607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  680.756211][ T2849] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on s�z1
[  680.853811][   T29] audit: type=1326 audit(1590340540.593:80): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16865 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  680.862773][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  680.883399][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  680.897633][T13455] tipc: TX() has been purged, node left!
[  680.906987][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  680.923584][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  680.940311][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
17:15:40 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  680.957152][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  680.989256][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.022981][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.052740][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.082520][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.111672][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.136109][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.187075][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
17:15:41 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  681.245475][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.313268][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.369006][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
17:15:41 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  681.416637][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.474355][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.518603][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
17:15:41 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  681.561978][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
17:15:41 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', 0x0, 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  681.634366][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.685517][ T3869] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  681.722930][ T3869] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on s�z1
[  681.793811][   T29] audit: type=1326 audit(1590340541.533:81): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16904 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:43 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x9f, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e582"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:43 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x25, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798ca"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:43 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:15:43 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x76, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xeb}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000180)={0x2, 0x4e23, @local}, 0x10)
dup(0xffffffffffffffff)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf93a1a7511bf746bec66ba", 0xfe6a, 0x20c49a, 0x0, 0x27)

17:15:43 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:43 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:15:43 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x9f, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e582"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:43 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x134, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5cf9bb1124ad4865117b4163f4ea05c949ce5c7b2738f1bde89263a99e47b306eccd849a0aca781118974689f494de34c2121610d219bdaae5459d9c01d2140dd1b6ffbf3ca097dd6d543434e8a0051ec32f18932f8203d4c1ae6b86c3b030ef1ad1e9f63d8a2942c3db61000694bd9f4cc0472dfd2969dc830cc334fa4db09c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  683.874627][T16940] FAT-fs (loop1): bogus number of reserved sectors
[  683.887567][T16940] FAT-fs (loop1): Can't find a valid FAT filesystem
[  683.948786][   T29] audit: type=1326 audit(1590340543.693:82): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16936 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:44 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  684.716584][T16960] FAT-fs (loop1): bogus number of reserved sectors
[  684.723991][T16960] FAT-fs (loop1): Can't find a valid FAT filesystem
[  684.776926][   T29] audit: type=1326 audit(1590340544.513:83): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16959 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:45 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  685.613758][T16971] FAT-fs (loop1): bogus number of reserved sectors
[  685.630133][T16971] FAT-fs (loop1): Can't find a valid FAT filesystem
[  685.702832][   T29] audit: type=1326 audit(1590340545.443:84): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16970 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:46 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:15:46 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:15:46 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x25, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798ca"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  686.520402][T16982] FAT-fs (loop1): bogus number of reserved sectors
[  686.533403][T16982] FAT-fs (loop1): Can't find a valid FAT filesystem
[  686.581788][   T29] audit: type=1326 audit(1590340546.323:85): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=16981 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:46 executing program 0:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="6653070000053c27bc3376003639405cb4aed12f0000001500ae47a825d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59", 0x60}], 0x4, 0x0)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
tkill(r2, 0x3c)
ptrace$cont(0x18, r2, 0x0, 0x0)
ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r2, 0x0, 0x0)

17:15:46 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:46 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaa, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:47 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  687.418189][T17012] FAT-fs (loop1): bogus number of reserved sectors
[  687.424722][T17012] FAT-fs (loop1): Can't find a valid FAT filesystem
[  687.531970][   T29] audit: type=1326 audit(1590340547.273:86): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17010 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:47 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  688.235824][T17023] FAT-fs (loop1): bogus number of reserved sectors
[  688.242579][T17023] FAT-fs (loop1): Can't find a valid FAT filesystem
[  688.302828][   T29] audit: type=1326 audit(1590340548.033:87): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17022 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:48 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  689.080604][T17034] FAT-fs (loop1): bogus number of reserved sectors
[  689.093317][T17034] FAT-fs (loop1): Can't find a valid FAT filesystem
[  689.153179][   T29] audit: type=1326 audit(1590340548.893:88): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17033 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:49 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:15:49 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x25, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798ca"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  689.917364][T17051] FAT-fs (loop1): bogus number of reserved sectors
[  689.923911][T17051] FAT-fs (loop1): Can't find a valid FAT filesystem
[  690.006489][   T29] audit: type=1326 audit(1590340549.743:89): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17050 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:49 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:50 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaa, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:50 executing program 0:

17:15:50 executing program 0:

17:15:50 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:15:50 executing program 0:

17:15:50 executing program 0:

[  690.796814][T17073] FAT-fs (loop1): bogus number of reserved sectors
[  690.803400][T17073] FAT-fs (loop1): Can't find a valid FAT filesystem
17:15:50 executing program 0:

[  690.885408][   T29] audit: type=1326 audit(1590340550.623:90): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17071 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:50 executing program 0:

17:15:52 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:15:52 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x26, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:52 executing program 0:

17:15:52 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:53 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xaa, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:53 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{0x0}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:15:53 executing program 0:

17:15:53 executing program 0:

[  693.416054][T17101] FAT-fs (loop1): bogus number of reserved sectors
[  693.422850][T17101] FAT-fs (loop1): Can't find a valid FAT filesystem
[  693.472788][   T29] audit: type=1326 audit(1590340553.214:91): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17099 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:53 executing program 0:

17:15:53 executing program 0:

17:15:53 executing program 0:

17:15:53 executing program 0:

17:15:55 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:15:55 executing program 0:

17:15:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{0x0}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  695.799178][T17124] FAT-fs (loop1): bogus number of reserved sectors
[  695.811887][T17124] FAT-fs (loop1): Can't find a valid FAT filesystem
[  695.853270][   T29] audit: type=1326 audit(1590340555.594:92): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17122 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:56 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000380)}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:56 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb0, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:56 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x26, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:56 executing program 0:

17:15:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{0x0}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:15:56 executing program 0:

17:15:56 executing program 0:

[  696.720174][T17150] FAT-fs (loop1): bogus number of reserved sectors
17:15:56 executing program 0:

[  696.761611][T17150] FAT-fs (loop1): Can't find a valid FAT filesystem
[  696.824745][   T29] audit: type=1326 audit(1590340556.564:93): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17147 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:56 executing program 0:

17:15:58 executing program 0:

17:15:58 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:15:58 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  698.843465][T17167] FAT-fs (loop1): bogus number of reserved sectors
[  698.858454][T17167] FAT-fs (loop1): Can't find a valid FAT filesystem
[  698.920753][   T29] audit: type=1326 audit(1590340558.664:94): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17165 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:15:59 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000380)}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:59 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb0, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:59 executing program 0:

17:15:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x26, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:15:59 executing program 0:

17:15:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:59 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000380)}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  699.723332][T17184] FAT-fs (loop1): bogus number of reserved sectors
[  699.738296][T17184] FAT-fs (loop1): Can't find a valid FAT filesystem
17:15:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:15:59 executing program 0:

[  699.837487][   T29] audit: type=1326 audit(1590340559.584:95): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17183 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:01 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:01 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:01 executing program 0:

17:16:02 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:02 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb0, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:02 executing program 0:

17:16:02 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:02 executing program 0:

17:16:02 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x59, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  702.825262][T17226] FAT-fs (loop1): bogus number of reserved sectors
[  702.833345][T17226] FAT-fs (loop1): Can't find a valid FAT filesystem
17:16:02 executing program 0:

[  702.928192][   T29] audit: type=1326 audit(1590340562.674:96): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17222 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:02 executing program 0:

17:16:02 executing program 0:

17:16:04 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:04 executing program 0:

17:16:04 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:04 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x0, 0x0, @empty}, 0x1c)

[  704.993156][T17251] FAT-fs (loop1): bogus number of reserved sectors
[  705.008118][T17251] FAT-fs (loop1): Can't find a valid FAT filesystem
[  705.047937][   T29] audit: type=1326 audit(1590340564.794:97): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17249 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:05 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:05 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:05 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:05 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001})
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7}})
write$tun(r0, &(0x7f0000001100)={@void, @val, @mpls={[], @ipv4=@gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @empty=0xffffffff}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6558}, {}, {}, {0x8, 0x88be, 0x0, {{}, 0x5700}}, {0x2c}}}}}, 0x62)

17:16:05 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x59, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  705.962794][T17271] FAT-fs (loop1): bogus number of reserved sectors
[  705.989321][T17271] FAT-fs (loop1): Can't find a valid FAT filesystem
[  706.035002][   T29] audit: type=1326 audit(1590340565.775:98): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17267 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:06 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  706.775887][T17294] FAT-fs (loop1): bogus number of reserved sectors
[  706.782407][T17294] FAT-fs (loop1): Can't find a valid FAT filesystem
[  706.866405][   T29] audit: type=1326 audit(1590340566.615:99): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:07 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01", 0x11}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  707.629800][T17312] FAT-fs (loop1): invalid media value (0x00)
[  707.643457][T17312] FAT-fs (loop1): Can't find a valid FAT filesystem
[  707.693569][   T29] audit: type=1326 audit(1590340567.435:100): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17311 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:07 executing program 0:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e1800002d00050fd25a80648c63940d0724fc60100002400a000200051a82c137153e670402098003001700d1bd", 0x33fe0}], 0x1}, 0x0)

17:16:07 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  708.154827][T17324] netlink: 5638 bytes leftover after parsing attributes in process `syz-executor.0'.
[  708.185889][T17324] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
17:16:08 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x410000, 0x8, 0x210080, 0x8}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000000), 0x4)
close(r0)

17:16:08 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01", 0x11}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  708.479994][T17332] FAT-fs (loop1): invalid media value (0x00)
[  708.486327][T17332] FAT-fs (loop1): Can't find a valid FAT filesystem
[  708.537391][   T29] audit: type=1326 audit(1590340568.285:101): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17331 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:08 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:08 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:08 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x59, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:09 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01", 0x11}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  709.385417][T17353] FAT-fs (loop1): invalid media value (0x00)
[  709.391427][T17353] FAT-fs (loop1): Can't find a valid FAT filesystem
17:16:09 executing program 0:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc494)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file1/file0\x00')
creat(&(0x7f0000000300)='./bus\x00', 0x0)

[  709.487472][   T29] audit: type=1326 audit(1590340569.235:102): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17351 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:09 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270", 0x14}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  710.249507][T17370] FAT-fs (loop1): invalid media value (0x00)
[  710.255902][T17370] FAT-fs (loop1): Can't find a valid FAT filesystem
[  710.320326][   T29] audit: type=1326 audit(1590340570.065:103): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17369 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:10 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x24, 0x7, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3ff}]}, 0x24}}, 0x0)

17:16:10 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270", 0x14}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:10 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r6], 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004bc0)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0)

