80000000066ba008000000f3066b9800000c00f326635000800000f3066b80e5000000f23c00f21f86635010003000f23f8ba400066b86b16da2366ef", 0x5d}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)={0x6}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext={0x8001, 0x41}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:59:38 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000f00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3306.429042][ T8732] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3306.459945][ T8732] FAT-fs (loop3): Filesystem has been set read-only 16:59:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000200)="0f9bd43e64260fa267660f7f120f01c5c1d714ba2000b089ee66b9470b000066b80000000066ba008000000f3066b9800000c00f326635000800000f3066b80e5000000f23c00f21f86635010003000f23f8ba400066b86b16da2366ef", 0x5d}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)={0x6}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext={0x8001, 0x41}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:59:39 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x202e02, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = open(&(0x7f0000000280)='./file0\x00', 0x110000141542, 0x0) ftruncate(r6, 0x10099b3) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000002240)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(sha3-512-generic)\x00'}, 0x58) sendfile(0xffffffffffffffff, r6, 0x0, 0x8001) r8 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) r9 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r8, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r10, 0x4) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r6, 0x84, 0x17, &(0x7f0000000440)={r10, 0x7, 0x99, "4894101ad2693735771b1a0616844144fb5258f96ea30af22e628be11f6b14ac06fb6f005f488a15a15b561d8ec73d0dc7cb252d31a267a11571a6d0ca61362398ec51e7e2ccecc9f0b3f8f19ac1173c7542931a7fb966cd2297e79acfb7a5621cbb37957e61984a2057dc65f9dd35ccf6f6b2faf3a39f43eab2c60fb2c1411ab4dc4c2be67ea55ba7fedc40bcbb04f435b3d15f1389f06ba7"}, 0xa1) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f00000002c0)={r10, 0x9}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f0000000340)={r11, 0x3ff, 0x9}, 0x8) 16:59:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001100003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3306.798845][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3306.822146][ T796] FAT-fs (loop0): Filesystem has been set read-only 16:59:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(0x0, 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001200003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000200)="0f9bd43e64260fa267660f7f120f01c5c1d714ba2000b089ee66b9470b000066b80000000066ba008000000f3066b9800000c00f326635000800000f3066b80e5000000f23c00f21f86635010003000f23f8ba400066b86b16da2366ef", 0x5d}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext={0x8001, 0x41}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:59:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(0x0, 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3307.313332][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3307.338603][T21082] FAT-fs (loop2): Filesystem has been set read-only 16:59:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001300003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000200)="0f9bd43e64260fa267660f7f120f01c5c1d714ba2000b089ee66b9470b000066b80000000066ba008000000f3066b9800000c00f326635000800000f3066b80e5000000f23c00f21f86635010003000f23f8ba400066b86b16da2366ef", 0x5d}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext={0x8001, 0x41}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:59:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001400003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3307.674669][ T4648] sctp: [Deprecated]: syz-executor.3 (pid 4648) Use of int in maxseg socket option. [ 3307.674669][ T4648] Use struct sctp_assoc_value instead 16:59:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3307.848796][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 16:59:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000002000003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3307.941782][ T796] FAT-fs (loop0): Filesystem has been set read-only 16:59:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) 16:59:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x600000000000000) [ 3308.111966][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3308.152164][ T3157] FAT-fs (loop5): Filesystem has been set read-only 16:59:40 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000200)="0f9bd43e64260fa267660f7f120f01c5c1d714ba2000b089ee66b9470b000066b80000000066ba008000000f3066b9800000c00f326635000800000f3066b80e5000000f23c00f21f86635010003000f23f8ba400066b86b16da2366ef", 0x5d}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext={0x8001, 0x41}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 16:59:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000002100003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000100)={0x6}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000004, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext={0x8001, 0x41}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 3308.451490][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3308.495392][T21082] FAT-fs (loop2): Filesystem has been set read-only 16:59:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0xfffffffffffffe26) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0xfffffffffffffe26) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:41 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000002f00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:41 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe) 16:59:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[{&(0x7f0000000280)="bfc5b1e614042bf43ee9178bc96a1578187ab0826299e56f1e85435538e3bba2d57ca19ebb3174b63c02c2be34681d0bce24085e5231058c6e9aae871b86995e45d683f20d4bd8b7164791e630636c1a43bad5eb688d89108ccedefe956528ceb6556433626c64000127476b734330ed366f9c5c931f5d0a9957a2a6723fe2219f0dcdbf54760dfc76b087b27bd5bca79eaa17276a67f8cd34719727485dfb76efc3242b52069eee62588b2b7c2cfc10fe52ac7db3b4194d2163043e0ab36ecaef7b53c8500fc74fa61e3f146bbf618f5f92", 0xd2, 0xc0}, {&(0x7f0000000440)="565ba8052884e64c1f3426351c13df137065de280fa7e2d4f910374599d468131336f95ca8586dc059b64dcc764521c54d606d40d41e51ffaa3e50fc8a28cf8fd66341509f1c6b5b05b4960f0a29806a6f15b9fe377ce5d7611147f6b87171d13c43c6349e880a5fa42685e28cff8b6d4a98ac93c8e017ad185b263aaa309c92af676a848f0ff43d9e953883c1b2dcc8200ecf451e34f8832c755a9bc7c863b88a46b0d337754a8785848450a723d6c4d0ab6021489ca807bd0abd0dd9dd524a9758837958d6ad875839dafab0ab66219adc8dff3edcc9e7a1ea09c2546433d37f070d0250a2c98b618546026a03a7333423e058ff676ca827a5", 0xfa, 0x3a}, {&(0x7f0000000140)="f4355957a7deccdba316bfd04dc0776ac1331e16ea6d4c984d5d", 0x1a, 0x5}, {&(0x7f0000000180)="fd538c404b4cb6ae987f931b628a3e15eef64c021438cea5ebe35947430ce78705f1ac1083439bab95ebf1657a6137ffef5d0c16114c", 0x36, 0x8}, {&(0x7f0000000fc0)="914eae1d11f2669a12c46be5568c6acf88556a3f995d9873dbf2a6bd5dec4d7943b87f538d91fec11d861b799448275c1a7de39d0ac0769f387aa8a246f6320103c9711a9bd6973f5ee910d7ca8b21edf364bca15b7ea9d9b68910bf42d15edf5644be661e209b1509e37523206e397bfbc49ebd12ac99f0e5c2ea867e8964b7ff045bb59440fd490d4f0ac47bab9e47c237fb39c03e261e81e2519bc1a64da6740602f80c352cfc9db38a2e487d3b", 0xaf, 0xff}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_GET_API_VERSION(r0, 0xae00, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:41 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000943100003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:41 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3309.331128][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3309.363215][ T796] FAT-fs (loop0): Filesystem has been set read-only 16:59:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) r3 = socket$unix(0x1, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$IMDELTIMER(r4, 0x80044941, &(0x7f00000000c0)=0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) sync() syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:41 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000003a00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x77040000000000) 16:59:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x77040000000000) 16:59:42 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000003f00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000004000003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000004800003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000004c00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) [ 3310.340420][ T4773] validate_nla: 58 callbacks suppressed [ 3310.340431][ T4773] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.354364][ T4773] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:42 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:42 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x77040000000000) [ 3310.439380][ T4774] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.447519][ T4774] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0xe803000000000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:42 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="360ffb688866b9420b000066b80000000066ba000000800f3066b8010000000f01c10f20d86635200000000f22d80f785a8cf30f110f660fea3a6464ffe66766c74424003a0000006766c7442402000001006766c744240600000000670f011c240f01c5", 0x64}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20044080}, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 16:59:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000006000003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000006800003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3310.863663][ T4796] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.871885][ T4796] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.886633][ T4798] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.894872][ T4798] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.983944][ T4801] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3310.992230][ T4801] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x77040000000000) 16:59:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x16480000) 16:59:43 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="360ffb688866b9420b000066b80000000066ba000000800f3066b8010000000f01c10f20d86635200000000f22d80f785a8cf30f110f660fea3a6464ffe66766c74424003a0000006766c7442402000001006766c744240600000000670f011c240f01c5", 0x64}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20044080}, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 16:59:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000006c00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x16480000) 16:59:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x14680000) [ 3311.388178][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3311.410190][ T796] FAT-fs (loop0): Filesystem has been set read-only 16:59:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000007400003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:44 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x3800000000000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x10480000) 16:59:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000007a00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x10480000) 16:59:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xe000000) 16:59:44 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000200)='hugetlb.2MB.failcnt\x00', 0x2, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100020000) 16:59:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000319400003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0xc480000) 16:59:44 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000004003003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:44 executing program 3: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000680000003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000340003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3312.568387][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3312.618517][ T796] FAT-fs (loop0): Filesystem has been set read-only 16:59:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000013c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x6480000) 16:59:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x4c}}, 0x0) 16:59:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1500000000000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000023c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:45 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x48, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x48}}, 0x0) [ 3313.056367][ T4889] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3313.097577][ T4889] FAT-fs (loop0): Filesystem has been set read-only [ 3313.127050][ T4889] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:45 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:45 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000033c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x4, 0x0, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}, {{0x0, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f00000000c0), 0x4) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000043c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3313.584407][ T4925] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3313.593669][ T4925] FAT-fs (loop0): Filesystem has been set read-only [ 3313.600880][ T4925] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000053c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000063c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3314.142445][ T4927] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3314.151518][ T4927] FAT-fs (loop5): Filesystem has been set read-only [ 3314.158304][ T4927] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3314.170669][ T4929] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001) [ 3314.179337][ T4929] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001) 16:59:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000073c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:46 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000083c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3314.476948][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 16:59:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000093c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000b3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:47 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) [ 3315.513799][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3315.522759][T12695] FAT-fs (loop1): Filesystem has been set read-only 16:59:48 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000103c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3315.824550][ T4997] validate_nla: 66 callbacks suppressed [ 3315.824560][ T4997] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3315.838523][ T4997] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3315.849517][ T4999] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3315.857644][ T4999] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x80040000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) [ 3315.969735][ T5007] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3315.978044][ T5007] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3316.005845][ T5008] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3316.013997][ T5008] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:48 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000113c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:48 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3316.297522][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3316.306687][ T5015] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3316.315072][ T5015] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3316.348990][T21082] FAT-fs (loop2): Filesystem has been set read-only 16:59:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x2, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x4, 0x1, 0x1}}, {{0x2, 0x1, 0x1, 0x1}, {0x0, 0x1, 0x0, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x1e000000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) 16:59:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2e48) [ 3316.549220][ T4995] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3316.558450][ T4995] FAT-fs (loop3): Filesystem has been set read-only [ 3316.559737][ T5002] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 16:59:49 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000123c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3316.616244][ T5002] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3316.651949][ T5002] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 970769) [ 3316.690978][ T5002] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3316.734467][ T5022] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3316.764503][ T5022] FAT-fs (loop0): Filesystem has been set read-only [ 3316.776861][ T5002] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 970769) [ 3316.787219][ T5022] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:49 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "018000da7d469c04", "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) r1 = socket$unix(0x1, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) sendto$inet(r0, &(0x7f00000008c0)="81838ea59a01f3def2f74b864fabdf568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e630800000000000000c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a73515b34d6345702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db54323d85e97c194e8bd800986bab0f651c200000000000013a8b4e53e5bce6493db35580ad6b73bee479917e945caed7303c945e5cb9c521d389d1270619abc94ad19fdec0eb6174e30657f99459094ae13907e8ef9f645ba9ab91f2d8fda7f9d6c3c9472", 0x119, 0x44000, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="23ff1f0a8117fb62e0eb1b3c750c75c5533f018823a16997c30a069cb5b742686128af8baad097514187691d92010000009e3db9e86db57e1d384bfe3042c49e09004937af481f2b44e023b3884e0efb76d2659a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003000000000000000369dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a81f6ffbe89000097559772f645e989"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r0, &(0x7f0000000a00)="0c268a927f351f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec255fe58fbeb3214cc365f752c07f2d430bb04f5620772dc468838b29e2ee760188690150620e3521cd4291d03fac6fd52b26c933c6f84beb2232f7a6eb9bb71027b73e3c035f63020da3dbb9ae63d590a2c835b566831933497c2ada261c55db632978b76511af190f642940f84d4b6da2740fd933fce1734b2164bef8be5a5581352d0159f9cc5a6ab0f3ca4040fde22d0000000000000000000000000000001f19e158c62a783348ce9eb2e6f975111f83b7d7eadcf85cd926ca8822e8231a158a5da8d8a17877bc56bb680aee9d13320d20cf5b2f75b9a6b95fde4b", 0x129, 0x20000811, 0x0, 0x0) 16:59:49 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, 0x0) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:49 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000133c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3317.104923][ T8732] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF 16:59:49 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:49 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000143c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3317.365065][ T5043] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 16:59:49 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "018000da7d469c04", "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendto$inet(r0, &(0x7f0000000740)="81838ea59a01f3def2f74b864fabdfd6d9016709aa568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e63bae1243fbd819eb3c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a7351545702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db5b0f651c2ea16a3b08888e63f5d43c24ef0", 0xc9, 0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="23ff1f3f98db153c03dbe93c750c75c5533f018823a16997c30a069cb5b742686128af8baad097514187691d92010000009e3db9e86db57e1d384bfe3042c49e09004937af481f2b44e023b3884e07fb76d2659a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003000000000000000369dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a81f6ffbe89000097559772f645e989b8e906dd1a911fbc0c5dae596cb59ab3558d5e82d9"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 3317.406624][ T5043] FAT-fs (loop0): Filesystem has been set read-only 16:59:49 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x2448) [ 3317.454191][ T5043] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3317.454464][ T5047] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3317.475738][ T5047] FAT-fs (loop5): Filesystem has been set read-only [ 3317.482900][ T5047] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:49 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "018000da7d469c04", "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) r1 = getpid() sched_setparam(r1, &(0x7f0000000440)=0x3) process_vm_readv(r1, &(0x7f0000000080)=[{&(0x7f0000000340)=""/178, 0xb2}, {&(0x7f0000000180)=""/122, 0x7a}, {&(0x7f0000000540)=""/91, 0x5b}, {&(0x7f0000001340)=""/4096, 0x1000}], 0x4, &(0x7f0000000100)=[{&(0x7f00000008c0)=""/227, 0xe3}, {&(0x7f00000009c0)=""/134, 0x86}], 0x2, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) r2 = socket$unix(0x1, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) sendto$inet(r0, &(0x7f0000000740)="81838ea59a01f3def2f74b864fabdfd6d9016709aa568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e63bae1243fbd819eb3c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a7351545702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db5b0f651c2ea16a3b08888e63f5d43c24ef0", 0xc9, 0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="23ff1f0a8117fb62e0eb1b3c750c75c5533f018823a16997c30a069cb5b742686128af8baad097514187691d92010000009e3db9e86db57e1d384bfe3042c49e09004937af481f2b44e023b3884e0efb76d2659a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003000000000000000369dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a81f6ffbe89000097559772f645e989"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 16:59:50 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000203c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:50 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, 0x0) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3317.697883][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3317.710018][T21082] FAT-fs (loop2): Filesystem has been set read-only 16:59:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000213c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3317.953485][ T5067] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3318.064501][ T5067] FAT-fs (loop0): Filesystem has been set read-only [ 3318.090914][ T5067] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1640) 16:59:50 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, 0x0) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000002f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1068) 16:59:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x806) [ 3318.563884][ T5080] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3318.593069][ T5080] FAT-fs (loop0): Filesystem has been set read-only [ 3318.602954][ T5080] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000003a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x4, 0x0, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}, {{0x0, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0xc000, 0x2000, &(0x7f0000000000/0x2000)=nil}) mmap(&(0x7f0000000000/0xdbb000)=nil, 0xdbb000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xd15000)=nil, 0xd15000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r3 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r3, 0x800000010d, 0x2, &(0x7f0000d14ffc)="02f9ffffff", 0x5) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000200)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84848b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x59}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000100)={0x3, 0x7, 0x4, 0xe000, 0x6, {r4, r5/1000+30000}, {0x1, 0xc, 0xe9, 0x81, 0x0, 0x1, "48c4771b"}, 0x9, 0x2, @userptr=0x100000000, 0x400, 0x0, r0}) write$UHID_INPUT(r6, &(0x7f00000015c0)={0x8, {'\x00', 0x1000}}, 0x1006) [ 3318.787723][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 16:59:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_mount_image$hfsplus(0x0, 0x0, 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f00000005c0)="794bf1f81d851f08fb0613c9f2731fb9fde85d1854899e9d1c5ab6e47e9d9b9f2594e6d0b8e70863cd66c97f16fe757b617d53d724a5621fce007d37b1ee356413d20b6d82b7d05e3f986ddfbac9e758483cbb061c9e4a90dcd302bfc7cf0dcdbb865f5ad249ca8744582f268a0143eb283128b345b1c71c1f11756cadcc0a5576dbf668567508cf44feb6c5ed7e248631e3a00ce00d75503191f2908e05ffc0771709ab6f0a40f52c7d9d60751e3f8b58f94d3581ec6d0eb51026193e89243d152c2fc671d939f8380d609d358e1a2a9e1ec6d14810f56c35df539603dbd21e33b5d2a36051442d014bdbef64fe6f858b0deb904905ee0003415fe5f4bbac080348ffedc237cc74e091752481c1761e20ec593976fcb04e312541e2865fe0de630b2c1a824e4869b1db7de3ffb6d3746dd14241f704a00d9a411c0c093228de1228fc506cfb3c403e80f40040bd3ae9e89b4a251ca0b6d79827a76ac1180b5fdfcfe954c5860d6b7d7281665fd5fc4b8b6d39225fb1b481329d48abeb3eea4eeedfa05761b6f68927b1e23a421464eb2dd0891540fb5f5c4b3b073f3eac5e2d06847e9681f2bb755a5edbb7d8b3bb04154736dd59aa6f2b355222cdf6dc73e24267fa4f2d512187ecc0551fa3fb9e63ad8fa11763fe0011fb0f8a63283e4a689defd55817a3c9d5f1889858e7342ef4fdf61b166dd8b338570b4fabc18ada487cbdd514c7ef6d93e60601aa94526b34a897b1b5d1d92f5d11e9679c3f3c2742cfe0e6ea5f98ec98a5c8d46ba51715e9b3d9b4aa0d8187bb065343637069b548ae3cc60ebe69f24beefaa3453776a99d7b1c6bdc647c15a7a7ee8c7a8635f7b335d99468ab3ba8b1ddabf09adee0d209473de73ede63232ac634570003fa7521df723ef109681481e7fb1c5fa961ba4bcc41b6c5fdc3d6c489a4e99329787878bd383e0bcc10599ef4b91ac2092604a769c28b9b34cb8398495d1da286e580768b74a108272432b4846578adce3ac79c136a1b3f01f56d4198622c02ecad51143ea3f8f78d6ccd4410b1d477e24dc57b4b3dfbb6668cf4fb66e418275ee6f4a50c06a28b20aecde0b6f56bc5ca01153341c9f3560035fe23a40d1f4034b88f8061d75e238f0bd1676b71879c2a5967c66196b12ffa54052278f95ed8477835489f857d15fb52af8907e242a861dfee415699cd0f14ac69f58d4edf9801e37eade57a0a2d1330f0f5391c120e3bfc53189f8e130a645b89d9d61f8e76fabfbe351573586a8c27ccd506431756b7d66fe2f322b435f5aa75afc304072591d240cd74c99223c1390414447da5295164626114085e5aab82e8f1c59c24dcda1585e476531650214237010acbc37c7883310ce4c49701badba66451cc1064ecb888b57bb4c27df6f77e94f27a9d6f1650997ee5c8b939f2ecc9198017f11324407acb00cad47da922024f59419bf0da19eb09ec42e3fc3590d90332d8c261a13de3589a3b1921a722bceae3f92cc23cd21b3d1002eec121901dcd77f6d5b0db75c204b637eec9d2c429f6aa1052460c756c323eba9ceaedaf8b0794578e04333b286aff2bad94ff813f50fb8ff873ea6c182645972fdc07438e01dfa0b8524a633f22f8857972a251f32fa2ab8b348e0fa8720fc91e66eb14e3d32849a788bf6c1f1d1eb931729ee8f664a967493f9b3b6fbbe9dfa5f79fd6e1ab02d1f82b5e4917973ba8700a955434c69db63702bdad1ecd215e91f5b4456cfd3562cbc776eea5117e22b5a06ace5c8d606e2bbac6a60455f73279bf41ccbc0839dc0ec6e88fc857b723d385494c8abed29bdafa3928e7e48e8b6509482dba4cac76e422d65b90767e8e4b0a2068455d68ab86919b68daf6c3b67b1b161563554d10fb19708de65ae108f97b2deed52d7e4b6eb7fda0f10e42b2ee5456c7bf90dac237b02c011a7838e045bd98ba9041fcff1c5805496f6934f282aecafda5e35d1bd02d2c79ed79fda3bbbfe8d9aaf973663de3acb12aa0b9aab573c7a7736b290183d2acc35748f88dde1ab89b9deab66af20868aead75b7ebc9451e08dd84b288ff4a2319e85535f40db82790cc1ac815df3428b261b7264eb3d5651f2e0ae52b2d31c17be3334079c81e1c801a72414cb9829ee5d098333258ab4be07e20926893bd8c0673791e8a553af945e10185de06602b4af1dc5f167e7f07323e505af677b410be0d5e37a5db864b802ec51770f25da50867743b158f05e5c6cc96297810724a241d55ab8633721294a956d0ea7f12690a0ccc239a41ec67f60855456f5e92f7786cf1d8172f9777591618d276b311c9180b07bb1cdc7b4d72bec21abf61bd96e8a20aa54e1329d187e888dd8ade0cff47b6fd7bec64dc5005a622f0481718586eb6e0d8a7738738f19e1d7c7b47904818f596029477cbc944a23141446f25449019aca16480c8c75e59d913abfce9b63b402ded65d114fbb691abba8067299867d55a3d9fc15526594ed0b6705fbb406aeef2fd5edfb432ff5442bce9d478eebd03ef5264a5f79342442787dca72ff8fbc15d58c381f511daf0e4d27e0a65a943e12c85d02014d33bf8db0691f834622e8c2ebcc99a90ccb77e6327e338694b4b19e697f0b6fad442542d045533d6184f7915872445753ece9ce333deb167a23261c3eff61f8b38f2b4daf01f6a98bbdf5cfa7c3d2078c431a5c38fb698896d598e89950726fde392d0266ea051fd2570df65c020692a3f35dc3599d8a34f9ae6a29806756892cb2533246d5e0014b9497cf992c6fcca4ff88179e0b32c749263912e764851108659859f315e9c746fb3f94e9f23134ac56c41b6f5e4d82862a4b53dd0a824baeda6af0512f76313dbc2088e04f21388fd9ac577d13a430b7e98b2e67fdb78984fcfea0aadaef13d279c33bada1baac3ff71c6f6b08626ca49e051f652667ca985ddf5b8f9b1b232170afa077a38a686330146dd0733c3bab04562cca884e7b711e62ac0afe065d64f1be34c19ef9c01da5263e7959812bfdc8bc8989fdd5f3eba20d022c1393edcb1930fc1da6e7627bd76420fd168d47a57c83d94a058c46cf8f2f6bd3481133e91d5cec99e250c0cc4b029fa9f7e139b2243c58aebf4927cbee88bac1f18eb0d59a7b2c5324861d089d37a7894ccf0f78c263a5510c25e7323661053ef93c5f68c9e6a4d4b53c49f83441ca05f921b325c11bd9e9cb34de5d1aef51e41d3f1d87019a2302a358575bf94c89f4e2910bc8291a3e036787a4b7a9cb841f319cb8b24742eb57bf7a742dcf2012c4f1cd436cd4048d41f5be47221584bdaa2ad70dd05890e3e5b237a785f1788b03960db4b99ec6537a73b8eccdf81d2fd4d67ee03249e375f2b88391ab76529e7a984595494520b36b1bee62f441e7aeac33cc70abb9ee9215c20d27019aa04a2a0cb9ee71f93bf9592fa824a63b55249a1ca9d36a9e3f7fa5e3ae8902476561ea06ceb5f89aabb66ba541fe14f19dd2e4fd2542ceb9b584daf3169d14b5bcbbe8bd0808e40ba6ba2bc52d39ac23dae6b98", 0x9c9}], 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x4, 0x0, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}, {{0x0, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1}}, {{0x0, 0x1}, {0x0, 0x1}}], 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000000c0)="26f4b81b018ee86766c7442400891a00006766c74424020e5000006766c744240600000000670f011424f53e36670fc7e84836640f01c2b80b0000000f23c80f21f866350800e0003e0f35e30ec720660f3834930000baa100ec0f01c5", 0x5d}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000015c0), 0x10000005c) [ 3318.855081][T21082] FAT-fs (loop2): Filesystem has been set read-only 16:59:51 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, '\x00', "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000000c0)={0x802}, 0x10) write(r1, &(0x7f00000004c0)="1c0000001a009b8a14e5f46b000000ff00"/28, 0x1c) recvmmsg(r1, &(0x7f0000002ec0), 0x2f4, 0x0, &(0x7f0000003100)={0x0, 0x1c9c380}) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x145) fcntl$setlease(r2, 0x400, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$unix(0x1, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendto$inet(r0, &(0x7f0000000740)="81838ea59a01f3def2f74b864fabdfd6d9016709aa568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e63bae1243fbd819eb3c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a7351545702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db5b0f651c2ea16a3b08888e63f5d43c24ef0", 0xc9, 0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f00000008c0)=ANY=[@ANYBLOB="23ff750c75c5533f018823a16997c30a069cb5b742686128af8b5b5ebb889bac6417a92bddd097514187691d92010000009e3d01e86db57e1d384bfe3042c49e0900493709481f2b44e023b3884e0efb76d26f9a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003002100000000000369dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a81f6ffbe89a7905b66873199963e10983dd5bfee454e0faf6575dc0f6aa0b9760c5b093c682ca73036ec1507a8c4093cb374adbd4328f1730d7581044cac222bdee2d4945082ba340d48b7170c94810716f5161fa0d4a09558f81991a01232005620e471bc1d377c21c5b67869760683e39c406e6d7235c5e4cd"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) io_setup(0x4, &(0x7f0000000080)) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x20000, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socket$l2tp6(0xa, 0x2, 0x73) r7 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r7, 0x0, r7) 16:59:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000003f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1068) [ 3319.037166][ T5098] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3319.053167][ T5098] FAT-fs (loop0): Filesystem has been set read-only [ 3319.061478][ T5098] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000403c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000483c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3319.475105][ T5129] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3319.516473][ T5129] FAT-fs (loop0): Filesystem has been set read-only 16:59:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x1068) 16:59:52 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000004c3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:52 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "018000da7d469c04", "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) r1 = socket$unix(0x1, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendto$inet(r0, &(0x7f0000000740)="81838ea59a01f3def2f74b864fabdfd6d9016709aa568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e63bae1243fbd819eb3c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a7351545702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db5b0f651c2ea16a3b08888e63f5d43c24ef0", 0xc9, 