program:
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
lsetxattr(&(0x7f0000000100)='./file1\x00', &(0x7f0000000740)=@known='trusted.overlay.impure\x00', 0x0, 0x0, 0x1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x280008a, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c6572726f72733d72656d6f756e742d726f2c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c73686f72746e616d653d7769643dffa1c40f1a228a34f3cccdb1d7862379f9a393018189e81d43e90cac986b2abce07ea5d42de60df3ba3dd9be4f5021f091009655f710774ce50087f9505f8fbae06cc2bfe712c740a2d423007f0cc0f68a9482e79cb15076507e39267a029716a4c7d05a4f158eb60cb02cee5bfc5fc0c5ae1198c4cbc2c87e106ef0babc0d395b2efeb4ec86643eebc9a9f7e5d25be99f647c82a1cd1ce4805276e4b95308db044c7e6871cf64fb468f7d2651736e782db734948906f9ffffffffffffff", @ANYRES32=r0, @ANYBLOB=',uni_xlate=0,utf8=0,shortname=mixed,uni_xlate=0,shortname=winnt,\x00'], 0x97, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO")
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b31fa7e35ce95d04"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe40, 0x0, &(0x7f0000000240)="5cdd3086ddff0066b3c9bbac88a8862c00dffd0013dd00000000000000008100f5df86dd", 0x0, 0x15d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
fsync(r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r4=>0x0})
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001800010000000000000000000a000000000000000000000018001600140001000f00000000000000000010000000000008000400", @ANYRES32=r4, @ANYBLOB="18394d345a43aeb5b3ce069b44cbb96be598043201272177fa65527faa973ba1a3739799507c1b9e620fccf6929e4016b5935205772003"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mount(&(0x7f0000000540)=@filename='./file1\x00', &(0x7f0000000580)='./file1\x00', &(0x7f00000005c0)='erofs\x00', 0x200000, 0x0)

[   79.528279][ T4536] Bluetooth: hci0: command tx timeout
[   80.407852][ T5114] loop0: detected capacity change from 0 to 256
[   80.414865][ T5114] vfat: Bad value for 'shortname'
[   80.765186][ T5114] netlink: 8 bytes leftover after parsing attributes in process `syz.0.0'.
[   80.774875][ T5114] ./file1: Can't lookup blockdev
[   80.786770][ T5114] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   80.789818][ T5114] #PF: supervisor instruction fetch in kernel mode
[   80.792334][ T5114] #PF: error_code(0x0010) - not-present page
[   80.794930][ T5114] PGD 3ce97067 P4D 3ce97067 PUD 3396c067 PMD 0 
[   80.797354][ T5114] Oops: Oops: 0010 [#1] PREEMPT SMP KASAN NOPTI
[   80.799798][ T5114] CPU: 0 UID: 0 PID: 5114 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-05319-g4a39ac5b7d62 #0
[   80.803660][ T5114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.807663][ T5114] RIP: 0010:0x0
[   80.809016][ T5114] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   80.811798][ T5114] RSP: 0018:ffffc9000332f9f8 EFLAGS: 00010283
[   80.813914][ T5114] RAX: ffffffff81cbbb40 RBX: 0000000000000000 RCX: 0000000000040000
[   80.816918][ T5114] RDX: ffffc900030a1000 RSI: ffffea00003933c0 RDI: 0000000000000000
[   80.819899][ T5114] RBP: ffffc9000332fac0 R08: ffffea00003933c7 R09: 1ffffd4000072678
[   80.823068][ T5114] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffea00003933c0
[   80.826024][ T5114] R13: 1ffffd4000072679 R14: 0000000000000000 R15: ffffea00003933c8
[   80.828889][ T5114] FS:  00007fac020096c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000
[   80.832197][ T5114] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   80.834684][ T5114] CR2: ffffffffffffffd6 CR3: 0000000012414000 CR4: 0000000000350ef0
[   80.837609][ T5114] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   80.840616][ T5114] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   80.843567][ T5114] Call Trace:
[   80.844793][ T5114]  <TASK>
[   80.845860][ T5114]  ? __die_body+0x5f/0xb0
[   80.847512][ T5114]  ? page_fault_oops+0x8e4/0xcc0
[   80.849295][ T5114]  ? __pfx_page_fault_oops+0x10/0x10
[   80.851251][ T5114]  ? rcu_is_watching+0x15/0xb0
[   80.852995][ T5114]  ? is_errata93+0xbe/0x260
[   80.854684][ T5114]  ? exc_page_fault+0x5ed/0x8c0
[   80.856531][ T5114]  ? asm_exc_page_fault+0x26/0x30
[   80.858420][ T5114]  ? filemap_read_folio+0x190/0x790
[   80.860344][ T5114]  filemap_read_folio+0x1a0/0x790
[   80.862179][ T5114]  ? __pfx_filemap_read_folio+0x10/0x10
[   80.864155][ T5114]  ? __filemap_get_folio+0x984/0xc10
[   80.866105][ T5114]  do_read_cache_folio+0x134/0x820
[   80.867932][ T5114]  erofs_bread+0x499/0xd40
[   80.869715][ T5114]  erofs_fc_fill_super+0x345/0x1770
[   80.871664][ T5114]  ? __pfx_erofs_fc_fill_super+0x10/0x10
[   80.873775][ T5114]  ? sget_fc+0x909/0x9c0
[   80.875391][ T5114]  ? __pfx_set_anon_super_fc+0x10/0x10
[   80.877526][ T5114]  ? __pfx_erofs_fc_fill_super+0x10/0x10
[   80.879637][ T5114]  get_tree_nodev+0xb7/0x140
[   80.881361][ T5114]  vfs_get_tree+0x90/0x2b0
[   80.882993][ T5114]  do_new_mount+0x2be/0xb40
[   80.884630][ T5114]  ? __pfx_do_new_mount+0x10/0x10
[   80.886449][ T5114]  __se_sys_mount+0x2d6/0x3c0
[   80.888292][ T5114]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   80.890508][ T5114]  ? __pfx___se_sys_mount+0x10/0x10
[   80.892242][ T5114]  ? do_syscall_64+0x100/0x230
[   80.893878][ T5114]  ? __x64_sys_mount+0x20/0xc0
[   80.895514][ T5114]  do_syscall_64+0xf3/0x230
[   80.896943][ T5114]  ? clear_bhb_loop+0x35/0x90
[   80.898573][ T5114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.900612][ T5114] RIP: 0033:0x7fac0117def9
[   80.902151][ T5114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.909362][ T5114] RSP: 002b:00007fac02009038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   80.912553][ T5114] RAX: ffffffffffffffda RBX: 00007fac01335f80 RCX: 00007fac0117def9
[   80.915310][ T5114] RDX: 00000000200005c0 RSI: 0000000020000580 RDI: 0000000020000540
[   80.918220][ T5114] RBP: 00007fac011f0b76 R08: 0000000000000000 R09: 0000000000000000
[   80.921175][ T5114] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000000
[   80.923971][ T5114] R13: 0000000000000000 R14: 00007fac01335f80 R15: 00007ffffa1810c8
[   80.926823][ T5114]  </TASK>
[   80.928009][ T5114] Modules linked in:
[   80.929356][ T5114] CR2: 0000000000000000
[   80.931132][ T5114] ---[ end trace 0000000000000000 ]---
[   80.933516][ T5114] RIP: 0010:0x0
[   80.934976][ T5114] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[   80.937563][ T5114] RSP: 0018:ffffc9000332f9f8 EFLAGS: 00010283
[   80.939610][ T5114] RAX: ffffffff81cbbb40 RBX: 0000000000000000 RCX: 0000000000040000
[   80.942187][ T5114] RDX: ffffc900030a1000 RSI: ffffea00003933c0 RDI: 0000000000000000
[   80.944969][ T5114] RBP: ffffc9000332fac0 R08: ffffea00003933c7 R09: 1ffffd4000072678
[   80.947925][ T5114] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffea00003933c0
[   80.951032][ T5114] R13: 1ffffd4000072679 R14: 0000000000000000 R15: ffffea00003933c8
[   80.953995][ T5114] FS:  00007fac020096c0(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000
[   80.957216][ T5114] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   80.959544][ T5114] CR2: ffffffffffffffd6 CR3: 0000000012414000 CR4: 0000000000350ef0
[   80.962558][ T5114] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   80.965377][ T5114] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   80.968373][ T5114] Kernel panic - not syncing: Fatal exception
[   80.970946][ T5114] Kernel Offset: disabled
[   80.972585][ T5114] Rebooting in 86400 seconds..