[  711.090096][T17384] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
17:16:10 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  711.134356][T17384] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  711.171320][T17390] FAT-fs (loop1): invalid media value (0x00)
[  711.184299][T17390] FAT-fs (loop1): Can't find a valid FAT filesystem
[  711.186778][T17395] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  711.245824][   T29] audit: type=1326 audit(1590340570.985:104): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17385 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  711.892920][T17384] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
17:16:11 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270", 0x14}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  711.943622][T17411] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  711.988125][T17412] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  712.053198][T17422] FAT-fs (loop1): invalid media value (0x00)
[  712.062189][T17422] FAT-fs (loop1): Can't find a valid FAT filesystem
17:16:11 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  712.102174][   T29] audit: type=1326 audit(1590340571.835:105): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17419 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:12 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:12 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x86, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  712.440666][T17442] warning: process `syz-executor.4' used the obsolete bdflush system call
[  712.470212][T17442] Fix your initscripts?
17:16:12 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:12 executing program 0:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, 0x0, 0x0)

[  712.933401][T17450] FAT-fs (loop1): invalid media value (0x00)
[  712.944063][T17450] FAT-fs (loop1): Can't find a valid FAT filesystem
17:16:12 executing program 0:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000240), 0x4)
syz_emit_ethernet(0x86, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaa79e6000000000000080079"], 0x0)

[  712.963068][   T29] audit: type=1326 audit(1590340572.695:106): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17449 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:12 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/fib_trie\x00')
sendfile(r1, r2, 0x0, 0x11001)

17:16:13 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x10)

17:16:13 executing program 0:
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x27)

17:16:13 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={[], [], @empty}}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10006}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878254}, 0x9c)

17:16:13 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:13 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  714.253434][T17475] FAT-fs (loop1): invalid media value (0x00)
[  714.263096][T17475] FAT-fs (loop1): Can't find a valid FAT filesystem
[  714.290515][   T29] audit: type=1326 audit(1590340574.025:107): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17474 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:14 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:15 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb4, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:15 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x86, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:15 executing program 0:
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$unix(0x1, 0x3, 0x0)
dup2(r1, r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "209240", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

17:16:15 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:15 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  715.453165][T17497] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  715.484685][T17506] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  715.486720][T17500] FAT-fs (loop1): invalid media value (0x00)
[  715.507936][T17504] warning: process `syz-executor.4' used the obsolete bdflush system call
[  715.524595][T17500] FAT-fs (loop1): Can't find a valid FAT filesystem
[  715.548696][T17504] Fix your initscripts?
17:16:15 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1f)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/igmp\x00')
sendfile(r0, r1, 0x0, 0xedc0)

[  715.585422][   T29] audit: type=1326 audit(1590340575.325:108): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17494 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:15 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000100), 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x0, 0x0, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, 0x0, 0x0)

17:16:15 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000100)=0x76, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x0, &(0x7f0000000140)}, 0x8)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x20c49a, 0x0, 0x27)

17:16:15 executing program 0:
r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKPG(r0, 0x1274, 0x0)

17:16:15 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="bc00000010001fff003b00000b00000000000000", @ANYRES32=0x0, @ANYBLOB="ed150600000000005c0012800e00010069703667726574617000000048000280060010004e200000080014000800000008000100", @ANYRES32=0x0, @ANYBLOB="08000400fb73000008000d00070000000800faffbf00000014000702fc01000000000000000000000000000008000a00", @ANYRES32, @ANYBLOB="24002400b16ad2a7c4b3143ff80b60d4c9d8a4ff844e5219e55b417e29ecf470c5c369490800040081"], 0xbc}}, 0x0)

[  716.249018][T17529] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  716.277080][T17529] device ip6gretap1 entered promiscuous mode
[  716.295546][T17529] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap1: link becomes ready
[  716.729399][T17529] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  716.744669][T17529] device ip6gretap1 entered promiscuous mode
[  716.760764][T17529] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap1: link becomes ready
17:16:17 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:17 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  717.310031][   T29] audit: type=1326 audit(1590340577.045:109): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17540 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:18 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb4, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:18 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x86, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:18 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
signalfd(0xffffffffffffffff, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
r1 = gettid()
poll(0x0, 0x0, 0x0)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000000)=r1)
sendto$inet(r0, &(0x7f00000012c0)='\f', 0x1, 0x11, 0x0, 0x0)

17:16:18 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:18 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:18 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

17:16:18 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x9c, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da775"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  718.611164][   T29] audit: type=1326 audit(1590340578.345:110): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17558 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:19 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  719.508595][   T29] audit: type=1326 audit(1590340579.245:111): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17588 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:20 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed7", 0x46}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  720.433720][   T29] audit: type=1326 audit(1590340580.166:112): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17598 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  721.315707][   T29] audit: type=1326 audit(1590340581.056:113): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17611 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:21 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb4, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:21 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:21 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="bc00000010001fff003b00000b00000000000000", @ANYRES32=0x0, @ANYBLOB="ed150600000000005c0012800e00010069703667726574617000000048000280060010004e200000080014000800000008000100", @ANYRES32=0x0, @ANYBLOB="08000400fb73000008000d"], 0xbc}}, 0x0)

17:16:21 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x9c, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da775"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  721.825953][T17626] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  721.873477][T17626] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  721.942351][T17626] device ip6gretap1 entered promiscuous mode
17:16:21 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c40)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60e3eb1c1769fb4fe73a04ebf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4ac1ff7f0000000000009e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc72876ef3834293812e927c1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a20819e02cc22e6b88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6c4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a64a07fa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400000000000000ff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb695cc425fe203d2f2655a76865c2c34e2470fcfb10400000000000000000000f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0740900f56cf27409c60fca2e0004000000000000a9cb6fca7844f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9e0d77b294e097e293db58992c0024ab2fd8e5e7003af92d11de48e8b4d32972cba6f49051cec1bf6f16231bbb90a2d201e5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7ccde2480ae40d6156ed64ef81f74a7dcea8e1ac9d4f954a5ba9a4a2039d0416e3f0e074192c48c63384f52b8eeb70571e5bbb3e6d2b5eba51aee6f48968981811f832d064048c0e0bbe46984f1f0d0504255c22ee8674053d0e169e525536edf56a93d0a7a6f0889f4ee8964875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875858e083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f97cc92874fb02d16b4c3d36c93230b7b059bc295aa0e38b1c3edc3492b96e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd0c84892c97c80987e5c7954e9f3694d116b01ce0b8ef953de70e7ce0311c8b018956f8a42ca26ab295f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f798c7f520078fee48f83b5989543729e36a9e1d686bc86cd51704f309130f5347413776a7b7bea3c46c0c4c4b7c27c45057d95ac85ac1cdcee8e6fa31fc02137ed1fb4b21c13b9a2c5e3f7c9ef9c45a314a6f0b9352be92986d63263b1aa5264cb4a82cf080dd0f87808d0711dd76f2977ca7f2684bfdcb6d19f0efa2599d12abf0137a5c14a0cd6f1f561d34e4e9851e81d4a355abf43d917c16a2bb0cfb284fcfde901576954ef59e4a658ca431be123b962924d0562ce17f6dadf5053ed8f33092a41bb463c407f8735c2864a79c0ad3fdafd6199f9ddd1f62da58ca7d3297d6a1bfc5a9aa38a05e70591d5cdab1c268ef3c1984c7c51566cfc2ab6e6fbc99ec206a54fb49056a555414178ef00d8b873c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8ad62edc65828fbb6e279f745d2872f0c08635e465ca443a6a64c7803760880af23fb3f438a5d11fffc96dd1cb951642f1433f65b4e170a62a5f7a8d0f9d5cef0d17289c43d4aee5318f7a343899434594cc23e1c864164e130754b337e520f285dc670a31241bfb43ac62fc7f985586168483427072a535f2cac81ec261c8af540b02016340000000000000000000000006861e31da8ea5daa069d721c6f85cf19152a56204cf9970b1339aebcf193409a5ba337103882d88bbb6bb4a68f24bb392b2a774eefdc486dbccf3573a764d2268cf4704f4871d78407834d5caeeaa2701c595be6c904875fbad09b918e4158a754ac329573f0f57fada604115adc97f632e8bc62b3040000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x5000000, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000632177fbac14141ae0", 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffe2a}, 0x28)

17:16:21 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r0, r0, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:22 executing program 0:
r0 = socket$rds(0x15, 0x5, 0x0)
close(r0)

[  722.323056][   T29] audit: type=1326 audit(1590340582.056:114): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:22 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0xfe3}], 0x1, 0x0, 0x0, 0x1f4}}, {{0x0, 0x0, 0x0}}], 0x2, 0x100, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
iopl(0x0)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170)
socket$alg(0x26, 0x5, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={0x0}, 0x10)

17:16:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(0x0, 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:23 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0xc0, 0xc0, 0xc0, 0x0, 0x0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x48], 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@addrtype1={{0x28, 'addrtype\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x298)

[  723.235898][   T29] audit: type=1326 audit(1590340582.976:115): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17655 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  723.293738][T17662] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
17:16:23 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed7", 0x46}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:23 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0xc0, 0xc0, 0xc0, 0x0, 0x0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x48], 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@addrtype1={{0x28, 'addrtype\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x298)

[  723.447236][T17665] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
17:16:24 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:24 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:24 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0xc0, 0xc0, 0xc0, 0x0, 0x0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x48], 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@addrtype1={{0x28, 'addrtype\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x298)

[  724.799020][T17674] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
17:16:24 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x9c, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da775"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:24 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(0x0, 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:24 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0xc0, 0xc0, 0xc0, 0x0, 0x0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x1a0, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x48], 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@addrtype1={{0x28, 'addrtype\x00'}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00'}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x298)

17:16:24 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  724.997787][   T29] audit: type=1326 audit(1590340584.736:116): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17681 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:24 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:24 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
signalfd(0xffffffffffffffff, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
r1 = gettid()
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000000)=r1)
sendto$inet(r0, &(0x7f00000012c0)='\f', 0x1, 0x11, 0x0, 0x0)

17:16:25 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffffff7}]})
creat(&(0x7f0000000240)='./bus\x00', 0x0)

17:16:26 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed7", 0x46}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:26 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:26 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/icmp\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/166, 0xa6}], 0x1, 0x200000000001f6)

17:16:27 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(0x0, 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  727.843808][   T29] audit: type=1326 audit(1590340587.576:117): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17719 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:27 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xa7, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:27 executing program 0:
mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
clone(0x180000105, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='overlay\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6c6f7765726469723d2e7b111a204dabedf1a6986996674befe20cf10299060d4de07896f3279eab7c389a109f5ef08c5d9a31d7aa79e91c3a"])

[  728.000300][T17732] overlayfs: failed to resolve '.{ M���i�gK����
M�x��'��|8��^��]�1תy�': -2
17:16:27 executing program 0:
setrlimit(0x2, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x20986100, 0x0, 0x0, 0x0, &(0x7f0000000040)="d353ff022d68b2e4dc14aa5f7e25908384")

