc1fbd0082cc6ce657a4615e251d0006b2f7a5dd50cbc32430731932a3f2b11f592a65380a13c4c5b6c93208acf2ec626ed131430d196db1e775ee9d532ad2b71bb6505ac45a427b64e136c95f3c562c672ee45f97735b633efd32c77d05c09a98574d3b7e0cdd22c2ef5261af8bd5dc02b4c9cce985f96a895bc34f31ed07a2c4fd836a2f148a99c9fa51c6eba6bc29cfe90601b85982ba5c01d343e41cab03d6828d965471507755fec24fb78fbf3b83c931884348a83847cc6de8479d4cbfb2aee9d0898706aa6ff06b32c8bc3de00d50f60c6a1a67880b5983e5f7a07969e99331713ee978e269ab3a81cbf078a9b66acc75a8951d995ef9816241309b4e724e011de4761933edf4a77fe897482a804793f6ab2449980b1e2379a62ab3377a70eb0611f0297d15b1505f8017ea8348a1c1ccebf26ae42041d97b7e87f57e79f1a5c65d2520e486d9f244d258281dceb5bbe5be5c643cb9f3fbb062feef19253f528c67e9e77eab2b672ff783c93f6ec0b482eeca28a236aaaabe23294c599e7971186e17b77844cb2dd00d2783181d35ab1938af3450e31650e465d39276bdace8a9cee9256aed7ca9c409436287244d8750da47407f7bacc7b096fb89ed2d873ed378fb6472425674944cf207994cd1a1e4644cbc8c350c3420aadaecc6abd788fd4e6d985be83a350bb929764b2811b27698e3470417a0ec60abca544a6878e784f20073f057e3815369ec4956df17eb03b1d83a93ac14ae3f287903f6d3d0abc410a187ff0b2cfecc2e35f3b47fb68854079a62505f8ee2b351ff72ff1464b2ddd125ca9614a1c9b64f682dd81e70ff2b08939e9dabe527711ffb01f43d8bc", 0x1000, 0x79dcb8ae}, {&(0x7f0000001740)="d62f5a210cb0cb3482b1e27f", 0xc}, {&(0x7f0000001780)="31259c3f8bea6a38fdf6b78b357b11f9bab2adfbc8e31dbc9aefe335880faefeeaede7d907f738b1aa94219dfa020bbfff995a1fc702d2a4c5458103416d9c9de0aee6178f56da76a135ede1e773c6cc79c91e75418597255edce15a5b6815494dc86c04bd0f8eed6867696d32fd76704acafb1d93156c127e45dcb7e1918642d5cdda5a816f7f95aa", 0x89, 0x4}, {&(0x7f0000001840)="af5e803a9f13", 0x6, 0x7ff}], 0x400, &(0x7f0000001900)={[{@dos1xfloppy='dos1xfloppy', 0x2c}, {@usefree='usefree', 0x2c}, {@tz_utc='tz=UTC', 0x2c}, {@discard='discard', 0x2c}]}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0xc4c85513, &(0x7f00000001c0)={{0x1, 0x2, 0x5d, 0x5c5, 'syz0\x00', 0x7}, 0x0, [0x3ff, 0x3, 0x2, 0x3, 0x7, 0x1, 0x0, 0x3, 0x2b, 0x2000000, 0x20, 0x100000001, 0xdc64, 0x1000, 0x100000001, 0x8, 0x80, 0x3f, 0x5, 0x7, 0x7, 0x2, 0x0, 0xcbdd, 0x7, 0x8, 0x7abb, 0x3, 0xff, 0x8, 0x10001, 0x5, 0x8000, 0x9, 0x7fff, 0x7, 0x0, 0x6, 0x5c, 0x3, 0x7ff, 0x62, 0x6, 0x9, 0x3f, 0x9, 0x4, 0x7fff, 0x5, 0xd80, 0x200, 0x1, 0x101, 0xfffffffffffffffe, 0x100000001, 0x8, 0x7fff, 0x8f, 0x10001, 0x5, 0x4, 0x400, 0x200, 0xffffffffffffffff, 0x5f0e, 0x13, 0xffffffffffffffff, 0xff, 0x6, 0xacd, 0x9, 0x7fff, 0xc95e, 0x3, 0x0, 0x101, 0x7ff, 0x6, 0x8, 0x4, 0xff, 0x4, 0x3, 0x3, 0x0, 0x3ff, 0xb, 0x4979, 0xcf77, 0x930, 0x7fff, 0x6a75, 0x5, 0x98, 0x8, 0x8001, 0x7, 0x6f4, 0x101, 0x3, 0x90c, 0x1000, 0x101, 0x9, 0x7, 0x401, 0x200, 0x8, 0x28000000000000, 0x100000001, 0x7fffffff, 0xffffffff, 0x80000000, 0x7, 0x7ff, 0x1ff, 0x0, 0x1f, 0x8, 0x8, 0x0, 0x8, 0x0, 0xe7, 0x1, 0x7, 0x6, 0x1000]}) getsockopt$IP6T_SO_GET_ENTRIES(r5, 0x29, 0x41, &(0x7f0000001940)={'filter\x00', 0xe7, "82983588f02f67c979fed57b127b73d808cdbfb9a00aeb3caa93959e0da6b72febf299fa6140af6daa690161f8ee3a111d77c92435500185815923bd1727152fbb34dd9f4a4f84b80aa7012fbd12ea3619833e94203ee330d4bdbb42b90e4b10197b01144e421efb68e15acd09619a362b04088e0783ad922fdad648a534ecbe7b7d4ad3dca429f1fc52528f82e646a0498f77fcf403b9a92f94cdb92f457bf8649a0bdf99c419078c66616130fc23010eaaab8ebe5a2ee146ca21231e974803d4fb9acc77b38f369ddb249885b982a7c2c0550f78f875c7afb519a5506825e3868d659ca9a779"}, &(0x7f0000001a80)=0x10b) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x0, 0x2, r4}) 22:20:55 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c9, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300001800000015"]) [ 449.974543] FAT-fs (loop3): invalid media value (0xb2) [ 449.979937] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 449.988402] FAT-fs (loop3): Can't find a valid FAT filesystem 22:20:56 executing program 7: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f000000aff8)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x0, &(0x7f0000000280)) chdir(&(0x7f0000000780)='./file0\x00') syz_fuse_mount(&(0x7f0000000440)="2ee566696c653000", 0x0, 0x0, 0x0, 0x7, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000040)=""/22) 22:20:56 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:56 executing program 0: r0 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x2, 0x670, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200007c0], 0x0, &(0x7f0000000000), &(0x7f00000007c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x11, 0xfffffffffffffffe, 0x0, 'veth0_to_team\x00', 'ipddp0\x00', 'bridge_slave_0\x00', "7465616d5f73ff5e76655f30004000", @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], @link_local={0x1, 0x80, 0xc2}, [], 0x130, 0x2a8, 0x2d8, [@stp={'stp\x00', 0x48, {{0x0, {0x0, 0x0, 0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}}}}, @helper={'helper\x00', 0x28, {{0x0, 'H.245\x00'}}}]}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00'}}}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}]}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'bond_slave_0\x00', 'veth1_to_bridge\x00', 'syz_tun\x00', 'eql\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0xa8, 0x1d8, 0x308, [@mac={'mac\x00', 0x10}]}, [@common=@SECMARK={'SECMARK\x00', 0x108, {{0x0, 0x0, 'system_u:object_r:var_spool_t:s0\x00'}}}]}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x0, 0x0, 'system_u:object_r:bsdpty_device_t:s0\x00'}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffc}]}, 0x6e8) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x5, 0x4) 22:20:56 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:56 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="1df0000000002011076a439cc45300001800000015"]) 22:20:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0h', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:56 executing program 3: r0 = open(&(0x7f0000011000)='./bus\x00', 0x8000400141042, 0x0) mmap(&(0x7f0000000000/0x11000)=nil, 0x11000, 0x3, 0x11, r0, 0x0) futex(&(0x7f0000000000), 0x400000085, 0x0, &(0x7f0000001ff0), &(0x7f0000000040), 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) r3 = getpgrp(0x0) prlimit64(r3, 0x6, &(0x7f00000005c0)={0xfc42, 0xfffffffffffffeff}, &(0x7f0000000600)) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000000c0)={{0xa, 0x1, 0x0, 0x7, 'syz1\x00', 0x30b5}, 0x0, [0xf50, 0x7f, 0x101, 0x2, 0x2, 0x360, 0xd62, 0xe17, 0x9, 0x5, 0xfffffffffffffffa, 0x8, 0xf000000000000000, 0x8, 0x4938ab4f, 0x7, 0x2, 0x1f, 0x1, 0xff, 0x6, 0xfff, 0x817a, 0x5, 0x1, 0x7, 0x3ff, 0x3, 0x7, 0x4, 0x26af, 0x9, 0x4, 0x1, 0x3ff, 0x1, 0x6, 0x7, 0x7, 0x3f, 0x100000000, 0x2, 0x1000, 0x0, 0x4, 0x2, 0x7, 0x6, 0xf8d9, 0x1b09, 0x5, 0x2, 0x81, 0x7, 0x5, 0x105b, 0x1, 0x487dd24c, 0x9a, 0x8, 0x9, 0x7, 0x9, 0xd81, 0x19, 0x0, 0xcaf, 0x10001, 0x7, 0x2, 0x3f, 0x5, 0x1, 0x95fd, 0x5, 0x1, 0x1, 0x6, 0x7, 0x8, 0x3, 0x20, 0x593, 0x9, 0x7f, 0x0, 0x5, 0x6, 0x6, 0x80000001, 0xe3b, 0xfffffffffffffff9, 0x9, 0xcbd8, 0xa8e, 0x3, 0x4f8d, 0x6, 0x25, 0x1, 0x5, 0xfffffffffffff801, 0xae47, 0x401, 0x6, 0x7ff, 0x2, 0x7, 0x0, 0xffff, 0x40, 0x4, 0xfa0e, 0x3f, 0x80, 0x20, 0x9, 0x9, 0x0, 0x2, 0x10000, 0x8, 0x7, 0x1, 0x9, 0x80000000, 0x1, 0x8], {r1, r2+10000000}}) [ 450.020457] FAT-fs (loop3): invalid media value (0xb2) [ 450.025947] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 450.034411] FAT-fs (loop3): Can't find a valid FAT filesystem [ 450.100895] kernel msg: ebtables bug: please report to author: Unknown flag for inv bitmask 22:20:56 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 450.145406] kernel msg: ebtables bug: please report to author: Unknown flag for inv bitmask [ 450.146595] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 450.161242] FAT-fs (loop1): Filesystem has been set read-only 22:20:56 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:56 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:56 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) readv(r0, &(0x7f00007b7fe0)=[{&(0x7f0000604000)=""/8, 0x8}], 0x1) r1 = getpgrp(0x0) r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r2, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r2, 0xffffffffffffff7f) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x0, 0x20}, 0xc) write$binfmt_misc(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="73797a31cadd7f9e2eaee0b5802f974246666f5117620de05ed1330ee426c14ee4410d0074008a0f19fffeb8030ef32d14b3e321ca14f632665fc0b4235307f783f643dc7a5b187754395ed442ce55663dd5b30e2cf06f150a4c16a961ace92b7e0b7909bd7ab4e6d00c70c1f7ea4832f9b1c67ecb2cd0bdceabd8d290978f19ebff8d613d332c81b1b1b22c14714e1703b51b383d359f4afb35cd7ccaa78aa471bae115239ac122b5fb6278b585e4653f76165eb18c429296bc1ce5561a2ced75628da7e5d7dd38b8ba32bf5127faced22275d7c080bd62591a7e7957c51a10e333eb727359"], 0x34000) write$binfmt_misc(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x1) r4 = syz_open_dev$usbmon(&(0x7f0000a63ff3)='/dev/usbmon#\x00', 0x0, 0x0) accept4$inet(r4, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x800) r5 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f000053b000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r6, 0x5452, &(0x7f0000008ff8)=0x3f) fcntl$setown(r6, 0x8, r1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000200)={r8, 0xc4c}, &(0x7f0000000240)=0x8) read$eventfd(r4, &(0x7f00000012c0), 0xa2) fcntl$setsig(r6, 0xa, 0x12) poll(&(0x7f0000b28fe0)=[{r7}], 0x1, 0xfffffffffffffff8) r9 = dup3(r6, r7, 0x0) ioctl$SIOCGIFMTU(r9, 0x8921, &(0x7f0000000080)) tkill(r5, 0x16) 22:20:56 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r1 = socket$inet_sctp(0x2, 0x1, 0x84) mkdir(&(0x7f0000c92000)='./file0\x00', 0x0) r2 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r3 = open$dir(&(0x7f0000000180)='./file0/bus\x00', 0x0, 0x0) writev(r2, &(0x7f00002c8000)=[{&(0x7f00007fbf5f)="b7", 0x1}], 0x1) r4 = dup(r3) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendto$inet(r1, &(0x7f0000029000)="c6", 0x1, 0x0, &(0x7f0000007ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r1, 0x1) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x70, &(0x7f0000018000)={0x0, @in6={{0xa}}}, &(0x7f0000000000)=0x8c) 22:20:56 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000080)=@getroute={0x14, 0x1a, 0x120, 0x70bd28, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1}, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) [ 450.312421] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 450.319700] FAT-fs (loop1): Filesystem has been set read-only 22:20:56 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:20:56 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004000002011076a439cc45300001800000015"]) 22:20:56 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653083", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:56 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653002", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:56 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:20:56 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:20:56 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\f', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 450.606614] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 450.613932] FAT-fs (loop1): Filesystem has been set read-only 22:20:56 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:56 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130722011076a439cc45300001800000015"]) 22:20:56 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 450.726879] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 450.734207] FAT-fs (loop1): Filesystem has been set read-only 22:20:56 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530fe", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:56 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:57 executing program 0: r0 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x3ff, 0x210000) syz_open_pts(r0, 0x80000) r1 = dup(0xffffffffffffff9c) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x100, 0x1000, 0x9, 0x0, 0x8, 0x70, 0xfffffffffffffff7, 0x400, 0x0, 0x3, 0x38, 0x4}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000000)) r3 = syz_open_pts(r2, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280)=0xe) ioctl$TCSETAF(r3, 0x5412, &(0x7f0000000080)) 22:20:57 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:20:57 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:20:57 executing program 4: ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:20:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:57 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:57 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:57 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") sigaltstack(&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000080)) setrlimit(0x100000000009, &(0x7f00000000c0)) r1 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x80000, 0x182) r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000001c0)='veno\x00', 0x5) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0xffffffffffffffff) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x8000, 0x0) ioctl$KDGKBLED(r3, 0x4b64, &(0x7f0000000040)) bind$inet6(r2, &(0x7f0000000200)={0xa, 0x4e21, 0x4, @mcast2={0xff, 0x2, [], 0x1}, 0x5}, 0x1c) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000001800)='/dev/full\x00', 0x200000, 0x0) bind$bt_rfcomm(r4, &(0x7f0000001840)={0x1f, {0xe3, 0x7, 0x6, 0x9, 0x9, 0x7}, 0xc4}, 0xa) 22:20:57 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:20:57 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130752011076a439cc45300001800000015"]) 22:20:57 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:57 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 451.695057] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 451.702321] FAT-fs (loop1): Filesystem has been set read-only [ 451.727239] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 451.734484] FAT-fs (loop1): Filesystem has been set read-only [ 451.735441] QAT: Invalid ioctl 22:20:57 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:20:57 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c653002", 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:57 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[]) 22:20:57 executing program 7: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0xffffffffffffffff, 0x3, 0x1, 0x1000, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}, 0x20) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000100)={0x1, 0x9, 0x5, 0x9, 0x7, 0xa1, 0x10001, 0x6, 0x3, 0x1, 0x834, 0x5}) r2 = socket$inet6(0xa, 0x80002, 0x0) r3 = getpgid(0xffffffffffffffff) fcntl$setown(r0, 0x8, r3) ioctl(r2, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000400)=""/191) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x40, 0x0) [ 451.875131] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:20:57 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000022011076a439cc45300001800000015"]) 22:20:57 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:20:58 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:20:58 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0d', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\t', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:58 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB]) 22:20:58 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:58 executing program 3: ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:20:58 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000024000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000002700ff1a000000000000000005000000ff00f90753fa82d51cd17803d1884b620000"], 0x18}, 0x1}, 0x0) 22:20:58 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:20:58 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000009702011076a439cc45300001800000015"]) 22:20:58 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a43"]) 22:20:58 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:58 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 452.249642] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'. [ 452.297706] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 452.305018] FAT-fs (loop1): Filesystem has been set read-only 22:20:58 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:20:58 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x101000, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f00000001c0)={{0x4, 0x380000000000000}, 'port1\x00', 0x60, 0x100800, 0xc7d, 0xc9, 0x0, 0x8, 0x4, 0x0, 0x1, 0x4}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000080)="26420f080f009200000000f2420f78f5bd0df3440f1a4544b805000000b977925a5f0f01c1c4e13de3c03e430f20deb9800000c00f3235004000000f30400fabb003000000430f019b00000000", 0x4d}], 0x1, 0x41, &(0x7f0000000140), 0x0) r5 = socket$inet6(0xa, 0x1, 0x0) ioctl(r5, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070") syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r6 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400, 0x0) epoll_wait(r6, &(0x7f0000000140)=[{}], 0x1, 0xffffffffd00b9c38) 22:20:58 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0743001002011076a439cc45300001800000015"]) 22:20:58 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc4530000"]) 22:20:58 executing program 0: ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 452.430584] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 452.437958] FAT-fs (loop1): Filesystem has been set read-only 22:20:58 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c6530ff", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530ff", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:58 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:58 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[]) 22:20:58 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc4530000180000"]) 22:20:58 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0fffff0002011076a439cc45300001800000015"]) 22:20:58 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:20:58 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:58 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc453000018000000"]) 22:20:58 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07b3001002011076a439cc45300001800000015"]) 22:20:58 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB]) 22:20:58 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[]) [ 452.800591] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 452.807955] FAT-fs (loop1): Filesystem has been set read-only [ 452.911320] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 452.918566] FAT-fs (loop1): Filesystem has been set read-only 22:20:59 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0fffff0002011076a439cc45300001800000015"]) 22:20:59 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\r', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:59 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07a0000002011076a439cc45300001800000015"]) 22:20:59 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB]) 22:20:59 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a43"]) 22:20:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530ff", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:59 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:59 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:20:59 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0060000002011076a439cc45300001800000015"]) 22:20:59 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a43"]) 22:20:59 executing program 4 (fault-call:1 fault-nth:0): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:20:59 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0d', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 453.216138] FAULT_INJECTION: forcing a failure. [ 453.216138] name failslab, interval 1, probability 0, space 0, times 0 [ 453.227483] CPU: 1 PID: 23048 Comm: syz-executor4 Not tainted 4.18.0-rc2+ #124 [ 453.234943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 453.244485] Call Trace: [ 453.247101] dump_stack+0x1c9/0x2b4 [ 453.250852] ? dump_stack_print_info.cold.2+0x52/0x52 [ 453.256093] ? __mutex_lock+0x7e8/0x1820 [ 453.260186] should_fail.cold.4+0xa/0x1a 22:20:59 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc4530000"]) 22:20:59 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0783001002011076a439cc45300001800000015"]) 22:20:59 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc4530000"]) 22:20:59 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\r', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 453.264291] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 453.269455] ? find_held_lock+0x36/0x1c0 [ 453.273543] ? graph_lock+0x170/0x170 [ 453.277376] ? find_held_lock+0x36/0x1c0 [ 453.281481] ? __lock_is_held+0xb5/0x140 [ 453.285581] ? check_same_owner+0x340/0x340 [ 453.289944] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 453.294909] ? rcu_note_context_switch+0x730/0x730 [ 453.299964] __should_failslab+0x124/0x180 [ 453.304236] should_failslab+0x9/0x14 [ 453.308070] kmem_cache_alloc_trace+0x2cb/0x780 [ 453.312861] ? rfcomm_session_get+0x2f0/0x3d0 [ 453.317394] rfcomm_dlc_alloc+0xb8/0x490 [ 453.317706] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 453.321470] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 453.321492] ? mutex_unlock+0xd/0x10 [ 453.321512] rfcomm_dev_ioctl+0x109a/0x2240 [ 453.321537] ? rfcomm_dev_state_change+0x150/0x150 [ 453.321561] ? __local_bh_enable_ip+0x161/0x230 [ 453.321582] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 453.321602] ? lock_sock_nested+0x9f/0x120 [ 453.328780] FAT-fs (loop1): Filesystem has been set read-only [ 453.333301] ? trace_hardirqs_on+0xd/0x10 [ 453.333314] ? __local_bh_enable_ip+0x161/0x230 [ 453.333332] rfcomm_sock_ioctl+0x89/0xb0 [ 453.333350] sock_do_ioctl+0xe4/0x3e0 [ 453.333369] ? compat_ifr_data_ioctl+0x170/0x170 [ 453.387740] ? lock_downgrade+0x8f0/0x8f0 [ 453.391917] ? kasan_check_read+0x11/0x20 [ 453.396086] ? rcu_is_watching+0x8c/0x150 [ 453.400254] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 453.404719] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 453.409935] sock_ioctl+0x30d/0x680 [ 453.413618] ? dlci_ioctl_set+0x40/0x40 [ 453.417624] ? match_held_lock+0x851/0x8d0 [ 453.421885] ? expand_files.part.8+0x9c0/0x9c0 [ 453.426581] ? kasan_check_write+0x14/0x20 [ 453.430839] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 453.435792] ? dlci_ioctl_set+0x40/0x40 [ 453.439805] do_vfs_ioctl+0x1de/0x1720 [ 453.443719] ? __lock_is_held+0xb5/0x140 [ 453.447803] ? ioctl_preallocate+0x300/0x300 [ 453.452264] ? __fget_light+0x2f7/0x440 [ 453.456260] ? fget_raw+0x20/0x20 [ 453.459737] ? __sb_end_write+0xac/0xe0 [ 453.463734] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 453.469287] ? fput+0x130/0x1a0 [ 453.472576] ? ksys_write+0x1ae/0x260 [ 453.476397] ? security_file_ioctl+0x94/0xc0 [ 453.480834] ksys_ioctl+0xa9/0xd0 [ 453.481988] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 453.484296] __x64_sys_ioctl+0x73/0xb0 [ 453.484316] do_syscall_64+0x1b9/0x820 [ 453.484331] ? finish_task_switch+0x1d3/0x890 [ 453.484347] ? syscall_return_slowpath+0x5e0/0x5e0 [ 453.484364] ? syscall_return_slowpath+0x31d/0x5e0 [ 453.484386] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 453.484407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 453.484429] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 453.484441] RIP: 0033:0x455a99 [ 453.484445] Code: 1d ba fb ff c3 66 2e [ 453.491635] FAT-fs (loop1): Filesystem has been set read-only [ 453.495450] 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 453.559123] RSP: 002b:00007f2c4c727c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 22:20:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:20:59 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:20:59 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc4530000180000"]) [ 453.566863] RAX: ffffffffffffffda RBX: 00007f2c4c7286d4 RCX: 0000000000455a99 [ 453.574124] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 453.581381] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 453.588644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 453.595912] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000000 22:20:59 executing program 4 (fault-call:1 fault-nth:1): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:20:59 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0100000002011076a439cc45300001800000015"]) 22:20:59 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc4530000180000"]) [ 453.721608] FAULT_INJECTION: forcing a failure. [ 453.721608] name failslab, interval 1, probability 0, space 0, times 0 [ 453.733148] CPU: 0 PID: 23080 Comm: syz-executor4 Not tainted 4.18.0-rc2+ #124 [ 453.740530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 453.749894] Call Trace: [ 453.752486] dump_stack+0x1c9/0x2b4 [ 453.756109] ? dump_stack_print_info.cold.2+0x52/0x52 [ 453.761320] ? debug_object_free+0x690/0x690 [ 453.765729] ? save_stack+0xa9/0xd0 [ 453.769348] should_fail.cold.4+0xa/0x1a [ 453.774016] ? ksys_ioctl+0xa9/0xd0 [ 453.777655] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 453.782764] ? find_held_lock+0x36/0x1c0 [ 453.786831] ? graph_lock+0x170/0x170 [ 453.790642] ? find_held_lock+0x36/0x1c0 [ 453.794825] ? __lock_is_held+0xb5/0x140 [ 453.798891] ? check_same_owner+0x340/0x340 [ 453.803226] ? rcu_read_lock_sched_held+0x108/0x120 [ 453.808250] ? rcu_note_context_switch+0x730/0x730 [ 453.813175] __should_failslab+0x124/0x180 [ 453.817417] should_failslab+0x9/0x14 [ 453.821221] kmem_cache_alloc_trace+0x2cb/0x780 [ 453.825979] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 453.830560] ? mutex_unlock+0xd/0x10 [ 453.834285] rfcomm_dev_ioctl+0x612/0x2240 [ 453.838535] ? rfcomm_dev_state_change+0x150/0x150 [ 453.843468] ? __local_bh_enable_ip+0x161/0x230 [ 453.848150] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 453.853165] ? lock_sock_nested+0x9f/0x120 [ 453.857407] ? trace_hardirqs_on+0xd/0x10 [ 453.861638] ? __local_bh_enable_ip+0x161/0x230 [ 453.866307] rfcomm_sock_ioctl+0x89/0xb0 [ 453.870360] sock_do_ioctl+0xe4/0x3e0 [ 453.874163] ? compat_ifr_data_ioctl+0x170/0x170 [ 453.878923] ? lock_downgrade+0x8f0/0x8f0 [ 453.883176] ? kasan_check_read+0x11/0x20 [ 453.887310] ? rcu_is_watching+0x8c/0x150 [ 453.891451] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 453.895859] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 453.901043] sock_ioctl+0x30d/0x680 [ 453.904668] ? dlci_ioctl_set+0x40/0x40 [ 453.908642] ? match_held_lock+0x851/0x8d0 [ 453.912884] ? expand_files.part.8+0x9c0/0x9c0 [ 453.917457] ? kasan_check_write+0x14/0x20 [ 453.921697] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 453.926634] ? dlci_ioctl_set+0x40/0x40 [ 453.930619] do_vfs_ioctl+0x1de/0x1720 [ 453.934500] ? __lock_is_held+0xb5/0x140 [ 453.938645] ? ioctl_preallocate+0x300/0x300 [ 453.943063] ? __fget_light+0x2f7/0x440 [ 453.947049] ? fget_raw+0x20/0x20 [ 453.950496] ? __sb_end_write+0xac/0xe0 [ 453.954476] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 453.960025] ? fput+0x130/0x1a0 [ 453.963306] ? ksys_write+0x1ae/0x260 [ 453.967118] ? security_file_ioctl+0x94/0xc0 [ 453.971522] ksys_ioctl+0xa9/0xd0 [ 453.974985] __x64_sys_ioctl+0x73/0xb0 [ 453.978898] do_syscall_64+0x1b9/0x820 [ 453.982772] ? finish_task_switch+0x1d3/0x890 [ 453.987254] ? syscall_return_slowpath+0x5e0/0x5e0 [ 453.992358] ? syscall_return_slowpath+0x31d/0x5e0 [ 453.997289] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 454.002649] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 454.007479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 454.012660] RIP: 0033:0x455a99 [ 454.015827] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 454.035045] RSP: 002b:00007f2c4c727c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 454.042741] RAX: ffffffffffffffda RBX: 00007f2c4c7286d4 RCX: 0000000000455a99 [ 454.050014] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 454.057284] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 454.064696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 454.071962] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000001 22:21:00 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0xffffffffffffffff) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") r1 = socket$inet(0x2, 0x3, 0x2) getsockopt(r1, 0x0, 0xd0, &(0x7f00000002c0)=""/203, &(0x7f0000000040)=0xcb) 22:21:00 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453000018000000"]) 22:21:00 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0p', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:00 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:00 executing program 4 (fault-call:1 fault-nth:2): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:00 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc453000018000000"]) 22:21:00 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00001307c2011076a439cc45300001800000015"]) [ 454.205765] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 454.213117] FAT-fs (loop1): Filesystem has been set read-only [ 454.230576] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 454.238073] FAT-fs (loop1): Filesystem has been set read-only [ 454.280687] FAULT_INJECTION: forcing a failure. [ 454.280687] name failslab, interval 1, probability 0, space 0, times 0 [ 454.292333] CPU: 0 PID: 23103 Comm: syz-executor4 Not tainted 4.18.0-rc2+ #124 [ 454.299713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 454.309064] Call Trace: [ 454.311670] dump_stack+0x1c9/0x2b4 [ 454.315316] ? dump_stack_print_info.cold.2+0x52/0x52 [ 454.320536] ? lock_release+0xa30/0xa30 [ 454.324531] ? check_same_owner+0x340/0x340 22:21:00 executing program 0 (fault-call:1 fault-nth:0): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 454.328877] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 454.334007] should_fail.cold.4+0xa/0x1a [ 454.338093] ? put_dec+0x3b/0xf0 [ 454.341486] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 454.346610] ? kasan_check_write+0x14/0x20 [ 454.350854] ? graph_lock+0x170/0x170 [ 454.354657] ? put_dec+0xf0/0xf0 [ 454.358042] ? format_decode+0x1b1/0xaf0 [ 454.362113] ? find_held_lock+0x36/0x1c0 [ 454.366183] ? __lock_is_held+0xb5/0x140 [ 454.370263] ? check_same_owner+0x340/0x340 [ 454.374608] ? rcu_note_context_switch+0x730/0x730 [ 454.379552] __should_failslab+0x124/0x180 [ 454.383778] should_failslab+0x9/0x14 [ 454.387570] kmem_cache_alloc_trace+0x2cb/0x780 [ 454.392253] tty_register_device_attr+0x1d4/0x730 [ 454.397095] ? __init_waitqueue_head+0x9e/0x150 [ 454.401786] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 454.406647] ? trace_event_raw_event_module_request+0x340/0x340 [ 454.412707] ? kasan_check_write+0x14/0x20 [ 454.416949] ? tty_port_init+0x1a3/0x260 [ 454.421022] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 454.426142] tty_port_register_device+0x3d/0x50 [ 454.430811] rfcomm_dev_ioctl+0x1bba/0x2240 [ 454.435142] ? rfcomm_dev_state_change+0x150/0x150 [ 454.440083] ? __local_bh_enable_ip+0x161/0x230 [ 454.444766] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 454.449804] ? lock_sock_nested+0x9f/0x120 [ 454.454044] ? trace_hardirqs_on+0xd/0x10 [ 454.458191] ? __local_bh_enable_ip+0x161/0x230 [ 454.462862] rfcomm_sock_ioctl+0x89/0xb0 [ 454.466918] sock_do_ioctl+0xe4/0x3e0 [ 454.470807] ? compat_ifr_data_ioctl+0x170/0x170 [ 454.475570] ? lock_downgrade+0x8f0/0x8f0 [ 454.479724] ? kasan_check_read+0x11/0x20 [ 454.483866] ? rcu_is_watching+0x8c/0x150 [ 454.488003] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 454.492417] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 454.497602] sock_ioctl+0x30d/0x680 [ 454.501221] ? dlci_ioctl_set+0x40/0x40 [ 454.505201] ? match_held_lock+0x851/0x8d0 [ 454.509446] ? expand_files.part.8+0x9c0/0x9c0 [ 454.514047] ? kasan_check_write+0x14/0x20 [ 454.518290] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 454.523218] ? dlci_ioctl_set+0x40/0x40 [ 454.527196] do_vfs_ioctl+0x1de/0x1720 [ 454.531080] ? __lock_is_held+0xb5/0x140 [ 454.535139] ? ioctl_preallocate+0x300/0x300 [ 454.539551] ? __fget_light+0x2f7/0x440 [ 454.543539] ? fget_raw+0x20/0x20 [ 454.546994] ? __sb_end_write+0xac/0xe0 [ 454.550976] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 454.556506] ? fput+0x130/0x1a0 [ 454.559775] ? ksys_write+0x1ae/0x260 [ 454.563566] ? security_file_ioctl+0x94/0xc0 [ 454.567978] ksys_ioctl+0xa9/0xd0 [ 454.571430] __x64_sys_ioctl+0x73/0xb0 [ 454.575328] do_syscall_64+0x1b9/0x820 [ 454.579219] ? finish_task_switch+0x1d3/0x890 [ 454.583731] ? syscall_return_slowpath+0x5e0/0x5e0 [ 454.588654] ? syscall_return_slowpath+0x31d/0x5e0 [ 454.593590] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 454.598979] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 454.603836] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 454.609029] RIP: 0033:0x455a99 [ 454.612214] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 454.631531] RSP: 002b:00007f2c4c727c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 454.639242] RAX: ffffffffffffffda RBX: 00007f2c4c7286d4 RCX: 0000000000455a99 [ 454.646514] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 454.653870] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 454.661139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 454.668409] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000002 [ 454.700256] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:00 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f06c0000002011076a439cc45300001800000015"]) [ 454.743896] FAULT_INJECTION: forcing a failure. [ 454.743896] name failslab, interval 1, probability 0, space 0, times 0 [ 454.755397] CPU: 0 PID: 23117 Comm: syz-executor0 Not tainted 4.18.0-rc2+ #124 [ 454.762772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 454.772173] Call Trace: [ 454.774798] dump_stack+0x1c9/0x2b4 [ 454.778452] ? dump_stack_print_info.cold.2+0x52/0x52 [ 454.783660] ? __mutex_lock+0x7e8/0x1820 [ 454.787745] should_fail.cold.4+0xa/0x1a [ 454.791836] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 454.798119] ? find_held_lock+0x36/0x1c0 [ 454.802202] ? graph_lock+0x170/0x170 [ 454.806031] ? find_held_lock+0x36/0x1c0 [ 454.810090] ? __lock_is_held+0xb5/0x140 [ 454.814146] ? check_same_owner+0x340/0x340 [ 454.818452] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 454.823379] ? rcu_note_context_switch+0x730/0x730 [ 454.828312] __should_failslab+0x124/0x180 [ 454.832543] should_failslab+0x9/0x14 [ 454.836330] kmem_cache_alloc_trace+0x2cb/0x780 [ 454.840995] ? rfcomm_session_get+0x2f0/0x3d0 [ 454.845485] rfcomm_dlc_alloc+0xb8/0x490 [ 454.849544] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 454.854112] ? mutex_unlock+0xd/0x10 [ 454.857823] rfcomm_dev_ioctl+0x109a/0x2240 [ 454.862145] ? rfcomm_dev_state_change+0x150/0x150 [ 454.867067] ? __local_bh_enable_ip+0x161/0x230 [ 454.871733] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 454.876732] ? lock_sock_nested+0x9f/0x120 [ 454.880965] ? trace_hardirqs_on+0xd/0x10 [ 454.885109] ? __local_bh_enable_ip+0x161/0x230 [ 454.889772] rfcomm_sock_ioctl+0x89/0xb0 [ 454.893823] sock_do_ioctl+0xe4/0x3e0 [ 454.897624] ? compat_ifr_data_ioctl+0x170/0x170 [ 454.902370] ? lock_downgrade+0x8f0/0x8f0 [ 454.906520] ? kasan_check_read+0x11/0x20 [ 454.910654] ? rcu_is_watching+0x8c/0x150 [ 454.914789] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 454.919213] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 454.924397] sock_ioctl+0x30d/0x680 [ 454.928023] ? dlci_ioctl_set+0x40/0x40 [ 454.931986] ? match_held_lock+0x851/0x8d0 [ 454.936210] ? expand_files.part.8+0x9c0/0x9c0 [ 454.940777] ? kasan_check_write+0x14/0x20 [ 454.944996] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 454.949930] ? dlci_ioctl_set+0x40/0x40 [ 454.953901] do_vfs_ioctl+0x1de/0x1720 [ 454.957786] ? __lock_is_held+0xb5/0x140 [ 454.961834] ? ioctl_preallocate+0x300/0x300 [ 454.966243] ? __fget_light+0x2f7/0x440 [ 454.970220] ? fget_raw+0x20/0x20 [ 454.973661] ? __sb_end_write+0xac/0xe0 [ 454.977635] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 454.983160] ? fput+0x130/0x1a0 [ 454.986424] ? ksys_write+0x1ae/0x260 [ 454.990304] ? security_file_ioctl+0x94/0xc0 [ 454.994701] ksys_ioctl+0xa9/0xd0 [ 454.998150] __x64_sys_ioctl+0x73/0xb0 [ 455.002039] do_syscall_64+0x1b9/0x820 [ 455.005927] ? syscall_slow_exit_work+0x500/0x500 [ 455.010767] ? syscall_return_slowpath+0x5e0/0x5e0 [ 455.015693] ? syscall_return_slowpath+0x31d/0x5e0 [ 455.020703] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 455.026063] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 455.030895] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 455.036071] RIP: 0033:0x455a99 [ 455.039240] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 455.058475] RSP: 002b:00007f974c624c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 455.066172] RAX: ffffffffffffffda RBX: 00007f974c6256d4 RCX: 0000000000455a99 [ 455.073607] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 455.080874] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 455.088128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 22:21:01 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 455.095393] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000000 22:21:01 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xb00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:01 executing program 3 (fault-call:1 fault-nth:0): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:01 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0xfdfffffffffffffd, 0x0, &(0x7f00000001c0)}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000001480)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca933f03cbf82bd13534737339245d31b0041be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf35a214a200421dcbc4cb6ee55476d8ead8882947ffa1fb4c050727beb12c57e06ff59") ioctl$SG_GET_NUM_WAITING(r1, 0xc0c0583b, &(0x7f0000000180)) 22:21:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:01 executing program 4 (fault-call:1 fault-nth:3): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 455.227573] FAULT_INJECTION: forcing a failure. [ 455.227573] name failslab, interval 1, probability 0, space 0, times 0 [ 455.239117] CPU: 1 PID: 23130 Comm: syz-executor4 Not tainted 4.18.0-rc2+ #124 [ 455.246580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.255947] Call Trace: [ 455.258552] dump_stack+0x1c9/0x2b4 [ 455.262188] ? dump_stack_print_info.cold.2+0x52/0x52 [ 455.267392] should_fail.cold.4+0xa/0x1a [ 455.271549] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 455.276142] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 455.281243] ? graph_lock+0x170/0x170 [ 455.285037] ? kernel_text_address+0x79/0xf0 [ 455.289445] ? __kernel_text_address+0xd/0x40 [ 455.293954] ? find_held_lock+0x36/0x1c0 [ 455.298006] ? __lock_is_held+0xb5/0x140 [ 455.302068] ? check_same_owner+0x340/0x340 [ 455.306381] ? sock_ioctl+0x30d/0x680 [ 455.310182] ? do_vfs_ioctl+0x1de/0x1720 [ 455.314227] ? ksys_ioctl+0xa9/0xd0 [ 455.317847] ? rcu_note_context_switch+0x730/0x730 [ 455.322767] __should_failslab+0x124/0x180 [ 455.326996] should_failslab+0x9/0x14 [ 455.330793] __kmalloc_track_caller+0x2c4/0x760 [ 455.335458] ? graph_lock+0x170/0x170 [ 455.339258] ? __lock_is_held+0xb5/0x140 [ 455.343311] ? kstrdup_const+0x66/0x80 [ 455.347365] kstrdup+0x39/0x70 [ 455.350546] kstrdup_const+0x66/0x80 [ 455.354251] kvasprintf_const+0x112/0x190 [ 455.358390] kobject_set_name_vargs+0x5b/0x150 [ 455.362964] dev_set_name+0xad/0xe0 [ 455.366581] ? device_initialize+0x5f0/0x5f0 [ 455.370992] tty_register_device_attr+0x2ca/0x730 [ 455.375825] ? __init_waitqueue_head+0x9e/0x150 [ 455.380483] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 455.385318] ? trace_event_raw_event_module_request+0x340/0x340 [ 455.391366] ? kasan_check_write+0x14/0x20 [ 455.395593] ? tty_port_init+0x1a3/0x260 [ 455.399645] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 455.404659] tty_port_register_device+0x3d/0x50 [ 455.409333] rfcomm_dev_ioctl+0x1bba/0x2240 [ 455.413646] ? rfcomm_dev_state_change+0x150/0x150 [ 455.418572] ? __local_bh_enable_ip+0x161/0x230 [ 455.423245] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 455.428254] ? lock_sock_nested+0x9f/0x120 [ 455.432478] ? trace_hardirqs_on+0xd/0x10 [ 455.436613] ? __local_bh_enable_ip+0x161/0x230 [ 455.441272] rfcomm_sock_ioctl+0x89/0xb0 [ 