0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="23ff1f0a8117fb62e0eb1b3c750c75c5533f0188a3a16997c30a069cb5b742686128af8baad097514187691d92010000009e3db9e86db57e1d384bfe3042c49e09004937af481f2b44e023b3884e0efb76d2659a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003000000000000000369dea9ed32487d2bf19ed97af8285feaf304ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857565a81f6ffbe8900"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) fcntl$dupfd(r3, 0x0, r3) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0xfdd0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 3319.570519][ T5129] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 16:59:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x300) 16:59:52 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000603c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:52 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, '\x00', "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000000c0)={0x802}, 0x10) write(r1, &(0x7f00000004c0)="1c0000001a009b8a14e5f46b000000ff00"/28, 0x1c) recvmmsg(r1, &(0x7f0000002ec0), 0x2f4, 0x0, &(0x7f0000003100)={0x0, 0x1c9c380}) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x145) fcntl$setlease(r2, 0x400, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$unix(0x1, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendto$inet(r0, &(0x7f0000000740)="81838ea59a01f3def2f74b864fabdfd6d9016709aa568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e63bae1243fbd819eb3c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a7351545702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db5b0f651c2ea16a3b08888e63f5d43c24ef0", 0xc9, 0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f00000008c0)=ANY=[@ANYBLOB="23ff750c75c5533f018823a16997c30a069cb5b742686128af8b5b5ebb889bac6417a92bddd097514187691d92010000009e3d01e86db57e1d384bfe3042c49e0900493709481f2b44e023b3884e0efb76d26f9a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003002100000000000369dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a81f6ffbe89a7905b66873199963e10983dd5bfee454e0faf6575dc0f6aa0b9760c5b093c682ca73036ec1507a8c4093cb374adbd4328f1730d7581044cac222bdee2d4945082ba340d48b7170c94810716f5161fa0d4a09558f81991a01232005620e471bc1d377c21c5b67869760683e39c406e6d7235c5e4cd"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) io_setup(0x4, &(0x7f0000000080)) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x20000, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socket$l2tp6(0xa, 0x2, 0x73) r7 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r7, 0x0, r7) 16:59:52 executing program 1 (fault-call:10 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:52 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x300) 16:59:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:52 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000683c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:52 executing program 2 (fault-call:7 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3320.374994][ T5170] FAULT_INJECTION: forcing a failure. [ 3320.374994][ T5170] name failslab, interval 1, probability 0, space 0, times 0 [ 3320.422479][ T5170] CPU: 0 PID: 5170 Comm: syz-executor.1 Not tainted 5.5.0-rc1-syzkaller #0 [ 3320.431151][ T5170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3320.441218][ T5170] Call Trace: [ 3320.444517][ T5170] dump_stack+0x11d/0x181 [ 3320.448972][ T5170] should_fail.cold+0xa/0x1a [ 3320.453635][ T5170] __should_failslab+0xee/0x130 [ 3320.458553][ T5170] should_failslab+0x9/0x14 [ 3320.463075][ T5170] kmem_cache_alloc_trace+0x2a/0x5d0 [ 3320.468373][ T5170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.474715][ T5170] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3320.480640][ T5170] alloc_pipe_info+0xf8/0x3b0 [ 3320.485373][ T5170] splice_direct_to_actor+0x4b3/0x540 [ 3320.490757][ T5170] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3320.496386][ T5170] ? security_file_permission+0x88/0x280 [ 3320.502051][ T5170] ? rw_verify_area+0xee/0x250 [ 3320.506838][ T5170] do_splice_direct+0x161/0x1e0 [ 3320.511707][ T5170] do_sendfile+0x384/0x7f0 [ 3320.516222][ T5170] __x64_sys_sendfile64+0xbe/0x140 [ 3320.521420][ T5170] do_syscall_64+0xcc/0x3a0 [ 3320.526012][ T5170] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3320.531905][ T5170] RIP: 0033:0x45b399 [ 3320.535891][ T5170] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3320.555582][ T5170] RSP: 002b:00007fe7ee601c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3320.564107][ T5170] RAX: ffffffffffffffda RBX: 00007fe7ee6026d4 RCX: 000000000045b399 16:59:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000006c3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3320.572138][ T5170] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3320.580328][ T5170] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3320.588305][ T5170] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3320.596297][ T5170] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000000 [ 3320.702156][ T5180] FAULT_INJECTION: forcing a failure. [ 3320.702156][ T5180] name failslab, interval 1, probability 0, space 0, times 0 [ 3320.765638][ T5180] CPU: 1 PID: 5180 Comm: syz-executor.2 Not tainted 5.5.0-rc1-syzkaller #0 [ 3320.774409][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3320.784594][ T5180] Call Trace: [ 3320.787892][ T5180] dump_stack+0x11d/0x181 [ 3320.792286][ T5180] should_fail.cold+0xa/0x1a [ 3320.797015][ T5180] __should_failslab+0xee/0x130 [ 3320.801875][ T5180] should_failslab+0x9/0x14 [ 3320.806458][ T5180] kmem_cache_alloc_trace+0x2a/0x5d0 [ 3320.811856][ T5180] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.818156][ T5180] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3320.824129][ T5180] alloc_pipe_info+0xf8/0x3b0 [ 3320.829013][ T5180] splice_direct_to_actor+0x4b3/0x540 [ 3320.834413][ T5180] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3320.839982][ T5180] ? security_file_permission+0x88/0x280 [ 3320.845735][ T5180] ? rw_verify_area+0xee/0x250 [ 3320.850642][ T5180] do_splice_direct+0x161/0x1e0 [ 3320.855515][ T5180] do_sendfile+0x384/0x7f0 [ 3320.859963][ T5180] __x64_sys_sendfile64+0xbe/0x140 [ 3320.865242][ T5180] do_syscall_64+0xcc/0x3a0 [ 3320.869758][ T5180] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3320.875648][ T5180] RIP: 0033:0x45b399 [ 3320.879579][ T5180] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3320.899340][ T5180] RSP: 002b:00007f5c001ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3320.908464][ T5180] RAX: ffffffffffffffda RBX: 00007f5c001ec6d4 RCX: 000000000045b399 16:59:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, 0x0) mount$9p_tcp(&(0x7f0000000180)='127.0.0.1\x00', 0x0, 0x0, 0x0, 0x0) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x300) 16:59:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000743c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3320.916443][ T5180] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3320.924450][ T5180] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3320.932521][ T5180] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3320.940615][ T5180] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000000 16:59:53 executing program 1 (fault-call:10 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3321.202978][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3321.242761][T12695] FAT-fs (loop1): Filesystem has been set read-only 16:59:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, '\x00', "02a839a6c7986edc3f8a6200c88e37de79b97525cedefaa0bded32e7d887ec99", "0000ef00", "00943f4aece800"}, 0x38) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000000c0)={0x802}, 0x10) write(r1, &(0x7f00000004c0)="1c0000001a009b8a14e5f46b000000ff00"/28, 0x1c) recvmmsg(r1, &(0x7f0000002ec0), 0x2f4, 0x0, &(0x7f0000003100)={0x0, 0x1c9c380}) writev(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0a99b3e3930870dcd4c6d68e6abe088af4ccdbe6dc85ed63bcee4834cd53f8a19cfad53574230c17377bd7b3eb23d9008f0c69b08db538753bcf550f05d219f8c6ca03228dd8d293261ba079190f47d70c95a97fe5d4cb7511e180f73e8ef5e2f7ee4f47c1a036e37e87414e615396eeb918828e", 0x74}, {&(0x7f0000000840)="b5252522629f34a16eef84ce1b0063a44d2793e337dc2c6bb2d88107b89a1516610f2003d59c73b5c7e008a287d2a1d473414b1adeb4ca87742298b064ae974e919c80525175804799682d67fca4f9defe5754c03f", 0x55}], 0x2) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x145) fcntl$setlease(r2, 0x400, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$unix(0x1, 0x2, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendto$inet(r0, &(0x7f0000000740)="81838ea59a01f3def2f74b864fabdfd6d9016709aa568a1dd2af7e570c81431e0fe705be1de9535af1e1520ec38fce0389a39beff538dfb438a3c93448cad104f9d66117e97aff934914e356c48414e3df401e01bd42f65e63bae1243fbd819eb3c0d4401e2d9a6d4c24f442d625e0cbbea614d2085696d3946370c4ecd2318b5b6e4ea8d18e8a9843641268a71cb4feb04dccd83672a7351545702bbbf3151d1fc2e68cfc8e4393d7d43d0dfe9fd96feb636ae44f501db5b0f651c2ea16a3b08888e63f5d43c24ef0", 0xc9, 0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f00000008c0)=ANY=[@ANYBLOB="23ff750c75c5533f018823a16997c30a069cb5b742686128af8b5b5ebb889bac6417a92bddd097514187691d92010000009e3d01e86db57e1d384bfe3042c49e0900493709481f2b44e023b3884e0efb76d26f9a715f3b513e33fd96c9d3c9afed9390b357a4000000000000000a010000000003002100000000000369dea9ed32487d2bf1ac37afcf98d817857774004608d609000000701f793b97fdcccc622708000000e69857745a81f6ffbe89a7905b66873199963e10983dd5bfee454e0faf6575dc0f6aa0b9760c5b093c682ca73036ec1507a8c4093cb374adbd4328f1730d7581044cac222bdee2d4945082ba340d48b7170c94810716f5161fa0d4a09558f81991a01232005620e471bc1d377c21c5b67869760683e39c406e6d7235c5e4cd"], 0xb9) sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)="8c93b369b4485a9c10410940b32f0e27d945c8c14b33d632252983591bb93b689d6e39110602c2742c532b470d9fa7322ac1690e5df60e8062db873b9560fc588ed49aba2b2527da322e73b77d95bb0444859638ca", 0x55}], 0x1}}], 0x1, 0x0) io_setup(0x4, &(0x7f0000000080)) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x20000, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socket$l2tp6(0xa, 0x2, 0x73) r7 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r7, 0x0, r7) [ 3321.250786][ T5190] validate_nla: 46 callbacks suppressed [ 3321.250798][ T5190] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3321.264718][ T5190] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000007a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3321.561298][ T5203] FAULT_INJECTION: forcing a failure. [ 3321.561298][ T5203] name failslab, interval 1, probability 0, space 0, times 0 [ 3321.571523][ T5204] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3321.582190][ T5204] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3321.591108][ T5203] CPU: 0 PID: 5203 Comm: syz-executor.1 Not tainted 5.5.0-rc1-syzkaller #0 [ 3321.599711][ T5203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3321.609771][ T5203] Call Trace: [ 3321.613075][ T5203] dump_stack+0x11d/0x181 [ 3321.617478][ T5203] should_fail.cold+0xa/0x1a [ 3321.622127][ T5203] __should_failslab+0xee/0x130 [ 3321.627052][ T5203] should_failslab+0x9/0x14 [ 3321.631614][ T5203] __kmalloc+0x53/0x690 [ 3321.635789][ T5203] ? kmem_cache_alloc_trace+0x1e9/0x5d0 [ 3321.641649][ T5203] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3321.647940][ T5203] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3321.653968][ T5203] ? alloc_pipe_info+0x20e/0x3b0 [ 3321.658924][ T5203] alloc_pipe_info+0x20e/0x3b0 [ 3321.663759][ T5203] splice_direct_to_actor+0x4b3/0x540 [ 3321.669189][ T5203] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3321.674750][ T5203] ? security_file_permission+0x88/0x280 [ 3321.680425][ T5203] ? rw_verify_area+0xee/0x250 [ 3321.685453][ T5203] do_splice_direct+0x161/0x1e0 [ 3321.690408][ T5203] do_sendfile+0x384/0x7f0 [ 3321.695066][ T5203] __x64_sys_sendfile64+0xbe/0x140 [ 3321.700237][ T5203] do_syscall_64+0xcc/0x3a0 [ 3321.704862][ T5203] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3321.710789][ T5203] RIP: 0033:0x45b399 [ 3321.714721][ T5203] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3321.734525][ T5203] RSP: 002b:00007fe7ee601c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3321.743010][ T5203] RAX: ffffffffffffffda RBX: 00007fe7ee6026d4 RCX: 000000000045b399 [ 3321.750991][ T5203] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 16:59:54 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3321.758974][ T5203] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3321.766954][ T5203] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3321.774929][ T5203] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000001 16:59:54 executing program 2 (fault-call:7 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:54 executing program 1 (fault-call:10 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3321.865677][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3321.912746][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3321.935849][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 16:59:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000ffffff843c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3322.036696][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3322.201038][ T5219] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3322.209308][ T5219] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3322.244295][ T5221] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3322.252464][ T5221] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3322.289235][ T5222] FAULT_INJECTION: forcing a failure. [ 3322.289235][ T5222] name failslab, interval 1, probability 0, space 0, times 0 [ 3322.307767][ T5222] CPU: 0 PID: 5222 Comm: syz-executor.2 Not tainted 5.5.0-rc1-syzkaller #0 [ 3322.316513][ T5222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3322.326752][ T5222] Call Trace: [ 3322.330115][ T5222] dump_stack+0x11d/0x181 [ 3322.334582][ T5222] should_fail.cold+0xa/0x1a [ 3322.339347][ T5222] __should_failslab+0xee/0x130 [ 3322.344414][ T5222] should_failslab+0x9/0x14 [ 3322.348973][ T5222] __kmalloc+0x53/0x690 [ 3322.353193][ T5222] ? kmem_cache_alloc_trace+0x1e9/0x5d0 [ 3322.358745][ T5222] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3322.364668][ T5222] ? alloc_pipe_info+0x20e/0x3b0 [ 3322.369629][ T5222] alloc_pipe_info+0x20e/0x3b0 [ 3322.374419][ T5222] splice_direct_to_actor+0x4b3/0x540 [ 3322.379810][ T5222] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3322.385411][ T5222] ? security_file_permission+0x88/0x280 [ 3322.391325][ T5222] ? rw_verify_area+0xee/0x250 [ 3322.396161][ T5222] do_splice_direct+0x161/0x1e0 [ 3322.401037][ T5222] do_sendfile+0x384/0x7f0 [ 3322.405506][ T5222] __x64_sys_sendfile64+0xbe/0x140 [ 3322.410758][ T5222] do_syscall_64+0xcc/0x3a0 [ 3322.414262][ T5225] FAULT_INJECTION: forcing a failure. [ 3322.414262][ T5225] name failslab, interval 1, probability 0, space 0, times 0 [ 3322.415371][ T5222] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3322.433961][ T5222] RIP: 0033:0x45b399 [ 3322.437942][ T5222] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3322.457758][ T5222] RSP: 002b:00007f5c001ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3322.466325][ T5222] RAX: ffffffffffffffda RBX: 00007f5c001ec6d4 RCX: 000000000045b399 [ 3322.474458][ T5222] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3322.482450][ T5222] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3322.490435][ T5222] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3322.498402][ T5222] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000001 [ 3322.506447][ T5225] CPU: 1 PID: 5225 Comm: syz-executor.1 Not tainted 5.5.0-rc1-syzkaller #0 [ 3322.515046][ T5225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3322.525111][ T5225] Call Trace: [ 3322.528430][ T5225] dump_stack+0x11d/0x181 [ 3322.532784][ T5225] should_fail.cold+0xa/0x1a [ 3322.537432][ T5225] __should_failslab+0xee/0x130 [ 3322.542553][ T5225] should_failslab+0x9/0x14 [ 3322.547107][ T5225] __kmalloc+0x53/0x690 [ 3322.551297][ T5225] ? iter_file_splice_write+0x103/0x840 [ 3322.556983][ T5225] iter_file_splice_write+0x103/0x840 [ 3322.562448][ T5225] ? ext4_file_read_iter+0x119/0x380 [ 3322.567755][ T5225] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3322.574039][ T5225] ? generic_file_splice_read+0x3c1/0x500 [ 3322.579807][ T5225] ? page_cache_pipe_buf_release+0x100/0x100 [ 3322.585939][ T5225] direct_splice_actor+0xa0/0xc0 [ 3322.591024][ T5225] splice_direct_to_actor+0x22b/0x540 [ 3322.596426][ T5225] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3322.602046][ T5225] do_splice_direct+0x161/0x1e0 [ 3322.606933][ T5225] do_sendfile+0x384/0x7f0 [ 3322.611440][ T5225] __x64_sys_sendfile64+0xbe/0x140 [ 3322.616573][ T5225] do_syscall_64+0xcc/0x3a0 [ 3322.621100][ T5225] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3322.627005][ T5225] RIP: 0033:0x45b399 [ 3322.630935][ T5225] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3322.650589][ T5225] RSP: 002b:00007fe7ee601c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3322.659066][ T5225] RAX: ffffffffffffffda RBX: 00007fe7ee6026d4 RCX: 000000000045b399 [ 3322.667050][ T5225] RDX: 00000000200001c0 RSI: 0000000000000005 RDI: 0000000000000005 [ 3322.675067][ T5225] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3322.683187][ T5225] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000007 16:59:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000ffffff883c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3322.691271][ T5225] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000002 16:59:55 executing program 5 (fault-call:9 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3322.892652][ T5227] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3322.902338][ T5227] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:55 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:55 executing program 1 (fault-call:10 fault-nth:3): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3323.207288][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3323.216007][ T796] FAT-fs (loop0): Filesystem has been set read-only 16:59:55 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000031943c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:55 executing program 3 (fault-call:1 fault-nth:0): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3323.365088][ T5236] FAULT_INJECTION: forcing a failure. [ 3323.365088][ T5236] name failslab, interval 1, probability 0, space 0, times 0 [ 3323.370374][ T5235] FAULT_INJECTION: forcing a failure. [ 3323.370374][ T5235] name failslab, interval 1, probability 0, space 0, times 0 [ 3323.390782][ T5235] CPU: 1 PID: 5235 Comm: syz-executor.1 Not tainted 5.5.0-rc1-syzkaller #0 [ 3323.399578][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.409634][ T5235] Call Trace: [ 3323.412934][ T5235] dump_stack+0x11d/0x181 [ 3323.417282][ T5235] should_fail.cold+0xa/0x1a [ 3323.421885][ T5235] __should_failslab+0xee/0x130 [ 3323.426755][ T5235] should_failslab+0x9/0x14 [ 3323.431316][ T5235] kmem_cache_alloc+0x29/0x5d0 [ 3323.436091][ T5235] ? _raw_spin_unlock_irq+0x68/0x80 [ 3323.441357][ T5235] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3323.447371][ T5235] ? __write_once_size+0x41/0xe0 [ 3323.452436][ T5235] ext4_init_io_end+0x4f/0x120 [ 3323.457736][ T5235] ext4_writepages+0x94a/0x2500 [ 3323.462783][ T5235] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3323.469129][ T5235] ? ext4_mark_inode_dirty+0x420/0x420 [ 3323.474599][ T5235] do_writepages+0x6b/0x170 [ 3323.479103][ T5235] ? do_writepages+0x6b/0x170 [ 3323.483778][ T5235] ? wbc_attach_and_unlock_inode+0xdd/0x3b0 [ 3323.489699][ T5235] __filemap_fdatawrite_range+0x1c5/0x230 [ 3323.495459][ T5235] file_write_and_wait_range+0xfd/0x160 [ 3323.501097][ T5235] ext4_sync_file+0x266/0xaf0 [ 3323.505782][ T5235] ? generic_perform_write+0x274/0x320 [ 3323.511248][ T5235] ? __read_once_size.constprop.0+0x20/0x20 [ 3323.517230][ T5235] vfs_fsync_range+0x82/0x150 [ 3323.521917][ T5235] ext4_buffered_write_iter+0x222/0x290 [ 3323.527626][ T5235] ext4_file_write_iter+0xf4/0xd40 [ 3323.532910][ T5235] ? common_file_perm+0x1d5/0x490 [ 3323.537962][ T5235] do_iter_readv_writev+0x487/0x5b0 [ 3323.543177][ T5235] ? security_file_permission+0x88/0x280 [ 3323.548964][ T5235] do_iter_write+0x13b/0x3c0 [ 3323.553575][ T5235] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3323.559581][ T5235] vfs_iter_write+0x5c/0x80 [ 3323.564102][ T5235] iter_file_splice_write+0x530/0x840 [ 3323.569533][ T5235] ? page_cache_pipe_buf_release+0x100/0x100 [ 3323.575564][ T5235] direct_splice_actor+0xa0/0xc0 [ 3323.580780][ T5235] splice_direct_to_actor+0x22b/0x540 [ 3323.586173][ T5235] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3323.591765][ T5235] do_splice_direct+0x161/0x1e0 [ 3323.596682][ T5235] do_sendfile+0x384/0x7f0 [ 3323.601128][ T5235] __x64_sys_sendfile64+0xbe/0x140 [ 3323.606391][ T5235] do_syscall_64+0xcc/0x3a0 [ 3323.610910][ T5235] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3323.616930][ T5235] RIP: 0033:0x45b399 [ 3323.620865][ T5235] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3323.640473][ T5235] RSP: 002b:00007fe7ee601c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3323.649002][ T5235] RAX: ffffffffffffffda RBX: 00007fe7ee6026d4 RCX: 000000000045b399 [ 3323.656983][ T5235] RDX: 00000000200001c0 RSI: 0000000000000006 RDI: 0000000000000006 [ 3323.665275][ T5235] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3323.673584][ T5235] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000008 [ 3323.681562][ T5235] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000003 [ 3323.694562][ T8732] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3323.730586][ T5236] CPU: 0 PID: 5236 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3323.739318][ T5236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.749389][ T5236] Call Trace: [ 3323.752708][ T5236] dump_stack+0x11d/0x181 [ 3323.756876][ T8732] FAT-fs (loop3): Filesystem has been set read-only [ 3323.757058][ T5236] should_fail.cold+0xa/0x1a [ 3323.768309][ T5236] __should_failslab+0xee/0x130 [ 3323.773201][ T5236] should_failslab+0x9/0x14 [ 3323.777724][ T5236] kmem_cache_alloc_trace+0x2a/0x5d0 [ 3323.783024][ T5236] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3323.789282][ T5236] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3323.795196][ T5236] alloc_pipe_info+0xf8/0x3b0 [ 3323.800017][ T5236] splice_direct_to_actor+0x4b3/0x540 [ 3323.805398][ T5236] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3323.811083][ T5236] ? security_file_permission+0x88/0x280 [ 3323.816745][ T5236] ? rw_verify_area+0xee/0x250 [ 3323.821588][ T5236] do_splice_direct+0x161/0x1e0 [ 3323.826479][ T5236] do_sendfile+0x384/0x7f0 [ 3323.830947][ T5236] __x64_sys_sendfile64+0xbe/0x140 [ 3323.836081][ T5236] do_syscall_64+0xcc/0x3a0 [ 3323.840602][ T5236] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3323.846491][ T5236] RIP: 0033:0x45b399 [ 3323.850412][ T5236] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3323.870141][ T5236] RSP: 002b:00007f2976138c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 16:59:56 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000ffffff9e3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3323.878559][ T5236] RAX: ffffffffffffffda RBX: 00007f29761396d4 RCX: 000000000045b399 [ 3323.886553][ T5236] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3323.894535][ T5236] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3323.902869][ T5236] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3323.910888][ T5236] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000000 16:59:56 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe) 16:59:56 executing program 2 (fault-call:7 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:56 executing program 5 (fault-call:9 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3324.323759][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3324.340162][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3324.353659][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3324.363009][ T5250] FAULT_INJECTION: forcing a failure. [ 3324.363009][ T5250] name failslab, interval 1, probability 0, space 0, times 0 [ 3324.393880][ T5250] CPU: 0 PID: 5250 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 [ 3324.402548][ T5250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3324.412722][ T5250] Call Trace: [ 3324.416023][ T5250] dump_stack+0x11d/0x181 [ 3324.420482][ T5250] should_fail.cold+0xa/0x1a [ 3324.425133][ T5250] __should_failslab+0xee/0x130 [ 3324.430046][ T5250] should_failslab+0x9/0x14 [ 3324.434571][ T5250] __kmalloc+0x53/0x690 [ 3324.438741][ T5250] ? terminate_walk+0x1d0/0x250 [ 3324.443615][ T5250] ? tomoyo_realpath_from_path+0x83/0x4c0 [ 3324.449501][ T5250] tomoyo_realpath_from_path+0x83/0x4c0 [ 3324.455056][ T5250] ? tomoyo_get_mode.part.0+0x5c/0xb0 [ 3324.460532][ T5250] tomoyo_path_number_perm+0x10a/0x3c0 [ 3324.466056][ T5250] ? __fget+0xb8/0x1d0 [ 3324.470158][ T5250] tomoyo_file_ioctl+0x2c/0x40 [ 3324.474986][ T5250] security_file_ioctl+0x6d/0xa0 [ 3324.479964][ T5250] ksys_ioctl+0x64/0xe0 [ 3324.485558][ T5250] __x64_sys_ioctl+0x4c/0x60 [ 3324.490195][ T5250] do_syscall_64+0xcc/0x3a0 [ 3324.494724][ T5250] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3324.500630][ T5250] RIP: 0033:0x45b399 [ 3324.504658][ T5250] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3324.524471][ T5250] RSP: 002b:00007f7a596f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3324.533014][ T5250] RAX: ffffffffffffffda RBX: 00007f7a596f96d4 RCX: 000000000045b399 [ 3324.541013][ T5250] RDX: 0000000020000280 RSI: 0000000040305828 RDI: 0000000000000003 [ 3324.548994][ T5250] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3324.557030][ T5250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3324.565007][ T5250] R13: 000000000000031c R14: 00000000004c435d R15: 0000000000000000 [ 3324.576085][T21082] FAT-fs (loop2): Filesystem has been set read-only 16:59:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000fffffff03c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3324.665282][ T5250] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3324.938364][ T5260] FAULT_INJECTION: forcing a failure. [ 3324.938364][ T5260] name failslab, interval 1, probability 0, space 0, times 0 16:59:57 executing program 3 (fault-call:1 fault-nth:1): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3325.062836][ T5260] CPU: 0 PID: 5260 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3325.071477][ T5260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3325.081746][ T5260] Call Trace: [ 3325.085083][ T5260] dump_stack+0x11d/0x181 [ 3325.089560][ T5260] should_fail.cold+0xa/0x1a [ 3325.094178][ T5260] __should_failslab+0xee/0x130 [ 3325.099170][ T5260] should_failslab+0x9/0x14 [ 3325.103708][ T5260] __kmalloc+0x53/0x690 [ 3325.107963][ T5260] ? kmem_cache_alloc_trace+0x1e9/0x5d0 [ 3325.113530][ T5260] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3325.119582][ T5260] ? alloc_pipe_info+0x20e/0x3b0 [ 3325.124867][ T5260] alloc_pipe_info+0x20e/0x3b0 [ 3325.129687][ T5260] splice_direct_to_actor+0x4b3/0x540 [ 3325.135874][ T5260] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3325.141436][ T5260] ? security_file_permission+0x88/0x280 [ 3325.147097][ T5260] ? rw_verify_area+0xee/0x250 [ 3325.151919][ T5260] do_splice_direct+0x161/0x1e0 [ 3325.156816][ T5260] do_sendfile+0x384/0x7f0 [ 3325.161272][ T5260] __x64_sys_sendfile64+0xbe/0x140 [ 3325.166472][ T5260] do_syscall_64+0xcc/0x3a0 [ 3325.170998][ T5260] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3325.177009][ T5260] RIP: 0033:0x45b399 [ 3325.180913][ T5260] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3325.200616][ T5260] RSP: 002b:00007f2976159c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3325.209223][ T5260] RAX: ffffffffffffffda RBX: 00007f297615a6d4 RCX: 000000000045b399 [ 3325.217206][ T5260] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3325.225210][ T5260] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3325.234085][ T5260] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3325.242080][ T5260] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000001 16:59:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2, 0x8080fffffffe) 16:59:57 executing program 5 (fault-call:9 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 16:59:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000007fffffff3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3325.451360][ T5272] FAULT_INJECTION: forcing a failure. [ 3325.451360][ T5272] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3325.468807][ T5274] FAULT_INJECTION: forcing a failure. [ 3325.468807][ T5274] name failslab, interval 1, probability 0, space 0, times 0 [ 3325.482475][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3325.491426][ T5274] CPU: 0 PID: 5274 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 [ 3325.500118][ T5274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3325.510302][ T5274] Call Trace: [ 3325.513722][ T5274] dump_stack+0x11d/0x181 [ 3325.518084][ T5274] should_fail.cold+0xa/0x1a [ 3325.522974][ T5274] __should_failslab+0xee/0x130 [ 3325.527927][ T5274] should_failslab+0x9/0x14 [ 3325.532456][ T5274] __kmalloc+0x53/0x690 [ 3325.536672][ T5274] ? tomoyo_encode2.part.0+0xd9/0x260 [ 3325.542080][ T5274] tomoyo_encode2.part.0+0xd9/0x260 [ 3325.547521][ T5274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.554009][ T5274] tomoyo_encode+0x34/0x50 [ 3325.559010][ T5274] tomoyo_realpath_from_path+0x14a/0x4c0 [ 3325.564736][ T5274] ? tomoyo_get_mode.part.0+0x5c/0xb0 [ 3325.570158][ T5274] tomoyo_path_number_perm+0x10a/0x3c0 [ 3325.575773][ T5274] ? __fget+0xb8/0x1d0 [ 3325.579922][ T5274] tomoyo_file_ioctl+0x2c/0x40 [ 3325.584706][ T5274] security_file_ioctl+0x6d/0xa0 [ 3325.589688][ T5274] ksys_ioctl+0x64/0xe0 [ 3325.593929][ T5274] __x64_sys_ioctl+0x4c/0x60 [ 3325.598700][ T5274] do_syscall_64+0xcc/0x3a0 [ 3325.603217][ T5274] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3325.609261][ T5274] RIP: 0033:0x45b399 [ 3325.613263][ T5274] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3325.614192][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3325.632882][ T5274] RSP: 002b:00007f7a596f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3325.632905][ T5274] RAX: ffffffffffffffda RBX: 00007f7a596f96d4 RCX: 000000000045b399 [ 3325.632915][ T5274] RDX: 0000000020000280 RSI: 0000000040305828 RDI: 0000000000000003 [ 3325.632925][ T5274] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3325.632935][ T5274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3325.632945][ T5274] R13: 000000000000031c R14: 00000000004c435d R15: 0000000000000001 [ 3325.706467][ T5272] CPU: 1 PID: 5272 Comm: syz-executor.2 Not tainted 5.5.0-rc1-syzkaller #0 [ 3325.716034][ T5272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3325.726326][ T5272] Call Trace: [ 3325.729704][ T5272] dump_stack+0x11d/0x181 [ 3325.734248][ T5272] should_fail.cold+0xa/0x1a [ 3325.738864][ T5272] should_fail_alloc_page+0x50/0x60 [ 3325.744099][ T5272] __alloc_pages_nodemask+0xd2/0x310 [ 3325.749471][ T5272] alloc_pages_current+0xd1/0x170 [ 3325.754537][ T5272] __page_cache_alloc+0x183/0x1a0 [ 3325.759730][ T5272] generic_file_read_iter+0xeee/0x1440 [ 3325.765252][ T5272] ext4_file_read_iter+0x10c/0x380 [ 3325.770488][ T5272] generic_file_splice_read+0x35c/0x500 [ 3325.776072][ T5272] do_splice_to+0xf2/0x130 [ 3325.780636][ T5272] ? add_to_pipe+0x1c0/0x1c0 [ 3325.785349][ T5272] ? add_to_pipe+0x1c0/0x1c0 [ 3325.790099][ T5272] splice_direct_to_actor+0x1b6/0x540 [ 3325.795495][ T5272] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3325.801251][ T5272] do_splice_direct+0x161/0x1e0 [ 3325.806147][ T5272] do_sendfile+0x384/0x7f0 [ 3325.810636][ T5272] __x64_sys_sendfile64+0xbe/0x140 [ 3325.815769][ T5272] do_syscall_64+0xcc/0x3a0 [ 3325.820489][ T5272] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3325.826394][ T5272] RIP: 0033:0x45b399 [ 3325.830322][ T5272] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 16:59:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe) [ 3325.850020][ T5272] RSP: 002b:00007f5c001cac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3325.858458][ T5272] RAX: ffffffffffffffda RBX: 00007f5c001cb6d4 RCX: 000000000045b399 [ 3325.866530][ T5272] RDX: 00000000200001c0 RSI: 0000000000000005 RDI: 0000000000000005 [ 3325.874533][ T5272] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 3325.882886][ T5272] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000007 [ 3325.890875][ T5272] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000002 [ 3325.899313][ T5274] ERROR: Out of memory at tomoyo_realpath_from_path. 16:59:58 executing program 3 (fault-call:1 fault-nth:2): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3325.965021][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 16:59:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3326.045856][ T5284] FAULT_INJECTION: forcing a failure. [ 3326.045856][ T5284] name failslab, interval 1, probability 0, space 0, times 0 [ 3326.058576][ T5284] CPU: 1 PID: 5284 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 [ 3326.067585][ T5284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3326.077837][ T5284] Call Trace: [ 3326.081156][ T5284] dump_stack+0x11d/0x181 [ 