[  728.138694][T17742] mmap: syz-executor.0 (17742): VmData 18558976 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
17:16:28 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  728.744538][   T29] audit: type=1326 audit(1590340588.486:118): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17745 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:28 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:29 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:29 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:29 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0eb", 0x69}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  729.758875][   T29] audit: type=1326 audit(1590340589.496:119): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17762 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:30 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  730.756803][   T29] audit: type=1326 audit(1590340590.496:120): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17776 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:30 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:30 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xa7, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:31 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  731.662073][   T29] audit: type=1326 audit(1590340591.396:121): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17793 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  731.884273][T17798] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  731.918650][T17798] FAT-fs (loop1): Filesystem has been set read-only
[  731.945446][T17798] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:32 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:32 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:32 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0eb", 0x69}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:32 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  732.614475][   T29] audit: type=1326 audit(1590340592.356:122): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17806 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:32 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0eb", 0x69}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  732.858033][T17817] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  732.899659][T17817] FAT-fs (loop1): Filesystem has been set read-only
[  732.944715][T17817] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:33 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  733.337006][T17806] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  733.611653][   T29] audit: type=1326 audit(1590340593.346:123): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17828 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  733.856410][T17834] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  733.879728][T17834] FAT-fs (loop1): Filesystem has been set read-only
[  733.892487][T17834] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:33 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:33 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xa7, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:34 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  734.330448][T17828] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  734.557267][   T29] audit: type=1326 audit(1590340594.297:124): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17846 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:35 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  735.327805][T17852] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  735.343103][T17852] FAT-fs (loop1): Filesystem has been set read-only
17:16:35 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  735.576085][   T29] audit: type=1326 audit(1590340595.317:125): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17859 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:35 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  735.771634][T17865] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  735.822097][T17865] FAT-fs (loop1): Filesystem has been set read-only
[  735.854676][T17865] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:35 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c437", 0x7b}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  735.892484][T17865] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  735.939314][T17865] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:36 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  736.302566][T17859] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  736.510648][   T29] audit: type=1326 audit(1590340596.247:126): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17877 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  736.739508][T17883] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  736.758015][T17883] FAT-fs (loop1): Filesystem has been set read-only
[  736.769480][T17883] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  736.787882][T17883] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  736.813848][T17883] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:36 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:36 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xad, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:37 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  737.240717][T17877] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  737.492996][   T29] audit: type=1326 audit(1590340597.227:127): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17896 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:37 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  738.252400][T17902] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  738.264577][T17902] FAT-fs (loop1): Filesystem has been set read-only
[  738.455954][   T29] audit: type=1326 audit(1590340598.197:128): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17909 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  738.687210][T17915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  738.697759][T17915] FAT-fs (loop1): Filesystem has been set read-only
[  738.712316][T17915] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:38 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:38 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c437", 0x7b}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:38 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  739.160697][T17909] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  739.401091][   T29] audit: type=1326 audit(1590340599.137:129): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17927 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:39 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:39 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  740.152640][T17933] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  740.161302][T17933] FAT-fs (loop1): Filesystem has been set read-only
17:16:39 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xad, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  740.377218][   T29] audit: type=1326 audit(1590340600.117:130): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17941 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  740.589173][T17949] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  740.614541][T17949] FAT-fs (loop1): Filesystem has been set read-only
[  740.621601][T17949] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:40 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)

17:16:40 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  741.111688][T17941] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  741.309176][   T29] audit: type=1326 audit(1590340601.047:131): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17957 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:41 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:41 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)

17:16:41 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c437", 0x7b}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:41 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  742.095593][T17963] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  742.125136][T17963] FAT-fs (loop1): Filesystem has been set read-only
17:16:42 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  742.469406][   T29] audit: type=1326 audit(1590340602.207:132): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=17981 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:42 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)

17:16:42 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:42 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:43 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  743.224016][T17987] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  743.231851][T17987] FAT-fs (loop1): Filesystem has been set read-only
17:16:43 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xad, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:43 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  743.409058][   T29] audit: type=1326 audit(1590340603.147:133): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18003 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:43 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:43 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  744.186968][T18013] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  744.194843][T18013] FAT-fs (loop1): Filesystem has been set read-only
[  744.380506][   T29] audit: type=1326 audit(1590340604.117:134): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18019 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:44 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b500508", 0x84}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:44 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:44 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  745.158932][T18025] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  745.166807][T18025] FAT-fs (loop1): Filesystem has been set read-only
[  745.355672][   T29] audit: type=1326 audit(1590340605.097:135): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18034 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  746.110124][T18041] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  746.118425][T18041] FAT-fs (loop1): Filesystem has been set read-only
17:16:46 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:46 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:46 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb0, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  746.515264][   T29] audit: type=1326 audit(1590340606.257:136): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18047 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  746.726758][T18058] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  746.735932][T18058] FAT-fs (loop1): Filesystem has been set read-only
[  746.743936][T18058] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  746.753553][T18058] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  746.763065][T18058] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:46 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  747.219702][T18047] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:47 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  747.477058][   T29] audit: type=1326 audit(1590340607.217:137): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18068 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:47 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b500508", 0x84}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  748.192463][T18074] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  748.200499][T18074] FAT-fs (loop1): Filesystem has been set read-only
17:16:48 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:48 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:48 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  748.564555][   T29] audit: type=1326 audit(1590340608.307:138): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18086 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  749.288872][T18096] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  749.296757][T18096] FAT-fs (loop1): Filesystem has been set read-only
17:16:49 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb0, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:49 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  749.598295][   T29] audit: type=1326 audit(1590340609.338:139): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18101 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:49 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:49 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:50 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  750.289641][T18115] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  750.297617][T18115] FAT-fs (loop1): Filesystem has been set read-only
[  750.551462][   T29] audit: type=1326 audit(1590340610.288:140): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18124 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  750.730154][T18130] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  750.738990][T18130] FAT-fs (loop1): Filesystem has been set read-only
[  750.747367][T18130] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  750.756607][T18130] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  750.765757][T18130] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:51 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  751.280119][T18124] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:51 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b500508", 0x84}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:51 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b51", 0x88}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  751.535384][   T29] audit: type=1326 audit(1590340611.278:141): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18137 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:51 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  752.250911][T18145] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  752.258890][T18145] FAT-fs (loop1): Filesystem has been set read-only
17:16:52 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:52 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:52 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:52 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb0, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:52 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  752.589999][   T29] audit: type=1326 audit(1590340612.328:142): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18155 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:52 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:52 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:52 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:53 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  753.333649][T18169] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  753.341573][T18169] FAT-fs (loop1): Filesystem has been set read-only
17:16:53 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  753.623272][   T29] audit: type=1326 audit(1590340613.368:143): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18185 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  753.792972][T18192] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  753.801633][T18192] FAT-fs (loop1): Filesystem has been set read-only
[  753.809834][T18192] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  753.818798][T18192] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  753.828077][T18192] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  754.367875][T18185] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:54 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b51", 0x88}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:54 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:54 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:54 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:54 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b51", 0x88}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  754.744079][   T29] audit: type=1326 audit(1590340614.488:144): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18199 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  755.482701][T18213] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  755.490519][T18213] FAT-fs (loop1): Filesystem has been set read-only
17:16:55 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb1, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:55 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:55 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:55 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b518816", 0x8a}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:55 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:55 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:55 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r0, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:55 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  756.174362][   T29] audit: type=1326 audit(1590340615.908:145): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18230 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:16:55 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r0, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  756.326342][T18247] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  756.335372][T18247] FAT-fs (loop1): Filesystem has been set read-only
[  756.343077][T18247] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  756.351772][T18247] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  756.361542][T18247] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:56 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r0, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:56 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  756.901050][T18230] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:58 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:16:58 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb1, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  758.759893][   T29] audit: type=1326 audit(1590340618.498:146): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18263 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  758.910066][T18274] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  758.918754][T18274] FAT-fs (loop1): Filesystem has been set read-only
[  758.928421][T18274] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:16:58 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:58 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:58 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b518816", 0x8a}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:16:58 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:58 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:58 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:59 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:16:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:16:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  759.509778][T18263] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  759.661176][   T29] audit: type=1326 audit(1590340619.398:147): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18304 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  760.452513][T18310] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  760.460330][T18310] FAT-fs (loop1): Filesystem has been set read-only
17:17:01 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb1, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:01 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:01 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:01 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:01 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b518816", 0x8a}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  762.262305][   T29] audit: type=1326 audit(1590340622.008:148): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18323 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:02 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  762.368266][T18336] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  762.379575][T18336] FAT-fs (loop1): Filesystem has been set read-only
[  762.388226][T18336] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  762.397187][T18336] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  762.406475][T18336] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  762.965544][T18323] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:04 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:04 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:04 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:04 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:04 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:04 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b51881679", 0x8b}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  765.239592][   T29] audit: type=1326 audit(1590340624.979:149): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  765.350897][T18382] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  765.359602][T18382] FAT-fs (loop1): Filesystem has been set read-only
[  765.367942][T18382] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  765.376543][T18382] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  765.385698][T18382] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:05 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:05 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b51881679", 0x8b}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:05 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:05 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:05 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:05 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:05 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  766.011253][T18366] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:08 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:08 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  768.331102][   T29] audit: type=1326 audit(1590340628.069:150): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18410 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  768.435699][T18419] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  768.445686][T18419] FAT-fs (loop1): Filesystem has been set read-only
[  768.453739][T18419] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  768.462574][T18419] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  768.472044][T18419] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:08 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:08 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b51881679", 0x8b}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:08 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c", 0x15)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c", 0x15)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c", 0x15)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c2", 0x17)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  769.080707][T18410] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:11 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c2", 0x17)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:11 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c2", 0x17)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  771.429929][   T29] audit: type=1326 audit(1590340631.169:151): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18451 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:11 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:11 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:11 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:11 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:11 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  772.182679][T18465] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  772.190489][T18465] FAT-fs (loop1): Filesystem has been set read-only
[  772.373322][   T29] audit: type=1326 audit(1590340632.119:152): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18485 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  772.525234][T18492] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  772.534009][T18492] FAT-fs (loop1): Filesystem has been set read-only
[  772.542490][T18492] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  772.553079][T18492] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  772.562551][T18492] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  773.130934][T18485] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:14 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:14 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff})
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:14 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  774.501662][   T29] audit: type=1326 audit(1590340634.249:153): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18498 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:14 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:14 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:14 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:15 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  775.226824][T18509] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  775.234695][T18509] FAT-fs (loop1): Filesystem has been set read-only
[  775.437372][   T29] audit: type=1326 audit(1590340635.179:154): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18523 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:15 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  776.168407][T18531] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  776.176365][T18531] FAT-fs (loop1): Filesystem has been set read-only
[  776.300000][   T29] audit: type=1326 audit(1590340636.039:155): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18535 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  776.449053][T18540] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  776.457849][T18540] FAT-fs (loop1): Filesystem has been set read-only
[  776.466716][T18540] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  776.475192][T18540] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  776.484498][T18540] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:16 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  777.077747][T18535] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:17 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  777.307112][   T29] audit: type=1326 audit(1590340637.049:156): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18545 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:17 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:17 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:17 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:17 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  778.039551][T18553] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  778.047414][T18553] FAT-fs (loop1): Filesystem has been set read-only
17:17:17 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  778.325867][   T29] audit: type=1326 audit(1590340638.069:157): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18570 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:18 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  779.075459][T18577] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  779.083347][T18577] FAT-fs (loop1): Filesystem has been set read-only
[  779.336984][   T29] audit: type=1326 audit(1590340639.079:158): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18582 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  779.480603][T18588] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  779.489258][T18588] FAT-fs (loop1): Filesystem has been set read-only
[  779.497946][T18588] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  779.507061][T18588] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  779.516282][T18588] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:19 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, 0x0, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:19 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  780.078559][T18582] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  780.319144][   T29] audit: type=1326 audit(1590340640.060:159): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18594 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:20 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:20 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  781.051928][T18600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  781.059745][T18600] FAT-fs (loop1): Filesystem has been set read-only
17:17:20 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:21 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:21 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  781.254441][   T29] audit: type=1326 audit(1590340641.000:160): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18608 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  781.405265][T18623] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  781.415474][T18623] FAT-fs (loop1): Filesystem has been set read-only
[  781.423730][T18623] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  781.432719][T18623] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  781.442321][T18623] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:21 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  782.020234][T18608] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  782.216919][   T29] audit: type=1326 audit(1590340641.960:161): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18633 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:22 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  782.957733][T18640] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  782.965614][T18640] FAT-fs (loop1): Filesystem has been set read-only
17:17:22 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, 0x0, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  783.118144][   T29] audit: type=1326 audit(1590340642.860:162): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18644 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  783.266503][T18652] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  783.275453][T18652] FAT-fs (loop1): Filesystem has been set read-only
[  783.283972][T18652] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  783.293354][T18652] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  783.302405][T18652] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:23 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:23 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  783.858856][T18644] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  784.103272][   T29] audit: type=1326 audit(1590340643.850:163): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18659 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:23 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:24 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:24 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:24 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:24 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  784.855301][T18665] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  784.863182][T18665] FAT-fs (loop1): Filesystem has been set read-only
[  785.155212][   T29] audit: type=1326 audit(1590340644.900:164): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18685 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:25 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000), 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  785.869721][T18691] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  785.877612][T18691] FAT-fs (loop1): Filesystem has been set read-only
17:17:25 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, 0x0, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  786.156025][   T29] audit: type=1326 audit(1590340645.900:165): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18697 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:26 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:26 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  786.895444][T18703] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  786.903325][T18703] FAT-fs (loop1): Filesystem has been set read-only
17:17:26 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  787.158204][   T29] audit: type=1326 audit(1590340646.900:166): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18710 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  787.306439][T18719] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  787.315338][T18719] FAT-fs (loop1): Filesystem has been set read-only
[  787.323227][T18719] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  787.332218][T18719] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  787.342058][T18719] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:27 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:27 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:27 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  787.889013][T18710] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  788.121722][   T29] audit: type=1326 audit(1590340647.870:167): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18736 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  788.272870][T18742] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  788.281766][T18742] FAT-fs (loop1): Filesystem has been set read-only
[  788.289737][T18742] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  788.299270][T18742] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  788.308578][T18742] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:28 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:28 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  788.846286][T18736] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  789.082140][   T29] audit: type=1326 audit(1590340648.830:168): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18748 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  789.231249][T18754] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  789.240030][T18754] FAT-fs (loop1): Filesystem has been set read-only
[  789.248317][T18754] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  789.257013][T18754] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  789.266394][T18754] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:29 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  789.813818][T18748] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  789.997370][   T29] audit: type=1326 audit(1590340649.740:169): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18759 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:30 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:30 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:30 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:30 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:30 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  790.787295][T18765] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  790.795180][T18765] FAT-fs (loop1): Filesystem has been set read-only
17:17:30 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