455.445333] sock_do_ioctl+0xe4/0x3e0 [ 455.449122] ? compat_ifr_data_ioctl+0x170/0x170 [ 455.453867] ? lock_downgrade+0x8f0/0x8f0 [ 455.458005] ? kasan_check_read+0x11/0x20 [ 455.462147] ? rcu_is_watching+0x8c/0x150 [ 455.466280] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 455.470680] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 455.475872] sock_ioctl+0x30d/0x680 [ 455.479489] ? dlci_ioctl_set+0x40/0x40 [ 455.483451] ? match_held_lock+0x851/0x8d0 [ 455.487675] ? expand_files.part.8+0x9c0/0x9c0 [ 455.492333] ? kasan_check_write+0x14/0x20 [ 455.496555] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 455.501476] ? dlci_ioctl_set+0x40/0x40 [ 455.505449] do_vfs_ioctl+0x1de/0x1720 [ 455.509324] ? __lock_is_held+0xb5/0x140 [ 455.513373] ? ioctl_preallocate+0x300/0x300 [ 455.517770] ? __fget_light+0x2f7/0x440 [ 455.521731] ? fget_raw+0x20/0x20 [ 455.525187] ? __sb_end_write+0xac/0xe0 [ 455.529154] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 455.534679] ? fput+0x130/0x1a0 [ 455.537947] ? ksys_write+0x1ae/0x260 [ 455.541736] ? security_file_ioctl+0x94/0xc0 [ 455.546131] ksys_ioctl+0xa9/0xd0 [ 455.549572] __x64_sys_ioctl+0x73/0xb0 [ 455.553446] do_syscall_64+0x1b9/0x820 [ 455.557319] ? syscall_slow_exit_work+0x500/0x500 [ 455.562159] ? syscall_return_slowpath+0x5e0/0x5e0 [ 455.567091] ? syscall_return_slowpath+0x31d/0x5e0 [ 455.572025] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 455.577385] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 455.582219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 455.587392] RIP: 0033:0x455a99 [ 455.590561] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 455.609803] RSP: 002b:00007f2c4c727c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 455.617500] RAX: ffffffffffffffda RBX: 00007f2c4c7286d4 RCX: 0000000000455a99 22:21:01 executing program 0 (fault-call:1 fault-nth:1): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:01 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0703001002011076a439cc45300001800000015"]) [ 455.624759] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 455.632021] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 455.639291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 455.646558] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000003 22:21:01 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:01 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/arp\x00') r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = syz_open_dev$tun(&(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller0\x00', 0x3}) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @multicast1=0xe0000001}, {}, 0x8000000000008, {0x2, 0x0, @multicast2=0xe0000002}, 'syzkaller0\x00'}) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") dup2(r0, r2) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) [ 455.744708] FAULT_INJECTION: forcing a failure. [ 455.744708] name failslab, interval 1, probability 0, space 0, times 0 [ 455.756115] CPU: 1 PID: 23139 Comm: syz-executor3 Not tainted 4.18.0-rc2+ #124 [ 455.763489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.772854] Call Trace: [ 455.775462] dump_stack+0x1c9/0x2b4 [ 455.779117] ? dump_stack_print_info.cold.2+0x52/0x52 [ 455.784325] ? __mutex_lock+0x7e8/0x1820 [ 455.788412] ? _raw_spin_unlock+0x22/0x30 22:21:01 executing program 4 (fault-call:1 fault-nth:4): r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 455.792589] should_fail.cold.4+0xa/0x1a [ 455.796692] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 455.801829] ? find_held_lock+0x36/0x1c0 [ 455.805916] ? graph_lock+0x170/0x170 [ 455.809839] ? find_held_lock+0x36/0x1c0 [ 455.811811] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 455.813925] ? __lock_is_held+0xb5/0x140 [ 455.813957] ? check_same_owner+0x340/0x340 [ 455.813976] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 455.813992] ? rcu_note_context_switch+0x730/0x730 [ 455.814018] __should_failslab+0x124/0x180 [ 455.821163] FAT-fs (loop1): Filesystem has been set read-only [ 455.825171] should_failslab+0x9/0x14 [ 455.825189] kmem_cache_alloc_trace+0x2cb/0x780 [ 455.825205] ? rfcomm_session_get+0x2f0/0x3d0 [ 455.825232] rfcomm_dlc_alloc+0xb8/0x490 [ 455.866549] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 455.871150] ? mutex_unlock+0xd/0x10 [ 455.874896] rfcomm_dev_ioctl+0x109a/0x2240 [ 455.879253] ? rfcomm_dev_state_change+0x150/0x150 [ 455.884211] ? __local_bh_enable_ip+0x161/0x230 [ 455.885931] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 455.888893] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 455.888908] ? lock_sock_nested+0x9f/0x120 [ 455.888924] ? trace_hardirqs_on+0xd/0x10 [ 455.888939] ? __local_bh_enable_ip+0x161/0x230 [ 455.888961] rfcomm_sock_ioctl+0x89/0xb0 [ 455.888979] sock_do_ioctl+0xe4/0x3e0 [ 455.888995] ? compat_ifr_data_ioctl+0x170/0x170 [ 455.889014] ? lock_downgrade+0x8f0/0x8f0 [ 455.889034] ? kasan_check_read+0x11/0x20 [ 455.889047] ? rcu_is_watching+0x8c/0x150 [ 455.889064] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 455.896231] FAT-fs (loop1): Filesystem has been set read-only [ 455.901201] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 455.901218] sock_ioctl+0x30d/0x680 [ 455.901231] ? dlci_ioctl_set+0x40/0x40 [ 455.901251] ? match_held_lock+0x851/0x8d0 [ 455.964397] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 455.966908] ? expand_files.part.8+0x9c0/0x9c0 [ 455.966928] ? kasan_check_write+0x14/0x20 [ 455.966945] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 455.966966] ? dlci_ioctl_set+0x40/0x40 [ 455.966982] do_vfs_ioctl+0x1de/0x1720 [ 455.966999] ? __lock_is_held+0xb5/0x140 [ 455.967014] ? ioctl_preallocate+0x300/0x300 [ 455.967027] ? __fget_light+0x2f7/0x440 [ 455.967039] ? fget_raw+0x20/0x20 [ 455.967055] ? __sb_end_write+0xac/0xe0 [ 455.967076] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 456.021276] ? fput+0x130/0x1a0 [ 456.024569] ? ksys_write+0x1ae/0x260 [ 456.028386] ? security_file_ioctl+0x94/0xc0 [ 456.032814] ksys_ioctl+0xa9/0xd0 [ 456.036283] __x64_sys_ioctl+0x73/0xb0 [ 456.040190] do_syscall_64+0x1b9/0x820 [ 456.044101] ? finish_task_switch+0x1d3/0x890 [ 456.048679] ? syscall_return_slowpath+0x5e0/0x5e0 [ 456.053602] ? syscall_return_slowpath+0x31d/0x5e0 [ 456.058527] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 456.063889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 456.068732] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 456.073921] RIP: 0033:0x455a99 [ 456.077112] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.096442] RSP: 002b:00007f2fd4035c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 456.104142] RAX: ffffffffffffffda RBX: 00007f2fd40366d4 RCX: 0000000000455a99 [ 456.111416] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 456.118682] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 456.125946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 456.133725] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000000 [ 456.142252] FAULT_INJECTION: forcing a failure. [ 456.142252] name failslab, interval 1, probability 0, space 0, times 0 [ 456.153596] CPU: 1 PID: 23146 Comm: syz-executor0 Not tainted 4.18.0-rc2+ #124 [ 456.161321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 456.170772] Call Trace: [ 456.173370] dump_stack+0x1c9/0x2b4 [ 456.176987] ? dump_stack_print_info.cold.2+0x52/0x52 [ 456.182166] ? debug_object_free+0x690/0x690 [ 456.186915] ? save_stack+0xa9/0xd0 [ 456.190538] should_fail.cold.4+0xa/0x1a [ 456.194588] ? ksys_ioctl+0xa9/0xd0 [ 456.198321] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 456.203445] ? find_held_lock+0x36/0x1c0 [ 456.207513] ? graph_lock+0x170/0x170 [ 456.211320] ? find_held_lock+0x36/0x1c0 [ 456.215375] ? __lock_is_held+0xb5/0x140 [ 456.219439] ? check_same_owner+0x340/0x340 [ 456.223755] ? rcu_read_lock_sched_held+0x108/0x120 [ 456.228777] ? rcu_note_context_switch+0x730/0x730 [ 456.233711] __should_failslab+0x124/0x180 [ 456.237957] should_failslab+0x9/0x14 [ 456.241762] kmem_cache_alloc_trace+0x2cb/0x780 [ 456.246421] ? rfcomm_security_cfm+0x3b0/0x3b0 [ 456.251004] ? mutex_unlock+0xd/0x10 [ 456.254725] rfcomm_dev_ioctl+0x612/0x2240 [ 456.258964] ? rfcomm_dev_state_change+0x150/0x150 [ 456.264011] ? __local_bh_enable_ip+0x161/0x230 [ 456.268787] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 456.273805] ? lock_sock_nested+0x9f/0x120 [ 456.278128] ? trace_hardirqs_on+0xd/0x10 [ 456.282268] ? __local_bh_enable_ip+0x161/0x230 [ 456.286937] rfcomm_sock_ioctl+0x89/0xb0 [ 456.290999] sock_do_ioctl+0xe4/0x3e0 [ 456.294812] ? compat_ifr_data_ioctl+0x170/0x170 [ 456.299583] ? lock_downgrade+0x8f0/0x8f0 [ 456.303733] ? kasan_check_read+0x11/0x20 [ 456.307868] ? rcu_is_watching+0x8c/0x150 [ 456.312005] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 456.316418] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 456.321603] sock_ioctl+0x30d/0x680 [ 456.325220] ? dlci_ioctl_set+0x40/0x40 [ 456.329183] ? match_held_lock+0x851/0x8d0 [ 456.333404] ? expand_files.part.8+0x9c0/0x9c0 [ 456.337975] ? kasan_check_write+0x14/0x20 [ 456.342206] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 456.347146] ? dlci_ioctl_set+0x40/0x40 [ 456.351107] do_vfs_ioctl+0x1de/0x1720 [ 456.354984] ? __lock_is_held+0xb5/0x140 [ 456.359038] ? ioctl_preallocate+0x300/0x300 [ 456.363433] ? __fget_light+0x2f7/0x440 [ 456.367404] ? fget_raw+0x20/0x20 [ 456.370861] ? __sb_end_write+0xac/0xe0 [ 456.374829] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 456.380356] ? fput+0x130/0x1a0 [ 456.383629] ? ksys_write+0x1ae/0x260 [ 456.387435] ? security_file_ioctl+0x94/0xc0 [ 456.391840] ksys_ioctl+0xa9/0xd0 [ 456.395298] __x64_sys_ioctl+0x73/0xb0 [ 456.399184] do_syscall_64+0x1b9/0x820 [ 456.403061] ? syscall_return_slowpath+0x5e0/0x5e0 [ 456.407981] ? syscall_return_slowpath+0x31d/0x5e0 [ 456.412913] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 456.418269] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 456.423113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 456.428295] RIP: 0033:0x455a99 [ 456.431476] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.450726] RSP: 002b:00007f974c624c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 456.458430] RAX: ffffffffffffffda RBX: 00007f974c6256d4 RCX: 0000000000455a99 [ 456.465695] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 456.472958] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 456.480228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 456.487591] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000001 [ 456.497521] FAULT_INJECTION: forcing a failure. [ 456.497521] name failslab, interval 1, probability 0, space 0, times 0 [ 456.509252] CPU: 0 PID: 23155 Comm: syz-executor4 Not tainted 4.18.0-rc2+ #124 [ 456.516724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 456.526093] Call Trace: [ 456.528711] dump_stack+0x1c9/0x2b4 [ 456.532357] ? dump_stack_print_info.cold.2+0x52/0x52 [ 456.537564] ? graph_lock+0x170/0x170 [ 456.541391] should_fail.cold.4+0xa/0x1a 22:21:02 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000012011076a439cc45300001800000015"]) 22:21:02 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:02 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 456.545474] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 456.550600] ? __lock_is_held+0xb5/0x140 [ 456.554687] ? graph_lock+0x170/0x170 [ 456.558498] ? __lockdep_init_map+0x105/0x590 [ 456.563101] ? find_held_lock+0x36/0x1c0 [ 456.567180] ? __lock_is_held+0xb5/0x140 [ 456.571260] ? check_same_owner+0x340/0x340 [ 456.575576] ? update_pm_runtime_accounting+0x1b0/0x1b0 [ 456.580951] ? rcu_note_context_switch+0x730/0x730 [ 456.585901] __should_failslab+0x124/0x180 [ 456.590149] should_failslab+0x9/0x14 [ 456.593966] kmem_cache_alloc_trace+0x2cb/0x780 [ 456.598647] ? refcount_add_not_zero+0x330/0x330 [ 456.603415] device_private_init+0x9f/0x240 [ 456.607741] ? virtual_device_parent+0x60/0x60 [ 456.612338] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 456.617890] device_add+0xef7/0x16f0 [ 456.621606] ? kobject_set_name_vargs+0x100/0x150 [ 456.626456] ? dev_set_name+0xad/0xe0 [ 456.630270] ? device_private_init+0x240/0x240 [ 456.634861] device_register+0x1d/0x20 [ 456.638765] tty_register_device_attr+0x35b/0x730 [ 456.643606] ? __init_waitqueue_head+0x9e/0x150 [ 456.648292] ? hung_up_tty_compat_ioctl+0x40/0x40 [ 456.653159] ? trace_event_raw_event_module_request+0x340/0x340 [ 456.659230] ? kasan_check_write+0x14/0x20 [ 456.663462] ? tty_port_init+0x1a3/0x260 [ 456.667518] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 456.672536] tty_port_register_device+0x3d/0x50 [ 456.677218] rfcomm_dev_ioctl+0x1bba/0x2240 [ 456.681546] ? rfcomm_dev_state_change+0x150/0x150 [ 456.686507] ? __local_bh_enable_ip+0x161/0x230 [ 456.691171] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 456.696178] ? lock_sock_nested+0x9f/0x120 [ 456.700428] ? trace_hardirqs_on+0xd/0x10 [ 456.704562] ? __local_bh_enable_ip+0x161/0x230 [ 456.709225] rfcomm_sock_ioctl+0x89/0xb0 [ 456.713290] sock_do_ioctl+0xe4/0x3e0 [ 456.717084] ? compat_ifr_data_ioctl+0x170/0x170 [ 456.721847] ? lock_downgrade+0x8f0/0x8f0 [ 456.725988] ? kasan_check_read+0x11/0x20 [ 456.730144] ? rcu_is_watching+0x8c/0x150 [ 456.734292] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 456.738707] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 456.743909] sock_ioctl+0x30d/0x680 [ 456.747532] ? dlci_ioctl_set+0x40/0x40 [ 456.751497] ? match_held_lock+0x851/0x8d0 [ 456.755723] ? expand_files.part.8+0x9c0/0x9c0 [ 456.760393] ? kasan_check_write+0x14/0x20 [ 456.764618] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 456.769544] ? dlci_ioctl_set+0x40/0x40 [ 456.773562] do_vfs_ioctl+0x1de/0x1720 [ 456.777466] ? __lock_is_held+0xb5/0x140 [ 456.781532] ? ioctl_preallocate+0x300/0x300 [ 456.785929] ? __fget_light+0x2f7/0x440 [ 456.789890] ? fget_raw+0x20/0x20 [ 456.793338] ? __sb_end_write+0xac/0xe0 [ 456.798082] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 456.803613] ? fput+0x130/0x1a0 [ 456.806887] ? ksys_write+0x1ae/0x260 [ 456.810687] ? security_file_ioctl+0x94/0xc0 [ 456.815175] ksys_ioctl+0xa9/0xd0 [ 456.818615] __x64_sys_ioctl+0x73/0xb0 [ 456.822506] do_syscall_64+0x1b9/0x820 [ 456.826406] ? syscall_slow_exit_work+0x500/0x500 [ 456.831238] ? syscall_return_slowpath+0x5e0/0x5e0 [ 456.836158] ? syscall_return_slowpath+0x31d/0x5e0 [ 456.841096] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 456.846472] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 456.851321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 456.856495] RIP: 0033:0x455a99 [ 456.859675] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.878923] RSP: 002b:00007f2c4c727c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 456.886630] RAX: ffffffffffffffda RBX: 00007f2c4c7286d4 RCX: 0000000000455a99 22:21:02 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8600) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:02 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 456.893980] RDX: 0000000020000080 RSI: 00000000400452c8 RDI: 0000000000000014 [ 456.901246] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 456.908500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 456.915766] R13: 00000000004bda7e R14: 00000000004cbda8 R15: 0000000000000004 22:21:03 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x829f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}) r2 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x5, 0x802) setsockopt$inet_tcp_buf(r2, 0x6, 0x3f, &(0x7f0000000180)="33e4830f89f0f98795f1168b2d90a078d8", 0x11) r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0xfffffffffffffff9, 0x0) ioctl$PPPIOCSMRU(r3, 0x40047452, &(0x7f0000000100)=0x9) ioctl$TIOCGLCKTRMIOS(r1, 0x5412, &(0x7f0000000000)={0xffffffff}) 22:21:03 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:03 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5460, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:03 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007400002011076a439cc45300001800000015"]) 22:21:03 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 457.168021] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 457.175350] FAT-fs (loop1): Filesystem has been set read-only 22:21:03 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8907, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:03 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07d3001002011076a439cc45300001800000015"]) 22:21:03 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)="2e2f66696c65308c", 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:03 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x2ee8c) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:03 executing program 7: r0 = socket(0xa, 0x1, 0x0) ioctl(r0, 0x1ff, &(0x7f0000000240)="c626262c8523bf012cf66f") unshare(0x400) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) getxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='system.sockprotoname\x00', &(0x7f0000000100)=""/34, 0xa2) read(r0, &(0x7f00000001c0)=""/77, 0x4d) r2 = msgget$private(0x0, 0x10) sysfs$3(0x3) msgctl$IPC_RMID(r2, 0x0) getsockopt$llc_int(r1, 0x10c, 0x6, &(0x7f0000000180), &(0x7f0000000040)=0x4) [ 457.294181] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 457.301413] FAT-fs (loop1): Filesystem has been set read-only 22:21:03 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5460, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:03 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a0, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 457.395720] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:03 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0793001002011076a439cc45300001800000015"]) 22:21:03 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:03 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d3, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:03 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3000000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:03 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x541b, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:03 executing program 7: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1bc}, 0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=0x0, &(0x7f0000000040)=0x4) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x98000, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x100, 0x0) renameat(r2, &(0x7f0000000140)='./file0\x00', r3, &(0x7f00000001c0)='./file0\x00') setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r1}, 0x14) 22:21:03 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8903, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:03 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130702011076a439cc45300001800000015"]) [ 457.676670] sctp: [Deprecated]: syz-executor7 (pid 23249) Use of int in maxseg socket option. [ 457.676670] Use struct sctp_assoc_value instead 22:21:03 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xfe63) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:03 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c9, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 457.719164] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 457.726443] FAT-fs (loop1): Filesystem has been set read-only 22:21:03 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130712011076a439cc45300001800000015"]) 22:21:03 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5451, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:03 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8983, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:03 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x7) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 457.780937] sctp: [Deprecated]: syz-executor7 (pid 23262) Use of int in maxseg socket option. [ 457.780937] Use struct sctp_assoc_value instead [ 457.783928] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 457.801494] FAT-fs (loop1): Filesystem has been set read-only 22:21:03 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8940, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 457.962978] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:04 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0189436, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:04 executing program 7: setrlimit(0x0, &(0x7f0000000040)={0x14, 0x80000000000008b}) pipe(&(0x7f0000001140)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet(0x2, 0x4, 0xb8c0000000000000) ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f0000000000)=0x3) ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f0000000300)=""/14) getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000340)={@loopback, 0x0}, &(0x7f0000000380)=0x14) bind$bt_hci(r0, &(0x7f00000003c0)={0x1f, r2, 0x3}, 0xc) r3 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x44000) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=0x0, &(0x7f0000000180)=0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f00000001c0)={r4, @in={{0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}}, [0x80000000, 0x6b, 0x101, 0x5, 0x5, 0x3, 0x7, 0xfffffffffffffff9, 0x1, 0x40, 0x1, 0x9, 0x4dc, 0x8000, 0x1]}, &(0x7f00000002c0)=0x100) lookup_dcookie(0x7fffffff, &(0x7f0000000440)=""/211, 0xd3) fcntl$F_GET_RW_HINT(r3, 0x40b, &(0x7f0000000400)) write$cgroup_type(r0, &(0x7f0000000080)='threaded\x00', 0x9) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x7f, 0x3}) 22:21:04 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x4010040c000) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:04 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8940, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:04 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000001f2011076a439cc45300001800000015"]) 22:21:04 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8903, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:04 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x4000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:04 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a0, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:04 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0480000002011076a439cc45300001800000015"]) 22:21:04 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:04 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) fcntl$addseals(r2, 0x409, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:04 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:04 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3f00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 458.225563] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 458.232848] FAT-fs (loop1): Filesystem has been set read-only 22:21:04 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)) r2 = eventfd(0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000100)={0x3, r2}) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000340)={0x3, 0xffffffffffffffff, 0x1}) 22:21:04 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5452, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:04 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0680000002011076a439cc45300001800000015"]) [ 458.368528] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 458.375914] FAT-fs (loop1): Filesystem has been set read-only 22:21:04 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8981, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 458.465367] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:04 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:04 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000004c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f0000000580)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) syz_mount_image$hfs(&(0x7f0000000140)='hfs\x00', &(0x7f0000000180)='./file0/file0\x00', 0x8000, 0x3, &(0x7f0000000400)=[{&(0x7f00000001c0)="41b4319ded28dffc9580f458ba4fc071c5c1d0009488b912c25e24465ab4e5efbc6c033d22c05590e89be8feabeafd2eb1d11a8233d78cdf8bd94671d3aa91db8ddf06a0cbe099d69f6b79c5d70251e9c699239f39108e07a988a46f6c0a623f345482634ca0d2abfbfe238d3f053f768076c00946b91e14cb4176e4f5dd134baf3c660f452f5e6fa8d7010fa6dffbec531062b83aff48d8a42e948d1118bc8f73e27515", 0xa4, 0xffffffffffff7695}, {&(0x7f0000000280)="6e978b383282ea903a57112e0adda6a78dd83f65582f0bbfe11f21f45c68f3ffb71517e9df1336f83064ea24dcc8eb959c756a82858a54529b47439ede539df313051c6c5b83f83196fad9a1d6cc46600eeb3a9e567039d4196d229ff26db3056fc516205e8478250551fda3187ff3bf02f97a7e5533de5109315fbdb48e6e3b1d7921211998f9836b93f509140c", 0x8e, 0x1}, {&(0x7f0000000340)="bd51bf31c1daec304da5e21f3a24d52d82520ae55ccca851e257d2d9680d1d9b72c90ea64c4308b9a9f99356459a2e52fea9a58f5cc175597afa2ff44e33af218c6b9cb1a255cdfdba1d7ec3dc1d0cf174589d944b4f94d818e2a7dea987348a294c0385d181ed345bb5c5cfdd05e7f9dc569fb203dda19bbe6e02fbabd5925a5012a31443931ca02a1d5015e67e6b28e7050df9dbbbeef0411d888b000d5de8c7da19e804f03b56f5b351645a1e938eff95947e4246dcb3395a64d761a0cc", 0xbf, 0x1}], 0x1000080, &(0x7f0000000480)={[{@session={'session', 0x3d, [0x31, 0x33, 0x39]}, 0x2c}]}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:04 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x63fe000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:04 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5452, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:04 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006800002011076a439cc45300001800000015"]) 22:21:04 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8906, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:04 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:04 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045878, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:04 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0xffffffff) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:04 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x5) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:04 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8940, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:04 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8941, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:04 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000700002011076a439cc45300001800000015"]) 22:21:05 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045877, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 458.917395] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 458.924727] FAT-fs (loop1): Filesystem has been set read-only 22:21:05 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:05 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8904, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 459.031856] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 459.039144] FAT-fs (loop1): Filesystem has been set read-only 22:21:05 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8941, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:05 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0740000002011076a439cc45300001800000015"]) 22:21:05 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000180)={0x8, {0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e22, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x20, 0x0, 0x80000000, 0x400, 0x1, &(0x7f0000000140)='veth1_to_bond\x00', 0x8, 0x4a, 0xffffffff80000001}) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) ioctl$KDSETLED(r2, 0x4b32, 0xbccd) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000240)=[@in={0x2, 0x4e22}, @in6={0xa, 0x4e23, 0x6c, @local={0xfe, 0x80, [], 0xaa}, 0x9044}, @in6={0xa, 0x4e22, 0x8, @mcast1={0xff, 0x1, [], 0x1}, 0x101}, @in6={0xa, 0x4e23, 0x2, @remote={0xfe, 0x80, [], 0xbb}, 0xe95b}, @in6={0xa, 0x4e20, 0x7c8, @remote={0xfe, 0x80, [], 0xbb}, 0xab}, @in6={0xa, 0x4e24, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0x4}, @in={0x2, 0x4e22, @multicast2=0xe0000002}, @in6={0xa, 0x4e24, 0x2, @mcast1={0xff, 0x1, [], 0x1}, 0x6}, @in={0x2, 0x4e23, @loopback=0x7f000001}, @in6={0xa, 0x4e24, 0x2030, @mcast1={0xff, 0x1, [], 0x1}}], 0xf4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 459.186235] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c65308c", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:05 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x9c82020000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:05 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x4020940d, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:05 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:05 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00001307a2011076a439cc45300001800000015"]) 22:21:05 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x40049409, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:05 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8980, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:05 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8980, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:05 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0763001002011076a439cc45300001800000015"]) 22:21:05 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a0, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:05 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5460, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:05 executing program 6: r0 = syz_open_dev$evdev(&(0x7f00000001c0)='/dev/input/event#\x00', 0xa07, 0x0) sysfs$2(0x2, 0x1f, &(0x7f0000000200)=""/249) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) r3 = request_key(&(0x7f0000000300)='.request_key_auth\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000400)='/dev/input/event#\x00', 0xfffffffffffffff9) r4 = add_key(&(0x7f0000000dc0)='rxrpc\x00', &(0x7f0000000e00)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000e40)="af3e1d106d59ceaaa35cab3165a4fea1b60844bc97788a0f451f65071f61ebc17771f149617a2d961742af9c1f7b8b998e9c95b5cdbec8313aeb0ccda77aa6bc026f76e8f3d0235aa42bebde0f6a84d66ea30a516d26d28c8752b3429c3ba5e3073d1fa4bc64e3cb5400ec326d9733a10ed33346ec4f98f5165cff748c2cfebab8256945531ed013aa5b6545c95568b26aeabb58c2bbb166447a3aeeacf6ba80e5adb3e662de6dd3f7a5c7ef79486a52f6168ecce99dfc9be9ee8b26e4987b1046506c116f0aa0345d97a8d1e708", 0xce, 0xfffffffffffffffa) keyctl$instantiate_iov(0x14, r3, &(0x7f0000000d80)=[{&(0x7f0000000440)="6695903af013cfa405a8e75ed33b317b4d99d708469633e27e6e0a7ced29c99089a9c4977e711e60b53e9ce733435e747adbec7421d487bad0e096b0c5c365c6a3442c1e0799c8f6b3e9fad5db0f10cce65e1832ccdce0f27d6f85f6acff1aff7b706f9966e77e06cf4361043b4aeba137d3ceacb58943aef94e532304b5961f87a9fd26a146bc9c03a9916d881a9557cca6f00cff105c19989386056c110f459175bd024c2c60a77fde8b099520b40f13013a4a0669c5ef3906b1db202c0fcd611468f33cf567865ce8888f992169282eabdb5f15cce306ad6eae321d66ab47", 0xe0}, {&(0x7f0000000540)="d365aac733b302e3f6a369865beaf17f7519501857dce6fc06e1ab1ab70f22fb95d005adb8ec42b4847b97e813c0bd704041bde4af6e67e4c68431", 0x3b}, {&(0x7f0000000580)="7fb361682e3d01f3d31403f5fe67faafd6b3e524eea1376ecb8cf860a325f0176c21fda00c88ece1418ae4396abb717232fc2e190c5c065cc5094e825bfc270384464e3f9760aa29c7b2b3e085748d87c395372b323e4b7b2707166d73aacf41bc8c", 0x62}, {&(0x7f0000000c80)="7197ab373fca3bfcb40b2aa51d4e0e8f7e7ab9e93581b6bd7e8cc8ce6ea696655d0b195037f4b0100254776d836189f3bcade40fcb09809a23b8691a995826d7fd0f04494de782de51a6ff1d1367bc290e44502fc306c518f33ddc7a465e8cf50600e6dbf8a5f84ea71523b4dd60cec77efabdc5eaca5f1c4a35ab44c181665fdab54ab4a544df5fb89ee5844e757a96023e409391c0dbb9d5ad669e3ec29c851c0b857875ea48f3e0a425fe34363b899664f4cf0311b3fe39f0897e2d8d4b46031009948cc6ea8fe5a2dee966160e4fc9dbf608ac1f07b4e62f3a52d9c88d6909202caa626df0ad56972da251", 0xed}], 0x4, r4) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) getsockname$llc(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x10) ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000180)={0x10001, 0x8}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000140)={0x40000000}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) write$binfmt_aout(r1, &(0x7f0000000640)={{0x10b, 0x6, 0x7ff, 0x3af, 0x17c, 0xffffffffffff8000, 0x362, 0x1}, "4d3119bb8caa", [[], [], [], [], [], []]}, 0x626) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:05 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 459.482712] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 459.490082] FAT-fs (loop1): Filesystem has been set read-only 22:21:05 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 459.556230] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 459.563527] FAT-fs (loop1): Filesystem has been set read-only 22:21:05 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c9, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:05 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530aa", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:05 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000e0872011076a439cc45300001800000015"]) 22:21:05 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x540, 0x0) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x10000bb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:05 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x900000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:05 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:05 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8902, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:05 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c9, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:05 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x89a1, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:05 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000032011076a439cc45300001800000015"]) [ 459.988469] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 459.995714] FAT-fs (loop1): Filesystem has been set read-only 22:21:06 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:06 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5421, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:06 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x5000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:06 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8901, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:06 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5411, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:06 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000072011076a439cc45300001800000015"]) 22:21:06 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5450, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) [ 460.159301] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 460.166578] FAT-fs (loop1): Filesystem has been set read-only 22:21:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:06 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xcad, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070") r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000004c0)}, 0x0, 0x0, 0x0, 0xb}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @rand_addr}, 0x10) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x500, 0x875, 0x100000000, 0x0, 0x7f, 0xecd, 0x7, 0x8, 0x3, 0x8, 0x200, 0xfffffffffffffff9, 0x0, 0x0, 0x6, 0xee8, 0x401, 0x200, 0x2}) 22:21:06 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x0, 0x200000000) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:06 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x894c, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:06 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8cffffff) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:06 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00001307b2011076a439cc45300001800000015"]) 22:21:06 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d3, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:06 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8906, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:06 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) fsync(r0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x400, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, &(0x7f0000000100)=""/82, &(0x7f0000000180)=""/117, &(0x7f00000003c0)=""/240, 0x4}) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x1, 0x0) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f0000000080)) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000002c0)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x5}, {0x0, 0xfdfdffff}]}) 22:21:06 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5421, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 460.533747] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 460.541266] FAT-fs (loop1): Filesystem has been set read-only 22:21:06 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0001f00002011076a439cc45300001800000015"]) 22:21:06 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x4) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:06 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x40049409, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:06 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xa000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 460.630819] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 460.638133] FAT-fs (loop1): Filesystem has been set read-only 22:21:06 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8901, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:06 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8904, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 460.782196] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:06 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0773001002011076a439cc45300001800000015"]) 22:21:06 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$TIOCNOTTY(r2, 0x5422) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:06 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0001f00002011076a439cc45300001800000015"]) 22:21:06 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x9c820200) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:06 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5452, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:06 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8906, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:06 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:07 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045877, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:07 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f04c0000002011076a439cc45300001800000015"]) 22:21:07 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8983, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:07 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc04104000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:07 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) acct(&(0x7f0000000180)='.