3326.085687][ T5284] should_fail.cold+0xa/0x1a [ 3326.090422][ T5284] __should_failslab+0xee/0x130 16:59:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x8080fffffffe) 16:59:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000084ffffff3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3326.095288][ T5284] should_failslab+0x9/0x14 [ 3326.099908][ T5284] __kmalloc+0x53/0x690 [ 3326.101676][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3326.104122][ T5284] ? _raw_spin_unlock_irq+0x68/0x80 [ 3326.104176][ T5284] ? finish_task_switch+0x7b/0x260 [ 3326.121131][ T5284] ? ext4_find_extent+0x4ef/0x5c0 [ 3326.126169][ T5284] ext4_find_extent+0x4ef/0x5c0 [ 3326.131215][ T5284] ext4_ext_map_blocks+0xe9/0x2320 [ 3326.136448][ T5284] ? __this_cpu_preempt_check+0x45/0x140 [ 3326.142213][ T5284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.148629][ T5284] ? ext4_es_lookup_extent+0x241/0x580 [ 3326.154232][ T5284] ext4_map_blocks+0x7f2/0xff0 [ 3326.159085][ T5284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.165364][ T5284] ? __ext4_journal_start_sb+0xda/0x250 [ 3326.170975][ T5284] ext4_alloc_file_blocks+0x1e6/0x6e0 [ 3326.176516][ T5284] ? __read_once_size+0x5a/0xe0 [ 3326.181388][ T5284] ext4_fallocate+0x57a/0x1460 [ 3326.186347][ T5284] ? __srcu_read_unlock+0x3e/0x50 [ 3326.191522][ T5284] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3326.197512][ T5284] vfs_fallocate+0x3be/0x650 [ 3326.202174][ T5284] ? ext4_insert_range+0xc20/0xc20 [ 3326.207305][ T5284] ioctl_preallocate+0x12b/0x190 [ 3326.212330][ T5284] do_vfs_ioctl+0xb14/0xcf0 [ 3326.216842][ T5284] ? tomoyo_file_ioctl+0x34/0x40 [ 3326.221990][ T5284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.228278][ T5284] ksys_ioctl+0xbd/0xe0 [ 3326.232527][ T5284] __x64_sys_ioctl+0x4c/0x60 [ 3326.237175][ T5284] do_syscall_64+0xcc/0x3a0 [ 3326.241706][ T5284] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3326.247631][ T5284] RIP: 0033:0x45b399 [ 3326.251596][ T5284] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3326.271279][ T5284] RSP: 002b:00007f7a596f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3326.279727][ T5284] RAX: ffffffffffffffda RBX: 00007f7a596f96d4 RCX: 000000000045b399 [ 3326.287798][ T5284] RDX: 0000000020000280 RSI: 0000000040305828 RDI: 0000000000000003 [ 3326.295776][ T5284] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3326.303757][ T5284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3326.311750][ T5284] R13: 000000000000031c R14: 00000000004c435d R15: 0000000000000002 [ 3326.380328][ T5288] FAULT_INJECTION: forcing a failure. [ 3326.380328][ T5288] name failslab, interval 1, probability 0, space 0, times 0 [ 3326.393363][ T5288] CPU: 0 PID: 5288 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3326.402005][ T5288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3326.412072][ T5288] Call Trace: [ 3326.415387][ T5288] dump_stack+0x11d/0x181 [ 3326.420100][ T5288] should_fail.cold+0xa/0x1a [ 3326.424726][ T5288] __should_failslab+0xee/0x130 [ 3326.429671][ T5288] should_failslab+0x9/0x14 [ 3326.434234][ T5288] __kmalloc+0x53/0x690 [ 3326.438446][ T5288] ? iter_file_splice_write+0x103/0x840 [ 3326.444044][ T5288] iter_file_splice_write+0x103/0x840 [ 3326.449433][ T5288] ? ext4_file_read_iter+0x119/0x380 [ 3326.451612][ T5291] validate_nla: 16 callbacks suppressed [ 3326.451622][ T5291] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3326.454891][ T5288] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.454935][ T5288] ? generic_file_splice_read+0x3c1/0x500 [ 3326.460494][ T5291] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3326.468728][ T5288] ? page_cache_pipe_buf_release+0x100/0x100 [ 3326.468759][ T5288] direct_splice_actor+0xa0/0xc0 [ 3326.500869][ T5288] splice_direct_to_actor+0x22b/0x540 [ 3326.506531][ T5288] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3326.512104][ T5288] do_splice_direct+0x161/0x1e0 [ 3326.516992][ T5288] do_sendfile+0x384/0x7f0 [ 3326.521457][ T5288] __x64_sys_sendfile64+0xbe/0x140 [ 3326.526589][ T5288] do_syscall_64+0xcc/0x3a0 [ 3326.531353][ T5288] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3326.537253][ T5288] RIP: 0033:0x45b399 [ 3326.541237][ T5288] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3326.560846][ T5288] RSP: 002b:00007f2976138c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3326.569427][ T5288] RAX: ffffffffffffffda RBX: 00007f29761396d4 RCX: 000000000045b399 [ 3326.577406][ T5288] RDX: 00000000200001c0 RSI: 0000000000000005 RDI: 0000000000000005 [ 3326.585554][ T5288] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3326.593734][ T5288] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000007 [ 3326.601873][ T5288] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000002 16:59:59 executing program 3 (fault-call:1 fault-nth:3): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 16:59:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000088ffffff3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3326.778833][ T5294] FAULT_INJECTION: forcing a failure. [ 3326.778833][ T5294] name failslab, interval 1, probability 0, space 0, times 0 [ 3326.791525][ T5294] CPU: 1 PID: 5294 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 [ 3326.800168][ T5294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3326.810238][ T5294] Call Trace: [ 3326.813624][ T5294] dump_stack+0x11d/0x181 [ 3326.817747][ T5301] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3326.818049][ T5294] should_fail.cold+0xa/0x1a [ 3326.826336][ T5301] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3326.830902][ T5294] __should_failslab+0xee/0x130 [ 3326.830922][ T5294] should_failslab+0x9/0x14 [ 3326.830955][ T5294] kmem_cache_alloc+0x29/0x5d0 [ 3326.847542][ T5303] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3326.848712][ T5294] ? tomoyo_supervisor+0x170/0xd20 [ 3326.848748][ T5294] ? delay_tsc+0x8f/0xc0 [ 3326.853766][ T5303] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000009effffff3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3326.861836][ T5294] __es_insert_extent+0x1f0/0x880 [ 3326.861861][ T5294] ext4_es_insert_extent+0x1c0/0x5c0 [ 3326.861957][ T5294] ? ext4_es_find_extent_range+0x8d/0x260 [ 3326.895700][ T5294] ? ext4_find_extent+0x4ef/0x5c0 [ 3326.900824][ T5294] ext4_ext_put_gap_in_cache+0xb8/0xf0 [ 3326.906539][ T5294] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3326.912461][ T5294] ext4_ext_map_blocks+0x1157/0x2320 [ 3326.917856][ T5294] ? __this_cpu_preempt_check+0x45/0x140 [ 3326.923601][ T5294] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.929864][ T5294] ? ext4_es_lookup_extent+0x241/0x580 [ 3326.935340][ T5294] ext4_map_blocks+0x7f2/0xff0 [ 3326.940250][ T5294] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.946510][ T5294] ? __ext4_journal_start_sb+0xda/0x250 [ 3326.952096][ T5294] ext4_alloc_file_blocks+0x1e6/0x6e0 [ 3326.957523][ T5294] ? __read_once_size+0x5a/0xe0 [ 3326.962955][ T5294] ext4_fallocate+0x57a/0x1460 [ 3326.967824][ T5294] ? __srcu_read_unlock+0x3e/0x50 [ 3326.972905][ T5294] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3326.978973][ T5294] vfs_fallocate+0x3be/0x650 [ 3326.983688][ T5294] ? ext4_insert_range+0xc20/0xc20 [ 3326.988958][ T5294] ioctl_preallocate+0x12b/0x190 [ 3326.993941][ T5294] do_vfs_ioctl+0xb14/0xcf0 [ 3326.998460][ T5294] ? tomoyo_file_ioctl+0x34/0x40 [ 3327.003477][ T5294] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.009827][ T5294] ksys_ioctl+0xbd/0xe0 [ 3327.014131][ T5294] __x64_sys_ioctl+0x4c/0x60 [ 3327.018817][ T5294] do_syscall_64+0xcc/0x3a0 [ 3327.023359][ T5294] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3327.029292][ T5294] RIP: 0033:0x45b399 [ 3327.033201][ T5294] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3327.052948][ T5294] RSP: 002b:00007f7a596f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3327.061439][ T5294] RAX: ffffffffffffffda RBX: 00007f7a596f96d4 RCX: 000000000045b399 [ 3327.069560][ T5294] RDX: 0000000020000280 RSI: 0000000040305828 RDI: 0000000000000003 [ 3327.071480][ T5314] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3327.077541][ T5294] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3327.077551][ T5294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3327.077561][ T5294] R13: 000000000000031c R14: 00000000004c435d R15: 0000000000000003 [ 3327.109980][ T5314] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:59 executing program 5 (fault-call:9 fault-nth:3): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3327.141253][ T5315] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3327.149401][ T5315] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 16:59:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000f0ffffff3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 16:59:59 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe) 16:59:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4, 0x8080fffffffe) 16:59:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2, 0x8080fffffffe) 16:59:59 executing program 3 (fault-call:1 fault-nth:4): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 16:59:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000030001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3327.448478][ T5323] FAULT_INJECTION: forcing a failure. [ 3327.448478][ T5323] name failslab, interval 1, probability 0, space 0, times 0 [ 3327.461243][ T5323] CPU: 0 PID: 5323 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 [ 3327.469969][ T5323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3327.480651][ T5323] Call Trace: [ 3327.484080][ T5323] dump_stack+0x11d/0x181 [ 3327.488562][ T5323] should_fail.cold+0xa/0x1a [ 3327.493174][ T5323] __should_failslab+0xee/0x130 [ 3327.498044][ T5323] should_failslab+0x9/0x14 [ 3327.502664][ T5323] __kmalloc+0x53/0x690 [ 3327.506873][ T5323] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3327.513340][ T5323] ? debug_smp_processor_id+0x43/0x137 [ 3327.518845][ T5323] ? ext4_find_extent+0x4ef/0x5c0 [ 3327.523961][ T5323] ext4_find_extent+0x4ef/0x5c0 [ 3327.528827][ T5323] ext4_ext_map_blocks+0xe9/0x2320 [ 3327.533994][ T5323] ? __this_cpu_preempt_check+0x45/0x140 [ 3327.539754][ T5323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.546024][ T5323] ? ext4_es_lookup_extent+0x241/0x580 [ 3327.551594][ T5323] ext4_map_blocks+0x23a/0xff0 [ 3327.556533][ T5323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.562791][ T5323] ? __ext4_journal_start_sb+0xda/0x250 [ 3327.568358][ T5323] ext4_alloc_file_blocks+0x1e6/0x6e0 [ 3327.573786][ T5323] ? __read_once_size+0x5a/0xe0 [ 3327.578665][ T5323] ext4_fallocate+0x57a/0x1460 [ 3327.583443][ T5323] ? __srcu_read_unlock+0x3e/0x50 [ 3327.588509][ T5323] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3327.589225][ T5327] FAULT_INJECTION: forcing a failure. [ 3327.589225][ T5327] name failslab, interval 1, probability 0, space 0, times 0 [ 3327.594547][ T5323] vfs_fallocate+0x3be/0x650 [ 3327.612267][ T5323] ? ext4_insert_range+0xc20/0xc20 [ 3327.617382][ T5323] ioctl_preallocate+0x12b/0x190 [ 3327.622384][ T5323] do_vfs_ioctl+0xb14/0xcf0 [ 3327.626975][ T5323] ? tomoyo_file_ioctl+0x34/0x40 [ 3327.631924][ T5323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.638181][ T5323] ksys_ioctl+0xbd/0xe0 [ 3327.642357][ T5323] __x64_sys_ioctl+0x4c/0x60 [ 3327.647101][ T5323] do_syscall_64+0xcc/0x3a0 [ 3327.651669][ T5323] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3327.657573][ T5323] RIP: 0033:0x45b399 [ 3327.661567][ T5323] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3327.681244][ T5323] RSP: 002b:00007f7a596f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3327.689817][ T5323] RAX: ffffffffffffffda RBX: 00007f7a596f96d4 RCX: 000000000045b399 [ 3327.697793][ T5323] RDX: 0000000020000280 RSI: 0000000040305828 RDI: 0000000000000003 [ 3327.705781][ T5323] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3327.713778][ T5323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 3327.721754][ T5323] R13: 000000000000031c R14: 00000000004c435d R15: 0000000000000004 [ 3327.729789][ T5327] CPU: 1 PID: 5327 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3327.738398][ T5327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3327.749167][ T5327] Call Trace: [ 3327.752489][ T5327] dump_stack+0x11d/0x181 [ 3327.756840][ T5327] should_fail.cold+0xa/0x1a [ 3327.761558][ T5327] __should_failslab+0xee/0x130 [ 3327.766474][ T5327] should_failslab+0x9/0x14 [ 3327.770998][ T5327] kmem_cache_alloc+0x29/0x5d0 [ 3327.775772][ T5327] ? _raw_spin_unlock_irq+0x68/0x80 [ 3327.780984][ T5327] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3327.786959][ T5327] ? __write_once_size+0x41/0xe0 [ 3327.791978][ T5327] ext4_init_io_end+0x4f/0x120 [ 3327.796784][ T5327] ext4_writepages+0x94a/0x2500 [ 3327.801675][ T5327] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3327.807941][ T5327] ? ext4_mark_inode_dirty+0x420/0x420 [ 3327.813515][ T5327] do_writepages+0x6b/0x170 [ 3327.818086][ T5327] ? do_writepages+0x6b/0x170 [ 3327.822774][ T5327] ? wbc_attach_and_unlock_inode+0xdd/0x3b0 [ 3327.828717][ T5327] __filemap_fdatawrite_range+0x1c5/0x230 [ 3327.834611][ T5327] file_write_and_wait_range+0xfd/0x160 [ 3327.840367][ T5327] ext4_sync_file+0x266/0xaf0 [ 3327.841394][ T5335] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3327.845059][ T5327] ? generic_perform_write+0x274/0x320 [ 3327.845122][ T5327] ? __read_once_size.constprop.0+0x20/0x20 [ 3327.845154][ T5327] vfs_fsync_range+0x82/0x150 [ 3327.870952][ T5327] ext4_buffered_write_iter+0x222/0x290 [ 3327.876276][ T5336] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3327.876690][ T5327] ext4_file_write_iter+0xf4/0xd40 [ 3327.876719][ T5327] ? common_file_perm+0x1d5/0x490 [ 3327.896489][ T5327] do_iter_readv_writev+0x487/0x5b0 [ 3327.901764][ T5327] ? security_file_permission+0x88/0x280 [ 3327.907429][ T5327] do_iter_write+0x13b/0x3c0 [ 3327.912117][ T5327] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3327.918031][ T5327] vfs_iter_write+0x5c/0x80 [ 3327.922565][ T5327] iter_file_splice_write+0x530/0x840 [ 3327.928004][ T5327] ? page_cache_pipe_buf_release+0x100/0x100 [ 3327.934081][ T5327] direct_splice_actor+0xa0/0xc0 [ 3327.939134][ T5327] splice_direct_to_actor+0x22b/0x540 [ 3327.944555][ T5327] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3327.950143][ T5327] do_splice_direct+0x161/0x1e0 [ 3327.955015][ T5327] do_sendfile+0x384/0x7f0 [ 3327.959501][ T5327] __x64_sys_sendfile64+0xbe/0x140 [ 3327.964620][ T5327] do_syscall_64+0xcc/0x3a0 [ 3327.969153][ T5327] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3327.975039][ T5327] RIP: 0033:0x45b399 [ 3327.978942][ T5327] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3327.998567][ T5327] RSP: 002b:00007f2976138c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3328.006986][ T5327] RAX: ffffffffffffffda RBX: 00007f29761396d4 RCX: 000000000045b399 [ 3328.014972][ T5327] RDX: 00000000200001c0 RSI: 0000000000000005 RDI: 0000000000000005 [ 3328.023390][ T5327] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3328.031370][ T5327] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000007 [ 3328.039346][ T5327] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000003 17:00:00 executing program 3 (fault-call:1 fault-nth:5): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000090001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, 0x0, 0x8080fffffffe) 17:00:00 executing program 5 (fault-call:9 fault-nth:4): syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:00:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x5, 0x8080fffffffe) [ 3328.277068][ T5345] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3328.319753][ T5347] FAULT_INJECTION: forcing a failure. [ 3328.319753][ T5347] name failslab, interval 1, probability 0, space 0, times 0 [ 3328.340338][ T5345] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3328.368968][ T5347] CPU: 1 PID: 5347 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0 [ 3328.377591][ T5347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.387665][ T5347] Call Trace: [ 3328.390968][ T5347] dump_stack+0x11d/0x181 [ 3328.395324][ T5347] should_fail.cold+0xa/0x1a [ 3328.399940][ T5347] __should_failslab+0xee/0x130 [ 3328.404949][ T5347] should_failslab+0x9/0x14 [ 3328.409483][ T5347] kmem_cache_alloc+0x29/0x5d0 [ 3328.414264][ T5347] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3328.420643][ T5347] ? __mark_inode_dirty+0x285/0x940 [ 3328.425861][ T5347] ext4_mb_new_blocks+0x343/0x1de0 [ 3328.431126][ T5347] ? __kmalloc+0x239/0x690 [ 3328.435619][ T5347] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3328.441868][ T5347] ? debug_smp_processor_id+0x43/0x137 [ 3328.447345][ T5347] ? ext4_find_extent+0x4ef/0x5c0 [ 3328.452383][ T5347] ext4_ext_map_blocks+0x1c0f/0x2320 [ 3328.457773][ T5347] ext4_map_blocks+0x23a/0xff0 [ 3328.462550][ T5347] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.470143][ T5347] ? __ext4_journal_start_sb+0xda/0x250 [ 3328.475710][ T5347] ext4_alloc_file_blocks+0x1e6/0x6e0 [ 3328.481117][ T5347] ? __read_once_size+0x5a/0xe0 [ 3328.486095][ T5347] ext4_fallocate+0x57a/0x1460 [ 3328.490968][ T5347] ? __srcu_read_unlock+0x3e/0x50 [ 3328.496019][ T5347] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3328.501994][ T5347] vfs_fallocate+0x3be/0x650 [ 3328.506685][ T5347] ? ext4_insert_range+0xc20/0xc20 [ 3328.511865][ T5347] ioctl_preallocate+0x12b/0x190 [ 3328.516843][ T5347] do_vfs_ioctl+0xb14/0xcf0 [ 3328.521357][ T5347] ? tomoyo_file_ioctl+0x34/0x40 [ 3328.526311][ T5347] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.532645][ T5347] ksys_ioctl+0xbd/0xe0 [ 3328.536810][ T5347] __x64_sys_ioctl+0x4c/0x60 [ 3328.541482][ T5347] do_syscall_64+0xcc/0x3a0 [ 3328.546008][ T5347] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3328.551909][ T5347] RIP: 0033:0x45b399 [ 3328.555907][ T5347] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3328.575613][ T5347] RSP: 002b:00007f7a596f8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 3328.584148][ T5347] RAX: ffffffffffffffda RBX: 00007f7a596f96d4 RCX: 000000000045b399 [ 3328.592158][ T5347] RDX: 0000000020000280 RSI: 0000000040305828 RDI: 0000000000000003 [ 3328.600142][ T5347] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 3328.608292][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 17:00:01 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000200003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3328.616405][ T5347] R13: 000000000000031c R14: 00000000004c435d R15: 0000000000000005 [ 3328.628598][ T5348] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3328.639539][ T5348] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. 17:00:01 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000300003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3328.862126][ T5359] FAULT_INJECTION: forcing a failure. [ 3328.862126][ T5359] name failslab, interval 1, probability 0, space 0, times 0 [ 3328.952921][ T5359] CPU: 1 PID: 5359 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3328.961581][ T5359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.971672][ T5359] Call Trace: [ 3328.975217][ T5359] dump_stack+0x11d/0x181 [ 3328.979571][ T5359] should_fail.cold+0xa/0x1a [ 3328.984187][ T5359] ? mempool_free+0x1b0/0x1b0 [ 3328.988972][ T5359] __should_failslab+0xee/0x130 [ 3328.993914][ T5359] should_failslab+0x9/0x14 [ 3328.998454][ T5359] kmem_cache_alloc+0x29/0x5d0 [ 3329.003232][ T5359] ? constant_test_bit+0x12/0x30 [ 3329.008290][ T5359] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3329.014575][ T5359] ? mempool_free+0x1b0/0x1b0 [ 3329.019297][ T5359] mempool_alloc_slab+0x27/0x40 [ 3329.024282][ T5359] mempool_alloc+0x8e/0x270 [ 3329.028803][ T5359] ? __this_cpu_preempt_check+0x45/0x140 [ 3329.034511][ T5359] ? __mod_memcg_state+0x9a/0x120 [ 3329.039555][ T5359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3329.045811][ T5359] bio_alloc_bioset+0x223/0x3e0 [ 3329.050735][ T5359] ? unlock_page_memcg+0x28/0x30 [ 3329.055681][ T5359] submit_bh_wbc+0x134/0x460 [ 3329.060292][ T5359] __block_write_full_page+0x4e9/0x870 [ 3329.065808][ T5359] ? fat_add_cluster+0xd0/0xd0 [ 3329.070597][ T5359] ? block_invalidatepage+0x320/0x320 [ 3329.076057][ T5359] block_write_full_page+0x1c0/0x1e0 [ 3329.081415][ T5359] ? fat_add_cluster+0xd0/0xd0 [ 3329.086225][ T5359] fat_writepage+0x2e/0x40 [ 3329.090652][ T5359] __mpage_writepage+0x837/0xe70 [ 3329.095646][ T5359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3329.101894][ T5359] ? __this_cpu_preempt_check+0x45/0x140 [ 3329.107581][ T5359] ? __this_cpu_preempt_check+0x45/0x140 [ 3329.113220][ T5359] ? __rcu_read_unlock+0x66/0x3d0 [ 3329.118257][ T5359] ? percpu_counter_add_batch+0x124/0x150 [ 3329.123994][ T5359] ? clear_page_dirty_for_io+0x191/0x580 [ 3329.129631][ T5359] write_cache_pages+0x47a/0xb40 [ 3329.134633][ T5359] ? clean_buffers+0x1b0/0x1b0 [ 3329.139405][ T5359] ? __read_once_size+0x31/0x110 [ 3329.144347][ T5359] ? __rcu_read_unlock+0x66/0x3d0 [ 3329.149421][ T5359] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3329.155342][ T5359] ? __write_once_size+0x41/0xe0 [ 3329.160345][ T5359] ? blk_start_plug+0x62/0x120 [ 3329.165124][ T5359] ? fat_add_cluster+0xd0/0xd0 [ 3329.169897][ T5359] ? fat_readpages+0x50/0x50 [ 3329.174500][ T5359] mpage_writepages+0xab/0x180 [ 3329.179275][ T5359] ? fat_add_cluster+0xd0/0xd0 [ 3329.184054][ T5359] fat_writepages+0x2e/0x40 [ 3329.188638][ T5359] do_writepages+0x6b/0x170 [ 3329.193239][ T5359] ? wbc_attach_and_unlock_inode+0xdd/0x3b0 [ 3329.199203][ T5359] __filemap_fdatawrite_range+0x1c5/0x230 [ 3329.204950][ T5359] file_write_and_wait_range+0xfd/0x160 [ 3329.210523][ T5359] __generic_file_fsync+0x59/0x190 [ 3329.215639][ T5359] fat_file_fsync+0x58/0x120 [ 3329.220284][ T5359] ? fat_free_clusters.cold+0x30/0x30 [ 3329.225669][ T5359] vfs_fsync_range+0x82/0x150 [ 3329.230363][ T5359] generic_file_write_iter+0x318/0x38c [ 3329.236002][ T5359] do_iter_readv_writev+0x487/0x5b0 [ 3329.241208][ T5359] ? security_file_permission+0x88/0x280 [ 3329.246854][ T5359] do_iter_write+0x13b/0x3c0 [ 3329.251455][ T5359] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3329.257365][ T5359] vfs_iter_write+0x5c/0x80 [ 3329.261968][ T5359] iter_file_splice_write+0x530/0x840 [ 3329.267435][ T5359] ? page_cache_pipe_buf_release+0x100/0x100 [ 3329.273512][ T5359] direct_splice_actor+0xa0/0xc0 [ 3329.278502][ T5359] splice_direct_to_actor+0x22b/0x540 [ 3329.283967][ T5359] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3329.289533][ T5359] do_splice_direct+0x161/0x1e0 [ 3329.294540][ T5359] do_sendfile+0x384/0x7f0 [ 3329.299089][ T5359] __x64_sys_sendfile64+0xbe/0x140 [ 3329.304216][ T5359] do_syscall_64+0xcc/0x3a0 [ 3329.308777][ T5359] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3329.314870][ T5359] RIP: 0033:0x45b399 [ 3329.318822][ T5359] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3329.338560][ T5359] RSP: 002b:00007f2976138c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3329.347084][ T5359] RAX: ffffffffffffffda RBX: 00007f29761396d4 RCX: 000000000045b399 [ 3329.355090][ T5359] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3329.363172][ T5359] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3329.371342][ T5359] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006 [ 3329.379326][ T5359] R13: 00000000000008ca R14: 00000000004ca24d R15: 0000000000000004 [ 3329.456090][ T5360] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3329.465145][ T5360] FAT-fs (loop1): Filesystem has been set read-only [ 3329.471797][ T5360] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3329.487216][ T5369] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 3329.496107][ T5369] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) 17:00:01 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6, 0x8080fffffffe) [ 3329.599253][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:02 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000400003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x8080fffffffe) 17:00:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:00:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:02 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000500003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:02 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, 0x0, 0x8080fffffffe) 17:00:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7, 0x8080fffffffe) [ 3330.481040][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3330.508943][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3330.561930][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3330.576556][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:03 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000600003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x10, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2, 0x8080fffffffe) 17:00:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x4c00, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:03 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000700003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3331.565398][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3331.574314][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3331.910201][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3331.923763][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3331.924776][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3331.941941][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4, 0x8080fffffffe) 17:00:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x4c01, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:04 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000800003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8, 0x8080fffffffe) 17:00:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, 0x0, 0x8080fffffffe) 17:00:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x8080fffffffe) 17:00:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x541b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3332.180400][ T5432] validate_nla: 28 callbacks suppressed [ 3332.180412][ T5432] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3332.194164][ T5432] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:04 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000900003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x5421, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3332.601151][ T5447] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3332.609421][ T5447] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:05 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x0) [ 3332.801700][ T5438] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) [ 3332.822828][ T5433] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3332.831981][ T5433] FAT-fs (loop5): Filesystem has been set read-only [ 3332.840396][ T5438] FAT-fs (loop1): Filesystem has been set read-only [ 3332.851498][ T5442] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3332.876815][ T5442] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9, 0x8080fffffffe) 17:00:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x5450, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:05 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6, 0x8080fffffffe) 17:00:05 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4, 0x8080fffffffe) [ 3333.013070][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:05 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000a00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3333.076510][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3333.245732][ T5463] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3333.253950][ T5463] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x5451, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:05 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000b00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x5452, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3333.711729][ T5482] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3333.720104][ T5482] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3334.095235][ T5472] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3334.104342][ T5472] FAT-fs (loop1): Filesystem has been set read-only [ 3334.111096][ T5472] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3334.127828][ T5479] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:00:06 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000f00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3334.148579][ T5479] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) [ 3334.172677][ T5479] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3334.182906][ T5479] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6, 0x8080fffffffe) 17:00:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x5460, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3334.405077][ T5490] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3334.413277][ T5490] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:06 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x0) 17:00:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xa, 0x8080fffffffe) [ 3334.469668][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8, 0x8080fffffffe) 17:00:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x5501, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3334.662783][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:07 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001000003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3334.914912][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x6364, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3334.961849][ T5493] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3334.970881][ T5493] FAT-fs (loop5): Filesystem has been set read-only [ 3334.977795][ T5493] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3334.994569][ T5498] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3335.047291][ T5498] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3335.048825][ T5499] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3335.064660][ T5499] FAT-fs (loop1): Filesystem has been set read-only [ 3335.071566][ T5499] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3335.072721][ T5498] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3335.085806][ T5503] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 3335.097672][ T5503] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 3335.106513][ T5498] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:07 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc, 0x8080fffffffe) [ 3335.253146][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x8902, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8, 0x8080fffffffe) 17:00:07 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001100003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3335.395861][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x8912, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001200003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3336.045863][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3336.102185][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:08 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x0) 17:00:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9, 0x8080fffffffe) 17:00:08 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd, 0x8080fffffffe) 17:00:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x8933, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001300003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:08 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9, 0x8080fffffffe) 17:00:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x89e0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3336.224423][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3336.256580][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000001400003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000002100003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x400454ca, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000002f00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc, 0x8080fffffffe) [ 3337.072914][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3337.087038][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:10 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc, 0x8080fffffffe) 17:00:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40045564, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xe, 0x8080fffffffe) 17:00:10 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000003a00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd, 0x8080fffffffe) [ 3337.828900][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3337.852554][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x0) 17:00:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40049409, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3337.941081][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3337.955654][ T5587] validate_nla: 24 callbacks suppressed [ 3337.955666][ T5587] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3337.959338][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3337.961304][ T5587] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3338.032283][ T5594] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3338.040560][ T5594] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:10 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000004800003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40084149, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3338.559151][ T5598] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) [ 3338.592577][ T5609] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3338.600731][ T5609] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3338.628336][ T5598] FAT-fs (loop1): Filesystem has been set read-only [ 3338.658625][ T5612] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3338.666852][ T5612] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf, 0x8080fffffffe) 17:00:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40186366, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10, 0x8080fffffffe) [ 3338.936136][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd, 0x8080fffffffe) 17:00:12 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000004c00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:12 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xe, 0x8080fffffffe) 17:00:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x4020940d, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3339.635590][ T5620] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3339.644663][ T5620] FAT-fs (loop5): Filesystem has been set read-only [ 3339.648723][ T5625] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3339.671848][ T5625] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3339.681816][ T5625] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3339.692329][ T5625] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3339.703458][ T5625] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3339.754789][ T5632] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3339.763077][ T5632] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305807, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x12, 0x8080fffffffe) 17:00:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:12 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000006000003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3339.936871][ T27] audit: type=1800 audit(1580749212.343:334): pid=5626 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=993 res=0 [ 3339.960971][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x4030582a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10, 0x8080fffffffe) [ 3340.316562][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3340.336508][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3340.413520][ T5630] FAT-fs (loop0): error, clusters badly computed (1036 != 1037) [ 3340.417828][ T5634] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3340.421589][ T5630] FAT-fs (loop0): Filesystem has been set read-only [ 3340.438128][ T5630] FAT-fs (loop0): error, clusters badly computed (2 != 1038) 17:00:13 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000006800003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3340.597095][ T5634] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3340.923874][ T5656] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3340.981012][ T5656] FAT-fs (loop5): Filesystem has been set read-only 17:00:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10, 0x8080fffffffe) 17:00:13 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xe, 0x8080fffffffe) 17:00:13 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000006c00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3341.066609][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d, 0x8080fffffffe) 17:00:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3341.168086][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:13 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000007400003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:13 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000007a00003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x12, 0x8080fffffffe) 17:00:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305848, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:14 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000003003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3341.877997][ T5686] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3341.901036][ T5686] FAT-fs (loop5): Filesystem has been set read-only 17:00:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x800454d2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6b, 0x8080fffffffe) [ 3342.130084][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3342.186791][ T27] audit: type=1800 audit(1580749214.553:335): pid=5702 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=999 res=0 [ 3342.310798][ T5694] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3342.320067][ T5694] FAT-fs (loop1): Filesystem has been set read-only [ 3342.326902][ T5694] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3342.345931][ T5699] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3342.382779][ T5699] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) [ 3342.429189][ T5699] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3342.471923][ T5699] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:15 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000005003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:15 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d, 0x8080fffffffe) 17:00:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x8004745a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:15 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1e, 0x8080fffffffe) [ 3342.807809][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x12, 0x8080fffffffe) 17:00:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x300, 0x8080fffffffe) 17:00:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x80086301, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:15 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000006003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3342.973659][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3343.046749][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3343.184961][ T5733] validate_nla: 24 callbacks suppressed [ 3343.184973][ T5733] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3343.198828][ T5733] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3343.313425][ T5740] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3343.321598][ T5740] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc0045878, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3343.420600][ T5723] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3343.429639][ T5723] FAT-fs (loop1): Filesystem has been set read-only [ 3343.436268][ T5723] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3343.450432][ T5726] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3343.466124][ T5726] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:16 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x26, 0x8080fffffffe) 17:00:16 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000007003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xbe, 0x8080fffffffe) [ 3343.715245][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc0045878, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3343.898331][ T5736] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3343.907608][ T5736] FAT-fs (loop5): Filesystem has been set read-only [ 3343.914698][ T5736] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:16 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d, 0x8080fffffffe) [ 3343.942934][ T5742] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3343.980884][ T5753] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3343.989089][ T5753] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3344.002064][ T5742] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:16 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x49e, 0x8080fffffffe) 17:00:16 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000009003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3344.250924][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc0205648, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) [ 3344.633931][ T5772] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3344.642222][ T5772] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:17 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x27, 0x8080fffffffe) [ 3344.719747][ T5774] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3344.727995][ T5774] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3344.834606][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3344.856338][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc020660b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:17 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000a003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:17 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d, 0x8080fffffffe) 17:00:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x49f, 0x8080fffffffe) 17:00:18 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x300, 0x8080fffffffe) 17:00:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:18 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000b003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:18 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x29, 0x8080fffffffe) [ 3345.715617][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3345.724638][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x2, 0x0, 0x0, 0x24ba1dbf}) 17:00:18 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000f003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3346.277904][ T5792] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3346.286988][ T5792] FAT-fs (loop0): Filesystem has been set read-only [ 3346.293720][ T5792] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3346.310781][ T27] audit: type=1800 audit(1580749218.713:336): pid=5803 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1019 res=0 [ 3346.356536][ T5804] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:00:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x600, 0x8080fffffffe) [ 3346.494719][ T5804] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3346.605637][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3346.630353][ T5804] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:00:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2f, 0x8080fffffffe) 17:00:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x49e, 0x8080fffffffe) 17:00:19 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000011003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3346.686503][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3346.708595][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3346.726958][ T5804] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x300, 0x8080fffffffe) 17:00:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x3, 0x0, 0x0, 0x24ba1dbf}) [ 3346.746154][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3346.819335][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:19 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000012003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x4, 0x0, 0x0, 0x24ba1dbf}) [ 3347.316462][ T193] tipc: TX() has been purged, node left! [ 3347.328133][ T5833] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3347.337174][ T5833] FAT-fs (loop1): Filesystem has been set read-only [ 3347.343788][ T5833] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3347.358642][ T5842] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) 17:00:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x900, 0x8080fffffffe) [ 3347.367267][ T5842] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) 17:00:19 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3b, 0x8080fffffffe) 17:00:19 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000013003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3347.455702][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x5, 0x0, 0x0, 0x24ba1dbf}) 17:00:20 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000014003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3347.818453][ T193] batman_adv: batadv0: Removing interface: batadv_slave_0 17:00:20 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2f, 0x8080fffffffe) [ 3347.877643][ T193] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3347.943601][ T193] device bridge_slave_1 left promiscuous mode [ 3347.972701][ T193] bridge0: port 2(bridge_slave_1) entered disabled state [ 3348.042735][ T193] device bridge_slave_0 left promiscuous mode [ 3348.050549][ T193] bridge0: port 1(bridge_slave_0) entered disabled state [ 3348.457555][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3348.468415][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3348.581772][ T5862] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3348.590859][ T5862] FAT-fs (loop1): Filesystem has been set read-only [ 3348.597538][ T5862] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:21 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x49f, 0x8080fffffffe) 17:00:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x6, 0x0, 0x0, 0x24ba1dbf}) 17:00:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc00, 0x8080fffffffe) [ 3348.708372][ T5869] FAT-fs (loop0): error, clusters badly computed (1071 != 1072) [ 3348.716077][ T5869] FAT-fs (loop0): Filesystem has been set read-only 17:00:21 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d, 0x8080fffffffe) [ 3348.765942][ T5874] validate_nla: 22 callbacks suppressed [ 3348.765976][ T5874] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3348.779902][ T5874] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3348.856030][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3348.884425][ T5869] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3348.893475][ T5869] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3348.937269][ T193] device hsr_slave_0 left promiscuous mode [ 3349.012028][ T193] device hsr_slave_1 left promiscuous mode 17:00:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x7, 0x0, 0x0, 0x24ba1dbf}) 17:00:21 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3b, 0x8080fffffffe) [ 3349.139363][ T193] team0 (unregistering): Port device team_slave_1 removed [ 3349.171556][ T193] team0 (unregistering): Port device team_slave_0 removed 17:00:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd00, 0x8080fffffffe) [ 3349.259120][ T193] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3349.301675][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3349.380994][ T193] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3349.538838][ T5885] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3349.548049][ T5885] FAT-fs (loop1): Filesystem has been set read-only [ 3349.554660][ T5885] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3349.567247][ T5889] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 3349.575954][ T5889] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) 17:00:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x8, 0x0, 0x0, 0x24ba1dbf}) [ 3349.620228][ T193] bond0 (unregistering): Released all slaves 17:00:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3e, 0x8080fffffffe) 17:00:22 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000020003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xc, 0x0, 0x0, 0x24ba1dbf}) [ 3349.935118][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:22 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1200, 0x8080fffffffe) [ 3350.234397][ T5908] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3350.242858][ T5908] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3350.255692][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3350.277745][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3350.379552][ T5911] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3350.388182][ T5911] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3350.449879][ T5904] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3350.458572][ T5904] FAT-fs (loop0): Filesystem has been set read-only 17:00:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x600, 0x8080fffffffe) 17:00:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xd, 0x0, 0x0, 0x24ba1dbf}) 17:00:23 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000021003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:23 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000014003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3350.851152][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3350.930966][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3350.984001][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3351.019691][ T5922] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3351.027912][ T5922] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x24ba1dbf}) 17:00:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d00, 0x8080fffffffe) [ 3351.153473][ T5924] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3351.161763][ T5924] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3351.198333][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3351.252323][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:23 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000002f003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:23 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3b, 0x8080fffffffe) 17:00:23 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x12, 0x0, 0x0, 0x24ba1dbf}) 17:00:24 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000009431003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f00, 0x8080fffffffe) [ 3352.374353][ T5949] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3352.426514][ T5949] FAT-fs (loop0): Filesystem has been set read-only [ 3352.459824][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3352.488493][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:25 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x900, 0x8080fffffffe) 17:00:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x18, 0x0, 0x0, 0x24ba1dbf}) 17:00:25 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x60, 0x8080fffffffe) 17:00:25 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3352.636453][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3352.645167][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3352.663479][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3352.696499][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3352.717265][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:25 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000003a003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x28, 0x0, 0x0, 0x24ba1dbf}) 17:00:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000, 0x8080fffffffe) [ 3353.116926][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3353.144103][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x30, 0x0, 0x0, 0x24ba1dbf}) 17:00:25 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000003f003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x38, 0x0, 0x0, 0x24ba1dbf}) [ 3353.620552][ T27] audit: type=1800 audit(1580749226.023:337): pid=5989 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1055 res=0 17:00:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000040003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x88, 0x8080fffffffe) [ 3353.827672][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3353.891042][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3353.919815][ T6004] validate_nla: 14 callbacks suppressed [ 3353.919828][ T6004] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3353.933611][ T6004] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:26 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc00, 0x8080fffffffe) 17:00:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6b00, 0x8080fffffffe) 17:00:26 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x48, 0x0, 0x0, 0x24ba1dbf}) 17:00:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000048003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3354.178083][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3354.193648][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3354.202881][ T6008] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3354.211077][ T6008] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000004c003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3354.222385][ T6010] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3354.230518][ T6010] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3354.400118][ T6022] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3354.408272][ T6022] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3354.422035][ T6024] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3354.430633][ T6024] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000060003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x50, 0x0, 0x0, 0x24ba1dbf}) 17:00:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8008, 0x8080fffffffe) [ 3354.942228][ T6023] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) [ 3354.976539][ T6023] FAT-fs (loop1): Filesystem has been set read-only 17:00:27 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000068003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3355.018425][ T6023] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x58, 0x0, 0x0, 0x24ba1dbf}) 17:00:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xb4, 0x8080fffffffe) [ 3355.362642][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3355.376094][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3355.413349][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3355.549645][ T27] audit: type=1800 audit(1580749227.953:338): pid=6040 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1063 res=0 [ 3355.708377][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3355.725029][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd00, 0x8080fffffffe) 17:00:28 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:28 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000006c003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x60, 0x0, 0x0, 0x24ba1dbf}) 17:00:28 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9e04, 0x8080fffffffe) 17:00:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf0, 0x8080fffffffe) [ 3356.105983][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3356.116506][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3356.180067][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:28 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000074003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3356.221462][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x68, 0x0, 0x0, 0x24ba1dbf}) [ 3356.760732][ T27] audit: type=1800 audit(1580749229.163:339): pid=6064 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1067 res=0 17:00:29 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000007a003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f04, 0x8080fffffffe) 17:00:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x70, 0x0, 0x0, 0x24ba1dbf}) [ 3357.142113][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1ed, 0x8080fffffffe) [ 3357.207823][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3357.276557][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3357.286490][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3357.364872][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3357.389845][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:29 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:29 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000003194003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1200, 0x8080fffffffe) 17:00:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x300, 0x0, 0x0, 0x24ba1dbf}) [ 3357.614827][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3357.683351][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x500, 0x0, 0x0, 0x24ba1dbf}) 17:00:30 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000005a0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3358.059077][ T27] audit: type=1800 audit(1580749230.463:340): pid=6096 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1075 res=0 17:00:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x600, 0x0, 0x0, 0x24ba1dbf}) 17:00:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f, 0x8080fffffffe) [ 3358.172605][ T6120] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. 17:00:30 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x27c, 0x8080fffffffe) [ 3358.233784][ T6120] netlink: 30 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3358.244590][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3358.263496][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x700, 0x0, 0x0, 0x24ba1dbf}) [ 3358.300437][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3358.336605][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:30 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000680001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3358.515044][ T6125] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3358.523538][ T6131] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3358.524195][ T6125] FAT-fs (loop0): Filesystem has been set read-only [ 3358.540892][ T6125] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3358.557340][ T6131] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. 17:00:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xc00, 0x0, 0x0, 0x24ba1dbf}) [ 3358.603814][ T6136] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3358.654120][ T6136] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. 17:00:31 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3359.117063][ T6146] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3359.126307][ T6146] FAT-fs (loop0): Filesystem has been set read-only [ 3359.133891][ T6146] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3359.189526][ T27] audit: type=1800 audit(1580749231.593:341): pid=6142 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1083 res=0 [ 3359.311416][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3359.322554][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f00, 0x8080fffffffe) 17:00:31 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000a40001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xd00, 0x0, 0x0, 0x24ba1dbf}) 17:00:31 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x20000, 0x8080fffffffe) [ 3359.490116][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3359.513895][ T6158] validate_nla: 22 callbacks suppressed [ 3359.513908][ T6158] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x1200, 0x0, 0x0, 0x24ba1dbf}) [ 3359.541839][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x300, 0x8080fffffffe) [ 3359.682673][ T6160] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:32 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000002003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x1800, 0x0, 0x0, 0x24ba1dbf}) [ 3359.994513][ T27] audit: type=1800 audit(1580749232.393:342): pid=6159 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1087 res=0 17:00:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x80000, 0x8080fffffffe) [ 3360.212786][ T6156] FAT-fs (loop0): error, clusters badly computed (1057 != 1058) [ 3360.220535][ T6156] FAT-fs (loop0): Filesystem has been set read-only [ 3360.476897][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3360.492788][ T6174] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3360.500927][ T6174] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3360.621928][ T6171] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3360.630962][ T6171] FAT-fs (loop1): Filesystem has been set read-only [ 3360.637633][ T6171] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3360.659266][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3360.674392][ T6177] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:00:33 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000, 0x8080fffffffe) [ 3360.723696][ T6177] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 3360.774345][ T6177] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 3360.855890][ T6177] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) 17:00:33 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000003003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x2000, 0x0, 0x0, 0x24ba1dbf}) 17:00:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x49f, 0x8080fffffffe) [ 3361.509896][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3361.538036][ T6190] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3361.546184][ T6190] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x100000, 0x8080fffffffe) [ 3361.704292][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3361.770585][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3362.470501][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3362.502593][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:37 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:37 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000004003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:37 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8008, 0x8080fffffffe) 17:00:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x2800, 0x0, 0x0, 0x24ba1dbf}) 17:00:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4f8, 0x8080fffffffe) 17:00:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000, 0x8080fffffffe) [ 3364.696774][ T6156] FAT-fs (loop0): error, fat_get_cluster: detected the cluster chain loop (i_pos 970772) [ 3364.755755][ T6204] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3364.763913][ T6204] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3364.774771][ T6207] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3364.782971][ T6207] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:37 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000005003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3364.818479][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x3000, 0x0, 0x0, 0x24ba1dbf}) [ 3364.972990][ T6218] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3364.981367][ T6218] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3365.317749][ T6228] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3365.325943][ T6228] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:38 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x3800, 0x0, 0x0, 0x24ba1dbf}) 17:00:38 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000006003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:38 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2000000, 0x8080fffffffe) 17:00:38 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x500, 0x8080fffffffe) 17:00:38 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3365.886343][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3365.897931][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3365.908869][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3365.910910][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3365.923616][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:38 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000007003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3365.943689][ T6240] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3365.952129][ T6240] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3365.960191][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:38 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x3f00, 0x0, 0x0, 0x24ba1dbf}) 17:00:38 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000008003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:38 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3000000, 0x8080fffffffe) 17:00:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9e04, 0x8080fffffffe) 17:00:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000009003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3366.701263][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3366.726631][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:39 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x4000, 0x0, 0x0, 0x24ba1dbf}) 17:00:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000a003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x600, 0x8080fffffffe) 17:00:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3367.174896][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3367.186546][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:39 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x4800, 0x0, 0x0, 0x24ba1dbf}) 17:00:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000000, 0x8080fffffffe) 17:00:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000b003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3367.362743][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3367.395940][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3367.457588][ T6282] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3367.466719][ T6282] FAT-fs (loop0): Filesystem has been set read-only [ 3367.473743][ T6282] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) 