[  791.006948][   T29] audit: type=1326 audit(1590340650.750:170): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18781 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  791.158088][T18791] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  791.167033][T18791] FAT-fs (loop1): Filesystem has been set read-only
[  791.174177][T18791] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:31 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  791.764493][T18781] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  791.958206][   T29] audit: type=1326 audit(1590340651.700:171): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18797 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:32 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  792.727383][T18803] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  792.735299][T18803] FAT-fs (loop1): Filesystem has been set read-only
[  792.957991][   T29] audit: type=1326 audit(1590340652.700:172): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18807 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  793.124115][T18813] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  793.133203][T18813] FAT-fs (loop1): Filesystem has been set read-only
[  793.141814][T18813] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  793.150788][T18813] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  793.160266][T18813] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:33 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:33 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:33 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  793.707457][T18807] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:33 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:33 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x3, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:33 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  793.946046][   T29] audit: type=1326 audit(1590340653.690:173): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18822 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:34 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  794.683208][T18836] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  794.691103][T18836] FAT-fs (loop1): Filesystem has been set read-only
[  794.918279][   T29] audit: type=1326 audit(1590340654.660:174): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18844 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:35 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  795.660824][T18851] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  795.668659][T18851] FAT-fs (loop1): Filesystem has been set read-only
[  795.920773][   T29] audit: type=1326 audit(1590340655.671:175): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18855 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  796.071613][T18861] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  796.080495][T18861] FAT-fs (loop1): Filesystem has been set read-only
[  796.088225][T18861] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:36 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:36 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:36 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  796.643535][T18855] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  796.825631][   T29] audit: type=1326 audit(1590340656.571:176): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18870 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:36 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:36 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:36 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  796.980173][T18875] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  796.988906][T18875] FAT-fs (loop1): Filesystem has been set read-only
[  796.997707][T18875] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  797.006927][T18875] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  797.016378][T18875] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:36 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:36 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:37 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:37 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:37 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:37 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  797.585336][T18870] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:37 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:39 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:39 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  799.506513][   T29] audit: type=1326 audit(1590340659.251:177): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18913 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  799.655434][T18922] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  799.664421][T18922] FAT-fs (loop1): Filesystem has been set read-only
[  799.674568][T18922] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  799.683472][T18922] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  799.692960][T18922] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:39 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:39 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:39 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:39 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:39 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:40 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:40 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  800.285084][T18913] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:17:40 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:40 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:40 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  800.538276][   T29] audit: type=1326 audit(1590340660.281:178): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18945 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:40 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:41 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  801.253711][T18961] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  801.261597][T18961] FAT-fs (loop1): Filesystem has been set read-only
[  801.413740][   T29] audit: type=1326 audit(1590340661.161:179): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18967 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  802.153946][T18973] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  802.161818][T18973] FAT-fs (loop1): Filesystem has been set read-only
17:17:42 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:42 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:42 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:42 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  803.228698][   T29] audit: type=1326 audit(1590340662.971:180): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=18978 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:43 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:43 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:43 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  804.011296][T18992] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  804.019190][T18992] FAT-fs (loop1): Filesystem has been set read-only
[  804.269177][   T29] audit: type=1326 audit(1590340664.011:181): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19005 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:44 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  805.018825][T19011] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  805.026695][T19011] FAT-fs (loop1): Filesystem has been set read-only
[  805.259452][   T29] audit: type=1326 audit(1590340665.011:182): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19016 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:45 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  805.996658][T19022] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  806.004566][T19022] FAT-fs (loop1): Filesystem has been set read-only
17:17:46 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:46 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  806.257155][   T29] audit: type=1326 audit(1590340666.001:183): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19026 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:46 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(0x0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:46 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  806.990008][T19036] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  806.997846][T19036] FAT-fs (loop1): Filesystem has been set read-only
17:17:46 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  807.180817][   T29] audit: type=1326 audit(1590340666.931:184): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19048 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  807.912112][T19057] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  807.920005][T19057] FAT-fs (loop1): Filesystem has been set read-only
17:17:47 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:47 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  808.092013][   T29] audit: type=1326 audit(1590340667.841:185): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19063 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:48 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  808.836808][T19068] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  808.844680][T19068] FAT-fs (loop1): Filesystem has been set read-only
[  809.093334][   T29] audit: type=1326 audit(1590340668.841:186): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19073 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:49 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:49 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  809.830666][T19079] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  809.838508][T19079] FAT-fs (loop1): Filesystem has been set read-only
17:17:49 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(0x0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  810.065910][   T29] audit: type=1326 audit(1590340669.811:187): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:49 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:50 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  810.813424][T19102] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  810.821291][T19102] FAT-fs (loop1): Filesystem has been set read-only
[  811.079388][   T29] audit: type=1326 audit(1590340670.831:188): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19109 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:51 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  811.832542][T19116] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  811.840422][T19116] FAT-fs (loop1): Filesystem has been set read-only
[  812.032226][   T29] audit: type=1326 audit(1590340671.782:189): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19120 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:52 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:52 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(0xffffffffffffffff, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:52 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:52 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  812.802319][T19126] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  812.810214][T19126] FAT-fs (loop1): Filesystem has been set read-only
[  813.043278][   T29] audit: type=1326 audit(1590340672.792:190): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19140 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:53 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(0x0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:53 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:53 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  813.776537][T19147] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  813.784491][T19147] FAT-fs (loop1): Filesystem has been set read-only
[  813.863357][   T29] audit: type=1326 audit(1590340673.612:191): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:54 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  814.739067][   T29] audit: type=1326 audit(1590340674.492:192): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19163 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  815.502351][T19168] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  815.510466][T19168] FAT-fs (loop1): Filesystem has been set read-only
[  815.720490][   T29] audit: type=1326 audit(1590340675.472:193): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19175 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:55 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:55 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:56 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:56 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:17:56 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:56 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  816.695982][   T29] audit: type=1326 audit(1590340676.442:194): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19199 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:56 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:57 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  817.616106][   T29] audit: type=1326 audit(1590340677.362:195): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:57 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:58 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, 0x0, 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  818.548923][   T29] audit: type=1326 audit(1590340678.302:196): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19228 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:58 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:58 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, 0x0, 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  819.509701][   T29] audit: type=1326 audit(1590340679.262:197): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19247 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:17:59 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:17:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:17:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:59 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:17:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, 0x0, 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  820.461549][   T29] audit: type=1326 audit(1590340680.212:198): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19270 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:00 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  821.419345][   T29] audit: type=1326 audit(1590340681.172:199): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19280 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:01 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:18:01 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:01 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:01 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  822.154593][T19286] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  822.162492][T19286] FAT-fs (loop1): Filesystem has been set read-only
[  822.363925][   T29] audit: type=1326 audit(1590340682.112:200): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19302 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  822.516178][T19308] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  822.524842][T19308] FAT-fs (loop1): Filesystem has been set read-only
[  822.533414][T19308] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  822.542796][T19308] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  822.552554][T19308] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:02 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:02 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:18:02 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  823.110184][T19302] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:03 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  823.318482][   T29] audit: type=1326 audit(1590340683.072:201): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:03 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:18:03 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  824.066669][T19327] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  824.074547][T19327] FAT-fs (loop1): Filesystem has been set read-only
[  824.269160][   T29] audit: type=1326 audit(1590340684.022:202): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19334 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  824.424839][T19340] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  824.433838][T19340] FAT-fs (loop1): Filesystem has been set read-only
[  824.442364][T19340] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  824.451726][T19340] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  824.461097][T19340] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:04 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)