\x00') write$cgroup_type(r2, &(0x7f0000000140)='threaded\x00', 0x9) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 461.086111] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 461.093409] FAT-fs (loop1): Filesystem has been set read-only 22:21:07 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8981, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:07 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8907, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:07 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0003f00002011076a439cc45300001800000015"]) [ 461.197873] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 461.205254] FAT-fs (loop1): Filesystem has been set read-only [ 461.248697] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:07 executing program 7: r0 = socket$inet6_sctp(0xa, 0x100001, 0x84) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000000b87321000000000400000000000000", @ANYRES32=r0, @ANYBLOB="00000000060000000000000000000000000000000000000000000000", @ANYRES32=r0, @ANYBLOB="00000000010400000000000001000000000000000000000000000000f0ed750e86aacb667c80ef2ce408f24ec20c971c77d90a558ac26ae794996d0fd6c767fbae06dd17a5a4129e4b2d355a802924a2b1e8093f5145238d38fafec1932c97610d902c7e21ed8d3f31d0f7c22b8409000000c172a76825d28ae363c92e85134a7b56fa00745cf476fb125c667247f5955648a51d739845a6f8e1", @ANYRES32=r0, @ANYBLOB='\x00\x00\a\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="00000000040000000000000000000000000000000000000000000000"]) sendto$inet6(r0, &(0x7f0000ab7000)="97", 0x1, 0x0, &(0x7f0000ab8000)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c) sendto(r0, &(0x7f0000198f30)="c7", 0x1, 0x0, &(0x7f0000acd000)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x80) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x7d, &(0x7f0000aba000)=@assoc_value, &(0x7f0000ac5000)=0x8) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) r2 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x0, 0x80000) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f00000002c0)={0x9, 0x2, 0x40}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)=0x0) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x0, 0x0) fchdir(r2) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r4, 0x2) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r1, r3, 0x7, r0, &(0x7f00000000c0)={r5, r0, 0x1a4}) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000300)={{{@in, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@dev}}, &(0x7f0000000400)=0xe8) getresuid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)) getresuid(&(0x7f0000000500)=0x0, &(0x7f0000000540), &(0x7f0000000580)) setresuid(r6, r7, r8) 22:21:07 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x6000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:07 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d3, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:07 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000140), &(0x7f0000000180)=0x4) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000001c0)=0x0) setpriority(0x2, r3, 0xffffffff) 22:21:07 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x894c, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:07 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0097000002011076a439cc45300001800000015"]) 22:21:07 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5421, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:07 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045878, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:07 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8982, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:07 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007a00002011076a439cc45300001800000015"]) 22:21:07 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xfeffffff) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:07 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x2, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)) ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000040)=""/10) dup2(r1, r0) 22:21:07 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) getsockopt$inet_int(r2, 0x0, 0xf, &(0x7f0000000280), &(0x7f00000002c0)=0x4) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f00000001c0)={'raw\x00'}, &(0x7f0000000240)=0x54) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000140)={'nat\x00', 0x3, [{}, {}, {}]}, 0x58) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 461.608703] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 461.616147] FAT-fs (loop1): Filesystem has been set read-only [ 461.663930] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 461.671253] FAT-fs (loop1): Filesystem has been set read-only 22:21:07 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d2, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:07 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8903, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 461.774814] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653004", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:07 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x40049409, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:07 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0040000002011076a439cc45300001800000015"]) 22:21:07 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x300) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:07 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8904, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:07 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt(r1, 0x1, 0xffffffffffffffc0, &(0x7f00000001c0)=""/10, &(0x7f0000000200)=0xa) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000180)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x1012, 0xffffffffffffffff, 0x0) 22:21:07 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xb8, r1, 0x100, 0x70bd2a, 0x25dfdbfb, {0x8}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x70, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2c, 0x8}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x1}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x4}}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x2}}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x40001}, 0x44045) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) ioctl(r2, 0x400000890f, &(0x7f0000000200)="297ee1311d16f47767107057a60b68af18484416f8e0b17ca5633b45df97fa57b5eca63a5a4adc2ef2fabe0b14cc855c2a1e1b61c4237b2cb27bab6458200b915a952a4bf09982a17d342f5897254e40e7e71605a1f23a3817249ca908ce6e5f717d1af80d724099cd2b30c9fdd2ed306eb34215b953833c842323b0e0f4cc46694bb292d7898951b8556ecca6a609a9f5d90f628b11e41542373de195b57e8f62bf360ec52c") r3 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x9, 0x40) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r3, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000080}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, r4, 0xe14, 0x70bd29, 0x25dfdbfb, {0xd}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x800000000}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@loopback={0x0, 0x1}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8880}, 0x40000) syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000300)={[{@nls={'nls', 0x3d, 'iso8859-4'}, 0x2c}, {@errors_continue='errors=continue', 0x2c}, {@uid={'uid', 0x3d, [0x35, 0x0]}, 0x2c}]}) unshare(0x8010800) 22:21:07 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8902, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:08 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5411, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:08 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8907, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:08 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0070000002011076a439cc45300001800000015"]) 22:21:08 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045877, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 462.023575] __ntfs_error: 123 callbacks suppressed [ 462.023585] ntfs: (device loop7): ntfs_fill_super(): Unable to determine device size. [ 462.049980] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 462.057539] FAT-fs (loop1): Filesystem has been set read-only 22:21:08 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xa00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:08 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) socketpair(0x9, 0x2, 0x7, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$inet6_udp_int(r1, 0x11, 0x0, &(0x7f0000000180), &(0x7f00000001c0)=0x4) close(r0) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000200)) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) r4 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, r4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:08 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 462.167606] ntfs: (device loop7): ntfs_fill_super(): Unable to determine device size. 22:21:08 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004800002011076a439cc45300001800000015"]) [ 462.223360] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 462.230648] FAT-fs (loop1): Filesystem has been set read-only 22:21:08 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$nl_xfrm(0x10, 0x3, 0x6) socketpair(0x5, 0x0, 0xff, &(0x7f0000000000)={0xffffffffffffffff}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffff}, 0x0, 0x100f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000240)={0x14, 0x88, 0xfa00, {r3, 0x10, 0x0, @ib={0x1b, 0x6, 0x0, {"9e45d6fc581f754c18e0eeb6b4e22196"}, 0x6, 0x6, 0x7}}}, 0x90) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000840)=@updpolicy={0xc4, 0x19, 0x5, 0x0, 0x0, {{@in=@multicast1=0xe0000001, @in=@broadcast=0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@mark={0xc, 0x15}]}, 0xc4}, 0x1}, 0x0) 22:21:08 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5411, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:08 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d2, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:08 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5450, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0t', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:08 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000042011076a439cc45300001800000015"]) 22:21:08 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xfffffff6) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:08 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8941, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:08 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x80800) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x21) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$KDGKBLED(r2, 0x4b64, &(0x7f00000001c0)) getsockname$inet(r2, &(0x7f0000000140)={0x0, 0x0, @loopback}, &(0x7f0000000180)=0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:08 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8982, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:08 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xf6ffffff) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:08 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00001307d2011076a439cc45300001800000015"]) [ 462.585813] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 462.593106] FAT-fs (loop1): Filesystem has been set read-only 22:21:08 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x894c, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:08 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x800452d2, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:08 executing program 7: setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000000), 0x2) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1, &(0x7f0000001c80), 0xffffffffffffff76}, 0x0) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000280), 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x400001, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 22:21:08 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x4020940d, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:08 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) write$evdev(r0, &(0x7f0000057fa0)=[{{0x0, 0x2710}}, {{r1, r2/1000+30000}}], 0x30) close(r0) r3 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r0, 0x40086602, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYBLOB="f8b69d4080ebb04a32f657684bc898b6bc75ce5dd0b0887321951bbeb92015696b17d46b0c40f4cba5c35dfa9feb916c704741396a5aa86a0ec8378c291dd44a5b69701b9dee32707a4931270c80ab1125f894b739a582d3afc15ff126bceef4ab46ef879737535e78f3ec5033247bec0e3edc950d754a09727752591caa1d77036863ba95c547ef1aa4220ab71337481e0f6d399032ae5eaab8e78a7a7de017af63ad50242e94046505eb8eb10aaa118d51c7ec6f37706a806fa8ecc6f8c0fc84367dda961dedce5f4b42dab5c26ee5a3baf6b42ebb9e5446a0fbd78db2b879e19723bc3d4bd3bc5fffa59c4e", @ANYRES16=r0, @ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYBLOB="e3dc7fe97e42017ba89e26bd3d949ae996e321ed765e0f8b70201e5e680fc7c62d42ec1cc52eb042b9d141f9e2dc696949deaf5d3d2e446877ea6ed8ef0e992ca6efcc2c2ab03227399be1a42e9349fea5ecd4af68ab5c5d657f55963dfad376cd62", @ANYRES32=r5, @ANYRES32=r0, @ANYRES32=r4, @ANYBLOB="b57fce8a4c0f4358152fef520e8fe571f4831990774d9eac9f7abe9941dc9a24b6d9bdd7b357be367b0d96474cd2e2f87870c99a5f6078e369659c0f56cdc607d72156d6ac3328cb1a2b9839c52d2ff40e6ad96c865149a6f31215336851bc1821c7451e955ff02fb1e819bcd5f1b1708ac9562a5666181e3f0b54971a1c84451398f1b36f81d04db2cb031acb2fb5b146fcc4567cb957b5ea7bf2b6f5", @ANYRES16=r5, @ANYBLOB="68b6c520049db9cdd53a1ed026fe5628e42968bc32c92cfb04026846d62784529f78ea2a7df618ea1d2d90a95cfd7fc29b44b3b8168a15556e94f16d580026", @ANYPTR=&(0x7f0000000640)=ANY=[@ANYBLOB="ff98ed6a861db8fe6d0d22c5c84a551b1d961729aa1ea9c4b906186df0c68fadf388d63917b9a432d13d88ab6279ae6fea9bfc93025b8b35517eb87c09b90ef4e0b429f4ea47a9ecee65e6f588a1199feb2833367e425c42aa98d61a0b719ddcfe1dd5b4d9a176c937127d929b27d31209b32f70188ca8e8fbba0d90023d57e4d0a822a8b25b2f90742162c8b2d6f39815a2af821ce1cb14add30e3d8daf372dac44e4c9c87a2ffdfa226c31509980b05f1c2749", @ANYBLOB="b7328b766027cae507b16861ed66a52dcc2bfc203729b24a56817850eac3097e1c68d80beb530f0c76297e5bb6a356afe6d2ff120457f2ccc1a0b35536f1eaefa9019acec0e90c2fb410976f1fd178cdec427f68040b410498713c2d88531d00daebe36c3251386a747a85a6def0d86196e17f35c8b0a998d1a6d66540a26098538f0f6ccc14d9631d47d9a996bfa84b58617c2feba44255ef980e4772f28f337d9c57104352ed216f36292307ac4ca4fa0e4fefe7ed4296c8e287ab1c377656f698c15f8dd6f33d03025cc1bf568a812c018b325a2eafdcd2a36ae9ff43d611084d4bd4b987e951012e5def816415593cde48336eb671199cc9bc9bb190d0525154d0cf9f591cb3ab4999e15578554285919e11c7aacdbef81ce4d0b3a97ec7f5114a927f28586432703e4d429b33934773922e7204714e17cac098773be86a48d7866e94d5a4a498c4bb7e85eba330ec6d581687189ef6aba6c68daacc2efbde4682e71eca2b45a1523e1268a62443fe3014c8959b0e6b34a1758aa84736af881a331eadb3da268ee991f492d04cbd96d352aab180ccf0ee329d483e872d014b7e640bc85115f754888679ce8fab8ea18bbf1dd88ea8093e064d53ce2656115d0127bce0ae7cef8951b9c1c3d6dca82834206dc1068562279efeefc41be2bfd2aaba083b143da3bd87cc5ed447ecc3ff6d34405c5ba1893d2a62936ec3c15703d4b5623ee0544d18b99f707552079a8a63d2636bc72c2ebd5e780afae1213d3e409e2f130402b18ea03f8d820ed80e3c16731345551cf07ad520c069246748411b81d0bc223b9ffa5caf8961f16be6646a44b7bf2d555504b4ec05dfb9065a6377e4b93e52fda6a71308b4f450f9fb27da67ba10d11482c719a329d5712540abd73cff1ba4a78494b2fc2c2dfff71d82872d38769f7f9cc7413ec7e57dc0f5bf31a11294bdaf800186a2bc19b6551a44cae669160955ae6891b60fcdeb90857985f7f16e11f91c83c4ac2c43a787ecf2dc37ef6c89464d9660b6f964246f303837a1ed819b6aa2aa004894af6d663b214fdaa5ac7d692c3ccbce3f50637a6a5f577e7892497c10bf664d6a40ba68bc6653c49c5081761c30a065bca8eca9fd324cc25f3a5e0430301a20386185634d3fca72f95ec2e1d455f88a3fd0591fe05c87ea2c9a2ea61d1fd7c4a1257e7da327894eef862d3cd868b7f860193244bc3a353ae310dbe1019e9d96417e34fc8cec0288ab640b10f5c28ce4bb5d7218ee0d726ce6e2693547f20667e6c509056cb33e06af038df3bf4f544b736716693ff508f6c10d1b44176083c0c4b288aead631748292a32b35b27c8134d8848b23361c7b10533414ff701a7a41eb5f12e8fb68e4e8d8d7c7c2dbef94e55747a560f0726fbe4a247afd536275449cab1e105038ae2526d4d8b58d54748861cdc6eb2ba865aa2f7c174beb4c2459ccefcf21cf61f7456063b53ba160dba1b9097ccc6be8d0fa44bcc70006ee96129928495d13253b98466bfc12bce2f09e453434536f8f9d2ad0d9b659e5b21575e86bd1d1f4e91c746873bb8e447816a3265e6d68178dcec8dd0da7b549208276db320ccce200c99a5ab3d099f6017a791239f713bcc8a319cb066bd9f95021967c9368154048085b23cfe59af1d12c6d00a2c524787340fc3d13f2ced1bffdead65d2fcceaa39c0b5ee637048cc4d88a07eb9e3112448d1867b27d85b6e2f7c089e8143d90ec881c2d648c31710a4d07a90db32da67f28d6932340111e0ba257c546b97d997345e718421e3761775ee3ac68aa7a037a59c760f1dcd8dde7704623c71f7b37ca0f071ab4c70dd506ad112885f826ba2ee10e268ff58d67fc339fdc21783bea2f57d7c2d911a076025e2c64d02b5cd08d3403a1fd0616c2c16c4b851ba7f6685d29f7e2b77c7a26a2a60a7c201287d76cc095a90044c774a94ebabedcea23dd43c793c0e46f7abf4f8c5d05a5c1eff1ae36cd304af6d39b98150081686edb0053f838f5f913b12982042eac0e917dedceead20e0e31c7887e2b4ec4f88d07ad0d62496f00d1895a41460f8dfa98f3604e41dd190d0650fe6628f06d47b46cf13adf335928b1d9be753ebda7ab770504b7baf642b0c90b61d778a96839647e5186da291f725f451662b2d8c92bdab8ce28df56c8cc83944fad73aa1c375370bb87fcec7a8c378f455f2c58caaeea4597a2ea623b3fb437185f4898703b6ee38f9f07b9d5fe42d16d0cd18ae7719278be49ed91fc4dd66512eb56eac772f07b858ea25ae88ab2936b3759ce095c06c39eddf749640a0367c64afc72fa4b41e1e9cea230f96e3be638504b07b42b99460cbe4e0c4097f47659556215754ef2d5052d367d292c5db3c69c265a34c5bbde6aad7ec902bc52f9634ef7ec9a8dd09656fa435355c98c763faf11519d225094857bc63f4706c62aa9ecc821319ac78af439d8ac80e9a6fc6278df3b3a646b6125a454aa39c4f2bb39e01bab510fc0b74d1d12deb6285bcadc8e44895c2d6ddce1a283073d12313105044d9935f8e8b55c6a243e4d0fd1105918278b85ba6865c538a064aee811ee724d2fa630eeec8b322fbf07c6c77125416556e1a623590552b875aadd260f60dd0f54a6c190ff3bebf430f5e40a7537dc71def35371ecf3f5ef56035cc553808aeb7d7d9518d73e9dadd5120e3b07d86e736c14f8f2620c00caccd8b0feeba3d27bf027393c678365548610e562386a88b771c6f5909bc3624930e86a3f43107522d7bb75eccc242b94a551808f36799c1959741cbd05a7f3178fec539a81011f8e59d02e77463de84d0f9723b681856a3639ddc7037ab9292af718e777cd4294777960a3994f7bb52ddd4a934d762c3d3e1eb7b9e27dae7637ff10ece7ffd438f7dd0971d9250ada53ebe2181e9b8b824b03db93deec58f3ae373d4b5360df76820894c33a1769a0a46bf98d60c1d053b10ad751a7e3f142ed15f1c89fc2d30cca1ecf2b0a91ba9c3cd1851d2c7b15c39fe82dc2ac59cd54cb5b09c267aeb4e5501bfb2aa6f2988bf2dbc09f8454a8efb734482c8f6e6ee188001041c2622027b70bdc5067e5e1ab1884a2c703c048a0b3f6d7a8dba515dd52e6725ebbc74b55df924939e61c2152149419632cc2ae57cef0d1077ca05af222de095b83e6fcb4889c53bf5e9eff76a548895a9f80c9616a961dfbc7bd42ec3659502f182ceadacc5baf2cb9e88fd66fa81045352b83debad1be265f77aa1923f6e006e646e97b251aa9358a78d498c99b54da695e2f835a496a3bd27dba76a08332e8ee4945684a7c45665b59e082dc4ab826e25fd34855cd33092e9b4d0df54e95ce801bfbc06f5c5bd7126f311e55bbdc2a145a9f6151436aec88d7836d1f441ea75e5d702a11292e16bb61a62778f9a819a387f7dd0cdb91a5931cc7c12c577ab8b172c6f61f5d6527091aa08e909fd6d7b2f7b3858ea8b1ffb97d38aa10b351d8d6649d58056ac878a807811a0e48da8cd3f3a3bd24c2f5cb26ea1210a817f0dec6bd5d99d54c95f9debb4e08d734ec34636c556010ad9546116aafca438df978363363355191cf4a535b22a762573ec26772a5925c83414fc88d4ac90748125f8855a0b6a676479ae273933ebe75776f3d5fd302d49927664b327bec28a5eeef5b7a7dbded2a77e1720056078637a6e97a63a37b92183348e114831b89f5223ff434e44ac1b660dc489a406aeb4fe1e334bc4929df27064e54c0d5790d6698b419f883973e6ac5341193b1d758f15c3d32e9dfcb2decbcfd031465545eb644fb7a72fe79d5a1aedbbcfcbd6c3d25e4eb7a91d677f0e6bf0d1afa6d8d94925866aa95f47d944dc3bc917409758ba5d08e53fc282d40233d74c2655c5c65181b322b88d903d91ffdacbdcf6604ec78b785237fad04ce1d6925684d9cc608e786aea683940c7bfd0dfd3c0305b84ee654fd388ee4273c293aaaef7928759de4a5ea89a2c88534a5cd376be9ef5f6d20bb3f1236bd7fb7877db44b4d75b61cc7d10b562a146b9f284885f53aa92134a2007e7024dbe843fb264faec4fc9c50e666cf16554e7fd74134fd2170fae2b39a3a676b8803af1c8fecb043f2b37451cb46c82a1e276e44886c90c73959af0452310212497bdde0a89697b1cc1a626a8bea3a7678422a3763431856f397319f16ed375b4dcb443718bacd770a0aa2bad2e464f7665245d45ccdd16c5c18b34970cc6cb14a0745b0ff3a5c9424d128b99a4d2eebc41649566e49e8d6788cd5461d21beca2355e5df6ac580b97580925c672168f7fa65bc622344623008cc3d55dfcf49965a1922b52dfcb76a64bd267ba0cf2b61c5d6e981f4a1d2a2708336ce686189de3d6ffd582a60e4117e0a87776e0f71ec7fc082bc5d715c6f99464cfb090c3477ab9a2519247e69e0a504ecbf3e1a36b1d35a3d7a1335899ad16c6ee38fa8ce31cbf79b031890fd8a7c3a023ac5f9c2cd0c4eba15541adf33d72171f9c93a74180d10fc077beea7d333158254f3419c8c80075908589a08a807c390aa117564ae29f3e4427abc342cda0f1136c146d16c3f989d0aa7e4f367c764f5f29cc619113090316cda9b229241c51629e224e66544d145a086334bf0560c2a2a15d78008cb9f3426035b5cfd3bcceb9b9b18ac21b89d3b877e46828d66e1cdb83142ac0ade7266a311305f6c9d9660dfbe4669df9ac7ad7088ea8e3b73ea38dc4c3f231789f3171cbf6964480eccf84ed9aa9d02a731391d45c71ea38772f6f02ee322e189748ea01572d99a0c5f5f3471b7a2c80bb816121711aa7cf66d43d3043b42c595fa9666b4ce24f2b3570a43997a32710a412c30d05ffce769dba722e5f50c097a8bf6319318661cb99d4e49cad480ae3c78b0245001e3e28c645a245571b1c168785b542e9848dda4a4248710d08bc9eca9cb358777eda517ccb2bb7138b2597fdea51ce76838e62b3bb6c13954e03748aee4b9c96b525bfbe0c9786af4473fd122b1ee472de5180ac876b614504e085ae5d6a7791ba240947d6c0278c263e9fd0cd444324bbd8c98199c909ca64a125d1446b360e29cab8550efd19c2af7a3e6e088acaae58eb30c9ca3c3296b1ae72dd3497556a84fdcd4e41305709864b0688d10a3d2c680943419df5e2197eb2d5745d6b1e487a2e26639b52f03bb5e0ce13e6d441ede8c1f2a2ce8f4a23f9d089c8f8c8b089760a585fa2562b513487fe1079956a1c4617ae1f153052257e18bd9fd3843a2ff87ff63068847460f4c2c485181d492b9e288e77913883e8c23851ba5e27e99a8232a4a0387a42fdf1257b187bce3d684f259ef1a0788a533f5ce9829f40937c6ac10179d258ffbbd7cfd5844b65098714e95717e35ccba0780d7373a2b1a884fd5fcebab62982b78fe77fc4f384153ad388c5fb5b42d595a2e93728a178c3935b374e18e0c3956b5c77aa28e71215e8374ee709b7ac20682804c852c910eeff6d5d4bf36b6b99aa973d68661f94cd0b3a58ba9c08fae1e1cca2d5da4148efa5553e77601c210a0cd92b9afbde8e7e243f44078c71963756d9ae8c48eaef62ead09f00952f92523c557270bb39c3bf46cdf7f627e38ff0d5225ffa12a14df2dc067e8ede8f181f855496af0589d5dc68c99845eb23af9fef8d747e45e7398f64d26e8f63b4c27b38141c98fb20c973cbeaae6714457112e62402c98edc88d33c37c6c35864ced8db14d604a9e6b87219de355ad55e6f0548c6ba966086906527c63cb09cb928b3e7bc8f94f928e59a2d12d7a91002", @ANYRES16=r5, @ANYRES32], @ANYRES16=r5], @ANYBLOB="91261255", @ANYBLOB="e7227970ee4622bdea0a84f459e46fd102987384a9cb0ef70df4a13e5c64db2516f371ad83cd51ed09d35eccb19e8b1cecc5d097268830439f90", @ANYRES32=r0, @ANYRES64=r5, @ANYRES16=0x0]) write$cgroup_type(r4, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000280)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:08 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x10000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 462.742843] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 462.750206] FAT-fs (loop1): Filesystem has been set read-only 22:21:08 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0fffffffd2011076a439cc45300001800000015"]) 22:21:08 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8902, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:08 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8981, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:08 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0189436, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:08 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=0x0) ioprio_get$pid(0x1, r1) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = accept$packet(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000280)=0x14) accept4$packet(r3, 0x0, &(0x7f00000002c0), 0x800) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000040)="0f0fe8b70f32b820018ed0ea00a012002e0f07ba610066b80000c0fe66eff30f123467660f73f30f0f01cb0f06", 0x2d}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_SET_CPUID(r4, 0x4008ae89, &(0x7f00000012c0)=ANY=[@ANYBLOB="0100000000000000b6000040"]) ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000100)={{0x0, 0x9, 0xffffffffffffffff, 0x1, 0x7fffffff, 0x204}}) r5 = creat(&(0x7f0000000140)='./file0\x00', 0x6) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r5, 0x84, 0x65, &(0x7f00000003c0)=[@in={0x2, 0x4e22, @rand_addr=0x7fff}, @in6={0xa, 0x4e22, 0x10000, @remote={0xfe, 0x80, [], 0xbb}, 0x100000001}, @in={0x2, 0x4e22, @rand_addr=0x8}, @in={0x2, 0x4e21, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1f}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, @in6={0xa, 0x4e24, 0x9, @local={0xfe, 0x80, [], 0xaa}, 0xfffffffffffffffc}], 0x88) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:21:09 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0733001002011076a439cc45300001800000015"]) 22:21:09 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) write$evdev(r0, &(0x7f0000057fa0)=[{}, {{r1, r2/1000+10000}, 0x0, 0x1}], 0x30) close(r0) r3 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r4, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r4, &(0x7f0000000000)='threaded\x00', 0xfe63) syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x1f80000000000, 0x260280) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:09 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x40000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:09 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5451, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:09 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8983, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:09 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5451, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) [ 463.133267] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 463.140492] FAT-fs (loop1): Filesystem has been set read-only 22:21:09 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000006c2011076a439cc45300001800000015"]) 22:21:09 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8901, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:09 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0045878, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:09 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0xc0189436, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:09 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc041040) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 463.226721] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 463.234011] FAT-fs (loop1): Filesystem has been set read-only 22:21:09 executing program 6: openat$urandom(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x40, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 463.334196] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:09 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004c00002011076a439cc45300001800000015"]) 22:21:09 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="1df0000000682011076a439cc45300001800000015"]) 22:21:09 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x541b, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000002011076a439cc45300001800000015"]) 22:21:09 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x541b, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:09 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xffffff7f00000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:09 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x1000019d, &(0x7f0000000000)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r2, &(0x7f00000015c0)={&(0x7f0000000040)=@pppol2tpin6, 0x80, &(0x7f00000014c0)=[{&(0x7f0000003ec0)=""/4096, 0x1000}], 0x1, &(0x7f0000001580)=""/32, 0x20}, 0x0) 22:21:09 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f0000000140)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:09 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0fdffffff2011076a439cc45300001800000015"]) 22:21:09 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="29f0000000002011076a439cc45300001800000015"]) 22:21:09 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0030000682011076a439cc45300001800000015"]) [ 463.626628] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 463.633910] FAT-fs (loop1): Filesystem has been set read-only 22:21:09 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x4020940d, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:09 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="d8f0000000002011076a439cc45300001800000015"]) 22:21:09 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000052011076a439cc45300001800000015"]) 22:21:09 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x9000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:09 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0003f00682011076a439cc45300001800000015"]) [ 463.732846] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 463.740116] FAT-fs (loop1): Filesystem has been set read-only [ 463.878753] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:10 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000000140), &(0x7f0000000180)=0x4) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:10 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0ffffff972011076a439cc45300001800000015"]) 22:21:10 executing program 7: r0 = memfd_create(&(0x7f000088f000)='\x00\x00\x00', 0x4) ftruncate(r0, 0x1000000) read(r0, &(0x7f0000000000)=""/48, 0xfffffdef) sendfile(r0, r0, 0x0, 0x3ff) 22:21:10 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0de3401002011076a439cc45300001800000015"]) 22:21:10 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x100000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:10 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004000682011076a439cc45300001800000015"]) 22:21:10 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:10 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000e0872011076a439cc45300001800000015"]) 22:21:10 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f087e000002011076a439cc45300001800000015"]) 22:21:10 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0740000682011076a439cc45300001800000015"]) 22:21:10 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8982, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:10 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) ioctl(r1, 0x45c, &(0x7f0000000140)="2212432346a41a54e5e5d889b7f456f3d176d72e21e86a99d465c259d2d0f90b8a40ae7dd0bb045055b342d43d1176200e49f32011801d5fb677e28b452528b0ef462ceab4b44cb9b217a509b16595bca5bc87630dec58072337bd6284af31b444554dfe7d0cbdb5650ef1506c") getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f00000001c0)={0x5, 0x7, 0x400, 0x200, 0x400, 0x7, 0x1, 0x4, 0x3, 0x1f, 0x6ee89638}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:10 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x400000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:10 executing program 7: ioctl(0xffffffffffffffff, 0x4000008912, &(0x7f0000000080)="295ee1311f16f477671070") r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xabe, 0x10002) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000001c0)={{{@in6, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@loopback}}, &(0x7f00000002c0)=0xe8) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r1, r2) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000040)=0x3) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0xffffffffffffffff, 0x0, 0x2, 0x3, 0x1}}) dup(0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000140)=@filter={'filter\x00', 0xe, 0x3, 0x331, [0x0, 0x20000240, 0x20000270, 0x20000428], 0x0, &(0x7f0000000100), &(0x7f0000000880)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000001100000000000000000076657468315f746f5f7465616d000000766574683100000000000000000000006c6f000000000000000000000000000076657468305f746f5f7465616d000000ffffffffff7f000000000000dca5f68b60ea0000000000000000700000001801000048010000434f4e4e5345434d41524b000000000000000000040000000000000000000000080000000000000000000000000000004e464c4f470000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000c30c2543cb693c586a2a6470fad9fc392245c4e862248cf9e004250807dbfcb14656fcc447f10de10260fd87e0230ee75012ba7396911f76ee44a4d2acd794ac000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000010000001500000000000000000076657468300000000000000000000000000000000000000000000000000000006272696467655f736c6176655f310000626373663000000000000000000000000180c20000000000000000000180c20000000000000000000000b000000010010000580100006f776e657200000000000000000000000000000000000000000000000000000018000000000000008c", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000434f4e4e5345434d41524b000000000000000000000000000000000000000000080000000000000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000004552524f5200000000000000000000000000000000000000000000000000000020000000000000009860f3e0643855acbdb44a95fe08fe4183d92cdba09393c0010a4870d5d80000"]}, 0x3a9) 22:21:10 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x8980, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 464.268218] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 464.275465] FAT-fs (loop1): Filesystem has been set read-only [ 464.332501] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 464.340414] FAT-fs (loop1): Filesystem has been set read-only [ 464.439447] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653004", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:10 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000007a2011076a439cc45300001800000015"]) 22:21:10 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f04c0000682011076a439cc45300001800000015"]) 22:21:10 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000500002011076a439cc45300001800000015"]) 22:21:10 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xb000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:10 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={r3, 0x9}, &(0x7f0000000180)=0x8) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) setsockopt$inet_dccp_int(r0, 0x21, 0x6, &(0x7f00000001c0)=0x2, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:10 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x5450, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:10 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes-fixed-time)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000000)=0x7, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="ad56b6ea54c721afbbd4beef915d564c90c2000000000000", 0x18) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') accept4$packet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000100)=0x14, 0x80000) sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, r2, 0x509, 0x70bd26, 0x25dfdbfe, {0x2}, [{{0x8, 0x1, r3}, {0x3c, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000280)=0x8, 0x4) sendmsg$unix(r1, &(0x7f00000002c0)={&(0x7f0000000300)=@abs, 0x6e, &(0x7f0000000440), 0x1000000000000236}, 0x0) 22:21:10 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134da2011076a439cc45300001800000015"]) 22:21:10 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000600682011076a439cc45300001800000015"]) 22:21:10 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0002000002011076a439cc45300001800000015"]) 22:21:10 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="1df00000004c2011076a439cc45300001800000015"]) 22:21:10 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xfe63) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:10 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) ioctl$SCSI_IOCTL_GET_IDLUN(r2, 0x5382, &(0x7f0000000140)) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 464.700418] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 464.707692] FAT-fs (loop1): Filesystem has been set read-only 22:21:10 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000482011076a439cc45300001800000015"]) 22:21:10 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006c00682011076a439cc45300001800000015"]) [ 464.815826] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 464.823237] FAT-fs (loop1): Filesystem has been set read-only 22:21:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\t', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:10 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0f00000002011076a439cc45300001800000015"]) 22:21:10 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x7, 0x7, 0x1ff}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000100)={r1}) 22:21:10 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00600004c2011076a439cc45300001800000015"]) 22:21:10 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000140)={{0xbf, 0x7f}, 'port0\x00', 0xa0, 0x0, 0x6, 0x6, 0x1, 0x100, 0x1f, 0x0, 0x2, 0x81}) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x8031, 0xffffffffffffffff, 0x100000) 22:21:11 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x4010040c000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:11 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134dc2011076a439cc45300001800000015"]) 22:21:11 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0480000682011076a439cc45300001800000015"]) [ 465.029342] binder: 24103:24110 ioctl 40305828 20000000 returned -22 22:21:11 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0030000002011076a439cc45300001800000015"]) [ 465.127768] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 465.135057] FAT-fs (loop1): Filesystem has been set read-only [ 465.165590] binder: 24103:24129 ioctl 40305828 20000000 returned -22 22:21:11 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07a00004c2011076a439cc45300001800000015"]) 22:21:11 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x800000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:11 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0003f00002011076a439cc45300001800000015"]) 22:21:11 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0001f00682011076a439cc45300001800000015"]) 22:21:11 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xaa59) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:11 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0f00000002011076a439cc45300001800000015"]) 22:21:11 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130742011076a439cc45300001800000015"]) [ 465.241481] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 465.248840] FAT-fs (loop1): Filesystem has been set read-only 22:21:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653004", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:11 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0ffffffe42011076a439cc45300001800000015"]) 22:21:11 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x7000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:11 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000700682011076a439cc45300001800000015"]) 22:21:11 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000007a2011076a439cc45300001800000015"]) 22:21:11 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x2, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$FICLONE(r2, 0x40049409, r1) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:11 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f0004c2011076a439cc45300001800000015"]) 22:21:11 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="1df00000004c2011076a439cc45300001800000015"]) 22:21:11 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0070000682011076a439cc45300001800000015"]) 22:21:11 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134df2011076a439cc45300001800000015"]) 22:21:11 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xe000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 465.644197] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 465.651598] FAT-fs (loop1): Filesystem has been set read-only 22:21:11 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000003f2011076a439cc45300001800000015"]) 22:21:11 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f04c00004c2011076a439cc45300001800000015"]) [ 465.751853] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 465.759142] FAT-fs (loop1): Filesystem has been set read-only 22:21:11 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$setsig(r2, 0xa, 0x2) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:11 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f00000000c0)) 22:21:11 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0680000682011076a439cc45300001800000015"]) 22:21:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:12 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e02011076a439cc45300001800000015"]) 22:21:12 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:12 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130782011076a439cc45300001800000015"]) 22:21:12 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0700900682011076a439cc45300001800000015"]) 22:21:12 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00200004c2011076a439cc45300001800000015"]) 22:21:12 executing program 6: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x400000, 0x0) sendmsg$inet_sctp(r0, &(0x7f00000005c0)={&(0x7f0000000200)=@in={0x2, 