17:00:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x5000, 0x0, 0x0, 0x24ba1dbf}) 17:00:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:40 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x700, 0x8080fffffffe) [ 3368.140991][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3368.166203][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3368.180322][ T6303] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:00:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f04, 0x8080fffffffe) 17:00:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000f003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6000000, 0x8080fffffffe) 17:00:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x5800, 0x0, 0x0, 0x24ba1dbf}) [ 3368.189500][ T6303] FAT-fs (loop0): Filesystem has been set read-only [ 3368.196926][ T6303] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 970769) [ 3368.207781][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3368.217679][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3368.276173][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3368.325522][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000010003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x6000, 0x0, 0x0, 0x24ba1dbf}) 17:00:41 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x900, 0x8080fffffffe) 17:00:41 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x6800, 0x0, 0x0, 0x24ba1dbf}) 17:00:41 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000011003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8000000, 0x8080fffffffe) 17:00:41 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3369.673798][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3369.689929][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3369.712397][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3369.735573][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3369.818584][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3369.831564][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:42 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xbe00, 0x8080fffffffe) 17:00:42 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x7000, 0x0, 0x0, 0x24ba1dbf}) 17:00:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000012003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:42 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:42 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xa00, 0x8080fffffffe) 17:00:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8800000, 0x8080fffffffe) [ 3370.001056][ T6354] validate_nla: 32 callbacks suppressed [ 3370.001066][ T6354] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3370.014875][ T6354] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3370.035951][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:42 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x87ff, 0x0, 0x0, 0x24ba1dbf}) [ 3370.090516][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000013003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:43 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc00, 0x8080fffffffe) 17:00:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:43 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x8fff, 0x0, 0x0, 0x24ba1dbf}) 17:00:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9000000, 0x8080fffffffe) [ 3370.851240][ T6377] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3370.859545][ T6377] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f, 0x8080fffffffe) [ 3370.922827][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3370.938918][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3370.948397][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3370.963749][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000014003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:43 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x97ff, 0x0, 0x0, 0x24ba1dbf}) [ 3371.130476][ T6385] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3371.138649][ T6385] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3371.200471][ T6393] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3371.208771][ T6393] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000021003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:44 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x9fff, 0x0, 0x0, 0x24ba1dbf}) 17:00:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc000000, 0x8080fffffffe) 17:00:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x20000, 0x8080fffffffe) [ 3371.742270][ T6407] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3371.750450][ T6407] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd00, 0x8080fffffffe) [ 3371.833388][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3371.869569][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:44 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xa7ff, 0x0, 0x0, 0x24ba1dbf}) [ 3372.228152][ T27] audit: type=1800 audit(1580749244.633:343): pid=6423 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=1136 res=0 17:00:44 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000002f003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:44 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xafff, 0x0, 0x0, 0x24ba1dbf}) 17:00:45 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x80000, 0x8080fffffffe) 17:00:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000003a003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd000000, 0x8080fffffffe) 17:00:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xe00, 0x8080fffffffe) 17:00:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xb7ff, 0x0, 0x0, 0x24ba1dbf}) 17:00:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000048003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3372.822899][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3372.833344][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3372.849690][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3372.856663][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xbfff, 0x0, 0x0, 0x24ba1dbf}) 17:00:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000004c003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xc7ff, 0x0, 0x0, 0x24ba1dbf}) [ 3373.860595][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3373.945604][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3373.955567][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xcfff, 0x0, 0x0, 0x24ba1dbf}) 17:00:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000060003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3374.001340][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x100000, 0x8080fffffffe) 17:00:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10000000, 0x8080fffffffe) 17:00:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf00, 0x8080fffffffe) 17:00:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000068003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xd7ff, 0x0, 0x0, 0x24ba1dbf}) [ 3374.285668][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000006c003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3374.328164][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:47 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xdfff, 0x0, 0x0, 0x24ba1dbf}) 17:00:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000074003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff6, 0x8080fffffffe) [ 3375.039211][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3375.057275][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3375.179960][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3375.212230][ T6510] validate_nla: 28 callbacks suppressed [ 3375.212240][ T6510] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3375.222912][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3375.225966][ T6510] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3375.307006][ T6513] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3375.315263][ T6513] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:48 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:48 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000007a003c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x12000000, 0x8080fffffffe) 17:00:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000, 0x8080fffffffe) 17:00:48 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xe7ff, 0x0, 0x0, 0x24ba1dbf}) [ 3375.696931][ T6522] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3375.705142][ T6522] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1200, 0x8080fffffffe) [ 3375.801152][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3375.868290][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:48 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000033c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:48 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xefff, 0x0, 0x0, 0x24ba1dbf}) 17:00:48 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2000000, 0x8080fffffffe) [ 3376.323090][ T6542] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3376.331337][ T6542] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3376.343925][ T6543] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3376.352070][ T6543] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3376.363290][ T6533] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970772) 17:00:48 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000053c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d000000, 0x8080fffffffe) [ 3376.461749][ T6539] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3376.511619][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:48 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff00, 0x0, 0x0, 0x24ba1dbf}) [ 3376.573353][ T6533] FAT-fs (loop0): Filesystem has been set read-only [ 3376.599007][ T6539] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 3376.662998][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3376.711390][ T6539] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 3376.750549][ T6539] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 3376.846751][ T27] audit: type=1800 audit(1580749249.253:344): pid=6544 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1165 res=0 17:00:49 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff01, 0x0, 0x0, 0x24ba1dbf}) 17:00:49 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000063c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:49 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1e00, 0x8080fffffffe) [ 3377.083278][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3377.116081][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3377.165579][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:49 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000073c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff07, 0x0, 0x0, 0x24ba1dbf}) 17:00:49 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f000000, 0x8080fffffffe) [ 3377.353930][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3377.365922][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:49 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3000000, 0x8080fffffffe) [ 3377.574761][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3377.612813][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff0f, 0x0, 0x0, 0x24ba1dbf}) 17:00:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2000, 0x8080fffffffe) 17:00:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000093c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff7f, 0x0, 0x0, 0x24ba1dbf}) 17:00:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000000, 0x8080fffffffe) 17:00:51 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2600, 0x8080fffffffe) 17:00:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000b3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:51 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x40000000, 0x8080fffffffe) [ 3378.747433][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3378.756100][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3378.767101][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3378.828890][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff87, 0x0, 0x0, 0x24ba1dbf}) 17:00:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000113c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3379.172136][ T27] audit: type=1800 audit(1580749251.573:345): pid=6611 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=16567 res=0 17:00:51 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6b000000, 0x8080fffffffe) 17:00:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff8f, 0x0, 0x0, 0x24ba1dbf}) 17:00:51 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2700, 0x8080fffffffe) [ 3380.146749][ T27] audit: type=1800 audit(1580749252.553:346): pid=6642 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1183 res=0 [ 3380.364036][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3380.376615][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3380.427243][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3380.439759][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3380.501208][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3380.510075][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:52 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000123c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff97, 0x0, 0x0, 0x24ba1dbf}) 17:00:52 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9e040000, 0x8080fffffffe) 17:00:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2900, 0x8080fffffffe) 17:00:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6000000, 0x8080fffffffe) [ 3380.575085][ T6648] validate_nla: 28 callbacks suppressed [ 3380.575096][ T6648] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3380.588913][ T6648] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3380.633639][ T6654] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3380.641814][ T6654] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000133c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:53 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xff9f, 0x0, 0x0, 0x24ba1dbf}) 17:00:53 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f040000, 0x8080fffffffe) [ 3381.241893][ T27] audit: type=1800 audit(1580749253.643:347): pid=6664 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1187 res=0 [ 3381.258858][ T6670] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3381.269446][ T6670] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000143c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3381.310394][ T6673] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3381.318666][ T6673] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3381.343194][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:53 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8000000, 0x8080fffffffe) [ 3381.402922][ T6677] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3381.411246][ T6677] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3381.435121][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3381.436582][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3381.472064][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000203c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:53 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffa7, 0x0, 0x0, 0x24ba1dbf}) 17:00:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000213c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:54 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3382.314026][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2f00, 0x8080fffffffe) 17:00:54 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffaf, 0x0, 0x0, 0x24ba1dbf}) [ 3382.378402][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:54 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf4ffffff, 0x8080fffffffe) [ 3382.489563][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3382.514531][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:55 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000002f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:55 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8800000, 0x8080fffffffe) 17:00:55 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000094313c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3382.723234][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:00:55 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffb7, 0x0, 0x0, 0x24ba1dbf}) [ 3382.851693][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:55 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:55 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf5ffffff, 0x8080fffffffe) 17:00:55 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000003a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3383.274098][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3383.296458][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:00:55 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3b00, 0x8080fffffffe) [ 3383.435695][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3383.449229][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:00:55 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffbf, 0x0, 0x0, 0x24ba1dbf}) 17:00:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9000000, 0x8080fffffffe) 17:00:56 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffc7, 0x0, 0x0, 0x24ba1dbf}) [ 3383.810543][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3383.839935][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:56 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000003f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:56 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffcf, 0x0, 0x0, 0x24ba1dbf}) 17:00:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:56 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfbffffff, 0x8080fffffffe) [ 3384.444293][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3384.453210][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:56 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000403c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d00, 0x8080fffffffe) 17:00:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffd7, 0x0, 0x0, 0x24ba1dbf}) 17:00:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffdf, 0x0, 0x0, 0x24ba1dbf}) 17:00:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000483c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:57 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3385.264548][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3385.278512][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc000000, 0x8080fffffffe) 17:00:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3e00, 0x8080fffffffe) 17:00:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfeffffff, 0x8080fffffffe) 17:00:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffe7, 0x0, 0x0, 0x24ba1dbf}) 17:00:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000004c3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3385.599491][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3385.618217][ T6799] validate_nla: 30 callbacks suppressed [ 3385.618242][ T6799] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3385.632185][ T6799] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3385.655579][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:00:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0xffef, 0x0, 0x0, 0x24ba1dbf}) 17:00:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000603c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) 17:00:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f0000, 0x8080fffffffe) 17:00:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000683c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f00, 0x8080fffffffe) [ 3386.302107][ T6817] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3386.310276][ T6817] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3386.321033][ T6818] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3386.329361][ T6818] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3386.392752][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3386.409808][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3386.417541][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3386.435416][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:00:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd000000, 0x8080fffffffe) 17:00:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x24ba1dbf}) [ 3386.457490][ T6823] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3386.465737][ T6823] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000006c3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3386.682295][ T6834] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3386.690589][ T6834] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:00:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x3, 0x0, 0x24ba1dbf}) 17:00:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x4, 0x0, 0x24ba1dbf}) 17:00:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000, 0x8080fffffffe) 17:00:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000743c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x5, 0x0, 0x24ba1dbf}) 17:00:59 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:00:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffefffff, 0x8080fffffffe) 17:00:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000007a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:00:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x6, 0x0, 0x24ba1dbf}) [ 3387.468047][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3387.531564][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10000000, 0x8080fffffffe) 17:01:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000031943c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3387.787798][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3387.801964][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x5900, 0x8080fffffffe) 17:01:00 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x7, 0x0, 0x24ba1dbf}) [ 3388.048925][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3388.087616][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000030001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3388.231930][ T27] audit: type=1800 audit(1580749260.633:348): pid=6874 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1222 res=0 [ 3388.243002][ T6886] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3388.265415][ T6887] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000090001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffefff, 0x8080fffffffe) 17:01:00 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x8, 0x0, 0x24ba1dbf}) [ 3388.564596][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3388.616013][ T6894] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3388.641234][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3388.644504][ T6894] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:01 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000023c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3388.660956][ T6896] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3388.670790][ T6896] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:01 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xc, 0x0, 0x24ba1dbf}) 17:01:01 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6000, 0x8080fffffffe) [ 3388.938500][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3389.003592][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x12000000, 0x8080fffffffe) 17:01:01 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000033c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:01 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xd, 0x0, 0x24ba1dbf}) 17:01:01 executing program 0: r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffff4, 0x8080fffffffe) [ 3389.607380][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3389.616073][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x10, 0x0, 0x24ba1dbf}) [ 3389.649567][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:02 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000043c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3389.743361][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x12, 0x0, 0x24ba1dbf}) 17:01:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7c02, 0x8080fffffffe) 17:01:02 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000053c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3390.055872][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x18, 0x0, 0x24ba1dbf}) [ 3390.135472][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x28, 0x0, 0x24ba1dbf}) [ 3390.763110][ T27] audit: type=1800 audit(1580749263.163:349): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=1233 res=0 [ 3390.896476][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3390.938008][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3391.004872][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3391.013811][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:03 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f000000, 0x8080fffffffe) 17:01:03 executing program 0: r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x30, 0x0, 0x24ba1dbf}) 17:01:03 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000063c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffff5, 0x8080fffffffe) 17:01:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8800, 0x8080fffffffe) [ 3391.225347][ T6959] validate_nla: 26 callbacks suppressed [ 3391.225361][ T6959] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3391.239126][ T6959] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3391.251052][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x38, 0x0, 0x24ba1dbf}) [ 3391.275378][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:03 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000073c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x48, 0x0, 0x24ba1dbf}) [ 3391.925728][ T6977] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3391.934154][ T6977] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:04 executing program 0: r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f04, 0x8080fffffffe) [ 3392.133946][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffffb, 0x8080fffffffe) [ 3392.204231][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3392.300150][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3392.316997][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x50, 0x0, 0x24ba1dbf}) 17:01:05 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000083c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:05 executing program 0: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xb400, 0x8080fffffffe) 17:01:05 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffffe, 0x8080fffffffe) 17:01:05 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x40000000, 0x8080fffffffe) [ 3393.206470][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3393.215154][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x58, 0x0, 0x24ba1dbf}) [ 3393.278655][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3393.279838][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3393.288407][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3393.300028][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3393.337299][ T6997] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3393.345445][ T6997] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3393.388257][ T7005] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3393.396639][ T7005] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x60, 0x0, 0x24ba1dbf}) 17:01:06 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000093c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3394.028202][ T7023] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3394.036535][ T7023] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:06 executing program 0: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9e040000, 0x8080fffffffe) 17:01:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x68, 0x0, 0x24ba1dbf}) 17:01:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xed01, 0x8080fffffffe) 17:01:06 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffff000, 0x8080fffffffe) [ 3394.388214][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3394.397066][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3394.426161][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x70, 0x0, 0x24ba1dbf}) [ 3394.456484][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:06 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000b3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3394.584511][ T27] audit: type=1800 audit(1580749266.983:350): pid=7038 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="sda1" ino=16510 res=0 17:01:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x300, 0x0, 0x24ba1dbf}) 17:01:07 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f040000, 0x8080fffffffe) 17:01:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x800800000000, 0x8080fffffffe) 17:01:07 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000000f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3395.034618][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3395.059857][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:07 executing program 0: syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x500, 0x0, 0x24ba1dbf}) 17:01:07 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf0ff, 0x8080fffffffe) 17:01:07 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000103c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x600, 0x0, 0x24ba1dbf}) 17:01:08 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf60f, 0x8080fffffffe) 17:01:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000113c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:08 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', 0x0, 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x700, 0x0, 0x24ba1dbf}) [ 3395.785855][ T27] audit: type=1800 audit(1580749268.183:351): pid=7078 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1257 res=0 [ 3395.988095][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3396.030608][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000000000, 0x8080fffffffe) 17:01:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000123c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:08 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xbe000000, 0x8080fffffffe) 17:01:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xc00, 0x0, 0x24ba1dbf}) [ 3396.259407][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3396.316980][ T7106] validate_nla: 18 callbacks suppressed [ 3396.316992][ T7106] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3396.330841][ T7106] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3396.356626][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3396.369607][ T7108] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3396.377913][ T7108] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xd00, 0x0, 0x24ba1dbf}) 17:01:09 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf804, 0x8080fffffffe) 17:01:09 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', 0x0, 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2000000000000, 0x8080fffffffe) 17:01:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000133c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x1200, 0x0, 0x24ba1dbf}) [ 3396.830361][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3396.840067][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3396.858567][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3396.859179][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3396.961365][ T7122] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3396.969570][ T7122] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3396.984346][ T7123] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3396.992507][ T7123] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000143c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3397.111577][ T7127] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3397.119813][ T7127] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x1800, 0x0, 0x24ba1dbf}) 17:01:09 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf4ffffff, 0x8080fffffffe) 17:01:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000213c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x2000, 0x0, 0x24ba1dbf}) 17:01:10 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000002f3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f, 0x8080fffffffe) 17:01:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7ffffffffffff, 0x8080fffffffe) 17:01:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', 0x0, 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x2800, 0x0, 0x24ba1dbf}) [ 3397.939135][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3397.954657][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3397.974464][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3397.982509][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x3000, 0x0, 0x24ba1dbf}) 17:01:10 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000003a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:10 