17:18:04 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  825.005806][T19334] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:04 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:04 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  825.230546][   T29] audit: type=1326 audit(1590340684.982:203): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19347 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  825.388346][T19359] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  825.397062][T19359] FAT-fs (loop1): Filesystem has been set read-only
[  825.404681][T19359] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:05 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)

17:18:05 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:05 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  825.968534][T19347] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  826.125761][   T29] audit: type=1326 audit(1590340685.872:204): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19373 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:06 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:06 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)

17:18:06 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  826.915083][T19379] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  826.922985][T19379] FAT-fs (loop1): Filesystem has been set read-only
[  827.107393][   T29] audit: type=1326 audit(1590340686.852:205): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19389 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:07 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0), 0x0, 0x0, 0x0)

17:18:07 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  827.876982][T19395] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  827.884843][T19395] FAT-fs (loop1): Filesystem has been set read-only
[  828.068190][   T29] audit: type=1326 audit(1590340687.822:206): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19402 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:08 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:08 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:08 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0), 0x0, 0x0, 0x0)

17:18:08 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:08 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:08 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:08 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  828.824700][T19408] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  828.832603][T19408] FAT-fs (loop1): Filesystem has been set read-only
17:18:09 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:09 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:09 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:09 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54020000005d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0), 0x0, 0x0, 0x0)

17:18:09 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:09 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:09 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  829.614853][   T29] audit: type=1326 audit(1590340689.363:207): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19438 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  829.771688][T19463] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  829.780501][T19463] FAT-fs (loop1): Filesystem has been set read-only
[  829.788725][T19463] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  829.798051][T19463] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  829.807831][T19463] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:10 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:10 executing program 0:
r0 = creat(0x0, 0x1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r1, 0x800002, 0x0)
write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[], 0x23)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
close(r2)
r3 = open(&(0x7f0000002000)='./bus\x00', 0xc4042, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r3, 0x0, 0x200004)

[  830.341455][T19438] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  830.433913][   T29] audit: type=1800 audit(1590340690.183:208): pid=19467 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16210 res=0
[  830.629194][   T29] audit: type=1326 audit(1590340690.383:209): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19470 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  831.330368][   T29] audit: type=1800 audit(1590340691.003:210): pid=19478 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16210 res=0
[  831.341382][T19476] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  831.358565][T19476] FAT-fs (loop1): Filesystem has been set read-only
17:18:11 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:11 executing program 0:
r0 = creat(0x0, 0x1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r1, 0x800002, 0x0)
write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[], 0x23)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
close(r2)
r3 = open(&(0x7f0000002000)='./bus\x00', 0xc4042, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r3, 0x0, 0x200004)

17:18:11 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  831.890389][   T29] audit: type=1800 audit(1590340691.643:211): pid=19488 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16130 res=0
17:18:12 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:12 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:12 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001340)=""/4067, 0xfe3}], 0x1, 0x0, 0x0, 0x1f4}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)=""/206, 0xce}, {0x0}], 0x2, &(0x7f0000000540)=""/148, 0x94}}], 0x2, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967480a41ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ip6_tables_names\x00')

[  832.605119][   T29] audit: type=1326 audit(1590340692.353:212): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19494 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:12 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:12 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
getuid()
writev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
lsetxattr$trusted_overlay_origin(0x0, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x2)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000340)='cgroup.subtree_control\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x5)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(r1, &(0x7f00000000c0)={[{0x2b, 'cpu'}]}, 0x5)

17:18:12 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:12 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
getuid()
writev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
lsetxattr$trusted_overlay_origin(0x0, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x2)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000340)='cgroup.subtree_control\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x5)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(r1, &(0x7f00000000c0)={[{0x2b, 'cpu'}]}, 0x5)

17:18:13 executing program 0:
setrlimit(0x2, &(0x7f0000000000))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, 0x0, &(0x7f0000000140))
ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f00000000c0))
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @multicast2}, 0x10)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89f0, 0x0)
dup(0xffffffffffffffff)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00000000000000000a000100aaaaaaaaaa000000"], 0x2c}}, 0x0)
clone(0x20986100, 0x0, 0x0, 0x0, &(0x7f0000000040)="d353ff022d68b2e4dc14aa5f7e25908384")

17:18:13 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  833.383402][T19503] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  833.391274][T19503] FAT-fs (loop1): Filesystem has been set read-only
[  833.605612][   T29] audit: type=1326 audit(1590340693.353:213): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19524 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  833.771618][T19530] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  833.780283][T19530] FAT-fs (loop1): Filesystem has been set read-only
[  833.788705][T19530] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  833.797542][T19530] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  833.807083][T19530] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  834.376134][T19524] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:14 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:14 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:14 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d0"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  834.961056][   T29] audit: type=1326 audit(1590340694.713:214): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19541 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:15 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:15 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:15 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:15 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:15 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d0"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  835.737794][T19547] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  835.745641][T19547] FAT-fs (loop1): Filesystem has been set read-only
[  835.917673][   T29] audit: type=1326 audit(1590340695.673:215): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19561 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:15 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:15 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  836.064547][T19567] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  836.073597][T19567] FAT-fs (loop1): Filesystem has been set read-only
[  836.082934][T19567] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  836.091613][T19567] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  836.101084][T19567] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:15 executing program 0:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:15 executing program 0:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  836.672495][T19561] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:17 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:17 executing program 0:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:17 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d0"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  837.805836][   T29] audit: type=1326 audit(1590340697.553:216): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19584 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  838.567558][T19596] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  838.575376][T19596] FAT-fs (loop1): Filesystem has been set read-only
17:18:18 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:18 executing program 0:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:18 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:18 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:18 executing program 0:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  838.830430][   T29] audit: type=1326 audit(1590340698.583:217): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19604 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:18 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:18 executing program 0:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:19 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:18:19 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  839.592376][T19612] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  839.600291][T19612] FAT-fs (loop1): Filesystem has been set read-only
[  839.722333][   T29] audit: type=1326 audit(1590340699.473:218): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19630 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  840.514392][T19636] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  840.522292][T19636] FAT-fs (loop1): Filesystem has been set read-only
17:18:20 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:20 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:18:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  840.840927][   T29] audit: type=1326 audit(1590340700.593:219): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19642 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  841.611192][T19654] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  841.619130][T19654] FAT-fs (loop1): Filesystem has been set read-only
17:18:21 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:21 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:18:21 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a450"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:21 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:21 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

[  842.169967][   T29] audit: type=1326 audit(1590340701.923:220): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19661 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:22 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:22 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

[  842.325205][T19675] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  842.336259][T19675] FAT-fs (loop1): Filesystem has been set read-only
[  842.345424][T19675] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  842.354551][T19675] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  842.363721][T19675] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:22 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:18:22 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

[  842.919658][T19661] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:23 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:23 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:18:23 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a450"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  843.863682][   T29] audit: type=1326 audit(1590340703.613:221): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19691 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  844.639800][T19703] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  844.647752][T19703] FAT-fs (loop1): Filesystem has been set read-only
17:18:24 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:18:24 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:18:24 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a450"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:24 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  845.219180][   T29] audit: type=1326 audit(1590340704.974:222): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:25 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:25 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:25 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:25 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  845.974009][T19723] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  845.981893][T19723] FAT-fs (loop1): Filesystem has been set read-only
17:18:25 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63d"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  846.239684][   T29] audit: type=1326 audit(1590340705.994:223): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19739 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:26 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  846.958341][T19745] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  846.966169][T19745] FAT-fs (loop1): Filesystem has been set read-only
17:18:26 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63d"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:26 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x44}}, 0x0)

[  847.232597][   T29] audit: type=1326 audit(1590340706.984:224): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19750 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  847.387041][T19761] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  847.395649][T19761] FAT-fs (loop1): Filesystem has been set read-only
[  847.403862][T19761] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  847.412632][T19761] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  847.421515][T19761] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  847.904866][T19750] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:27 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:18:27 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x44}}, 0x0)

17:18:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63d"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:27 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:28 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x44}}, 0x0)

[  848.294437][   T29] audit: type=1326 audit(1590340708.044:225): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19767 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:28 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:28 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:18:28 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:18:28 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

[  849.051646][T19782] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  849.060168][T19782] FAT-fs (loop1): Filesystem has been set read-only
17:18:29 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:29 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:29 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd190"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  850.229988][   T29] audit: type=1326 audit(1590340709.984:226): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19799 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  850.384224][T19811] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  850.393380][T19811] FAT-fs (loop1): Filesystem has been set read-only
[  850.401185][T19811] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  850.411710][T19811] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  850.421108][T19811] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  850.966640][T19799] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:31 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:18:31 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:31 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd190"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:31 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:31 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

[  851.381149][   T29] audit: type=1326 audit(1590340711.134:227): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19820 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:31 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:31 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:31 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:31 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

[  852.118545][T19833] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  852.126612][T19833] FAT-fs (loop1): Filesystem has been set read-only
17:18:32 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:32 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd190"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:32 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  853.219165][   T29] audit: type=1326 audit(1590340712.974:228): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19849 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  854.002899][T19859] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  854.010846][T19859] FAT-fs (loop1): Filesystem has been set read-only
17:18:34 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:34 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:34 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:34 executing program 5:
syz_emit_ethernet(0x66, &(0x7f00000000c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "dc9ae7", 0x30, 0x3a, 0x0, @private1, @mcast2, {[], @dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, "0100", 0x0, 0x0, 0x0, @mcast1, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}}}}}}, 0x0)

[  854.395838][   T29] audit: type=1326 audit(1590340714.144:229): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19867 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:34 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:18:34 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:34 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000240)={{0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff})

17:18:34 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:34 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:36 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:36 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:36 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

[  856.366387][   T29] audit: type=1326 audit(1590340716.124:230): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19899 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:37 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:37 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:18:37 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