0x4e23}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000640)="22f451a1e70a98dd2f19ff065ea9cbab3b8e937eb9423cd18b9922af82b603ee596fd403384d2a0bc4b18dfd3898ba5534b407f8d05d3cdb20f17828f137e8f77ff02ca319492802361daeaf82c75cbb2804c22c32d3660e8f3451920c6f08f5590e98e622467572f8af48a8ca6121a100bfff9d5d4e90b8f6eee9510f845b53833dab67eac57fc57749cd3a107eb2add9d0362e17e4996c3dbea06859d845d1f85595346838814ae2987cc4283fbf9ef3245368fc61d7ff2cf922ac9968f528ada7d6062b7974a8adf968d11f5ca6facfb9bbef0d5c1ce6b564110de092339937ba901772bd4d252061dd1b7061305fbd8a393f445e58456e36ee197558fd71daf51a0f6df3821e3fbb32f5c5a9bb27a0e3f132252790a2bd0f63e5d858b9c0ea3661c443e23493659fb405c84a98d024fa44949580348233a9a30afb0d8f91568576b2ec5148d64507973adefc5009ea542698b0da8b7c31a555cf4aea635af17637fc4898ec5d12ba485d18dc0866a0355b76642e0e4898e14b387428fcbf1d6d3775082151ec5d69426664059b81adc42df0a424acf81f979e505130607f17ca699274fd8b01a1f04fb68b057128956e463e71b2252422e344874ed9439e5f7c964c295acf60cf55e12fe127dbd6e015ac277b520c2db216b7fcae8a286cc58c0e591b57879764d719cfffcba5afa5b32e72a5ec290e74c3a1b2413aef925853b7a00bba4aa3e94a1452be48526374a30f1e6308578866005a713c0a0092574acc249e1d96c7c9153baa5fbf78cf4750438a56c4450e0e7323be2d03d065a6df8f7138969a1d73ce123e5307d9935bf91495c2bbf84a64209ac0c9e5f473fe3cf60da348b7ba9530acb47815959ee984f4f03e846977f63469ca141bca62d6753994c48f39d3fa25de83d02f7d3074256608d244fd71ddd592339d4cfd1b72d9674739cc27e215ce462017adeb8884d9f79c65db0b1b36f3835b2694fbca372d546884e7241dd46a8b0fe86f7a435d5e19f49aba13c64fb9a6f0b33d7a5f138c7d96ecfb1784777f51c77b6137013cfbba263eb5c4c455053f73a8459c9e053ae797aa26370ca6f187c9f201d9e2b6abbbb301e2ba779c0bf7adbbb470ff0b4ba93b98d8b00582cfd179cee205cf4c133ad980bb044b2bdb231b3d9259af89d867b648a3ea656feb8e94205e628eefdf1ed3d091dc085362e887975079b4897608828944d9370696166069850c9456ef6f1c3533eb75c9f915840d32d680d54b4938d27318ce17ab3a3215adebee5c1a09ce15f8116c7c9d2fda9160c0d4b6ebd753591b1b4379750f7130ed56e87099721722c54858886b9d900a7a08ddfebbd5403551381ed57e519b372ffb9b0093a4b8979330bdfe1fa30038e42f98b195d32116eca77030911f0af64fbf2723417d21bb98f3371b15cfa2f8dbe04fcca68e2f23cab766b5a4bbcb781a6d310c4b795949d04b59efeb78d6a336a0385e4df8e40dd1438acc7e3ad8d4968a5114b772258da505631c39cc8003f64fca5c5a6d56310852682344ab22e7e242fe62b84a0ca371b25e28119ed0ce0ff0bbe1a680298d1b34c65367b5a6cfe9b4ed5799946c8ae1cd40376108526b6a1764df22130d39ccfbb58b05a3744485011ed019d59ffc188226423b696836e61292ceeb8c4265af15853b8edb83e26bf41ccdcb819a0e52667f641335d8562460542466a71660d97fde89342015a6a019f262f3ab14c49ec92f533f4965b70291d11139276847d0672ae2dda2732fb515a3be179da666145e8445c3c5bd57f36a31018b89b7eee37a09056135e750e4636429c343f30a2fe5ed593900e26073e4a55e61b4fd406eed1fc47bfb60451e79fd977842939f21989343736fee154ff59edd924e5e20a5297ce26d0147e13bf88cc61780ab0bf6cca76d63b85367838147394950f433da7e584fb0da91d2a7f2a7679c5a820c4893d1d24a14705b3fe9bf3801d42d443be6501009dad734703963771afc94c93e182691ae21e0079d348bf637d01d43e67ef112d1cf8ac699740271edbf5dd342b869e8231672d45b207d92d64d0bdee88a6c167a749f5e63b9b7439482dd494b4f49d79eb92d487d20ef3dab2b7e87dd6de1da8d715f12a2f0eeec1a083c61593ce4c712b834d4f089cb8f956af7c18257d7fa5434f5aaaddbdacb74a3ab7c373c0275a3f2406259c16220ff037844434dbb6caad538125b0fe53802194b91702bec3e677b334575b72a936b9a587f4691c925627e663dd47719df5ab40af613dd4592b210f922c28ac4325446a375c35c824c292e306dd5b58e93b2a299c57e346e43c8867ec772e051f55f81685450d260500d23e907e691fe77aa2662d24a9e038add8adece833a96bee5702e9d1ba63b6b3cd008c3499c96444144738ff544a703b0a29e99b75455a8f2174c7808080bd19dcae65c884977162643d8ecac29c1cd1fcddf0975c799da57a2bba94501da4e7a13fdb2499cf109134a27970903af1c44f5a8452534bfd9785d6eeb76df7773a3959a9fc80c5797102f79492702bceb2f2d8b1a0b010040728a0385fc15c53795b899e17c4c2355cb13c8170e72a0fab6108c3aa32d201f606b611bf89b0dcae1dbaae85b1875423011016cddcbd68ceb1fd55aa80678a46812a2ee711de3a7c79a60dd8627b488764850d25bb0b5bb4c0c8ea3527a14ef47b0e307b29df8e93f29cc9c407078c937f32089ece315d3bffb3938fc846e90c6094607fbc781708b256c19c60f01ad3e907c246ac3149e2390388c4490d6e09436784e0e4e9457dd4274468c5ebbf2037423940cdadb56e60e252645488179eb538813d3fc39cba8f7014f43d93fb3d6ec6bf9c26b92886f5a1a9be6d59228d9308d0e15fb1681eccebb41b927a6ac98d630b1a3e0c79b891569f6bf469e2de51b0e61d39319375fce8beed4c34494c350d44fd445ed64f0c30116026c89cf804a9ba684ef4c2e6c15232f2b921a3b289dccba58dc62208215af9b7226a80aad27d283c4b4c52bc1e1ca823582d2ed47148ed92a7492869a08fcba9fe847b38cef8d9320171c6090851eeab337b31709924254339fdc5f64726e41536b03e3649072671ab509785126390daf1664c944d1005ae44159338085482ea48b4256f3e1063f80ec0f3ecd54fe0d41d32389832dfbf6827c915cde5c09e727dd531b746cc974666c2ae879cf150bb744bf2c9f4d25d2b2d687175586c5858ad9972423058986a0fdd7cf59781d64377d19d46d4cc08353bdfec6238b6872950fd099c3e54e39baafb165656f72f23f375cc570bd08bb8a956138043fd801b66d9d9c367ef91950ae946777ed754ab2f3759d1aa8e1a5a9340c9123145b4864ea6b929897894399d04f05b51db577a7c9beb83a2671f985819ff5594cfbd68336c345774b998aefefab283f33ea7906c33e13c655069b06c111d3701dbfc218d35713826aae3aef4169be3a0f5ac95ac8ad34f465fd5032f142f4972780e11428bbccdbe7bf7177c7e821cde162ce565913b99e44b462ef36a75c4a5cf8518855c36b396635ad947b65d186aaf84a579fa78b0e94f5b5587c3feae3b208129026d58635e555219a3346123cc1a08b958c86d6b5a029f349b59cfb5f910462f40d5dad0ae59aced1e714dc0997d1f5d15102d40ee77a5b14950597738b95b83ac1b04819f8d1dcb7c461092f068f1bdbf5207488a178bb85e33704c292895c1f451c4ecea8b6f7a0bfb5f960df55146f0b970469c9482d24616bd91b1f1374bd46f7a3d44987458d9eb8ffc3e43acf9ac8cb86954c9a6dd0dc539ceb4049ece59092bf5d62fb8a8a53ef7ee8934ceb54320e7fb14f2507175161ecd4eaaacdf002d35a5bc6e8c204f71d03d562a9b664e61502e06ac1e9e60a4e8229ca9b02b79d0ca0a82bd8d5790c9638e16946ab893b6dccfe7bba694d71dac943f4eb4bb55b820b1c81fb106b61f491101dc0b828f4ef195736403a62f366c79884f04517d7e379b7bbdfaadf59f4694f5e9e46361896e1db05dc1d4a6344f338127ff8d2256c7640d75ce1c73e7d7f6788964cfcfaed4f953fcb83b33edbb790f58b1af4731a4479122819b95db2907ce0f6c0da39198a9b8e2b09b49f86d884c852eb2440a45be9b80202dcd5c6d1498e1152ac1a0c6761dc0412dbeed7bd3f9ce6f13c376502058f65eb1c6444cb8a618afce05a2ead673f07a5bf96e4139343dcb0d6c0c5a6163a93bfd76757170989615297afba0e80cdbf6e43a4ec764fd0392dec272c8d4d7af5b1d892328db51343a2c5f5b0d3f5aec7de968be00756a12b5f7fe04fef37adb6aaaab72f15d89ebe4514628f767019d12e02ae558cb890fed4e1e3c0cb0117a7b7014b1434a8fa52469e2b9181bd6c1ecfe187b53fc548af269bf984d04710b37098af34ca9e315dd6977ab17b0a358db45d072961316f9a2672d1802335eb6065b6fa511779318021a67b49d0e4a30572cf555812228142ebce38e6246f365dfcf1c97c8f7056bd233c2614b24264131697e26d395cde464b135c62256032b9bcd63cf807c3ceb7c1e75daceea47e4bebce5368065d13beaa42fca9fc551e37a865748f45f2e9584cbb6dc42e6f5f67b720434073361cfe1f998e528f5708124c0dfca3b05a8aa0d3f6b7aec1d9e8e8c58d2c2e1ecdff00293358b50e35f03951318509c89ba28c7f918d5f003f5db4cefc0ca303ff836baf47e8bdeb3c59dbd5261fb12aef624662bbf7e6a136c2008ec24fce3efe43fd0ae4abcb39ad964197dc78c097a80cf3386208c6824c027a00e2737977bf897d12321a85cdfc0646f91552993a7ef128c31b62ebd8597525c3581cc1e99c697798f889f5018bc34ee5cbc3bea870c0c779046419c2294c54a86036bdb5a2ef4e9049a99c54899e45da551561d4c2f32b434501acf8642bb56cfbb2f388fc4fe8ac3401a12600cc98044881e4e5e654d498e45c87458b8028eb48eb4d140d44d47d8c60c8aee67261448ce7148902486faa39a5f6b36b5c1bed3be5b9e24c417bdd0b5bb9b4503fd3042ad2f7b98058fce08461051c4d3d95f9e816989c0c7753633f5634763ad21c8b355323ad8d61d5035e02f63eb8fcc71f7a139501fb288f338ae784341c2b73d920f5dd835242e6c200957ec0e87474d722bc7f1639d36b7318b1f8fd2f03ac24b7118851157ecf9175c290f6e6cd3548a76bde51ca7cc609a6dc2eecef012d270f6d5169e4eeb015c38a0bb36ea992306d810384f11fe76372883560d3ddbdec5894015be600c6e60afa24a78a1752a3e17f7692445d1a9e15c624e2e3c4916b664dca6cba7d708f277ed185ca063f675aa19306662940a2d0cb80f77ce87d1ab5c47bbd6acb6811a3a1120b12f989f926f9207068489483079cca57e62518f12933ec7db10402633ab7495e329b2aa25893d955cc3e033edd2d5d5a3a85e5fa6d775b8b8565c30fd00485a4d5a2893dcf75c75aca8b806e91b1914e46cb48d51b1ec3f08c9bfc86eb39a95e1c04f101054f13aa83526b191ab5a3b4b022c6a55d2b841ab9c653fc0178b2385be3d1a9305b1588d5812e177933adcd4fc2a35b675995ceb411df82008c7d64afef8ff077ddab50ade1f995c18ec3b949af416ea82e19ab90e5584a6c380b81634dde9f5fd10cc0e46413f80190c720aed11068f57bb9f4846c203501009e7e580888e988273666d6311569191c7f5d4919eb0a2b194903c72da24507e98daa43d091de50727a1eacb95cb2ba40f5", 0x1000}, {&(0x7f0000000240)="57d4df0e87cee364948cd984b4952e829b9114a41dbce9cc9ab03765dbde4a2acaa072233c78c0aaa0d7e79a6473e8db63702de6ba8b69d05ae24f6f99b26b1737e61624e3ffc9a23935ba148865fdaa61b883bad5011031087907e2a5edf99df0081cd3fd0894027f33ef7a20d2f1f1461baebcf6c891910d29935336efec0a776f06fc5408a2eaaa848c1a707166c917e11d6efd5a91f64345696a85c19a9022c9b0e55461fe9293", 0xa9}, {&(0x7f0000000300)="2a3f4eab2ebd87632a2744537ffc5870fb64363a85107196b1e823223fb4f589ba9186aeede41ab7d3d4cc84714b76c6112fed8e7f86309757d9911b558747d8f325cfed07dc49598c2e9d3a23ae9015cd3c4a608700bce97251cd611e72a067acdee880b3fcfbb65e841a12407e32a1a0a99679f31306f7616e8a76663d2ad8b53761a8506932fb13b642dfe9ea42a8b21b5befd1597d26f26278f635386b86f082a4c465a0300d104554671236bc3d57dedf4b22c353e2b6a653b215336bb3bf2b031f95c89260b0ac52d4d305be111dd87a0c76d640892517814ef6551cfa97d8dac48e94b53e7cc4aed22d6a19163eabbeb73111ecfd3b32", 0xfa}, {&(0x7f0000000400)="2df3ca30a313e3dd9e8223cffff9fee451feacbfafcef4ffcef463e58faf42fe19d3f859e9ad9c911e56b9a2f1c671f8a36dcb6fbc685ed570913f821069a2809650cd77538f949c7d0f76a774032a3efd4e1d0867b7df189d484af187a6d92e207bf8fd4dd9beaead66a01cbb7e12b2c5316ba1f774ff9751c365f03117799f7e60b334a23f27ee827bfd8f1f98d461a77ca744f53594aac13c745d145db9090d8c2f4a913fc59fbf6337cd986d8024af91eb25c7e61e4e1c397f3e94de28b8fb9f1041f1ec0d62e6b4d7f8007390204dc66bd08f9e762dea363bb59d286cfd75aaed587591c1", 0xe7}, {&(0x7f0000001640)="e7042744b18151a8d9a58c934944f1fb75aada227b8e510c63252e9fa3a96819ea95a7d33c431eefa6faacd6900d81cda79ff7cc078e016484ee27df81bfe545e9a21fdb5741d40c42664c8fd99aa7098e5cb6f6fa695ba328fae5df2dce27ed52aeae7f6bfa99c4dbba37fc142925bf47bf5cfbd501bcd1a1484748b6630dd624ac7519ccf9592a78ecf462841343bf1ffc5105dfa05266bbba25327d23ed7b6b7b38c4fe9beaeaf527c46490cda674b2135469b0b329e8ee559a69c5239c860b96018cb298ddb89ea2fd86dc9f4da07c4ca91f65ce9f974ff89804af67d14b17efddc3aff069362e41b0ea87660076edac38668ae9f65d779e2007f146c6971d314f6cdf0856e8b8529f73d18093afed0df789bca7b68a135f950e370ea9922c82ba1f76e3a188c9a17c0c7eefcc2b6dcc4c4e26ef58525a5abad8d9b0a34a60084fa41fdc610722950cff5a8e36bc8673c8375da63729293cfd256a9d293bbeccd97ba4cc97c6bd3f38919de5ff39da50eae06c52278c8f0c5d4be0f2c7a8e316be55f9ba52bb7e61f8153cb53102390a3b255ccb122c23d2d6a2ff15329a78c1ee1877d844bf322a778d9153947ebaee8ba2677f313ab76c7b53f82d4bb5eb59875893eeb17805f7bc5149ddc0e5d1fc1da765e0b858b19bf0d6458b4db340990828321893d103f0f00d0446b895b00821f43c4e6fc9ea62e3ef1176e87c747dcbd03beb907304bb94569c9c08030c7a46ad26e915e31802e4de387040f6e6baa66409e156487539267c2d862ae3116b1798482fde40980a926919e1d6800365ccbfde463c1ebd2be9584e079bda8515a578111c510bf47b0b9dc1b0fe1ec1adb77ab8af4e11cfb5d047695b999ee698ee5409f6d9faecebdedc3b06ffe9cf812326238b42cd873be2ed5961c06f47dbe2c5e3fb1ed7aaa64079d521fb1ba559e6936630d755927061af3ca61ec0f72fb7e881d37c6cb91809a45cb940e72d696df79c00430cf4ef68907c1eec927547545d5950c053c14d3f72b456b4e5914716eaa0bf0b3144a6fd74ea894a6cb0929fe7c9847f4e8b28236d30f1c22410e9cc1f90263864f1aec674bdb8eb9b8fc9e67c8464d47fc89f255979382314990d06f84603a2b3851589c17e8610bc4390d90c32a879a6410d3dd6e3ffd142d3ef2ec689b1660c8149f41ad01a57c32c3bcc57a8d4a4b4bdde33db9f159fb80cd582858067040a5e93eedc1d545feb2bb83674226f3a627065c4085613edc621a1b86537ab7ea29c68f85ccb07326cb61bcf4a167bdd9d274113bb9efcac2077967f02a24502416db6a69a080cde818e6d9143399e5a00929095cb4d66e2dc8dd0aa5cb5189a39abf2aaa78a5cf31b371749da49c38dd318523b498244c6d0a8339d4e17ac0b3fb4b9637b27e659edefcc6c72b5b3eb2e031a48fc891d23c22d9eaa17c00e43b17902b6b5c1c4707d139c8b349ec161f0d16c01bfa1086ed7f41621796a35ddd97784f16e37391ef410b7b46cd9ff5b534f75eccf4ccb3951564bb90b24c6797c96311a411d9c94824af4e46b15f87b506f65390691b896cb40f80c07423948a96f5134cf77a819ab335282a86e964b1c0d4272274d5d4a46a6d21c405579b7af9b97e1f18e80f7ff313839009516eb17ac2ed2123ea18735d283dbad91529a9bc8119962c339d631361d0e901ef450f6bc7854674a062a9f2f46e849f387af29b563d8ff27e704c8757c25b4528e1386258acee5ad8945c29c5b3d6d658b91140efb4094ab43b40eab8bf981493683b6e5f433399d2301fe47d55fd3a38c097e9f64ca84a2a7dd1bf2e5862bea3c7bfdc982a7136e02ac9de680932835e2ce55e03afd7edd8e9ae31e49747aca2b889e27b6f6a5c5eb1faf3c27a1552be430a0f94cead7589638e9e3f5338390a31505a5ba9f4b33dfc1a56b171374914e5d6cfe35daf6bf7c5426942774906c17b9104895aaad089abcb2b8394bc8ab1149d1329603f0ad5e1a8ed680de4ee9cf1ff9bdd96ec5f160c3caee60ffc3b2fb236d61a149a22c9565b4709eda838236075779fced397762f1e207b8a28ff823feaf89aa5571bbaaf2565766ba0ab92de9208e7a6b2e1215ad26692de15c5fd130afef1ee79aecdff6fcde6ba554e94328b95522b7de9157642ca42a8d9bc64c77f06d8b8f3b457ba58f6cd8199872fe8c9b0e343017ea85846beb9d413c44847627f0742a316f621de3b4305addebc2b5e7a81b8380c3a45e4317bc988c26d66a3d588a321e8b1ed90e7ca9995608171333bb414873f47c5965878d0cf491d3558e085c6f6010a35cd441f74bb135f33e2ed900f57cff2e53483db5a0dfc649f030943904e1e7278fcd6a6ca624c7076498471f6650bce7b070da8f8c0215634bb62ad81b8b6285e20dbed2cb14bb2d4b92d39ba7da5bc361a6ac7ca61dbdcadf76a8adcb64e1900d24358961112543400bf2fcd2a3cf06f0982873a6108371dd85b8706cfaaf0914de5ea32d76734be8dcdec130253c7414c87fb91937a783def1cbef847a1767899b49b3bbac8f17423368c1f3da426f1ad4d554220d20222842fee73358feef4efae7105194ca570a9bb1bf59d7bab424b93ef29dc0697dd6c3e2e8b02ec377b20ace103de1c2aa8c4f318bc3cf418d1c20e4dc7c3ce31195b29885c6eb1bd1984b4b0eb9f7300cd11f11b06fde62bc404355d41f819304481f68d67fd20a99127292b1306a0a4fe817e78adfc9cc06d6cbf40bc2d209f7a75ee531f6bfe6f5d093660e121ca62b68f070ca244e6a232a4e25d2475d62199a4ac8ad926757afe9f6cd210d123477da280c535bd4ff9d43c55e80510c226e1473a2f6ed8001ea94c71806c28fdfa36a9b5e26355d5a72d4033f5e67e07296b9497e27645dbaa1288567593c9b6daedb58edb828fbdd094a9054ec42b3cf8ec6ccdebe33af8435c6713a905fdb3a0a42b7bc6a15466dab16b727c96db165fb07fab9985945b7b0b10325e446870492372be699c6418628a357345cac042d3a9af9dbc1c7084be61c88f8fe74ef3b6fada4e7c99cb171a03d84e88c4bfe7ba634c1933be1de407fa0f473afb20b4349ebf03aec57427669dc292f2a3d5740748c40a219a96be7a61553758d62cae91c2b62a02ea4ea3b3f5b58217302a4f0fbb9714ce02a34f1c7f86c4570847c50a147744abd299195abf826ab6e00d35c25a86e61103442fb8e6aad3205a4191387075c920846aa67b15b6f56a509d8f22b5995747ab297e23c8093d60a73220dbd288ce52501bf211c48d5020d77fa664c258305b91d0a8ceb2e8019b5fe67f6109ab8c8b16102b675cdeee5e0a0e24d178ffb272864c450828a745b5540e0fc4ed8e5bbeabd96b9cb7930bc3e1ced0ae283031b6a14dea90fc3ed0af0083c1b706e03bace9b097865bbf2dd1b0b951163b2ac8b1b219aa1bf9a24953a2115558642e580ec139c936539dfe711701b88190dcdd9ea1a1aba2973ab396d0c0001cdc4becc65e9eaf804c6f92ff2ca46dc7fcfc4e86619bfbcd48ba667db6a32b1c11acb21bcbe8df1320a4d4164f1188099c0b04bc990342aa71e8ad8dcd80a23443d8ff941d90148d25a5eb9f4d7ae11bbe5ed8d88c72c9f3845c17d69c1b0035b1cc95f98c81cbb0d8ba5651d67d53ca807f13a778d596f0a1215f70f1fac71407431d6618e1ca7cfb18c006bc121d60b833dafb53163ed4a3ce6f5a8708086b7b3ee225d85be372485cad3c235b276b598560c1f477838e250e08af9da899ce53b71bb4466f2e7f39f17d94da3d8cae23c4cc2ed7d203f3ed7f5823cf7469f541a6f16a1618f46b777c2ed02eb86115d81fc7eda31ca4d44685ec42d9874aec045f3679f2ca0425d80a808e6713a3a9cc6a07f936e35d1158dbff8a3e105b68a24b78d84188b60f9587333b2d9e6d9e582ad07039aff0c91277dfdf36f35616c8afb9ca20c079e07d14db41533197faf85dfa9a2acc1a75e25cfec1cbfc1ca3c1e851b3173036bfa9167347f0eb1abbdcd69a98acdbae4b479d016e999b877831c52ae630823046731be83f7e37bd119afd6420ba38aaa127de391a584d5a8de671645f55f981548ba938bff8063abdf4d2769d4f568fbb7b85bd446e543709f427d7c0edf689580b852ed01f340d6c169412bd84ef2dd1574b9ccd7b599e9659b05fe23f033950d2dbdd6231f445e2f4f41977a66b211d12cd2172ee3e8d4e9423ce73c70eb96c674249ce01ba25732c3605d7c7dd5b0064b8b9811228daaa8a0816e1a9de69b8c076ada0439f2686836b0d2af1fba4afa1eedae54c82f6d1bcb02991aa02d6445700e8e6d0ff84e6e3963e6b7bdc63012b30bbac01535e7446d5145938da5c66e5754c1b6629c419a0106ec35f12fd8f6a0f8429eb1bf72c588ef256817beedee01bb3507011a513734681c3e9833cb23f1099a5c0206c00fa9a9181c0cec5c047137d8695496908ecbf49f0d21fed05a0937fd4daf83bec7a8adc031f1b176865c1d783c1c21eb77907cf409674e73a795af620dae65814af340a2b9f5f6c28ea275258ef98ba56ca24aba2f87dd7ed2f3226547a3a5fc111e729f1d399ed7979b00954de05a9e6c3f4e5c2fb5a8cee6a7ff1e7669b88892a37fa4c46e65c94f1d24d83ceaec70e7f5636eec3bdc2573828aa7d14ad84682d74d51333e6672c1bc0bf09adbd98cee184adccbe5ed71cda4343c26e2bdb99461a10212580024b0bbbcf12cfa50d2ade4ece4b3c85eba532d50f8a3bc182665518f8b05c05229306ad3ab1b858ba4f57390f3bf672450146cffaea53d6386db33d10a2845363a9c70a51fce7681b646ee524bc5deb44a82d45e53982b1ed2af14e72612118df962c13eb60bfe5a418c3052378decd565f057720712f593a508ca3fe0fc2c6cb5a56619a746897f7f3021354b46439f094071341ba963a16a0c82e83f1ac79c2638657f22e6aa4e8449398746948634558ff270467b9050fae1eabb5d3c984a288639940011b73f79f2d3cf58f3b74b7b3d09e9fc8dd6d3510becf3865f20d0e9523059aec616a80796c46fc7b8e650389f94d43ad383b0c3ce2bff864db67bb4e5f2401558c939ef7cf5bf1e80e708066f3b54cd13baa4f9732e5207819963ebc2be0854319524815c15233eabc00a4c471d1828744bf2a770f80cab93eccc6ac123fb6cbe9d8bd1c03e1988c8ef7548eea72b6535045dc5239734e6d96aa422a2d79614b5346cb9d4b5011c1842e9849a5a04dd68ca7120ca7b55ba4e4cd9c466ab8c7a092d46cbd970e67d782ff78fa7af0075a94c4a8e28d93a515832a0a47a774a9d6f3ff430360121f5611998f7307063cdd16a69152df6f9b93846fcbbb2ad6bad629d7cc88a5ddec5c58b0bf1be369ca2ae77388a6d3275884de979d91eb22e77f5197b3ff456a7220e3d9fa3dd7596a0516c12ba2609648d0156bde7d49f29211a2e211d021d872e3bf584625ce510b77e1152cb93fb9a838ce6b05823941490b7002a8cefd69d3f425ebfd66d4d65da9f0adca758a967577d1132cb08530db3034dd8e0bfbad5d890815d990ef660224e7b56203362412be0c8142603aa98586086d60ba9107ce7ae3725f84ff3d039d1ce5ad10b634106dc6a6b19ee6e062062f36f66935a6e1422739dee31655a31b76cb422feab7b0fc3ae6a94004ccecfeb2a02907d7b25ff2f0c7d2378d8cae2c88e12a3441d283407ee13fbb96e266ecb2cabf546802d87a50eabed1225b47ea2f6438593c93ddaf13240b157d7dd", 0x1000}, {&(0x7f0000000500)="2ef768aca27ebbccecf2ba4b52cdd8db978388c2dc95c2eaaa63d8095c977c4aa0f15bf3ad4ff81335ab4d", 0x2b}], 0x6, &(0x7f0000002780)=ANY=[@ANYBLOB="18000000000000008400000500000030000000f9ff030000000000000000008400000005000000200000000100000020000000000000008400000008000008ff01000000000000000000000000000118000000000000008400000007000000e000000200000000625777ac12057f493afc17fe811222e7b6574802cef64fb6e72ea1ecc6e7b7b33707967a6b549bdf5fa0050201eedd5e122dd218cf433e7461173344ff39f7583b2cb204d348f02628b262fe69d42e20fb0eed80163547e75945394176f072ad55bd4b8f383d4d75709c3b7cd37ed212989fa0beabe8c11df67a47b50ae9c2e860584c862f75bd1f42e6f4d6ee6d916d3196f03c18cfc8ba8ae4d2f7db83a293486c2969e6b3b61f52ec66883f10f15efa45f148"], 0x68, 0x20000000}, 0x1) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r1, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r1) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000002f40)=0xff) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000002900)=0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000002940)={{{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000002a40)=0xe8) lstat(&(0x7f0000002a80)='./file0/file0\x00', &(0x7f0000002ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getpgrp(0x0) r8 = getuid() r9 = getgid() ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000002b40)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000002b80)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@rand_addr}}, &(0x7f0000002c80)=0xe8) r12 = getgid() fcntl$getownex(r3, 0x10, &(0x7f0000002cc0)={0x0, 0x0}) r14 = geteuid() lstat(&(0x7f0000002d00)='./file0\x00', &(0x7f0000002d40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r3, &(0x7f0000002f00)=[{&(0x7f0000002640)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000028c0)=[{&(0x7f00000026c0)="20056b3affb624879d674c980202387cd0557275fbb41e7089fea80f58d113c493ee7c18136d92289b068aca3f53fecfaf770da9c442f21977e82fac3c916e1fd73c595c40e890341c32e70cab9da8604e861ffdf9b2c00645ba9ac843345b9a347996835f87eb55724f2194266372d7a243140c145ffb03d484138aaa539a36a49910368ecc7e13cb47be4f", 0x8c}], 0x1, &(0x7f0000002dc0)=[@rights={0x20, 0x1, 0x1, [r1, r1, r0]}, @cred={0x20, 0x1, 0x2, r4, r5, r6}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @rights={0x30, 0x1, 0x1, [r0, r0, r1, r1, r2, r2, r0]}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @rights={0x38, 0x1, 0x1, [r3, r3, r2, r1, r2, r0, r0, r3, r2, r0]}, @rights={0x18, 0x1, 0x1, [r3, r0]}], 0x120, 0x14}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:12 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0680000002011076a439cc45300001800000015"]) 22:21:12 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x63fe0000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:12 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000600002011076a439cc45300001800000015"]) 22:21:12 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f00000000c0)) 22:21:12 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004c00682011076a439cc45300001800000015"]) 22:21:12 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00040004c2011076a439cc45300001800000015"]) [ 466.193425] ion_buffer_destroy: buffer still mapped in the kernel [ 466.210589] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 466.217964] FAT-fs (loop1): Filesystem has been set read-only 22:21:12 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0723001002011076a439cc45300001800000015"]) 22:21:12 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e23401002011076a439cc45300001800000015"]) 22:21:12 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xffffff7f) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 466.355626] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 466.362870] FAT-fs (loop1): Filesystem has been set read-only [ 466.500008] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:12 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000140)="16b59f28ee81ec8713fd63954269b1d749021e880381d5e1b24ccccf7f314a0ba09b69d46cd8fbb689435ccdb9eee732fb81a1582dedfd674ff7118c8c19337c8fee1212cd5211f48fca589bd4194dfe1332e2071998dbfd488b68fc95a3246d6f7d00a3aa41c453ca5e3478e32801a64a3381b052dd8fccbe251fd6a094c3ab8130e7f8f470f419be74b831202cab880165a2a9b1e34c5408799a7f43d3549e72e048eabbbe5480a7877814614216a3571c934dfb064bc5b366988c53348431d3308445ff2a57e80f9b23c9da8d") ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) fcntl$setstatus(r2, 0x4, 0x2800) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000240)={0xfffffffffffffff9, 0x8777, 0xffffffffffffffa6, 0x9, 0x5, 0x10000, 0x1000, 0x466a, 0x2, 0x1}) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x110, r1, 0x0) 22:21:12 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0040000682011076a439cc45300001800000015"]) 22:21:12 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e43401002011076a439cc45300001800000015"]) 22:21:12 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00970004c2011076a439cc45300001800000015"]) 22:21:12 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000742011076a439cc45300001800000015"]) 22:21:12 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f00000000c0)) 22:21:12 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x2) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:12 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004800682011076a439cc45300001800000015"]) 22:21:12 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0700900002011076a439cc45300001800000015"]) 22:21:12 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000062011076a439cc45300001800000015"]) 22:21:12 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x300000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:12 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00006004c2011076a439cc45300001800000015"]) 22:21:12 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000640)="7c76aca3f4d0a789ceffadf313338f07a11e930e9f49315758eaf2769e03f297e8ddf8941067597ec9f3370a48c8805ed467e82c89e8f1d503531cd5975fc19de450129b1068220c47fead73e44af9a770686b83293d68a42fed040a30c892cb4c506da4f7beef2bbd58a63a1acedb6cb6344cffef5eec658e4b1acde4cd5b528a642c46b3c9903a6f14a4aefa41dae72a73fae15db95babcdf8ccd7c3c030ad159979777793fd8e020d1eb5e6f2851ebc169fc079410374720e9e3565ab4b0e0913c69963d2dc75a231f7554666fb2677a76b29e4e749efb2250307172268083ffd9f43da45acdafc85ba89789ebf94141801a3f59867d35511140c94e695454cbbf9d466aa4a2113aac0b643434f199d6b88bf7147e19b18985749c82c818d1ad4019a2838242e9fe453ef0c41275f0666dd9b3f522bad482728b0ee70ca27a807e8997e6777bd932873f3752b226c1f14370b90815c3ccbbcb6de9410f682a9d60b14340d8abcaca887834d031d313d2d995760b51270d345d1ba9b5ce47fc4d2c79afaf5aab219f4e4a62018518d25bbe87246dd2078490a386d88880056c84fa7517c387f9f8e8e9a32145f5c6ce35eb966264b9c55fd1e1d69829533701537139d89a11e68838e4e6ce79fe6f63cddbc3eacc8a58475fe3ce1ffe56e3f013afab3b122ef5474bfd627a39e46b4a7cc3418651140173e0e5972ae6a1f2b34db18dd4e04b47796f2b56cdc22599002f2903563393158bff26e50569ba442e59e61ee1cd9e6093c8a6d1100f9237c0ed5abc57021825e1b58dcc06395b6a3f7d5ee9d065d1efa668802205e00c0047f2440a5e5392a2a6dbede9d0f11399fe3ccb82cdb370a2a3b78afc912241897a13ce5ab5e6664e3a79f1f2687409b050e35c1aabfb934db630a4f19831cbab8e6acff5182eccbad0536c97b05e2b635dd3856f9da68ea6776f67e1cb8813071bf34d3d08fe5dcae8d9298cafaa62ba9bd5102b02415775aaea35837385d01e9a5613602fc7607acb39d5b323943f1715a692470073c03149819ac3723dacd99b3fb1b576d0ccdbc4d409799e8d34c5c4e2143acac63a043255cc43f643388dc41d39b911e5279268535281b17283063a3c88bf3083faed48ab747b5b652c11ce951c746d565c8992f4092843468016379ad19850b1cfb7ee3d5e2545f2329cabcf978e3366d30730b7b949706f3450dbf79f9a750305b3dd52d7521e05f2ad70a6c8b2973bdd323c393c177f693b1336ba3d60de3839404c7fa8e2b67aea0a16bebd001fcea677d038cbb3e8a4d4463c0cf457db8faaa5ed678293fa7274fd64a1543e67a37a4b5232cd5132dae04d947cb4808dd1aa188571516e5ce17d768d656a9626637864a9f7f5ef4941ddcc5bc6dfb31f7a72820a197437c4b8bd1172c43db6a4e27b54d1fd18734bf233095e95a4c9890ecac5b4be773abf9454030ba07876af748b99d6142c646d497a49e14547125333cbafcb5d4a210bafe1e6d41600638bcadc424d2c698479b2592c256e4047968c5ba3c58056735237b1da930aec67f964c34398d3c4890be7e4e5da6d4d6c7e8eae5c766c1e770b9608447ff50ae5ce081881b2f437ecbbd85a10f766b5aa70359c70fae30a4c1701a0fc0081668472e65e1b05da4bbf2c01e5298775a89d75e1ae5cd0506ac193e4b52c38801742bb7e224171db4163950e0c632a202411e1e8462e02dd3f6e7374646a5152d76a76e42fe4828763b9d26691de69d9800681c9a13ea55ef99e1114fd6c372bbbe7e1ec2542e566b12495f02c1af50833cb5d3398f2b439eee3fb6f095efc9bc2bdc7d6c9b3aede3b16d5224effd81bdb7ac7f6fa36741ba7affa3d6814a004a576e9b3ae96e9a1007db54ac6f79d665d10e75c0c25d3e7efebc2168be45bd713c71863582077df09f50096fd76bca735a72e3368f5996517cacc4475b90314165f51961116bfd8fdcff99eac428108b44b79c8f5613d276f9341e7ea18b603eb1300dccf3f64f40b4d92a717e896e229c74642ae3c5863ff81a15e9e90e91ef3ebf458f8ef148999db20c8458113c81a9c55b1220f94592d6f7987ab8d19e2e2cb4dcf2a82573ef4bed7ae979b148ec3b592a0346c643b6a2a34cc60b89d16e9afd5383181676102d242e55b29692b8387778c8212aa77faab971aed80bc4936ab6ed78eeb35719b11ceebac9ddba12c409f71ff5f24f04c97f852a8dc5542a201ee406b943e7a0ae0e1c809c3db7fc7c4e16c45a8b06de8d526625c49bbcb1cf20352a0de12ec5b3bee051fea8a00a09cc5e3391cdeff09b9995499f927251dd52bb9cd4f19c5d97514469e66fe5a3679832d45ec63f9f9f96fdb757058916c3006460b328da6bbd945ab141f76f65b819f5c7084cfcb776d754471bae3735a132c099637102cecfb79964478fe368b726a92a56f5b2300a571390cc5762ebde8947e42d4f3dc35e947c3a8a2e3cf9d62f0ea302565518b1bb088aa982c8b1336abe0bb3a46affa962c19e5f82e45a46f91838511d1d22296c6f81183a9807e4ef5a9ddf3edfbdb8fa9a38e17b0e06b2883b4f581c864e00e8623460de0a30b9334bf5681d698aa1efe9a3102b5e55933cb9f7f00f328181c05df2430ef8767a9a116bf2b0f61927ec5527d4141ef967a359c456517f1c0569ae7541c764cbe78738fa6d7eb0a05eeebe8447214f2afe5dc15e0316ac165c3b27c5b3e6ba3c1203d21b42f8d7467af3436c312e6a5a2539c126bef2a6d827defc19f7fe69abd73e4f78cf863c9c077f472cb2e52292a7846950f2fac27e7b93fff5f578d1485ed087ba9554848e2fa342d7b9dce3a6a27b199df700c636f87d121dc6eb6dee29e3fb029952960af1db2d861318a464259794a2d13ae3631abf4caaadf17222198b88a62999b6bad536f0c79355bc41cc3f027a9624d1b6b4517553097faa3abb8e7be475cc0cd13b7bd1dbe6a9ca458ae43692bbabd40b2eedb6f42ce199f953e6c0d10e661f60a5b0151089d5c731edf36333959a30a0d3989b2e3398a789b0551b4878ad6a3038f3247852fcda29d4dea62decbd827920e3184b4a9c4b6f49e2647aa1eab65a2578bbc4026ae2368b28c72da648d66499e1190808eee03a7b5a64ce08ecb759970730fac1970972773672e045be77d8359dc9e7be253700e462203d418f575ad0bffce564da1c38e190a4e580d4f324252c5b9add42f3a7a707dccdc5d26b84ca522e5314355125071fab044e96090ce2462248354b4d4597e630f713d308b21bb423933990592948c3b5df9cdbc9c112e8c7bc1ff5409acb132430cad4e82f4a308c00824579806aca317d3acbe4bd8d43057b5daf5bfeaf48f0ea3626aa7d6eef8c1576103cdff26b1f11ee2b8949cc14312d4b21ddab21479043727557e99b6dd07ca9419f5a11eca47365fefc6b189b2884575c2d945c20d40e4b5648246909872876a9f2deac02da548ad46b371a836afed2fbe05cd19d93badd9d61fe51ee09ed1c27e747ddd41fba1f8709bdc3467c72c22663f0fab030e05ff65ed5c6f42110080e4f355ea5c12454eda6b396f884b0cc1e172e3bb4ace7de571b6d1869998cc8489d18e0682e9abf6caa9363c76b25527de1296357977a8b8b32118c2973d52e57def5ca003623f2d65284461aa9190c0bd9b7f9cf7d4a33206af96454c08099029ce316e5b01c30910ae0ac5d4e52ebef33a36466cccbcfd1d5d698bbc919930113809643ebc1241989c43dbb9a3a06e832566b7a1248aaa5e65e7fbddbc4830763a9eb23c22768432c0c3a11c1d9fc537c5ae88dd0194071d037e6e9760e2d22a2b77893b28fba1f6276121ffdb30a10a245c56cd3e9baa93411e83093f4d4992cce5035d029540d3e3496ec1c3c85c4b0989cf81c98688ab842b1e7becf6f9c4f38cea0dd1d9de2707fb9df3f6cad547d9818c220620e0a48cb2b51bc871aae55a35603e1532fb5bcb44f3171a27aa88218734537368677c6429b94c12dbd5bf0585fd638dd38026468ae551132fa6558c257eb3e78b34930234343000df42843ba489eb5fe1f26458f26bfee9ec38ca943ebf2b276ee9b15d533dbb062883d143bc20f6b1b61d9deb81dbb04ff65e147ab67c73bfe952dcca578614fd4ca60117b19205aae247466f847477afbb9c4a22fbd0f538cfb5073773cc711431f75d4e7241a0a0be5252e5e7bec65d3bd88205200697de9b6649dd0669e3574c446f094b0e47dc21543f30125195edf16b1454d15e078429facf7daa26768c67e241fc284416c829764f5d1ddd96b152b9c31ac58a2ae2974e607d9894007b5159f33299bf316aa367a41634e96508f82fb0b2740eabdbff091b30da3591e8eca62f060ec93ff57be9034898818068453204bea0990b697d397d82a5cd06619404a9bb668180f926559fdc61bc8f3cc2c0b577e6ff58593563a945df8bf4cb7e660a48aac198c71e2992f799c9e0003e0696678935989f6a693eb6ae29191325643d712ac9dea2ed5e7b113c0227a5bdfa4180b4b966b8ecf8f6dcb4d07c713fd56a8b8146d2c831d06311fd48a1afd325318384df1e6daddbafcc7194405f9d5d109b695ec2aa1034029db8c00d83c5cf79c5b0fc32d2868fba272be01dee1e7795b3071d707e186cbb831eb63406419fb7f074f555badf3679bdcba53e89937ce54aa400b326949d65d19f886f411c6b7e4f8956fdcd1546b8b2993e28a2528afc95b5c111312cd2fc549f9bf96a4537afa8d58092b67e176d2e67047e77521a3581a8be7ad547a4316910a9b3c146dbde3b378887b1d9cae252818d7500e7b81aeae825048b54812efe48f6a62c65f687818cfe45013e9a9dbca0d5eccbd5ed1c2c64ecb36c1f90afc9ac0f3c38c97ae062efdea159e77050af556c02f6e84225e61a900958ab4141e938a3ba68a9fa79a93aac6e41a1f33db64fa85eda23a478fda47b90c47b4bb731a831d446bda1d7d707dd1eabfcfd0e5a23cdbd4a39c6e72b57b6971529ccff4e9ba39fc97a589a9183fc5640331f943f5f9fda660d9ede2a4225a6140d222c616c82027a62258205513bdf4e9cde7a7c3b82efbb958b64b95dd1331f115476cb043f2c1a1d76efddf3cd554b3bfc40968b0618514c9723d7fcfc58bc2ccd747afc0dc5c13125250b1bc3a10213a811c9fd2115151b3a0e77ea68f33b298de1273bf6967d30a86a9ef98400f3946fb20923daef82c294fc965abcf3b0ea31d3264e313e31fdeaabccb5704620a58d135586a270c04d632656e470c7d7bf774cc26bd4a8d5b79dca1cd562f94ebc549721753d6f28ceb443246ad3738c6b44fac7803fb88ce0ca1bf2234d0b0b3db9f2655ab144f9aafb22f290e68ffc0a780e3a5c4b637b347b579bd4ce7f740e10a9a42f1814cfaee4d42bd866c4881096219188013fad9b3f225309508353efbcee9df5bce19fc782c0eb6413e5ff829f7c233c4916a57b0f4115a580a3b9aedb7ba2bb221d3a91b329e6eb744b6da7f77f6f5cbf1c69f10487a8dd52a727f2a68b40203a97694e166fd90bcefa359f8989a1526c623170998997ded8360871d2308a6564a8e9082d4e20501ac52dd680b451952d3524ca724dd216ed6371c857504a3abca8904c337c447b20559dd4d6f623ff3a73b7ac1b9e6ddf7c32a1a2a1c9de5fe0e5809dd288a231e9ee4ddfeb52d0282b69d52f5635c012afd4a21708f1ab9d7cfb9e79fcf670eed6b91a9bdd739e7496fa0e749b5e02d14240677c5b2753a66f424bcd6a6") write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000140)={r3, @in={{0x2, 0x4e20, @rand_addr=0x7fffffff}}}, &(0x7f00000002c0)=0x84) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000240)={0x101ff, 0x1, 0x0, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) [ 466.807579] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 466.814817] FAT-fs (loop1): Filesystem has been set read-only 22:21:12 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f00000000c0)) 22:21:12 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f000002011076a439cc45300001800000015"]) [ 466.862150] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 466.869402] FAT-fs (loop1): Filesystem has been set read-only [ 467.029698] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:13 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e42011076a439cc45300001800000015"]) 22:21:13 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000500682011076a439cc45300001800000015"]) 22:21:13 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xf) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:13 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0020000002011076a439cc45300001800000015"]) 22:21:13 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006c004c2011076a439cc45300001800000015"]) 22:21:13 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)) 22:21:13 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x80000, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:13 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007a00682011076a439cc45300001800000015"]) 22:21:13 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f097ffffff2011076a439cc45300001800000015"]) 22:21:13 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134dd2011076a439cc45300001800000015"]) 22:21:13 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x2000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 467.271906] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 467.279281] FAT-fs (loop1): Filesystem has been set read-only 22:21:13 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000140)={0x7ff, 0x10001, 0x1, 0x300}) 22:21:13 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000032011076a439cc45300001800000015"]) [ 467.366623] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 467.373907] FAT-fs (loop1): Filesystem has been set read-only 22:21:13 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000202011076a439cc45300001800000015"]) 22:21:13 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000300682011076a439cc45300001800000015"]) [ 467.456603] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:13 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:13 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00700004c2011076a439cc45300001800000015"]) 22:21:13 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:13 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000300002011076a439cc45300001800000015"]) 22:21:13 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = syz_open_dev$adsp(&(0x7f0000000280)='/dev/adsp#\x00', 0x9, 0x200000) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f00000002c0)={{0x4861, 0x6}, 0x1, 0x7, 0x7, {0xfffffffffffffff8, 0xfffffffffffffff7}, 0x5b5b, 0xe340}) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f00000001c0)=0xc) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) syz_fuse_mount(&(0x7f0000000140)='./file0\x00', 0xc000, r4, r5, 0x1, 0x1002010) 22:21:13 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000402011076a439cc45300001800000015"]) 22:21:13 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xd000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:13 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0097000682011076a439cc45300001800000015"]) 22:21:13 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000500002011076a439cc45300001800000015"]) 22:21:13 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0050000682011076a439cc45300001800000015"]) 22:21:13 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07a3001002011076a439cc45300001800000015"]) 22:21:13 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00048004c2011076a439cc45300001800000015"]) 22:21:13 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xb) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:13 executing program 7: openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:13 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r2, 0x0, 0x61, &(0x7f0000000140)={'filter\x00', 0xef, "1ba9378d6c2a75c3f93c905d4e65e16390861823632ed82ad81e476bb07ae2c6a2bec908d1660ced3fa2f4fdcdbaef97915c9abe135075ea7af32fa40f5673771aaf24283991a0feec92d83384f4509e9878746d5352cd38f6c718f1fc7123f831d4cf8e25bb313ab7615dca0f263cc3d6e065013d99552b8920c495814d3ae9a6491eabf487eca5afacb55fb4454d7cbd3fe1f774bc0b3ee3042492f6b2a9a7c77581d24a7c9d504beddaed03ed4b0591b32282a41d7467148bcfdb4b3b26c8c4fbb8fd4fadaa026903d220e3ae79306fdfaf8781ccb9632d89b6866d6cc106989ced6a629130de8a97683fe84177"}, &(0x7f0000000280)=0x113) r3 = add_key(&(0x7f0000000340)='.request_key_auth\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000640)="251c1f2bf87f36fb745c0287b5262410cdb293e602e3e7a7ddf56337728c19cfb60b41361e389a3f03c68aea7fe037de0882916343469fc756bfb2ce55a34dc36c2dc359dd32234b4ad03530008c1ceb64acca1a8a78d641ddfd2dc7239b930c372fcbed23c99aa799c3195b8ed6fa8b6fdca1cad21b3499c90edc923def536dcf421303c3080d042234849f877633d0fbfeb25825e61b53d9012323d4639fd9e669613f8129a22a039e4c30a863053cd0e552361202785bba226c485e200c24f4076ed6fdf8cd7b863040bd61873f294ddc73110301e0b918b53f531a6c7451dea52345cefd1b3527e5f4cae47a2185aa7a04a0f7875ab13ae105eb52d559af429f1ab2ea25f252bd8e88c1be65f25749965dbe874bc3577bef2a56b52bb7438543811ebb4e7cff9343f3e3ea91676f2ec9acb4aa15b472271f856f8e2bc732770b775e8908c6a8a5f216c5b7d62510eb008b2d68128368453aecdf688ef9476127a607abe7c63b23408eb3e046ffc1e46208ea358f7a148a6066d72496a760985d1c44bfcfe9ef88619f382cfc02a3e3b9bd063368176378994f33c4afb0c570f9eb4430596b10a4789a9b9841b6f2a71e5f29577326144dfbd021ff3688c06e0b9db493dc129f987df84dae605da57a20908e9a92791ab56fd689dc0d7cc716f38c1fc663b6260695737f3412e1315d1d88276a60f4cddfcead6a4cb6c49d23fbc5f27be58a48fd4073b80dd57a7723a9b3a682c5712e7986528479bbb5a0024bff6091a72f71d1ab5f0a063cad84fde8700ad442bce8c19adc8fd155f4f99f0d53441ce9fdf6ea2084bee1070222ab39761f2eb176bc4464f46b6a5d474b2d0a2b84ac9e0df7c547c1a1058d9ec7f9f40ea8eb928fa4318777003ff915b6cd25982723cfce7ddb144be5b85c74afe329c15f8a5f963fae3a30f5dc7ac06fd1a6139a3856b46134aeca4fc0e09b14713a1475bc079b480ed140bd372b4dee22720c83f3f11ac0d767575ff7f9c2f89d10d66fcfc875dbad740f363d01cd2de88d235497a8979b4f3a0f5dff0fdd78c5c84bb106e2b78f272ab847e2d4ebc79abe5c0a510d8af76c2cfe55ce51f395827531d7f4f341446a6a89d1d91af96f7e917fb19e5040f75eba44b40bb9e5027d755d03627161472711fe79767b8e8b2a202e3e08f078e3ceb565c00af2db9e73a4ae4acb779b38d7f00bd7933bb645c1c6ec61442004344acd25b2d15cb491e18bc9b3cf70f689e7f09e77cdbdd0240a7b13caf6679223e8246a6292a769447f7ada433cd742f69c6184da117f8fecbb5a884a6751073b32c400e7cc018aab6f5dd47cadbcbff99b218d32deba27fc3c1742c05d8343be899c85200337ed32502b5d41126d05a5213d3e7bf59f595a56b954953eb8b7fd3c4dac3b323fa4b1e6a59357bcae0c0f359e6ed30cb0d54d72b10d7c0a71f35b08c1c5518899c792e6fae7b37d7821d8f23d4dfe8c561261a11f29c4b30692d9c162b8373236bf748f0f201a43186af666344321c18880fbf609942366189867dd9a90338c57aceba9b348999ffcbe58b17b20b176cf90fe993897293055bf99784aa819ac0eb2daee756c6f27b54f7eba9d519f6e86fcb7dce1ec5a5bffe1c83446fba4b47a42ce0d7a86e80db34f53bec5b43bb786a00852d2bef62c3acd2d16211f65e214a13a253279b6fcde0d4ba026306a45144cb8b59be2811bbbb485405dc292bf7d8121f14bc02d52ec287445009dc51a19edba58e9528011e1eae1b96c23f7d86a4f3d841719dff4d4f865386c4288b6f3af7657f940ccad711041bdffee2eb3a7c546888626ca83a5ba012c487ffd7cd688ea05f27edaa49838f93f499c44f74f4faf72778ff98c28e23f4dd199f5380064a701b363b7c3dbb3ba31759243319e0046c342ba9a061da8c09196e17308771f46aa05bd9aa629f42a84b0d0ee036a641374ca0f8c1d719a2a04011c8133a67d306b6e260bbf68adad38ff525d585389792c3ae44eccbc4709d933c0711f42066cee3cb88ed885961d092385be2e932414ad001d896dc872a51d22f8b3a0985963011293bed700135819c6d901c6faa52e437f4eb1f111449b76ded48f5090a18b9c0416b794e4101198b0632f6c835d6d34322c8f5853d787423e47347667560a970d628130fb102b2939540f8a409e1ed32c76ed886d6aac624a31cce8daa4025ecb46834ec663439eb16982346908d91563339147aa3d59367ec591e451aaa569c70ccdb243261e8df90dcb35ddb14a4d940a2065d0eae9589f489ef306ec72f7d1bec50cf979b08157e76a0dd00a054192b83a13c802e667d1ae5d4515cc05339e8fc392af4a5c8cbc384fb8f31a0d3f8c896a232a5e13e27c2013e6d84e7f83c05e4b66642324a36a674cc9cb2eaf1f37d5578b96de489829d5fc8dbf91be4c44294edf2d62ebf0c63ca4c1537348d86e82bb74267ecdf66b654787c3b1820f2fd9a9b1d3da78e27183890a925eaf0522ec236ae438ced64dec1bb60d8bb03ff22859c92580eea861a3294918a27c3c10c35e5f3e47b15159a39923d7f854b9b5ad91a83df3ab0924ddf1496afc954e1ef89970773ba9443c77839b222460c268e34572328bf7c65a759efc338e2ebd82a701a2aba95f8bcf81c3bfe45309448d60b8917511a8e846cdfc46b84c74f91d9b426ac6fba5f90055644095ba0ff8bf6c5dd24bc142300316a6ac94c53e7dc2981ceb74ef972d26b2714f1c9b1bc0a3434d45d7e48f8974bf51b2e71f12c13d5b64690e24b5ba85de70c4e912d9b4dcd27c817fc162f96918d866f2d206885cd146bf795766ec0c48704a3e83deb7fe79422321d4b6cc48c9be9a103dddbcf47da566f8dcb4aca2e3a3cb10fe4debbeb1c5a9000141f15c0c1aaeda2139b05d7c96223bca9e11a01544c2a27ca48fd0cf9b5e729661772b5b6a93c9053cd308679ea3ecd86989deb42e81ebf5989964d68d7e8088d359a76be306f98f5992eff73b9849b9ce350e8eec06523e263b1f04d7fdb3d6d298dfdf0c035e032735ba7be926fc2173f31a12b6d7eabaab3f40a1ea09ce099a5762838acd496ecf722c50b40710a5f8c1f695faf8563a2e058a8f4a6012937c913af1e74e0167e9b0cbc4a91d30c03c2ed213b3579e5a16e38002675ee2bfa60da2f0eb40ceef546b6d17e54483662934a8c65ded32f806a4181f63f60ad6e423255c0163644cc36a41699c6c8135b733ed5caf96e990c09e1a40e4098a1c801f13efad6ffabf1e85c1163d5c87499a6ac7589ada3f996e7edaab5bc38426ba644d45d69735eb5412118c43c2dd408dccdd72e22e444b156badb219717d65badb0d67bec0e09afbbb86884071b64f5e2145c222f192a9cf4bbb49c06119386230d837d805a8cf7b37ff7d64164464282c3b7903e3fcb3bddde24c232619a72b98d10b5c20d38008ca38d9116144774ed6cee51eacf2aa31385671c3e693076c523794912e8784f7b1ac8b31f609711e4c13fdb1cba20aac761184551f2ed9a883fcce5a6ca41354347fc26d2d5a88b9a762063181fbdde714d8caea3106c6972d4a4e72f2b37175c83c340bd8e6a1040ad596ab1eff800d66ae8eae735111be2cf23e0e96b6fc52fef97ea9f32d3fd706fd84b39682d373fb573d97bd1dea4203839fbf8cac4621cb4f206bd51beb13c7acbd8f151b14a2538c53af6597940dd5959b0df36c22070ae95218114e32115dbeb033cebf2d86b96d4b324173f741ba2d6070fd12cb5a2cc8516cfc2cb74903451cfa7a824c5e4c069bdbd6ada5db5487a60dcce83987c54580ef10ff8331094dff8c47166c196da0c65892e918d1f642b2ec183b4b3d212f92090da0613c7ae1249be46dadc016b58488e4ccdc0afe2b1f010fcfc94067f2fbaa5241a2ccc295b3a645274f5394d569cc3b37f4e01c2aecd47aefcb5013658cd2fad6fe878ec24547c82de177ff5787941d6c62333efcbce5ad85e830d82a58abde338e40913fa695adf1cce0d30161dd8cb2d44d79f6e9c48185d63ee1123d821b23471eeac9e18df285b2ea3aeab31775acff0e3924ad21f461de7fe4bc28c0319a4ec7fa324532f7842cc0214acd5ca22dce51254c6b1f2d8eddb348cfaaa7ba8a0d620813c83ab096814a34d82315f123e71c96481bb43066d75f6fd84a5db9173a72b8c76ad45217fea434775ef26d75ba5e3e710cc06de211289ff5e1370ee1483917b864a37ec20a97f86beff32345029115b1b92a43b3e8e4c093199bcd49f50846782e02fec28ca722b31521c3f96c3b9ecdf2d479c52f198c6ee7cb10b386caaf024999c6252103a684287365024250bf235473cf4d2493248b897d9d8f8baf463cad8887b7325f425c8078dab7dc113d609a1239c145005f966e8f37156c7bb080276abf5f6cea16acfd6e88e1bb7469393bd44164fa7b266ef58cfd16b009e3d0d0cc20746e452e726b9c1143597aba3840dce8f3d62bbaa0f4c08ae205d54ea90002a10002d80a856767c5a4cc10e5a8d355e7f7b84c995543f930dc36aec954d831cf44092aebc387aff44d25100753d45e40741e098e86906f409f87171deea4da809b68cb95eb2822ab06230367772961b6491c375f4ad7ec1fdb8e05d632ac34ac901235eb5b6ff04872244990ec85faeb374951eca3a22621462a76889e5a39ebe6df9dba52c67ab428857c0d62ee62d511624232388e3514c73fbc31e3be38e17c0e3b49a9136e4a799989db653dbc5751f799513d06d3b97c849ea7f106e0398815d9d6c962aac72cf588a69d54a25a8aaf8050a37ef84486694937ae80040123dbfad3ae0213f8604aee06a0b57d5108a54770861e49cf9f83eaba60ceeecdb4d3a92c1b7e81735e2f7fcb376e8188773fe3eb4708838b0dc3b7d9c636c6da99e1f2374c6cb8a52fea6fd37776cc92adc3ede71483b94a43141f424d86cce26d3540535be3329d0ff0ad64890dd2695d4eb09b4093e2adb8692b172fb2daf73893500f8260c80f06f7254ef2e6dc9a83f0820d35b9280883e5dd10fbc1d712eadc7dc94b960f9cdba468e8945fc71bfc0e7f939c8ad55cfd629c3571056c24dfa85bad222bb17b1758546eeb0d01ecc961cece6344e1b74082df010a683c7fe3f81a4c675fcacc26b7236c99c57fa569a2a148be95725e4df7a58aef361bc77b8e56047816e3fa87d7286c8b22505126b6ff855c2ba0a3830f902bb3293c348467e8a4f0fef801abb1c14a547207b013b5333f9aabb596e0d9dffff3a22ee0f462568fe9b6906547812cf0159a772ad51408602dd86acf5539ce3fa343964101f2f26052b095fca3bdce5883296ebfb998efe1481c6d15a3e43f57648baed36b36593602a859867ac84fd4ea8599d1af842da6527c90a446b5c07a2623b521a4aedb4595e5ae762d93ed31e559014b31f36b0459bbd6ae23f2c1568d6fdf6383c8a46abbbf35dc7f00c9145fd3bcb5401707a6840e4b8c0a1c2f861a1fb992feff4d2a3e548d54dc8912cc87045374c835e5beef8d8010f79d40c1c7d2b06584065df40e384a9be3ca040779520b2c29bdc08e92ae2baa3943090b2ac403cd5f6100a899cb761a3d0deaf56970818d2c1db825abc3b875854a58b25034ac90c5ec8cfda14572e28c68807d5495fcb99074b2f90ee1fb17ce90b8db71199c9a05cfe7b66340d1ca19443f6ff520959fe74962787e9c7f347f8d782f2771f6239263c40b5fc98fcb4422b077c5e51326134e22a13e8534664931a2150bb15f33b3a1bb", 0x1000, 0xfffffffffffffff8) add_key(&(0x7f00000002c0)='cifs.spnego\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r3) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 467.884657] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 467.892175] FAT-fs (loop1): Filesystem has been set read-only 22:21:13 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0713001002011076a439cc45300001800000015"]) [ 467.934521] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 467.941810] FAT-fs (loop1): Filesystem has been set read-only [ 468.065714] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:14 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0004800002011076a439cc45300001800000015"]) 22:21:14 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07400004c2011076a439cc45300001800000015"]) 22:21:14 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xfffffffe) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:14 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = semget(0x3, 0x6, 0x8) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000140)=[0xff]) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:14 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f000682011076a439cc45300001800000015"]) 22:21:14 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:14 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0e4ffffff2011076a439cc45300001800000015"]) 22:21:14 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07c3001002011076a439cc45300001800000015"]) 22:21:14 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xd00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:14 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0ffffff972011076a439cc45300001800000015"]) 22:21:14 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006800682011076a439cc45300001800000015"]) 22:21:14 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:14 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {{}, 0x0, 0x0, 0xfffffffffffffffc}], 0x30) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f00000001c0), &(0x7f0000000180)=0x10, 0x1000) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r2, &(0x7f0000000140)={0x1}) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:14 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f06800004c2011076a439cc45300001800000015"]) [ 468.346496] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 468.353815] FAT-fs (loop1): Filesystem has been set read-only 22:21:14 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0050000002011076a439cc45300001800000015"]) [ 468.441528] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 468.448825] FAT-fs (loop1): Filesystem has been set read-only [ 468.524156] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:14 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:14 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000700002011076a439cc45300001800000015"]) 22:21:14 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07a0000682011076a439cc45300001800000015"]) 22:21:14 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xf000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:14 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:14 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000140)=""/46) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:14 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130772011076a439cc45300001800000015"]) 22:21:14 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007a004c2011076a439cc45300001800000015"]) 22:21:14 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0d93401002011076a439cc45300001800000015"]) 22:21:14 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f06c0000682011076a439cc45300001800000015"]) 22:21:14 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x6400) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:14 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00074004c2011076a439cc45300001800000015"]) 22:21:14 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:14 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130732011076a439cc45300001800000015"]) [ 468.767935] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 468.775199] FAT-fs (loop1): Filesystem has been set read-only 22:21:14 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f0000000140)={'icmp6\x00'}, &(0x7f0000000180)=0x1e) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x401, 0x4, 0x1, 'queue0\x00', 0xff}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:14 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af097ffffff2011076a439cc45300001800000015"]) [ 468.866750] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 468.874005] FAT-fs (loop1): Filesystem has been set read-only [ 468.986857] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:15 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007400682011076a439cc45300001800000015"]) 22:21:15 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130792011076a439cc45300001800000015"]) 22:21:15 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af000f0ffff2011076a439cc45300001800000015"]) 22:21:15 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xa) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:15 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0xfffffffffffffd2e) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:15 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0001f004c2011076a439cc45300001800000015"]) 22:21:15 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0753001002011076a439cc45300001800000015"]) 22:21:15 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:15 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) ioctl$TIOCEXCL(r2, 0x540c) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r2, 0xc0505350, &(0x7f0000000140)={{0x400, 0x3ff}, {0xfffffffffffff5d4, 0x32ff}, 0x8, 0x4, 0x3}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:15 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0002000682011076a439cc45300001800000015"]) 22:21:15 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0fdffffff2011076a439cc45300001800000015"]) 22:21:15 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc0400001040000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:15 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004c004c2011076a439cc45300001800000015"]) 22:21:15 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0700900002011076a439cc45300001800000015"]) [ 469.349105] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 469.356358] FAT-fs (loop1): Filesystem has been set read-only 22:21:15 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0fffffffd2011076a439cc45300001800000015"]) [ 469.458349] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 469.465630] FAT-fs (loop1): Filesystem has been set read-only [ 469.517103] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:15 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:15 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e13401002011076a439cc45300001800000015"]) 22:21:15 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000482011076a439cc45300001800000015"]) 22:21:15 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0f00000682011076a439cc45300001800000015"]) 22:21:15 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x6400000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:15 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) utimes(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={{0x0, 0x2710}, {0x0, 0x2710}}) preadv(r2, &(0x7f0000000180), 0x0, 0x0) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f0000000140)) 22:21:15 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:15 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00300004c2011076a439cc45300001800000015"]) 22:21:15 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0060000682011076a439cc45300001800000015"]) 22:21:15 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000130762011076a439cc45300001800000015"]) 22:21:15 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0040000002011076a439cc45300001800000015"]) 22:21:15 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:15 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x1000000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:15 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {{}, 0x0, 0x0, 0x3}], 0x30) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x8}, 0x10) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000200)={0x303, 0x33}, 0x4) [ 469.817191] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 469.824424] FAT-fs (loop1): Filesystem has been set read-only 22:21:15 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f07009004c2011076a439cc45300001800000015"]) 22:21:15 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0020000682011076a439cc45300001800000015"]) [ 469.877701] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 469.885014] FAT-fs (loop1): Filesystem has been set read-only [ 469.958314] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:16 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0ffffffe42011076a439cc45300001800000015"]) 22:21:16 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000072011076a439cc45300001800000015"]) 22:21:16 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000200682011076a439cc45300001800000015"]) 22:21:16 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xfeffffff00000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:16 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = dup2(r1, r0) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x1}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r3, 0x10001}, 0x8) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r4, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r4, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:16 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:16 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00003004c2011076a439cc45300001800000015"]) 22:21:16 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000300002011076a439cc45300001800000015"]) 22:21:16 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:16 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000007682011076a439cc45300001800000015"]) 22:21:16 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000022011076a439cc45300001800000015"]) 22:21:16 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f00000001c0), &(0x7f0000000200)=0xffffffffffffffe8, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000140)=0x8000) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000180)) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:16 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:16 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006c00002011076a439cc45300001800000015"]) [ 470.372505] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 470.380009] FAT-fs (loop1): Filesystem has been set read-only 22:21:16 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00068004c2011076a439cc45300001800000015"]) [ 470.469450] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 470.476690] FAT-fs (loop1): Filesystem has been set read-only 22:21:16 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653002", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:16 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000020682011076a439cc45300001800000015"]) 22:21:16 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000140)={r3, 0x2ad, 0x1f, 0x5}, 0x10) 22:21:16 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0f00000002011076a439cc45300001800000015"]) 22:21:16 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:16 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f0ffff2011076a439cc45300001800000015"]) 22:21:16 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:16 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0003f004c2011076a439cc45300001800000015"]) [ 470.587839] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:16 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000102011076a439cc45300001800000015"]) 22:21:16 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0dc3401002011076a439cc45300001800000015"]) 22:21:16 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000970682011076a439cc45300001800000015"]) 22:21:16 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:16 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00007004c2011076a439cc45300001800000015"]) 22:21:16 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8cee0200) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:16 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000140)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) open_by_handle_at(r1, &(0x7f0000000180)={0x31, 0x480000000, "67313c10585563ca5582c5ce104130d9ff3dd6158a0719dabd77f411ef6afe9a9c5958d6603ce80242"}, 0x81) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 470.818833] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 470.826111] FAT-fs (loop1): Filesystem has been set read-only 22:21:17 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0030000002011076a439cc45300001800000015"]) [ 470.949298] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 470.956571] FAT-fs (loop1): Filesystem has been set read-only 22:21:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653005", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:17 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000600002011076a439cc45300001800000015"]) 22:21:17 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f000682011076a439cc45300001800000015"]) 22:21:17 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f04800004c2011076a439cc45300001800000015"]) 22:21:17 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x4000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:17 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:17 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ppoll(&(0x7f0000000140)=[{r2, 0x1}, {r2, 0x8100}, {r0, 0x2208}, {r0, 0x40}, {r1, 0x8004}, {r2, 0x10}, {r1, 0x4088}], 0x7, &(0x7f0000000200)={r3, r4+30000000}, &(0x7f0000000240)={0x1ff}, 0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) get_thread_area(&(0x7f0000000040)={0x7, 0xffffffff, 0x4000, 0x1, 0x9, 0x20, 0x9, 0x7, 0x3, 0xa1}) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000180)=0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:17 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0100000002011076a439cc45300001800000015"]) 22:21:17 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007400002011076a439cc45300001800000015"]) 22:21:17 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e32011076a439cc45300001800000015"]) 22:21:17 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x600000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 471.285220] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 471.292468] FAT-fs (loop1): Filesystem has been set read-only 22:21:17 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f06c00004c2011076a439cc45300001800000015"]) 22:21:17 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000040682011076a439cc45300001800000015"]) 22:21:17 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007a00002011076a439cc45300001800000015"]) 22:21:17 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000140)=""/96) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:17 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) [ 471.385640] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 471.393147] FAT-fs (loop1): Filesystem has been set read-only 22:21:17 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c653010", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:17 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000003f2011076a439cc45300001800000015"]) 22:21:17 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x80ee020000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:17 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00005004c2011076a439cc45300001800000015"]) 22:21:17 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004800682011076a439cc45300001800000015"]) 22:21:17 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006800002011076a439cc45300001800000015"]) 22:21:17 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000202011076a439cc45300001800000015"]) 22:21:17 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:17 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x700000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 471.725235] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 471.732619] FAT-fs (loop1): Filesystem has been set read-only 22:21:17 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000700682011076a439cc45300001800000015"]) 22:21:17 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000200002011076a439cc45300001800000015"]) 22:21:17 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000682011076a439cc45300001800000015"]) 22:21:17 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0f000004c2011076a439cc45300001800000015"]) 22:21:17 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x5, 0xfffffffffffffffd) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000a40)='/dev/admmidi#\x00', 0x0, 0x0) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f00000001c0)={"88840624aeb39f15878bff254dc2d10a448ee92d6b749dea9e10edf0ad4e368edc352138dcd3b94600ef12699b3952c36e1537f24f6a2906b4af970a19b1cefa8c7e95308b8837abf6952f3c7f84a96f343109d075af56395814821bc2fbb10242af7bdf9bcdb330ee50e20634c0944884ad8930dae83d02907edc225febe08824f8d347c2b8ff61f879bcd45a878d40d15cbfa4bbecadb859848ebe6fff125d8e555f8e494536cbe0a82a70170aed8548680f52598cadfb080846d5b7952551f00d8105ca5e4b4c9d1e13a6f1d318c05fd8a86d5f598035028268ecf34659bb2a4c808524b045ca161d4d66ab6e4ccb279620b08ff119a7e0992bdb1c7ded876cff561b77a88ea98cc805cb1497aacd9653435375ba88a3c8a2cc26bf3efd692fefedcb34f884b2cfd239d6b667cbec8d769ca6293c0bcf00549a75388f9983a03f0c2a27a0fbc59e0208b34e285363ded1188ecbc2b8aa6cda9f351083984c54b6d800039c8b91bef42661e6e052462c1b8413bad084a81f9fff88762fb118bc436f4aa23a7fe3fd23ec00cb5a98cc07ee14efe96a5bd5dcb0238638e2991a4790c28781029eef1282fa6667853c572a343f522b851f1cb99957717f42ef56e032f083b91318a93272c1a6a2ed381459fa11035476498a823570ec004b8818bb6e79a179ef176a752b9b64e75c34ff8a26695dc0a1d8a53128e1ca8d9093863571909fae11c8994e08b0fde8db75a76a8cddf57a52732e600b67229e1004600e737f8bb40ee92f047850de654a021475878a2d2d74b32a41082eba7a2530f961ee12aa02c5e1e9fbfcf391f1a0604c22ce6d12854ca79a1fbe2951a6d6ad5a888c85b8a4524eb8d0b99d713f5411817ac02a75eaa1ac79816b435df0c215737e09ef3e5abbc09711bbd8514ce401040000ae995056e917ed16d4bbfb58d92dfd93764c9be0ff8a115b35cdf66c13a2eabc4018c1da17210bd47dab69a935b737c502f38319d50122ed5aebb904007886ba1a2d854a92f5cc925ea22fc6e60c5c1bb210644cf0055fddbdfd2cd2a848bc765b2659d274a528e52baec175b1938ed46c9f29a14a03164832cf4fd5f8a3d98ffe3e9bb61a0e6f059dd54fd9e8f6ad34ea2942187186d551df80e3fee8adce6ecc00c0b691511bf7beaa9a8f9783999938d0f844910190ec767b86a2bc50aaf0e02b51e25e0dc4177ae1195da0b7689a77fcbc1114ac653456d3ce7fa444adcbe0fb732df6165a9ddf5cb03dbd4170678b5f6e6e547c4cbb42f9c4bbafa3ea1ab0327a658ac1ebac3011e1e668e4281736d5394c1c881af6c922e34ebcb7ff1622410f548a6c65b19045518eb96859c3bc43b54d6bd6153136638cbcef61d2bbd9bcc407c1f4a12276d11a6a1cacbcf605bd67052e8f18b8922afcc793eefb710b9c7bbf21ccb68364f5e0c500"}) getsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f00000007c0), &(0x7f0000000800)=0xb) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(0xffffffffffffffff, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r2, 0xc0bc5351, &(0x7f0000000a80)={0x9, 0x1, 'client0\x00', 0xffffffff80000002, "5515d43f35ebcd02", "65232a81faf6fc5edb445f01722816953c6a139d37c0578052f89b252a93e5cd", 0x5, 0x4}) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000640)={r3}, 0x8) setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f00000005c0)=0x4, 0x4) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f00000009c0)=0x10001, 0x8) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r2, 0xc1205531, &(0x7f0000000680)={0x7fff, 0x40, 0xfffffffffffffffe, 0x4, [], [], [], 0x7, 0x80000001, 0x4, 0x1, "0a5c5cfa8eab7b444c3437f0c9fb95b9"}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) r4 = getpid() ptrace$poke(0xffffffffffffffff, r4, &(0x7f0000000140), 0x698) ioctl$BLKTRACESTOP(r2, 0x1275, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000840), &(0x7f0000000880)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8030, r1, 0x0) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000e80)={0x0, @loopback}, &(0x7f0000000ec0)=0xc) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000f00)={@remote={0xac, 0x14, 0x14, 0xbb}, @loopback=0x7f000001, r5}, 0xc) ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f00000008c0)) r6 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, r6) [ 471.878866] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 471.886290] FAT-fs (loop1): Filesystem has been set read-only 22:21:17 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:18 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:18 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000400682011076a439cc45300001800000015"]) 22:21:18 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x401, 0x40000) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) write$evdev(r0, &(0x7f0000057fa0)=[{{r1, r2/1000+30000}, 0x0, 0x0, 0x527d675d}, {{}, 0x0, 0x40000000}], 0x270) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x80000, 0x0) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000200)={&(0x7f00004dc000/0x1000)=nil, 0x1000}) close(r0) r4 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r5, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r5, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:18 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000700002011076a439cc45300001800000015"]) 22:21:18 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0001f00002011076a439cc45300001800000015"]) 22:21:18 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00020004c2011076a439cc45300001800000015"]) 22:21:18 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x80ee0200) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:18 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:18 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000003f002011076a439cc45300001800000015"]) 22:21:18 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000300682011076a439cc45300001800000015"]) 22:21:18 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0050000002011076a439cc45300001800000015"]) 22:21:18 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000140)={&(0x7f00003e2000/0x4000)=nil, 0x4000}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:18 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x63fe) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 472.327073] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 472.334310] FAT-fs (loop1): Filesystem has been set read-only 22:21:18 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000006002011076a439cc45300001800000015"]) 22:21:18 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006800682011076a439cc45300001800000015"]) 22:21:18 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0070000002011076a439cc45300001800000015"]) [ 472.455127] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 472.462542] FAT-fs (loop1): Filesystem has been set read-only [ 472.589395] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:18 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:18 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00500004c2011076a439cc45300001800000015"]) 22:21:18 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x0, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:18 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000540)=@add_del={0x2, &(0x7f0000000500)='lo\x00', 0x5}) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) r3 = socket(0x0, 0x6, 0x4) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x400000, 0x0) sendmsg$kcm(r3, &(0x7f00000004c0)={&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x4, 0x4, 0x3, 0x2, {0xa, 0x4e22, 0x40, @loopback={0x0, 0x1}, 0x3f}}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)="19c891fbe9cf508d8467b88a9d4f84011273490785608a6e7c316fb8c9afcf638e1d41714898e7d7174eceb8d0e7870368bd033e96dca9f81268aa62aa886d217b5adf0ae9", 0x45}], 0x1, &(0x7f00000002c0)=[{0x18, 0x114, 0xfd, "89c905f94f8645"}, {0xa0, 0x0, 0x8, "ba30fda19a364abaadff0a50459f6675297fd333f965df38efc2b1bc4c19b057008ca5992a1902790fbec6a8e08532d790d017987611a7ead80bd779a6484b3dee7804d1ee34f6adc85cc2b538ae69c63ac554fcb77283c32d7aaf8ad0848aef3afab88375441b4215f7a0efb186ea9e6f288e5bdc8b136399e0836db68fd4956b0f13478158f491e595f833e7"}, {0x60, 0x6, 0x3, "c713be45be59fd9b34d318d6226b399c69518827a4cb2272dc660284c7697c7110b17f03264bc7764f68891d46bb4b587047be6c1dedda515e841aa04d8df7e949406464f53afb253a291583908f"}, {0xd0, 0x110, 0x80, "9271cfa7bfdc93f5fab65dd19d6f5b1111db9720a979eb3b297b267d8ee6b6ddd9e19d0642bc2452242e450151dac580f2cad29d18af38541f0291f38bf35e89c0afddca338ed1bdb6450bc6ad58c43e627a7aec745a117a0437e42deea8a4db55985fa5cf59aead7d337acfb1a13a15323a1a980170600c3123ccaa224db5f694bede944f1430ad5c8d72a4fd3738bd59c1a0c7f2e82fa367fafaba6f1424c7102f87f8a7726d76a0594fedb6a555fbb83182dce66657e33fde9eea6304"}], 0x1e8, 0x40}, 0x20008000) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:18 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0db3401002011076a439cc45300001800000015"]) 22:21:18 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000040002011076a439cc45300001800000015"]) 22:21:18 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000005682011076a439cc45300001800000015"]) 22:21:18 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x4010040c) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:18 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e33401002011076a439cc45300001800000015"]) 22:21:18 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000007a002011076a439cc45300001800000015"]) 22:21:18 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000074682011076a439cc45300001800000015"]) 22:21:18 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x2ee80) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 472.847662] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 472.854944] FAT-fs (loop1): Filesystem has been set read-only 22:21:18 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00400004c2011076a439cc45300001800000015"]) 22:21:18 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000001f2011076a439cc45300001800000015"]) 22:21:18 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:18 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000500002011076a439cc45300001800000015"]) [ 472.970167] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 472.977381] FAT-fs (loop1): Filesystem has been set read-only [ 473.107722] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:19 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0002000002011076a439cc45300001800000015"]) 22:21:19 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fallocate(r0, 0x1, 0xff, 0x6) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:19 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000003f682011076a439cc45300001800000015"]) 22:21:19 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x1000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:19 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000f0002011076a439cc45300001800000015"]) 22:21:19 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000007a4c2011076a439cc45300001800000015"]) 22:21:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:19 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:19 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007a00682011076a439cc45300001800000015"]) 22:21:19 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0006800002011076a439cc45300001800000015"]) 22:21:19 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006c00002011076a439cc45300001800000015"]) 22:21:19 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x4) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:19 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x20000, 0x0) 22:21:19 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004c00002011076a439cc45300001800000015"]) 22:21:19 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000402011076a439cc45300001800000015"]) [ 473.420815] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 473.428312] FAT-fs (loop1): Filesystem has been set read-only 22:21:19 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006c00682011076a439cc45300001800000015"]) 22:21:19 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00074004c2011076a439cc45300001800000015"]) 22:21:19 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)) [ 473.494338] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 473.501611] FAT-fs (loop1): Filesystem has been set read-only 22:21:19 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007009002011076a439cc45300001800000015"]) [ 473.589984] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:19 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:19 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000180)=0x7f) openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x4240, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:19 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0004c00002011076a439cc45300001800000015"]) 22:21:19 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:19 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000004c682011076a439cc45300001800000015"]) 22:21:19 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fallocate(r0, 0x1, 0xff, 0x6) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:19 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000003f4c2011076a439cc45300001800000015"]) 22:21:19 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000001f002011076a439cc45300001800000015"]) 22:21:19 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x200, 0x400) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000180)=0x7, 0x4) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) munmap(&(0x7f000085e000/0x2000)=nil, 0x2000) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:19 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0df3401002011076a439cc45300001800000015"]) 22:21:19 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:19 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000500682011076a439cc45300001800000015"]) [ 473.962572] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 473.969839] FAT-fs (loop1): Filesystem has been set read-only 22:21:20 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f0004c2011076a439cc45300001800000015"]) 22:21:20 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000020002011076a439cc45300001800000015"]) 22:21:20 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0740000002011076a439cc45300001800000015"]) [ 474.038088] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 474.045321] FAT-fs (loop1): Filesystem has been set read-only 22:21:20 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000006682011076a439cc45300001800000015"]) 22:21:20 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f0000000140)={0x2, 0xf967, 0x6, 0x80}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:20 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 474.115180] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:20 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000970002011076a439cc45300001800000015"]) 22:21:20 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0060000002011076a439cc45300001800000015"]) 22:21:20 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000001f4c2011076a439cc45300001800000015"]) 22:21:20 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000102011076a439cc45300001800000015"]) 22:21:20 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004c00682011076a439cc45300001800000015"]) 22:21:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:20 executing program 6: socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f00000002c0)={0x5, {{0xa, 0x4e22, 0x1d6, @mcast2={0xff, 0x2, [], 0x1}, 0x5}}, {{0xa, 0x4e23, 0x49b, @local={0xfe, 0x80, [], 0xaa}, 0x20}}}, 0x108) r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r1, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r1) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f0000000280)=ANY=[@ANYPTR=&(0x7f00000001c0)=ANY=[@ANYBLOB="f73cfd0cf7216478be6916a9bc1a531a858269104e2ad8383d0490197c72d27460b76061b6893358e7db681a3efd1b0525650e1c367e857e9459e91b10b98d29bae88e0935229a89764dfeee28ce02d686e0281ce77c0e046ac318d53bba53dc26584b8b3052d8b502ff8ecc03007c503b7be455c7349003b36a5ba53a9064ef747aef57f1abc867", @ANYRES16=r2, @ANYRES64=r3, @ANYPTR64, @ANYRES16=r2, @ANYPTR64=&(0x7f0000000180)=ANY=[@ANYRES64=r1], @ANYRES64=r1, @ANYRES16=r1]]) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) syz_init_net_socket$llc(0x1a, 0x2, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:20 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x64) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:20 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e4ffffff2011076a439cc45300001800000015"]) 22:21:20 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000005002011076a439cc45300001800000015"]) 22:21:20 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00004004c2011076a439cc45300001800000015"]) 22:21:20 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007009682011076a439cc45300001800000015"]) 22:21:20 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f0000000140)={0x2, 0xf967, 0x6, 0x80}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 474.481661] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 474.488975] FAT-fs (loop1): Filesystem has been set read-only 22:21:20 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000007a682011076a439cc45300001800000015"]) 22:21:20 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000009702011076a439cc45300001800000015"]) 22:21:20 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000006c002011076a439cc45300001800000015"]) [ 474.612842] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 474.620148] FAT-fs (loop1): Filesystem has been set read-only 22:21:20 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xd00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:20 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007a004c2011076a439cc45300001800000015"]) 22:21:20 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$SG_GET_VERSION_NUM(r2, 0x2282, &(0x7f0000000140)) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000180)={0x100000, 0x1000}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, r2, 0x0) 22:21:20 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e53401002011076a439cc45300001800000015"]) 22:21:20 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f0000000140)={0x2, 0xf967, 0x6, 0x80}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 474.764834] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:21 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000006c682011076a439cc45300001800000015"]) 22:21:21 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000007002011076a439cc45300001800000015"]) 22:21:21 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3f00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:21 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x10000000020000) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = syz_open_dev$sndpcmc(&(0x7f00000005c0)='/dev/snd/pcmC#D#c\x00', 0x3, 0x80) r2 = accept4$inet(r1, &(0x7f0000000780), &(0x7f00000007c0)=0xf, 0x80000) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000140)=0x5) write$cgroup_type(r3, &(0x7f00000002c0)='threaded\x00', 0x7d5de1b81abb7328) truncate(&(0x7f0000000580)='./file0\x00', 0x7) ioctl$BLKGETSIZE64(r3, 0x80081272, &(0x7f00000001c0)) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) setsockopt$inet_sctp_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000180)=0x7fff, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000200)=0xe8) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f0000000400)={@xdp={0x2c, 