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000483c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:10 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfff0, 0x8080fffffffe) 17:01:10 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf5ffffff, 0x8080fffffffe) 17:01:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x3800, 0x0, 0x24ba1dbf}) 17:01:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8000000000000, 0x8080fffffffe) 17:01:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3398.556297][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3398.565183][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:11 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000004c3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x3f00, 0x0, 0x24ba1dbf}) [ 3398.783392][ T7188] FAT-fs (loop0): bogus number of reserved sectors [ 3398.806808][ T7188] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:11 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000603c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x4000, 0x0, 0x24ba1dbf}) 17:01:11 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:11 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000683c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1517f, 0x8080fffffffe) [ 3399.339749][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x4800, 0x0, 0x24ba1dbf}) [ 3399.388205][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3399.406225][ T7211] FAT-fs (loop0): bogus number of reserved sectors [ 3399.440064][ T7211] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10000000000000, 0x8080fffffffe) 17:01:12 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000006c3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfbffffff, 0x8080fffffffe) 17:01:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x5000, 0x0, 0x24ba1dbf}) [ 3399.806628][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3399.898648][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:12 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000743c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:12 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:12 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x20000, 0x8080fffffffe) 17:01:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x5800, 0x0, 0x24ba1dbf}) [ 3400.399540][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3400.422227][ T27] audit: type=1800 audit(1580749272.823:352): pid=7235 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1275 res=0 [ 3400.499163][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf0ffffff0f0000, 0x8080fffffffe) 17:01:13 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000000001190500000000000000000000007a3c0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3400.659952][ T7245] FAT-fs (loop0): bogus number of reserved sectors 17:01:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x6000, 0x0, 0x24ba1dbf}) [ 3400.703974][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3400.715071][ T7245] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3400.744174][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:13 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000005a0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x6800, 0x0, 0x24ba1dbf}) 17:01:13 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, 0x0, 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfeffffff, 0x8080fffffffe) 17:01:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x7000, 0x0, 0x24ba1dbf}) [ 3401.311945][ T7266] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3401.399492][ T7266] netlink: 30 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3401.400648][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3401.434065][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x40000, 0x8080fffffffe) [ 3401.446561][ T7269] FAT-fs (loop0): bogus number of reserved sectors 17:01:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x100000000000000, 0x8080fffffffe) [ 3401.516744][ T7269] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3401.578313][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3401.592016][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:14 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000680001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x87ff, 0x0, 0x24ba1dbf}) [ 3402.259591][ T7290] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3402.279453][ T7290] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:14 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, 0x0, 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x200000000000000, 0x8080fffffffe) 17:01:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x8fff, 0x0, 0x24ba1dbf}) 17:01:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f0000, 0x8080fffffffe) [ 3402.453149][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3402.486475][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:14 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000a40001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:14 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x60000, 0x8080fffffffe) [ 3402.503069][ T7296] FAT-fs (loop0): bogus number of reserved sectors [ 3402.522006][ T7296] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3402.570227][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3402.628185][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x97ff, 0x0, 0x24ba1dbf}) [ 3402.824023][ T7310] validate_nla: 38 callbacks suppressed [ 3402.824035][ T7310] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x9fff, 0x0, 0x24ba1dbf}) [ 3403.018196][ T7315] netlink: 'syz-executor.4': attribute type 1 has an invalid length. 17:01:15 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000030001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:15 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, 0x0, 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x300000000000000, 0x8080fffffffe) [ 3403.219893][ T7320] FAT-fs (loop0): bogus number of reserved sectors [ 3403.232390][ T7320] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3403.239931][ T7321] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3403.315879][ T7326] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:15 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x80000, 0x8080fffffffe) 17:01:15 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000090001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3403.435471][ T27] audit: type=1800 audit(1580749275.833:353): pid=7307 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=1285 res=0 17:01:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffefffff, 0x8080fffffffe) [ 3403.496437][ T193] tipc: TX() has been purged, node left! [ 3403.580792][ T7337] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3403.597547][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3403.608662][ T7337] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3403.620236][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:16 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, &(0x7f0000000140), 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3403.725884][ T7337] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:16 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x400000000000000, 0x8080fffffffe) [ 3403.830101][ T7337] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:16 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xa0000, 0x8080fffffffe) [ 3404.041376][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:16 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000005a0001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3404.085806][ T7344] FAT-fs (loop0): bogus number of reserved sectors [ 3404.097175][ T193] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3404.105588][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3404.137429][ T7344] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3404.152202][ T193] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3404.181287][ T193] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3404.261147][ T193] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3404.345042][ T193] device bridge_slave_1 left promiscuous mode 17:01:16 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x600000000000000, 0x8080fffffffe) [ 3404.423921][ T193] bridge0: port 2(bridge_slave_1) entered disabled state [ 3404.550187][ T193] device bridge_slave_0 left promiscuous mode [ 3404.655353][ T193] bridge0: port 1(bridge_slave_0) entered disabled state [ 3404.807672][ T193] device veth1_macvtap left promiscuous mode [ 3404.862933][ T193] device veth0_macvtap left promiscuous mode [ 3404.869122][ T193] device veth1_vlan left promiscuous mode [ 3404.886467][ T193] device veth0_vlan left promiscuous mode [ 3405.004484][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3405.059690][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3405.378899][ T27] audit: type=1800 audit(1580749277.783:354): pid=7366 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1293 res=0 [ 3405.489257][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3405.515422][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3405.516377][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3405.526640][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3405.647121][ T193] device hsr_slave_0 left promiscuous mode [ 3405.706613][ T193] device hsr_slave_1 left promiscuous mode [ 3405.797898][ T193] team0 (unregistering): Port device team_slave_1 removed [ 3405.832282][ T193] team0 (unregistering): Port device team_slave_0 removed [ 3405.853629][ T193] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3405.920436][ T193] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3406.035948][ T193] bond0 (unregistering): Released all slaves [ 3407.559353][ T7372] IPVS: ftp: loaded support on port[0] = 21 [ 3407.638054][ T7372] chnl_net:caif_netlink_parms(): no params data found [ 3407.689822][ T7372] bridge0: port 1(bridge_slave_0) entered blocking state [ 3407.696982][ T7372] bridge0: port 1(bridge_slave_0) entered disabled state [ 3407.704968][ T7372] device bridge_slave_0 entered promiscuous mode [ 3407.712880][ T7372] bridge0: port 2(bridge_slave_1) entered blocking state [ 3407.720072][ T7372] bridge0: port 2(bridge_slave_1) entered disabled state [ 3407.728100][ T7372] device bridge_slave_1 entered promiscuous mode [ 3407.747084][ T7372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3407.758206][ T7372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3407.778492][ T7372] team0: Port device team_slave_0 added [ 3407.785672][ T7372] team0: Port device team_slave_1 added [ 3407.802722][ T7372] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3407.809779][ T7372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3407.836305][ T7372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3407.848359][ T7372] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3407.855513][ T7372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3407.881730][ T7372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3407.959078][ T7372] device hsr_slave_0 entered promiscuous mode [ 3407.996855][ T7372] device hsr_slave_1 entered promiscuous mode [ 3408.049507][ T7372] debugfs: Directory 'hsr0' with parent '/' already present! [ 3408.099723][ T7372] bridge0: port 2(bridge_slave_1) entered blocking state [ 3408.106923][ T7372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3408.114254][ T7372] bridge0: port 1(bridge_slave_0) entered blocking state [ 3408.121319][ T7372] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3408.161279][ T7372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3408.173573][ T800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 3408.183012][ T800] bridge0: port 1(bridge_slave_0) entered disabled state [ 3408.191771][ T800] bridge0: port 2(bridge_slave_1) entered disabled state [ 3408.200882][ T800] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 3408.213933][ T7372] 8021q: adding VLAN 0 to HW filter on device team0 [ 3408.227095][ T800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 3408.235590][ T800] bridge0: port 1(bridge_slave_0) entered blocking state [ 3408.242665][ T800] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3408.268240][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 3408.277081][ T807] bridge0: port 2(bridge_slave_1) entered blocking state [ 3408.284176][ T807] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3408.293740][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 3408.303048][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 3408.312336][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 3408.324346][ T7372] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 3408.339318][ T7372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 3408.349683][ T1339] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 3408.360611][ T1339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 3408.379201][ T1340] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 3408.386777][ T1340] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 3408.396639][ T7372] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3408.457957][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 3408.481479][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 3408.493723][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 3408.502047][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 3408.515504][ T7372] device veth0_vlan entered promiscuous mode [ 3408.531925][ T7372] device veth1_vlan entered promiscuous mode [ 3408.554220][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 3408.562783][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 3408.575331][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 3408.587230][ T7372] device veth0_macvtap entered promiscuous mode [ 3408.596791][ T7372] device veth1_macvtap entered promiscuous mode [ 3408.613553][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3408.624464][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.639478][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3408.652190][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.664192][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3408.679053][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.691716][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 3408.704418][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.724294][ T7372] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3408.733380][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 3408.747701][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 3408.758144][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3408.773100][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.783744][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3408.798499][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.809774][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3408.823152][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.834380][ T7372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 3408.848602][ T7372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3408.860972][ T7372] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3408.870746][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 3408.880269][ T807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 17:01:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xa7ff, 0x0, 0x24ba1dbf}) 17:01:21 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, &(0x7f0000000140), 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:21 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc0000, 0x8080fffffffe) 17:01:21 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffefff, 0x8080fffffffe) 17:01:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x800000000000000, 0x8080fffffffe) 17:01:21 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000680001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3409.116533][ T7400] __nla_validate_parse: 4 callbacks suppressed [ 3409.116544][ T7400] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3409.168658][ T7400] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3409.205477][ T7410] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3409.220911][ T7410] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3409.228918][ T7408] FAT-fs (loop0): bogus number of reserved sectors [ 3409.240650][ T7408] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:22 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b800000000011905000000000000000000000000a40001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xafff, 0x0, 0x24ba1dbf}) 17:01:22 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xe0000, 0x8080fffffffe) 17:01:22 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x900000000000000, 0x8080fffffffe) 17:01:22 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, &(0x7f0000000140), 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xb7ff, 0x0, 0x24ba1dbf}) [ 3409.840608][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3409.867301][ T7422] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 3409.875635][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3409.899968][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3409.919096][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:22 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0400002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3410.186268][ T7431] FAT-fs (loop0): bogus number of reserved sectors [ 3410.216440][ T7431] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xbfff, 0x0, 0x24ba1dbf}) [ 3410.469454][ T27] audit: type=1800 audit(1580749282.873:355): pid=7436 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1301 res=0 [ 3410.506036][ T7441] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc00000000000000, 0x8080fffffffe) 17:01:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffff4, 0x8080fffffffe) 17:01:23 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{0x0}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:23 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0700002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xc7ff, 0x0, 0x24ba1dbf}) [ 3410.738176][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3410.746950][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3410.755459][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3410.777079][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:23 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x100000, 0x8080fffffffe) [ 3410.852324][ T7452] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3410.868378][ T7454] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:23 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0f00002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xcfff, 0x0, 0x24ba1dbf}) [ 3410.920868][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3410.946805][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3410.991503][ T7460] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3411.003670][ T7461] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3411.014108][ T7453] FAT-fs (loop0): bogus number of reserved sectors 17:01:23 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c1000002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3411.092235][ T7453] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xd7ff, 0x0, 0x24ba1dbf}) 17:01:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd00000000000000, 0x8080fffffffe) [ 3411.500474][ T7476] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:23 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{0x0}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:24 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0201002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3411.792624][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3411.807553][ T7484] FAT-fs (loop0): bogus number of reserved sectors [ 3411.814334][ T7484] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3411.821627][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:24 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffff5, 0x8080fffffffe) 17:01:24 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1fffff, 0x8080fffffffe) 17:01:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xdfff, 0x0, 0x24ba1dbf}) 17:01:24 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0301002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000000000000, 0x8080fffffffe) [ 3412.466027][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3412.510302][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3412.551041][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3412.563728][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:25 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{0x0}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:25 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0401002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xe7ff, 0x0, 0x24ba1dbf}) 17:01:25 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x880000, 0x8080fffffffe) 17:01:25 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0501002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xefff, 0x0, 0x24ba1dbf}) [ 3412.856991][ T7510] FAT-fs (loop0): bogus number of reserved sectors [ 3412.863548][ T7510] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:25 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3413.209371][ T27] audit: type=1800 audit(1580749285.613:356): pid=7517 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1311 res=0 17:01:25 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffffb, 0x8080fffffffe) 17:01:25 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0601002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff00, 0x0, 0x24ba1dbf}) 17:01:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1200000000000000, 0x8080fffffffe) [ 3413.457471][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3413.484960][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff01, 0x0, 0x24ba1dbf}) 17:01:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0701002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3413.636484][ T7534] FAT-fs (loop0): bogus number of reserved sectors [ 3413.675533][ T7534] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:26 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000, 0x8080fffffffe) [ 3413.955415][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d00000000000000, 0x8080fffffffe) 17:01:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff07, 0x0, 0x24ba1dbf}) [ 3414.043740][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3414.075093][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3414.102158][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0801002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff0f, 0x0, 0x24ba1dbf}) [ 3414.479753][ T7563] __nla_validate_parse: 12 callbacks suppressed [ 3414.479765][ T7563] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:26 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:26 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffffe, 0x8080fffffffe) 17:01:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff7f, 0x0, 0x24ba1dbf}) 17:01:27 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0901002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f00000000000000, 0x8080fffffffe) 17:01:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1ed0000, 0x8080fffffffe) [ 3414.832542][ T7576] FAT-fs (loop0): bogus number of reserved sectors [ 3414.866545][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3414.877539][ T7576] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3414.908498][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff87, 0x0, 0x24ba1dbf}) [ 3415.055640][ T7586] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:27 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000000000000000, 0x8080fffffffe) 17:01:27 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0a01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff8f, 0x0, 0x24ba1dbf}) [ 3415.457201][ T7597] FAT-fs (loop0): bogus number of reserved sectors [ 3415.475525][ T7597] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:28 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0b01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3415.531777][ T7601] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3415.552084][ T7603] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffff000, 0x8080fffffffe) 17:01:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2000000, 0x8080fffffffe) 17:01:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff97, 0x0, 0x24ba1dbf}) [ 3415.654348][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3415.666234][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3415.803911][ T7613] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3415.837804][ T7616] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:28 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0f01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:28 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6b00000000000000, 0x8080fffffffe) 17:01:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xff9f, 0x0, 0x24ba1dbf}) [ 3416.024149][ T7622] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3416.081638][ T7625] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:28 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c1001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:28 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e666174", 0xb}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:28 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3000000, 0x8080fffffffe) [ 3416.494045][ T7632] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x800800000000, 0x8080fffffffe) 17:01:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffa7, 0x0, 0x24ba1dbf}) [ 3416.591838][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffaf, 0x0, 0x24ba1dbf}) [ 3416.653422][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3416.666702][ T27] audit: type=1800 audit(1580749289.073:357): pid=7629 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1323 res=0 [ 3416.686174][ T7634] FAT-fs (loop0): bogus number of reserved sectors 17:01:29 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c1101002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7fffffffffffffff, 0x8080fffffffe) [ 3416.765066][ T7634] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3416.842928][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3416.854682][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffb7, 0x0, 0x24ba1dbf}) [ 3417.213769][ T7654] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3417.237667][ T27] audit: type=1800 audit(1580749289.633:358): pid=7647 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=1325 res=0 17:01:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000000000, 0x8080fffffffe) [ 3417.440023][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3417.503053][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:29 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c1201002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:29 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000000, 0x8080fffffffe) 17:01:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e666174", 0xb}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3417.665479][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3417.683541][ T27] audit: type=1800 audit(1580749290.083:359): pid=7661 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1329 res=0 17:01:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffbf, 0x0, 0x24ba1dbf}) [ 3417.729252][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8000000000000000, 0x8080fffffffe) [ 3417.875663][ T7676] FAT-fs (loop0): bogus number of reserved sectors [ 3417.916542][ T7676] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3417.930385][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3417.995529][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:30 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c1301002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e666174", 0xb}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffc7, 0x0, 0x24ba1dbf}) 17:01:30 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2000000000000, 0x8080fffffffe) 17:01:30 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x5000000, 0x8080fffffffe) [ 3418.363473][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:30 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c1401002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffcf, 0x0, 0x24ba1dbf}) [ 3418.409880][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9e04000000000000, 0x8080fffffffe) [ 3418.531430][ T7696] FAT-fs (loop0): bogus number of reserved sectors [ 3418.549972][ T7696] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:31 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c2101002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffd7, 0x0, 0x24ba1dbf}) 17:01:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffdf, 0x0, 0x24ba1dbf}) 17:01:31 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01", 0x11}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3418.889092][ T27] audit: type=1800 audit(1580749291.293:360): pid=7713 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=17769 res=0 17:01:31 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x58f0f35, 0x8080fffffffe) 17:01:31 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c2f01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffe7, 0x0, 0x24ba1dbf}) [ 3419.430248][ T7733] FAT-fs (loop0): invalid media value (0x00) 17:01:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7ffffffffffff, 0x8080fffffffe) 17:01:31 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c3a01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3419.523609][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3419.532418][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3419.551267][ T7733] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0xffef, 0x0, 0x24ba1dbf}) 17:01:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f04000000000000, 0x8080fffffffe) [ 3419.646318][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3419.657868][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:32 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01", 0x11}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3419.762364][ T7753] __nla_validate_parse: 7 callbacks suppressed [ 3419.762378][ T7753] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:32 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x6000000, 0x8080fffffffe) 17:01:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x2, 0x24ba1dbf}) 17:01:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8000000000000, 0x8080fffffffe) [ 3419.867028][ T7758] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:32 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c4801002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3419.999717][ T7762] FAT-fs (loop0): invalid media value (0x00) [ 3420.039357][ T7762] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3420.209114][ T7773] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x24ba1dbf}) 17:01:32 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c4c01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf4ffffff00000000, 0x8080fffffffe) 17:01:33 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01", 0x11}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7000000, 0x8080fffffffe) 17:01:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x4, 0x24ba1dbf}) [ 3420.644502][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3420.675973][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:33 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10000000000000, 0x8080fffffffe) [ 3420.697632][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3420.719555][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3420.730315][ T7785] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:33 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c6001002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3420.757867][ T7787] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3420.866638][ T7788] FAT-fs (loop0): invalid media value (0x00) [ 3420.885728][ T7788] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x5, 0x24ba1dbf}) [ 3420.957870][ T7799] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3421.054626][ T7805] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:33 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270", 0x14}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:33 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c6801002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf5ffffff00000000, 0x8080fffffffe) [ 3421.478086][ T27] audit: type=1800 audit(1580749293.883:361): pid=7808 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1343 res=0 17:01:33 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf0ffffff0f0000, 0x8080fffffffe) [ 3421.548821][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3421.551692][ T7814] FAT-fs (loop0): invalid media value (0x00) [ 3421.575159][ T7814] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3421.581742][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3421.585043][ T7818] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x6, 0x24ba1dbf}) 17:01:34 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9000000, 0x8080fffffffe) 17:01:34 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c6c01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3421.601377][ T7819] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3421.662485][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3421.690876][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x7, 0x24ba1dbf}) [ 3421.841625][ T7828] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:34 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c7401002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8, 0x24ba1dbf}) 17:01:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270", 0x14}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:34 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c7a01002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3422.591196][ T27] audit: type=1800 audit(1580749294.993:362): pid=7838 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="loop5" ino=1351 res=0 17:01:35 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc000000, 0x8080fffffffe) 17:01:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xc, 0x24ba1dbf}) 17:01:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfbffffff00000000, 0x8080fffffffe) [ 3422.807409][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3422.864801][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3422.887008][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3422.910069][ T7854] FAT-fs (loop0): invalid media value (0x00) [ 3422.934024][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3422.956739][ T7854] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:35 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0003002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x100000000000000, 0x8080fffffffe) 17:01:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xd, 0x24ba1dbf}) [ 3423.255327][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3423.302635][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3423.352273][ T7871] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 3423.476124][ T7874] netlink: 'syz-executor.4': attribute type 3 has an invalid length. 