[  857.459837][   T29] audit: type=1326 audit(1590340717.214:231): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19916 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:37 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:37 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:18:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:39 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:39 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:18:39 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  859.409887][   T29] audit: type=1326 audit(1590340719.164:232): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19949 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  859.561723][T19961] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  859.570738][T19961] FAT-fs (loop1): Filesystem has been set read-only
[  859.578250][T19961] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  859.587306][T19961] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  859.596728][T19961] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  860.165386][T19949] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:40 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:40 executing program 5:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:40 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:40 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:40 executing program 5:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

[  860.493856][   T29] audit: type=1326 audit(1590340720.244:233): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19967 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:40 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:40 executing program 5:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:40 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:41 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  861.251726][T19982] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  861.259646][T19982] FAT-fs (loop1): Filesystem has been set read-only
[  861.437222][   T29] audit: type=1326 audit(1590340721.195:234): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=19996 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  861.590844][T20002] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  861.599685][T20002] FAT-fs (loop1): Filesystem has been set read-only
[  861.608235][T20002] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  861.617548][T20002] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  861.626635][T20002] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  862.198705][T19996] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:42 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:42 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x50}}, 0x0)

17:18:42 executing program 5:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:43 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:43 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:43 executing program 5:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:43 executing program 5:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

[  863.576723][   T29] audit: type=1326 audit(1590340723.335:235): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20018 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  863.725635][T20030] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  863.734273][T20030] FAT-fs (loop1): Filesystem has been set read-only
[  863.742713][T20030] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  863.751935][T20030] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  863.760842][T20030] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:43 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:18:43 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

[  864.333438][T20018] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:18:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:18:45 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:45 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

[  865.563910][   T29] audit: type=1326 audit(1590340725.315:236): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20049 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  866.304183][T20059] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  866.312189][T20059] FAT-fs (loop1): Filesystem has been set read-only
17:18:46 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:46 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:18:46 executing program 0:
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:46 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

[  866.637655][   T29] audit: type=1326 audit(1590340726.395:237): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20064 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:46 executing program 0:
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:47 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:47 executing program 0:
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:47 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:18:47 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:47 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  867.375745][T20080] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  867.383580][T20080] FAT-fs (loop1): Filesystem has been set read-only
[  867.587500][   T29] audit: type=1326 audit(1590340727.335:238): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20100 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  868.348925][T20100] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  868.356895][T20100] FAT-fs (loop1): Filesystem has been set read-only
17:18:49 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x20, r0, 0x0, 0x0)

17:18:49 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:18:49 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:49 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:49 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

[  869.762428][   T29] audit: type=1326 audit(1590340729.505:239): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20112 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:49 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:18:50 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:50 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, 0x0, 0x0, 0x0)

17:18:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:18:50 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, 0x0, 0x0, 0x0)

17:18:50 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  870.479130][T20112] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  870.487694][T20112] FAT-fs (loop1): Filesystem has been set read-only
[  870.763675][   T29] audit: type=1326 audit(1590340730.505:240): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20147 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  871.485578][T20147] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  871.493540][T20147] FAT-fs (loop1): Filesystem has been set read-only
17:18:52 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:52 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:18:52 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, 0x0, 0x0, 0x0)

17:18:52 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:52 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:52 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:52 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0), 0x0, 0x0)

[  872.915118][   T29] audit: type=1326 audit(1590340732.655:241): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20160 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:53 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x0, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:53 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:53 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0), 0x0, 0x0)

17:18:53 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:53 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  873.584294][T20160] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  873.592248][T20160] FAT-fs (loop1): Filesystem has been set read-only
17:18:55 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:55 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0), 0x0, 0x0)

17:18:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x0, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:55 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:55 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:55 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:55 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:55 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x0, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x24}}, 0x0)

17:18:55 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  875.962659][   T29] audit: type=1326 audit(1590340735.705:242): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20203 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:18:55 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

[  876.636745][T20203] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  876.644786][T20203] FAT-fs (loop1): Filesystem has been set read-only
17:18:58 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:18:58 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:18:58 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:18:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:18:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

[  878.995781][   T29] audit: type=1326 audit(1590340738.746:243): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20245 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:18:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:58 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:18:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000007000000890904"], 0x20}}], 0x1, 0x0)

17:18:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:18:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x20}}], 0x1, 0x0)

[  879.734109][T20245] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  879.742171][T20245] FAT-fs (loop1): Filesystem has been set read-only
17:19:01 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

17:19:01 executing program 5:
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x30, 0x3, 0x8, 0x3, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_FIN_WAIT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x30}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

17:19:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x20}}], 0x1, 0x0)

17:19:01 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, 0x0, 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:01 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:19:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x20}}], 0x1, 0x0)

[  882.067742][   T29] audit: type=1326 audit(1590340741.816:244): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20286 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:01 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x20}}], 0x1, 0x0)

17:19:01 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(0x0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x20}}], 0x1, 0x0)

17:19:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x20}}], 0x1, 0x0)

17:19:02 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:02 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x20}}], 0x1, 0x0)

[  882.822994][T20286] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  882.830910][T20286] FAT-fs (loop1): Filesystem has been set read-only
17:19:04 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

17:19:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x20}}], 0x1, 0x0)

17:19:04 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, 0x0, 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:04 executing program 5:

17:19:04 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:19:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x20}}], 0x1, 0x0)

17:19:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000"], 0x20}}], 0x1, 0x0)

17:19:04 executing program 5:

[  885.150758][   T29] audit: type=1326 audit(1590340744.896:245): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20325 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:04 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000"], 0x20}}], 0x1, 0x0)

17:19:05 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000"], 0x20}}], 0x1, 0x0)

17:19:05 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:05 executing program 5:

[  885.892655][T20325] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  885.900690][T20325] FAT-fs (loop1): Filesystem has been set read-only
17:19:07 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="6653070000053c27bc3376003639405c576cd12f0000001500ae47a825d86800278dcff47d010000805acf4f8f364602437bb2e9b66ff1246c93e5c0289644e334432479aed75d492b41dbcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf89b394807474b3c3156630d3c563ad9c4372975e40a7a1b5005084f485b5188167968", 0x8c}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0x78)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

17:19:07 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000"], 0x20}}], 0x1, 0x0)

17:19:07 executing program 5:

17:19:07 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, 0x0, 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:07 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb5, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e17e1a5c"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:19:07 executing program 5:

17:19:08 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000"], 0x20}}], 0x1, 0x0)

[  888.248301][   T29] audit: type=1326 audit(1590340747.996:246): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20363 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:08 executing program 5:

17:19:08 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000"], 0x20}}], 0x1, 0x0)

17:19:08 executing program 5:

17:19:08 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:08 executing program 5:

[  888.968760][T20363] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  888.976822][T20363] FAT-fs (loop1): Filesystem has been set read-only
17:19:10 executing program 2:

17:19:10 executing program 3:

17:19:10 executing program 5:

17:19:10 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000000000000000000000700000089"], 0x20}}], 0x1, 0x0)

17:19:10 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:11 executing program 5:

17:19:11 executing program 2:

17:19:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000000000000000000000700000089"], 0x20}}], 0x1, 0x0)

17:19:11 executing program 2:

[  891.321352][   T29] audit: type=1326 audit(1590340751.066:247): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20397 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:11 executing program 3:

17:19:11 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:11 executing program 5:

17:19:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000000000000000000000700000089"], 0x20}}], 0x1, 0x0)

17:19:11 executing program 2:

17:19:11 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000"], 0x20}}], 0x1, 0x0)

17:19:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  891.750925][   T29] audit: type=1326 audit(1590340751.496:248): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20422 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:11 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:11 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000008909"], 0x20}}], 0x1, 0x0)

17:19:11 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

[  892.031874][T20397] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  892.039894][T20397] FAT-fs (loop1): Filesystem has been set read-only
17:19:11 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000008909"], 0x20}}], 0x1, 0x0)

[  892.235970][   T29] audit: type=1326 audit(1590340751.986:249): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20431 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  892.389130][   T29] audit: type=1326 audit(1590340752.136:250): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20444 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  892.486028][T20422] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000500)
[  892.494020][T20422] FAT-fs (loop2): Filesystem has been set read-only
[  892.888784][T20431] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000500)
[  892.896657][T20431] FAT-fs (loop5): Filesystem has been set read-only
17:19:14 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{&(0x7f0000000700)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000000000000000000070000008909"], 0x20}}], 0x1, 0x0)

17:19:14 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:14 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:14 executing program 3:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:14 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(0xffffffffffffffff, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  894.779088][   T29] audit: type=1326 audit(1590340754.526:251): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20466 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:14 executing program 3:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:14 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

[  894.898173][   T29] audit: type=1326 audit(1590340754.576:252): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20463 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:14 executing program 3:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

[  895.038479][   T29] audit: type=1326 audit(1590340754.586:253): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20465 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:14 executing program 3:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

[  895.184881][   T29] audit: type=1326 audit(1590340754.786:254): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20488 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:15 executing program 3:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:15 executing program 3:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:15 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:15 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  895.458989][T20465] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000500)
[  895.464098][T20463] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000500)
[  895.466949][T20465] FAT-fs (loop5): Filesystem has been set read-only
[  895.474671][T20463] FAT-fs (loop2): Filesystem has been set read-only
[  895.481918][T20466] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  895.495881][T20466] FAT-fs (loop1): Filesystem has been set read-only
17:19:15 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:19:15 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:15 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

[  895.893367][   T29] audit: type=1326 audit(1590340755.637:255): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20521 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  895.969484][   T29] audit: type=1326 audit(1590340755.717:256): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20532 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  896.605511][T20539] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  896.613352][T20539] FAT-fs (loop1): Filesystem has been set read-only
17:19:16 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  896.719671][   T29] audit: type=1326 audit(1590340755.717:257): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  896.742304][   T29] audit: type=1326 audit(1590340756.447:258): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  896.893899][T20523] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000500)
[  896.901727][T20523] FAT-fs (loop5): Filesystem has been set read-only
17:19:17 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:17 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:17 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:17 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:19:17 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)

17:19:17 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:17 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

[  898.141628][   T29] audit: type=1326 audit(1590340757.887:259): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20558 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:17 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:18 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:18 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

[  898.275415][   T29] audit: type=1326 audit(1590340757.967:260): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20554 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:18 executing program 2:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:20 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:20 executing program 0:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:20 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:20 executing program 2:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)

17:19:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:20 executing program 2:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:20 executing program 0:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:21 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

[  901.267295][   T29] audit: type=1326 audit(1590340761.017:261): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20601 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  901.348909][   T29] audit: type=1326 audit(1590340761.017:262): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20602 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:21 executing program 2:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  901.424893][T20621] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  901.433824][T20621] FAT-fs (loop1): Filesystem has been set read-only
[  901.440863][T20621] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  901.449378][T20621] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  901.457832][T20621] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:19:21 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:21 executing program 0:
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