0x3, r4, 0x3}, {&(0x7f0000000240)=""/12, 0xc}, &(0x7f0000000280), 0x20}, 0xa0) 22:21:21 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000006c2011076a439cc45300001800000015"]) 22:21:21 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000744c2011076a439cc45300001800000015"]) 22:21:21 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f0000000140)={0x2, 0xf967, 0x6, 0x80}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:21 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003682011076a439cc45300001800000015"]) 22:21:21 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000400002011076a439cc45300001800000015"]) 22:21:21 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000012011076a439cc45300001800000015"]) 22:21:21 executing program 6: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000000480), 0x0) close(0xffffffffffffffff) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000005c0)=ANY=[@ANYRES16=r0, @ANYPTR=&(0x7f0000000500)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64=r2, @ANYBLOB="38963d7baa061286ca9e749a9bdb191bbbe31765f24960d6648cd4ea9d3f58a105631afc27c7a33ed867886c9985644bdc18ac2e6d8d776d357dc140674f1af53d9d2106c11760e1aecfc7413c720cbe60a93d42b318c8976da688c53f5b69a9dcc32f53e9010f1641d36789dbc359dd61a073983f7fccc0e4ba8ce46a60a2d9ca4ca05a5f8ca559cd3b62ef174b87068def3f5c6f6914143541360482fc19c7c8db65f0da2cad85ce3a699bdb81f72a997e75a012b0eb2165e98e496413d41bd016291745935050f0c3d65df0e9c01c9d55d4283e72073ec4a3a28c006237", @ANYBLOB="b2cef50c44e6e70d11019859decac896fd67ed99d299493512f3e0cb8c219bd5496ad80c830f5a92ec37c3c8f7e2262acc02c3786909494d25f297a221643eb49cddc5459ef685bbe7be2e4483776e52aba7b7e94282c0d1758ff5b5362ed48448abfcc6640c333b50cd4a97d211adb6b14f8e4f64ecdd363b2ddd5a55187b62cfd44d6f917d5c8fb21056db3a024aa074640b9dbe326f8a2c813792ae", @ANYRES64=r3, @ANYRES64=r3, @ANYBLOB="f6b6ab9ee70cb6ed133f17b680941892cb849c4891ef123f93685f90089fdb555e375f4dbc821895195511997ef6364e29a5568976e781c3641d59111a52db698e565c4f6cfa3f87d793aaa487dab0c16dd222e2e836f01a7f0ee5b1b7954fc847aece9e9bc1cd69218beae440a5b934914d2e044dc0df922878fa0625d213abe42e7bfc22"], @ANYRES64, @ANYBLOB="f801d17b2c825a15a392c5b9566627bcc41b2d98031f96d4b59196a145ee8de2fd3727812a2529a993fc6cc76ff1a7"], @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR64=&(0x7f0000000880)=ANY=[@ANYPTR64, @ANYBLOB="db1ca1c9b1b4debbd921b31a886488127d17c03d7bed02e900c8f752f611f4bf4761db39346121592fbcb531b77371d862c9eede4dcb930958b8d3d50999e3c11c2da8352d37bd8e1e87777a3454cca4a92317cfc20fdef8bc0725502b2ed98a4407dbd6010ee85648fb44fe3afa8fa1a68327ac5b2978235ab9902c8b46c922b6674e8448d8e6f584b37e4258a3fca9cb86e4e1a4cf0c949e2638c7fbc1613e57a0042eb5501bb6399269901089348e76ed7aeeefc554801c27b05e2acca4a46070cab38e62884f8ae5e8", @ANYRES16=0x0, @ANYPTR, @ANYRES64=r2], @ANYRES64=r1, @ANYPTR=&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYPTR], @ANYRES64=r0]]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) write$binfmt_aout(r1, &(0x7f0000000140)={{0x1cf, 0x2, 0x401, 0x13e, 0x54, 0x200, 0x2ae, 0x800000000000000}, "52e26246f236c548cd62f7c283877dfc06454a23f33f49a7c2537deee011219b1da7668c3e205c712ae4037910dbfa5437ef2baad91e81a616bb338f91e64af2d400b3545935efa7f499eeaca094259bfac8211ef9abda38afb70bb602eaf4974f56a7adff77d2f7b67354f45bebcbe5ae692759310d2c988778ed3b69fcab791a9513d1d49b6b5c8e879abee94432297a7ffd96baa1afb6cf2a544b5bc669d6d2621e9784e11c27baeda88bca448c9a72a8ae2bf0f772e1b0b33138ab30c492047b81407f55d02842444359b4c3", [[], []]}, 0x2ee) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000440)=0x5) signalfd4(r2, &(0x7f0000000480)={0x3}, 0x8, 0x80800) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 475.097524] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 475.104806] FAT-fs (loop1): Filesystem has been set read-only 22:21:21 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00048004c2011076a439cc45300001800000015"]) 22:21:21 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xe00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 475.211740] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 475.218974] FAT-fs (loop1): Filesystem has been set read-only 22:21:21 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000600682011076a439cc45300001800000015"]) 22:21:21 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000048002011076a439cc45300001800000015"]) [ 475.318986] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:21 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000074002011076a439cc45300001800000015"]) 22:21:21 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000f0682011076a439cc45300001800000015"]) 22:21:21 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0006c00002011076a439cc45300001800000015"]) 22:21:21 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:21 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000064c2011076a439cc45300001800000015"]) 22:21:21 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:21 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x9) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:21 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$VHOST_SET_VRING_ENDIAN(r2, 0x4008af13, &(0x7f0000000440)={0x2, 0x2}) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000003c0)={&(0x7f0000000380)='./file0\x00', r2}, 0x10) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000240)=""/32) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xffffffffffffff86) truncate(&(0x7f0000000200)='./file0\x00', 0xbb83) syz_open_dev$mice(&(0x7f0000000340)='/dev/input/mice\x00', 0x0, 0x8000) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000400)=0x3) get_thread_area(&(0x7f0000000300)={0x4, 0x100000, 0x3000, 0x6, 0x3, 0x1, 0x4, 0x360c, 0xe4, 0x1}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000140)={{0x549, 0x2, 0x2, 0x3, 0x3, 0xffffffff}, 0x3, 0x6, 0x2ce1, 0x6, 0x6d192b1b, "759696360d16ca292e63cabfcf1195a1755332f39bc9c159d744c5cc26de525fd4675d1174cad5f342522d8583f206a7d6af2370a065b3d8ae5455163591ec46f88bb7f8e7ab92e4e611631ef569537d5e0880968f1f5209aa35edf78b0860b89a24f85b4fa1ad30f1bc644353505197336c8d4659bb918ff1a0f05e46b7a70b"}) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={r3, 0x6}, &(0x7f00000002c0)=0x8) 22:21:21 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e62011076a439cc45300001800000015"]) 22:21:21 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0007400682011076a439cc45300001800000015"]) 22:21:21 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) ioctl$BLKBSZSET(r2, 0x40081271, &(0x7f0000000140)=0x1) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:21 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000004c002011076a439cc45300001800000015"]) [ 475.656521] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 475.663831] FAT-fs (loop1): Filesystem has been set read-only 22:21:21 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xd) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:21 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)) 22:21:21 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134db2011076a439cc45300001800000015"]) 22:21:21 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000300002011076a439cc45300001800000015"]) 22:21:21 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000001f682011076a439cc45300001800000015"]) [ 475.780310] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 475.787586] FAT-fs (loop1): Filesystem has been set read-only 22:21:21 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00005004c2011076a439cc45300001800000015"]) 22:21:21 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0xff, 0x200140) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fremovexattr(r1, &(0x7f00000001c0)=@known='com.apple.system.Security\x00') fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getrusage(0x0, &(0x7f0000000200)) [ 475.895884] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:22 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x30000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:22 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)) 22:21:22 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134d92011076a439cc45300001800000015"]) 22:21:22 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000f000002011076a439cc45300001800000015"]) 22:21:22 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000048682011076a439cc45300001800000015"]) 22:21:22 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00006004c2011076a439cc45300001800000015"]) 22:21:22 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000840)=0x0) r4 = geteuid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000880)={0x0, 0x0, 0x0}, &(0x7f00000008c0)=0xc) r6 = getpgid(0xffffffffffffffff) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000900)={{{@in=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000000a00)=0xe8) stat(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r2, &(0x7f0000000b80)=[{&(0x7f0000000140)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000780)=[{&(0x7f00000001c0)="d0cc41efc0c1186d209693bc870974e707fc7d4936ccdfb4366a3af8c069623d79c897", 0x23}, {&(0x7f0000000200)="a430bd758c918cb019fa53c64652cf58d5a9f998e572362dccf4452395b0152f05c28774e49c00d15c7d11b7b7cbbd6edd3ec0278efb80a7faffff8cc2ede3694abfe1f974dd65b630f411e53e5e2e92cfe7906ba8262f17040bb512dad8b59977dc241869557c167c28d6de987811c6519adf84105da9bac6db6862c0af364bd070bb7c6461cd6992ca85ae7a5975b20c4ee57fda07e6067e0e4aaab098ee9500e0e56ea8a229ffeb25aea36e30d43f2edb91a51cdb4f79652ae342d011eb33335b6f5be1233f83ea58fbf992e72a76527d29b34f13", 0xd6}, {&(0x7f0000000300)="38df23c46e280e35c15cc9", 0xb}, {&(0x7f0000000340)="03e8b3f7fbde67231c9287f42ea6b37951254c78aa65454eb424543d9dde3d7bb5f16310c017f1bc54bd92ab8c3e5df267bd7f24591d5778e6a5be1cfcffa07dc678e955db", 0x45}, {&(0x7f00000003c0)="bab66d00e7d53d64f7d93de4a8da45008b001dad324e547a0328b484baa823f19928c760975dc322fb3e0e9855b2954f4ca9a02c8b09c7acb01bb7db3c77b79957d01de2f51f61", 0x47}, {&(0x7f0000000440)="a9e200d8fc591d15636f24b1dd36dc3436f8b3cb92f85b5a235fedf1ecec7b5a613e9b3931f7e4392588ac1e3356f62f4ff35b7adeb79889548e0132503545691c35f7452489d1e83883b62039ebd670ecfdb783cbf3aa31676cc55879b2ba5d2287a53eda0242d9a47e2529debc67d7fcbab0901769de60a35486bd1e91a01852adba3414e61d36bb74bef429aa1c4f1b08fbdaa445e4453beef40c9f9757ea19b938fbec5d96c9b447323bc84c33f2f4f668b5f23c3d04f50ddd8e86f361da01ccb76479ac2c88aa772f1854f5d3f8b461475990e2427ed436ea8de784bfb5fce81de7f721eb8907ff6b9155d34fb487ee2893a879dba21c0276d685", 0xfd}, {&(0x7f0000000540)="1fe64884cf819a4d4a6dff22a57c94460cfd7a3e7eeab311e8d3d14c637104c4d7b5def2b3ca1fbb493e8daaacd2e66058c0176f8f4a16354267b85793ae9eff1c5e67f7672ff091713eed05dd56699e9be633b11f1c032149faffd55100bdfb3419a7c493eb2db35a68b33c3613f5161c2a8b1a70c3897d9c4e578a740f5e966ebd0338bedbc219764f385567a28c3942425198dfe3b7544d0afaa29a85cfc6f89f946d26bde716f6306f214f", 0xad}, {&(0x7f0000000640)="797b299da490f6e6ef7ef32b99b0647b9c46d9ff2f47d8b6aa66132bcf3a584b3965c2b5c4b243e1d0491b316c5dbf086e251d00daf1bed630f6a32974876c250075a660f9ddffe9de3f4699aaf8d0b2c5b771061381b1fff1c248da1f73d525207397d09e602fc95504b86de7f7e2e08b204ae22318c3eb3e110681049ab8eb08ed8b3a999ad7bcb8e3109f240870f5e19f66596d21259a63dfe39443615b5b4e1ad439a36f1ec948628e21e2253fc667487de60bad79391985b91eb0b287dcf2322ccd72568c4788d7b955a429238f50785bc6c44b67a8c2a224fa75bdca068de662197d1776734b6d05516aa69ce8f656783997bd69b4a08dd1", 0xfb}, {&(0x7f0000000740)="dc865c3fb3f65718381968187d62f6c79b0136589b02cfdb7e9339", 0x1b}], 0x9, &(0x7f0000000b00)=[@rights={0x28, 0x1, 0x1, [r2, r0, r1, r0, r1, r2]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @rights={0x18, 0x1, 0x1, [r0]}], 0x80, 0x40}], 0x1, 0x4000) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:22 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000068682011076a439cc45300001800000015"]) 22:21:22 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000042011076a439cc45300001800000015"]) 22:21:22 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x10) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:22 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000068002011076a439cc45300001800000015"]) [ 476.245615] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 476.252957] FAT-fs (loop1): Filesystem has been set read-only 22:21:22 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000006682011076a439cc45300001800000015"]) 22:21:22 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) socketpair(0x1f, 0x1, 0x4, &(0x7f0000000000)) 22:21:22 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0dd3401002011076a439cc45300001800000015"]) 22:21:22 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0006c004c2011076a439cc45300001800000015"]) [ 476.333612] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 476.340914] FAT-fs (loop1): Filesystem has been set read-only [ 476.404344] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530ff", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:22 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003002011076a439cc45300001800000015"]) 22:21:22 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x3, 0x450, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000180], 0x0, &(0x7f0000000140), &(0x7f0000000180)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x2, [{{{0x9, 0x14, 0x8ffd, 'yam0\x00', 'veth0_to_bridge\x00', 'vlan0\x00', 'veth0_to_bridge\x00', @random="1090ca560f62", [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0x0, 0xff, 0x0, 0x0, 0xff], 0x108, 0x108, 0x138, [@cluster={'cluster\x00', 0x10, {{0x5, 0x40008000000, 0xfffffffffffffffd}}}, @arp={'arp\x00', 0x38, {{0x30a, 0xff, 0x4, @loopback=0x7f000001, 0x0, @empty, 0xffffffff, @link_local={0x1, 0x80, 0xc2}, [0xff, 0xff, 0x0, 0xff, 0xff], @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xb1, 0x4}}}]}}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x1}}}}, {{{0x5, 0x40, 0x8808, 'yam0\x00', 'veth0_to_bond\x00', 'ip6gretap0\x00', 'veth0\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xf}, [0x0, 0x0, 0xff, 0x0, 0xff, 0xff], @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x70, 0x110, 0x140}, [@common=@LED={'LED\x00', 0x28, {{'syz1\x00', 0x0, 0x0, 0x577d}}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x8, 'syz0\x00', 0x3ff}}}]}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x7}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x1, [{{{0xd, 0x8, 0x0, 'gre0\x00', 'bond_slave_0\x00', 'bridge_slave_1\x00', 'rose0\x00', @empty, [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], @random="41089351038b", [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], 0x70, 0x118, 0x148}, [@common=@NFLOG={'NFLOG\x00', 0x50, {{0x80000001, 0xeaa, 0x7, 0x1, 0x0, "20391b27c1b6c2b62c2e8a062e00ba03d05a26f42aa6cd8c197394aac4a63477ee46bd613a18c5954061ecb5a985955e198428ae839bd02f4ab4e4187c46c0b1"}}}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffd}}}]}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}]}, 0x4c8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$KDADDIO(r2, 0x4b34, 0xba47) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:22 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00009704c2011076a439cc45300001800000015"]) 22:21:22 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xffffffff00000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:22 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000004c682011076a439cc45300001800000015"]) 22:21:22 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000102011076a439cc45300001800000015"]) 22:21:22 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:22 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004800002011076a439cc45300001800000015"]) 22:21:22 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e12011076a439cc45300001800000015"]) 22:21:22 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000007a682011076a439cc45300001800000015"]) 22:21:22 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x700) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:22 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000004c4c2011076a439cc45300001800000015"]) [ 476.714065] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 476.721336] FAT-fs (loop1): Filesystem has been set read-only 22:21:22 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x400, 0x0) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, @in={0x2, 0x2, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x2c) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={&(0x7f0000000180)={0x10, 0x40030000000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000080)={0x20, 0x2e, 0x119, 0x0, 0x0, {0x2}, [@nested={0xc, 0x0, [@typed={0x8, 0x1, @binary="04"}]}]}, 0x20}, 0x1}, 0x0) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:22 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000004c002011076a439cc45300001800000015"]) 22:21:22 executing program 7: openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f00000e7ff8)=0x3) [ 476.861738] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 476.868995] FAT-fs (loop1): Filesystem has been set read-only [ 476.915629] openvswitch: netlink: Key type 512 is out of range max 29 22:21:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:23 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:23 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000052011076a439cc45300001800000015"]) 22:21:23 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000005682011076a439cc45300001800000015"]) 22:21:23 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000484c2011076a439cc45300001800000015"]) 22:21:23 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x900) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:23 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000003f2011076a439cc45300001800000015"]) 22:21:23 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) getsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000000140)=0x4, &(0x7f0000000180)=0x1) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:23 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000006c682011076a439cc45300001800000015"]) 22:21:23 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000742011076a439cc45300001800000015"]) 22:21:23 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000062011076a439cc45300001800000015"]) 22:21:23 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000f04c2011076a439cc45300001800000015"]) 22:21:23 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:23 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8cffffff00000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:23 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) truncate(&(0x7f0000000140)='./file0\x00', 0x100000000) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:23 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003682011076a439cc45300001800000015"]) [ 477.343646] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 477.350912] FAT-fs (loop1): Filesystem has been set read-only [ 477.439994] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 477.447221] FAT-fs (loop1): Filesystem has been set read-only [ 477.498822] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:23 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e63401002011076a439cc45300001800000015"]) 22:21:23 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000742011076a439cc45300001800000015"]) 22:21:23 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) ioctl$TUNSETLINK(r2, 0x400454cd, 0x33c) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:23 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:23 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000074682011076a439cc45300001800000015"]) 22:21:23 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0004c004c2011076a439cc45300001800000015"]) 22:21:23 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xb00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:23 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000032011076a439cc45300001800000015"]) 22:21:23 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0480000002011076a439cc45300001800000015"]) 22:21:23 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003000000076a439cc45300001800000015"]) 22:21:23 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xf00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:23 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000034c2011076a439cc45300001800000015"]) 22:21:23 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:23 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x40, 0x8400) openat$cgroup_type(r1, &(0x7f0000000180)='cgroup.type\x00', 0x2, 0x0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000240)='threaded\x00', 0x9) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) userfaultfd(0x80800) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000001c0)={r4, 0x9}, &(0x7f0000000200)=0x8) [ 477.739356] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 477.746587] FAT-fs (loop1): Filesystem has been set read-only 22:21:23 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000000062011076a439cc45300001800000015"]) [ 477.827800] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 477.835107] FAT-fs (loop1): Filesystem has been set read-only [ 477.912095] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:24 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000006c2011076a439cc45300001800000015"]) 22:21:24 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000048682011076a439cc45300001800000015"]) 22:21:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x64000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:24 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000204c2011076a439cc45300001800000015"]) 22:21:24 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0fffff0002011076a439cc45300001800000015"]) 22:21:24 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:24 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getpeername(r2, &(0x7f0000000500)=@hci={0x0, 0x0}, &(0x7f0000000580)=0x80) bind$bt_hci(r2, &(0x7f00000005c0)={0x1f, r3, 0xcc33649be076006f}, 0xc) 22:21:24 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0007400002011076a439cc45300001800000015"]) 22:21:24 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000072011076a439cc45300001800000015"]) 22:21:24 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000007682011076a439cc45300001800000015"]) 22:21:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xf00) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:24 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00003004c2011076a439cc45300001800000015"]) [ 478.195717] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 478.203079] FAT-fs (loop1): Filesystem has been set read-only 22:21:24 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:24 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000009702011076a439cc45300001800000015"]) 22:21:24 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x6, 0x420101) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000180)=""/80, &(0x7f0000000200)=0x50) close(r0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) pwritev(r3, &(0x7f00000004c0)=[{&(0x7f0000000240)="71950104b5e97c1b944c4bb9c8f9a05b1e641ca491bf01", 0x17}, {&(0x7f0000000280)="5282014a05857629c0493fa932358bd07056393e5ef9107ab50d1604613784487d8fb364325624aa97b18629cc3fd6d163c1ea1491e73648c8ed7a23c75aa409daa3e3d283dc7e31d60e9382d3acf32dd952f9788caadc7dc465109f0505168f01b70d889dc2e33a79a8b3bfd23436178c730c4866bd61853f9b9e0facd9910044c56d321798555d28e80a37eaf3e380c13841ebffc4f2de9ffe8b22099df6ec54471267d6421fde5feb1ccd93", 0xad}, {&(0x7f0000000340)="64732834771ab91dea9532dae23fa8d1759c4c9a0043d026f3f9bb804187d41565052ae0454c2d6c215fcffe4595680ed39c6179f6b4c425a6c96380b78dde52b0091d261d922ed31bad0c1c44a3f799b197937ecf22ab7eb131eb9889d71e2ada163476f92a4cd5a6409454cbb0ff59fd6d5a4b931aa6b73805ee6a26cbc8f3c0a88c755e99f833cdb51f6f61ded71faf1d3b973c06b25fd6439330ad17d5cf3c8c7ac57122bbd328f92fd6566265ebdbdfa02cf1c6718817a6efb6906a0f2a0c4bd834a6867a491d75b3cf76bececfa796bf744734c31ca8b799afffaa5570dd79b35fad862e1da5125784837226149706c96937e6081f916c0d87", 0xfc}, {&(0x7f0000000440)="f861b3f1386209fcdae66e919ff354c006f88789535ab0d00ba7b5fe181fa3b42c5401dd8ce8e74f57d43cb25cf062730c0820eb9cfff5f769efcfd4717038f4293d08c36751b20678485623f05eac0f7f80e3a760", 0x55}], 0x4, 0x0) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 478.356505] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 478.363947] FAT-fs (loop1): Filesystem has been set read-only [ 478.452850] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c65300f", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:24 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000600002011076a439cc45300001800000015"]) 22:21:24 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00070094c2011076a439cc45300001800000015"]) 22:21:24 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000001f2011076a439cc45300001800000015"]) 22:21:24 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000004682011076a439cc45300001800000015"]) 22:21:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x500000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:24 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:24 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000140)='./file0\x00', 0x20) ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f0000000180)=0x80000001) 22:21:24 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:24 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000002682011076a439cc45300001800000015"]) 22:21:24 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000052011076a439cc45300001800000015"]) 22:21:24 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af087e000002011076a439cc45300001800000015"]) 22:21:24 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8cee020000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:24 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000054c2011076a439cc45300001800000015"]) 22:21:24 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{{0x0, 0x2710}}, {}], 0x30) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000140)={0x0, 0xffe000000000, 0x9, [0x3, 0x6, 0x7, 0x2, 0x2, 0x6, 0x9, 0x40, 0x4]}, &(0x7f0000000180)=0x1a) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000200)={0x100000000, 0x80, 0x8008, 0x6, 0x7, 0x8001, 0x3, 0xa27, 0x0}, &(0x7f0000000240)=0x20) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000001c0)=@assoc_value={r4}, &(0x7f00000000c0)=0x206) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000380)='threaded\x00', 0xffffffffffffff35) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000280)={r3, 0x80}, &(0x7f00000002c0)=0x8) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) creat(&(0x7f0000000300)='./file0\x00', 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 478.704337] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 478.711613] FAT-fs (loop1): Filesystem has been set read-only 22:21:24 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) [ 478.844482] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 478.851950] FAT-fs (loop1): Filesystem has been set read-only 22:21:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:25 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000068682011076a439cc45300001800000015"]) 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000482011076a439cc45300001800000015"]) 22:21:25 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000004c2011076a439cc45300001800000015"]) 22:21:25 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:25 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x86) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:25 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000404c2011076a439cc45300001800000015"]) 22:21:25 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0), 0x0) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000140), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:25 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134de2011076a439cc45300001800000015"]) 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000f02011076a439cc45300001800000015"]) 22:21:25 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a259cc45300001800000015"]) 22:21:25 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) [ 479.153012] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 479.160424] FAT-fs (loop1): Filesystem has been set read-only 22:21:25 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f00000002c0)={0x11, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e24, 0x4, 'lblcr\x00', 0x20, 0x2}, 0x2c) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, r3, 0xe31, 0x70bd2a, 0x25dfdbfd, {0x3}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2=0xe0000002}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_0\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x20}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x80) 22:21:25 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00002004c2011076a439cc45300001800000015"]) 22:21:25 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xa00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 479.199802] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 479.207192] FAT-fs (loop1): Filesystem has been set read-only [ 479.356598] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:25 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af07a0000002011076a439cc45300001800000015"]) 22:21:25 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a099cc45300001800000015"]) 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003000000076a439cc45300001800000015"]) 22:21:25 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3f000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:25 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000074c2011076a439cc45300001800000015"]) 22:21:25 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:25 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) pwrite64(r0, &(0x7f00000007c0)="4b3cdb1396b858d2d59d69a8dca955298ed326c05cd7d83a97ce354640348c54309a38f6c9ee7ed71fadc4a2b322425da508952ed07f9bea0c0d6420422dc49802125a7545c7ee36e8c4a6863fa36fdee23540d176", 0x55, 0x0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f0000000580)=ANY=[@ANYPTR, @ANYRES64, @ANYRES64=r0, @ANYRES32=r3, @ANYPTR=&(0x7f0000000240)=ANY=[@ANYRES16=r3], @ANYPTR64=&(0x7f0000000480)=ANY=[@ANYPTR64=&(0x7f0000000280)=ANY=[@ANYBLOB="5572e972389e07cab2dfca02dc94e94735947df9b3936c47668ca82326e6a4bc95bdf98837e33dbc61cb1717ce63915417880f93b52ac91e4b18aaef043f06641f467f88763b711bd84447b7f485078e0cb538d4c49558f46c2147a9d15f0b7af2250e63e3a4f4cb7ca1a81239c7b85baf6465768bfce606901c8c01abab4e6af09727631f0b03ef4164b63705ec9963f3f442c06c0de5178fa6a686c9", @ANYRES16=r1, @ANYRES32=r0, @ANYPTR64], @ANYPTR=&(0x7f0000000340)=ANY=[@ANYRES16=r3, @ANYPTR], @ANYRES32=r1, @ANYRES16, @ANYRES32=r2, @ANYPTR=&(0x7f0000000380)=ANY=[@ANYRES16=r2, @ANYBLOB="78734c6da0dcdf54a7fee8c8c5d608f3ea15d27705a3f29ff6cc86f18271b2348a063518750c3c9070707b3c75f5218139a402d20a824a8e91fd6c2e00716c5558d894d5b945318dbe72314ae28956fa9b08068bb3acaa163cab2ea6fb1c7416388e03e328fad9b30e3641e4613a3fb5cfaa887c614bbccccb884ee7f2dd66207f82f5a54ad19436930d66f89a1d6a9d078b47e900396d0f9cc7474cff7144b8b8a134cc839f794f74d524bf4e09f0c3131cd7933c9ad0f031eedef736116f540e4809b81630fc339d5a5bf54fcf5a11d39195308010e51aa49aa28c4937f571ff7b404c7c69c352e1cf32924de7b461e13fb7"], @ANYRES32=r3], @ANYRES16=r3, @ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES16, @ANYBLOB='{*', @ANYBLOB="196694849c6e15972ff1f867d07eef45d38ecb88a692b7f31e27304d64d46b79f60ae3adf646f6f2f806f2f32d9a7ee0e8375b10c11ead6efeebd07ba9df77e7b487686bbe8eae88e7ed86de21af0bb9921f3f627ecccfcdd7a7acd22dc1a8a15092eac3907312cb7dfee0b5ac86b4fc8e35ddb78329625b1cd180c190e90594203190eef34855b31245591451ab10ea3062d8e20d5608a5d23e27b4021502f8e4fcdbc9f825d825ff08", @ANYBLOB="c65ff4306be1b8d640d301d07da2ab5469348285066606c9c7991d2d93216206343c3a0279a274d7459683ee6ad97838046a2233a758c51efb8acaf4e86294253a225d5bc158a1b0ca5856acbb58e5ab05bf08e6b2250e125267256f339b8e7cd53bce1409febce7bc7919867155ae9ed66b88a8c7820e48129f9c0baecdd7d42eceb20dcaa11f63d48635876b968e2fb5eeb31786efecac906af7e88afd94bc2ed01778af1af1", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRES32=r3, @ANYRES16=r3, @ANYPTR64, @ANYRES32=r2, @ANYRES16=r1, @ANYRES64=r1, @ANYRES64=r3, @ANYPTR]], @ANYPTR=&(0x7f0000000540)=ANY=[@ANYRES16=r1, @ANYPTR=&(0x7f0000000500)=ANY=[@ANYRES16=r3], @ANYRES64=r1, @ANYRES16=0x0]]) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f00000005c0)='./file0\x00', 0x3, 0x5, &(0x7f0000000c00)=[{&(0x7f0000000880)="c40562867f40f174c022b657ecf90d77ea0528243cd8e97e0c33b65fab493613cdbc5ee2adbb2a996de28ba82265d50dd09c10243146ae7f0bef0ba16db8f620f388a087701ede5cd3dc6cf1867361f32e6985e284062e8a69baf08f09d1881bcdc5204f5198fba25cddc32e08d4c9b857301f9506baa140104f896b50dadb650898dd41025763cb13cc50455be72c500b0e70d76db555ee615beb8cc29c58616de72f9e0827f7ad79dd2016e71a1f60f28c6d28e840862e45499eeee2fbb335bf3412c86c6adf6363d4e6a16576aff3cfec4c5ce91ebbb44ce4b2fe16848d43508a5000c7ea750fcc7e3113", 0xec, 0x8b}, {&(0x7f0000000980)="fedbaead83fb2fb68e8506033feb5071bc846c5e3d41c8532d1c628145a9b068458727a499cf3508bf116841137982fd600becf37cc81a72d8c4d0a7697c5a354d3564f21b7b2a9d48bf7083daa7713ff2e45378202b53df28a23f61b781b856752335654cc089fc5c7e", 0x6a, 0x200}, {&(0x7f0000000a00)="7fdea55a50a2962ba6dda9308396a65c3a5587724835e4ee741864a7f6ed4d7be2e3566cc54e696ada70d8f58a1b3727cf2f76e5a555a763461a2c0e1a8f5270b6a52063b5342df0e440600c2c0e088c4472f2db152808f8c67d52c6ea867a966711273d87ae4c492497667a836d9d02a0f42f7fcc73b1e401fcd3bd546d91a6f028ac90529b443297602044828dc8118b70238c5ea761cf4757e09b", 0x9c, 0x2}, {&(0x7f0000000ac0)="534c05066abb83c76f41f9c51fb406876e9ed33d32a349a279385f4d9ef46e058dd04c9b696e40908bdf043370", 0x2d}, {&(0x7f0000000b00)="1302e4738899cf1013b053609903d67fe5b0649dc8ae1142984f8fc9f390a9ff1995ee8e0466190737976698f688031775f669f546f019e8628b9d1a8c115cb9fbeccc3e739908123052d1f5a838131b6a9abafb45b575cb2733fbfaedd2610e32065f8acdf9797cfa391684a30be2d72bc908567484b1f09e9681fa1f5f11f3be05b50bb206815c7ea7042fa04fb50a1efdd1b11ead725cf1411bd77760b0a8d88827af2c2f43bb85c500ceb3c080c5285bde340c0a4395c122e7945184981c14389d9405484fe38bb5bfbe044d43a245c281303ae34dc4feb2925f8a76f2", 0xdf, 0x8}], 0xa0, &(0x7f0000000c80)={[{@errors_continue='errors=continue', 0x2c}, {@discard='discard', 0x2c}, {@allow_utime={'allow_utime', 0x3d, [0x37, 0x36, 0x35, 0x32, 0x10000, 0x35, 0x32]}, 0x2c}, {@sys_immutable='sys_immutable', 0x2c}]}) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) close(r1) fstatfs(r0, &(0x7f0000000140)=""/142) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000cc0)=ANY=[@ANYBLOB="06000000000000000700000006000000ff0f00000700000001000000000000001ae7b556bc5b4000000080020000000d000000000000000000000007000080080000000000000002000000ff030000000000000400000001000000010000000400000001096c00000000000019000080f2a800000800000001000000040000060000000001000080030000000000c039600000000000000120000000c5be0bd6865eaa09c0739419a486c816496d789197552cce92bfbd73a8eff43d6066b6c3112463b1642a0b3dd6ec26b4bd0b87741a18264136d546c1424fb1d0f21e6e7cd16394df33a925f44738aa65a33b155f9f7aafb489eaab92b5e3891802dae159b61397ebee0c72e915c5a35fa96c23ff2de425fe124363988721ba5ef3ad9430449965d56d8ba1f9601a25d3e731d88cb5b439cd49041ddef412"]) 22:21:25 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0e03401002011076a439cc45300001800000015"]) 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000202011076a439cc45300001800000015"]) 22:21:25 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc42500001800000015"]) 22:21:25 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x500) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:25 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000006c4c2011076a439cc45300001800000015"]) 22:21:25 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x101000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 479.658107] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 479.665335] FAT-fs (loop1): Filesystem has been set read-only 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000f0002011076a439cc45300001800000015"]) 22:21:25 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0da3401002011076a439cc45300001800000015"]) [ 479.750759] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 479.758041] FAT-fs (loop1): Filesystem has been set read-only [ 479.828741] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:25 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45374001800000015"]) 22:21:25 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:25 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000007002011076a439cc45300001800000015"]) 22:21:25 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00068004c2011076a439cc45300001800000015"]) 22:21:25 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x3) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:25 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:25 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af06c0000002011076a439cc45300001800000015"]) 22:21:26 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300f01800000015"]) 22:21:26 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000006c002011076a439cc45300001800000015"]) 22:21:26 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00007004c2011076a439cc45300001800000015"]) 22:21:26 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af04c0000002011076a439cc45300001800000015"]) 22:21:26 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x2829c) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 480.144612] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 480.151871] FAT-fs (loop1): Filesystem has been set read-only 22:21:26 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:26 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000402011076a439cc45300001800000015"]) 22:21:26 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300071800000015"]) [ 480.281954] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 480.289196] FAT-fs (loop1): Filesystem has been set read-only [ 480.342121] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:26 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0), 0xfffffffffffffcc3) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000640), &(0x7f0000000680)=0x4) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000380)={0x34ce, 0x200, 0x4, 0x4, 0x0}, &(0x7f00000003c0)=0x10) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000400)={r3, @in6={{0xa, 0x4e23, 0x4, @local={0xfe, 0x80, [], 0xaa}, 0xa25}}, 0x1, 0x4}, &(0x7f00000004c0)=0x90) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) getsockopt$inet_buf(r1, 0x0, 0x4, &(0x7f0000000180)=""/159, &(0x7f0000000240)=0x9f) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) getdents(r4, &(0x7f0000000180)=""/100, 0x18) getdents(r4, &(0x7f0000000580)=""/145, 0x91) setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, &(0x7f00000002c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) faccessat(r2, &(0x7f0000000140)='./file0\x00', 0x41, 0x200) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000280)=0x3, 0x4) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000300)={'security\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000500), &(0x7f0000000540)=0x4) 22:21:26 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0007a00002011076a439cc45300001800000015"]) 22:21:26 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000684c2011076a439cc45300001800000015"]) 22:21:26 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:26 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xe00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:26 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000074002011076a439cc45300001800000015"]) 22:21:26 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc4536c001800000015"]) 22:21:26 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0020000002011076a439cc45300001800000015"]) 22:21:26 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000048002011076a439cc45300001800000015"]) 22:21:26 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45368001800000015"]) [ 