17:01:36 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0005002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfeffffff00000000, 0x8080fffffffe) 17:01:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd000000, 0x8080fffffffe) 17:01:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x10, 0x24ba1dbf}) 17:01:36 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270", 0x14}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3423.840329][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3423.853751][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3423.871538][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3423.871602][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:36 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0006002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x12, 0x24ba1dbf}) [ 3424.296140][ T7897] FAT-fs (loop0): invalid media value (0x00) [ 3424.320728][ T7897] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:36 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0009002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:37 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270ff", 0x15}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f000000000000, 0x8080fffffffe) [ 3424.847528][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3424.856985][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3425.003801][ T7920] FAT-fs (loop0): invalid media value (0x00) [ 3425.048788][ T7920] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3425.068970][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:37 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x200000000000000, 0x8080fffffffe) 17:01:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x18, 0x24ba1dbf}) 17:01:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xe000000, 0x8080fffffffe) 17:01:37 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000a002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3425.115113][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffefffff00000000, 0x8080fffffffe) 17:01:37 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000b002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3425.229723][ T27] audit: type=1800 audit(1580749297.603:363): pid=7924 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=16867 res=0 [ 3425.256928][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3425.265567][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x28, 0x24ba1dbf}) 17:01:37 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0011002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:37 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf000000, 0x8080fffffffe) 17:01:38 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0012002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:38 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x30, 0x24ba1dbf}) 17:01:38 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270ff", 0x15}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3425.896635][ T7964] netlink: 'syz-executor.4': attribute type 18 has an invalid length. [ 3425.985255][ T7968] netlink: 'syz-executor.4': attribute type 18 has an invalid length. [ 3426.177637][ T7972] FAT-fs (loop0): invalid media value (0x00) [ 3426.249933][ T7972] FAT-fs (loop0): Can't find a valid FAT filesystem [ 3426.530457][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3426.549186][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3426.579939][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3426.601601][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x300000000000000, 0x8080fffffffe) 17:01:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0013002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:39 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x38, 0x24ba1dbf}) 17:01:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffffffff0700, 0x8080fffffffe) 17:01:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffffff, 0x8080fffffffe) 17:01:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270ff", 0x15}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0014002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3426.736839][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3426.745592][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3426.868032][ T7998] FAT-fs (loop0): invalid media value (0x00) [ 3426.952956][ T7998] FAT-fs (loop0): Can't find a valid FAT filesystem 17:01:39 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x48, 0x24ba1dbf}) 17:01:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0018002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x400000000000000, 0x8080fffffffe) 17:01:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffffffffff7f, 0x8080fffffffe) 17:01:39 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x50, 0x24ba1dbf}) [ 3427.401867][ T27] audit: type=1800 audit(1580749299.803:364): pid=8009 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1371 res=0 [ 3427.482718][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:39 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x10000000, 0x8080fffffffe) 17:01:39 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0025002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x58, 0x24ba1dbf}) [ 3427.560644][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3427.576967][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3427.599754][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c003f002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3427.848814][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3427.858294][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:01:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0040002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:40 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x12000000, 0x8080fffffffe) 17:01:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x600000000000000, 0x8080fffffffe) 17:01:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x60, 0x24ba1dbf}) 17:01:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c005a002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffffffffffff, 0x8080fffffffe) 17:01:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x68, 0x24ba1dbf}) 17:01:40 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0063002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3428.592990][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3428.675059][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:41 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x70, 0x24ba1dbf}) 17:01:41 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:41 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x300, 0x24ba1dbf}) 17:01:41 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:41 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1e000000, 0x8080fffffffe) [ 3429.190820][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3429.236491][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3429.260471][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:41 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0002002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3429.378057][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:42 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x800000000000000, 0x8080fffffffe) 17:01:42 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x500, 0x24ba1dbf}) 17:01:42 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0003002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000440)='./bus\x00', 0x14107e, 0xaa) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) r3 = request_key(&(0x7f0000000200)='cifs.idmap\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000300)='vfat\x00', 0xfffffffffffffff9) keyctl$describe(0x6, r3, &(0x7f0000000340)=""/246, 0xf6) prlimit64(r2, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3429.970125][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3430.006701][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3430.070012][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3430.131815][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3430.142667][ T8104] netlink: 'syz-executor.4': attribute type 3 has an invalid length. 17:01:42 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x600, 0x24ba1dbf}) [ 3430.251467][ T8108] netlink: 'syz-executor.4': attribute type 3 has an invalid length. 17:01:42 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:42 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x700, 0x24ba1dbf}) 17:01:42 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xc00, 0x24ba1dbf}) 17:01:43 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x20000000, 0x8080fffffffe) 17:01:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0004002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3430.696895][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3430.705696][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:43 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x900000000000000, 0x8080fffffffe) 17:01:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0005002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:43 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xd00, 0x24ba1dbf}) 17:01:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(0x0, 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r2 = open(&(0x7f00000000c0)='./bus/file0\x00', 0x20200, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x6) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:01:43 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0006002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3431.320789][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:43 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x1200, 0x24ba1dbf}) 17:01:43 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x26000000, 0x8080fffffffe) [ 3431.372416][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3431.477235][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3431.531893][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0008002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:44 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xc00000000000000, 0x8080fffffffe) 17:01:44 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x1800, 0x24ba1dbf}) 17:01:44 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3431.763997][ T8163] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 3431.783029][ T8166] netlink: 'syz-executor.4': attribute type 8 has an invalid length. 17:01:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0009002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3431.846562][ T8156] FAT-fs (loop5): invalid media value (0x00) [ 3431.852608][ T8156] FAT-fs (loop5): Can't find a valid FAT filesystem 17:01:44 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x2000, 0x24ba1dbf}) 17:01:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000a002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x40, 0x105740) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/key-users\x00', 0x0, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r6, &(0x7f0000000040)=0xfffffffffffff000, 0x0) sendfile(r5, r6, &(0x7f00000001c0)=0xffff, 0x74bd) r7 = socket$unix(0x1, 0x2, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) r9 = socket$unix(0x1, 0x2, 0x0) r10 = fcntl$dupfd(r9, 0x0, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) setsockopt$kcm_KCM_RECV_DISABLE(r10, 0x119, 0x1, &(0x7f0000000300)=0x9, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) sendfile(r3, r2, &(0x7f0000000240), 0x4) 17:01:44 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x27000000, 0x8080fffffffe) 17:01:44 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000b002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:44 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x2800, 0x24ba1dbf}) 17:01:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0010002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:45 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xd00000000000000, 0x8080fffffffe) 17:01:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0011002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) accept$nfc_llcp(r1, &(0x7f0000000300), &(0x7f0000000100)=0x60) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r2) r3 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r3, &(0x7f0000000100)=ANY=[], 0x49f) umount2(&(0x7f00000000c0)='./file0\x00', 0x2) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r4, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYRES32=0x0], 0x1}}, 0x0) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe) [ 3432.949846][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3433.065224][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:45 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0012002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x3000, 0x24ba1dbf}) 17:01:45 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x29000000, 0x8080fffffffe) [ 3433.435739][ T8225] netlink: 'syz-executor.4': attribute type 18 has an invalid length. [ 3433.462117][ T8226] netlink: 'syz-executor.4': attribute type 18 has an invalid length. [ 3433.529762][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3433.546614][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0013002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:46 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1000000000000000, 0x8080fffffffe) 17:01:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0x49f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r0, r0, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x3800, 0x24ba1dbf}) [ 3433.901082][ T8219] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3433.910211][ T8219] FAT-fs (loop5): Filesystem has been set read-only [ 3433.916997][ T8219] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3433.936490][ T8222] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3434.025579][ T8222] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 17:01:46 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0014002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x3f00, 0x24ba1dbf}) 17:01:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = geteuid() syz_mount_image$iso9660(&(0x7f00000000c0)='iso9660\x00', &(0x7f0000000200)='./bus\x00', 0x100000001, 0x3, &(0x7f0000000500)=[{&(0x7f0000000300)="08eb7c7e126ff76ea74be457f128a67271cedc284200ed8188f2aae368b75ca792e00b2e58b1172575b6e28ddd23c504e1ad9769521ca9e35ec64b78ee7f2f2fa4eed49e83ba5987b54f471842842a696f5493bb39d9d1737a3a18b7aaf914e903e9c277ef7964c924ecdc3a095963b24a7c1ec116fe530083a34ea06878750dd8a95633dda56b119d14c3b17e6eac76d6b9f116cb01109c1f38fde9e65ced16bdac9a224226f29e2e39b2fcf5cc3c2034eee7ba4fefba9f40e28214b2918356538973ef4dde6ce5d36e5f100da2366f90a7ab685c70f567e56c19642804f2629344c90294efb80ffb3db7f35489aa6770e6", 0xf2}, {&(0x7f0000000400)="cd672f4e88785eca6db13db1eb6bb82540e51db9432dcbf88eda0f3eeaf4f46b541b266dd6af8b4c8706be34f9cadc8c81726d62d7d7a5375b67eb4ec33bdcd5f1b8ba528758300e2f76f777ad9e28d25c47408a227bfb736991b3feb3716f1e649659bc1b582bb51046c332f063434325e9c78f8d1a1e3aa24f8e09526f5692e860976acfb4257fcc90f51e6c8d2346e2a81ac7311140fbb4043d269bc19fa9dd9da35c1555a81d5278c70bc3968ddd54779f66faa0f652cae67c3561696c1d6c38a46ba8b8c5feae676c4af480b8189493d9de529086c2430e35892b94972b2ef3c8e92826c2dadc577efac817e75772f11c658ad7", 0xf6, 0x81}, {&(0x7f0000000240)="a3dcdd5125dee7a014faa9b366a73f617f954ba04b298e35b513d8edf07aba31092636ca991565df6303bc026f0f45e97672552e47", 0x35, 0xa2}], 0x90, &(0x7f0000000580)={[{@norock='norock'}, {@nocompress='nocompress'}], [{@euid_gt={'euid>', r1}}, {@smackfstransmute={'smackfstransmute', 0x3d, '@em0eth0posix_acl_access\'('}}, {@context={'context', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, 'cpuacct.usage_sys\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '^-bdev@'}}]}) fchdir(r0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r2, &(0x7f0000000100)=ANY=[], 0x49f) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe) 17:01:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x2f000000, 0x8080fffffffe) [ 3434.473878][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3434.483448][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3434.519921][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0018002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:47 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x4000, 0x24ba1dbf}) 17:01:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0025002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3434.868697][ T27] audit: type=1800 audit(1580749307.263:365): pid=8244 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=1403 res=0 17:01:47 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(0x0, 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:47 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x4800, 0x24ba1dbf}) 17:01:47 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x1200000000000000, 0x8080fffffffe) 17:01:47 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c005a002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3435.472344][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:47 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x350f8f05, 0x8080fffffffe) [ 3435.612153][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:48 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x5000, 0x24ba1dbf}) 17:01:48 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(0x0, 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3436.199724][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3436.209965][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3436.216744][ T27] audit: type=1800 audit(1580749308.613:366): pid=8287 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1410 res=0 [ 3436.377561][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3436.386315][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:48 executing program 5: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) setitimer(0x1, &(0x7f0000000200)={{r0, r1/1000+30000}}, 0x0) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r2) r3 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0) write$binfmt_aout(r3, &(0x7f0000000100)=ANY=[], 0x49f) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r3, r3, &(0x7f00000001c0), 0x8080fffffffe) socket$l2tp(0x2, 0x2, 0x73) eventfd(0x10000) 17:01:48 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0063002c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:48 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3b000000, 0x8080fffffffe) 17:01:48 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x5800, 0x24ba1dbf}) 17:01:49 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0000072c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:49 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(0x0, 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x6000, 0x24ba1dbf}) [ 3437.165077][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3437.220064][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3437.323475][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3437.416474][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3437.423657][ T8318] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3437.471115][ T8318] FAT-fs (loop5): Filesystem has been set read-only [ 3437.627049][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:50 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f00000000000000, 0x8080fffffffe) 17:01:50 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3d000000, 0x8080fffffffe) 17:01:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00000f2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:50 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x3c30fc, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f00000000c0)={{0x2, 0x0, @identifier="ccf222800b653720545bd87953a094a4"}}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:01:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x6800, 0x24ba1dbf}) 17:01:50 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3437.971385][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3437.980976][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x7000, 0x24ba1dbf}) [ 3438.025046][ T796] FAT-fs (loop0): Filesystem has been set read-only [ 3438.032968][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:50 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000100030001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8002, 0x24ba1dbf}) [ 3438.788322][ T8359] __nla_validate_parse: 5 callbacks suppressed [ 3438.788465][ T8359] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:51 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3e000000, 0x8080fffffffe) 17:01:51 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x4000000000000000, 0x8080fffffffe) [ 3438.893562][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3438.903526][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3438.913009][ T8362] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:01:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8003, 0x24ba1dbf}) 17:01:51 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f0000000200)) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_S_SELECTION(r6, 0xc040563e, &(0x7f00000000c0)={0x1, 0x0, 0x100, 0x2, {0x4, 0xba, 0x20000, 0x3f}}) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3438.960002][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3438.981709][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:01:51 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001022c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3439.022599][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3439.046565][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:01:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8004, 0x24ba1dbf}) 17:01:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:52 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x3f000000, 0x8080fffffffe) [ 3439.662710][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3439.680011][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:01:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7fffffffffffffff, 0x8080fffffffe) [ 3439.714934][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3439.734913][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:52 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001032c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3440.060777][ T8383] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3440.069787][ T8383] FAT-fs (loop5): Filesystem has been set read-only [ 3440.076580][ T8383] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3440.088851][ T8387] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:01:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8005, 0x24ba1dbf}) [ 3440.106874][ T8387] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3440.116593][ T8387] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3440.126153][ T8387] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 17:01:52 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:52 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) socket$unix(0x1, 0x2, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r3, 0x0, r3) r4 = socket$unix(0x1, 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r6, 0x0, r6) r7 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r7, &(0x7f0000000040)=0xfffffffffffff000, 0x0) dup2(r6, r7) r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r9 = fcntl$dupfd(r8, 0x406, r1) r10 = socket$unix(0x1, 0x2, 0x0) r11 = fcntl$dupfd(r10, 0x0, r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) ioctl$TIOCSISO7816(r2, 0xc0285443, &(0x7f0000000340)={0x80, 0x7610695e, 0x2, 0xade, 0xffffffff}) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f0000000300)=0x9, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x4001fc) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r9, 0x84, 0x1e, &(0x7f00000000c0), &(0x7f0000000200)=0x4) r12 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer\x00', 0x101301, 0x0) r13 = open(&(0x7f0000000280)='./file0\x00', 0x110000141543, 0x0) ftruncate(r13, 0x10099b3) r14 = socket$alg(0x26, 0x5, 0x0) bind$alg(r14, &(0x7f0000002240)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(sha3-512-generic)\x00'}, 0x58) r15 = accept4$alg(r14, 0x0, 0x0, 0x0) sendfile(r15, r13, 0x0, 0x8001) r16 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) r17 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r17, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="010600e600", @ANYRES32=0x0], 0x0) setsockopt$inet_sctp6_SCTP_MAXSEG(r16, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r18, 0x4) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r13, 0x84, 0x17, &(0x7f0000000440)={r18, 0x7, 0x99, "4894101ad2693735771b1a0616844144fb5258f96ea30af22e628be11f6b14ac06fb6f005f488a15a15b561d8ec73d0dc7cb252d31a267a11571a6d0ca61362398ec51e7e2ccecc9f0b3f8f19ac1173c7542931a7fb966cd2297e79acfb7a5621cbb37957e61984a2057dc65f9dd35ccf6f6b2faf3a39f43eab2c60fb2c1411ab4dc4c2be67ea55ba7fedc40bcbb04f435b3d15f1389f06ba7"}, 0xa1) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000500)=ANY=[@ANYRES32=r18, @ANYBLOB="01800800070003000800e800200004009b360100f1b6026d745c83b7212e767fa63197a4ae78a30ecf8ee6694ac1ebbacd79a43651d8b0988b6ae91de11e4f44d07af2707e97a484d1d33b50859772d2351560ef3e07660a35d8da7e75a19c909518e5441b67cfb49d9238c2c18d8d51b2ef85d4d93cb45360f6c74065b4be98ad692d1121f1e3d79af92b3ec341a444a568e034f5bf9dbe826381022700122dd46c53eb73c4bbce71bb08f52b79d29e68be779a2a32e7da8d70e440e103bb85b52597ebcbed6c0215bdedf13e10cb62b935455ba97048bccc3d3d53a24564cdcf35c67593"], &(0x7f00000003c0)=0x18) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r12, 0x84, 0x13, &(0x7f0000000400)={r19, 0x7fff}, &(0x7f0000000440)=0x8) [ 3440.491106][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:52 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001042c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:53 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8006, 0x24ba1dbf}) [ 3440.580618][ T796] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3440.645153][ T796] FAT-fs (loop0): Filesystem has been set read-only 17:01:53 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x40000000, 0x8080fffffffe) [ 3440.799738][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3440.826567][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:53 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001052c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:53 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x87ff, 0x24ba1dbf}) 17:01:53 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x7fff, 0x0, &(0x7f0000000140), 0x14, 0x0) syz_mount_image$f2fs(&(0x7f0000000140)='f2fs\x00', &(0x7f0000000180)='./bus\x00', 0x8, 0x1, &(0x7f0000000200)=[{&(0x7f0000000300)="dc57545b3896e655ca9560ee8c0900f075c581c37b2650e64cef5d3aa900357cb25470782d0e759567040f204693166972e65ad6fb49bc8a10b263749a9dadb4bd7aa913f7cc129319fc04c8769f9c10ec235cc4d06e49dc0088147c1adab22b974a2c2e68fe994832ded3ee917f538583167a3be9d9e38f337ce8590becf3207ade8f775866932b804d64bc8141c1350194aaa524b35c59952ef3c7348165bdcb1e504992d581338895d903eba2a2b20c5a592946df13b7aae3f2174100239c938aa0ab7d759f962940bcc7a37d864fd66d1da181515fbac24576fc3294ac5a935e7b30f9bdc7495e3b1984928846a19b530b3734ba6e8c8dceb116c8287b4bed81f14792968edd47ff67b5f8fa758899f32037693fd8a2e913d533b3984debb7aa519bbc5cde871695cba8dbde9e2578161f81a26dbba41853ef8542e77f7fe5349630350d9d4fa18699448adb762b874a2668ee085779d167f10478160c291b9c8d3e15f3e5b6aff521acde4eb0a591381ca645673bd4f333e293a56e1821074ec6a88f65e9678a6379ffb2ea0ed7cc019e00e1f94063e01cb251294930a517e57b6aea4584de3c6be06f06a1e4539678869202d0e40d388f1f7e2b22389a9c99a652df39411964490b53a97dc18145b33f5bf53b266c53c112dbd4b95f6525dc77cdc89fd73ccb874a73e334afaf1bcd6e2f741306b74d7afa627937483db2da3f5eff12914081895408354a91880a71930b2bda726d74bdbb0cd39919a32028f8be4e7cf38737562c491af552e9cbde42c0859f906634244e595a06a79625a92478c8480c2d12dda653be4abf8e33f4003326e781f73770bfa3be1fd95383dca55ffed45d210f31557d0e780681ee9c5f086466d931a60d30caad13cb62fa02b149b5bafca2d903542827bcd78b076125c2f24bf0fa19edd8149c5f9fcb52761595cdf38c5a60e4e528f0c5591cc973aa4cd83422856751e7fb4ab8cd7c9ec2a7ee909c1916ec0c7db0fd7fa7bcb017d4902cc2c875964ca316409d9e3b5fd42a97c18967a6b9b77e931d95ee61facf819b8124f86d6bbe4f7ef449f27acd6b160105f6468e4d267de5041ce955970b03853e12ca3b2473a0960858e72412aa1c1181cb719bae31855e8a59e8ef103ec9790fae36b6ccae535edec750e647460f3c7e4ce8efa14ea8e0e1a0a843ea31e0593336d499fbc4f46f7b3a96ac10243b93cab5c4c8f79e26b89d33a77346a3130f9ed7764635e46509155b64be2b40381c6542edf0c772b50ba84b394479198453b7705f15f5c888960fa63cbcc09d925acf909a9181b23162ef138b271678de049e246d5ec151e95d3efcef74b856b2c03fbeebd27a89fdc549fa5d5eb5ba69ec55cb700d4acea0231e16a0af0b76c063f5162953d80f4b55014e746a3cfdd50c9002ec47c26b09a7dd4d3b0547753a6be1050334d84b2e551fd99c89f353fe19d1ea037f1e6ca4a9073cb686ee3e5ee3be7f2b2e842fc74a13c9d92cd75106124da737c45dc00d5918eabf0dcb880b9119e7eb023d172236938d766bb3b576844f840435699bb022182ade5a1d298fdf6cc477552250cd29ba0cc2a01da430676e3c223986b2abf952b6d7c89b3e61628b925fae9d612e7ffe6844309c6e00bdbbf5a9221416cb101250e25fed9d924c9cc39d72f39c1b47e0ce356fb1c0d1b8425187d1024055f081c8660e04bbd7ddd8fb457d9016cff7d6457edd11185f162619ef91e0ab53aad9155d576166031ea7526e49109ef7c7e0f6a2a8113039b2aee6104340b024e8b5a11ac6e05293a2ff1d5c4d2ba894fa6c366a0479f2c113a0048a6b86c046790dec553a4b9a428eb5ea01f08b9c1da228aff8679dc2ce8aa587f5c27b284507e7b105390102e8c89bb54df17cdb542aef064cb9dd4d248cb6115556c18d95177f850844d6cab67c7a9512525ce780b53e027f766521afcdf236009bc9c3e6d682a131d44b3ab5b132e0d8d06b0b1135533aa5e80665b87111c1482c5df0c00c474e4f8b76acaa7e0aa3e54b71bdf7adb1ba93cc90cef6c583705c9936e70b9781777a4594ed549c6e07197e7028f9f223293bacb218ca76b54f427a61f520e4533a03aa1e4934c4591409b70495b6fcf61259d771e5baba8f066764119935076e1cb36245a38a0943497791f6721313fb41c8303fbf5631c76d7c1d9f1506d3f75bab235b2cb201d18bd705f4838590736b4b0bf4b587985a26f74bbf2cbf3bb9c85e04de5d26c4a0cfdaced1c77d47565c1c4137d70e79ca88fc105d858231782a0c932e18b90592ba462da2f0e2b5f01c0efc98d4e388667e1530bf019088f1f4886eb5c3046d4d1e6585ca900efa9f5ccd0926524c035869a43691786529201248717012f7d159fdc486438027549abeb90241ed30f9020fd84ee621df0fd78f15b1f620ae638afac67fe90411c6a4441798e9c454c2d99141a0311b214ba9fbf1d7eb147a560914fee0dc90751f4d976aa0191e07efba02371dcecfa6c94cd87147740332567d2d785b002de016d5a38b6423175ccd5aca1b7ad24c6395dc6250cceb179d2e2d0dea0d346e0ddc187539bc3cba42d91ac11db7b0482d5fa6d1c3ad71f8d32eeac87008eab6f3a0315b706f341710d5aab0131b7ef6af33e87022fd93cb7a0e9726d628b8f17fef68e32f8685f02b590a1c26ccede969f0a246575a96da639973676ea0ccdca3b837ea5b2631844eaaf443e0e1ad1098f6aca495cf0b0f1ae8b8a65a2111e6a3542f6ccb25bf949eaee3ae548613d997a7d9a20290cdf769aa8f1561353567d61d1156067ad2a5eea0998b958f43d0da9467d51963d29f7686a2b162acac425175864fe3f73da3868c1851405cd19d9cbd6e9c23e14cc39d11939f4da8dbc57c5784e0a502156bc9b5c7dac6af420cc4628d50e8205277b3cad474498ba2cc3e86be180e02e5b68d537e70874c03545360171c205705717f9ced2379214d67452472ffa834932cb26334522c82a220bd62bce5beb613bf20541e2242098d9209aa74b1a162bde9fc417c1344753dbfc5764b14068ab238f1fce4e1221b50737add5bee514c0f1e72bdc06bb32dcd8c175c8196ef39845748ee7acf11b2a82b58ee52c8e6cca61a88e471b5b6b7a693181c7f3c00fa3d789a31682adcf676f58f88c3e89e9b65b180cf28a4462036c6f0c8129ac5bb3ed7133cbfff10602051ca7af035de3fb51fa2cff047e8f325116b7187cec1530a3475df8adcd884dcf8f1367c279f64cf7dbda0216cee34c9bad453e799919b22c3ce54af8d59b0b354d269a6a5e8d2e5a6398c5b15147aa7c417e881b0eff9175f0c96677d5064dc7974a1f782bc39760d613a9f244047f1f33192fce3461d38c5823090adad2daf833693054849e1cd6f8c7a1f399c1455f027e60dc57e8c795a182a4e662178e44b9cddec84d04344f5110bbe0298d3637ed220ae1f9bc344e34c5d8530739de4c02c49b8f2062351942df39f8dea90a8575f405f75c67a972128200b47dd6fa9268381ffaec285ea69d1a44e8ef7c9e0e0e631ce1a433575c84af337974513fdd97f27b36ec0f63f8c82087f9fe0be71b847761e8604ea4ed0075b754b68f9dac9669bde52f480e8a9e3588dde62eb5d749fcbd97fb86c5c38274db582a1249ca0d8e6aaed146441116468df451d9c808de83a3ebf09bb715b2ddc3ebdc2c0bcf8399d3764a82d9d9dec24e8a8d921017936e23d1b6409fc141ef4daedcc1c0c6d4ab672a1e65c89027a490a575cf03a74e5c4e4ee689b58813a60ee68c53fe09477e6fe1bc8634307ad979ad6b324cd38abb3f90cdcd6b4c491ff2e3723e53aa9a2451f57532eeff74681afb2b216bea222e92e76a919e271e94b15e1977822b202d4f200d783649462a43450bd1b2e6e9dce95063974bedb66b68570aa473d5abd411f20665253e7860b5eeac412a0153601bda2a8444e887afcd7905289e9c9a7993f0552ab04d7b579112c020f8df3e5e6d7de4d32f883da4b826ad5d9e1ecfc63b3771a1e1ddc0850f2fca3d7eb8c69ea806fa9523b554d2368f0a63dee4b07d96f1dffbeda142a1d2426b1e7d2286ac16cf8b8b262127d7601c02cb61af2afb20add803386bab43f60c82196d6e1c13250033d0820585629d7640710450ddd8b69ccc04d42920e957503e36c03f87cf996ee15dfc3509d1514eb3a909d41d9a236b64653e316fe30236f7f14d86c3b9e2866748cf47227d72e5ddf6199f4352831785777886eec0885b2f6ed694a981099708d50de7dbfb10b55c8a266ca4c895365497d69cfe724b81e430dc5107a6c61bbe3ab36a0440b3bd288a9d3cd5feff4c3c6f9d97b7b1a8ac220fbe1490a060e0680eacc2df8c0c1ee9bac361074e4959964379bca2828da7933b5b9c71ecb7ef6ad8fe768d03fe8370fa0b16ab41d584166e9dfbe5dcdc348ae17f635c1265f74084e8ee170a0698c208cb039c348146078a15b456a0b5464ac8a2ababd8831c249dc6cae076ac202edbe37aec76c2064687e1a84c0366ff401889e2e471c4b728732a9706e4d5338c4a0653d96b35e3e1bb37daf7586beee0d3c09d42317be9abf4267020ad81df08b8b822322ad400fc3fe8e6ebb322f8b4e19d67eb919169a14b0f8c2cfdb704bf1d781e030972b61d3d0588c145a87bf7996da127e46962f3cfe42face165cdc037eb768559ac3b4ead3a27d21f4beede8464bf6b68e659ddda86ac2c790fc223a43ade41dfc06e68ae47f2fd12c107e0aca1ad3de09ebce0e22130181ae9984c0700f76093eebe54901776d732e2aad4aafb6e86b72bf0085b47159bb355e15d298e19dcf012cb21f0d26445a81cc6c9cad7f951f9a27619271243591ed75293d8d77261d71004be066b975fff96666d9d84ba09948dcc9b7a4d368a828261532efd3a607b63a4a316146d38e9374051f97c8cffe02ac17f07dc5fb267647eba4272fb9862df43ece46fd1b426ba03f87626d445572b17d18e356e5989397379b9326b30a23e6d7e75742065845de53b8f5d0fedac78541419620f6a22945c24f17d8b3b4b4fcdc831f14402bf285dbf1dceaf2067e013841de45ca554f529d4f813b811ee806bd14651757ca4d42f20fa38d46f4b66d933768623ee0dd81d9217195665d316f354c77f1fa2639ccdc92868189e26af9cf9080a1bc78ae01b2561e7c15d75f3685f95f30ec7445f77f10b3e1eca3dd08ac9dec3a1e051b706718d2bdf37ab4348b982d3b4c5e6b66a9dff75595f19b68aedbc7ce8ab5e73175078b43ffbdf28a43b2966231356b71d52d292595cc672b4299c043b674f71f9491d0d08b18136224b84cc230067bdaf375cee1ed41b8f03d1b3bf40585056d8efebe1135b175d619fb3268161b078898bf3ac16ecf55966e0990c7b154ab7da2f31d3366b23905a1f5bf46967c601852fe58ebfbcb734fbc1fea221f1848e3116774ff0ca0478dc436cf4c01fd84dba0b726fff49b35821b6d0d28e6323b9834ca9084bddd201840648ff57799679cfb70fb8313acf461ab338e72c0118316cf5b49eed624a61fe4a233fdc3b1369ce9f9a21433a33dfd132e6422f77d706732c2be97ffe8aac392911c1b0c4a159a7a3233a69cfd658242adac2fbcfaf7f0271aee6e5fd3dd80b2b0533542b8df947c25bd73af717df210f723f01d669380436e0ec6f497f9194b4fbf049e374063bc421065f0264074f595dd81541d7ca51881ecf4fe5e4204d1a4d5b0f4feec6b4766495eaa7d8d3e8ebecf", 