[  901.948512][T20602] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:19:23 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:23 executing program 2:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:23 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:23 executing program 0:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000001c0), 0x8080fffffffe)

17:19:23 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(0x0, 0x0)

17:19:24 executing program 0:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

[  904.311133][   T29] audit: type=1326 audit(1590340764.057:263): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20646 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:24 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x0, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:24 executing program 2:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  904.461939][   T29] audit: type=1326 audit(1590340764.107:264): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20649 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:24 executing program 0:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:24 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x0, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:24 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:19:27 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:27 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:19:27 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:19:27 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(0x0, 0x0)

17:19:27 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)

17:19:27 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x0, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x0)

17:19:27 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:27 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:19:27 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

[  907.376876][   T29] audit: type=1326 audit(1590340767.127:265): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20695 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  907.494498][   T29] audit: type=1326 audit(1590340767.177:266): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20692 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:27 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:27 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:27 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)

17:19:30 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:30 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:30 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:30 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:30 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:30 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(0x0, 0x0)

17:19:30 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:30 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:30 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(0x0, 0x0)

[  910.514811][   T29] audit: type=1326 audit(1590340770.267:267): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20739 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:30 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

[  910.684870][   T29] audit: type=1326 audit(1590340770.297:268): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20740 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:30 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:30 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

[  910.980650][   T29] audit: type=1326 audit(1590340770.657:269): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20764 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:31 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:31 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

[  911.753596][   T29] audit: type=1326 audit(1590340771.507:270): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20785 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:33 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(0x0, 0x0)

17:19:33 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:33 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:33 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:33 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:33 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:33 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:33 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

[  913.555344][   T29] audit: type=1326 audit(1590340773.308:271): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20804 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  913.633488][   T29] audit: type=1326 audit(1590340773.338:272): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20800 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:33 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:33 executing program 1:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:33 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:36 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:19:36 executing program 1:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:36 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:36 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:36 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:36 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

17:19:36 executing program 1:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:36 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x38, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x38}}, 0x0)

17:19:36 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x0)

[  916.687937][   T29] audit: type=1326 audit(1590340776.438:273): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20849 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  916.715936][   T29] audit: type=1326 audit(1590340776.468:274): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20852 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:36 executing program 1:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:36 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x38, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x38}}, 0x0)

17:19:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  917.615973][   T29] audit: type=1326 audit(1590340777.368:275): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20896 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  918.401245][T20902] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  918.409453][T20902] FAT-fs (loop3): Filesystem has been set read-only
17:19:39 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:19:39 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x44}}, 0x0)

17:19:39 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x38, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x38}}, 0x0)

17:19:39 executing program 1:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

17:19:39 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:39 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:39 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x44}}, 0x0)

17:19:39 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:39 executing program 1:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14, 0x24, 0x1}, 0x14}}, 0x0)

[  919.819705][   T29] audit: type=1326 audit(1590340779.568:276): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20908 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  919.843195][   T29] audit: type=1326 audit(1590340779.568:277): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20910 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:39 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x44}}, 0x0)

17:19:40 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:40 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

[  920.480556][T20930] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  920.488441][T20930] FAT-fs (loop3): Filesystem has been set read-only
17:19:42 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)

17:19:42 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:42 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:42 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:42 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:42 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:19:42 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:42 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:42 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d0"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  922.815251][   T29] audit: type=1326 audit(1590340782.568:278): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20951 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:42 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:42 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

17:19:42 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:42 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:19:42 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

[  923.113655][   T29] audit: type=1326 audit(1590340782.868:279): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=20973 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  923.279101][T20991] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  923.288130][T20991] FAT-fs (loop3): Filesystem has been set read-only
[  923.295785][T20991] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  923.304244][T20991] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  923.312860][T20991] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
17:19:43 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:43 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x4c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)

17:19:43 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:43 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x41395527)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:43 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:43 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:43 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:43 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

[  923.720373][   T29] audit: type=1326 audit(1590340783.468:280): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21007 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  923.752829][T20973] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
17:19:43 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

17:19:43 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

[  924.044135][   T29] audit: type=1326 audit(1590340783.798:281): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21023 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  924.191627][T21031] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  924.200531][T21031] FAT-fs (loop3): Filesystem has been set read-only
[  924.208144][T21031] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  924.699708][T21023] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
17:19:45 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:19:45 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:45 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:45 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x40, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x40}}, 0x0)

17:19:45 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340))
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:45 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:46 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:46 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x40, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x40}}, 0x0)

[  926.214086][   T29] audit: type=1326 audit(1590340785.968:282): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21042 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:46 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

[  926.363315][   T29] audit: type=1326 audit(1590340785.968:283): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21044 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:46 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x40, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x40}}, 0x0)

17:19:46 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, 0x0, 0x0, 0x0)

17:19:46 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

17:19:46 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x40, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x40}}, 0x0)

17:19:46 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x40, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x40}}, 0x0)

17:19:46 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:46 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:46 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:46 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x40, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x40}}, 0x0)

[  926.962870][T21060] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  926.970707][T21060] FAT-fs (loop3): Filesystem has been set read-only
17:19:46 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14}, 0x14}}, 0x0)

17:19:46 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:46 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:46 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14}, 0x14}}, 0x0)

[  927.327612][   T29] audit: type=1326 audit(1590340787.078:284): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  927.394229][   T29] audit: type=1326 audit(1590340787.098:285): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  927.940065][T21109] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  927.947927][T21109] FAT-fs (loop3): Filesystem has been set read-only
17:19:49 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:49 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:49 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newspdinfo={0x14}, 0x14}}, 0x0)

17:19:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:49 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:49 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:49 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x44, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x44}}, 0x0)

17:19:49 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  929.745035][   T29] audit: type=1326 audit(1590340789.498:286): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21125 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:49 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, 0x0, 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  929.888972][   T29] audit: type=1326 audit(1590340789.628:287): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21128 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  929.974250][   T29] audit: type=1326 audit(1590340789.728:288): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21144 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:50 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, 0x0, 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  930.428397][   T29] audit: type=1326 audit(1590340790.169:289): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21166 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:50 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, 0x0, 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  930.475763][T21156] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  930.483773][T21156] FAT-fs (loop3): Filesystem has been set read-only
[  930.539802][   T29] audit: type=1326 audit(1590340790.289:290): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21143 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  930.571017][   T29] audit: type=1326 audit(1590340790.319:291): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21139 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:50 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:50 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:50 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:50 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:50 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
unlink(&(0x7f0000001e00)='./bus\x00')

[  931.256413][   T29] audit: type=1326 audit(1590340791.009:292): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21176 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  931.322225][   T29] audit: type=1326 audit(1590340791.009:293): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21180 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  931.508391][   T29] audit: type=1326 audit(1590340791.219:294): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21196 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:51 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:51 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:51 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  932.118463][   T29] audit: type=1326 audit(1590340791.579:295): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21195 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:52 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:52 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:53 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  933.880736][T21266] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000500)
[  933.888650][T21266] FAT-fs (loop2): Filesystem has been set read-only
17:19:53 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:53 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:53 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:53 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:54 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:55 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  935.416684][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  935.416697][   T29] audit: type=1326 audit(1590340795.169:305): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21311 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:55 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  936.206357][T21339] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000500)
[  936.214359][T21339] FAT-fs (loop2): Filesystem has been set read-only
[  936.233518][   T29] audit: type=1326 audit(1590340795.439:306): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21295 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  936.331914][   T29] audit: type=1326 audit(1590340795.499:307): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21308 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:56 executing program 1:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  936.386811][   T29] audit: type=1326 audit(1590340795.509:308): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21313 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  936.432354][   T29] audit: type=1326 audit(1590340796.139:309): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21328 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  936.455971][   T29] audit: type=1326 audit(1590340796.189:310): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21351 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:56 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  936.685773][   T29] audit: type=1326 audit(1590340796.419:311): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21350 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:57 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:57 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  937.367161][   T29] audit: type=1326 audit(1590340797.119:312): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21372 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  937.499771][   T29] audit: type=1326 audit(1590340797.249:313): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21371 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  937.679016][T21373] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  937.689632][T21373] FAT-fs (loop1): Filesystem has been set read-only
[  937.698387][T21373] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
[  938.173649][T21373] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000500)
17:19:57 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:58 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:19:58 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:58 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  938.315869][   T29] audit: type=1326 audit(1590340797.309:314): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21376 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:19:58 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb2, &(0x7f0000000380)="c4fe910c6786cec96ddb5322addee07bee6333b5cacd891969b71832cb470c94d61f3514dca7712c225da4a455f4c9fd98a5680956f9291607e39a209852cea901000000a933137a89acd6ecd74d453ff2bdb9693122311ae02ee3d3f8fbe0a10fff4bbaef7cd058ec3a5411c890a73cef2db1355afc76d8d7b0781702986234093f2623193c8ff3177fc84e28d36d47e7f970ed174ce21c760da77598e5821b74c389f3fa7406ec26cd82de07f4a208f3e1"}}], 0x1c)
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:19:58 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:58 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:58 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:19:58 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:19:59 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:59 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)

17:19:59 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:19:59 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:00 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:00 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  940.204053][T21460] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000500)
[  940.212086][T21460] FAT-fs (loop3): Filesystem has been set read-only
17:20:00 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)
recvfrom(r1, &(0x7f0000000140)=""/152, 0x98, 0x0, 0x0, 0x0)

17:20:00 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:20:00 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x8010)

[  940.641206][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  940.641218][   T29] audit: type=1326 audit(1590340800.389:323): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21469 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  940.796686][T21495] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  940.805938][T21495] FAT-fs (loop4): Filesystem has been set read-only
[  940.814082][T21495] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000500)
[  940.941677][   T29] audit: type=1326 audit(1590340800.689:324): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21477 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:00 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  941.112484][T21469] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000500)
17:20:01 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:20:01 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:20:01 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)
accept4(r0, 0x0, 0x0, 0x0)

17:20:01 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  941.238145][   T29] audit: type=1326 audit(1590340800.989:325): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21481 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:01 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  941.505755][   T29] audit: type=1326 audit(1590340801.209:326): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21505 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:01 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:01 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:01 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:01 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:01 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:20:01 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:20:02 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

[  942.313045][   T29] audit: type=1326 audit(1590340802.069:327): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21532 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  942.474409][   T29] audit: type=1326 audit(1590340802.149:328): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21544 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:02 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:20:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:21 executing program 1:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

[  961.797314][   T29] audit: type=1326 audit(1590340802.399:329): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21533 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:21 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:20:21 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f0000000180)="94a4b04e04000000000000042d0aa07e9dcdc838f4cbe152e7ffc969a9096138880f9798cae3e0"}}], 0x1c)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