480.560065] FAT-fs (loop6): Unrecognized mount option "Ÿ" or missing value 22:21:26 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000007a2011076a439cc45300001800000015"]) 22:21:26 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x86000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:26 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000044c2011076a439cc45300001800000015"]) 22:21:26 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) [ 480.635689] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 480.642922] FAT-fs (loop1): Filesystem has been set read-only 22:21:26 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) setsockopt$inet_int(r1, 0x0, 0x16, &(0x7f0000000140)=0xffffffffffff0ccf, 0x4) r2 = creat(&(0x7f0000000640)='./file0\x00', 0x2) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) close(r3) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/user\x00') ioctl$BLKBSZSET(r3, 0xb703, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f0000000440)=ANY=[@ANYPTR, @ANYPTR=&(0x7f00000001c0)=ANY=[@ANYPTR, @ANYBLOB="3bc46a284e2877aeff7fc8cc729c7b31e27f92c5b26e8e70cee649fdad1951d98edc66056c5055072c395999752a3583198c4669749ff96bb24ad77b1e189d1cdbc5c9b1db0e8054d72e9a3a6241bcb155308e1fcf1580a540179a4b8d05d9dd58704010148b5b9961017e268801e8f3b560c910eef949d07bc5941376c67bd75dfeedd0700ee3c7462dfe4133ebb2e30c32c4c92fa77c716c6dc26f33b883011fa82c0a", @ANYBLOB="f8502cd90adb7f", @ANYRES32], @ANYPTR=&(0x7f0000000340)=ANY=[@ANYBLOB="0de1fe029980b8f3ee15f36b7f4406a4fee7d6eafcea3d1d559858237d91f0fffda91ed9b0d02cde9c3c9ea4d7480f29e90ae7715cc9513ddc5bf465d2c7d384429cab951e444037a84d91965a6cd82d38e98a6b8bd817dadd41da304f896e3568ef55213ac8a5471c870b9ebf82a828f8449e70dbc7dc1bd7829693058ffd1ce8ac924a2b2868833af5e7bdd86a13549175e48213a28faa3c92bddb47c4e5d2e9bd0327860109398fb165007395", @ANYPTR=&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYRES32=r0, @ANYPTR, @ANYPTR64, @ANYRES16=r4, @ANYPTR, @ANYRES16=r1, @ANYRES16=r0], @ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYRES64=r2, @ANYPTR64], @ANYRES16=0x0, @ANYPTR=&(0x7f0000000300)=ANY=[@ANYPTR64, @ANYRES16=r1, @ANYRES64=r4], @ANYRES16=0x0], @ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="da071a65dc65d26b43acbbe991219aefd2f0ecdd5146036b7f34d31261ed48a3afad8ba04c66f93cfe7c8c962fe55d7579d2bf99d3bbb397c18fb12c905a7fc36aefc3be0e11eeaeef0ccda2a8f9202136bf9256553d03f0f58b9aedbd32016002d987457b0586ac79e2c98f9a4a7dd65f4e72964fb8696b1189835ca800d8b0d2c24318d7936cb27b51dcade07efe4919db801fd0426f476869", @ANYBLOB="ce4cf303c6147324f991b08627f73d1c3ba42797fbe81de4a934e500fde5296f3b94d16986d099237c3b1c0e432bb2e123aed76cde845e35035108ad927cf29ee9ff274ea4d2b0494f2c68617942f16571609ae4fe318a6870053d46ec4d91f72357bf7a6c8d10b27552a86bb6422bdc84bccf74edbbfcf0f91674df3a3ab8cb4945c10babbec46844c00166c83d573aec4cfca412ada4a27813f385869ec0c98659e1d30ccceb302d5ff77791130e561b179370aff2704d10c96dd686a87d", @ANYRES32=0x0]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r2, 0x111, 0x4, 0x1, 0x4) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 480.770889] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 480.778138] FAT-fs (loop1): Filesystem has been set read-only [ 480.855309] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:26 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e52011076a439cc45300001800000015"]) 22:21:26 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x600) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:26 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453004c1800000015"]) 22:21:26 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000002002011076a439cc45300001800000015"]) 22:21:26 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x0, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:26 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000004c4c2011076a439cc45300001800000015"]) 22:21:26 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r0, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:27 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000070092011076a439cc45300001800000015"]) 22:21:27 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300201800000015"]) 22:21:27 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0097000002011076a439cc45300001800000015"]) 22:21:27 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) [ 481.101470] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 481.108774] FAT-fs (loop1): Filesystem has been set read-only 22:21:27 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x30) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:27 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) umount2(&(0x7f0000000440)='./file0\x00', 0xc) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000380)={0xffffffff}, 0x13f, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r2, &(0x7f0000000400)={0x5, 0x10, 0xfa00, {&(0x7f0000000180), r3, 0x1}}, 0x18) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) readlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000640)=""/4096, 0x1000) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:27 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000484c2011076a439cc45300001800000015"]) [ 481.181067] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 481.188365] FAT-fs (loop1): Filesystem has been set read-only 22:21:27 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000007a002011076a439cc45300001800000015"]) [ 481.310359] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:27 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000134e22011076a439cc45300001800000015"]) 22:21:27 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300031800000015"]) 22:21:27 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000034c2011076a439cc45300001800000015"]) 22:21:27 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:27 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000006002011076a439cc45300001800000015"]) 22:21:27 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:27 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000ffdbdf2501000000280006000900000008000400fc780000"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mixer\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000340)='./file0\x00', 0x3f) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f00000002c0)={0x2, 0x7ff}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:27 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300681800000015"]) 22:21:27 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af000f000002011076a439cc45300001800000015"]) 22:21:27 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003002011076a439cc45300001800000015"]) 22:21:27 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000054c2011076a439cc45300001800000015"]) 22:21:27 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x200000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:27 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) syz_mount_image$ntfs(&(0x7f0000000140)='ntfs\x00', &(0x7f0000000180)='./file0\x00', 0x2, 0x3, &(0x7f0000000340)=[{&(0x7f00000001c0), 0x0, 0x9}, {&(0x7f0000000200)="2a9ec9c3e18d8673fe1556d6bcf9700cb013c226dd605e3a081bc20cac1dae9320d3dc249ad6799e2a98ff438df46f705576466aa3982cab1c1414055ae32c595336cef5fc8a8faa98433c22eb90abcd4d47ec1f689d8a01e15399d29adea5dfcacd437de948782cf0b7d2956a2860148851765e291a83829c894222a97811ab5a5d011dc3c6087108185cc177b01eba370afc318a8006eaaaebc54fa64594fabaf486a21aed156a6ecd576793a6c90be1b5f374bbc430dc524355507866b057b45a1b45f4fef19f75d9db77e0799671068f1577adcc56ee91bd70f727", 0xdd, 0x2f9}, {&(0x7f0000000300)="88ac4ee6dd64291fa4a0", 0xa, 0x1f}], 0x2400, &(0x7f00000003c0)={[{@errors_recover='errors=recover', 0x2c}, {@uid={'uid', 0x3d, [0x78, 0x2d, 0x3d, 0x37]}, 0x2c}]}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 481.627378] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 481.634769] FAT-fs (loop1): Filesystem has been set read-only 22:21:27 executing program 7: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)) 22:21:27 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000005002011076a439cc45300001800000015"]) [ 481.745478] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 481.752736] FAT-fs (loop1): Filesystem has been set read-only [ 481.858771] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:27 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0004000002011076a439cc45300001800000015"]) 22:21:27 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300401800000015"]) 22:21:27 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xc00000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:27 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000007a4c2011076a439cc45300001800000015"]) 22:21:27 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000068002011076a439cc45300001800000015"]) 22:21:28 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x4, 0x4d0000) r2 = accept4$inet(r1, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000280)=0x400, 0x4) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000300)='team\x00') getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @rand_addr}}}}, &(0x7f0000000440)=0xe8) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000480)={0x0, @broadcast, @local}, &(0x7f00000004c0)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000500)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6}}, &(0x7f0000000640)=0xe8) getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000680)={@dev, 0x0}, &(0x7f00000006c0)=0x14) getpeername$packet(r1, &(0x7f0000000700)={0x0, 0x0, 0x0}, &(0x7f0000000740)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000780)={{{@in=@rand_addr, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000880)=0xe8) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000008c0)={0x0, @empty, @remote}, &(0x7f0000000900)=0xc) getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000940)={@multicast2, @multicast2, 0x0}, &(0x7f0000000980)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000009c0)={'team0\x00', 0x0}) getsockname$packet(r3, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000a40)=0x14) getsockopt$inet_mreqn(r3, 0x0, 0x0, &(0x7f0000000a80)={@broadcast, @broadcast, 0x0}, &(0x7f0000000ac0)=0xc) accept4$packet(r1, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000001080)=0x14, 0x80800) getsockopt$inet6_mreq(r3, 0x29, 0x1f, &(0x7f00000010c0)={@local, 0x0}, &(0x7f0000001100)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000001140)={'vcan0\x00', 0x0}) getpeername$packet(r3, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000011c0)=0x14) accept4$packet(r3, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000014c0)=0x14, 0x800) getpeername$packet(r3, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000001600)=0x14) getsockname$packet(r3, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000001680)=0x14) getsockname$packet(r1, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000001740)=0x14) accept$packet(r3, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f00000017c0)=0x14) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001800)={'eql\x00', 0x0}) recvmsg(r2, &(0x7f0000001c40)={&(0x7f0000001840)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000001bc0)=[{&(0x7f00000018c0)=""/32, 0x20}, {&(0x7f0000001900)=""/150, 0x96}, {&(0x7f00000019c0)=""/249, 0xf9}, {&(0x7f0000001ac0)=""/35, 0x23}, {&(0x7f0000001b00)=""/154, 0x9a}], 0x5, 0x0, 0x0, 0x1528}, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000001c80)={0x0, @broadcast, @remote}, &(0x7f0000001cc0)=0xc) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000002280)={'team_slave_0\x00', 0x0}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000002c80)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000002c40)={&(0x7f00000022c0)={0x958, r4, 0x110, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0x74, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xfffffffffffffffd}}}]}}, {{0x8, 0x1, r6}, {0xcc, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r8}, {0xf0, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x80}}}]}}, {{0x8, 0x1, r11}, {0x254, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xb6}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r12}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0xc, 0x4, [{0x8, 0x5, 0x5, 0x3}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x7a3}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xfffffffffffffffe}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r14}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r15}}, {0x8, 0x7}}}]}}, {{0x8, 0x1, r16}, {0x1f4, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r17}}, {0x8, 0x7}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r18}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}, {0x8, 0x6, r19}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x200}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r20}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r21}}}]}}, {{0x8, 0x1, r22}, {0x1e0, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1f}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r23}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xdad9}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x949}}, {0x8, 0x6, r24}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r25}}, {0x8, 0x7}}}]}}, {{0x8, 0x1, r26}, {0xb4, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r27}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5000000}}}]}}]}, 0x958}, 0x1, 0x0, 0x0, 0x90}, 0x20004004) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000180)={0xffffffff}, 0x13f, 0x5}}, 0x20) ioctl$BLKFLSBUF(r3, 0x1261, &(0x7f0000000240)=0x4) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, &(0x7f0000000200)={0x4, 0x8, 0xfa00, {r29, 0x100}}, 0x10) 22:21:28 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000006002011076a439cc45300001800000015"]) 22:21:28 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xffffff8c) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:28 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000004002011076a439cc45300001800000015"]) 22:21:28 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000744c2011076a439cc45300001800000015"]) 22:21:28 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453006c1800000015"]) 22:21:28 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af000004c002011076a439cc45300001800000015"]) [ 482.138250] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 482.145492] FAT-fs (loop1): Filesystem has been set read-only 22:21:28 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:28 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x6) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:28 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45309701800000015"]) [ 482.238692] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 482.245996] FAT-fs (loop1): Filesystem has been set read-only [ 482.312907] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:28 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000684c2011076a439cc45300001800000015"]) 22:21:28 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f00000004c0)='./file0\x00', 0x40) recvmsg$kcm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/23, 0x17}, {&(0x7f00000001c0)=""/61, 0x3d}, {&(0x7f0000000200)=""/127, 0x7f}, {&(0x7f0000000280)=""/56, 0x38}, {&(0x7f00000002c0)=""/52, 0x34}], 0x5, &(0x7f0000000380)=""/254, 0xfe, 0x1ff}, 0x40000021) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f0000000b00)=ANY=[@ANYRES64=0x0, @ANYPTR=&(0x7f0000000180)=ANY=[@ANYRES16=r2, @ANYPTR64=&(0x7f0000000840)=ANY=[@ANYPTR, @ANYPTR, @ANYBLOB="36d8c9c1682cbb23595db72bcb467ede081f41f0b0f039d299c637ef3c7b98dbbc0ecc34f6ab0530b5ea7eabc6c9e414c2edf14b8564065d8bd5832c3299f15400454b1b90684eef57009fd7c3f500bcc336d8586493db10ba841b72c8ca1c7ec5967fcb216efd46dc5e45727e055ac35b166458eef4934de1f49c0b8ab11bc416dd01194c6923c1a65ce2d1659bd92fd288b7309b8a0e967c6f27ef36bf8d43d61d4d6df7007d06e21da3c0349a3aab130ea69099392e", @ANYRES64=r3], @ANYRES64, @ANYRES64=r0, @ANYPTR64=&(0x7f0000000940)=ANY=[@ANYBLOB="33119b17c978c974553f7e51945936c8951536ce2857dc12f7298ecb3eb105cf9b531abb3aa86ff410c023b44d79844a8323a647865ad2a0b3d5fe7981a6afd013161a52fa73006d3c9e6f14ca2ae1316bbbf42b485cbfa8990b9d0329d7635b61c01f68804e5de4e9e08206aa9002f3ee5c03e4538a0aa2d1d567250e45cc1d5f33b07b85fc79c1644564f08ed5af1ffb9f254ec5522d59b781b1170788af0ceda4ca7e6502c5f5f86b6f93f8cfb5a3dd6a979945a66e16bded951dfc496a5272d022b6e0a6832c2e566fb1552f2ab909375f5e8cf59add51227339a2bb5e43e3bf6a9cf9a90a1724091368a0", @ANYPTR, @ANYRES64=r1, @ANYRES32=r3, @ANYRES16=r0, @ANYBLOB="00078357b25a01aa6bc0393602790084f9a44e9856116418bde7ac250505fd1c43b9030fb1e64f2aec4e206f9a79f2eb722439ca659e0da50a34c51c21c6fd1908740754ca4ee35c3b008f4f8ac160a8191ed2490db916b6bdf6ba77527737a8510f76890f4c24cf6ebd5e345344b48b6b7a2d516160843bac63a2f58f3086dc0c85bb1e", @ANYPTR], @ANYRES16=r0, @ANYRES32=0x0, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYBLOB="c77e9b078db3b09a2d07cd1d4af8087db3caf19443313579f9716207405b48d2249306fafddd8204c49f653efeff6a8e5b155e6329bb3004ae381a8103a6f627f6fd5450d2fa847179", @ANYPTR], @ANYRES64=r0], @ANYRES16=r3]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:28 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000300002011076a439cc45300001800000015"]) 22:21:28 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000007a2011076a439cc45300001800000015"]) 22:21:28 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45306001800000015"]) 22:21:28 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xe) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:28 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300001800000015"]) 22:21:28 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000048002011076a439cc45300001800000015"]) 22:21:28 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45305001800000015"]) 22:21:28 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000003000000076a439cc45300001800000015"]) 22:21:28 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) fcntl$getownex(r1, 0x10, &(0x7f0000000140)) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:28 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000742011076a439cc45300001800000015"]) 22:21:28 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x8600000000000000) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 482.640213] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 482.647484] FAT-fs (loop1): Filesystem has been set read-only [ 482.737867] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 482.745104] FAT-fs (loop1): Filesystem has been set read-only 22:21:28 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000074002011076a439cc45300001800000015"]) 22:21:28 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45302001800000015"]) [ 482.826468] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530ff", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:29 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000042011076a439cc45300001800000015"]) 22:21:29 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000064c2011076a439cc45300001800000015"]) 22:21:29 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0xffffffffffffff15) ioctl$fiemap(r2, 0x40086602, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES32]) syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x2df5, 0x40000) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000140)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0006c00002011076a439cc45300001800000015"]) 22:21:29 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45370091800000015"]) 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000700002011076a439cc45300001800000015"]) 22:21:29 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000032011076a439cc45300001800000015"]) [ 483.099197] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 483.106494] FAT-fs (loop1): Filesystem has been set read-only 22:21:29 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453007a1800000015"]) 22:21:29 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000024c2011076a439cc45300001800000015"]) [ 483.182520] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 483.189825] FAT-fs (loop1): Filesystem has been set read-only 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000200002011076a439cc45300001800000015"]) 22:21:29 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x1) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000180)=""/191) truncate(&(0x7f0000000100)='./file0\x00', 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x500, 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:29 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000072011076a439cc45300001800000015"]) 22:21:29 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f0000000140)=0x1, 0x4) 22:21:29 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc4537a001800000015"]) 22:21:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\t', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000020002011076a439cc45300001800000015"]) 22:21:29 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000022011076a439cc45300001800000015"]) 22:21:29 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f0000000140)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:29 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45307001800000015"]) 22:21:29 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f000006c4c2011076a439cc45300001800000015"]) 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000970002011076a439cc45300001800000015"]) [ 483.609322] device bridge_slave_1 left promiscuous mode [ 483.615252] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.621485] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 483.628896] FAT-fs (loop1): Filesystem has been set read-only 22:21:29 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x14, 0x800) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000200)={'team0\x00', r2}) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) r4 = getpgid(0xffffffffffffffff) sched_setattr(r4, &(0x7f0000000140)={0x30, 0x2, 0x0, 0xc30, 0x8, 0x0, 0x1ff, 0x3}, 0x0) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:29 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000052011076a439cc45300001800000015"]) [ 483.687397] device bridge_slave_0 left promiscuous mode [ 483.693051] bridge0: port 1(bridge_slave_0) entered disabled state 22:21:29 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45304001800000015"]) [ 483.730483] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 483.738215] FAT-fs (loop1): Filesystem has been set read-only 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000500002011076a439cc45300001800000015"]) 22:21:29 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000074c2011076a439cc45300001800000015"]) 22:21:29 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) getsockopt$inet_dccp_buf(r1, 0x21, 0xf, &(0x7f0000000140)=""/45, &(0x7f0000000180)=0x2d) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x112011, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:29 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000062011076a439cc45300001800000015"]) 22:21:29 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45303001800000015"]) 22:21:29 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000007002011076a439cc45300001800000015"]) 22:21:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0H', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:30 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a099cc45300001800000015"]) [ 483.946008] team0 (unregistering): Port device team_slave_1 removed 22:21:30 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = socket(0x0, 0x7, 0x5) getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000140)=0xa8a, &(0x7f0000000180)=0x2) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 484.004602] team0 (unregistering): Port device team_slave_0 removed 22:21:30 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300061800000015"]) 22:21:30 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000482011076a439cc45300001800000015"]) 22:21:30 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af000f000002011076a439cc45300001800000015"]) [ 484.082512] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 484.083685] IPVS: ftp: loaded support on port[0] = 21 22:21:30 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a259cc45300001800000015"]) [ 484.134523] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 484.141732] FAT-fs (loop1): Filesystem has been set read-only [ 484.168872] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 484.215214] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 484.222459] FAT-fs (loop1): Filesystem has been set read-only [ 484.320880] bond0 (unregistering): Released all slaves [ 484.945013] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.951510] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.958898] device bridge_slave_0 entered promiscuous mode [ 484.997494] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.003949] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.012785] device bridge_slave_1 entered promiscuous mode [ 485.049859] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 485.088483] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 485.200878] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 485.241261] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 485.420814] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 485.428791] team0: Port device team_slave_0 added [ 485.462466] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 485.471113] team0: Port device team_slave_1 added [ 485.507941] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 485.515758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 485.531897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 485.561398] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 485.599680] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 485.606905] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 485.615629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 485.652824] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 485.659996] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 485.668673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 485.910458] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.916878] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.923549] bridge0: port 1(bridge_slave_0) entered blocking state [ 485.929954] bridge0: port 1(bridge_slave_0) entered forwarding state [ 485.937341] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 486.431152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 486.816047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 486.899537] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 486.983663] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 486.989901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 486.997585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 487.077258] 8021q: adding VLAN 0 to HW filter on device team0 22:21:33 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0007009002011076a439cc45300001800000015"]) 22:21:33 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300001800000015"]) 22:21:33 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300051800000015"]) 22:21:33 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) prctl$getreaper(0x1b, &(0x7f0000000140)) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:33 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc42500001800000015"]) 22:21:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)="2e2f66696c65302f66696c6530e4", &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:33 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f0000000140)={{0x2, 0x3, 0x81, 0x3, 0x4}, 0x1ff, 0x80000000, 'id1\x00', 'timer0\x00', 0x0, 0x2, 0x9, 0x401, 0x1}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:33 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:33 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000006c2011076a439cc45300001800000015"]) 22:21:33 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc4534c001800000015"]) 22:21:33 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0004800002011076a439cc45300001800000015"]) 22:21:33 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) syz_open_dev$adsp(&(0x7f0000000540)='/dev/adsp#\x00', 0x9, 0x600000) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) linkat(r1, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000180)='./file0/file0\x00', 0x1400) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@mcast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000400)={@dev={0xfe, 0x80, [], 0x1b}, @loopback={0x0, 0x1}, @loopback={0x0, 0x1}, 0x7, 0x4, 0x80, 0x100, 0x100000000, 0x204, r3}) r4 = getegid() r5 = getgid() stat(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r4, r5, r6) truncate(&(0x7f0000000100)='./file0\x00', 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000480)={r2, @in6={{0xa, 0x4e20, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0x4}}, 0x3, 0x3, 0xfffffffffffffff9, 0x4c1d, 0x20}, 0x98) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 487.761968] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 487.769257] FAT-fs (loop1): Filesystem has been set read-only [ 487.805647] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 487.812924] FAT-fs (loop1): Filesystem has been set read-only [ 487.879544] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000203) [ 487.886807] FAT-fs (loop7): Filesystem has been set read-only 22:21:33 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a099cc45300001800000015"]) 22:21:33 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000140)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) timerfd_create(0x0, 0x80800) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:33 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af000001f002011076a439cc45300001800000015"]) 22:21:33 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300741800000015"]) 22:21:34 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45348001800000015"]) 22:21:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:34 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) r2 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffb) r5 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a}, 0x0, 0x0, r4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r6 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc0\x00', 0x200000000080400, 0x0) symlink(&(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1\x00') ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000440)=@add_del={0x2, &(0x7f00000002c0)='eql\x00', 0x23646d2}) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r6, 0x84, 0x71, &(0x7f0000000340), 0x8) keyctl$unlink(0x9, r5, 0xfffffffffffffffd) execve(&(0x7f0000000480)='./file0/file0\x00', &(0x7f0000000740)=[&(0x7f00000004c0)='/dev/rtc0\x00', &(0x7f0000000540)='trustedmd5sum\x00', &(0x7f0000000600)="6d643573756d1a2d00", &(0x7f0000000640)='wlan1ppp1bdev}vboxnet0.)user\x00', &(0x7f00000006c0)='/dev/rtc0\x00', &(0x7f0000000700)='/dev/rtc0\x00'], &(0x7f0000000800)) write$binfmt_aout(r2, &(0x7f00000001c0)={{}, "c061aa5b42dff55336"}, 0x29) ppoll(&(0x7f0000000280)=[{r2}, {}, {r3, 0x4}], 0x3, &(0x7f0000000300)={0x77359400}, &(0x7f0000000340)={0x7}, 0x8) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x1a) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 488.014662] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000203) [ 488.021980] FAT-fs (loop7): Filesystem has been set read-only 22:21:34 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a259cc45300001800000015"]) 22:21:34 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000005002011076a439cc45300001800000015"]) 22:21:34 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453001f1800000015"]) 22:21:34 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, r0, 0x100000000040) 22:21:34 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x6, 0x420101) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000180)=""/80, &(0x7f0000000200)=0x50) close(r0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) pwritev(r3, &(0x7f00000004c0)=[{&(0x7f0000000240)="71950104b5e97c1b944c4bb9c8f9a05b1e641ca491bf01", 0x17}, {&(0x7f0000000280)="5282014a05857629c0493fa932358bd07056393e5ef9107ab50d1604613784487d8fb364325624aa97b18629cc3fd6d163c1ea1491e73648c8ed7a23c75aa409daa3e3d283dc7e31d60e9382d3acf32dd952f9788caadc7dc465109f0505168f01b70d889dc2e33a79a8b3bfd23436178c730c4866bd61853f9b9e0facd9910044c56d321798555d28e80a37eaf3e380c13841ebffc4f2de9ffe8b22099df6ec54471267d6421fde5feb1ccd93", 0xad}, {&(0x7f0000000340)="64732834771ab91dea9532dae23fa8d1759c4c9a0043d026f3f9bb804187d41565052ae0454c2d6c215fcffe4595680ed39c6179f6b4c425a6c96380b78dde52b0091d261d922ed31bad0c1c44a3f799b197937ecf22ab7eb131eb9889d71e2ada163476f92a4cd5a6409454cbb0ff59fd6d5a4b931aa6b73805ee6a26cbc8f3c0a88c755e99f833cdb51f6f61ded71faf1d3b973c06b25fd6439330ad17d5cf3c8c7ac57122bbd328f92fd6566265ebdbdfa02cf1c6718817a6efb6906a0f2a0c4bd834a6867a491d75b3cf76bececfa796bf744734c31ca8b799afffaa5570dd79b35fad862e1da5125784837226149706c96937e6081f916c0d87", 0xfc}, {&(0x7f0000000440)="f861b3f1386209fcdae66e919ff354c006f88789535ab0d00ba7b5fe181fa3b42c5401dd8ce8e74f57d43cb25cf062730c0820eb9cfff5f769efcfd4717038f4293d08c36751b20678485623f05eac0f7f80e3a760", 0x55}], 0x4, 0x0) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 488.165652] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 488.172927] FAT-fs (loop1): Filesystem has been set read-only 22:21:34 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45303001800000015"]) 22:21:34 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc42500001800000015"]) 22:21:34 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af00000f0002011076a439cc45300001800000015"]) [ 488.256824] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 488.264108] FAT-fs (loop1): Filesystem has been set read-only 22:21:34 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300481800000015"]) [ 488.354318] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) 22:21:34 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc453003f1800000015"]) 22:21:34 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0006800002011076a439cc45300001800000015"]) 22:21:34 executing program 6: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r1, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) close(r2) r3 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r0, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r4, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:34 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45348001800000015"]) 22:21:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)="e52f66696c653100", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:34 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45370091800000015"]) [ 488.664217] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 488.671522] FAT-fs (loop1): Filesystem has been set read-only [ 488.751217] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 488.758495] FAT-fs (loop1): Filesystem has been set read-only 22:21:34 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300201800000015"]) 22:21:34 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x6, 0x420101) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000180)=""/80, &(0x7f0000000200)=0x50) close(r0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) pwritev(r3, &(0x7f00000004c0)=[{&(0x7f0000000240)="71950104b5e97c1b944c4bb9c8f9a05b1e641ca491bf01", 0x17}, {&(0x7f0000000280)="5282014a05857629c0493fa932358bd07056393e5ef9107ab50d1604613784487d8fb364325624aa97b18629cc3fd6d163c1ea1491e73648c8ed7a23c75aa409daa3e3d283dc7e31d60e9382d3acf32dd952f9788caadc7dc465109f0505168f01b70d889dc2e33a79a8b3bfd23436178c730c4866bd61853f9b9e0facd9910044c56d321798555d28e80a37eaf3e380c13841ebffc4f2de9ffe8b22099df6ec54471267d6421fde5feb1ccd93", 0xad}, {&(0x7f0000000340)="64732834771ab91dea9532dae23fa8d1759c4c9a0043d026f3f9bb804187d41565052ae0454c2d6c215fcffe4595680ed39c6179f6b4c425a6c96380b78dde52b0091d261d922ed31bad0c1c44a3f799b197937ecf22ab7eb131eb9889d71e2ada163476f92a4cd5a6409454cbb0ff59fd6d5a4b931aa6b73805ee6a26cbc8f3c0a88c755e99f833cdb51f6f61ded71faf1d3b973c06b25fd6439330ad17d5cf3c8c7ac57122bbd328f92fd6566265ebdbdfa02cf1c6718817a6efb6906a0f2a0c4bd834a6867a491d75b3cf76bececfa796bf744734c31ca8b799afffaa5570dd79b35fad862e1da5125784837226149706c96937e6081f916c0d87", 0xfc}, {&(0x7f0000000440)="f861b3f1386209fcdae66e919ff354c006f88789535ab0d00ba7b5fe181fa3b42c5401dd8ce8e74f57d43cb25cf062730c0820eb9cfff5f769efcfd4717038f4293d08c36751b20678485623f05eac0f7f80e3a760", 0x55}], 0x4, 0x0) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:34 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000600002011076a439cc45300001800000015"]) 22:21:34 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45309701800000015"]) 22:21:34 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453003f1800000015"]) 22:21:34 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000540)) syz_mount_image$jfs(&(0x7f0000000180)='jfs\x00', &(0x7f00000001c0)='./file0\x00', 0x3f, 