0x1000, 0x80000000}], 0x10, &(0x7f0000001300)={[{@grpquota={'grpquota', 0x3d, 'vfat\x00'}}, {@prjjquota={'prjjquota', 0x3d, 'ppp0)ppp0%'}}, {@nolazytime='nolazytime'}, {@discard='discard'}, {@nobarrier='nobarrier'}, {@usrquota={'usrquota', 0x3d, 'vfat\x00'}}, {@noacl='noacl'}, {@inline_data='inline_data'}], [{@uid_gt={'uid>'}}, {@hash='hash'}, {@obj_type={'obj_type', 0x3d, 'cpuacct.usage_sys\x00'}}, {@appraise='appraise'}, {@fsuuid={'fsuuid', 0x3d, {[0x39, 0x63, 0x34, 0x66, 0x66, 0x31, 0x35, 0x39], 0x2d, [0x38, 0x0, 0x65, 0x37], 0x2d, [0x34, 0x33, 0x33, 0x34], 0x2d, [0x39, 0x35, 0x35, 0x35], 0x2d, [0x33, 0x63, 0x37, 0x63, 0x66, 0x37, 0x62, 0x64]}}}, {@smackfsdef={'smackfsdef', 0x3d, 'vfat\x00'}}, {@pcr={'pcr', 0x3d, 0x3b}}]}) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000240)={0x9, 0x0, 0x7}, 0xc) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r2, &(0x7f0000000100)=ANY=[], 0x49f) write$input_event(0xffffffffffffffff, &(0x7f00000000c0)={{0x77359400}, 0x1, 0xffff, 0x7ff}, 0x18) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe) 17:01:53 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x8000000000000000, 0x8080fffffffe) 17:01:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001062c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59000000, 0x8080fffffffe) 17:01:54 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x8fff, 0x24ba1dbf}) [ 3441.614919][ T8438] FAT-fs (loop5): bogus number of reserved sectors [ 3441.621899][ T8438] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3441.636060][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3441.644821][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001072c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3441.718109][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3441.742723][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3441.981785][ T8443] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) 17:01:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001082c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3442.116797][ T8443] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 3442.247871][ T8443] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 3442.295515][ T8443] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock 17:01:54 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x60000000, 0x8080fffffffe) [ 3442.465728][ T8443] FAT-fs (loop5): bogus number of reserved sectors [ 3442.472482][ T8443] FAT-fs (loop5): Can't find a valid FAT filesystem [ 3442.487295][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:01:54 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001092c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:55 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3442.521068][ T8443] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 3442.529112][ T8443] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 3442.537564][ T8443] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 3442.545404][ T8443] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 3442.554630][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:55 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x97ff, 0x24ba1dbf}) 17:01:55 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x6180, 0x489fbae756ad6f12) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0)=0x9, 0x8080fffffffe) 17:01:55 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00010a2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3443.055962][ T27] audit: type=1800 audit(1580749315.453:367): pid=8478 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1442 res=0 [ 3443.283909][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3443.369631][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9e04000000000000, 0x8080fffffffe) 17:01:56 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7c020000, 0x8080fffffffe) 17:01:56 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00010b2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:56 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x9fff, 0x24ba1dbf}) [ 3443.694095][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3443.728012][ T3157] FAT-fs (loop5): Filesystem has been set read-only [ 3443.773277][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3443.794915][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:56 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00010f2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:56 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xa7ff, 0x24ba1dbf}) 17:01:56 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x7f510100, 0x8080fffffffe) 17:01:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:56 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001102c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:56 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xafff, 0x24ba1dbf}) 17:01:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001112c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:57 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f040000, 0x8080fffffffe) [ 3444.859605][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3444.887746][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x9f04000000000000, 0x8080fffffffe) 17:01:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001122c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xb7ff, 0x24ba1dbf}) [ 3445.259758][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3445.286741][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:57 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001132c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xbfff, 0x24ba1dbf}) 17:01:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xb4000000, 0x8080fffffffe) [ 3445.736103][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3445.749493][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:01:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001142c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xc7ff, 0x24ba1dbf}) 17:01:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xbe00000000000000, 0x8080fffffffe) 17:01:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xcfff, 0x24ba1dbf}) 17:01:58 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001212c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:58 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf0ffffff, 0x8080fffffffe) 17:01:58 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3446.574067][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3446.602870][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:01:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00012f2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xd7ff, 0x24ba1dbf}) 17:01:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf4ffffff00000000, 0x8080fffffffe) [ 3446.885172][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3446.956846][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:01:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00013a2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xdfff, 0x24ba1dbf}) 17:01:59 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf4ffffff, 0x8080fffffffe) 17:01:59 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001482c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:01:59 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xe7ff, 0x24ba1dbf}) 17:02:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00014c2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3447.972238][ T27] audit: type=1800 audit(1580749320.373:368): pid=8609 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=1463 res=0 17:02:00 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xefff, 0x24ba1dbf}) 17:02:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf5ffffff, 0x8080fffffffe) 17:02:00 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:02:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001602c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3448.237879][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF 17:02:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x800, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = socket$unix(0x1, 0x2, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket(0x0, 0x800000003, 0x0) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080)='ethtool\x00') sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)={0x40, r5, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x4}, @ETHTOOL_A_LINKMODES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x0) r6 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r6, 0x0, r6) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'dummy0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'bond0\x00', 0x0}) r10 = socket(0xa, 0x1, 0x0) close(r10) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0}, &(0x7f00000002c0)=0x14) bind$xdp(r10, &(0x7f0000000040)={0x2c, 0x1, r11}, 0x10) r12 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r12, 0x0, r12) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000840)={'batadv_slave_1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000001e80)={'vcan0\x00', 0x0}) r15 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r15, 0x0, r15) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r15, 0x8933, &(0x7f0000001f80)={'batadv_slave_0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000002180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002140)={&(0x7f0000001fc0)={0x150, r5, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKMODES_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_LINKMODES_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wireguard1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @ETHTOOL_A_LINKMODES_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r16}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}]}, 0x150}, 0x1, 0x0, 0x0, 0xc0804}, 0x4014) r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r17, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3448.314309][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:02:00 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff00, 0x24ba1dbf}) 17:02:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf5ffffff00000000, 0x8080fffffffe) 17:02:00 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001682c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3448.442280][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3448.451036][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:02:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setxattr(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)=@random={'osx.', '/proc/slabinfo\x00'}, &(0x7f00000003c0)=']\x9ceth1!mime_type[\x00', 0x12, 0x1) r4 = fcntl$dupfd(r2, 0x406, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r5, &(0x7f0000000040)=0xfffffffffffff000, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0205647, &(0x7f0000000240)={0x9c0000, 0x2, 0x100, r5, 0x0, &(0x7f0000000200)={0x980906, 0x1000, [], @p_u8=&(0x7f00000000c0)=0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/slabinfo\x00', 0x0, 0x0) r6 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r6, 0x0, r6) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x3, 0x0, 0x5, 0x7}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:02:01 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff01, 0x24ba1dbf}) 17:02:01 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00016c2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:01 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf60f0000, 0x8080fffffffe) [ 3449.227232][ T27] audit: type=1800 audit(1580749321.633:369): pid=8643 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="loop2" ino=1467 res=0 17:02:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfbffffff00000000, 0x8080fffffffe) 17:02:01 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff07, 0x24ba1dbf}) [ 3449.327217][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3449.349470][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:02:01 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:02:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fadvise64(r0, 0x1, 0x101, 0x4) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) r2 = getpid() sched_setparam(r2, &(0x7f0000000440)=0x3) clone3(&(0x7f00000004c0)={0x8000, &(0x7f0000000300), &(0x7f0000000340)=0x0, &(0x7f0000000380), {0x10}, &(0x7f00000003c0)=""/91, 0x5b, &(0x7f0000000440)=""/15, &(0x7f0000000480)=[r2, 0xffffffffffffffff], 0x2}, 0x50) prlimit64(r3, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) statfs(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000200)=""/126) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x53) 17:02:01 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001742c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:01 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff0f, 0x24ba1dbf}) 17:02:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xf8040000, 0x8080fffffffe) 17:02:02 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c00017a2c0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x14107e, 0x9) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:02:02 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff7f, 0x24ba1dbf}) [ 3450.311482][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:02:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfeffffff00000000, 0x8080fffffffe) [ 3450.393822][ T3157] FAT-fs (loop5): Filesystem has been set read-only 17:02:02 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000100380001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:03 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfbffffff, 0x8080fffffffe) [ 3450.702657][ T8701] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) [ 3450.716687][ T8701] FAT-fs (loop5): Filesystem has been set read-only [ 3450.755647][ T8700] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 3450.777902][ T8701] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) [ 3450.791289][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3450.804714][ T8706] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 3450.818504][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:02:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff87, 0x24ba1dbf}) 17:02:03 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001005a0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:03 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:02:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x5a1600, 0x0) ioctl$VIDIOC_DECODER_CMD(r1, 0xc0485660, &(0x7f0000000200)={0x0, 0x2, @raw_data=[0x503, 0x6, 0xff, 0x3, 0x1, 0x3ee, 0x1, 0x9, 0x80000000, 0x3, 0xa43, 0x74, 0xffff, 0x5, 0x1, 0x8]}) r2 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) fcntl$dupfd(r3, 0x0, r3) fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000340)='trusted.overlay.origin\x00', &(0x7f0000000380)='y\x00', 0x2, 0x1) write$binfmt_aout(r2, &(0x7f0000000100)=ANY=[], 0x49f) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ashmem\x00', 0x591200, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r2, r2, &(0x7f00000001c0), 0x8080fffffffe) [ 3451.616379][ T8715] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:02:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f0000, 0x8080fffffffe) 17:02:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff8f, 0x24ba1dbf}) 17:02:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xff0f000000000000, 0x8080fffffffe) 17:02:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff97, 0x24ba1dbf}) [ 3451.777308][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3451.799570][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3451.816487][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3451.823410][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:02:04 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000100030001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xff9f, 0x24ba1dbf}) [ 3452.117268][ T8734] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:02:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfff9ffff, 0x8080fffffffe) 17:02:04 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000100080001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffa7, 0x24ba1dbf}) [ 3452.682612][ T8749] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3452.692634][ T8749] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3452.703273][ T8749] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3452.720866][ T8751] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3452.730528][ T8751] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3452.740851][ T8751] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 17:02:05 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c000100380001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3453.047428][ T8758] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 3453.079140][ T8761] netlink: 'syz-executor.4': attribute type 2 has an invalid length. 17:02:05 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:02:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffaf, 0x24ba1dbf}) 17:02:05 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001005a0001001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:05 executing program 5: getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000000c0)=""/52, &(0x7f0000000200)=0x34) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x390a064, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ashmem\x00', 0x100, 0x0) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000380)={0x2, 0x9, 0x5}) init_module(&(0x7f0000000240)='cpuacct.usage_sys\x00', 0x12, &(0x7f0000000300)=')\x00') sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3453.438199][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3453.451727][T12695] FAT-fs (loop1): Filesystem has been set read-only [ 3453.593350][ T8764] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:02:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffbffff, 0x8080fffffffe) 17:02:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffb7, 0x24ba1dbf}) 17:02:06 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0400001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffefffff00000000, 0x8080fffffffe) [ 3453.952661][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3453.965112][T21082] FAT-fs (loop2): Filesystem has been set read-only [ 3453.981919][ T8780] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:02:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffbf, 0x24ba1dbf}) 17:02:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffc7, 0x24ba1dbf}) 17:02:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r2 = getegid() syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x4, 0x4, &(0x7f0000000580)=[{&(0x7f0000000300)="c77a44741163ae5c9c2f68b37f7ec55bcfbdb1c5e1adc0d42f074de28c858e2ca4385f6d037ac44ba546a4191bb4b48df45dadcb5d62416529aaa818218ffc062653b9f37bdabcf5a0b0c7db5bc3dcfbacf5091027e4a076f15bdeaa03b8a89c1b99340fe1831c19935c5feb98b3cabd03112153874185942eba5a6eff10a6b80b7830a92560d842009666beecc6282b56467483e55e3b34837115866480e6c30a07d9ff564657e16e017375292ec7c5ce00dc68073b31cc1756482787f2f1cf8c65efe830a290c5f05f1c064cb0aadb9764eb2532f04ef05ce92f7675bbbdc4730b8e88f532857670", 0xe9, 0x9}, {&(0x7f0000000400)="ae850eabbc5c316f5088cbbaf953751d941bcbf14e5fcb16ff9182146c70515d558102c9e8593dd2cc6a057ae869dbc6bbb9c78495833eccab3d3dba24ddc1f2ab7413e050539773a26ac6effb3f7c33ffebb962f0056146d90a997d08ba79080ae187586aa29fd5c60e01eeee8da3d61e25f553940e1a4d0c14fd528115782cf50c1081e77fe12e75ffc5967e04", 0x8e, 0x4}, {&(0x7f00000004c0)="8f22ea4cec6e61d1c49f1a854d69942193be9b68a24f452637a239936e6a5c522ed1bca33902e00b21c7a1f47d141eb77452cee7ddadc8c46c19f11f6c9b723df3239e7ca90f5862eb525fe30bd224797458df0dfaf4aacd41194eb8143bd5", 0x5f}, {&(0x7f0000000540)="6a278bee2c26f9fdfc1afa94395a262a43cbd0a4c13a83e841354d43de5cf4cc063f18004a0e194e95b3fb5ca7a7f9ebc535d9a880", 0x35, 0x5}], 0x28040, &(0x7f0000000600)={[{@gid={'gid', 0x3d, r2}}, {@errors_remount='errors=remount-ro'}, {@umask={'umask', 0x3d, 0x401}}, {@nodiscard='nodiscard'}], [{@hash='hash'}, {@fsname={'fsname', 0x3d, '^vmnet1'}}]}) openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x1000, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) 17:02:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffcf, 0x24ba1dbf}) 17:02:06 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0700001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:06 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) 17:02:06 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xfffdffff, 0x8080fffffffe) 17:02:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffd7, 0x24ba1dbf}) 17:02:07 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0f00001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3455.064345][ T8799] FAT-fs (loop5): error, clusters badly computed (1064 != 1065) [ 3455.072074][ T8799] FAT-fs (loop5): Filesystem has been set read-only [ 3455.296245][ T8799] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3455.322845][ T8799] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3455.334062][ T8810] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970769) 17:02:07 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffdf, 0x24ba1dbf}) [ 3455.462910][ T8810] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 970769) 17:02:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c1000001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:08 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffffffff0700, 0x8080fffffffe) 17:02:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffe7, 0x24ba1dbf}) 17:02:08 executing program 5: getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f00000000c0), &(0x7f0000000200)=0x4) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3455.673407][T21082] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF 17:02:08 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffff1f00, 0x8080fffffffe) [ 3455.733206][T21082] FAT-fs (loop2): Filesystem has been set read-only 17:02:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xffef, 0x24ba1dbf}) 17:02:08 executing program 0: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0x59, 0x8080fffffffe) [ 3455.790184][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3455.826501][T12695] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3455.835070][T12695] FAT-fs (loop1): Filesystem has been set read-only 17:02:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0201001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x2d000, 0x24ba1dbf}) 17:02:08 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0301001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) 17:02:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x2d800, 0x24ba1dbf}) 17:02:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0401001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3456.757739][ T8844] FAT-fs (loop5): error, clusters badly computed (1031 != 1032) [ 3456.765446][ T8844] FAT-fs (loop5): Filesystem has been set read-only [ 3456.774332][ T8844] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 970772) [ 3456.783331][ T8844] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF 17:02:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) getsockopt$netlink(r1, 0x10e, 0x1, &(0x7f0000000300)=""/4096, &(0x7f00000000c0)=0x1000) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe) [ 3456.898828][ T3157] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 3456.904826][ T8862] __nla_validate_parse: 8 callbacks suppressed [ 3456.904838][ T8862] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3456.934541][ T8863] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. 17:02:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x2e000, 0x24ba1dbf}) 17:02:09 executing program 2: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x14, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x24ba1dbf}) sendfile(r1, r1, &(0x7f00000001c0)=0xffffffffffffff7f, 0x8080fffffffe) 17:02:09 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="b8000000000119050000000000000000000000003c0001002c0501001400030016f8bcd383af9b1577def13edad6b8bf14000400fe8000000000000000000000000000bb0c00020005000100000000003c0002000c00020005000100000000002c00010014000300fe88000000000000000000000000000114000400ff00000c000000000000000000000001080007000000000024000f0014000100080001007f0002007f0000010c0002000500010000000000"], 0xb8}}, 0x0) [ 3457.590365][ T8868] ================================================================== [ 3457.598795][ T8868] BUG: KCSAN: data-race in __remove_assoc_queue / mark_buffer_dirty_inode [ 3457.607469][ T8868] [ 3457.609815][ T8868] read to 0xffff888128f990c0 of 8 bytes by task 8866 on cpu 0: [ 3457.617510][ T8868] mark_buffer_dirty_inode+0xa1/0x260 [ 3457.622896][ T8868] fat12_ent_put+0xf8/0x1b0 [ 3457.627412][ T8868] fat_alloc_clusters+0x507/0xc40 [ 3457.632548][ T8868] fat_add_cluster+0x3d/0xd0 [ 3457.637150][ T8868] fat_fallocate+0x152/0x1f0 [ 3457.641876][ T8868] vfs_fallocate+0x3be/0x650 [ 3457.646587][ T8868] ioctl_preallocate+0x12b/0x190 [ 3457.651312][ T8871] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3457.651548][ T8868] do_vfs_ioctl+0xb14/0xcf0 [ 3457.665449][ T8868] ksys_ioctl+0xbd/0xe0 [ 3457.669640][ T8868] __x64_sys_ioctl+0x4c/0x60 [ 3457.674533][ T8868] do_syscall_64+0xcc/0x3a0 [ 3457.679329][ T8868] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3457.685846][ T8868] [ 3457.688189][ T8868] write to 0xffff888128f990c0 of 8 bytes by task 8868 on cpu 1: [ 3457.689695][ T8872] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'. [ 3457.695982][ T8868] __remove_assoc_queue+0xa2/0x140 [ 3457.696001][ T8868] sync_mapping_buffers+0x177/0x6e0 [ 3457.696034][ T8868] fat_file_fsync+0xd4/0x120 [ 3457.720754][ T8868] vfs_fsync_range+0x82/0x150 [ 3457.725454][ T8868] generic_file_write_iter+0x318/0x38c [ 3457.730927][ T8868] do_iter_readv_writev+0x487/0x5b0 [ 3457.736359][ T8868] do_iter_write+0x13b/0x3c0 [ 3457.741128][ T8868] vfs_iter_write+0x5c/0x80 [ 3457.745868][ T8868] iter_file_splice_write+0x530/0x840 [ 3457.751258][ T8868] direct_splice_actor+0xa0/0xc0 [ 3457.756431][ T8868] splice_direct_to_actor+0x22b/0x540 [ 3457.761817][ T8868] do_splice_direct+0x161/0x1e0 [ 3457.766677][ T8868] do_sendfile+0x384/0x7f0 [ 3457.771192][ T8868] __x64_sys_sendfile64+0xbe/0x140 [ 3457.776469][ T8868] do_syscall_64+0xcc/0x3a0 [ 3457.780984][ T8868] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3457.786889][ T8868] [ 3457.789209][ T8868] Reported by Kernel Concurrency Sanitizer on: [ 3457.795419][ T8868] CPU: 1 PID: 8868 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3457.803998][ T8868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3457.814189][ T8868] ================================================================== [ 3457.822351][ T8868] Kernel panic - not syncing: panic_on_warn set ... [ 3457.828976][ T8868] CPU: 1 PID: 8868 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0 [ 3457.837563][ T8868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3457.847619][ T8868] Call Trace: [ 3457.850918][ T8868] dump_stack+0x11d/0x181 [ 3457.855270][ T8868] panic+0x210/0x640 [ 3457.859178][ T8868] ? vprintk_func+0x8d/0x140 [ 3457.863791][ T8868] kcsan_report.cold+0xc/0xd [ 3457.868395][ T8868] kcsan_setup_watchpoint+0x3fe/0x460 [ 3457.873785][ T8868] __tsan_unaligned_write8+0xc7/0x110 [ 3457.879180][ T8868] __remove_assoc_queue+0xa2/0x140 [ 3457.884306][ T8868] sync_mapping_buffers+0x177/0x6e0 [ 3457.889757][ T8868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3457.896198][ T8868] ? 0xffffffff81000000 [ 3457.900361][ T8868] fat_file_fsync+0xd4/0x120 [ 3457.905119][ T8868] ? fat_free_clusters.cold+0x30/0x30 [ 3457.910510][ T8868] vfs_fsync_range+0x82/0x150 [ 3457.915211][ T8868] generic_file_write_iter+0x318/0x38c [ 3457.920698][ T8868] do_iter_readv_writev+0x487/0x5b0 [ 3457.925916][ T8868] ? security_file_permission+0x88/0x280 [ 3457.931572][ T8868] do_iter_write+0x13b/0x3c0 [ 3457.936181][ T8868] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3457.942146][ T8868] vfs_iter_write+0x5c/0x80 [ 3457.946668][ T8868] iter_file_splice_write+0x530/0x840 [ 3457.952096][ T8868] ? page_cache_pipe_buf_release+0x100/0x100 [ 3457.958087][ T8868] direct_splice_actor+0xa0/0xc0 [ 3457.963048][ T8868] splice_direct_to_actor+0x22b/0x540 [ 3457.968679][ T8868] ? generic_pipe_buf_nosteal+0x20/0x20 [ 3457.974242][ T8868] do_splice_direct+0x161/0x1e0 [ 3457.979126][ T8868] do_sendfile+0x384/0x7f0 [ 3457.983682][ T8868] __x64_sys_sendfile64+0xbe/0x140 [ 3457.988819][ T8868] do_syscall_64+0xcc/0x3a0 [ 3457.993336][ T8868] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3457.999232][ T8868] RIP: 0033:0x45b399 [ 3458.003150][ T8868] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3458.022998][ T8868] RSP: 002b:00007f2976138c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3458.031429][ T8868] RAX: ffffffffffffffda RBX: 00007f29761396d4 RCX: 000000000045b399 [ 3458.039536][ T8868] RDX: 00000000200001c0 RSI: 0000000000000004 RDI: 0000000000000004 [ 3458.047606][ T8868] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 3458.055603][ T8868] R10: 00008080fffffffe R11: 0000000000000246 R12: 00000000ffffffff [ 3458.063673][ T8868] R13: 00000000000008ca R14: 00000000004ca24d R15: 000000000075bfd4 [ 3458.075585][ T8868] Kernel Offset: disabled [ 3458.080103][ T8868] Rebooting in 86400 seconds..