17:20:21 executing program 1:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:21 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  962.344951][   T29] audit: type=1326 audit(1590340822.100:330): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21586 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:22 executing program 1:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:22 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:22 executing program 5:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  962.676974][   T29] audit: type=1326 audit(1590340822.300:331): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21593 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:24 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:24 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  965.232086][   T29] audit: type=1326 audit(1590340824.991:332): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21595 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  965.310808][   T29] audit: type=1326 audit(1590340825.071:333): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21622 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  981.996122][T21593] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000500)
[  982.036873][T21593] FAT-fs (loop4): Filesystem has been set read-only
17:20:42 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:42 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:42 executing program 5:
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

17:20:42 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:42 executing program 4:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

[  982.277420][T21632] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000500)
[  982.285344][T21632] FAT-fs (loop2): Filesystem has been set read-only
17:20:42 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:42 executing program 5:
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  982.575137][   T29] audit: type=1326 audit(1590340842.331:334): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21638 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:42 executing program 5:
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  982.718884][   T29] audit: type=1326 audit(1590340842.401:335): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[  982.916222][   T29] audit: type=1326 audit(1590340842.582:336): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21651 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:44 executing program 0:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:44 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

[  984.877807][T21661] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000500)
[  984.885789][T21661] FAT-fs (loop4): Filesystem has been set read-only
[  984.892748][T21661] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000500)
17:20:45 executing program 5:
syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')

[  985.394947][T21667] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000500)
[  985.403077][T21667] FAT-fs (loop2): Filesystem has been set read-only
[  985.413393][   T29] audit: type=1326 audit(1590340845.172:337): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21671 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
17:20:45 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

17:20:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:45 executing program 3:
syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f0000000240)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
pipe(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x9, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r1, &(0x7f0000000780)=ANY=[@ANYBLOB="000637bc4e0cce010000000000000062d118c1561323c6568e794231a1c2fe010000000000000055271140d2d233e30780715b9a3874fefefdda4b93570ed2c42cc93c3cac3f60fb491f1762c434c95fc1734add29891d162c618bcdc803bc7f7d64938d3cab6ec3cdbe0f0454d21b25ade84c60d8be28d2c1b5d368462f0481436f57b63c8861c34f93a36e83336c78fb1c04febdfb1b7eb1a59cb7ea224d4d0d049c073d5da3c26dfe4b3cb7a9fb77dabd111e47f415254062d41d13c3a85773d251eadefbcd14ed4f2a5cbe92c269cab5623f31d083092f5f5df81a26822483ad953e35e720493ca670a4509bc6c63dd19043"], 0x38)
unlink(&(0x7f0000001e00)='./bus\x00')
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0xacedc000)
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x20004001)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

17:20:45 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea5402000000", 0x12)

[  985.757049][T21638] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000500)
[  986.018657][   T29] audit: type=1326 audit(1590340845.682:338): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=21683 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45f86a code=0x0
[ 1091.102449][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1091.109534][    C0] 	(detected by 0, t=10502 jiffies, g=86225, q=2)
[ 1091.115940][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4295046271-4295035769), jiffies_till_next_fqs=1, root ->qsmask 0x0
[ 1091.129291][    C0] syz-executor.0  R  running task    26200 21680   7060 0x00004000
[ 1091.137199][    C0] Call Trace:
[ 1091.140464][    C0]  <IRQ>
[ 1091.143372][    C0]  sched_show_task.cold+0x2e2/0x343
[ 1091.148591][    C0]  ? can_nice.part.0+0x10/0x10
[ 1091.153388][    C0]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1091.158972][    C0]  ? _find_next_bit.constprop.0+0x1a3/0x200
[ 1091.164857][    C0]  rcu_sched_clock_irq.cold+0xb9b/0xcfa
[ 1091.170423][    C0]  update_process_times+0x25/0x60
[ 1091.175454][    C0]  tick_sched_handle+0x9b/0x180
[ 1091.180291][    C0]  tick_sched_timer+0x4e/0x140
[ 1091.185041][    C0]  __hrtimer_run_queues+0x5ca/0xed0
[ 1091.190223][    C0]  ? tick_sched_do_timer+0x1a0/0x1a0
[ 1091.195528][    C0]  ? do_raw_spin_lock+0x129/0x2e0
[ 1091.200546][    C0]  ? hrtimer_init+0x320/0x320
[ 1091.205210][    C0]  ? ktime_get_update_offsets_now+0x2d6/0x450
[ 1091.211270][    C0]  hrtimer_interrupt+0x312/0x770
[ 1091.216269][    C0]  smp_apic_timer_interrupt+0x15b/0x600
[ 1091.221804][    C0]  apic_timer_interrupt+0xf/0x20
[ 1091.226737][    C0]  </IRQ>
[ 1091.229726][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x9/0x50
[ 1091.235786][    C0] Code: cc 65 48 8b 04 25 00 1f 02 00 48 8b 80 f0 13 00 00 c3 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 04 25 00 1f 02 00 <65> 8b 15 98 e9 8e 7e 81 e2 00 01 1f 00 48 8b 34 24 75 2b 8b 90 d8
[ 1091.255374][    C0] RSP: 0018:ffffc900065af770 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 1091.263772][    C0] RAX: ffff8880a6c46600 RBX: 0000000000000000 RCX: ffffc90007e9c000
[ 1091.271730][    C0] RDX: 0000000000040000 RSI: ffffffff81922a89 RDI: 0000000000000001
[ 1091.279700][    C0] RBP: 0000000000000000 R08: ffff8880a6c46600 R09: fffffbfff1513311
[ 1091.287661][    C0] R10: ffffffff8a899887 R11: fffffbfff1513310 R12: ffffea0000c86540
[ 1091.295619][    C0] R13: dffffc0000000000 R14: ffff888088ca0960 R15: 0000000000000000
[ 1091.303646][    C0]  ? pagecache_get_page+0x69/0xa10
[ 1091.308749][    C0]  pagecache_get_page+0x77/0xa10
[ 1091.313693][    C0]  generic_file_read_iter+0x6b4/0x2b10
[ 1091.319175][    C0]  ? lockdep_hardirqs_on+0x463/0x620
[ 1091.324454][    C0]  ? mark_held_locks+0x9f/0xe0
[ 1091.329222][    C0]  ? pagecache_get_page+0xa10/0xa10
[ 1091.334413][    C0]  ? smp_apic_timer_interrupt+0x1b6/0x600
[ 1091.340155][    C0]  ? retint_kernel+0x2b/0x2b
[ 1091.344780][    C0]  ext4_file_read_iter+0x1d1/0x600
[ 1091.349916][    C0]  generic_file_splice_read+0x479/0x780
[ 1091.355450][    C0]  ? add_to_pipe+0x3a0/0x3a0
[ 1091.360070][    C0]  ? selinux_file_permission+0x92/0x560
[ 1091.365649][    C0]  ? add_to_pipe+0x3a0/0x3a0
[ 1091.370230][    C0]  do_splice_to+0x114/0x160
[ 1091.374849][    C0]  splice_direct_to_actor+0x307/0x980
[ 1091.380316][    C0]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1091.385856][    C0]  ? do_splice_to+0x160/0x160
[ 1091.390537][    C0]  do_splice_direct+0x1b4/0x280
[ 1091.395376][    C0]  ? splice_direct_to_actor+0x980/0x980
[ 1091.400919][    C0]  ? preempt_count_add+0x74/0x140
[ 1091.405930][    C0]  ? __this_cpu_preempt_check+0x28/0x190
[ 1091.411581][    C0]  do_sendfile+0x555/0xc50
[ 1091.415995][    C0]  ? do_compat_pwritev64+0x1b0/0x1b0
[ 1091.421327][    C0]  ? __might_fault+0x190/0x1d0
[ 1091.426086][    C0]  __x64_sys_sendfile64+0x149/0x210
[ 1091.431373][    C0]  ? __ia32_sys_sendfile+0x220/0x220
[ 1091.436674][    C0]  ? __ia32_sys_clock_settime+0x260/0x260
[ 1091.442426][    C0]  ? trace_hardirqs_off_caller+0x55/0x230
[ 1091.448171][    C0]  do_syscall_64+0xf6/0x7d0
[ 1091.452680][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1091.458554][    C0] RIP: 0033:0x45ca29
[ 1091.462444][    C0] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1091.482032][    C0] RSP: 002b:00007f39848cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1091.490433][    C0] RAX: ffffffffffffffda RBX: 00000000004fc540 RCX: 000000000045ca29
[ 1091.498392][    C0] RDX: 00000000200001c0 RSI: 0000000000000003 RDI: 0000000000000003
[ 1091.506353][    C0] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000
[ 1091.514318][    C0] R10: 00008080fffffffe R11: 0000000000000246 R12: 00000000ffffffff
[ 1091.522276][    C0] R13: 00000000000008dc R14: 00000000004cba16 R15: 00007f39848d06d4
[ 1091.530259][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g86225 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1091.541443][    C0] rcu: RCU grace-period kthread stack dump:
[ 1091.547316][    C0] rcu_preempt     R  running task    28848    10      2 0x80004000
[ 1091.555206][    C0] Call Trace:
[ 1091.558486][    C0]  ? __schedule+0x937/0x1ff0
[ 1091.563066][    C0]  ? __sched_text_start+0x8/0x8
[ 1091.567918][    C0]  ? _raw_spin_lock_irqsave+0x94/0xbf
[ 1091.573274][    C0]  ? debug_smp_processor_id+0x2f/0x185
[ 1091.578723][    C0]  ? schedule+0xd0/0x2a0
[ 1091.582967][    C0]  ? schedule_timeout+0x35c/0x850
[ 1091.587975][    C0]  ? find_held_lock+0x2d/0x110
[ 1091.592739][    C0]  ? usleep_range+0x160/0x160
[ 1091.597408][    C0]  ? rcu_gp_kthread+0x6fd/0x1960
[ 1091.602330][    C0]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1091.608122][    C0]  ? __next_timer_interrupt+0x190/0x190
[ 1091.613706][    C0]  ? prepare_to_swait_exclusive+0x110/0x110
[ 1091.619606][    C0]  ? rcu_gp_kthread+0x9bf/0x1960
[ 1091.624550][    C0]  ? rcu_barrier+0x4b0/0x4b0
[ 1091.629127][    C0]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1091.634919][    C0]  ? lockdep_hardirqs_on+0x463/0x620
[ 1091.640244][    C0]  ? __kthread_parkme+0x13f/0x1e0
[ 1091.645251][    C0]  ? rcu_barrier+0x4b0/0x4b0
[ 1091.649827][    C0]  ? kthread+0x388/0x470
[ 1091.654056][    C0]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1091.659760][    C0]  ? ret_from_fork+0x24/0x30