0x5, &(0x7f0000000480)=[{&(0x7f0000000640)="448ca6f5b3802ee573af49667f4665acf8a4ef803426d8c7e11c312eccffb567a18179794a0ef2edd3be03e1bc114aff945bb126a5e5c90e6a53115001bb84bcf2b6522602c6ac0c4a7ab39d9105b1a25bdf2d7ccb0a69cda8747910057a2e8cd1a4874bced141ceebd08d16a7b66163502649c2bbc45edc5199789512af0fe5db8375cc04f7cf8a56342a7a3ea45ce2a0452b148374873baf732715dd14bb164a0d06489d9096f8e585e38463a42ec32cba697827081796b2c52f0fba80a235a2b5af1cee4b8f07f77be3b2c3d15c05ee7b9e3412e22f44f5fe4967359f344a791feec64ba893154f412c02387d383b8fdbcfd2b7d54f9ff6bf3a84d053bc71b313e0636fbc21725dcc1f6293316c6286008dd296ef8f122d90621f3b7213f64e79b3dc1680554628b84d1158de35ee308852e6ea3133a0450b6204c322f838ff25526c82acb2111b065c0580bedf4a66ce615d4d92700e7253bef973ee73943133fa358248ddcce72083820bf5c937cea29d86c73295b2adfd1de10273f77860ec61b55e78cd506965edd077da1296b02479b6bef1be61cbbf1d9846cba9c8b6e7a67934899e5fac32c5f1a93cde92814ae3cf0cb7b175f0b8fb636ccc82f205ae1ae503e0c5aa154afa5c1adbbcc06c70b93b5d1d8d65cf48fe570af63987afff581c9457954e1b38e1d9b0d27741371e9dfda39b7ff5a446f3731dd12f1bd88937be214e54e166f051ea7962203c4832b055b348a9c050ce1877290d0b54edad408d05b982504f78587fb6499be302f07fbb6ffa65dbc6eda73bda2f17702cf78c670c5e290a34ec6df253c5f9799ff2a3ba4b167fe5f73548702e769824d70dc414dd7c77e4bebbba3d3fd89b6b3820b32e5c5a10bfe9194f4f81c15c6bb8471ce794b91f6970b0dfdaf34d738bd41213069a278738a37ab6ef8bfc96044c024b7c7c6bfe08dc7e5cae9df76e05a7e46471849e5646d42643ca6cd7c8af360895b1a14d859d467dcfa31acd30d2194f70d5aa61bc17438ddf0d0b2ac09743e23dbd332ca7e39afac33dfb66d9daccdb13db911b9344c2424ebfee6be9c14f3d673b8d3a93647a87cb56174b955bd642015fc639e506a796ff0b6b1b98c2f1f74e9fa04350a13c3381dc488513facf8be2527034fe784e99df8e1fea941502f0b6cb63020fb41df2f0dfb9126aa74cfbca443c5bfe1fc96e703d460f36ad8d805512776c89dcb11798dca29ad91e2464df5a036c8ea57520daf5af52cfe9e5ebfdcaafb2a13977362ba82eb7af8df40a2d0619c75a6574d3b4a3fceb8573b1267e95b34d38a23fff7f37ad6b47fdd3ad60980eec79705c9a77d09d118c9f38a21ae6b9626b3e6757a84fbf360e9651d48e5ce33700339b635fd216114590bf7a04ce4e77b1267d315d57e71dc071bcbd98fcaff18d72a2b7920909a52e90c172554864307b40778734f7fbccfd6a0c320d74f23fb0841d75eb3722993e9b09f028043f8ce4fa50a1f21ae727dc0532ab33abbc2da820ea3b8a8bd3820dc3fa27a876aa058219b02f738f60972ccb33a0ed5967e2f7b3fb10660eb1e92e433084baec93913d650f1a59e9a0664c7fdf3ed5095b212dd9abca8ec1eaadeec6cc64f2e41486bdde1dcda0913f4b35d1da65a76cc4158d68271f7205d84528dc8581713a6542d18f51e1c60869f665246554e1c9ac323330d8876faead458f1e0a98c23d1486d1382b16d8b7a8387dc4c0ecd17641ca215458b6a62a111ca2c7dd6ebb221603a071e37b3d5220899c19a2d2819ff6d5b055a03320e9537e220d7407391467aef96af1ff66300177aad67426e3d9e6bb764f66bb51a0cfc47b3472a2e4afc278ddf602ed190504526c58ea7ac6d265fca4278830aefe45a7be1fe7706966d86311431bad7886f2ac5cd99e0e033a913d4a455bfeee61fb4a587b099bdb7b94fa47723bc6667d5a4744048531e380257998e4fb0f26c40539283d772ddd754cabc3690c2ca6d747fda8be52aeb7621912fe0c78fd5bbf7bd36037c291310a6fd3caab5a17fe2c1842ed74d84fc6ae9563629afec21f0c18a0a3f3a5bb665836350fe547706411488764b483eaf3c5aaa22c4658060b8709772263b0beb68128e203988b835ed4e1c0aa96d10b74d5ea71691445971e3a3ea5fd4d40216735ed2e77ef54206acd549a7bf5bbd49f4701e11e550468cf03428d17e3798e0c9d3b52fadda60e0a11d7de5bcd0801ffc7e6c2ab785a62c030164ae32bd3ef49144a17222159e687961b05187adc7f6c185866d6b4faadb7822b203c1e4cf357676a0d7dc1cc90f6ea2df9b465ae1610cebb447f65e826fd891799e24ef5ad36220d0a74e986ed2a0dece13e5be8abd899a3f5ccada497b8795954c0a2e5fb2561679c2caf3beb8dbc57a89e94d7b0eb98ed6787c5bbc026b01546861df8923b593fd3c872b557acc073641f82317ac4c17a630ebaafd6324ebf364d311875cf074c67814a13f9974ad23f49fdc8572b7a96b64a2ab7fd88361a099d2f184345d918bb00baf60ba08730a4ca62a221eb1368205e5077c4ce1813e4b9868d7d12b3ced3194a6bdc20783cbf52d7cf4a044d685da652944c381c2e79a5383cc42416cb87348ff498b5e0bab36386fe548e3feafa6cc35579cfdb143d138d811594d3c651d0c7b461deb8f9d5f7b1442fcd3e23e15ce47d1e31c5aea92d270792c6d247983a8253012b02dc84f1cdc9bc809c1eb132fc1934eb6fb4aa0126cb5112b1fdb538e75a1d1eaa26b62e5fb1e835b69fb2e188ae2a4c8806af24a82fb32b7f9334d9c28c223e81f85a4b0b4fdb1361d2d7b7c381db1cb1f99ba297af0fef116d3dcd1be756ad7a4b68f4a0e0cfd8e81a4a73f9476fb9121e33770b8efa629a4e6061a542b62aa079077e757fdef1db3d7a56fe7d1518b827d4986f1e097a21487705a6c1dbd617a078983c718043bc56fb19725077642af05e23039586cb2d306bf531d5f2211adcd8107744b09a0e87349c792712d3f486b701a4a765897b6d62eac1e4bf4624759033ce61215d96b5e5a7d4308464204611b8703f51cd09901dbe03f2872f08a409773629075aad95f31195e41331424cbfb0c4bc12d1cab340d38be2a1ca0774cd25dda6386a6a17d4693395129f49ca62d47a5308509fc41d73ad18a4157a82bb15d2be4081e6c3129ac2e889ab551adba841b985fd206c46c03db1abe8089338f78a4288a993063aea72b39fd007cf0c0bda9b05313f8446faafe4d42c10bbbdc74fbb79924f02d5261d6669673fe7ff257707bb3731ae05ec0b5529d58b1d4756caeae3caf4855732b57cf429964deea9b1b140888f24d8452d6be7c23769395beb5ac00162e37a96ad2f5e293c247a0828ba898ab2ca87ef9284c79a0498511aa3c59278f19cccb26186b3d85a092e17c04c74d42c69ce2f13b150fca0e099e888bb449e3566367053502ba45d814942b3fb4d1d2534c982052d9af4ecf5b045ae194b51bbc520032804b27cdf45885aa7f33b0c31bce79b1e9473ca991fc21319aa204674802001f0cc496ac424b0e31d658512c87ffe95edc3148c87da0ca871fd3a211cd29e43da729d1b9db3945fc3dc5439a7483f224590d149f6bdfe6bbcc3d1bcd0f266cea8da315c33c0df65f702e7f82583dc98b23fa4ea5f99320b74521a1d0a0866c96ee772dbcf27bfde06d9d9f438315272190c2a6f75fe428e89808928a3d998d18c9d24fae16ae044e9e6bc5b4fc24420d96459fea344a2ef8706ac64c72c20856ca89c80c1d830c138ac3fb4c169a272733d5dca78d2a16a88408f302b2783417f8b157becff039c7e0e8771cea15c6845467145803692c08764955ba45ad142a917008e7ba3f654ed13a2c7bf1dafe2e8e74bd7f26f7856bcc850d2c11763bccca2f89411aad832536a782ad6913f24f478fb520ece9be60d24bf32a7bb90937a01f557d8478ad06584cf04d55da529257b3da58f6bd87205fb47bf507bb272b757301b14589278bfc4137180ee6513e74defabdfefd5b1243783cdbc381e9e803ceafa053a4273c5f9503b8951c9a47a1ad07a6f081e49218e826dfb731bc526b8dc313e82091d2a8eb2c9adead447b660c934b59e322f0063780b5d25e8628643cb99e6a26919f7433edd12cd192cdb967e279d092efaab1b773339189b58ef6867f418667b521cc8c91e55036cb0ac674d4ce4265beff73f0fe95449380a97a46fae69fb3eba7b10ee48262b4964c771b10427ccbd9a1a808c94648cd010699bc0a5e0208738a2309d7d3b9046776d1d9e9974ab9361ee9708ad910d0293741f1c59d458104fe25a41e567703e95c114f5e24c898d38e9b0d68bc9f660cd2dd8f71dea17c680654008797b3817d0062b22c93bd66cab23e00a87f2a1f056df30b8b3d08fd2f216a9494c4dbbcd0b6295c872d411e3b471ff1a6d0d2794a31618356e2e0467e22676c729b63a956155f802d2ef3deec6e0fb4a83bb13b97d22e7bdfcf594032932e75b9d8f39bd9ba12b2e2a3218aedd6c126048e6799687134d724e4f5ce734d48510b0658c8bb56419d7dcf25af505d3a6f16cf8edd5f94dd1612eb6c56a44d5b49a5fac9969116ef1a312f30cebc6c02875b67546b1b60d63f173dc588df5465a344dfe06ff444dc6653978818b0f793161c8a4bfd1c60282988b987747116f7508d74fee7547d9e6659d90661998b378b6e53f38b3e8adc1a3708543dd7a4b8c7895a878d848b579afea8d636e8348b613c990dff4e372ffbf34741409bf169b0ae11932c5e4cfdb82c7826b76df16d6dbf108dd4f480c58eca1b95fe248394104f0cab250ba1e54bdc5d907766cde6e3518a568ad4db88513172b81b6ad8af36dcb712127a0ca12939cebca462861b6b518d6aed83dd78b263365758c74d7bc4ee999af1d11a2e3c8e1566ea609c357f20c238151b16e404a165ffc781f94856f9f56cc358b59170617cde8f56aa84dbff88495fbf054398a89b55c25e209fe0588838e738d4c8c8b8e7c0b533911bd8d6d66995eeeacb4ba7d9ff4d4a8d84350b7cc11707e2e50cf7db1f3673e517f5f5d2187f80deb4894cf98ce2095a8a2c0dc11899c7a595fc5ca3d42ddf8fad821dc22798941e4751f8f0a149c11b4e5344e5ad7566201119834df0875f7571f499bee1bc53904eb35561f93bb583a58bb42614673105d023a392a4697ccf90fcccde62b7f7e921672a8dda087dcade6e7b150bc39b478da4f4fed982dd98d957b5f6c617707d182c6632bbebc5dd1ab0202d3a4b93ad39ffdfb45482afe73f2295b112e523429d751f7e6bd50cc7f8b80a847b9e2a6a970123a534dc2581bdf082bb3104958731713fbacd112275203eb4f3241309d1b8264bda2643a91f56947ec01191686dbbfdadbea643f27be226df3f9f14fc3078391add894f9a84ecaaf48a5a10abd4f907e86421c383cf2ecde0bf78b9966fe8f5b87db8494e1bd1e583523c33faade4ad3a222ca3824522e251fe221bdd70849ae97119624154315add80e2b9e59e4999d31ac261ae56d60f6988a64639e1f6a89c5bc382b6fd0f03efb7b152e20d10072bf7d07c1e35871a57546be7434f84200ff0b4b23cf93c0b0789045a0acb4380ec363f757437598769591324646e3544948cfa29ed333ad9c0adf22ecc692bf41b75a2791633f78e2f30d62e87188e79d2bfe5c2a2f3ab4a42611f4069a2bbd883ebc09fb4d4b88aa7a4cdbb0146a07b4ffc5f3f973dd071cc1fd0a7f072842b6ca322ed8124e", 0x1000, 0x6730}, {&(0x7f0000001640)="3149916d037eb12e91744aa3bd03529af1aa50b48e2ebd6a0614da2d64d555a74c6e3887e08ab2e462a0f37beea0881811e401669ee0c3a6dcc496508c366ad94fad75044ae1e09c8bb9410f698cc3c74e8ce63efc5993cd7aea7ea9cca9b3164e2413656b64ccbd182082714fe7b4392294ddcdd41291cd4f84188f888097caaf025bffbcbb794dc7eed00058aa17d10b13a75dd7b4c70f0a4fe7a7a1bd4d6ceecbd9eeaf62bf3465b1566c4b3219aa69db8bfad82befeffe51523249c8cdf96bfdf2f38a720b46c81e8de07b87fa8f7acc8539d8152265f4e24ba97e757a0d75d6e9e388e3c7e717dcc4e38197306ae0bd8250ca1fe009ef65b74452a7263dfb135d2d4c04789e640fee525490bc9b87ee995dec8eff5a764a56f04d2e168ded3e6da8cf6d37e81d165e32a07ce850541d815fd9e4750216a4d09097700546ba751f925c0827afa8f5db1d2b4b1045c4b4ed9cc26d4fd3967d080517ed1e719fe3868e8dc709db721bf53cf95c2839596a5d4f585743d7b5a3b9e96fde423c15a629be8af26bc7f013c3c26ed35339ec7a3b7f52ebe19830e8aba809a159afe2a238bda0ed62a01d36ed408c3a5a7e1815e5be5c0f5957bec915f58bb5bcdf67a106facbc969ea6b137f73044a3a8c7673bfd54cfc17808d8792c2d9bd88fa9ac6ef54cc99c69af63a82f75db7843e706c2e2d58205a5c7949220ac7d5e1783a825b568477bbeae812527dd712e8dd9823a4c06dc4e76cacc6f85fdb3b2de899e319c898a132256b6a50f01c0bb65449f73abbf45818b135f9c7729da730e7164716f53de00036002123d8b9da27cf79e94e31e19f5b094bc6209487cfec418e5522f01b739ce147e121c6086a870f1bf09714bd4a3110f04c495a114e0474a891f23dd90b3ca678a91fa789f8f75421160dc79e4e98478c86634ff8d8aca3e6617e866132876d5172f81434cc68a83bc9e1351633badc8b9cdfb9e94051a9a32b7a512328cd7278403b65dc40efdf73456fda0c5d97b96f83a307f39b14ea8fd1737b91c54ade6e5d88eb6cf18f940e4223c70994a9d0eadde223b5aa237209495bdd901755bf0ed0b56d3de0804a53c57c34827467ba3c3b449c45a40b54db8a162f32780bb08b3aa774e7d6caa7b41e1df2debb072708b614cf6696182c2b33dac29ebc402f8ef9dc4909cd1210a59998e1141ee9ef9cb8667580df1722e2d6169a35593ec01939197424446b733028b30f7f1acd122b9dd26ef41ff7754e89996781f4334f274e7fead6f99f58912af1cb224f0e534a493ab6188e3eb1ca40a969cfc6fd413c67a48f9b091e7157d3fe41f3b0051eeb5a771002533d088bc2586efc1f0e2cf880d8d916127aaa14007bd3a866008215322aaa441e7d04859c03facc772487cc324511da46d40165cb51c566735e7bc71a05918cc6a1723646ffc3b56b34c706d71e6e5e0f283c87ef08b8ecea6f138923c54123fac0e8ec5ac048feeb5fd2cdbbae48e6803182c79a60622c4af998371efc813170d0656ea473ea8ca455fd628aad7187ead48999596032e3f818b979b004a41fea454c9200ef1d59cf09d201ee353d8769bcaf468796835f1cc6eb871299f5af522c04574af14cb0b140397d7c8eee7aab74416c88448dbf99a66948eec01c9207e1b69fa81f2fac22850f746d21f390405eb79a18718a092acf49075dfb2c5f874bacc77ac319b58f924cff0c20807b896259f823d615b92e30ff7941dbe9271a86233b063e55dfe40c782b34d9b3a33b739e1b9364a14865bfb10e30823eea87eaba63e451b2f7eee0b0edc02e3a5ef56edc3b187b16f76f48c063e69107aeafb9cb6802402be0b95ce854c488a18212d9342e5c34cca595a5ce5671c3a2e3fa6bc1543a15f228762868f5c0096972c004dea7916b7c7e367540da44ae631cab5cded3f537f14a38b8278a2f1e4285a03599120f357191c08a450d468b7be293bd983a5cb7c9fc6acc51262e8680cb7afae123743dd008b7d948f0914cf48592d89f74474be24900c934622537caeaa417864f3889344d961222c7dae2a2d2a863408eb1b3a7e448ebe88221d11f70cafb7bd57a89423483a2beead17b149f72ffb1e2918b570aed7d574df92cb2e3c772184d2dd160a4ee3756c166ebf242e2ec3ddec4fd336746a6fb18b2c01e4708f9418e61264463fc0ccb0a65d0308d9cfdfa9f93867736059c40403bbfa71a295acdcce4d6e991e03c711a7e6fccc0ff165ed131560144ca1c72019c829ee9b8fcd18ca5ff7c6586f1f082fb52963013333b25a75520e8b3fd7c17f8b20c7244e7e3cedbad23dbba4c414a4f71413c458821f4d258335df0935700bc8f71fc141584329abfe313f602046f22b0b8f09cdf6885965ec9755db53bd39e03d4df591b71f9d5792fda62b942e567c956b52ff1aa873e55e30456681411fd186a0c8f58a9c8243513c4aa3472fa1b1680729dce52c6c7c73af475bd1f3b79bff5c014b36b39261f4bf1b056c6450e15beb9c57d12c16d5c7e822afeacc3e3597c33a09a8755504f065e378fae5913de1fa692b5c0bc527bdbd4f5490bd82ae54bbaf0f5f61e75a93fa6660415821c25e7c2a14c96d40a39b6ce9d5968a6f4311308339e31f235d39f67037b2ba284da6d26d3735fb5dd57f66a4636dfb0b136b18b9ef06e53a0be4c9030736163a90061bb2c1050e60f068edd38a2a006d3f1f3531579b67d289ffdc802bfeac9c45e736c67d56abf488de8593c5ff8c5798c2279f57b87f9f013ddffea9e907f81011f7f3b38ef6730c6c4689389437103a94ef6eac903babcb0e6a48e9b765a9c79fbfec92792067fed317e91fc5aa1809ce2fb6c7ef2c70398cff1cdbdadb0886e448798b328b28509684bbae5b9ec7dd8ff63d14bcc4a4ba1a914944dc587a6862c2596e1283809f8334f491f12cf2a334feaa10e8a3b4595b05e76b333dc533f85bebaa1d788a9ccb32d23bd520eaece08ae34b99ac3a56adea406f41bce92e774f5f4707df6ef683be60eff94de62a221751f1501c1db22baf37611414480e2c44d89998f01d918f4522c71b49d23511b8a15f9dd34bcf8976f1aaabc1e75a0b1f36a744ae8d42ae3c8e574c0864c62482b6838620fbec4f26f4b2ce1f4180fbc36ac30a02f4f11fc91fd67b588328d7464671f06ca1454a27eb4d4d493e345e5947f0bbdd512ef0dd738e69c33ea0d750f144e5a2dc662002881966c7d51398c7edad4038926cd0d2da709904cb45c4d9ea30aadfd2cb4e4cb05fccb20b6d48d2f547bd20b9f2ea6ff7ca95ec3a01192bb7d3faa4c6d1cbcde83bc1a2de6aba5ecb9f4d452027f8a251b95eead9c48ff9a7225dafea7f4be6483ea0360246c87cd2c467b071f24ec08a2b2b7fe280f1a14907cc6ce45f6c77276bc58a8bc8248b42adfd1543db6f7af3c82ea6b2acc9db4427fb704ab19be5b5742f3d0c20a13bcd6abcde76e72c635c88350b04f88a8e5929c667fbc7392e74411174560b9881b9fc7ee3f66b52f38a62add932bc99a5b261a8341ed9ba12d045eca5f899348a075b70516d0a232da2154daa884d699fb0d3689e67410b8109622af60925d79dde57e0da2bbaebc3d87795be50a74b282fa62cef49d04cdf8cb3788114dd3db89d79271ddc4f11c7755496ecfc905cb78f958368fbb86d2349bf304fa3c9b0f5be31046293a9f9a4ddbde5d9bcac8a6126aabbbd8ead27158e3c946761be1d0974e9ad860071040784a3cd7803924cf5819f891c6a9c938815568395e845434b0f6b8b5cfc679451192888c83db0b6ceac2b41a17e9ed156e63705f3daab08a57551a0761d15e46e218a951a29ecbb94876716f73514d17cd29e351e397c47e9d560f9355e8f75aa0e7d8ef79e7822ea730a188c96220a8a64ae76f5d76ef1623f5b61c5c59e1edce9eb8fbedb0a51e5e9a52ecc20e68114c84dd72504835ca046f581f5d1158d89e8557a8fbc2da89e116478dcc67ae1d0869686e73f5c7aa5fb29b911d059995ca5f81c0bb9fc23743a9de5c85316770d04c2adc5114af994a83b72e487fc95e0a1a3726ee08b2ab24aa3d3e0c8c3bc71be3485cafd4574681e66e34e2a5f80018617415fad2697f74a2fb980514ecdc4575155c8d55c75424d4ec0431f44fc9b52bb42cd96f1710b2f0a00523ec8258c9cdacb6722e81f825de97071d9673133104521dfb86a94afc7d3019af568fc3c9cc1c0a750f2699e58ff1788e983e55b97fe1e279f2b1d80e191cddd84bb06ad05c4080acfc3036588701f5c5805ad0e42835529a2a13a359a3acbac776173c44109289bef8c461f50a68395b34d59ddad0d58ec2d9f11b5ca0d5d8dbd1a3401daf9c9d09b44bf528a90487f48196e6c43346fc993c9023d17935dc7eb8a7c6992829e1494fe863acfbaff42d286441912426d26028aeaaa7810d9da35837d9f52cca97b84c828f90a2b8e0f9ba48784e953f2e662387d941e3b562d1e672f0cb4fea8663ceaef2570613d95cf63063318ee4e42692203f4d7d0a7bbfb8c78464a82faf68757f72f4c236ca40c286d034a82b47803ad59363d09a6ff2f008cbf7fb4ac839dc56419897559021bf96080d06a39c4399df7fb3de20b72258d0c0ab22b83f67ce2662cfc7cfeca35291c1fc59e9c35cb7681bf90da118dfb396c834548872fc4ab46bf874ab0d8c26bcfa55ee61342889b20cd76679dc8ba84ba2c7bd22b82686578e716c332bc0d22b4327f59e16858be3f325c931ceea14293d31aba2a4728853b4188796923560a6756552241791ef6d46fdffe77103953ab1c66e96771a96f3b219ffa06aaffc31d65e4dd5c65a92d563a5d8308547a7d851e1b703b2232dcee68bdc75d2686a7b3d504d0fa5252506f19c3563990ac36701af5b6b36f9d62c6bc204ab53fb8916d19e9bce1eb71b20a31d310142567b8aa1b47c04db1cd781567ad1057d15ebf0212d6c11459ba25ccae3942f5ba40d9cdc7e236331f20aed03539fe252ac722185eb604e92af7eded85270cdf2d826ab5a8fa80f5bf2deb08ef99115bfaf53c7c8cc867283f8a695b1e8298d5a631cea86c671f8d7444e23979bc9df0874cafe0522a8a09cabd75e66a88d4a0c76713cfca067764a12b5c23b7a27bff74f44e50e6666fd3ccf862cac57c5425e094d9ceb86f7dce20f56506251663843a6d93314819cfd58500cb15053efd77c3c523c4e85fbeade7aa588fe0daa5f2406de8e9c8428b49defb3509f60c1b8f38b0f3115657a2e59f40d88b3ec4b2a91c16f05f826d62dcc5ea780d3ecd0a24eac32620bfe6933876a39aab146d612fbfc9ff3d937f3aa6afea3b1c23a2f34d66388dbbb7117f274144a95b3d1f76d8b52d570cd6b62088ac312493b815e1ba20a73f6852e1b0fb7072ef1d29b883a0db55ef7df03bbf09096c771135e940107afb81ebec3174fab5f4fe82e483eb9af1afa24f88d6a0e3c7123cdd676bc810160458aaa28dbe8076ad13a2e2e777aee5e07323855892ad2027bd1bc491c409eaae50c1963eed9fa8784f1242103d2ce85c647f2d9e72c046cc16228c9ca43c4ebf17cfad1a35523dfa89b22bc871a984e6795634424116f6a5e98adc83f784a39301cc04726cd262642676826f654ee53318596688a91c048625486b2d4bc2d27fb20cc67bc4d486252599ad28d3a514bde08c158d32f8d19409d5089775b5aa2d5f0d5913ba6cd98cd893c9eaf029d41dfc52c0880bd189a1a3c31e93590784fb9d62028d6980160f07d0c3f2cb216", 0x1000}, {&(0x7f0000000200)="39c6d228d20e049cca90893f00ab5b07960c68171dece5641117f29fd94c2ad45deb4ebc1acbc278995ebcb6d6a31cf09b00465f272176580e2d7481ca760a766d978549aa8c9efc6952140a62c2e165e51cb1b309ca4d5edbeff172aed89fd571d2a11c35d94eae5d36ea6f4c0e63d1bf70539059fef1a8d3b78eeaf79ea3723f00fb3e0f43b0079390098b6336cbbb6f24252c9913d58736c88e1e3f822745639cad52efbf2e68555d3bf01c0b8e446da11699c4a5edea1862065a0fa16864159e5514a2ad89aa0977a3872d8ebd42b1aa33a13faafbe99b6138317174fe45d89581e86ce9fe56a38dac73f52ba637dab12623cd297c13c751e754", 0xfc, 0xffff}, {&(0x7f0000000300)="c36adce27b5f498e2c43fe5484a3007dd918e41797c7307c19389e057295af19da581b1a3b759fce5b4a631d497135e36fecc23003ec342d844205247a5f13909aa88091fa18a16a07f891192e75c5761b4515d80a1fb10be9657dd1f57be422c7685f4f658ba8103071f0ee81d121894b7e18085d78310f68da78720e30942167cfba72aa33fd19941f798b79a9d2356c3ebb2af5f2983cc4b9bff58e72a0f6e9e32f1525e1ae9a38a2700140ea209e7710c20037da2383e2f6f3bb48da6379c18e7030af03548355e144be87f447f0365f34a34258de39ea72b3cfb21b08cb", 0xe0}, {&(0x7f0000000400)="f2b99bcb6cfed8e85192e05245f7bf310a5db637f723137baa7ffd3940ee4d072119b9449f0549027a96f81733c63d525084162de19ee39ece638f3f713a9d2051aa7344d30a62385678071db77d5565fa64cb21", 0x54, 0x7}], 0x8400, &(0x7f0000000500)=ANY=[@ANYBLOB='errors=contine,noquota,\x00\x00']) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000140)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='A/file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:34 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x101000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000180)=0x3) creat(&(0x7f0000000240)='./file0\x00', 0x0) [ 488.904365] JFS: contine is an invalid error handler 22:21:34 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300f01800000015"]) 22:21:34 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453f0001800000015"]) 22:21:34 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300071800000015"]) 22:21:35 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af000007a002011076a439cc45300001800000015"]) [ 489.001202] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 489.008418] FAT-fs (loop1): Filesystem has been set read-only 22:21:35 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) setsockopt$inet6_tcp_buf(r1, 0x6, 0x21, &(0x7f0000000180)="c1b5662f395abdd5391a7ddb80fa1eb5e9fc24c5a631b9dd4e4b0869ece5ff39fe0732e011eee9be3dd874575d8fa1caa891", 0x32) truncate(&(0x7f0000000100)='./file0\x00', 0x0) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') getsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @broadcast, 0x0}, &(0x7f00000002c0)=0xc) accept4$packet(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000340)=0x14, 0x80800) getsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000e00)={@broadcast, @broadcast, 0x0}, &(0x7f0000000e40)=0xc) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000f40)={0x0, @loopback, @rand_addr}, &(0x7f0000000f80)=0xc) sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000001180)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80080000}, 0xc, &(0x7f0000001140)={&(0x7f0000000fc0)={0x15c, r3, 0x101, 0x70bd26, 0x25dfdbfc, {0x3}, [{{0x8, 0x1, r4}, {0x44, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0xffffffffffffffa9}}, {0x8, 0x7}}}]}}, {{0x8, 0x1, r5}, {0xf4, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x1f}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4648}}, {0x8, 0x6, r7}}}]}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x4004000}, 0x48004) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x103) 22:21:35 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(r0) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) sendmsg(r1, &(0x7f0000000380)={&(0x7f0000000140)=@ax25={0x3, {"dd5e93020fadcc"}, 0x101}, 0x80, &(0x7f0000000340)=[{&(0x7f00000001c0)="d9cf8d3b540df6b2661a2f07b384ca1472548fbc42dd28c9a01eb5c78f9e96e722fef27cc20b3a257d0afcfbfea61ea5123f25a9c137410b0517535c73d778e2d3e1075678c5bf2037224a7092", 0x4d}, {&(0x7f0000000240)="b22c9b6abc78b23643e83dee4b21f95384be83325633e766c7344ce4426fb52d23f3d748a2df258f203cc2f3d1d719fefe681950c7a87ffb35b080e8dc3d98a123d80dbcd820976a159b47495ca98a7dcfe3f419ecaf0441028ed74d6ae10dc7c8d714402349c94d2ba1aa6c0e954fef4bd954f2ce2255cfabab64f04a90a09ba5d25c07599b916ce9a490a857084403bb95cebb13fb7abc5192f2b46529fd7d796ee07e76b0693779a7991077ea554adfa98d786d5a2ac707e7062686ccc07990be0fb3fd27173e", 0xc8}], 0x2, &(0x7f0000000640)=[{0x40, 0x119, 0x5, "64c36f23e14189bcc021b7c45ce8750ec2d7e445442f15e5617b771420f762ed112086a696ad2784ce63"}, {0xb0, 0x109, 0x2, "6831b24a0ab8d6e3c0bcd28c3225e177e556826b9b85cd2d91b89f95ef125bbacc88a8fc2fabbb9594cd31850e3ab502ea5d2b74481a3fe989b8c7d86a80320fd304cad23054eafe3b877d6691c71919f0ca9f3eed4805c42ae4504be3a7835b6d1038dc94dc79e3dfe08f2a333d810034ff5ec8301b5b4ab23d446102a714a26a96faa747d792c8e6d7b2d998caacd7f297c970c188a3c0df"}, {0x58, 0x113, 0x1, "04ea3f2b5f17527e4cda3fa9a8b444ba61225e991de90bc5cfe662487f843c6b21ea97e1b0754a81c856496be64d44a595616256ce20c41682043af718491b2788e5b6eb"}, {0xb8, 0x10e, 0x10001, "e2cc2ace8f5572b3f9719ade92ecffc12f83e015b1a0c94130bf60cb433437c870e537151f2b2b727cffafb5fcc5002cade6200183a7cb200d7aaad0149065b6c8864e1ad5befbbb3d8e68c61940cc5546d103ec2aee20f1df308d978ab854594396119ae3808669f8ff309dd5b057073bec9892710788f7811837b2abdbd03fb080ee0ab7d0502c82bfb5ba547943f305d678c62f83759b7ae5c35d3758958a46d393"}, {0x58, 0x103, 0x7, "ae66f4214f4053ee916c97d9cc813aebf621c7653a2511b20802745875c816276b4b52205350b111aa7372dcdae824b50df4e37586fcc1863db40c7da31c5ac2331076"}, {0x28, 0x11f, 0x9, "fdc18b890afe80508662305a784571306466"}, {0x68, 0x117, 0xfffffffffffffff9, "9b62e579f22547fb4459a56fb07d3e58d79ec6e1ce7f7cba9de05a94b1109ce1c31fd8dd0689e96e07d8c6e090412fd0528e1559bf7b9c2902c62ef5b65da84fafef6db0eef3da1434cae6dee38a44b4c15ab523"}, {0x50, 0x111, 0x3, "433b8532567f4c95ae8aa6881d5f9f98419716084a0e66a858e7acb09ac64d641e5d07ceef6f5663a01f7a1e9206190d2d62524f448f462b99551904e73368ec"}, {0x40, 0x1, 0xceb, "9cf456967c2a1864e26e518ed79e17baee2bebe254e79ffb53a86b7f517e1b81cd6df426af203ceacccaaf5e7a70"}], 0x378, 0x4000010}, 0x884) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:35 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x6, 0x420101) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000180)=""/80, &(0x7f0000000200)=0x50) close(r0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) pwritev(r3, &(0x7f00000004c0)=[{&(0x7f0000000240)="71950104b5e97c1b944c4bb9c8f9a05b1e641ca491bf01", 0x17}, {&(0x7f0000000280)="5282014a05857629c0493fa932358bd07056393e5ef9107ab50d1604613784487d8fb364325624aa97b18629cc3fd6d163c1ea1491e73648c8ed7a23c75aa409daa3e3d283dc7e31d60e9382d3acf32dd952f9788caadc7dc465109f0505168f01b70d889dc2e33a79a8b3bfd23436178c730c4866bd61853f9b9e0facd9910044c56d321798555d28e80a37eaf3e380c13841ebffc4f2de9ffe8b22099df6ec54471267d6421fde5feb1ccd93", 0xad}, {&(0x7f0000000340)="64732834771ab91dea9532dae23fa8d1759c4c9a0043d026f3f9bb804187d41565052ae0454c2d6c215fcffe4595680ed39c6179f6b4c425a6c96380b78dde52b0091d261d922ed31bad0c1c44a3f799b197937ecf22ab7eb131eb9889d71e2ada163476f92a4cd5a6409454cbb0ff59fd6d5a4b931aa6b73805ee6a26cbc8f3c0a88c755e99f833cdb51f6f61ded71faf1d3b973c06b25fd6439330ad17d5cf3c8c7ac57122bbd328f92fd6566265ebdbdfa02cf1c6718817a6efb6906a0f2a0c4bd834a6867a491d75b3cf76bececfa796bf744734c31ca8b799afffaa5570dd79b35fad862e1da5125784837226149706c96937e6081f916c0d87", 0xfc}, {&(0x7f0000000440)="f861b3f1386209fcdae66e919ff354c006f88789535ab0d00ba7b5fe181fa3b42c5401dd8ce8e74f57d43cb25cf062730c0820eb9cfff5f769efcfd4717038f4293d08c36751b20678485623f05eac0f7f80e3a760", 0x55}], 0x4, 0x0) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:35 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300051800000015"]) 22:21:35 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc45300481800000015"]) 22:21:35 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300681800000015"]) [ 489.142861] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 489.150092] FAT-fs (loop1): Filesystem has been set read-only 22:21:35 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0007a00002011076a439cc45300001800000015"]) 22:21:35 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0xfffffffffffffef2) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000000000000010000000000000000000000000000000000000000000000000000000000001f00c7ee2320000000a4afcd349cdf149ee098c2cef3908437efa2bb70b33dca07338da59287cd49a6d6cb0bc6689f68e46484f2c28034fe2479b34d0061e4c9cddb2639afbc3a4b37a3f5325b4224f1abf87cc589e42557"]) creat(&(0x7f0000000240)='./file0\x00', 0x0) 22:21:35 executing program 6: write$evdev(0xffffffffffffffff, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) close(0xffffffffffffffff) r0 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 22:21:35 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45374001800000015"]) 22:21:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='O/file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 22:21:35 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300741800000015"]) 22:21:35 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x6, 0x420101) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000180)=""/80, &(0x7f0000000200)=0x50) close(r0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r3, 0x40086602, &(0x7f00000000c0)=ANY=[]) pwritev(r3, &(0x7f00000004c0)=[{&(0x7f0000000240)="71950104b5e97c1b944c4bb9c8f9a05b1e641ca491bf01", 0x17}, {&(0x7f0000000280)="5282014a05857629c0493fa932358bd07056393e5ef9107ab50d1604613784487d8fb364325624aa97b18629cc3fd6d163c1ea1491e73648c8ed7a23c75aa409daa3e3d283dc7e31d60e9382d3acf32dd952f9788caadc7dc465109f0505168f01b70d889dc2e33a79a8b3bfd23436178c730c4866bd61853f9b9e0facd9910044c56d321798555d28e80a37eaf3e380c13841ebffc4f2de9ffe8b22099df6ec54471267d6421fde5feb1ccd93", 0xad}, {&(0x7f0000000340)="64732834771ab91dea9532dae23fa8d1759c4c9a0043d026f3f9bb804187d41565052ae0454c2d6c215fcffe4595680ed39c6179f6b4c425a6c96380b78dde52b0091d261d922ed31bad0c1c44a3f799b197937ecf22ab7eb131eb9889d71e2ada163476f92a4cd5a6409454cbb0ff59fd6d5a4b931aa6b73805ee6a26cbc8f3c0a88c755e99f833cdb51f6f61ded71faf1d3b973c06b25fd6439330ad17d5cf3c8c7ac57122bbd328f92fd6566265ebdbdfa02cf1c6718817a6efb6906a0f2a0c4bd834a6867a491d75b3cf76bececfa796bf744734c31ca8b799afffaa5570dd79b35fad862e1da5125784837226149706c96937e6081f916c0d87", 0xfc}, {&(0x7f0000000440)="f861b3f1386209fcdae66e919ff354c006f88789535ab0d00ba7b5fe181fa3b42c5401dd8ce8e74f57d43cb25cf062730c0820eb9cfff5f769efcfd4717038f4293d08c36751b20678485623f05eac0f7f80e3a760", 0x55}], 0x4, 0x0) write$cgroup_type(r3, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000040)=0x5) 22:21:35 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0007400002011076a439cc45300001800000015"]) 22:21:35 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc453007a1800000015"]) 22:21:35 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc453001f1800000015"]) 22:21:35 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc45300061800000015"]) 22:21:35 executing program 6 (fault-call:3 fault-nth:0): r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000010000)={0x8004, 0x1a, 0x0, 0xffffffffffffffff}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000e7ff8)=0x3) 22:21:35 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}], 0x18) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r1, 0x40086602, &(0x7f00000000c0)=ANY=[]) getrandom(&(0x7f0000000140)=""/85, 0x55, 0x2) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0xfe63) truncate(&(0x7f0000000100)='./file0\x00', 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000040)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x1) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f00000001c0)={0x4ce9a004, 0x4, 0x7fffffff, 0x200}, 0x10) 22:21:35 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="0af0000400002011076a439cc45300001800000015"]) [ 489.541133] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 489.548415] FAT-fs (loop1): Filesystem has been set read-only [ 489.647703] FAULT_INJECTION: forcing a failure. [ 489.647703] name failslab, interval 1, probability 0, space 0, times 0 [ 489.659528] CPU: 0 PID: 26745 Comm: syz-executor6 Not tainted 4.18.0-rc2+ #124 [ 489.666927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 489.676305] Call Trace: [ 489.678926] dump_stack+0x1c9/0x2b4 [ 489.682598] ? dump_stack_print_info.cold.2+0x52/0x52 [ 489.687853] should_fail.cold.4+0xa/0x1a [ 489.692151] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 489.697296] ? rcu_note_context_switch+0x730/0x730 [ 489.702258] ? __lock_acquire+0x7fc/0x5020 [ 489.706533] ? graph_lock+0x170/0x170 [ 489.710390] ? find_held_lock+0x36/0x1c0 [ 489.714500] ? __lock_is_held+0xb5/0x140 [ 489.718627] ? check_same_owner+0x340/0x340 [ 489.723092] ? perf_trace_lock_acquire+0x4f9/0x9a0 [ 489.728062] ? rcu_note_context_switch+0x730/0x730 [ 489.729240] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000203) [ 489.733024] ? find_held_lock+0x36/0x1c0 [ 489.740276] FAT-fs (loop1): Filesystem has been set read-only [ 489.744310] __should_failslab+0x124/0x180 [ 489.744338] should_failslab+0x9/0x14 [ 489.744358] kmem_cache_alloc_node_trace+0x26f/0x770 [ 489.744377] ? graph_lock+0x170/0x170 [ 489.744396] ? graph_lock+0x170/0x170 [ 489.771073] __get_vm_area_node+0x12d/0x390 [ 489.775455] __vmalloc_node_range+0xc4/0x760 [ 489.779887] ? ion_heap_map_kernel+0xb4/0x4b0 [ 489.784428] ? ion_heap_map_kernel+0xb4/0x4b0 [ 489.788951] vmalloc+0x6f/0x80 [ 489.792168] ? ion_heap_map_kernel+0xb4/0x4b0 [ 489.796697] ion_heap_map_kernel+0xb4/0x4b0 [ 489.801049] ? kasan_check_read+0x11/0x20 [ 489.805227] ? rcu_is_watching+0x8c/0x150 [ 489.809401] ion_dma_buf_begin_cpu_access+0x188/0x5a0 [ 489.814608] ? ion_dma_buf_end_cpu_access+0x4a0/0x4a0 [ 489.819813] dma_buf_begin_cpu_access+0x7f/0x160 [ 489.824573] dma_buf_ioctl+0x1af/0x250 [ 489.828458] ? dma_buf_begin_cpu_access+0x160/0x160 [ 489.833483] ? dma_buf_begin_cpu_access+0x160/0x160 [ 489.838495] do_vfs_ioctl+0x1de/0x1720 [ 489.842380] ? __lock_is_held+0xb5/0x140 [ 489.846439] ? ioctl_preallocate+0x300/0x300 [ 489.850842] ? __fget_light+0x2f7/0x440 [ 489.854815] ? fget_raw+0x20/0x20 [ 489.858269] ? __sb_end_write+0xac/0xe0 [ 489.862265] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 489.867800] ? fput+0x130/0x1a0 [ 489.871076] ? ksys_write+0x1ae/0x260 [ 489.874883] ? security_file_ioctl+0x94/0xc0 [ 489.879292] ksys_ioctl+0xa9/0xd0 [ 489.882748] __x64_sys_ioctl+0x73/0xb0 [ 489.886728] do_syscall_64+0x1b9/0x820 [ 489.890611] ? syscall_slow_exit_work+0x500/0x500 [ 489.895460] ? syscall_return_slowpath+0x5e0/0x5e0 [ 489.900395] ? syscall_return_slowpath+0x31d/0x5e0 [ 489.905329] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 489.910695] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 489.915553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 489.920737] RIP: 0033:0x455a99 [ 489.923912] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 489.943480] RSP: 002b:00007f8f332fdc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 489.951191] RAX: ffffffffffffffda RBX: 00007f8f332fe6d4 RCX: 0000000000455a99 [ 489.958455] RDX: 00000000200e7ff8 RSI: 0000000040086200 RDI: 0000000000000015 [ 489.965727] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 489.973087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 489.980360] R13: 00000000004bcb74 R14: 00000000004cabf0 R15: 0000000000000000 [ 489.988806] syz-executor6: vmalloc: allocation failure: 72 bytes, mode:0x6000c0(GFP_KERNEL), nodemask=(null) 22:21:35 executing program 5: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000002011076a439cc45300681800000015"]) 22:21:35 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x6, 0x420101) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000180)=""/80, &(0x7f0000000200)=0x50) close(r0) accept4$inet(0xffffffffffffff9c, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value, &(0x7f00000000c0)=0x8) ioctl$fiemap(r2, 0x40086602, &(0x7f00000000c0)=ANY=[]) pwritev(r2, &(0x7f00000004c0)=[{&(0x7f0000000240)="71950104b5e97c1b944c4bb9c8f9a05b1e641ca491bf01", 0x17}, {&(0x7f0000000280)="5282014a05857629c0493fa932358bd07056393e5ef9107ab50d1604613784487d8fb364325624aa97b18629cc3fd6d163c1ea1491e73648c8ed7a23c75aa409daa3e3d283dc7e31d60e9382d3acf32dd952f9788caadc7dc465109f0505168f01b70d889dc2e33a79a8b3bfd23436178c730c4866bd61853f9b9e0facd9910044c56d321798555d28e80a37eaf3e380c13841ebffc4f2de9ffe8b22099df6ec54471267d6421fde5feb1ccd93", 0xad}, {&(0x7f0000000340)="64732834771ab91dea9532dae23fa8d1759c4c9a0043d026f3f9bb804187d41565052ae0454c2d6c215fcffe4595680ed39c6179f6b4c425a6c96380b78dde52b0091d261d922ed31bad0c1c44a3f799b197937ecf22ab7eb131eb9889d71e2ada163476f92a4cd5a6409454cbb0ff59fd6d5a4b931aa6b73805ee6a26cbc8f3c0a88c755e99f833cdb51f6f61ded71faf1d3b973c06b25fd6439330ad17d5cf3c8c7ac57122bbd328f92fd6566265ebdbdfa02cf1c6718817a6efb6906a0f2a0c4bd834a6867a491d75b3cf76bececfa796bf744734c31ca8b799afffaa5570dd79b35fad862e1da5125784837226149706c96937e6081f916c0d87", 0xfc}, {&(0x7f0000000440)="f861b3f1386209fcdae66e919ff354c006f88789535ab0d00ba7b5fe181fa3b42c5401dd8ce8e74f57d43cb25cf062730c0820eb9cfff5f769efcfd4717038f4293d08c36751b20678485623f05eac0f7f80e3a760", 0x55}], 0x4, 0x0) write$cgroup_type(r2, &(0x7f0000000000)='threaded\x00', 0x9) truncate(&(0x7f0000000100)='./file0\x00', 0xbb83) 22:21:35 executing program 0: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f0000000682011076a439cc453007a1800000015"]) 22:21:36 executing program 3: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r0, 0x400452c8, &(0x7f0000000080)=ANY=[@ANYBLOB="14f00000004c2011076a439cc453003f1800000015"]) 22:21:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x0) mount(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='fuse\x00', 0x20, &(0x7f0000000300)) syz_fuseblk_mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000280)='\n/file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 489.998909] syz-executor6 cpuset=syz6 mems_allowed=0 [ 490.004576] CPU: 0 PID: 26745 Comm: syz-executor6 Not tainted 4.18.0-rc2+ #124 [ 490.011963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.021335] Call Trace: [ 490.023946] dump_stack+0x1c9/0x2b4 [ 490.027588] ? dump_stack_print_info.cold.2+0x52/0x52 [ 490.032789] warn_alloc.cold.117+0xb7/0x1bd [ 490.037110] ? zone_watermark_ok_safe+0x3d0/0x3d0 [ 490.041959] ? __get_vm_area_node+0x12d/0x390 [ 490.046468] ? __get_vm_area_node+0x12d/0x390 [ 490.050987] ? rcu_read_lock_sched_held+0x108/0x120 [ 490.056022] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 490.061310] ? graph_lock+0x170/0x170 [ 490.065109] ? graph_lock+0x170/0x170 [ 490.069007] ? __get_vm_area_node+0x2da/0x390 [ 490.073522] __vmalloc_node_range+0x472/0x760 [ 490.078056] ? ion_heap_map_kernel+0xb4/0x4b0 [ 490.082585] vmalloc+0x6f/0x80 [ 490.085780] ? ion_heap_map_kernel+0xb4/0x4b0 [ 490.090289] ion_heap_map_kernel+0xb4/0x4b0 [ 490.094616] ? kasan_check_read+0x11/0x20 [ 490.098763] ? rcu_is_watching+0x8c/0x150 [ 490.102925] ion_dma_buf_begin_cpu_access+0x188/0x5a0 [ 490.108125] ? ion_dma_buf_end_cpu_access+0x4a0/0x4a0 [ 490.113336] dma_buf_begin_cpu_access+0x7f/0x160 [ 490.118104] dma_buf_ioctl+0x1af/0x250 [ 490.122004] ? dma_buf_begin_cpu_access+0x160/0x160 [ 490.127078] ? dma_buf_begin_cpu_access+0x160/0x160 [ 490.132105] do_vfs_ioctl+0x1de/0x1720 [ 490.136012] ? __lock_is_held+0xb5/0x140 [ 490.140106] ? ioctl_preallocate+0x300/0x300 [ 490.144518] ? __fget_light+0x2f7/0x440 [ 490.148490] ? fget_raw+0x20/0x20 [ 490.151956] ? __sb_end_write+0xac/0xe0 [ 490.155957] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 490.161506] ? fput+0x130/0x1a0 [ 490.164791] ? ksys_write+0x1ae/0x260 [ 490.168604] ? security_file_ioctl+0x94/0xc0 [ 490.173043] ksys_ioctl+0xa9/0xd0 [ 490.176521] __x64_sys_ioctl+0x73/0xb0 [ 490.180409] do_syscall_64+0x1b9/0x820 [ 490.184292] ? syscall_slow_exit_work+0x500/0x500 [ 490.189142] ? syscall_return_slowpath+0x5e0/0x5e0 [ 490.194087] ? syscall_return_slowpath+0x31d/0x5e0 [ 490.199031] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 490.204416] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.209372] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 490.214582] RIP: 0033:0x455a99 [ 490.217767] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 490.237478] RSP: 002b:00007f8f332fdc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 490.245403] RAX: ffffffffffffffda RBX: 00007f8f332fe6d4 RCX: 0000000000455a99 [ 490.252680] RDX: 00000000200e7ff8 RSI: 0000000040086200 RDI: 0000000000000015 [ 490.259951] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 490.267221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 490.275275] R13: 00000000004bcb74 R14: 00000000004cabf0 R15: 0000000000000000 [ 490.283438] Mem-Info: [ 490.285958] active_anon:89764 inactive_anon:340 isolated_anon:0 [ 490.285958] active_file:12523 inactive_file:13272 isolated_file:0 [ 490.285958] unevictable:0 dirty:166 writeback:21 unstable:0 [ 490.285958] slab_reclaimable:13387 slab_unreclaimable:102222 [ 490.285958] mapped:74992 shmem:345 pagetables:968 bounce:0 [ 490.285958] free:1165206 free_pcp:366 free_cma:0 [ 490.319992] Node 0 active_anon:356948kB inactive_anon:1360kB active_file:50092kB inactive_file:53088kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:299968kB dirty:664kB writeback:84kB shmem:1380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 22528kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 490.348344] Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 490.374574] lowmem_reserve[]: 0 2827 6331 6331 [ 490.379317] Node 0 DMA32 free:2898104kB min:30100kB low:37624kB high:45148kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2898912kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:808kB local_pcp:160kB free_cma:0kB [ 490.407181] lowmem_reserve[]: 0 0 3504 3504 [ 490.411646] Node 0 Normal free:1746972kB min:37316kB low:46644kB high:55972kB active_anon:357104kB inactive_anon:1360kB active_file:50092kB inactive_file:53088kB unevictable:0kB writepending:748kB present:4718592kB managed:3589008kB mlocked:0kB kernel_stack:5472kB pagetables:4168kB bounce:0kB free_pcp:772kB local_pcp:92kB free_cma:0kB [ 490.441860] lowmem_reserve[]: 0 0 0 0 [ 490.445801] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 490.459880] Node 0 DMA32: 2*4kB (M) 4*8kB (UM) 3*16kB (UM) 3*32kB (M) 2*64kB (UM) 3*128kB (M) 2*256kB (UM) 4*512kB (UM) 5*1024kB (UM) 3*2048kB (UM) 704*4096kB (M) = 2898104kB [ 490.476006] Node 0 Normal: 291*4kB (UME) 1108*8kB (UME) 960*16kB (UME) 588*32kB (UME) 82*64kB (UME) 271*128kB (U) 91*256kB (U) 18*512kB (U) 17*1024kB (UME) 4*2048kB (UME) 392*4096kB (M) = 1747884kB [ 490.494063] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 490.502724] 26163 total pagecache pages [ 490.506767] 0 pages in swap cache [ 490.510308] Swap cache stats: add 0, delete 0, find 0/0 [ 490.515732] Free swap = 0kB [ 490.518848] Total swap = 0kB [ 490.521934] 1965969 pages RAM [ 490.525129] 0 pages HighMem/MovableOnly [ 490.529194] 340012 pages reserved [ 490.532740] ------------[ cut here ]------------ [ 490.537546] heap->ops->map_kernel should return ERR_PTR on error [ 490.537855] WARNING: CPU: 0 PID: 26745 at drivers/staging/android/ion/ion.c:148 ion_dma_buf_begin_cpu_access+0x48e/0x5a0 [ 490.555044] Kernel panic - not syncing: panic_on_warn set ... [ 490.555044] [ 490.562532] CPU: 0 PID: 26745 Comm: syz-executor6 Not tainted 4.18.0-rc2+ #124 [ 490.569916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.579295] Call Trace: [ 490.581917] dump_stack+0x1c9/0x2b4 [ 490.585601] ? dump_stack_print_info.cold.2+0x52/0x52 [ 490.591210] panic+0x238/0x4e7 [ 490.594430] ? add_taint.cold.5+0x16/0x16 [ 490.598620] ? __warn.cold.8+0x148/0x1ba [ 490.602725] ? ion_dma_buf_begin_cpu_access+0x48e/0x5a0 [ 490.608152] __warn.cold.8+0x163/0x1ba [ 490.612079] ? ion_dma_buf_begin_cpu_access+0x48e/0x5a0 [ 490.617479] report_bug+0x252/0x2d0 [ 490.621149] do_error_trap+0x1fc/0x4d0 [ 490.625076] ? math_error+0x3e0/0x3e0 [ 490.628905] ? vprintk_default+0x28/0x30 [ 490.632999] ? vprintk_func+0x81/0xe7 [ 490.636868] ? printk+0xa7/0xcf [ 490.640195] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.645089] do_invalid_op+0x1b/0x20 [ 490.648830] invalid_op+0x14/0x20 [ 490.652316] RIP: 0010:ion_dma_buf_begin_cpu_access+0x48e/0x5a0 [ 490.658301] Code: ff 41 bc ea ff ff ff 89 de e8 ce c0 b1 fb 84 db 75 a8 e8 f5 bf b1 fb 48 c7 c7 00 e8 67 88 c6 05 5c 52 cf 03 01 e8 c2 e2 7c fb <0f> 0b eb 8c 48 c7 c7 c0 10 ef 88 e8 82 93 ef fb e9 15 ff ff ff e8 [ 490.677981] RSP: 0018:ffff880196b87ae8 EFLAGS: 00010282 [ 490.683396] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90001e0c000 [ 490.690779] RDX: 0000000000040000 RSI: ffffffff816318f1 RDI: 0000000000000001 [ 490.698076] RBP: ffff880196b87b40 R08: ffff8801ab3942c0 R09: ffffed003b5c3ec2 [ 490.705372] R10: ffffed003b5c3ec2 R11: ffff8801dae1f617 R12: 00000000ffffffea [ 490.712667] R13: ffff8801d1e52208 R14: 0000000000000000 R15: ffffffff89727840 [ 490.720084] ? vprintk_func+0x81/0xe7 [ 490.723930] ? ion_dma_buf_begin_cpu_access+0x48e/0x5a0 [ 490.729356] ? ion_dma_buf_end_cpu_access+0x4a0/0x4a0 [ 490.734576] dma_buf_begin_cpu_access+0x7f/0x160 [ 490.739367] dma_buf_ioctl+0x1af/0x250 [ 490.743293] ? dma_buf_begin_cpu_access+0x160/0x160 [ 490.748351] ? dma_buf_begin_cpu_access+0x160/0x160 [ 490.753483] do_vfs_ioctl+0x1de/0x1720 [ 490.757496] ? __lock_is_held+0xb5/0x140 [ 490.761597] ? ioctl_preallocate+0x300/0x300 [ 490.766045] ? __fget_light+0x2f7/0x440 [ 490.770077] ? fget_raw+0x20/0x20 [ 490.773656] ? __sb_end_write+0xac/0xe0 [ 490.777674] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 490.783248] ? fput+0x130/0x1a0 [ 490.786563] ? ksys_write+0x1ae/0x260 [ 490.790402] ? security_file_ioctl+0x94/0xc0 [ 490.795970] ksys_ioctl+0xa9/0xd0 [ 490.799671] __x64_sys_ioctl+0x73/0xb0 [ 490.803596] do_syscall_64+0x1b9/0x820 [ 490.807518] ? syscall_slow_exit_work+0x500/0x500 [ 490.812397] ? syscall_return_slowpath+0x5e0/0x5e0 [ 490.817363] ? syscall_return_slowpath+0x31d/0x5e0 [ 490.822340] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 490.827747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.832638] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 490.837857] RIP: 0033:0x455a99 [ 490.841156] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 490.860830] RSP: 002b:00007f8f332fdc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 490.868571] RAX: ffffffffffffffda RBX: 00007f8f332fe6d4 RCX: 0000000000455a99 [ 490.875871] RDX: 00000000200e7ff8 RSI: 0000000040086200 RDI: 0000000000000015 [ 490.883169] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 490.890551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 490.898124] R13: 00000000004bcb74 R14: 00000000004cabf0 R15: 0000000000000000 [ 490.906104] Dumping ftrace buffer: [ 490.909703] (ftrace buffer empty) [ 490.913407] Kernel Offset: disabled [ 490.917035] Rebooting in 86400 seconds..